Blockchain is a technology designed for several goals. It’s designed to be immutable, where nothing can be changed. It’s designed to be decentralized, where multiple people can hold copies of the database. And it’s designed to be non-repudiatable, as a side effect, really, of the immutability.
So we’ve got a database where nothing can be deleted, multiple entities have copies of the data, and you can’t say “it wasn’t me!!”. This seems, at first glance, amazing! Nobody can fake where the dirty data came from! And no one can change anything, so as long as we get the data into the database correctly, no one can screw it up!
And when you have a customer who says, “I wish to invoke my right to be forgotten!”, under the General Data Privacy Regulations (GDPR). There’s not much you can do about it. If we can’t change the database, we can’t forget them, so it’s an exception, right? Unfortunately not.
There is no exception for “I can’t delete the data”, in GDPR. Admittedly, it would make an interesting exception case. So how do you handle data that must be able to be forgotten, but absolutely can’t be forgotten?
Hint: Encryption is a form of anonymization, under GDPR. Anonymized data, if no key is available, is not PII.
Come discuss the challenges of using blockchain in GDPR jurisdictions further with us at InfoSec World 2019!