Data protection and data sharing in blockchain

Blockchain allows shared and synchronised digital databases maintained by consensus algorithms and stored on multiple ‘nodes’ (i.e., computers). Being a ‘distributed ledger’, blockchain is suitable to record a large amount of personal and non-personal data.

Blockchain is often considered a privacy-friendly technology: once the data is encrypted and stored in a blockchain, it can be decoded only by the user having an ‘access key’. In spite of its privacy-enabling features, a number of authors have casted doubts as to the compatibility of the blockchain technology with the General Data Protection Regulation (GDPR). Although blockchain allows selective data sharing, in fact, once the access key is shared, the data becomes public, and thus the user loses control over it. Similarly, it is unclear how the new EU legislations supporting data sharing, such as the Data Governance Act and the Data Act proposal, will be applied in the context of the blockchain technology.

The research project aims at analysing, from a law and technology perspective, the role of EU data protection and data sharing rules in the context of blockchain technology.