The GDPR-Blockchain Paradox: Exempting Permissioned Blockchains from the GDPR Anisha Mirchandani*Note - Fordham Intellectual Property, Media & Entertainment Law Journal
portfolio_page-template-default,single,single-portfolio_page,postid-25733,ajax_fade,page_not_loaded,,select-theme-ver-3.3,wpb-js-composer js-comp-ver-6.6.0,vc_responsive

The GDPR-Blockchain Paradox: Exempting Permissioned Blockchains from the GDPR
Anisha Mirchandani*

The full text of this Note may be found here.

29 Fordham Intell. Prop. Media &Ent. L.J. 1201 (2019).

Note by Anisha Mirchandani




hen considering the legal landscape emerging after the General Data Protection Regulation went into effect on May 25, 2018, the uncertainty surrounding the Regulation reaches its peak when it is applied to blockchain technology. While the goals of storing personal data on permissioned blockchains may align with the goals of accuracy and transparency emulated by the GDPR, the language of the Regulation makes it likely that blockchain technology, as a whole, violates the GDPR. Permissioned blockchains have promising use cases and developments that have not only streamlined data storage, but also allowed users to have increased control over who accesses their data. Accordingly, this Note proposes that to ensure innovation and technological growth of permissioned blockchains are not stifled, the GDPR must release guidance that exempts permissioned blockchains that store personal data from the daunting violation fines of the GDPR. First, this Note discusses the background of blockchain technology, highlighting the benefits of permissioned blockchains. This Note then discusses the relevant regulations of the GDPR, focusing on the right to rectification, the right to be forgotten, and the right to data portability. Next, this Note discusses how blockchain technology violates users’ data access rights. The last part of this Note discusses why permissioned blockchains should be exempt from the GDPR and proposes solutions on how to facilitate this exemption, concluding that the most efficient way to ensure that the technological growth of permissioned blockchains is not stifled is immediate guidance from the GDPR that interprets definitions from the Regulation in a way that exempt permissioned blockchains from violations.

*Associate Editor, Fordham Intellectual Property, Media & Entertainment Law Journal, Volume XXIX; J.D. Candidate, Fordham University School of Law, 2019; B.S., Psychology, Fordham University, 2016. I would like to thank Professor Mark Patterson for his guidance and feedback in developing this Note, along with the IPLJ Editorial Board and staff for their hard work throughout this writing and editing process. I would also like to thank my family and friends for their unconditional love and support.