Home / Publications / The tension between GDPR and the rise of blockchain...

The tension between GDPR and the rise of blockchain technologies

January 2019

We live in an era of rapid technological development. Though this provides humanity with amazing opportunities to enhance our standard of living, it also forces lawmakers to work around the clock to analyse and capture the implications of the technology into legislation. The same is true for the subject of this paper – the tension between the relatively new General Data Protection Regulation (GDPR) and the quick rise of blockchain and other distributed ledger technologies (DLTs).

GDPR was drafted based on a world in which centralised and identifiable actors control personal data. Blockchain works radically differently. This technology aims to move the power over personal data away from centralised entities by processing it in a decentralised environment. One could imagine that the process of applying legislation based on a centralised view to technology without a clearly identifiable centralised entity might cause some tension. However, the decentralised nature of blockchain technology is not the only factor that causes legal and compliance challenges.

The near immutability of transactions, of code (e.g., smart contracts) and, in general, of blocks in a blockchain potentially affects the rights of data subjects.

This paper briefly addresses three main issues arising out of the tension between the GDPR and blockchain.

The tension between GDPR and the rise of blockchain technologies
PDF 2.5 MB


Portrait of Markus Kaulartz
Dr. Markus Kaulartz
Portrait of Katja Kranenburg - Hanspians
Katja van Kranenburg - Hanspians
Portrait of Simon Sanders
Simon Sanders
Portrait of Márton Domokos
Márton Domokos
Co-ordinator of the CEE Data Protection Practice, CMNO
Portrait of Katalin Horváth
Katalin Horváth
Senior Counsel
Portrait of Christian Runte
Christian Runte
Portrait of Michael Kamps
Michael Kamps
Bartolomé Martín
Show more Show less