Is Blockchain Incompatible With GDPR?
Within the framework of the new data privacy rule in Europe, blockchain might be at risk since the technology allows its users to store personal information, a concept that is essentially opposite of what the upcoming European law will be seeking.
GDPR (General Data Protection Regulation) was legally approved around two years ago and is planned to come into force on 25th May this year. Under the decree, European citizens will have the right to request any company to delete their personal information and all the data related to them from the records permanently.
Law lecturer at Oxford University, Michèle Finck, stated that altering any data from the blockchain is impossible. Michele says,
“If you were to delete or modify data from the blockchain to comply with the GDPR rights to amendment or the ‘right to be forgotten,’ you wouldn’t just change that piece of data, but the hash of the block containing the data and of all subsequent blocks.”
The lecturer continued:
“I think it’s safe to say that currently, most blockchains are incompatible with the GDPR, especially permissionless blockchains.”
Although one of the main goals now for any new digital ledger project is to work in conformity with GDPR, so many factors make this unattainable.
In conclusion, in order to be able to work together, either the GDPR or the blockchain needs to change its conceptions. Which of them will do so remains a question, but it may appear at the moment that the EU is closing its doors to the future of the digital era.