Major Think Tank Tries to Save Blockchain Industry From GDPR
Blockchain technology may be fundamentally incompatible with Europe’s new privacy rules, in its recent blog post claims Coin Center, a Washington DC based think tank backed by major blockchain industry players.
Commenting on the new General Data Protection Regulation (GDPR), set to take place from May 25th this year, the think tank states that “Europe is closing itself off from the future of the Internet to its detriment” by implementing this law.
While the “right to have your data forgotten” seems geared towards the people’s best interests, blockchain technology in the way it is defined today makes it extremely hard to delete or modify data already stored there. Transactions on a blockchain aren’t meant to be deleted but to be recorded permanently by their very nature, and this immutability has been the selling point of the blockchain since it has emerged.
This means that either blockchain in Europe or the GDPR needs to change. Blockchain developers could utilize new technologies to make personal data anonymous, which would keep blockchains out of the GDPR’s scope, while European judges could make an exception for blockchain in the GDPR.
The blog post concludes with, “we’re optimistic that our European friends will come to see that their legitimate privacy concerns are best addressed not through law, but through decentralizing technology itself.” A decentralized future, according to them, may just be the solution to more individual control over personal data and less incentive for firms to spy on their users.
The non-profit research and advocacy center focused on cryptocurrency and decentralized computing is backed by large industry players such as BitFury, Bitpay, Blockchain, Circle, Coinbase, Consensys, Digital Currency Group, Ethereum Foundation and others.
Starting May 25, all 28 EU nations will be applying the GDPR, which sets new standards for any holder of sensitive data, from Amazon to your local government council, as reported by Cryptonews.com. From then on, companies will have to post clear notices for users and get their unambiguous consent to collect data. Also, companies will be required to completely erase the personal data of any citizen who requests that they do so. But for some blockchain-based businesses, notably those that have publicly available data trails such as Bitcoin and Ethereum, it could prove impossible to erase that data, especially considering that thousands of apps are Ethereum-based in one way or another. Even a cryptocurrency wallet address could qualify as personal data.