New EU Privacy Rules May Work Perfectly With Private Blockchains Per University Study
New research has been revealed in a study by Queen Mary University of London and the University of Cambridge, showing the benefit of private blockchains. In fact, they suggest that the inter-banking platforms, which are meant to share customer information, could fall in line with the new privacy rules from the E.U.
In May, the General Data Protection Regulation (GDPR) act was passed, which was a legislation that essentially regulates how personal data is stored for local citizens. In the law, the citizens rights have to be respected by data controllers that maintain their private information. In the event that that controller doesn’t do so, then they are assessed a major fine, which is either 4% of the global revenue or €20 million (about $22 million). The law will choose the higher of these two numbers.
The Richmond Journal of Law and Technologies published a study that said that the crypto-related technology could essentially fall under the same rules, considering how third parties operate the private details.
The study notes,
“There is a risk that this legal uncertainty will have a chilling effect on innovation, at least in the EU and potentially more broadly. For example, if all nodes and miners of a platform were to be deemed joint controllers, they would have joint and several liability, with potential penalties under the GDPR.”
However, it’s important to note that there’s a chance of the that the operators of the blockchain could be also treated like processors. The study adds that this consideration is primarily for Blockchain-as-a-Service offerings, which are a third party’s involvement in the supporting infrastructures. In the report, the researchers note the centralized platforms for land registries and private inter-banking solutions on their blockchain platform, which create “a closed, permissioned blockchain platform with a small number of trusted nodes.” With a closed system like this, it’s easy to comply with the regulations set forth by the GDPR, according to the report.
Blockchain networks, in order to meet with the laws of privacy, could also choose to delete private keys that are connected with encrypted information or store the same information externally. The data that cannot be decoded will remain on the blockchain.
For the networks with greater decentralization, like ones with mining and cryptocurrency, it could be more difficult to comply with the regulations. The nodes could still fork a new version of the blockchain periodically, which would end up creating multiple requests for erasure.
The study notes,
“However, in practice, this level of coordination may be difficult to achieve among potentially thousands of nodes.”
Based on the information that the researchers discovered, they hope that the European Data Protection Board will establish better regulatory guidance on how to protect data with different types of blockchain. There’s a chance for the GDPR to support the blockchain, though there’s an equal risk of damaging it. The way that they integrate the information from this research could make the difference.