Page 0034

An added benefit of deletion by encryption is that it

preserves the immutable nature of the blockchain, as the

data on the blockchain itself is not altered. Additionally, it

offers another way to achieve "pruning" of a blockchain

(as discussed above). Every block added to the chain could

be encrypted with a key and, after the specified time,

every participant on the network could be required to

delete the keys to blocks older than that a particular age.

4 - Potential solution: Editable blockchains

Editable blockchains are a new solution that enable the

deletion and rectification of data on the blockchain.

They are divisive (in certain areas of the blockchain

community) because they are not immutable, which is

seen by some to undermine one of the fundamental

premises of blockchain technology. That being said, we

believe it is important at this stage to strike a pragmatic

balance between the ideological purity of a blockchain

solution and the commercial need for privacy compliance.

As described in a recently granted U.S. patent, editable

blockchains function in a manner which allows certain

permissioned members to be able to apply hash functions

to existing blocks, to substitute or remove the data

contained in the blocks.32 The hash functions used to

edit the blockchain can be programmed to leave a "scar"

on the edited blocks, enabling all network members to

identify which blocks have been edited.33

If an editable blockchain solution is adopted, then

members must implement well-defined governance rules

that control who can edit the blocks and what situations

allow or require editing of the blockchain. To enable GDPR

compliance, the governance rules should mandate the

editing of blocks that contain personal data when the data

are no longer necessary for the purpose for which they are

processed or when data subjects exercise their rights to

erasure and rectification.

5 - Potential solution: Deletion by "forking"

the blockchain

As a last resort, it is possible to "fork" a blockchain to

remove personal data. To perform a fork of the blockchain,

a majority of nodes on a pre-existing blockchain must

agree to a new set of initial rules, and then update the

software used to run the blockchain so that a majority of

nodes on a blockchain network agree to the new ledger.

As part of these initial conditions, network members can

agree to remove the blocks in the blockchain that contain

personal data. However, this technique requires re-running

the hashes for every subsequent block that built upon any

removed blocks.

It is important to note that network members should set

out what events merit performing a fork of the blockchain

within their governance regime. Further, that governance

regime should also obligate network members to update

the blockchain's software when a fork is conducted,

thereby avoiding contentious forking situations that

could lead to different groups of network members

claiming different branches of a blockchain are the one

true branch. By inserting these requirements into the

governance framework, members can control when and

how the drastic step of forking the blockchain occurs.

32 I GDPR and the Blockchain


  1. Page 0001
  2. Page 0002
  3. Page 0003
  4. Page 0004
  5. Page 0005
  6. Page 0006
  7. Page 0007
  8. Page 0008
  9. Page 0009
  10. Page 0010
  11. Page 0011
  12. Page 0012
  13. Page 0013
  14. Page 0014
  15. Page 0015
  16. Page 0016
  17. Page 0017
  18. Page 0018
  19. Page 0019
  20. Page 0020
  21. Page 0021
  22. Page 0022
  23. Page 0023
  24. Page 0024
  25. Page 0025
  26. Page 0026
  27. Page 0027
  28. Page 0028
  29. Page 0029
  30. Page 0030
  31. Page 0031
  32. Page 0032
  33. Page 0033
  34. Page 0034
  35. Page 0035
  36. Page 0036
  37. Page 0037
  38. Page 0038
  39. Page 0039
  40. Page 0040
  41. Page 0041
  42. Page 0042
  43. Page 0043
  44. Page 0044
  45. Page 0045
  46. Page 0046
  47. Page 0047
  48. Page 0048
  49. Page 0049
  50. Page 0050
  51. Page 0051
  52. Page 0052