The General Data ProtectionRegulation vs. The Blockchain : A legal study on the compatibility between blockchain technology and the GDPR

Ramsay, Sebastian

January 2018

This thesis examines open distributed blockchain technology from a legal perspective. The blockchain is a technology used to secure and ensure the integrity of data in an unsafe digital environment. Traditionally, peer-to-peer networks (P2P-networks), synonymous with distributed networks, have faced the issue of ensuring the integrity of data and deterring scams such as double spending, which refers to someone using the same assets twice, and has discouraged people from using P2P-networks. Scams like double spending have been possible in the absence of a governing party ensuring the integrity of the data, that is until the introduction of Bitcoin in 2008, which introduced a cryptographic solution to ensuring the data’s integrity in a P2P electronic cash system. By relying on cryptography, instead of trusting institutions for the integrity of transactions, the introduction of Bitcoin facilitated a move towards decentralization where classical middleman services, like banking, are becoming obsolete.The General Data Protection Regulation (GDPR), which is to be implemented in all European Union (EU) member countries on May 25th, 2018, is a regulation that aims to harmonize data privacy laws across Europe. The GDPR introduces several fundamental rights and freedoms for natural persons regarding the protection of their personal data. This means that certain responsibilities are imposed on the responsible parties that process personal data.This thesis examines to which extent the GDPR is applicable to an open distributed blockchain and if the fundamental principles under the regulation can be upheld, respectively if the responsible parties can fulfill their responsibilities imposed by the regulation.

Blockchain GDPR Cryptocurrency

Law (excluding Law and Society)