Blockchain & GDPR
Blockchain technology and its applications have involve legal challenges for authorities from around the world. Defining a legal framework in this incipient phase of the technology, even though necessary, could involve a negative impact in its development. In spite of that, there are some essential aspects that should be addressed: for example: the way of transferring information containing personal data through these kind of networks.
The main virtue of Blockchain technology is to allow the exchange of real-time information among the participants of the network (nodes), building an immutable and incorruptible registry of information that cannot be removed. Immutability of the stored data and the impossibility to modify or remove them, implies important challenges for, among others, access, opposition, cancellation and rectification rights of the data holder. These rights, have been strengthen in some cases by the new General Data Protection Regulation.
Likewise, since Blockchain is a decentralized network in which all nodes share the same information, the exchange of personal data implies that all the participants of the network have access to such data, which leads to a challenge in relation with confidentiality principle.
For these reasons, the exchange of information through a blockchain network should be carefully studied from the beginning. The objective: enabling the compliance with data protection regulations without denaturing Blockchain technology from those features that make it unique: decentralization and immutability.
Grant Thornton Spain has published a new article about the legal challenges that arise with the new General Data Protection Regulation.