More Questions than Answers? France’s Regulatory Guidance on GDPR and Blockchain

The CNIL’s recently released guidance does offer some solutions in allowing blockchain to exist under the GDPR, however, it may create more questions about how these solutions would work in practice.

Extract from article by Rhys Dipshan

Out of all the challenges facing EU regulators tasked with translating the EU’s General Data Protection Regulation (GDPR) from text to reality, none is more potentially troublesome than how to apply the data law to blockchain technologies. Blockchain, after all, seems to inherently conflict with all that the GDPR demands. Data cannot be erased on the blockchain, nor can many blockchain networks be easily monitored or controlled by a central authority.

But among other things, the GDPR requires that enterprises honor any EU citizen’s request to erase their personal data from any system, and obtain an EU citizen’s “affirmative consent” before storing or processing personal data. So how can the GDPR and blockchain live side by side?

In late September 2018, France’s data protection authority Commission Nationale de l’informatique et des Libertés (CNIL) became the first, and so far only, EU agency to weigh in. But while CNIL’s recently released guidance does offer some solutions in allowing blockchain to exist under the GDPR, it creates even more questions about how these solutions would work in practice.

Additional Reading:

Commission Nationale de l’informatique et des Libertés Guidance on Blockchain (PDF)
(Translate Your PDF with Google Docs)

la_blockchain
WP-Backgrounds Lite by InoPlugs Web Design and Juwelier Schönmann 1010 Wien
Read previous post:
E-Discovery Day 2018 Educational Lineup Announced

More than 25 industry-leading organizations partner together for the 4th Annual E-Discovery Day on December 4, 2018.

Close