Author

Topic: GDPR and Blockchain: Is the New EU Data Protection Regulation a Threat (Read 79 times)

member
Activity: 182
Merit: 16
GDPR Could Hinder Blockchain Innovation, Warns EU Body

The EU Blockchain Observatory and Forum has warned that the General Data Protection Regulation law that went into effect a little over two months ago could hinder innovation in the blockchain space.

According to the European blockchain body, this is because of the lack of legal clarity between blockchain technology and the GDPR law, whose aim is to protect individual data rights as well as facilitate the free movement of personal data in the single market.

“As long as the legal framework around personal data and blockchain remains unclear, entrepreneurs and those designing and building blockchain-based platforms and applications in Europe face massive uncertainty. That can put a brake on innovation,” notes the report titled ‘Blockchain Innovation in Europe’.
https://www.ccn.com/gdpr-could-hinder-blockchain-innovation-warns-eu-body/
newbie
Activity: 43
Merit: 0
By Samuel Martinet - Cointelegraph

The General Data Protection Regulation (GDPR), a sweeping and stringent European Union (EU) wide legal framework for personal data privacy, became effective on May 25. Ready or not, this framework is going to drastically transform the business of any digital venture. The International Association of Privacy Professionals (IAPP) forecast that at least 75,000 privacy jobs will be created as a result, and that Fortune's Global 500 companies will spend close to $8 bln in order to ensure they are compliant with the GDPR. But what does this mean for the blockchain?   

The GDPR’s goals are: to create a uniform data regulation framework within Europe, and to strengthen individuals’ control over the storage and use of their personal data. It was adopted in 2016, and after a two-year transition period, is now in force.

Obligations and rights
The GDPR introduces new procedural and organizational obligations for "data processors" - including corporate as well as public entities, and gives more rights to “data subjects” - the term it uses for individuals.

Public and private organizations, when left to themselves, tend to accumulate data even before knowing what they will do with it, sort of "gold rush" in personal data acquisition. The GDPR goes against this habit by specifying that data processors should not collect data beyond what is directly useful to their immediate interaction with consumers. In effect, the data harvest should be “adequate, relevant and limited to the minimum necessary in relation to the purposes for which they are processed” (Article 39 of the GDPR).

Besides setting out what is or isn’t allowed, the GDPR also specifies organizational guidelines that data processors will need to adopt from now on. For instance, their technological architecture will have to erase by default consumer data after using it - "privacy by design".

Secondly, any entity considered to be a “data nexus” will be required to have a Data Protection Officer (DPO) responsible for managing compliance with the GDPR. This DPO will be under the legal obligation to alert the supervisory authority whenever a risk to data subject's privacy arises (Article 33).

The original article here https://cointelegraph.com/news/gdpr-and-blockchain-is-the-new-eu-data-protection-regulation-a-threat-or-an-incentive
Jump to: