This website uses cookies so that we can provide you with the best user experience possible. Our Cookie Notice is part of our Privacy Policy and explains in detail how and why we use cookies. To take full advantage of our website, we recommend that you click on “Accept All”. You can change these settings at any time via the button "Update Cookie Preferences" in our Cookie Notice.
Technical cookies are required for the site to function properly, to be legally compliant and secure. Session cookies only last for the duration of your visit and are deleted from your device when you close your internet browser. Persistent cookies, however, remain and continue functioning on repeat visits.
CMS does not use any cookie based Analytics or tracking on our websites; see details here.
Personalisation cookies collect information about your website browsing habits and offer you a personalised user experience based on past visits, your location or browser settings. They also allow you to log in to personalised areas and to access third party tools that may be embedded in our website. Some functionality will not work if you don’t accept these cookies.
January 2019
We live in an era of rapid technological development. Though this provides humanity with amazing opportunities to enhance our standard of living, it also forces lawmakers to work around the clock to analyse and capture the implications of the technology into legislation. The same is true for the subject of this paper – the tension between the relatively new General Data Protection Regulation (GDPR) and the quick rise of blockchain and other distributed ledger technologies (DLTs).
GDPR was drafted based on a world in which centralised and identifiable actors control personal data. Blockchain works radically differently. This technology aims to move the power over personal data away from centralised entities by processing it in a decentralised environment. One could imagine that the process of applying legislation based on a centralised view to technology without a clearly identifiable centralised entity might cause some tension. However, the decentralised nature of blockchain technology is not the only factor that causes legal and compliance challenges.
The near immutability of transactions, of code (e.g., smart contracts) and, in general, of blocks in a blockchain potentially affects the rights of data subjects.
This paper briefly addresses three main issues arising out of the tension between the GDPR and blockchain.
Social Media cookies collect information about you sharing information from our website via social media tools, or analytics to understand your browsing between social media tools or our Social Media campaigns and our own websites. We do this to optimise the mix of channels to provide you with our content. Details concerning the tools in use are in our privacy policy.