A recent study conducted by the University of Cambridge and Queen Mary University of London gave major support to blockchains in their ability to provide compliance to the European Union’s (EU) General Data Protection Regulation. The study revealed that, although it would be challenging, entities can develop blockchain applications that would offer full compliance with the regulations.
The study was published in the Richmond Journal of Law and Technology. Since the GDPR targets private data, it has been postulated that the blockchain—due to its immutability and inability to remove data—could result in serious fines being levied against an entity. However, the research indicates that this obstacle can easily be overcome.
The GDPR has its roots in 2012 but only began to be implemented in 2016. It was fully accepted earlier this year and allows individuals to be “forgotten.” They can request that businesses delete their personal data and the onus is on the business to ensure compliance. It was designed to give EU citizens control over their personal data.
Those found guilty of not complying with the regulations can face a fine of more than $20 million or 4% of the company’s annual turnover, whichever is higher. The GDPR has been the source of a lot of controversy, with companies either scrambling to update their privacy policies or simply deciding to close up shop completely.
Despite the proficiency of the blockchain to be a permanent record of any type, the thought of it not being able to adhere to the EU regulations is certainly enough to keep any company from wanting to develop the technology further. However, as the two universities pointed out in their report, there are methods of legally circumventing the privacy restrictions. One would include “encrypting entries and then deleting the relevant decryption keys – leaving only indecipherable data on-chain—or using so-called ‘off-chain’ storage models.”
Dave Michels, a researchers with the Cloud Legal Project at Queen Mary and co-author of the report, added, “Solutions like hybrid blockchains that combine public and private elements have real potential to promote data privacy. The French data protection regulator was the first to provide much-needed guidance in this area. It would be great to see other regulators follow their lead.”
New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.