Unless you’ve been living under a 56K modem, then you’ve undoubtedly heard of Bitcoin or other cryptocurrencies. And if you run a business or website, then you’ve also probably heard of the upcoming General Data Protection Regulation, which goes into effect on May 25th. (If you have not heard about the GDPR, make sure you catch up here to ensure compliance.) But have you considered the crossroad between cryptocurrencies and the GDPR and how it could prove problematic?
What is the GDPR?
The General Data Protection Regulation is the new EU online privacy law that goes into effect on May 25, 2018. Its aim is to give EU citizens more control over their personal digital data. You can read more about the details here, but essentially, websites that collect user information from EU citizens must provide certain tools that allow users to delete certain data. New storage and breach notification laws also apply.
Is Blockchain technology inherently at odds with the GDPR?
Blockchain’s desirability involves its immutability. In theory, it’s impossible to erase entries on a blockchain distributed ledger. So, how will that collide with the GDPR, which confers the “right of erasure”?
We’ll have to wait to see if conflicts arise after the GDPR goes into effect. But some pundits are starting to speculate and sound warning alarms.
Cryptocurrencies and The GDPR: Thoughts From The Technology Class
John Mathew, the Chief Financial Officer at Bitnation, argued that the GDPR is outdated, lamenting:
“GDPR was present under the speculation that one would have a centralized service which controls the authority of the client’s data – with exception of a public blockchain.”
The former head of security for Ethereum’s Foundation, Jutta Steiner, elaborated on the issue:
“From a practitioner’s perspective, it sounds to me that it was drafted by trying to implement a certain perspective of how the world should be without taking into account how technology actually works. The way [public decentralized network] architecture works, means there is no such thing as the deletion of personal data. The issue with information is once it’s out, it’s out.”
Steiner added:
“I can’t see the regulators being so stubborn as to not adjust the regulation. … They’ll just see the other countries will use the technology and Europe is at a disadvantage.”
Is your business or website GDPR compliant?
The penalty for not complying with the GDPR is 4% of annual global turnover, up to € 20 million ($48 million). If you want to make sure that your website is legally ready for the change, get in touch with HT Law today.
An experienced Internet law attorney will assess your online presence, make necessary changes to your terms of service agreements and privacy policies, and submit suggestions for how to implement business procedures that adhere to the new online privacy law. Remember: even though it’s a European statute, many U.S. and Canadian businesses must also comply.
Get in touch today to start learning about your options. The consultation is on us.
Connect With A Tech Business Lawyer ❯
