GDPR and it's potential impact on CrytposteemCreated with Sketch.

in #blockchain7 years ago

What is GDPR and why does it matter in relation to crypto?

"The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy."

The key pertinent changes to the regulation are as follows:

1. The new regulation now applies to all "subjects residing in the Union, regardless of the company’s location".

2. All subjects now have the "Right to be Forgotten".  This is a big deal in my opinion as it relates to data stored on a block chain.  This directly clashes with one of the block chain's fundamental and founding attributes, immutability.

An example of this being an issue can be seen by analyzing the recently launched "Memo: An On-Chain Social Network Built on Bitcoin Cash".

Memo is: "an on-chain social network built on Bitcoin Cash — Memo is both a protocol and a front-end application".  Memo is also "A Censorship Free and Immutable Environment".

Thus Memo does not have any protocol functions in place to comply with the Right to be Forgotten.

Currently the fines for non compliance are described as: "up to 4% of annual global turnover or €20 Million (whichever is greater)".

Some may say that this will be very hard to enforce on corporate controlled mining pools, block browsers, and/or protocol developments teams, and I would not argue with that.  I think it is more important to take note of the way this regulator has defined privacy to ponder what future implications may transpire or what other regulators may adopt.

The path of least resistance to achieving compliance may be to: "store personal data outside of the blockchain, for instance in a private database" according to Arne Rutjes (Blockchain Practice Lead at IBM CIC Benelux).

Others may feel more strongly that "Storing personal data on a blockchain is not an option anymore ... to get around this problem ... You store the personal data off-chain and store the reference to this data, along with a hash of this data and other metadata (like claims and permissions about this data), on the blockchain." says Andries Van Humbeeck (Blockchain consultant at TheLedger.be). If you are more interested in the aforementioned framework, please visit the article where Andries provides more visuals and detail.

Other interesting articles relating GDPR to block chain:

GDPR: A Game Changer Is Coming for Cryptocurrency

Opinion: Bitcoin’s Biggest Problem Isn’t Child Porn, It’s GDPR