{"id":38297,"date":"2018-10-30T20:58:05","date_gmt":"2018-10-30T17:58:05","guid":{"rendered":"https:\/\/www.altoros.com\/blog\/?p=38297"},"modified":"2018-11-01T02:47:53","modified_gmt":"2018-10-31T23:47:53","slug":"making-blockchain-comply-with-gdpr-challenges-and-fixes","status":"publish","type":"post","link":"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/","title":{"rendered":"Making Blockchain Comply with GDPR: The Challenges and Fixes"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_79_2 counter-hierarchy ez-toc-counter ez-toc-transparent ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/#Immutability_meets_enforceable_privacy\" >Immutability meets enforceable privacy<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/#What_are_the_issues\" >What are the issues?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/#What_can_be_done\" >What can be done?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/#Want_details_Watch_the_video\" >Want details? Watch the video!<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/#Further_reading\" >Further reading<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/#Related_sessions_from_the_meetup\" >Related sessions from the meetup<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/#About_the_expert\" >About the expert<\/a><\/li><\/ul><\/nav><\/div>\n<h3><span class=\"ez-toc-section\" id=\"Immutability_meets_enforceable_privacy\"><\/span>Immutability meets enforceable privacy<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Since the General Data Protection Regulation (<a href=\"https:\/\/eugdpr.org\/\" rel=\"noopener\" target=\"_blank\">GDPR<\/a>) came into effect on May 25, 2018, many in the community wondered how this would affect organizations already using blockchain, as well as the future of the technology itself.<\/p>\n<div id=\"attachment_38302\" style=\"width: 160px\" class=\"wp-caption alignright\"><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/Martin-Von-Haller-Groenbaek.jpg\" rel=\"attachment wp-att-38302\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-38302\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/Martin-Von-Haller-Groenbaek-150x150.jpg\" alt=\"\" width=\"150\" height=\"150\" class=\"size-thumbnail wp-image-38302\" \/><\/a><p id=\"caption-attachment-38302\" class=\"wp-caption-text\"><small>Martin von Haller Gr\u00f8nb\u00e6k<\/small><\/p><\/div>\n<p>At a recent <a href=\"https:\/\/www.meetup.com\/Hyperledger-Copenhagen\/events\/255101163\/?isFirstPublish=true\" rel=\"noopener\" target=\"_blank\">Hyperledger meetup<\/a> in Copenhagen, <a href=\"https:\/\/www.linkedin.com\/in\/vonhaller\" rel=\"noopener\" target=\"_blank\">Martin von Haller Gr\u00f8nb\u00e6k<\/a> of Bird &#038; Bird brought up the fundamental challenges surrounding the immutability and transparency around the blockchain technology and GDPR. He also suggested potential solutions to these problems.<\/p>\n<blockquote><p><em>&#8220;Is GDPR from Venus and blockchain from Mars? We&#8217;re talking about two legal set of rules that are fundamentally incompatible.&#8221;<br \/>\n\u2014Martin von Haller Gr\u00f8nb\u00e6k, Bird &#038; Bird<\/em><\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"What_are_the_issues\"><\/span>What are the issues?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Simply put, <a href=\"https:\/\/www.altoros.com\/blog\/tag\/blockchain\/\">blockchain<\/a> is a distributed, immutable digital ledger that records information in blocks, which are then added to a chain of other blocks to create a decentralized network. To add new information in a blockchain network, participants have to verify and reach a consensus, before any data can be added to the blockchain.<\/p>\n<p>In the first place, GDPR applies to the aggregation of personal data by <strong>controllers<\/strong>\u2014legal bodies determining the purposes and means of personal data processing in the European Union (EU). However, GDPR also applies to the companies outside the EU which are gathering and aggregating data related to <strong>data subjects<\/strong>\u2014identifiable natural persons in the EU. This significantly increases the scope of companies that need to comply to the new law in force.<\/p>\n<p><center><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/gdprmap-bird-bird.png\"><img decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/gdprmap-bird-bird.png\" alt=\"\" width=\"400\" class=\"aligncenter size-full wp-image-38366\" \/><\/a><small>Bird &#038; Bird keeps track of countries that locally supplement the GDPR (<a href=\"https:\/\/www.twobirds.com\/en\/trending-topics\/general-data-protection-regulation\/gdpr-tracker\" rel=\"noopener\" target=\"_blank\">Image credit<\/a>)<\/small><\/center><\/p>\n<p>In the context of blockchain where data is immutable, the main stress points brought on by the GDPR are the following:<\/p>\n<ul>\n<li style=\"margin-bottom: 6px;\"><a href=\"https:\/\/gdpr-info.eu\/art-15-gdpr\/\" rel=\"noopener\" target=\"_blank\">Right of access<\/a>. Data subjects can obtain confirmation from the controller whether or not their personal data is being processed.<\/li>\n<li style=\"margin-bottom: 6px;\"><a href=\"https:\/\/gdpr-info.eu\/art-21-gdpr\/\" rel=\"noopener\" target=\"_blank\">Right to object<\/a>. Data subjects can withdraw consent regarding the use of their personal data.<\/li>\n<li style=\"margin-bottom: 6px;\"><a href=\"https:\/\/gdpr-info.eu\/art-17-gdpr\/\" rel=\"noopener\" target=\"_blank\">Right to be forgotten<\/a>. Data subjects can have their personal data deleted.<\/li>\n<li style=\"margin-bottom: 6px;\"><a href=\"https:\/\/gdpr-info.eu\/art-16-gdpr\/\" rel=\"noopener\" target=\"_blank\">Right to rectification<\/a>. Data subjects can request without undue delay the correction of inaccurate personal data.<\/li>\n<\/ul>\n<p>According to Martin, the decentralized nature of blockchain also poses a challenge for the reason that such roles as <a href=\"https:\/\/www.gdpreu.org\/the-regulation\/key-concepts\/data-controllers-and-processors\/\" rel=\"noopener\" target=\"_blank\">controllers and processors<\/a> need to be defined.<\/p>\n<p><center><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/Hyperledger-Copenhagen-Blockchain-GDPR-Martin-Von-Haller-Groenbaek.png\"><img decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/Hyperledger-Copenhagen-Blockchain-GDPR-Martin-Von-Haller-Groenbaek-1024x767.png\" alt=\"\" width=\"640\" class=\"aligncenter size-large wp-image-38307\" \/><\/a><small>Fundamental challenges of blockchain and GDPR (<a href=\"https:\/\/www.slideshare.net\/secret\/NUNm4kLD0XTOTR\" rel=\"noopener\" target=\"_blank\">Image credit<\/a>)<\/small><\/center><\/p>\n<blockquote><p><em>&#8220;From a GDPR point of view, there are some fundamental challenges. First of all, who&#8217;s the data controller when the whole concept is that no one&#8217;s in control?&#8221;<br \/>\n\u2014Martin von Haller Gr\u00f8nb\u00e6k, Bird &#038; Bird<\/em><\/p><\/blockquote>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"What_can_be_done\"><\/span>What can be done?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>During the presentation, Martin suggested some fixes that could resolve the GDPR compliance issue. Personal data can be made unidentifiable by making participants of blockchain anonymous through digital signatures. Personal information could also be encrypted.<\/p>\n<p>With smart contracts playing a critical role in how transactions in blockchain are processed, the contracts can be used to address such GDPR concerns as:<\/p>\n<ul>\n<li><strong>Data time limits.<\/strong> Entries in the blockchain could be set to auto delete after a set period of time.<\/li>\n<li><strong>Data rectification.<\/strong> Entries in the blockchain can be altered through consensus.<\/li>\n<\/ul>\n<p><center><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/Hyperledger-Copenhagen-Blockchain-GDPR-Martin-Von-Haller-Groenbaek-fixes.png\"><img decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/Hyperledger-Copenhagen-Blockchain-GDPR-Martin-Von-Haller-Groenbaek-fixes-1024x767.png\" alt=\"\" width=\"640\" class=\"aligncenter size-large wp-image-38318\" \/><\/a><small>Potential fixes to the problem (<a href=\"https:\/\/www.slideshare.net\/secret\/NUNm4kLD0XTOTR\" rel=\"noopener\" target=\"_blank\">Image credit<\/a>)<\/small><\/center><\/p>\n<p>Since one of the problems is that of personal data being stored in the blockchain, this data could instead be stored off-chain.<\/p>\n<blockquote><p><em>&#8220;You can make sure that what&#8217;s on the blockchain is not really personal data, but a reference to the off-chain storage where the data is stored.&#8221; \u2014Martin von Haller Gr\u00f8nb\u00e6k, Bird &#038; Bird<\/em><\/p><\/blockquote>\n<p>Martin also brought up the idea of creating a blockchain with &#8220;semi- or old-fashioned centralized governance.&#8221; In this scenario, nodes that are part of the consortium running the blockchain have to agree on a traditional method of governing the network. This includes the assignment of roles that comply with GDPR, such as controllers and processors. Done this way, consensus mechanisms for the GDPR procedures could also be embedded through smart contracts. <\/p>\n<p><center><a href=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/Hyperledger-Copenhagen-Blockchain-GDPR-Martin-Von-Haller-Groenbaek-QA.jpg\"><img decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/Hyperledger-Copenhagen-Blockchain-GDPR-Martin-Von-Haller-Groenbaek-QA-1024x576.jpg\" alt=\"\" width=\"640\" class=\"aligncenter size-large wp-image-38342\" \/><\/a><small> Martin von Haller Gr\u00f8nb\u00e6k at the Hyperledger meetup in Copenhagen (<a href=\"https:\/\/altoros.wistia.com\/medias\/mfyvyau0gy\" rel=\"noopener\" target=\"_blank\">Image credit<\/a>)<\/small><\/center><\/p>\n<blockquote><p><em>&#8220;The way to achieve consent of personal information could actually be embedded in smart contracts.&#8221; \u2014Martin von Haller Gr\u00f8nb\u00e6k, Bird &#038; Bird<\/em><\/p><\/blockquote>\n<p>Another idea suggested was that of creating an open blockchain where users upload their own personal information, but no one controls or owns their data. In this theoretical scenario, the open blockchain network falls outside the scope of GDPR. The regulation will take effect only if data is extracted for commercial purposes.<\/p>\n<p>With Hyperledger emerging as the standard for enterprise-grade blockchain, it&#8217;s not surprising to see developments that already begin to address GDPR concerns. <a href=\"https:\/\/www.altoros.com\/blog\/hyperledger-fabric-v1-2-whats-new-and-roadmap-for-2018\/\">Hyperledger Fabric v1.2<\/a>, which was released in July 3, 2018, introduces the concept of <a href=\"https:\/\/hyperledger-fabric.readthedocs.io\/en\/release-1.2\/private-data\/private-data.html\" rel=\"noopener\" target=\"_blank\">private data<\/a>, which enables the creation of GDPR-compliant blockchain solutions. Hyperledger Fabric v1.2 achieves this by limiting access to data through policy logic. Data can also be deleted manually or after a set time period, leaving only a hash of the transaction.<\/p>\n<p>As more and more organizations adopt the blockchain technology, conversations about GDPR will only increase and, at the end of the day, it&#8217;s up to blockchain users to comply with the regulation.<\/p>\n<p>The slides by Martin are available <a href=\"https:\/\/www.slideshare.net\/secret\/NUNm4kLD0XTOTR\" rel=\"noopener\" target=\"_blank\">here<\/a>.<\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Want_details_Watch_the_video\"><\/span>Want details? Watch the video!<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<table width=\"100%\">\n<tbody>\n<tr>\n<td>\n<div style=\"float: right; width: 45%; padding-left: 15px; font-size: 14px;\">\n<p><strong>Table of contents<\/strong><\/p>\n<ol>\n<li style=\"margin-bottom: 12px;\">What are the challenges between the GDPR and blockchain? (<a href=\"#wistia_mfyvyau0gy?time=242\">4&#8217;02&#8221;<\/a>)<\/li>\n<li style=\"margin-bottom: 12px;\">What are the fixes? (<a href=\"#wistia_mfyvyau0gy?time=440\">7&#8217;20&#8221;<\/a>)<\/li>\n<li style=\"margin-bottom: 12px;\">What about creating a centrally governed blockchain? (<a href=\"#wistia_mfyvyau0gy?time=635\">10&#8217;35&#8221;<\/a>)<\/li>\n<li style=\"margin-bottom: 12px;\">What about a purely open blockchain? (<a href=\"#wistia_mfyvyau0gy?time=975\">16&#8217;15&#8221;<\/a>)<\/li>\n<li style=\"margin-bottom: 12px;\">Questions and answers (<a href=\"#wistia_mfyvyau0gy?time=1285\">21&#8217;25&#8221;<\/a>)<\/li>\n<\/ol>\n<\/div>\n<p><script charset=\"ISO-8859-1\" src=\"\/\/fast.wistia.com\/assets\/external\/E-v1.js\" async><\/script><\/p>\n<div class=\"wistia_embed wistia_async_mfyvyau0gy\" style=\"height:320px;width:440px\">&nbsp;<\/div>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Further_reading\"><\/span>Further reading<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<ul>\n<li><a href=\"https:\/\/www.altoros.com\/blog\/hyperledger-fabric-v1-2-whats-new-and-roadmap-for-2018\/\">Hyperledger Fabric v1.2: What\u2019s New and the Roadmap for 2018<\/a><\/li>\n<li><a href=\"https:\/\/www.altoros.com\/blog\/brian-behlendorf-of-hyperledger-do-pocs-billions-are-already-on-blockchain\/\">Brian Behlendorf of Hyperledger: Do POCs, Billions Are Already on Blockchain<\/a><\/li>\n<li><a href=\"https:\/\/www.altoros.com\/blog\/new-hyperledger-use-cases-appear-as-the-blockchain-community-grows\/\">New Hyperledger Use Cases Appear as the Blockchain Community Grows<\/a><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Related_sessions_from_the_meetup\"><\/span>Related sessions from the meetup<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><small>Below are all the sessions from the Copenhagen meetup, starting with an introduction to Hyperledger and then the talk about the three Special Interest Groups (SIGs) focused on blockchain.<\/small><\/p>\n<p><center><script src=\"https:\/\/fast.wistia.com\/embed\/medias\/kk4klhztyo.jsonp\" async><\/script><script src=\"https:\/\/fast.wistia.com\/assets\/external\/E-v1.js\" async><\/script><\/p>\n<div class=\"wistia_embed wistia_async_kk4klhztyo\" style=\"height:360px;position:relative;width:640px\">\n<div class=\"wistia_swatch\" style=\"height:100%;left:0;opacity:0;overflow:hidden;position:absolute;top:0;transition:opacity 200ms;width:100%;\"><img decoding=\"async\" src=\"https:\/\/fast.wistia.com\/embed\/medias\/i0m9ul8occ\/swatch\" style=\"filter:blur(5px);height:100%;object-fit:contain;width:100%;\" alt=\"\" onload=\"this.parentNode.style.opacity=1;\" \/><\/div>\n<\/div>\n<p><\/center><\/p>\n<p>&nbsp;<\/p>\n<p><small>Following the session by Martin, <b>Vitaliy Chernov<\/b> of Altoros talked about the private collections feature\u2014allowing for hiding sensitive data either partially or fully from certain parties\u2014available through Hyperledger Fabric v1.2. He demonstrated how this feature is successfully implemented in a platform developed by Altoros for automating critical processes of over-the-counter trading.<\/small><\/p>\n<p><center><script src=\"https:\/\/fast.wistia.com\/embed\/medias\/i0m9ul8occ.jsonp\" async><\/script><script src=\"https:\/\/fast.wistia.com\/assets\/external\/E-v1.js\" async><\/script><\/p>\n<div class=\"wistia_embed wistia_async_i0m9ul8occ\" style=\"height:360px;position:relative;width:640px\">\n<div class=\"wistia_swatch\" style=\"height:100%;left:0;opacity:0;overflow:hidden;position:absolute;top:0;transition:opacity 200ms;width:100%;\"><img decoding=\"async\" src=\"https:\/\/fast.wistia.com\/embed\/medias\/i0m9ul8occ\/swatch\" style=\"filter:blur(5px);height:100%;object-fit:contain;width:100%;\" alt=\"\" onload=\"this.parentNode.style.opacity=1;\" \/><\/div>\n<\/div>\n<p><\/center><\/p>\n<p>&nbsp;<\/p>\n<p><small>Here are the slides by Vitaliy.<\/small><\/p>\n<p><center><iframe loading=\"lazy\" src=\"\/\/www.slideshare.net\/slideshow\/embed_code\/key\/Cc9dMHLjvowYsp\" width=\"595\" height=\"485\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" style=\"border:1px solid #CCC; border-width:1px; margin-bottom:5px; max-width: 100%;\" allowfullscreen><\/iframe><\/center><\/p>\n<p>&nbsp;<\/p>\n<h3><span class=\"ez-toc-section\" id=\"About_the_expert\"><\/span>About the expert<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<div>\n<div style=\"float: right;\"><a href=\"https:\/\/www.linkedin.com\/in\/vonhaller\/\"><img decoding=\"async\" src=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/Martin-von-Haller-Groenbaek-bird-bird-bio.png\" alt=\"\" width=\"120\" class=\"aligncenter size-full wp-image-38300\" \/><\/a><\/div>\n<div style=\"width: 600px;\"><small><a href=\"https:\/\/www.linkedin.com\/in\/vonhaller\" rel=\"noopener\" target=\"_blank\">Martin von Haller Gr\u00f8nb\u00e6k<\/a> is a Partner at Bird &#038; Bird. He is recognized for his solid legal skills, as well as for being an innovative thought leader and strategist within the IT industry. Martin is one of Denmark\u2019s leading IT lawyers with almost 20 years of experience in advising Danish and international organizations, including large blue chip companies, on legal and commercial matters in connection with IT in a wide sense. He is considered a pioneer with respect to the legal aspects of online technology solutions (e-commerce, Internet, and web services), cybersecurity, open source, open data, and the use of other open-license forms.<\/small><\/div>\n<\/div>\n<hr\/>\n<p><center><small>The post was written by <a href=\"https:\/\/www.altoros.com\/blog\/author\/carlo\/\">Carlo Gutierrez<\/a>, edited by <a href=\"https:\/\/www.altoros.com\/blog\/author\/sophie.turol\/\">Sophia Turol<\/a> and <a href=\"https:\/\/www.altoros.com\/blog\/author\/alex\/\">Alex Khizhniak<\/a>.<\/small><\/center><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Immutability meets enforceable privacy<\/p>\n<p>Since the General Data Protection Regulation (GDPR) came into effect on May 25, 2018, many in the community wondered how this would affect organizations already using blockchain, as well as the future of the technology itself.<\/p>\n<p id=\"caption-attachment-38302\" class=\"wp-caption-text\">Martin von Haller Gr\u00f8nb\u00e6k<\/p>\n<p>At a recent Hyperledger meetup in Copenhagen, [&#8230;]<\/p>\n","protected":false},"author":32,"featured_media":38341,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","footnotes":"","_links_to":"","_links_to_target":""},"categories":[7],"tags":[672,753],"class_list":["post-38297","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-opinion","tag-blockchain","tag-hyperledger"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Making Blockchain Comply with GDPR: The Challenges and Fixes | Altoros<\/title>\n<meta name=\"description\" content=\"With the GDPR placing emphasis on data privacy and &quot;the right to be forgotten,&quot; how to address blockchain&#039;s immutability?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Making Blockchain Comply with GDPR: The Challenges and Fixes | Altoros\" \/>\n<meta property=\"og:description\" content=\"Immutability meets enforceable privacy Since the General Data Protection Regulation (GDPR) came into effect on May 25, 2018, many in the community wondered how this would affect organizations already using blockchain, as well as the future of the technology itself. Martin von Haller Gr\u00f8nb\u00e6k At a recent Hyperledger meetup in Copenhagen, [...]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/\" \/>\n<meta property=\"og:site_name\" content=\"Altoros\" \/>\n<meta property=\"article:published_time\" content=\"2018-10-30T17:58:05+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-10-31T23:47:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/Hyperledger-Copenhagen-Blockchain-GDPR-Martin-Von-Haller-Groenbaekv2.gif\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"360\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/gif\" \/>\n<meta name=\"author\" content=\"Carlo Gutierrez\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Carlo Gutierrez\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/\",\"url\":\"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/\",\"name\":\"Making Blockchain Comply with GDPR: The Challenges and Fixes | Altoros\",\"isPartOf\":{\"@id\":\"https:\/\/www.altoros.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/Hyperledger-Copenhagen-Blockchain-GDPR-Martin-Von-Haller-Groenbaekv2.gif\",\"datePublished\":\"2018-10-30T17:58:05+00:00\",\"dateModified\":\"2018-10-31T23:47:53+00:00\",\"author\":{\"@id\":\"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/833e109f77de753b2b472dca0236b442\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/#primaryimage\",\"url\":\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/Hyperledger-Copenhagen-Blockchain-GDPR-Martin-Von-Haller-Groenbaekv2.gif\",\"contentUrl\":\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/Hyperledger-Copenhagen-Blockchain-GDPR-Martin-Von-Haller-Groenbaekv2.gif\",\"width\":640,\"height\":360},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.altoros.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Making Blockchain Comply with GDPR: The Challenges and Fixes\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.altoros.com\/blog\/#website\",\"url\":\"https:\/\/www.altoros.com\/blog\/\",\"name\":\"Altoros\",\"description\":\"Insight\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.altoros.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/833e109f77de753b2b472dca0236b442\",\"name\":\"Carlo Gutierrez\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2021\/02\/CG_portrait-2-96x96.jpg\",\"contentUrl\":\"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2021\/02\/CG_portrait-2-96x96.jpg\",\"caption\":\"Carlo Gutierrez\"},\"description\":\"Carlo Gutierrez is a Technical Writer at Altoros. As part of the editorial team, his focus has been on emerging technologies such as Cloud Foundry, Kubernetes, blockchain, and the Internet of Things. Prior to Altoros, he primarily wrote about enterprise and consumer technology. Carlo has over 12 years of experience in the publishing industry. Previously, he served as an Editor for PC World Philippines and Questex Asia, as well as a Designer for Tropa Entertainment.\",\"url\":\"https:\/\/www.altoros.com\/blog\/author\/carlo\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Making Blockchain Comply with GDPR: The Challenges and Fixes | Altoros","description":"With the GDPR placing emphasis on data privacy and \"the right to be forgotten,\" how to address blockchain's immutability?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/","og_locale":"en_US","og_type":"article","og_title":"Making Blockchain Comply with GDPR: The Challenges and Fixes | Altoros","og_description":"Immutability meets enforceable privacy Since the General Data Protection Regulation (GDPR) came into effect on May 25, 2018, many in the community wondered how this would affect organizations already using blockchain, as well as the future of the technology itself. Martin von Haller Gr\u00f8nb\u00e6k At a recent Hyperledger meetup in Copenhagen, [...]","og_url":"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/","og_site_name":"Altoros","article_published_time":"2018-10-30T17:58:05+00:00","article_modified_time":"2018-10-31T23:47:53+00:00","og_image":[{"width":640,"height":360,"url":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/Hyperledger-Copenhagen-Blockchain-GDPR-Martin-Von-Haller-Groenbaekv2.gif","type":"image\/gif"}],"author":"Carlo Gutierrez","twitter_misc":{"Written by":"Carlo Gutierrez","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/","url":"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/","name":"Making Blockchain Comply with GDPR: The Challenges and Fixes | Altoros","isPartOf":{"@id":"https:\/\/www.altoros.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/#primaryimage"},"image":{"@id":"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/#primaryimage"},"thumbnailUrl":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/Hyperledger-Copenhagen-Blockchain-GDPR-Martin-Von-Haller-Groenbaekv2.gif","datePublished":"2018-10-30T17:58:05+00:00","dateModified":"2018-10-31T23:47:53+00:00","author":{"@id":"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/833e109f77de753b2b472dca0236b442"},"breadcrumb":{"@id":"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/#primaryimage","url":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/Hyperledger-Copenhagen-Blockchain-GDPR-Martin-Von-Haller-Groenbaekv2.gif","contentUrl":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2018\/10\/Hyperledger-Copenhagen-Blockchain-GDPR-Martin-Von-Haller-Groenbaekv2.gif","width":640,"height":360},{"@type":"BreadcrumbList","@id":"https:\/\/www.altoros.com\/blog\/making-blockchain-comply-with-gdpr-challenges-and-fixes\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.altoros.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Making Blockchain Comply with GDPR: The Challenges and Fixes"}]},{"@type":"WebSite","@id":"https:\/\/www.altoros.com\/blog\/#website","url":"https:\/\/www.altoros.com\/blog\/","name":"Altoros","description":"Insight","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.altoros.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/833e109f77de753b2b472dca0236b442","name":"Carlo Gutierrez","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.altoros.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2021\/02\/CG_portrait-2-96x96.jpg","contentUrl":"https:\/\/www.altoros.com\/blog\/wp-content\/uploads\/2021\/02\/CG_portrait-2-96x96.jpg","caption":"Carlo Gutierrez"},"description":"Carlo Gutierrez is a Technical Writer at Altoros. As part of the editorial team, his focus has been on emerging technologies such as Cloud Foundry, Kubernetes, blockchain, and the Internet of Things. Prior to Altoros, he primarily wrote about enterprise and consumer technology. Carlo has over 12 years of experience in the publishing industry. Previously, he served as an Editor for PC World Philippines and Questex Asia, as well as a Designer for Tropa Entertainment.","url":"https:\/\/www.altoros.com\/blog\/author\/carlo\/"}]}},"_links":{"self":[{"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/posts\/38297","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/users\/32"}],"replies":[{"embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/comments?post=38297"}],"version-history":[{"count":59,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/posts\/38297\/revisions"}],"predecessor-version":[{"id":38430,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/posts\/38297\/revisions\/38430"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/media\/38341"}],"wp:attachment":[{"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/media?parent=38297"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/categories?post=38297"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.altoros.com\/blog\/wp-json\/wp\/v2\/tags?post=38297"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}