UK University Research Shows Blockchain and Crypto has Potential to Circumvent GDPR Regulation
A study done by the Queen Mary University of London and the University of Cambridge shows that it is feasible for organizations to create blockchain apps that completely are compliant with recently implemented EU General Data Protection Regulation (GDPR.)
The research cites problems like extravagant penalties and ambiguity as primary obstacles which restricts businesses in the region from trying to work with blockchain.
The General Data Protection Regulation is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA areas. It directs to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
For businesses, it means that the way user data is acquired and handled will need to be closely assessed and brought to strict compliance with the GDPR. This not only applies to EU businesses, but to any business around the globe that targets EU citizens as potential consumers and acquires or processes any personal data from them. Any business found cheating the rules could potentially be charged a penalty of up to $23 million or 4% of the company’s global annual turnover would be detrimental to any organization.
It may be possible to design blockchain applications that are substantially compliant with GDPR requirements. Businesses could set up private blockchains which makes it possible to manage the data stored on the chain in a manner that is compliant with GDPR – without compromising some of the core objectives of a secure distributed ledger. Technical solutions may enable the deletion of personal data while preserving the integrity of a blockchain.
“Blockchain is by no means the first emerging technology to be branded as incompatible with privacy and other fundamental legal principles. Blockchain applications may well be disruptive, but that does not mean that they cannot be designed and deployed in a legally compliant manner,” said Professor Christopher Millard, who leads the Cloud Legal Project at Queen Mary.
His co-author Dave Michels added: “Solutions like hybrid blockchains that combine public and private elements have real potential to promote data privacy. The French data protection regulator was the first to provide much-needed guidance in this area. It would be great to see other regulators follow their lead.”