As of 25th may, 2018 European Union’s General data protection Regulation (GDPR) is effective. GDPR data protection scheme is designed to restrict the companies which used to collect the personal information without taking any consent from EU residents. GDPR will empower the users with right to information and right to request which enables them to ask the companies to provide or destroy their personal data.
GDPR is boon to users since they are now aware of their rights and they can choose whether they want to be watched by some external entity or not. These regulations can be a bane to some eminent technologies including Blockchain.
Why GDPR compliance and Blockchain cannot reconcile?
A glut of emerging technologies which includes Blockchain are adapted by the companies due to their capability to provide enhanced security and speed. Blockchain data protection enforces data to be immutable, that means it can never be destroyed. This immutability has caused Blockchain data protection to dissuade due to new norms called GDPR.
Blockchain is a kind of data structure that proposes data be stored in a distributed blocks or ledgers of transactions. For security perspectives, each block is hashed with a SHA256 cryptographic algorithm. Each block uses its hash value to link with next and previous block’s hash value. These blocks are decentralized and are distributed over different networks for faster transactions. These blocks were designed to be unalterable and immutable.
GDPR data protection compels the companies to store the data in alterable and mutable form. Companies should be able to deliver the information they are using to the user and should destroy the entire information when the user asks so.
How difficult it can be to alter the data stored in blocks?
If we try to alter the data stored on Blockchain, we have to first deal with the hashes that were used to hash the blocks initially. We need to alter the hashes of subsequent blocks and then we will be able to deal with the actual data. Even if we alter the hash of any one block to comply with GDPR data protection regulations, the integrity of entire Blockchain will be lost and it would become untrustworthy. This alteration will undermine the entire system as Blockchains are linkage of subsequent blocks and a single corrupt block will impact the whole equivalence.
Also Read: Zcash Vs ZenCash – Understand The Difference
Can GDPR compliance and Blockchain can go hand in hand?
This cooperation is conceivable but it will compromise the grace of Blockchain data protection. There are two nodes working with affinity towards Blockchain data protection: data controller and data processor.
Data controllers are responsible for controlling and authorizing who can access the data. Data controller needs an authorizing agreement to process the data by a data processor. There are two ways to mitigate the impact of GDPR on Blockchain:
- Storing the data outside Blockchain
The data can be stored in external storage and it can be linked with the reference link which will be stored in the blockchain along with hash of the block. The advantage of doing so is the data can be erased without shattering the blockchain. This will satisfy the right to erasure of GDPR data protection regulations but it will somehow reduce the spark of basis of Blockchain, that is security through redundancy.
- Erasing the cryptographic key
Deleting the cryptographic key will allow the access to the data which is hashed and stored on the blocks. This way is not acceptable yet by the GDPR authorities but it can be a potential way to safeguard Blockchain.
Must Read : Step By Step Guide To Buy Golem
The GDPR regulations imposed by EU will totally alter the way the personal data is used by the organizations. Impact of GDPR on Blockchain is blurring the vision of organizations to comply themselves to survive. There were brilliant minds behind generation of Blockchain and they will find middle path.