Blockchain and Distributed Ledger Technologies (DLT)
have emerged as an effective enterprise transformation
tool. They provide capabilities beyond traditional databases
to share data and manage workflow throughout an
enterprise and across its ecosystem of customers, partners
and suppliers in a trusted manner without central control.
Blockchain for the enterprise is a specialised workflow
automation tool that, when applied properly, is a powerful
cross-enterprise transformation instrument. However, at
CGE's Digital Supply Chain Institute (DSCI), our research
has shown that success stories remain elusive because
of difficulties in forming the blockchain ecosystem or
network, determining network and data governance, and
complying with government data regulations. It is this last
element that forms the basis of this paper.
As with many exciting new technologies, the hype
surrounding blockchain has been extreme and prompted
a tidal wave of company experimentation that has proven
one thing: blockchain is not a good fit for all applications,
but for some it is an exceptional fit. This paper examines
one such exceptional fit for the shipping industry, in the
context of compliance with the European Union's General
Data Protection Regulation (GDPR).
Many commentators have written that the GDPR and
blockchain technology are fundamentally incompatible.
This paper was prompted by DSCI members who saw this
as a clear inhibitor to blockchain adoption and asked for
our view. We enlisted Slaughter and May and Cravath,
Swaine & Moore LLP, two leading international law firms,
to better define the opportunities and challenges as to how
the GDPR applies to this nascent technology.
Other countries will, undoubtedly, adopt regulations similar
to the GDPR, and hence businesses are unlikely to avoid
privacy compliance issues in the future. We also want to
emphasise that the GDPR is a pressing concern for all
companies, not just B2C companies, as the digital economy
is increasingly making B2C and B2B distinctions fade away.
This paper provides a management framework for
addressing GDPR compliance in a blockchain network.
We examine the power and efficiencies blockchain brings
to the shipping industry, and examine the compliance
challenges created by the GDPR. We conclude that, with
some up-to-date, pragmatic guidance and increased
support from regulatory authorities in Europe, there is no
fundamental reason why the GDPR and many blockchain
solutions cannot happily coexist.
Christopher G. Caine, President
The Center for Global Enterprise