Blockchain is set to revolutionise the financial services industry, although many have raised concerns with regard to its compatibility with privacy legislation, particularly the EU's General Data Protection Regulation (GDPR). Certain inherent qualities of a blockchain appear to operate in tension with fundamental features of data protection laws, leaving the compliance status of blockchain technology unsettled. For example, the GDPR applies notions of responsibility and liability to entities known as data controllers and data processors, but it remains unclear which, if any, party fills these roles in certain blockchain settings. In addition, in certain circumstances, the GDPR vests data subjects with various exercisable rights that will prove challenging to assert in the blockchain context, such as a right to deletion and correction. This chapter explores these challenges, and discusses the limited extent to which EU regulators and bodies have attempted to address these challenges. The chapter concludes that as more and more countries embrace privacy frameworks based on the EU's GDPR, which appears inevitable, these challenges will erupt in other countries around the world necessitating greater regulatory or legislative intervention.
You are not authenticated to view the full text of this chapter or article.
Get access to the full article by using one of the access options below.