Perhaps a little of both, according to an analysis by Dejan Jovanovic, writing at the Hive Project site. On one level, blockchains can reinforce the need for individual privacy in online transactions.”In many ways, distributed ledger technology and the GDPR have several goals in common,” he says.

“Unlike a traditional centralized database, DLT promises individuals more control over the disclosure of their personal data in the sense that they can freely decide the scope of the data disclosed and its recipients. DLT also mitigates many security risks regarding the sharing of personal information — such as identity theft.” See also: How blockchain bridges the gap between hype and reality Some of the challenges and requirements involved in preparing blockchain or DLT networks for GDPR was also the subject of a recent paper prepared by researchers at the University of Zurich.

The authors — Amos Madalin Neculau, Jessica Sudo, and Adam Baha – propose blockchain and torrent technologies as the foundation of a new decentralized platform that will help “provide safe and secure data storage and processing that grants users full control over their personal data.” They said blockchain will “allow shared data to be encrypted and validated within the network, and the implementation of a Personal Certificate Authority allows users to limit data sharing with only select recipients” — which would be a GDPR-compliant path. However, some blockchain or DLT arrangements may need to be rethought, Jovanovic continues. Any organization employing or exchanging data with European customers or partners is subject to the privacy rules embedded in GDPR.

Thus, it is the source of concern for many organizations because data flows across national boundaries and oceans as easily and quickly as it does between neighboring buildings. GDPR was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations approach data privacy.

To meet the requirements imposed by GDPR, blockchain or DLT proponents need to think about the following precautions when it comes to meeting GDPR standards for data privacy: Public nature of the blockchain: If the public key and the hashed transaction data that are part of a DLT “can be linked to an individual person, they both qualify as personal data and fall under the scope of the GDPR,” Jovanovic points out. Immutability: The immutability aspect of DLTs clashes with the “right to be forgotten” that is at the heart of GDPR. Read more from…

thumbnail courtesy of