GDPR, Blockchain & Personal data - The rights of the individual v. the integrity of Blockchain
Abstract
The technology of Blockchain is something new and innovative. It was introduced by a group which goes under the pseudonym Satoshi Nakamoto through the publishing of the paper “Bitcoin: A peer-to-peer electronic cash system”. Blockchain is an innovative structure allowing transactions between two parties within a trustless environment, without the necessity of a trusted third party. This is done through one of Blockchains most fundamental features, transparent immutable transaction history.
Alongside the technological evolution, the need for the protection of the natural person’s personal data has increased. In order to meet this, the General Data Protection Regulation (GDPR) was adopted. The GDPR establishes the rights of each individual regarding their own personal data. Two of these rights are the Right of Rectification and the Right of Erasure. These two rights require the possibility of changing existing data or the deletion of said data.
As the European Commission has stated in its digital strategy that the EU shall be world leader within Blockchain technology, an interesting friction between two goals of the Union arise. Namely, the goal of protection of personal data according to the GDPR and the goal of the Commission to be world leader within Blockchain. On the one hand, Blockchains are by definition immutable, with their append-only ledgers, and on the other hand, the GDPR puts up requirements that require these same ledgers to be the opposite, namely mutable.
In the light of this, this thesis will investigate the compatibility between the right of rectification and the right of erasure, as granted to the individual by the GDPR, and the append-only ledgers of Blockchain. Furthermore, an analyzation of the concept of personal data and a discussion regarding the different approaches to its definition will be presented. Finally, this thesis will discuss possible remedies to this issue at hand and provide a possible solution to it.
Degree
Student essay
Collections
View/ Open
Date
2022-02-16Author
Matsson, David
Keywords
Risk-based approach
Personal data
EU
Right of rectification
Right of erasure
Big Data
Peer-to-Peer
Distributed Ledgers
Hashing
Hash-reference
Series/Report no.
2022:80
Language
eng