Study: Building a Blockchain Application that Complies with the EU General Data Protection Regulation
Problem:The researchers attempted to find out if the regulations of GDPR conflicted with the features and benefits of blockchain technology. They gathered evidence from workshops, meetings, documents, and interviews. The outcome is that third-party services that provide permissioned pseudonyms are indeed able to avoid storing personal information yet provide the shared ledgers needed for blockchains.
How it was studied:Complying with the EU General Data Protection Regulation (GDPR) poses significant challenges for blockchain projects, including establishing clear responsibilities for compliance, securing lawful bases for processing personal data, and observing rights to rectification and erasure. We describe how Germany’s Federal Office for Migration and Refugees addressed these challenges and created a GDPR-compliant blockchain solution for cross-organizational workflow coordination. Based on the lessons learned, we provide three recommendations for ensuring blockchain solutions are GDPR-compliant.
Take away:General take-aways:
Three recommendations are offered for managing and designing GDPR-compliant blockchain solutions: