Blockchain technology – a cryptographically secured chain of blocks – was first described in 1991 by Stuart Haber and W. Scott Stornetta.1 Today, blockchain technology is widely recognized as the technology behind the Bitcoin cryptocurrency.2 Blockchain is like a large ledger within which every bit of data of every single entry is saved. When new data is added to a blockchain, peers in the network check the data to ensure that it is valid for addition, to avoid fraud by rogue nodes. The data that the peers need to check, needs to be stored transparently in the blockchain.
It is very important to underline that blockchain can be used for various purposes. For handling money, it is a highly anonymous public blockchain. In case of storing user data, it can be a true distributed database that allows for editing and deleting records. At least in some cases, but there are already some examples.3 Blockchain is not always anonymous, Bitcoin is. It very much depends on what blockchain technology is used for.4 If a blockchain is anonymous, then it is theoretically excluded from of General Data Protection Regulation.5 All that being said, blockchains might not necessarily be bad for privacy.
Personal Data of the Future ^
The Data Protection Directive gives us a definition of personal data – «‹Personal data› shall mean any information relating to an identified or identifiable natural person (‹data subject›); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity; ...»6
The General Data Protection Regulation (GDPR) modifies this definition by making it a little more detailed – «‹Personal data› means any information relating to an identified or identifiable natural person (‹data subject›); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; ...»7
In some cases, personal data is required to verify validity of a transaction on the blockchain. For a node to check a Bitcoin transaction, it must have access to all previous transactions and be able to check that the person giving the Bitcoins has some at his or her disposal. It must be possible to reconstruct the full financial history of every person exchanging Bitcoins: How many Bitcoins they have, where they got those Bitcoins from, whom they spend their Bitcoins with – this is personal data. Pseudo anonymity10 of the Bitcoin address can help, but it can easily be breached if the address is associated with a donate button. Therefore, it is advised to hold several Bitcoin addresses and not to transfer Bitcoins between those accounts to avoid others linking them together.11
Right to be Forgotten within the Blockchain ^
The right to be forgotten can be described as the right of individuals to have their data no longer processed and deleted when they are no longer needed for legitimate purposes.12 It has clear limits and rules given in art. 17 General Data Protection Regulation (right to erasure, «right to be forgotten»). Contrary to popular believe, it is not absolute because of clear legal limitations. There are some possible limitations from new technologies (i.e. Blockchain).
The key benefit of blockchains is the immutability13 of data – all data being recorded and maintained in the chain from the beginning of the blockchain are an undisputable record in terms of verification purposes. Once data has been written to a blockchain, no one, not even a system administrator, can change it. If this data is made up of personal data, then erasure or rectification of the personal data would theoretically be impossible. This is likely to pose a greater issue as data subjects have a right to require data controllers to rectify and erase their data.14
Due to the unalterable character of the blockchain, it is impossible to erase data once it has been added. It seems that blockchains and the right to be forgotten aren’t compatible. Inalterability and decentralization means that the register is made up of indelible data and that this register is shared with all users in the network. Applying the right to be forgotten goes against the very principle of inalterability, which lies at the core of the blockchain technology.15
On the other hand, blockchain technology could also be beneficial for the protection of personal data by encoding permissions, conditions and restrictions for its use. It could enable data portability and provide an easily auditable trail with evidence of consent.16
A blockchain stores a series of transactions, which can be data of any sort, in blocks, which get added to the blockchain one after the other. Blockchains are what is known as an append-only data store.17 That means you can only add data to the store, you cannot take it away. Blockchains are maintained by a peer network of nodes in which every node has a copy of the blockchain and has equal authority to add to it. Every node publishes that data for other nodes to pick up and use. One of the unique selling points of blockchains is that once data is embedded in the blockchain it cannot be altered without that change being detected and rejected by the other nodes in the network. This is useful for data that people need to trust because it provides a guarantee that the data in the blockchain has not been changed since it was put there.
Greg McMullen18 gave a rather pessimistic image regarding the possibility to apply the right to be forgotten within blockchain: «Assuming personal information is encrypted before it is written to a blockchain, destroying the key renders the data unreadable. But is this enough to comply with the right to be forgotten, if the data is technically still there? Regulators should accept the destruction of a key as an erasure for the purposes of the GDPR, so long as the destruction is done in accordance with best practices and in an auditable way.»19
The second idea is that a court could try to compel the entire set of nodes to be shut down. Putting aside that nodes may reside in different legal jurisdictions, that would have huge practical implications. It would mean removing all the rest of the data held in the blockchain as well as the target of the order. Unfortunately, blockchains are usually holding many types of data and are supporting many types of applications. Because of that, there is a real risk that bad data simply must continue to exist to prevent massive disruption of the provision of good data for other applications. Therefore, even if this solution were possible, it might be too risky for the blockchain.20
Other solutions include controlling what becomes public within a peer-to-peer network of trusted nodes, therefore hiding data in the blockchain that should not be shared in the first place.21
But, there is another solution. The issue of the right to be forgotten is seemingly resolvable in a permissioned system which would allow the controlling party to use a blockchain editor tool, like the one Accenture22 has recently filed a patent for.
- It is compatible with current blockchain designs,
- can be implemented now,
- requires only minimal changes to current application software.
Redacting the blockchain is simple: The chameleon hash key is used to unlock the link between the block that must be changed and its successor. Thanks to the key, it is possible to substitute the block with a new one without breaking the hash chain. The invention is designed to preserve the virtues of immutability as well. The editable blockchain invention is designed for permissioned systems, which have a designated administrator who manages the systems and grants permission to use it.23
- Graduate Key – This is the property of the graduate and is integrated into the diploma’s URL.
- Persistent Key – It is kept by the educational establishment. When the graduate wishes to exercise his or her right to be forgotten, he or she only has to destroy this key.
- School Permanent Key – This is kept by the educational establishment.
There is an algorithm allowing total security of the diploma’s keys. It is not stored and can be generated only by assembling three keys through a derivation process.25
Blockchain Used for Data Protection ^
From a data protection perspective, blockchain technology is particularly interesting because it theoretically allows transactions between parties without them having to disclose their identity. Anonymity and pseudonymity are also addressed as data protection law instruments. If a transaction cannot be traced back to the individuals, their fundamental right to self-determination is not affected.26
Can blockchain technology be an opportunity for personal data protection? To a certain extent, yes. Blockchains are decentralized and distributed. Currently, various trusted third parties process personal data. These entities are centralized and, therefore, often constitute single points of failure. Leaks of unimaginable amounts of data due to cybercrime often occur in the form of an attack on a single entity, such as a hospital, email service provider, etc.27
Most significantly, blockchain technology may enable individual control of one’s personal data. According to Martin Ruubel, president of Amsterdam-based GuardTime, people will be in control of data, will be able to share it with whomever they want to, and will be paid for it.28 In the future, the widespread adoption of blockchain technology can remove the need for large companies to maintain data and provide individuals with complete control over their personal data.29
Blockchain technology can better address the privacy concerns to which the GDPR and EU regulators are responding. Zyskind et al.30 for example, call into question the current centralized model of protecting personal data through trusted third parties and describe a more secure, unhackable and decentralized peer-to-peer personal data management system using a blockchain. The authors’ proposed system focuses on mobile platforms and ensures that individuals own and control their personal data. Individuals decide with whom they share their personal data through delegated permissions.
- A user signs up to the Civic app which collects various identifying information for them.
- All of that is passed through to either a government agency or a third-party identification verification service depending on the country.
- Once verified, Civic takes a cryptographic hash of all the information, inserts the hash into the public blockchain, and then erases the personal data from their servers.
- Then, when you want to authenticate to use another service, you share whatever information they ask of you and they can send the information through Civic’s special algorithm to check it against the hash on the blockchain.
It must also be mentioned that the anonymity in the blockchain is far from being perfect. It is possible to associate public keys with each other, and with external identifying information. Appropriate tools allow to observe the activity of known users in detail. Additionally, an interested party can potentially deploy marked Bitcoins and collaborate with other users to discover even more information. Large centralized services such as the exchanges and wallet services can identify and track user activity.32
- 1 Haber, Stuart/Stornetta, Scott, How to time-stamp a digital document, Journal of Cryptology. 3 (2), 1991, p. 99–111.
- 2 «Blockchain, The next big thing – Or is it?», The Economist Online, 2015, http://www.economist.com/news/special-report/21650295-or-it-next-big-thing (all websites last visited in January 2018); Pilkington, Marc, Blockchain Technology – Principles and Applications, p. 225, in: Olleros, Zhegu (ed.), Research Handbook on Digital Transformations, Cheltenman, 2016.
- 3 See below.
- 4 Lucas, Matt, The difference between Bitcoin and blockchain for business, IBM, 2017, https://www.ibm.com/blogs/blockchain/2017/05/the-difference-between-bitcoin-and-blockchain-for-business/.
- 5 Anonymous data that definitely does not allow to identify the data subjects are excluded from the scope of the GDPR.
- 6 Article 2 of Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
- 7 Article 4 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
- 8 https://www.torproject.org/projects/torbrowser.html.en.
- 9 https://www.torproject.org/docs/faq.html.en.
- 10 Bitcoin is pseudonymous. Sending and receiving Bitcoins is like using a pseudonym. If an author’s pseudonym is ever linked to their identity, everything they ever wrote using that pseudonym will now be linked to them. «Bitcoin Anonymity – Is Bitcoin Anonymous?», https://www.buybitcoinworldwide.com/anonymity/.
- 11 Tennison Jeni, What is the impact of blockchains on privacy?, open data institute, 2015, https://theodi.org/blog/impact-of-blockchains-on-privacy.
- 12 Communication from the Commission to the European Parliament, the Council, the economic and social Committee and the Committee of the Regions. A comprehensive approach on personal data protection in the European Union, COM(2010) 609 final, p. 8.
- 13 Immutability is relative and relates to how hard something is to change.
- 14 Russel, Luke, Blockchains: The legal landscape, Blake Morgan, 2016, https://www.blakemorgan.co.uk/training-knowledge/features-and-articles/blockchains-legal-landscape/.
- 15 «When the right to be forgotten becomes possible on the Ethereum blockchain», NewsBTC, https://www.newsbtc.com/press-releases/bcdiploma-right-to-be-forgotten-ethereum-blockchain/.
- 16 Lumb, Richard/Treat, David/Jelf, Owen, Editing the uneditable Blockchain. Why distributed ledger technology must adapt to an imperfect world, accenture, 2016, p. 6, https://www.accenture.com/t00010101T000000__w__/it-it/_acnmedia/PDF-33/Accenture-Editing-Uneditable-Blockchain.pdf.
- 17 Jeni (note 11).
- 18 Founder and Executive Director of IPDB Foundation, https://ipdb.io/.
- 19 McMullen, Greg/Glatz, Florian, Blockchain & Law in 2017: Finally friends or still foes?, 2017, https://medium.com/ipdb-blog/blockchain-and-law-in-2017-f535cb0e06c4.
- 20 Jeni (note 11).
- 21 Farmer, Steven, Blockchain technologies and the EU «right to be forgotten» – an insurmountable tension?, International Business Times, 2017, http://www.ibtimes.co.uk/blockchain-technologies-eu-right-be-forgotten-insurmountable-tension-1580166.
- 22 Lumb/Treat/Jelf (note 16).
- 23 Lumb/Treat/Jelf (note 16), p. 7.
- 24 https://www.ethereum.org/.
- 25 The Right to Be Forgotten Becomes Possible on the Blockchain», Cryptotimes, 2017, http://cryptotimes.org/blockchain/right-forgotten-becomes-possible-blockchain/.
- 26 Wilke, Stefan/Krings, Dennis, Blockchain from a perspective of data protection law. A brief introduction to data protection ramifications, DeLoitte, https://www2.deloitte.com/dl/en/pages/legal/articles/blockchain-datenschutzrecht.html.
- 27 Czarnecki, Jacek, Blockchains and Personal Data Protection Regulations Explained, coindesk, 2017, https://www.coindesk.com/blockchains-personal-data-protection-regulations-explained/.
- 28 Shin, Laura, The Top 10 Blockchain Takeaways From Europe’s Trustech Conference, Forbes, 2016, https://www.forbes.com/sites/laurashin/2016/12/05/the-top-10-blockchain-takeaways-from-europes-trustech-conference/#6bb7a0e97ba6.
- 29 Berms, Jeffrey K., Blockchains Can Assist EU Regulatory Fight for Personal Data Protection, Berns Weiss, 2016, https://www.law111.com/blockchains-can-assist-eu-regulatory-fight-for-personal-data-protection.
- 30 Zyskind, Guy/Nathan, Oz/Pentland, Alex, Decentralizing Privacy: Using Blockchain to Protect Personal Data, IEEE Security and Privacy Workshops, 2015, http://ieee-security.org/TC/SPW2015/IWPE/5.pdf.
- 31 https://www.civic.com/intel.
- 32 Reid, Fergal/Harrigan, Martin, An Analysis of Anonymity in the Bitcoin System, 2011, p. 26, https://arxiv.org/abs/1107.4524.