There has been some suggestion that the GDPR may not be the best way to ensure privacy rights are adequately protected if blockchain continues to develop in a way that is incompatible with the GDPR.249 However, creating sectoral legislation for blockchain technologies which then encompass data protection principles may be seen to create an unwanted fragmentation of data protection law in the EU.250 On the other hand, there are numerous examples of sectoral legislation which create some data protection obligations in the EU. Perhaps, as blockchain becomes more prevalent and holds a greater importance in society, will legislators then look to develop specific legislation for blockchain. In a similar manner to the EU’s approach to con-sidering potential AI regulation,251 blockchain technology should be viewed as a form of infra-structure252 that would benefit from tailored regulation. Indeed, regulators’ core focus should remain the protection of data subjects’ rights rather than ensuring data protection legislation has a particular form253 - avoiding the ‘one size fits all’ approach could be of paramount importance.
In any case, it may be wise for the EU to address some of the issues identified in this paper, along with the plethora of other data protection issues arising from blockchain technology, through some form of legislation or practical guidance. Failure to do so may see data protection authorities developing their own approaches, which may ultimately lead to a somewhat frag-mented approach to data protection in the field of blockchain.
249 R Teperdjian, ‘The puzzle of squaring blockchain with the General Data Protection Regulation’, Jurimetrics 60(3) [2020] 57
250 Especially considering the technological neutrality of the GDPR.
251 European Commission High-Level Expert Group on Artificial Intelligence, ‘Ethics Guidelines for Trustworthy AI’ (2019)
252 G Dimitropoulos, ‘The Law of Blockchain’, Washington Law Review (2020) 1 Available at:
<https://dx.doi.org/10.2139/ssrn.3559970> Accessed on: 20th September 2021.
253 R Teperdjian, ‘The puzzle of squaring blockchain with the General Data Protection Regulation’, Jurimetrics 60(3) [2020] 60
42 Bibliography
Legislation
Charter of Fundamental Rights of the European Union C 326/391 (2012)
Directive 68/151 on co-ordination of safeguards which, for the protection of the interests of members and others, are required by Member States of companies within the meaning of the second paragraph of Article 58 of the Treaty, with a view to making such safeguards equiva-lent throughout the Community
Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data
Proposal for a regulation of the European Parliament and of the Council on Markets in
Crypto-assets, and amending Directive (EU) 2019/1937 (MiCA Regulation) COM (2020) 593 Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
Senate Bill 6701, §1103 (New York, USA) Senate Bill 5642, §1102 (New York, USA) CJEU cases
Case C-582/14 Breyer v Germany
C-40/17 Fashion ID GmbH et al v Verbraucherzentrale NRW C‑131/12 Google Spain SL v AEPD & Mario Costeja Gonzalez C-25/17 Jehovan todistajat
C-101/01 Lindquist Case C-398/15 Manni C-434/16 Nowak
C-70/10 Scarlet Extended SA v Societe Belge des Auteurs, Compsoiteurs et Editeurs (SABAM) C-362/14 Schrems
C-291/12 Schwarz v Bochum
C-201/14 Smaranda Bara et al v Presedentiele Casei Nationale de Asigurari de Sanatate (CNAS) et al
C-210/16 Wirtschaftsakademie Schleswig-Holstein
43 Regulatory documents
Article 29 Data Protection Working Party, Guidelines on automated individual decision-mak-ing and profildecision-mak-ing for the purposes of Regulation 2016/679 (2018)
Article 29 Data Protection Working Party, Opinion 05/2014 on Anonymisation Techniques WP216 (10th April 2014)
Bank of England, ‘Central Bank Digital Currency: Opportunities, challenges and design’
(Discussion Paper, March 2020)
Communication from the Commission concerning A Digital Single Market Strategy for Eu-rope COM (2015) 192
Commission nationale de l'informatique et des libertés, ‘Blockchain: Solutions for a responsi-ble use of the blockchain in the context of personal data’ (September 2018)
Department for Business, Energy and Industrial Strategy (UK), ‘Electronic Balloting Review:
The Report of the Independent Review of Electronic Balloting for Industrial Action’ (2017) European Banking Authority, ‘Report with advice for the European Commission on crypto-assets’ (January 2019)
European Data Protection Board, Guidelines 05/2019 on the criteria of the Right to be Forgot-ten in the search engines cases under the GDPR
European Data Protection Board, Guidelines 01/2020 on processing personal data in the con-text of connected vehicles and mobility related applications
European Data Protection Board, Guidelines 07/2020 on the concepts of controller and pro-cessor in the GDPR
European Data Protection Board, Guidelines 08/2020 on the targeting of social media users European Data Protection Board, Guidelines 02/2021 on virtual voice assistants
EDPS, ‘EDPS recommendations on the EU’s options for data protection reform’ (2015/C 301/01)
European Central Bank, ‘Digital Euro experimentation scope and key learnings’ (July 2021) European Commission, ‘Digital Finance Package: Commission sets out new, ambitious ap-proach to encourage responsible innovation to benefit consumers and businesses’ Press re-lease (24 September 2020). Available at: <https://ec.europa.eu/commission/presscorner/de-tail/en/IP_20_1684>
European Commission, ‘Legal and regulatory framework for blockchain’ (2020) Available at:
<https://digital-strategy.ec.europa.eu/en/policies/regulatory-framework-blockchain>
European Parliamentary Research Service, ‘Blockchain and the General Data Protection Reg-ulation – Can distributed ledgers be squared with European data protection law?’ (July 2019)
44 Books
Craig P & De Burca G, EU Law: Text Cases and Materials (5th ed. OUP, 2011)
Finck M, Blockchain Regulation and Governance in Europe (Cambridge University Press, 2018)
Kuner C, Bygrave LA, Docksey C & Drechsler L, The EU General Data Protection Regula-tion (GDPR): A commentary (OUP, 2020)
McConville M & Chui WH (eds), Research Methods for Law (OUP, 2nd edn, 2017) Voigt P & von Dem Bussche A, The EU General Data Protection Regulation (GDPR) A Practical Guide (Springer, 2017)
Articles
Akkermans B, ‘The Use of the Functional Method In European Union Property Law’ Maas-tricht European Private Law Institute Working Paper 7 (2013)
Alloway T, ‘Bitcoin price continues to fall following Silk Road raid in US’ Financial Times (3rd October 2013) Available at: <https://www.ft.com/content/27ca2d60-2b89-11e3-a1b7-00144feab7de
Almasoud AS, Eljazzar MM and Hussain F, ‘Toward a Self-Learned Smart Contracts’ 2018 IEEE 15th ICEBE (2018) 269 Available at: <https://doi.org/10.1109/ICEBE.2018.00051>
Ametrano FM, ‘Hayek Money: The Cryptocurrency Price Stability Solution’ (2016) Available at: <https://dx.doi.org/10.2139/ssrn.2425270>
Aspris A et al, ‘Decentralized Exchanges: The 'Wild West' of Cryptocurrency Trading’ Inter-national Review of Financial Analysis (July 2021) Available at:
<http://dx.doi.org/10.2139/ssrn.3717330>
Bacon J, Michels JD, Millard C & Singh J, ‘Blockchain Demystified: A Technical and Legal Introduction to Distributed and Centralised Ledgers’ 25 Rich JL & Tech 1 (2018)
Bakos Y & Halaburda H, ‘Tradeoffs in Permissioned vs Permissionless Blockchains: Trust and Performance’ (2021) Available at: < http://dx.doi.org/10.2139/ssrn.3789425>
Balkin JM, The Fiduciary Model of Privacy, Harvard Law Review 134 (2020) 11 Black J, ‘Critical Reflections on Regulation’ (2002) 27 AJLP 1
Buterin V, ‘Ethereum Whitepaper’ (2013) Available at: < https://ethereum.org/en/whitepa-per/>
Cambridge Centre for Alternative Finance, Bitcoin Comparisons (2021) Available at:
<https://ccaf.io/cbeci/index/compa-risons>
Criddle C, ‘Bitcoin consumes more electricity than Argentina’ BBC (10th February 2021) Available at: <https://www.bbc.com/news/technology-56012952>
De Filippi P, ‘The Interplay between Decentralization and Privacy: The Case of Blockchain Technologies’, Journal of Peer Production, 7 (Oct 2016)
45
Dimitropoulos G, ‘The law of blockchain’ Washington Law Review (2020) 24
Easterbrook FH, ‘Cyberspace and the Law of the Horse’ University of Chicago Legal Forum (1996) 207
Espinoza J, ‘EU must overhaul flagship data protection laws, says a ‘father’ of policy’ Finan-cial Times (03 March 2021)
Farshid S, Reitz A & Rossbach P, ‘Design of a forgetting blockchain: A possible way to ac-complish GDPR compatibility’ Available at: <https://hdl.handle.net/10125/60145>
Feige U, Fiat A & Shamir A, ‘Zero-Knowledge Proofs of Identity’ Journal of Cryptology 1 (1988)
Finck M, ‘Smart Contracts as a Form of Solely Automated Processing under the GDPR’
(2021)
Goldwasser S, Micali S and Rackoff C, ‘The knowledge complexity of interactive proof-sys-tems' STOC 85 (December 1985) Available at: <https://doi.org/10.1145/22145.22178>
Greene FP, ‘New York Privacy Act Makes Progress, but Hurdles Remain’ New York Law Journal (June 2021) Available at:
<https://www.law.com/newyorklawjour-nal/2021/06/28/new-york-privacy-act-makes-progress-but-hurdles-remain/>
Iansiti M & Lakhani KR, ‘The Truth About Blockchain’ Harvard Business Review (Jan-Feb 2017) 118
Kaminska I, ‘Blockchain hype storms Davos’ Financial Times (20th January 2016) Leising M, ‘The Ether Thief’ Bloomsberg (13th June 2017) Available at:
<https://www.bloom-berg.com/features/2017-the-ether-thief/>
Lessig L, ‘The Law of the Horse: What Cyberlaw Might Teach’ Harvard Law Review 113(2) (1999) 501
Meyer D, ‘Blockchain technology is on a collision course with EU privacy law’ International Association of Privacy Professionals Article (27th Febuary 2018) Available at:
<https://iapp.org/news/a/blockchain-technology-is-on-a-collision-course-with-eu-privacy-law/>
Mirchandani A, ‘The GDPR-Blockchain Paradox: Exempting Permissioned Blockchains from the GDPR’ 29 Fordham Intell. Prop. Media & Ent. Law Journal (2019) 1201
Nakamoto S, ‘Bitcoin: A Peer-to-Peer Electronic Cash System’ Bitcoin White Paper (2008) 3 Available at: < https://bitcoin.org/bitcoin.pdf>
Oliver J, ‘Crypto fever: the pressure grows on wealth managers’ Financial Times (19th No-vember 2021) Available at: <ft.com/content/461ef12c-1db7-47a5-9210-aa0e7594adb5>
Paumgarten N, ‘The Prophets of Cryptocurrency Survey the Boom and Bust’ The New Yorker (8th October 2018) Available at:
<https://www.newyorker.com/maga-zine/2018/10/22/the-prophets-of-cryptocurrency-sur-vey-the-boom-and-bust>
46
PricewaterhouseCoopers, ‘How insurers can seize InsurTech opportunities’ (2019) Available at: <https://www.pwc.com/us/en/industries/insurance/library/insurtech-innova-tion.html>
Rawat DB, Chaudhary V & Doku R, ‘Blockchain Technology: Emerging Applications and Use Cases for Secure and Trustworthy Smart Systems’ Journal of Cybersecurity and Privacy 1 (2020)
Santander Innoventure, ‘The FinTech 2.0 Paper: Rebooting financial services (June 2015) Available at:
<https://www.finextra.com/finextra-downloads/news-docs/the%20fintech%202%200%20paper.pdf>
Sater S, ‘Blockchain and the European Union’s General Data Protection Regulation: A Chance to Harmonize International Data Flows’ (2017) Available at:
<https://dx.doi.org/10.2139/ssrn.3080987>
Schiff DN, ‘Socio-Legal Theory: Social Structure and Law’, The Modern Law Review, 39(3) [1976] 287
Shanaev S, Shuraeva A, Vasenin M & Kuznetsov M, ‘Cryptocurrency Value and 51% At-tacks: Evidence from Event Studies’ The Journal of Alternative Investments 22(3) (Winter 2020) Available at: <https://doi.org/10.3905/jai.2019.1.081>
Singh J & Michels JD, ‘Blockchain-as-a-Service: Providers and Trust’ Queen Mary School of Law Legal Studies Research Paper No. 269/2017 (2017) Available at: <https://ssrn.com/ab-stract=3091223>
Szabo N, 'Smart Contracts: Building Blocks for Digital Markets' Extropy: The Journal of Transhumanist Thought (1996)
Teperdjian R, ‘The puzzle of squaring blockchain with the General Data Protection Regula-tion’, Jurimetrics 60(3) [2020]
Truong NB, Sun K, Myoung G & Guo Y, ‘GDPR-Compliant Personal Data Management: A Blockchain-based Solution’ IEEE Transsction on Information Forensics and Security 15 (2020) 1746
Walch A, ‘In Code(rs) We Trust: Software Developers As Fiduciaries in Public Blockchains’
in Hacker P, et al (eds), Regulating Blockchain: Techno-Social and Legal Challenges (OUP 2018)
Walch A, ‘The Fiduciaries of Public Blockchains’ (2016) Available at: <http://block-chain.cs.ucl.ac.uk/wp-content/uploads/2016/11/paper_20.pdf>
Walch A, ‘The Path of the Blockchain Lexicon (and the Law)’ Review of Banking & Finan-cial Law 36 (2017) 713
Werbach K, ‘Trust, but verify: why the blockchain needs the law’ Berkeley Technology Law Journal 33 (2018) 47
Wright A & De Filippi P, ‘Decentralized blockchain technology and the rise of lex cryp-tographia’ (2015) Available at: <https://dx.doi.org/10.2139/ssrn.2580664>