Skip to content

Putting Data Protection by Design on the Blockchain

Alexandra Giannopoulou

open-access


DOI https://doi.org/10.21552/edpl/2021/3/7

This work is distributed under the Creative Commons Licence Attribution 4.0 International (CC BY 4.0).



The principle of data protection by design, as it is enshrined in article 25 of the GDPR, is difficult to apply in blockchains. This article will assess how the reliance on asymmetric encryption and other privacy enhancing technological architectures -necessary in a blockchain-based system- approach both user control and data protection by design compliance from the single scope of anonymization and unlinkability. Data subjects’ rights, accountability, and the potential shortcomings of applied technological constraints are thus sidelined. Ultimately, this limited understanding of technological privacy, acts as a misguiding set of principles for technological co-regulation through standardisation in blockchains. The standardization of these choices without a holistic analysis of data protection by design imperatives could ultimately weaken the position of data subjects, whose trust in the technological protections of personal data might prove to be relatively misplaced.
Keywords: Anonymity | Blockchain | Data Protection by Design | Encryption | EU General Data Protection Regulation | Privacy

Share


Lx-Number Search

A
|
(e.g. A | 000123 | 01)

Export Citation