GDPR and Blockchain: What does this Mean for In-house Counsel?
Abstract
The General Data Protection Regulation (‘GDPR’) has a broad impact affecting all organisations in the European Union as well as those that do business with the European Union. Although the GDPR purports to dictate the way non-EU nations manage personal data, it misses an opportunity to deal with new disruptive technologies such as Blockchain. This paper will first discuss the status of the GDPR, including its broad jurisdiction and the merits of Blockchain technology. This paper will argue that Blockchain offers more integrity, transparency and efficacy of data. In addition, while Blockchain cannot guarantee a ‘right to be forgotten’ it offers more control to individuals over their data. Accordingly, Blockchain is better equipped to deliver on the aims of the GDPR. Secondly, this paper will examine the Australian privacy framework and the GDPR and argue that these frameworks are aligned. Finally, this paper will conclude that regulators in Australia have a mission to consider new technologies as a way of protecting privacy, while at the same time accommodating for the principles of the GDPR.