A study conducted by a university in London believes that blockchain technology can still be used by businesses who are required to comply with the European Union’s General Data Protection Regulation (GDPR) laws.
Our personal information has become more important than ever, and not just to us. Data companies all over the world want to get their digital hands on our information, which is why new laws have been put in place to protect us. The European Union’s General Data Protection Regulation (GDPR) aims to do exactly that and was put into force in May this year.
In addition to protecting data, companies are also on the lookout for more efficient and secure ways to store this data. Blockchain technology presents itself as a viable solution to a range of industries and businesses. It’s permanent, immutable and transparent. These oftentimes praised virtues are, however, seen in a different light when it comes to protecting data. Most people wouldn’t want their data to be available for anyone to see as this directly contradicts privacy laws. Does this mean that blockchain technology has no place in a data privacy future? A new study tries to answer that.
According to the Queen Mary University of London’s website, a solution can be found. The study, conducted by the university’s Cloud Legal Project, sought to answer the question of whether or not blockchain technology is, in fact, compatible with GDPR laws. On the surface, it might seem that it isn’t, especially when companies in the EU know the financial consequences that are at stake. GDPR fines could be over $20 million or 4% of global turnover.
However, the authors of the study, Professor Christopher Millard and Dave Michels, believe that businesses could still enjoy the benefits of the technology while adhering to privacy requirements by making use of private blockchains. Millard, who leads the Cloud Legal Project, explains:
Blockchain is by no means the first emerging technology to be branded as incompatible with privacy and other fundamental legal principles. Blockchain applications may well be disruptive, but that does not mean that they cannot be designed and deployed in a legally compliant manner.
Solution in a Private Blockchain
The duo also feels that data can be somewhat deleted through encryption. An example cited is that these companies can encrypt the data entries and then delete the decryption keys which will leave indecipherable data.
Michels, who is a researcher on the project, touched on the benefits of using a private blockchain solution:
Solutions like hybrid blockchains that combine public and private elements have real potential to promote data privacy. The French data protection regulator was the first to provide much-needed guidance in this area. It would be great to see other regulators follow their lead.
Last month saw the EU’s European Securities and Markets Authority (ESMA) state that it will be keeping an eye on ICOs and will be investigating the possibility of introducing a regulatory framework for them.
Do you think private blockchains are the answer for GDPR-compliant companies? Let us know in the comments below!
Images courtesy of Shutterstock.