Knowledge Theatre 1 - Day 2: Blockchain and Identity Session
"Blockchain, Self-Sovereign Identity and the GDPR"
The General Data Protection regulation is in force since May 25th and governs all personal data of people in the EU. The decentralized nature of blockchain is hardly compatible with the regulations that originated way before blockchain was popular and poses some serious problems. Some even state that blockchain and the GDPR are fundamentally incompatible, but this depends on the exact implementation and the type (public, private, permissioned, permissionless) of blockchain - as the details matter.
While there is a huge opportunity to decentralize control over key data in our lives, it is a real challenge to find a legally compatible structure that does not go against data protection regulations. Some key questions to ask are: what is considered personal data in Ethereum? What is the theoretical responsibility of a developer, dApp publisher or participant in the network? How to comply to subject rights and what are the local provisions under different national legislation.
Silvan Jongerius is the CEO and Founder of TechGDPR, a boutique consultancy for Data Protection and Privacy in tech-centric environments, such as Blockchain, AI and IoT. He has led data protection and security efforts since 2012, has spend over 12 years in senior technology leadership, general management and innovation for large technology educators, and has focussed on Blockchain projects during the last years. He holds certifications from the Columbia Business School in Digital Strategies for Business, from the IAPP as Certified Information Privacy Professional (Europe/GDPR) and is TÜV certified Data Protection Officer (Datenschutzbeauftragter). He is the European Representative for DLT Labs – a Toronto-based blockchain development house, is a regular speaker, consultant and educator in GDPR, blockchain, innovation and technology and is mentor or advisor for a number of technology, innovation and blockchain projects.
Silvan is co-author of the paper on Blockchain, Privacy and the GDPR published by the German Blockchain Association, and is currently researching 'Binding Network Rules' and Codes of Conduct for blockchain as possible methods to comply to the GDPR.