Blockchain and the Data Controller
Blockchain technology and the General Data Protection Regulation (GDPR) have both received considerable media attention. The GDPR was created against a backdrop of centralized data processing and does not take decentralized approaches such as blockchain into account. Accordingly, blockchain protocols and implementations pose significant challenges to the application of the GDPR. Notwithstanding, blockchain technology can also be seen as a means of data protection.
This three-part essay explores the application of the GDPR to blockchain-based data processing. Part one deals with the question of determining the data controller in blockchain systems because numerous responsibilities rest upon the data controller under the GDPR. This regulation is based on the assumption that there is always a data controller behind any processing of personal data. However, the data protection concept of ‘control’ does not accord with very notion of decentralized data processing.