You may remember when new privacy laws were passed in the European Union (EU) recently and almost all the sites you visited warned you that they changed their policies, right? Well, unfortunately, the public blockchains are yet to be fully adequate to this new legislation, according to Sam Palmisano, the retired chairman of IBM.
Palmisano, who works in the U. S.-based nonprofit The Center for Global Enterprise now, affirms that it is hard to come up with a good solution for creating public blockchains which can be fully compatible with the laws from Europe.
These affirmations were made during a joint interview for Bloomberg Markets, in which Palmisano was together with David Kappos and the law firm Swaine & Moore.
During the interview, both Palmisano and Kappos were focused on talking about how the new law, the General Data Protection Regulation (GDPR) was important for privacy and how it applied to the blockchain. The law was originally started in May 2018 and it has a considerable effect in many Internet-based businesses so far.
Kappos is an expert in the area. He devised a study (together with a law firm and the Digital Supply Institute) in order to outline how blockchains could be compliant with the law last year.
One of the main friction points is the right to be forgotten. Blockchains are notably immutable, so as soon as some information is put there, you will never be forgotten again, which is in direct conflict with the law.
Palmisano believes that private blockchain networks, as they have more centralization, will work better under the new law. However, public blockchains are very decentralized and, therefore, more complex and hard to predict. This way, they can be harder to be compliant with the laws, especially the ones like the GDPR.
According to him, the nature of the structure of the information on a blockchain differs radically from a normal site. Because of this issue, no solution has been found yet. Kappos has affirmed, though, that the use of a governance framework could basically help blockchain users to be more compliant with the local laws.
He said that, for instance, a network of companies can come together to manage data and decide what will be put or not in the blockchain and how to do when people ask to be forgotten.
A recent study made by the Queen Mary University of London and the University of Cambridge have pointed out to a similar trend, in which private blockchains are more compliant with the current laws from the GDPR.