Journal of Investment Compliance
Despite the fact that blockchain technology (BC) is not yet widely deployed, we have already seen quite some publications about the data protection issues raised by BC. Initially, these publications touted the promise of BC increasing privacy protection by, e.g. facilitating decentralized identity management and allowing the sharing of data with trusted third parties only (Mainelli, 2017; Zyskind et al., 2015; Sater, 2017; Connor-Green, 2017; Tobin and Reed, 2017). In a second wave of publications, we saw a more in-depth discussion of the data protection issues raised by this new technology, generally concluding that public BC features are “on a collision course” and “profoundly incompatible at a conceptual level” with the EU General Data Protection Regulation (GDPR). Indeed, the current conception amongst industry stakeholders is that BC is not compatible with the GDPR, resulting in a call  for urgent revision already right after the GDPR came into force. The concerns are fed by public statements of Jan-Philipp Albrecht (the MEP responsible for coordinating the Parliament’s input for the GDPR), that BC “probably cannot be used for the processing of personal data” and the CNIL cautioning in its guidelines  that public BC may not be the most appropriate technology for processing of personal data and that priority should be given to other processing solutions that can achieve the same purpose. As the same results can currently always be achieved with another solution, this is a difficult standard to meet.
Read the full article.