Page 0020

4.6

Rights of individuals

The GDPR builds upon the principles discussed above in a

set of detailed rights for individuals. Within the context of

blockchain applications, the most pertinent of these are:

• the right to erasure (commonly referred to as the

right to be forgotten), which gives individuals a right

to request that certain (usually outdated) information

about them be deleted; and

• the right to rectification, which allows individuals to

have incorrect data referring to them corrected.

A

The right to erasure

Article 17 of the GDPR gives individuals a qualified right

to request that a data controller erase personal data

about them without undue delay. There is a defined list

of circumstances in which a controller will be obliged

to erase personal data about an individual who submits

an erasure request. Most commonly, the right to erasure

applies where the personal data are no longer necessary

in relation to the purposes for which they were collected

or otherwise processed. As a result, personal data that

are still required for the purposes for which they were

originally collected can, in most instances, be retained by

the data controller.

The obligation to erase personal data also includes a

number of exceptions, among them:

• where retention is required by EU or EU Member

State law (for example, statutory record keeping

obligations);9 and

• where retention is necessary for the establishment,

exercise or defence of legal claims.10

B

The right to rectification

Article 16 of the GDPR provides data subjects with an

unqualified right to "obtain from the controller without

undue delay the rectification of inaccurate personal data

concerning" them. It is important to note that the article

goes on to say: "[t]aking into account the purposes of

the processing, the data subject shall have the right to

have incomplete personal data completed, including by

means of providing a supplementary statement," which

may well be helpful in the context of blockchain solutions

struggling with the concept of rectification.

18 I GDPR and the Blockchain

Index

  1. Page 0001
  2. Page 0002
  3. Page 0003
  4. Page 0004
  5. Page 0005
  6. Page 0006
  7. Page 0007
  8. Page 0008
  9. Page 0009
  10. Page 0010
  11. Page 0011
  12. Page 0012
  13. Page 0013
  14. Page 0014
  15. Page 0015
  16. Page 0016
  17. Page 0017
  18. Page 0018
  19. Page 0019
  20. Page 0020
  21. Page 0021
  22. Page 0022
  23. Page 0023
  24. Page 0024
  25. Page 0025
  26. Page 0026
  27. Page 0027
  28. Page 0028
  29. Page 0029
  30. Page 0030
  31. Page 0031
  32. Page 0032
  33. Page 0033
  34. Page 0034
  35. Page 0035
  36. Page 0036
  37. Page 0037
  38. Page 0038
  39. Page 0039
  40. Page 0040
  41. Page 0041
  42. Page 0042
  43. Page 0043
  44. Page 0044
  45. Page 0045
  46. Page 0046
  47. Page 0047
  48. Page 0048
  49. Page 0049
  50. Page 0050
  51. Page 0051
  52. Page 0052