Sometimes in the technology sector you have to work with opposite needs or even contradictions. We often find ourselves in a situation of balance between human nature and security or legal technology and technology. An example of the former is in the area of password policies in which one would expect a complex password to require a complex policy. The reality is more complicated People write complex passwords, which makes them vulnerable.
This contradiction in terms is where we stand with the blockchain and data privacy. The blockchain creates an irreversible (sometimes public) recording of something that seems, at least on the surface, to contravene the expectations of the law on privacy.
In the world of digital identity, the idea of self-sovereign identity (SSI) is widespread. SSI, in short, is a way to use blockchain technology to decentralize digital identity. At the same time new and improved data privacy legislation is promulgated, including the General Data Protection Regulation (GDPR) of the European Union and the California Consumer Privacy Act (CCPA).
These regulations have set a high level for the confidentiality of data and the high heights of this bar are reached through the choice and control of the user. The question that is asked is: "Can you accept the nuances of data privacy and user control when you create an immutable record of identity and data using a blockchain?"
Identity on a blockchain
Before answering the question above, we must think about what "identity on a blockchain" means. Currently, the industry discussion on blockchains and identities is to promote the idea of SSI, but there are other ways to use the blockchain to record a digital identity or attribute status (for example).