The use of blockchain to store personal data is a recent illustration of the classic clash between law and technology. Decentralisation and immutability are distinguishing features of blockchain. However, data protection framework commonly prescribes for data correction and removal. The challenge of storing personal data on blockchain lies in the incompatibility between immutability and amenability. There is no paucity of compatibility solutions, although sometimes paradoxically at the cost of defeating the essence of blockchain. The author will argue that blockchain is not an all-purpose solution and should only be used to store information other than personal data.
Introduction
The ascendance of blockchain, one of the most ground-breaking technologies in recent era, is no exception to the classic clash between the relatively slow-moving legal norms and the constantly evolving technological norms.1Mireille Hildebrandt, “Legal and Technological Normativity: more than twin sisters” (2008) 12:3 Techné: Research in Philosophy and Technology 169 Blockchain is a decentralised and immutable2For reasons that will soon be clear, blockchain is immutable in the sense that it is prohibitively difficult, rather than absolutely impossible, to alter the record stored on the blockchain ledger capable of storing inter alia value,3The most prominent use case of blockchain is cryptocurrency. Bitcoin, one of the most high-profile cryptocurrencies, is based on blockchain record, information and more controversially, personal data. Once personal data is involved, then data protection legislation, which is often proclaimed to be technology-neutral4Hong Kong, Privacy Commissioner for Personal Data, “The Ordinance at a Glance”. (Hong Kong, Privacy Commissioner for Personal Data) online:<https://www.pcpd.org.hk/english/data_privacy_law/ordinance_at_a_Glance/ordinance.html>; Singapore, Personal Data Protection Commission, “Personal Data Protection Digest” (Singapore: Academy Publishing) at 75; European Union: European Commission, “The GDPR: new opportunities, new obligations” (Luxembourg: Publications Office of the European Union) at 3 and commonly prescribes for the circumstances in which correction or removal of obsolete data is called for, will be engaged. The challenge of storing personal data on blockchain lies in the incompatibility between the immutability of blockchain and the statutory requirements of data correction and removal. In the hope of extending the reach of blockchain to personal data storage, there is no paucity of compatibility solutions, although sometimes paradoxically at the unfortunate cost of defeating the very essence of blockchain. In light of the dilemma, the author will argue that blockchain is not an all-purpose solution and due consideration should be given to using blockchain in a more selective manner. It is suggested that blockchain should not be used to store personal data to avoid the highly unsettled questions of regulatory compliance. Given blockchain is still at its formative stage,5Michèle Finck, “Blockchains and Data Protection in the European Union” (2018) 4:1 European Data Protection Law Review 17 it is of utmost importance to find the right path that could balance innovation and compliance. To this end, the more promising way forward is to adopt blockchain solutions that could simultaneously comply with the law and preserve the distinctive features of blockchain.
This article will start with a brief and non-technical introduction of blockchain and highlight two distinctive features of blockchain, namely decentralisation and immutability. Given that blockchain participants can spread over the world, it is useful to analyse the data protection framework in multiple selected jurisdictions and highlight their inconsistency with blockchain technology. Some common compatibility solutions will then be covered but rejected as undermining the distinctiveness and hence the worth of blockchain. Instead, the author argues that blockchain should only be used to record information other than personal data. In this respect, some successful uses of blockchain will be introduced to show that the attractiveness of blockchain rests in the two distinguishing characteristics of blockchain.
Non-Technical Introduction of Blockchain
Blockchain in simple terms is a special form of ledger. To understand blockchain, it is essential to start with its elements first ie a block. Each block consists of inter alia (i) a pointer which makes reference to the block immediately preceding it,6The first block in the chain has no pointer making reference to the previous block (ii) a timestamp and (iii) newly added data which, to help ensure privacy, can be encrypted in a particular form of encryption method called cryptography.7J. Dinesh Peter, Amir H. Alavi & Bahman Javadi (ed), Advances in Big Data and Cloud Computing: Proceedings of ICBDCC18 (Singapore, Springer Nature Singapore Pte Ltd, 2019) at 179-188
Adding a new block to the blockchain requires consensus. Mainstream consensus mechanisms include Proof of Work and Proof of Stake. As the name implies, Proof of Work requires certain work, specifically, solving difficult questions, to be done by using computational power. Thus, the more computational power one has, theoretically the more likely one will forge a new block. Proof of Stake, however, relies not on computational power but on cryptocurrency. Depending on the precise design of the Proof of Stake system adopted, in general the more cryptocurrency that one stakes, theoretically the more likely one will forge a new block.8Elad Elrom, The Blockchain Developer: A Practical Guide for Designing, Implementing, Publishing, Testing, and Securing Distributed Blockchain-based Projects (Berkeley, California: Apress, 2019), at 18-25 To dominate the consensus mechanism, one has to control over 50 per cent of the participants within the blockchain network (Network Participant), which is, if not impossible, economically infeasible.9This form of attack is more commonly known as the “51 per cent attack”
Blockchain is a ledger shared among all Network Participants wherever situated.10Andrew Henderson, “Blockchain: mitigating or aggravating regulatory risk?” (2016) 5 Journal of International Banking and Financial Law 293 In other words, each Network Participant has theoretically the same copy of the ledger. This arrangement results in one of the most prominent features of blockchain — decentralisation. Contrary to traditional, centralised form of database, there is no single point of failure nor single source of truth. In relation to the former, the integrity of the ledger as a whole would not be compromised by a mere alteration of one single copy of the ledger, unless over 50 per cent of the copies (or Network Participants) inside the blockchain have been altered. Even if over 50 per cent of the copies could be altered, all the blocks subsequent to the altered blocks have to be re-built. Thus, it is prohibitively difficult and costly for attackers to alter or corrupt the data stored on the blockchain.11Bikramaditya Singhal, Gautam Dhameja, Priyansu Sekhar Panda, Beginning Blockchain (Berkeley, California: Apress, 2018), at 1-29 In relation to the latter, since the trust in the use of blockchain does not depend on the integrity of one single copy of ledger held by a centralised authority whose creditability may not always necessarily be guaranteed, but on the decentralised structure and tamper-resistant design of the blockchain, it thus fosters what is famously known as “trust-less trust”.12Kevin Werbach, “Trust, But Verify: Why the Blockchain Needs the Law” (2018) 33 Berkeley Tech. Law Journal 489
Immutability is another distinctive feature of blockchain. Blockchain consists of interconnected blocks with each block making reference to the block immediately preceding it. Thus, any alteration done to a particular block will have a spill-over effect and affect all the blocks subsequent to the altered block. Since subsequent blocks have to be reconstructed, resources-intensive consensus mechanisms mentioned previously would be engaged. The overall result of the above dynamics is the production of a tamper-resistant audit trail which provides for accountability and traceability and makes blockchain suitable for storing information. 13Both Proof of Work and Proof of Stake are resources-intensive
To sum up, there are two distinctive features of blockchain — decentralisation and immutability. Nonetheless, at least insofar as data protection is concerned, immutability is a double-edged sword. As will soon become clear, data protection is not solely about safeguarding the integrity of data, but also about the protection of the right to correct or remove personal data.
Overview of the Data Protection Regime in the European Union, Hong Kong and Singapore
This article does not attempt to give a full-blown account of the data protection regime. Instead, the following seeks to highlight some of the common themes in the data protection framework in the European Union, Hong Kong and Singapore which show signs of mismatch with blockchain.
European Union
The General Data Protection Regulation (GDPR) is the main piece of data protection legislation in the European Union. There is a plethora of provisions and rights in the GDPR. Provisions relevant to the present discussion are set out as follows:
- First, data controller 14GDPR, art 4(7); Controller is defined to mean “the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law” and data processor 15GDPR, art 4(8); Processor is defined to mean “a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller” are responsible for complying with the GDPR.
- Second, personal data means any data relating to a natural person.16GDPR, art 4(1); Personal data is defined to mean“any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”
- Third, there is a right to rectification should any data be inaccurate.17GDPR, art 16
- Forth, there is a right to erasure of personal data (also known as the right to be forgotten) if any of the stipulated grounds applies.18GDPR, art 17 A related provision is that personal data shall not be kept for longer than is necessary taking into account the purposes for which the personal data is processed.19GDPR, art 5(1)(e)
- Last, personal data should be guarded against unlawful or unauthorised damage, loss or destruction etc.20GDPR, art 5(1)(f)
Hong Kong
The Personal Data (Privacy) Ordinance (Cap 486, Laws of Hong Kong) (PDPO) is the primary data protection legislation in Hong Kong. Provisions akin to the GDPR are set out below:
- First, compliance with the PDPO is done by data user 21PDPO s 2(1); Data user is defined to mean, in relation to personal data, “a person who, either alone or jointly or in common with other persons, controls the collection, holding, processing or use of the data” and data processor.22PDPO Sch 1; Data processor is defined to mean “a person who (a) processes personal data on behalf of another person; and (b) does not process the data for any of the person’s own purposes”
- Second, personal data means data which relates to an individual and can be used to ascertain the identity of the individual, whether it be directly or indirectly.23PDPO s 2(1); Personal data is defined to mean “any data (a) relating directly or indirectly to a living individual; (b) from which it is practicable for the identity of the individual to be directly or indirectly ascertained; and (c) in a form in which access to or processing of the data is practicable”
- Third, data correction request can be made in case of data inaccuracy.24PDPO s 22, Data Protection Principle 6(e)
- Forth, there is no equivalent right to erasure of personal data in Hong Kong although personal data shall not be retained for longer than is necessary having regard to the purposes for which the personal data is used.25PDPO Data Protection Principle 2(2).
- Last, personal data should be protected against unintended loss, access and erasure etc.26PDPO Data Protection Principle 4(1)
Singapore
The Personal Data Protection Act 2012 (PDPA) governs the collection, use and disclosure of personal data in Singapore. Provisions akin to the GDPR are stated as follows:
- First, organisation 27PDPA No. 26 of 2012, s 2(1); organisation is defined to include “any individual, company, association or body of persons, corporate or unincorporated, whether or not (a) formed or recognised under the law of Singapore; or (b) resident, or having an office or a place of business, in Singapore” which possesses or controls personal data and data intermediary 28PDPA No. 26 of 2012, s 2(1); data intermediary is defined to mean “an organisation which processes personal data on behalf of another organisation but does not include an employee of that other organisation” are responsible for complying with the PDPA.
- Second, personal data means data, whether alone or together with other information, that can be used to identify an individual.29PDPA No. 26 of 2012, s 2(1); Personal data is defined to mean “data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which the organisation has or is likely to have access”
- Third, correction of personal data can be requested should there be any error or omission.30PDPA No. 26 of 2012, s 22
- Forth, like Hong Kong, there is no provision of the right to be forgotten though personal data shall not be retained for a period longer than is necessary.31PDPA No. 26 of 2012, s 25
- Last, personal data should be guarded against unintended modification, access and disposal etc.32PDPA No. 26 of 2012, s 24
Incompatibility between Blockchain and the Data Protection Regime
Bounds of Personal Data
Before considering any incompatibility between the data protection regime and blockchain, it is essential to consider a related and logically prior question: is personal data involved? If not, none of the above legislation will apply. To this end, the European Parliament’s Working Party on the Protection of Individuals with regard to the Processing of Personal Data gave a high-level analysis of a few de-identification techniques commonly used in blockchain without proffering a conclusive answer on the question of whether personal data processed by those de-identification techniques would still constitute personal data.33European Commission, Opinion 05/2014 on Anonymisation Techniques by The Working Party on the Protection of Individuals with regard to the Processing of Personal Data (Brussels: European Commission, 2014) at 11-25
As whether de-identification techniques could successfully achieve de-identification would determine the need and the content of regulatory compliance, there is a pressing need for regulators in different parts of the world to provide clearer guidance on the utility of using various de-identification techniques alone and more importantly, in combination.
Immutability is a Mixed Blessing
Blockchain has long been heralded for its immutability because, as discussed above, it preserves the integrity of the blockchain record by making it, at least in theory, economically infeasible to alter and remove the blockchain record.34Michael Pisa & Matt Juden, Blockchain and Economic Development: Hype vs. Reality (Washington, DC: Centre for Global Development, 2017) at 9 However, in the context of data protection, immutability presents more of burden than competitive edge as it is incongruous with the data protection requirements to comply with the data correction request and not to keep personal data for longer than is necessary in the following two ways.
First, by design, blockchain is generally not receptive of ex post amendment or deletion.35Daniel Drescher, Blockchain Basics: A Non-Technical Introduction in 25 Steps (Berkeley, California: Apress, 2017) at 213-220 Changes are typically effected by appending correct data without altering the pre-existing obsolete data. Thus, should there be the statutory need to correct or erase personal data, there is little room to comply with the law.
Second, another hurdle lies in the decentralised nature of blockchain. Currently, Bitcoin has close to 10,000 Network Participants spreading across 96 countries 36Bitnodes, Global Bitcoin Nodes Distribution, online: <https://bitnodes.earn.com/> (visited 30 December 2019) whereas there are 7203 Network Participants in Ethereum across 90 countries.37ethernodes.org, Ethereum Mainnet Statistics, online: <https://www.ethernodes.org/countries> (visited 30 December 2019) The distributed nature is inimical to the correction and removal of data in two ways. First, the quantity of Network Participants means that to edit a record stored on the above blockchains, one would need to take control over thousands of Network Participants. Second, the geographical dispersion of Network Participants presents another dire problem. Even if it is economically and technically feasible to edit blockchain, as identical copies of data are stored with multiple Network Participants across the world, there is no guarantee that all Network Participants would upon request correct or remove personal data in a timely manner. Worse still, in case of non-compliance, there is a need to resort to judicial remedies at the place where the Network Participants are located. Depending on the number of jurisdictions involved and how diversified the data protection laws and enforcement regime are, cross-border enforcement of a simple correction or removal of personal data may entail a substantial outlay of time and money.
Critical Evaluation of Compatibility Solutions
Considering the plain incompatibility between blockchain and the data protection framework, the blockchain community has worked out a wide variety of compatibility solutions in the hope of allowing blockchain to store personal data. Nonetheless, their efforts might after all be in vain in the sense that the resolution of the incompatibility is only attained at the hefty cost of stripping blockchain of its very essence ie decentralisation and immutability and consequentially blurring the distinction between the traditional form of information storage and the blockchain. In light of the above paradox, this article argues that the more promising way forward is to avoid the on-chain storage of personal data.
Editing Blockchain
One intuitive answer to the incompatibility challenge is to edit blockchain if need be. Editing blockchain is not unheard of despite the relatively short history of blockchain. In the following, both the traditional and the more recent ways of editing blockchain would be discussed and critically challenged.
Blockchain, even in its traditional form, is not absolutely immutable.38Daniel, supra note 36. To edit blockchain, one has to control over 50 per cent of the Network Participants and to re-build all the blocks subsequent to the amended blocks. If the blockchain adopts Proof of Work as its consensus mechanism, substantial computational powers would be consumed to rewrite all the affected blocks.
In 2016, a blockchain-based project named “Decentralised Autonomous Organisation” (DAO) 39Specifically, DAO is based on Ethereum. raised a considerable sum of over US$100 million. Unfortunately, there were some code defects in DAO. On 16 June 2016, a hacker exploited the defects and misappropriated over half of the fund. To recover the stolen fund, the founder of the project proposed a “hard fork” solution ie essentially splitting the existing blockchain into two. On 20 July 2016, around one month after the hacking, the hard fork was completed.40Vitalik Buterin, Hard Fork Completed, Ethereum Foundation (20 July 2016), online: < https://blog.ethereum.org/2016/07/20/hard-fork-completed/> (visited 28 December 2019) Such a hard fork solution consisted of three stages — firstly, retracing to the block tainted by the hacking; secondly, replacing the impugned block with a new block; and thirdly, rebuilding all the subsequent blocks. Network Participants had to either adopt the hard fork and consequentially recover the stolen fund or to reject the hard fork and continue to work on the blockchain tainted by the hacking. In other words, the two blockchains would be the same up to the point of the hacking. Thereafter, the edited blockchain would be free from the hacking whereas the hacking would still be successful in the unedited blockchain.41World Bank Group, Distributed Ledger Technology (DLT) and Blockchain (Washington: World Bank Group, 2017) at 41-42 It is noteworthy that the cooperation of Network Participants is essential to the implementation of hard fork. In the DAO incident, not all Network Participants agreed to validate the new block which was put in place by the founder of DAO.
A more recently invented form of blockchain is designed specifically to allow editing not only the recent blocks, but also chronologically remote blocks without the need to rebuild all blocks subsequent to the edited blocks .42Giuseppe Ateniese, Bernardo Magri, Daniele Venturi & Ewerton Andrade (11 May 2017), online: <https://eprint.iacr.org/2016/757.pdf> (visited 24 April 2020) The decision to edit past records is delegated to one or multiple entities, which, for example, in the face of the request to correct or remove personal data, may edit the blockchain and broadcast the edited blockchain to all Network Participants in accordance with certain sets of pre-defined protocols. Then, each and every Network Participant still has to substitute the edited copy for the original copy.
Editing blockchain is open to two fundamental challenges. First, the complete and absolute removal of the impugned copies of the blockchain is at the mercy of Network Participants. In relation to the hard fork, cooperation of Network Participants is needed to abandon the impugned blockchain and migrate to the correct blockchain. Even if all Network Participants agree to validate the hard fork, substantial time and computational efforts would be consumed to reconstruct all the blocks subsequent to the edited block.43If Proof of Work is the consensus mechanism, it would require substantial computational efforts to rebuild all the blocks. In this respect, it is noteworthy that in the DAO incident, there was only around one-month lapse of time between the hacking and the completion of hard fork. Should there be a longer time lag, the time and computational efforts needed to rebuild all the blocks subsequent to the impugned blocks could be too prohibitive and render the hard fork solution economically infeasible. Although the more recently invented form of editable blockchain removes the need to rebuild all blocks subsequent to the affected blocks, it is noteworthy that full compliance with the data protection legislation (like complying with data correction and deletion requests) would still similarly depend on the cooperation of each and every Network Participant in purging the old copies of the blockchain.
Second, the very essence of blockchain, namely immutability and decentralisation, would be undermined by editing blockchain. The ascendance of blockchain could at least in part be attributed to the distrust towards centralised authority in maintaining the integrity and security of record.44Bernard Marr, “The 5 Big Problems With Blockchain Everyone Should Be Aware Of”, Forbes (19 February, 2018), online: <https://www.forbes.com/sites/bernardmarr/2018/02/19/the-5-big-problems-with-blockchain-everyone-should-be-aware-of/#707084481670 > The irony of reintroducing a centralized decision-making structure (which as stated previously can consist of a single or multiple selected entities) to deal with the need and requests of data correction and removal lies in the fact that the incompatibility is addressed at a high price of firstly, blurring the distinction between decentralised blockchain and traditional centralised database; and secondly making blockchain more prone to unintended data erasure and loss to the contrary of the data protection regime. In other words, reinstating a centralised decision-making structure would defeat the purpose of adopting blockchain in the first place. Such predicament could on its face be intuitively and partially resolved by delegating the authority to edit the blockchain to all Network Participants. However, even the authors of the recently invented form of editable blockchain admitted that such a decentralized form of editing could suffer from inefficiency.45Giuseppe, supra note 43 In light of such paradox, the more promising way forward is not to compromise the distinguishing features of blockchain in the hope of fulfilling data protection requirements and consequentially allowing the storage of personal data on the blockchain, but to admit that blockchain is not a one-size-fits-all solution and to adopt blockchain in a more selective manner.
De-identification Techniques
Another commonly seen compatibility solution is to obfuscate personal data in order to make it fall beyond the ambit of “personal data”. Noise addition is a case in point.46Cristina Pérez-Solà et al (ed), Data Privacy Management, Cryptocurrencies and Blockchain Technology, (Cham: Springer, 2019) at 121-137 To illustrate, if blockchain is to record the intelligence quotient of students in a school, random noise could be added to the dataset by varying the intelligence quotient of each and every student but without prejudice to the overall distribution of the intelligence quotient.47European Commission, supra note 34. Ideally to constitute an obfuscation technique, there should be no way to make sense of the mechanism of noise addition nor to successfully translate obfuscated data into its original form.48ibid
The drawback of relying on de-identification technique lies not, as in the case of editing blockchain, in undercutting the very essence of blockchain, but not less problematically, in the constant threat of re-identification. The 21st century has been marked by the unceasing debut of ever-new and fast-evolving technology. While blockchain itself is a vivid illustration, other technological breakthroughs should not be overlooked. The increasingly sophisticated development and use of quantum computing,49Quantum computing has significantly greater computational power than traditional computer. The emergence of quantum computing puts the security of blockchain to test. This is especially true in case Proof of Work, a consensus mechanism which is dependent on computational power, is used. For more information on the recent breakthrough of quantum computing, see Muharem Kianieff, Blockchain Technology and the Law: Opportunities and Risks, (Oxon: Informa Law from Routledge, 2019) at 151-185 analytics tools and re-identification techniques pose an existential challenge to the present de-identification techniques. Should re-identification techniques be ahead of de-identification techniques,50In light of the rise of quantum computing, the academia has started to look into the possibility of having quantum-proof blockchain. See Jai Singh Arun, Jerry Cuomo, Nitin Gaur, Blockchain for Business (New York: Pearson Higher Ed US, 2019) at 163-179 all the data, whose attributes of personal data had been removed by de-identification techniques, would then be vulnerable to the real and substantive risk of re-identification and unexpectedly be subject to the data protection regime. Put differently, regulatory compliance may be needed at an unexpected point in the future if the previously used de-identification techniques are taken over by the newly emerged and more advanced re-identification techniques.
Avoid Storing Personal Data On-Chain
Given that the existing data protection framework governs only personal data, the most fail-safe approach, from the perspective of regulatory compliance, is to not store personal data on the blockchain. Unlike other compatibility solutions, this approach would not prejudice the defining features of blockchain nor be subject to the continuing threat of re-identification.
Moreover, this approach could avoid the intricate question of designating controller/51“Controller” is a term used in the GDPR data user52“Data user” is a term used in the PDPO and bears meaning analogous to its counterpart in the GDPR. See GDPR, supra note 15 and PDPO, supra note 22 and data processor/53“Data processor” and “processor” are terms used in the PDPO and the GDPR respectively. “Data intermediary” is a term used in the PDPA. The three terms share similar meaning. See GDPR, supra note 16, PDPO, supra note 23 and PDPA, supra note 29 intermediary. As noted by the European Parliament’s Panel for the Future of Science and Technology, determining the identity of data controller (or its equivalent in other jurisdictions) and data processor (or its equivalent in other jurisdictions) has to be made on a case-by-case basis taking into account all circumstances and is highly contentious.54European Union, Panel for the Future of Science and Technology, Blockchain and the General Data Protection Regulation- Can distributed ledgers be squared with European data protection law? (Brussels: Scientific Foresight Unit, 2019) at 37-59 Similarly, the Privacy Commissioner of Personal Data in Hong Kong indicated in an information leaflet the difficulties in or even the impossibilities of identifying the responsible person(s).55Hong Kong, Privacy Commissioner for Personal Data, Fintech (Hong Kong: Privacy Commissioner for Personal Data, 2019), at 2-5 In fact, the attempt to identify the person(s)-in-charge, even if it is practical at all, is paradoxical. If only a small group of blockchain users is seen by the law as responsible for compliance, it is effectively reinstating a de facto central authority in what is supposed to be a decentralised system. The flip side is equally problematic — if everyone in the blockchain is obliged to comply with the data protection requirements, it stifles people’s incentives to join the blockchain and thus poses an existential threat to blockchain. In light of the inherent contradictions, it is thus at least doubtful whether regulators could come up with a way to fit blockchain into the data protection regime that is technically feasible, logical and most importantly coherent with the decentralised nature of blockchain. In the absence of clear, definitive legislation and guideline in this area, storing personal data on the blockchain would lead Network Participants and other parties into a highly unsettled area and even result in unintended regulatory burden and penalties.
Finding a Right Place for Blockchain
Storing personal data on blockchain is susceptible to complicated challenges to which even governments could not provide a definitive answer. Instead of perceiving blockchain as a one-size-fits-all-solution and rigidly attempting to deploy it to record personal data, practitioners should be more selective about the types of information to be stored on-chain and off-chain in order to fully unleash the potential of blockchain whilst staying within the bounds of law. In fact, even excluding personal data, there is still innumerable amount of information about goods, services, objects and corporations (which by definition is not about natural person and is thus not “personal” data) available to be used in blockchain. In the following, successful usage of blockchain to record information other than personal data in the areas of supply chain management, charity and transaction would be discussed in the hope of putting blockchain onto the right track.
Supply Chain Management
Ethical sourcing, authenticity and quality of products are top concerns in supply chain management which can be addressed by blockchain. Providing blockchain-based solutions, enterprises like Blockverify56, Blockverify, online: <www.blockverify.io/> (visited 2 January 2020) and Everledger57Everledger, online: <https://www.everledger.io/> (visited 2 January 2020) aim to enhance transparency and accountability of the supply chain by leaving a tamper-resistant audit trail. A digital identity would be assigned to each product by a tag and would be stored on the blockchain for subsequent verification purpose. As the product moves along the supply chain from the origin of raw materials to retailers, the movement and other information such as temperature and humidity of the container would be recorded, timestamped and stored on the blockchain. Provided that no personal data is involved, this could circumvent the burdensome and unsettled application of data protection law to blockchain. Considering that blockchain stores immutable record, members in the supply chain and more importantly end consumers could with confidence track and verify the provenance, authenticity and quality of products.
Charity
Blockchain has also enhanced transparency and accountability in the area of philanthropic donations. On the part of donors, the possession of a tamper-resistant and time-stamped record allows them to see the proper and timely application of charitable donations to worthy causes. On the part of charitable organizations, blockchain can heighten the trust and confidence of donors on charities, and hopefully help charities raise more proceeds. Seeing the benefits of blockchain, English Heritage, a prominent charity in the United Kingdom which manages such monuments as the Stonehenge, participated in a blockchain-based platform Promise which empowered donors to monitor the activities of the charity and the flow of the charitable proceeds.58Promise Giving, online: <https://www.promisegiving.com/> (visited 6 February 2020)
Corporate Transaction
The tamper-resistant design of blockchain is also ideal for corporate transactions which more often than not involve substantial stakes. Having a decentralised and immutable record of transactional data can provide the much needed assurance to contracting parties. To this end, the Singapore Power Group launched a renewable energy certificate trading platform based on blockchain technology, allowing renewable energy generators and buyers to transact thereon.59SP Group, “SP group launches one of the world’s first blockchain-powered trading of renewable energy certificates”, SP Group (29 October, 2018), online: <https://www.spgroup.com.sg/wcm/connect/spgrp/e3854238-5db1-4f42-8e3d-3f7fcfa74e32/%5B20181029%5D+Media+Release+-SP+Group+launches+one+of+the+world%27s+first+blockchain-powered+trading+of+renewable+energy+certificates.pdf?MOD=AJPERES&CVID=> (visited 2 January 2020) Transaction details would be time-stamped and recorded on a secure and immutable ledger for future verification and transaction purposes.
The above examples illustrate the importance of rethinking the essence of blockchain. The worth of blockchain lies in its potential to enhance confidence, transparency and accountability, which is attributable to its distinctive features, namely immutability and decentralisation. Hence, by getting rid of the two distinctive features in the hope of complying with the data protection regime, the compatibility solutions may entail a risk of eliminating the worth of blockchain.
Conclusion
Blockchain is one of the most phenomenal technologies in the recent decade. Before adopting blockchain, regard must be given to its relationship with the existing legal regime. This article has highlighted the incompatibility between blockchain and the data protection regime in several jurisdictions. Many compatibility solutions have been proposed by innovators and researchers in an attempt to resolve the incompatibility and allow blockchain to stretch its ambit to the storage of personal data. Nonetheless, those compatibility solutions address the conflicts between law and technology at a high price of blurring the distinction between blockchain and the traditional form of data storage. Contrary to the one-size-fits-all approach, this article argues for a more selective application of blockchain in areas where no personal data is involved. To this end, a number of successful uses of blockchain have been featured in this article to show that the potential of blockchain lies in its decentralised nature and immutability, which would otherwise have been taken away should we adopt those compatibility solutions.
Endnotes
1. | ↑ | Mireille Hildebrandt, “Legal and Technological Normativity: more than twin sisters” (2008) 12:3 Techné: Research in Philosophy and Technology 169 |
2. | ↑ | For reasons that will soon be clear, blockchain is immutable in the sense that it is prohibitively difficult, rather than absolutely impossible, to alter the record stored on the blockchain |
3. | ↑ | The most prominent use case of blockchain is cryptocurrency. Bitcoin, one of the most high-profile cryptocurrencies, is based on blockchain |
4. | ↑ | Hong Kong, Privacy Commissioner for Personal Data, “The Ordinance at a Glance”. (Hong Kong, Privacy Commissioner for Personal Data) online:<https://www.pcpd.org.hk/english/data_privacy_law/ordinance_at_a_Glance/ordinance.html>; Singapore, Personal Data Protection Commission, “Personal Data Protection Digest” (Singapore: Academy Publishing) at 75; European Union: European Commission, “The GDPR: new opportunities, new obligations” (Luxembourg: Publications Office of the European Union) at 3 |
5. | ↑ | Michèle Finck, “Blockchains and Data Protection in the European Union” (2018) 4:1 European Data Protection Law Review 17 |
6. | ↑ | The first block in the chain has no pointer making reference to the previous block |
7. | ↑ | J. Dinesh Peter, Amir H. Alavi & Bahman Javadi (ed), Advances in Big Data and Cloud Computing: Proceedings of ICBDCC18 (Singapore, Springer Nature Singapore Pte Ltd, 2019) at 179-188 |
8. | ↑ | Elad Elrom, The Blockchain Developer: A Practical Guide for Designing, Implementing, Publishing, Testing, and Securing Distributed Blockchain-based Projects (Berkeley, California: Apress, 2019), at 18-25 |
9. | ↑ | This form of attack is more commonly known as the “51 per cent attack” |
10. | ↑ | Andrew Henderson, “Blockchain: mitigating or aggravating regulatory risk?” (2016) 5 Journal of International Banking and Financial Law 293 |
11. | ↑ | Bikramaditya Singhal, Gautam Dhameja, Priyansu Sekhar Panda, Beginning Blockchain (Berkeley, California: Apress, 2018), at 1-29 |
12. | ↑ | Kevin Werbach, “Trust, But Verify: Why the Blockchain Needs the Law” (2018) 33 Berkeley Tech. Law Journal 489 |
13. | ↑ | Both Proof of Work and Proof of Stake are resources-intensive |
14. | ↑ | GDPR, art 4(7); Controller is defined to mean “the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law” |
15. | ↑ | GDPR, art 4(8); Processor is defined to mean “a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller” |
16. | ↑ | GDPR, art 4(1); Personal data is defined to mean“any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person” |
17. | ↑ | GDPR, art 16 |
18. | ↑ | GDPR, art 17 |
19. | ↑ | GDPR, art 5(1)(e) |
20. | ↑ | GDPR, art 5(1)(f) |
21. | ↑ | PDPO s 2(1); Data user is defined to mean, in relation to personal data, “a person who, either alone or jointly or in common with other persons, controls the collection, holding, processing or use of the data” |
22. | ↑ | PDPO Sch 1; Data processor is defined to mean “a person who (a) processes personal data on behalf of another person; and (b) does not process the data for any of the person’s own purposes” |
23. | ↑ | PDPO s 2(1); Personal data is defined to mean “any data (a) relating directly or indirectly to a living individual; (b) from which it is practicable for the identity of the individual to be directly or indirectly ascertained; and (c) in a form in which access to or processing of the data is practicable” |
24. | ↑ | PDPO s 22, Data Protection Principle 6(e) |
25. | ↑ | PDPO Data Protection Principle 2(2). |
26. | ↑ | PDPO Data Protection Principle 4(1) |
27. | ↑ | PDPA No. 26 of 2012, s 2(1); organisation is defined to include “any individual, company, association or body of persons, corporate or unincorporated, whether or not (a) formed or recognised under the law of Singapore; or (b) resident, or having an office or a place of business, in Singapore” |
28. | ↑ | PDPA No. 26 of 2012, s 2(1); data intermediary is defined to mean “an organisation which processes personal data on behalf of another organisation but does not include an employee of that other organisation” |
29. | ↑ | PDPA No. 26 of 2012, s 2(1); Personal data is defined to mean “data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which the organisation has or is likely to have access” |
30. | ↑ | PDPA No. 26 of 2012, s 22 |
31. | ↑ | PDPA No. 26 of 2012, s 25 |
32. | ↑ | PDPA No. 26 of 2012, s 24 |
33. | ↑ | European Commission, Opinion 05/2014 on Anonymisation Techniques by The Working Party on the Protection of Individuals with regard to the Processing of Personal Data (Brussels: European Commission, 2014) at 11-25 |
34. | ↑ | Michael Pisa & Matt Juden, Blockchain and Economic Development: Hype vs. Reality (Washington, DC: Centre for Global Development, 2017) at 9 |
35. | ↑ | Daniel Drescher, Blockchain Basics: A Non-Technical Introduction in 25 Steps (Berkeley, California: Apress, 2017) at 213-220 |
36. | ↑ | Bitnodes, Global Bitcoin Nodes Distribution, online: <https://bitnodes.earn.com/> (visited 30 December 2019) |
37. | ↑ | ethernodes.org, Ethereum Mainnet Statistics, online: <https://www.ethernodes.org/countries> (visited 30 December 2019) |
38. | ↑ | Daniel, supra note 36. |
39. | ↑ | Specifically, DAO is based on Ethereum. |
40. | ↑ | Vitalik Buterin, Hard Fork Completed, Ethereum Foundation (20 July 2016), online: < https://blog.ethereum.org/2016/07/20/hard-fork-completed/> (visited 28 December 2019) |
41. | ↑ | World Bank Group, Distributed Ledger Technology (DLT) and Blockchain (Washington: World Bank Group, 2017) at 41-42 |
42. | ↑ | Giuseppe Ateniese, Bernardo Magri, Daniele Venturi & Ewerton Andrade (11 May 2017), online: <https://eprint.iacr.org/2016/757.pdf> (visited 24 April 2020) |
43. | ↑ | If Proof of Work is the consensus mechanism, it would require substantial computational efforts to rebuild all the blocks. |
44. | ↑ | Bernard Marr, “The 5 Big Problems With Blockchain Everyone Should Be Aware Of”, Forbes (19 February, 2018), online: <https://www.forbes.com/sites/bernardmarr/2018/02/19/the-5-big-problems-with-blockchain-everyone-should-be-aware-of/#707084481670 > |
45. | ↑ | Giuseppe, supra note 43 |
46. | ↑ | Cristina Pérez-Solà et al (ed), Data Privacy Management, Cryptocurrencies and Blockchain Technology, (Cham: Springer, 2019) at 121-137 |
47. | ↑ | European Commission, supra note 34. |
48. | ↑ | ibid |
49. | ↑ | Quantum computing has significantly greater computational power than traditional computer. The emergence of quantum computing puts the security of blockchain to test. This is especially true in case Proof of Work, a consensus mechanism which is dependent on computational power, is used. For more information on the recent breakthrough of quantum computing, see Muharem Kianieff, Blockchain Technology and the Law: Opportunities and Risks, (Oxon: Informa Law from Routledge, 2019) at 151-185 |
50. | ↑ | In light of the rise of quantum computing, the academia has started to look into the possibility of having quantum-proof blockchain. See Jai Singh Arun, Jerry Cuomo, Nitin Gaur, Blockchain for Business (New York: Pearson Higher Ed US, 2019) at 163-179 |
51. | ↑ | “Controller” is a term used in the GDPR |
52. | ↑ | “Data user” is a term used in the PDPO and bears meaning analogous to its counterpart in the GDPR. See GDPR, supra note 15 and PDPO, supra note 22 |
53. | ↑ | “Data processor” and “processor” are terms used in the PDPO and the GDPR respectively. “Data intermediary” is a term used in the PDPA. The three terms share similar meaning. See GDPR, supra note 16, PDPO, supra note 23 and PDPA, supra note 29 |
54. | ↑ | European Union, Panel for the Future of Science and Technology, Blockchain and the General Data Protection Regulation- Can distributed ledgers be squared with European data protection law? (Brussels: Scientific Foresight Unit, 2019) at 37-59 |
55. | ↑ | Hong Kong, Privacy Commissioner for Personal Data, Fintech (Hong Kong: Privacy Commissioner for Personal Data, 2019), at 2-5 |
56. | ↑ | , Blockverify, online: <www.blockverify.io/> (visited 2 January 2020) |
57. | ↑ | Everledger, online: <https://www.everledger.io/> (visited 2 January 2020) |
58. | ↑ | Promise Giving, online: <https://www.promisegiving.com/> (visited 6 February 2020) |
59. | ↑ | SP Group, “SP group launches one of the world’s first blockchain-powered trading of renewable energy certificates”, SP Group (29 October, 2018), online: <https://www.spgroup.com.sg/wcm/connect/spgrp/e3854238-5db1-4f42-8e3d-3f7fcfa74e32/%5B20181029%5D+Media+Release+-SP+Group+launches+one+of+the+world%27s+first+blockchain-powered+trading+of+renewable+energy+certificates.pdf?MOD=AJPERES&CVID=> (visited 2 January 2020) |
The post Blockchain and Data Protection: Rethinking the Essence and Uses of Blockchain appeared first on The Singapore Law Gazette.