https://i.imgur.com/AlNTUu8.jpgA European regulation came into effect on 25 May 2018 called General Data Protection Regulation or GDPR, replacing the Data Protection Directive (95/46/EC). It is a regulation registered in the European Union (EU) law which lays out the rules on data protection and maintains privacy for all the citizens of European Union and the European Economic Area (EEA). The primary goal of the law is to give control to individuals over their personal data and to allow them to decide when and with whom to share their data.
In this hyper-connected and globalized world of data, it has become mandatory for international businesses to comply with GDPR. Companies are compelled to divert attention and resources to redefine their information governance and security programs and become more transparent in the way they handle customer's data.
Many organizations have felt the repercussions of the regulations as a flurry of Data Protection Agreements and Terms of Service updates have been forwarded to the data users of the company that operate within EU or EEA or that directly utilises the personal data of their customers in the EU. There are increased enforcement which can lead to fines of up to EUR 20 million or 4% of the worldwide turnover of a company if companies are not GDPR compliant.
Blockchain for GDPR Compliance
Technologies such as the Blockchain have the power to be compliant with offering solutions to the GDPR mandate. The Blockchain is a distributed ledger which registers, stores and shares digital data in a synchronised manner, maintained by consensus algorithm, spreading across multiple sites, countries, and institutions. The data is stored in a chronological order in blocks, making it very difficult to tamper with the data as all the previous blocks need to be altered to make any changes. Each node comprises of a complete copy of the entire ledger and each block consists of a hash pointer which links the previous block, a timestamp and transaction data.
"Right to Erasure"
One of the distinct features of the Blockchain is that transactions recorded cannot be deleted or tampered with. However, GDP compliance requires that individuals possess the right to be forgotten if they wish so from the database. This implies that an individual can request to delete or remove their personal data. But with existing blockchain networks, GDPR compliance can be difficult due to its tamper-free nature of recording transactions. Amidst such limitations of the public blockchain, RAYS Network offers a solution to be GDPR Compliant.
How is RAYS GDPR Compliant?
RAYS network will implement digital identity feature which in addition to the public and the private key, allow each user to generate unique identity keys that are associated with personal data such as the name, age, nationality and address. The digital ID key involved in a transaction is not stored on the blockchain as opposed to the public key. Instead, the master node establishes a trusted connection between the sender and the receiver and as a result, the information is stored only temporarily in the local database and is deleted upon the completion of a transaction. In a nutshell, the digital identity feature allows RAYS network to be GDPR compliant by providing data privacy and control option to its users.
In the next series of articles, we will shed light on more features of the RAYS Network. Until then, let us rise with RAYS!
With the current focus on regulations, being GDPR Compliant will be neccessary in the future.What are your thoughts on a blockchain that is GDPR Compliant ?