Blockchains should have privacy by design & # 39; for GDPR compliance

[ad_2][ad_1]

The General Data Protection Regulation (GDPR) and the blockchain are currently one of the most controversial debates in the industry.

Some believe that unlicensed public blockchains can not conform to GDPR and that private blockchains could be the answer to blockchain regulatory issues. Even so, private blockchains question the true meaning of what is a blockchain. There is no simple answer.

Dutch startup blockchain, LTO Network, hosted Barclay bank speakers, Cambridge Computer Lab and Queen Mary University to address some of these difficult questions at Hard Fork Decentralized last night.

The general feeling of the evening? That we should probably strive to understand how to make the blockchain a legally compatible technology that can be used in a wide range of public service settings.

Design blockchain from scratch

According to the Barclay entrepreneur, Julian Wilson, we need to "reconfigure our approach and our way of thinking" during the creation of blockchain. We should not use blockchain as additions or additions to current business models, but completely review our business models built around a suitable blockchain – assuming that a blockchain is the best solution, ie.

In some cases building a blockchain purely for the sake of doing it is the worst thing a company can do. For a bank with over 300 years of history, like Barclay, it is not as simple as moving the current banking process on the blockchain. Hundreds of years of evolution can not simply be taken and placed in a standard solution, but blockchains must be customized.

Especially when there are known-your-customer (KYC) policies required by law, not all blockchains would meet these laws, so you need to create specialized blockchains. In fact, to make the blockchain legally compliant, it should be built with the law in mind, and not vice versa.

Blockchain as a cryptographic puzzle

Researchers at Queen Mary University believe that solving the cryptographic puzzle of the GDPR blockchain is actually quite simple.

Basically, it can be solved by balancing the blockchain design with the legal requirements from scratch. "To solve these design puzzles, we need to use creative solutions that support design regulations," said Dave Michels of Queen Mary University.

Michels described a solution to the cryptographic puzzle of GDPR, the right to oblivion. In this case, Michels believes that the transaction data can be encrypted with a private key to generate an encrypted text that can be stored on the blockchain in an unchanging way. If you want to be forgotten, the deletion and removal of the key make the transaction data stored in the encrypted text unreadable, but do not break the chain of records stored on the blockchain.

The problem, however, creates a new challenge on where and how to store these private keys, in some cases it can lead to a centralization point. If so, it questions the notion if decentralization is the best choice for the application of the blockchain – bringing us back to the starting point.

Of course, these solutions are only applicable to GDPR, the other nations will have different holds on regulation, so tackling blockchain compliance globally is even more difficult.

In fact, there will not be an easy answer to the cryptographic puzzle that the blockchains present. But with researchers, bankers and legal developers, like those of LTO Network's speech last night, working to solve these riddles, I'm sure there will be a solution in the end. Whether this solution can be considered as a blockchain or not is a whole other conversation.

Published December 14, 2018 at 11:59 UTC

[ad_2]Source link