Europe’s General Data Protection Regulation (GDPR) will bring outdated personal data laws across the EU up to date. Its enforcement will alter how businesses and organizations can handle their customer information. It also boosts the rights of individuals to give them more control over their data. An official overview of the rules covered by GDPR can be found here.
Among other requirements, GDPR mandates that businesses operate by the principles of “data protection by design” and “data protection by default,” which builds data privacy into the design of the business itself. For some entrepreneurs, a potential issue with GDPR may involve an individual’s “right to be forgotten,” which requires data custodians to be able to delete a particular user’s personal information from their database at a later data. This might not be possible on an immutable blockchain system.
The UK is currently in the process of implementing a new Data Protection Act, which will largely include all of the provisions of the GDPR. Currently, the Data Protection Act of 1998 sets out how personal information can be used by companies, the government, and other organizations. The Data Protection Act of 2018 includes the following differences from GDPR:
|Previous Section||Next Section|