The European Parliament’s Panel for the Future of Science and Technology (STOA), issued a study on blockchain and the GDPR titled: ‘Can distributed ledgers be squared with European data protection law?’ The study discusses the EU’s application of the GDPR to blockchain technologies. The report evaluates the most relevant aspects of the European data protection law in relation to blockchain.
The report focuses on three policy options: (a) ‘Regulatory guidance’ calls for further legal certainty for the blockchain industry regarding the privacy of data and data protection. It calls for a co-ordinated reaction from the European Data Protection Board and to rethink the Article 29 Working Party guidelines on anonymisation techniques (the working party concluded that certain data can be anonymised by extensive encryption of data that is used in public databases).
(b) ‘Support codes and certification mechanisms: Both certification mechanisms and codes of conduct exemplify a co-regulatory spirit whereby regulators and the private sector devise principles designed to ensure that the principles of European data protection law are upheld where personal data is processed.’
(c)‘Research Founding’: Stating that the first two options has limitations, the report suggests that ‘…solutions could be found by means of interdisciplinary research, devising both technical and governance remedies and experiments with blockchain protocols that could be compliant by design.’