After GDPR came into effect on May 25, 2018, industry leaders are wondering about its effect on innovative technologies like blockchain. In fact, the law has been created to empower users against data misuse during this digital transformation era. In this article at the Enterprisers Project, Laurianne McLaughlin talks about a way around GDPR.
GDPR and Blockchain: The Way Around
Red Hat evangelist Gordon Haff narrates that once a data goes on a blockchain, you cannot remove or change it. This feature is drawing attention from legal, financial, and supply chain companies. The problem is, GDPR allows users to request companies to remove their personal data from corporate systems. So, you must keep in mind the following pointers to utilize blockchain as well as prevent non-compliance penalties.
1. Data Selection with Blockchain Feature in Mind
You can store the transaction but leave the personal data of the user out of the loop. You can also keep the personal data encrypted so that it can be taken out of the chain when requested. Analyze and sort every data based on the permanent data storage nature of blockchain.
2. Initial Frictions
Avecto VP Simon Langton notes that new technologies always find it difficult to adjust to existing or upcoming laws. Self-driving cars having trouble complying with transport safety regulations is one such example. You should expect blockchain to face such initial problems with the law.
3. Finding the Right Reasons
Though GDPR seems at loggerheads with blockchain, Veridium CEO James Stickland says there is a way around the law.. The GDPR panel can choose safety over user rights in certain scenarios. Marc French, chief trust officer and data protection officer of Mimecast, says organizations can override a data removal request to prevent transaction fraud. Get a legal team together to help you reduce compliance costs, maintain company objectives, and analyze related risks.
4. Permanently Forgotten or Anonymous?
Mayank Choudhary, VP of ObserveIT, raises concern over the unclear nature of break-even points between GDPR and blockchain. The law does not state if the user information must be forgotten entirely or be left permanently anonymous in the blockchain.
5. Compliance Processes to Take Shape Later
Choudhary informs that organizations are still unclear whether GDPR would inflict penalties or enforce corrective measures for non-compliance. French, however, opines that the regulation committee must set up compliance processes and give organizations time to get used to. So, companies might undergo GDPR auditing less in the initial years.
To view the original article in full, visit the following link: https://enterprisersproject.com/article/2018/5/blockchain-and-gdpr-can-they-get-along