GDPR-Compliant Blockchain: Personal Data Privacy in Blockchain

GDPR (General Data Protection Regulation) was enforced by European Union (EU) on 25 May 2018 with the main purpose of giving full rights to a person to whom the data belongs to. These rights include right to access, right to rectification, right to erasure, right to restriction of processing, right to be informed, right to data portability, and right not to be subject to a decision based solely on automated processing including profiling. GDPR applies to all those organizations where EU citizen’s personal data is involved, irrespective of the fact that whether the organization is inside or outside the EU. If a business has to be done with the EU, the company has to follow GDPR. In the last two decades, GDPR is possibly the most massive change in data privacy regulations. GDPR ensures that an organization uses personal data responsibly and transparently to the user from its acquisition to deletion. An organization must follow appropriate technical measures to protect personal data security and privacy. An architecture has to support personal data privacy by design. Because of which, the first question that comes to our mind is “What is personal data?” According to GDPR, the basic definition of personal data is as follows-

Personal data is any information relating to an identified or identifiable natural person (data subject).

In other words, personal data is the data that can directly or indirectly identify an individual. The list of personal data includes name, phone numbers, date of birth, gender, race, IP address, credit card numbers and so on. The special category of personal data includes health data, genetic data, biometric data, sex life data, political beliefs and others. This special category of data is considered as highly sensitive data and must be handled with the highest security standards.

GDPR and blockchain

On the other hand, when compared to GDPR, Blockchain has an inherent property of distributing data to all the participants in the network to achieve decentralization. Second, data on a blockchain is immutable to maintain data integrity in the network. The difference between the objectives of GDPR and Blockchain is shown in the table below.

GDPRBlockchain
Data controllerDecentralized
Right to erasure
Right to rectification
Immutable
Right to restrict processingDistributed to all stakeholders

As of now, it feels like GDPR and Blockchain have two different objectives, but now the whole focus is on understanding how permissioned enterprise blockchain supports GDPR’s fundamental principles. A permissioned blockchain like Hyperledger Fabric network is governed by the known and authorized participants of the network which provides more control over data to participants than public blockchain. Second, a blockchain works without involvement of any third parties, hence data subjects have more command over the personal data. Data subjects can be data controllers and can take decisions of their personal data. Furthermore, in case of any data breaches or privacy violations, blockchain speeds up the process of finding the accountable by a great measure. From an attacker’s point of view, it is easier to modify data in a database than consensus-driven blockchain.

Solutions

Personal data certainly should not be stored on a Blockchain but recommended solutions to use blockchain’s features to achieve GDPR objectives are discussed below-

  1. Off-chain storage (Private database)
  2. Hash or fingerprint of data or metadata on a blockchain (limitations for small-sized data)
  3. Anonymization of data (Pseudonymization not permitted)

Private data collection in Hyperledger Fabric

Hyperledger Fabric uses cryptography mechanisms to maintain transaction confidentiality and access control. Fabric offers an in-built facility of using a private database where a hash of private data is stored on blockchain. As hash is a one-way function, guessing the private data from the hash is difficult. To make the hash more resilient to brute-force attack – a. Hashing algorithms generating longer bits like SHA-512 b. random salt with the private data should be used.

Transient field – To maintain the privacy of data while communicating from client to authorized peers in organizations, transient field is used which is excluded in channel transaction.

blockToLive – This property in private data collection defines the lifetime of data on a private database. If the blockchain achieves a certain block height (a value can be set), data automatically gets deleted from the private database and to keep data forever in the private database the value of blockToLive is set to 0. Referring to one of the fundamental rights of GDPR, ‘right to erasure’ is also supported in a controlled way by Hyperledger Fabric.

Hyperledger fabric

A permissioned #blockchain like Hyperledger Fabric network provides more control over data to participants than public blockchain and data subjects have more command over their #personaldata. #privacy #respectdataClick to Tweet
Blockchain Architect at Farm to Plate