Blockchains and Data Protection in the European Union

32 Pages Posted: 6 Dec 2017 Last revised: 7 Feb 2018

Michèle Finck

Max Planck Institute for Innovation and Competition; University of Oxford

Date Written: November 30, 2017

Abstract

This paper examines data protection on blockchains and other forms of distributed ledger technology (‘DLT’). Transactional data stored on a blockchain, whether in plain text, encrypted form or after having undergone a hashing process, constitutes personal data for the purposes of the GDPR. Public keys equally qualify as personal data as a matter of EU data protection law. We examine the consequences flowing from that state of affairs and suggest that in interpreting the GDPR with respect to blockchains, fundamental rights protection and the promotion of innovation, two normative objectives of the European legal order, must be reconciled. This is even more so given that, where designed appropriately, distributed ledgers have the potential to further the GDPR’s objective of data sovereignty.

Keywords: blockchain, distributed ledger technology, data, data protection, encryption, regulation, EU law

Suggested Citation

Finck, Michèle, Blockchains and Data Protection in the European Union (November 30, 2017). Max Planck Institute for Innovation & Competition Research Paper No. 18-01. Available at SSRN: https://ssrn.com/abstract=3080322 or http://dx.doi.org/10.2139/ssrn.3080322

Michèle Finck (Contact Author)

Max Planck Institute for Innovation and Competition ( email )

Marstallplatz 1
Munich, 80539
Germany

University of Oxford ( email )

Mansfield Road
Oxford, Oxfordshire OX1 4AU
United Kingdom

Register to save articles to
your library

Register

Paper statistics

Downloads
2,563
rank
4,154
Abstract Views
8,853
PlumX