The French Data Protection Authority (DPA), members of the EU Parliament and the EU Blockchain Observatory and Forum, are among the few governmental actors that have publicly acknowledged the tensions between blockchain and the GDPR, in particular the rules around the right to erasure, right to rectification and the principle of data minimization.
Some companies have simply blocked European residents from accessing their websites or services, but this may no longer be a feasible solution with California’s own privacy law (California Consumer Privacy Act) coming into effect in 2020 and the recent push for a U.S. federal privacy law.
A number of proposed solutions to GDPR compliance exist, such as zero-knowledge proofs and destruction of private keys, but it remains unclear whether they constitute methods of erasure or anonymization.
The French DPA has gone the furthest to suggest that solutions such as the destruction of private keys would allow data subjects to get closer to an effective exercise of their right of erasure.
Will the EU Data Protection Board issue guidelines and recommendations to “ensure that blockchain technology is compliant with EU law” as suggested by the Committee on Civil Liberties, Justice and Home Affairs?
關於GDPR的其他附件:
DID & Copyright →→→ FT👻~NFT👺 