In a nutshell
- The EDPB has released draft guidelines for how personal data may be stored and accessed on bitcoin, in order to comply with GDPR regulations.
- The committee advises against keeping personal information on-chain if it poses the risk of breaking fundamental data protection principles.
- The impact is divided between experts, with some arguing that autonomy and privacy innovation are threatened by the rules while others view them as late guardrails.
The draft guidelines for how personal data is stored and shared on blockchains have been approved by the European Data Protection Board, which is yet another step in the direction of harmonising decentralized systems with established standards.
The EDPB, which ratified the rules this month and made public comment until June 9, said that the new guidelines restrict access to stored information and comply with the General Data Protection Regulation ( GDPR ) protections.
In a variant of the suggestions that is made available online, the EDPB stated that “blockchains have certain qualities that can present challenges when addressing the requirements of the GDPR.” The recommendations emphasize the need for Data Protection by Design, by Default, and by appropriate organizational and technical procedures.  ,
The phrase” storing personal data on a blockchain may be avoided in public rule” if it conflicts with data protection laws.
The instructions come amid persistent worries about the safety of bitcoin systems. A list of rights that people must respect in order to protect their personal information is provided in the GDPR.
The guidelines advised businesses to implement structure-wide and professional measures earlier in the development of data processing, and they also stressed the importance of data privacy, rectification, and destruction.
This includes taking into account the various roles played by the actors in various stages of bitcoin handling of personal data.
According to the EDPB, businesses should conduct Data Protection Impact Assessments ( DPIAs ) before using blockchain technology to process any personal data. This is assumed to be true if control is likely to result in a higher risk to individuals ‘ rights and freedoms.
The committee urged businesses to concentrate on making sure that “indefinite number of persons ‘ personal information is not made available by default.”
Data protection experts have divergent opinions regarding bitcoin’s influence on data privacy and the new instructions.
The EDPB’s suggestions are a proper warning that devolution doesn’t mean restructuring, according to Bryn Bennett, Senior BD at Hacken, a Russian Web3 security company. ”  ,
We consider privacy to be a component of the key infrastructure, not a post-launch add-on, Bennet said. Projects that don’t use customer data lightly run the risk of both security breaches and legal repercussions. Privacy-by-design, off-chain storeroom, and proper management are not just ideal practices; they are also survival tools.
However, Harry Halpin, the founder and CEO of decentralized private firm Nym Technologies, stated in an interview with that “putting private information on the bitcoin is a mistake.”
According to Halpin,” The use-cases I have seen, such as electric personality devices, or worse, COVID documents, essentially violate private and direct to authoritarianism.” Similar to how we use payment details on Nym, personal data may use zero-knowledge facts off-chain and have community privacy via mixnets.
He continued,” It is also mistaken to implement data protection laws to blockchain data because decentralized blockchains may require that decentralized blockchains be variable and subject to regulation.” Use standard centralized directories if this is your intention. ”  ,
edited by
Daily Debrief Newsletter
Begin each day with the most popular media stories right now, along with some fresh content, a radio, videos, and more.
