Here's how blockchains could be ruined by personal data


Welcome to Hard Fork Basics, a collection of tips, tricks, guides and tips to keep you up-to-date with the latest in cryptocurrency and blockchain news.

You may not have heard of "privacy poisoning", but it is said that this will become a big problem for public block chains (chains of chains without permission) in the United States. years to come.

This article explains what you need to know about privacy intoxication. To understand why it's as scary as it sounds, we need to start with some background.

It starts with GDPR

Unless you've had your head underfoot this year, you've probably heard about the EU's General Data Protection Regulation, or GDPR, as most people call it.

The GDPR states that users should have the right to control their data and that the companies that process this data should be held liable if this is prevented in one way or another.

However, this creates a paradox because public blockchains are supposed to be immutable. The unmodifiable nature of data stored "on the chain" and the right to control our own data under the GDPR seem simply irreconcilable.

In the eyes of the law, it is perfectly correct for a blockchain to store personally identifiable encrypted data, provided that the owner can control, modify and delete them as he sees fit. Unfortunately, since most public blockchains rely on a decentralized and immutable database, most of them will not comply with the PMP and may be "poisoned by confidentiality".

So what is it?

The poisoning of privacy seems scary, and it is true, but the concept is simple.

The poisoning of privacy occurs when personal data is added to a public blockchain, making it a violation of privacy laws, such as the GDPR.

If personal information on a blockchain can not be changed, no longer needed or no longer accurate, then this blockchain breaks the law. If the blockchain in question reveals the identity of individuals, it breaks the law.

The most obvious problem is that blockchains without permission – like Bitcoin or Ethereum – are unchangeable. One of the main regulations of the RGPD is the right to be forgotten. the right to delete your data. You can see how this could cause a problem for a blockchain.

If someone had to add personal data – addresses, names, birth dates, credit card numbers, etc. – to an open and immutable blockchain, without permission, it could be considered "poisoned by confidentiality".

That said, the distinction must be made between authorized (private) and unlicensed blockchains. Recent research by British academics has shown that private block chains would be in line with the GDPR because they offer much greater control and privatization of the data they store.

Who should be held responsible?

But how can a decentralized system be held responsible? Who should be punished if a blockchain is poisoned? Well, it's a very difficult question to answer, and that's the really scary part.

It seems that the EU did not fully take into account the operation of blockchains when developing its RPG. There is a clear lack of clarity as to how the GDPR should apply to the blockchain, which opens the system to potential abuse.

If we consider blockchains as data processors or controllers, it's up to them to comply, but nobody has public blockchains. As its name suggests, they are mostly run by the public. Nor are they companies made up of people who can be held responsible, but a series of nodes spread around the world.

If governments and regulators make find a way to hold blockchains accountable, they could use the very features that make a blockchain what it is against them. That said, regulators will have a hard time deciding who to fine when a blockchain is "poisoned to privacy."

So far, there has been no documented case of blockchain poisoning in privacy, but that does not mean it has not happened.

Whatever the action of European governments and regulators against a blockchain contrary to GDPR laws, this will undoubtedly be a precedent. Assuming governments can find someone or something to act against.

Posted on November 12, 2018 – 16:21 UTC