The principal point of a public, permissionless network is
that any person in any location can become a participant
in that blockchain, without registration or restriction,
simply by installing the relevant software and downloading
a full copy of the blockchain. Generally, all participants on
a public permissionless blockchain can see all the data on
the blockchain ledger.
By contrast, to join, view data on or interact with a private
permissioned blockchain network, participants must first
obtain authorisation. Private permissioned blockchain
networks employ various processes to approve new
participants and part of this process can be to ensure all
new participants subscribe to a set of rules or terms and
conditions that govern their use of the network. Because
anyone can join a public permissionless blockchain
network, it is not possible to ensure participants agree to
contractual terms and conditions before joining, nor is
it possible to know the geographic location of members,
assess their safekeeping of data or their compliance
with the GDPR and other applicable regulations. For this
reason, compliance with the GDPR mandates use of a
private permissioned blockchain.
Public vs. private?
Permissioned vs.
permissionless?
The public vs. private and permissioned vs.
permissionless distinctions dictate who can access
and add data to a blockchain network. The public
vs. private distinction refers to who can access the
blockchain in any capacity, as public blockchains
are open to all while private blockchains are open
only to pre-approved members. The permissioned
vs. permissionless distinction refers to who can
add data (commonly in the form of submitting
transactions and executing smart contracts) to the
blockchain, as permissioned blockchains restrict this
right to approved members while permissionless
blockchains allow all members to add data.
26 I GDPR and the Blockchain
26 I GDPR and the Blockchain