From a blog by VALID advisor Christian Sillaber, Senior Researcher on IT-Security
The European Union’s General Data Protection Regulation (GDPR) came into effect on May 25, 2018. It is already clear that the new law, which is in many respects ground-breaking, is struggling to keep up with the pace of technological change. If this issue is not addressed, the GDPR will undermine citizens’ ability to use blockchain.
The core of the problem is that, in addition to the explicit declaration of the rights of the data subject (access to data, data portability, right to erasure, right to correction etc.), the GDPR also mandates that data controllers and processors abide by the principle of “data protection by design and default”. This means designing services and software with privacy as a foundational consideration rather than as an afterthought or add-on. The implied design requirements and goals seem to be at odds with the fundamental ideas behind blockchain and other emerging distributed ledger technologies — in particular transparency, immutability and egalitarian access to the data.
The GDPR applies to the processing of personal data (Art. 2 para. 1 GDPR), that is, any information relating to an identified or — by the use of additional information — identifiable person (Art. 4 para. 1 GDPR). Although the cryptographic identities used by most participants of public permissionless distributed ledger systems are not directly linked to identified natural persons, it is — under certain circumstances — possible to identify participants through additional information (e.g. correlation of the person’s activities with third party data). Therefore, data stored and processed in most public, permissionless blockchain systems should be considered personal data. Little doubt also remains that territorial applicability can also be established for most distributed ledger systems, as they are either (partially) operated from within the EU or are actively used to process data from data subjects located in the EU.
Public, permissionless distributed ledger systems enable their participants to maintain a public database without the need for a trusted central authority or mutual trust. Any participant may enter or leave the system at any time and, therefore, access the data of the ledger at any time.
Image Credit: Valid
News This Week
A research team in Hungary pinched the coronavirus with a fine needle to measure how much force it could take before popping like a balloon. It did not. The native virion of Sars-CoV-2 – a [...]
Headaches, confusion and delirium experienced by some Covid-19 patients could be the result of the coronavirus directly invading the brain, according to a study published Wednesday. The research is still preliminary – but offers several [...]
By Boris M | Published in Coronavirus During the COVID-19 pandemic, there will be a lot of information about the virus and its effects on mental health. That’s because coronavirus and the social, financial and psychological [...]
A serious illness suffered by an Oxford University coronavirus vaccine trial participant was most likely “life-threatening”, a bioethics researcher says. But that doesn’t mean the clinical trials will be scrapped. AstraZeneca and Oxford University [...]
Analysis of seven trials finds dexamethasone and hydrocortisone should be given in severe cases. Studies around the world have confirmed that steroids can save lives in the Covid-19 pandemic, leading to new recommendations from [...]
Experts say strong evidence of efficacy needed to avoid approval of inferior vaccines. The rush to immunise populations against Covid-19 could lead to the rollout of a vaccine that is not very effective and [...]