Since the European Union’s General Data Protection Regulation (GDPR) came into force on May 25th of this year, and even leading up to its enforcement, there has been debates around its impact. There are doubts as to whether the GDPR could serve as a ‘blockchain killer’, or if the new regulation would instead end up promoting the adoption of blockchain technology by social media and messaging companies, such as giants like Facebook or Twitter.
Perhaps most prominently, the GDPR’s incompatibility with blockchain was argued from the perspective that the GDPR stipulates that EU citizens’ personal data is not to leave the EU. This would create a huge problem with public blockchains, as there is no way to know who is in control of an individual node. However, this issue could easily be remedied by a privately, permissioned hosted blockchain that ascertains data does not leave the EU.
After the Cambridge Analytica scandal broke, and in the ensuing public relations nightmare for Facebook amid an already precarious political situation for the company considering allegations of Russian covert use of Facebook to drive an interference strategy in the 2016 US elections, the EU’s new regulation drew global attention. Within a day of GDPR enforcement, both Facebook and Google were struck with a combined $8.8 billion in lawsuits by the Australian privacy activist Max Schrems.
In sum, the GDPR obliges any companies with operations within the EU or the European Economic Area to obtain consent from the owners of data before using their data. The law includes provisions such as the right of the individual to be informed any time data is used, and the subsequent right to erase it after the company has used it. The law could set the pace for similar legislation in other jurisdictions.
As evidenced by the massive lawsuits cited above, the days of tech giants using and exploiting exceedingly valuable and detailed personal data and selling it to advertisers are nearing an end. This is where blockchain technology can come in. It seems clear that the adoption of blockchain’s distributed ledger technology could serve to remedy the failure of companies like Facebook to ascertain user privacy and corporate compliance with new regulations. This creates a scenario where social media companies can take advantage of blockchain, and blockchain can benefit from the enforcement of the GDPR.
Functionally, blockchain could provide companies with a reliable safeguard for user data while also giving ownership back to users over their personal data. At present, Facebook and Twitter essentially serve as middlemen between their users and data-purchasing businesses, as in the past they have selected and sold user data to advertisers or interested buyers. That makes those media centralised. A decentralised format would mean that through the use of distributed ledger technology, social media users would be able to cut out the middleman by sharing the value of data directly with one another. Decentralisation could effectively be facilitated by the adoption and development of blockchain technology by these companies. Social media companies such as Ask.fm and Telegram have already moved into the decentralization of their media through the blockchain.
In an age of rising concern over privacy and security online, in many ways spurned by the behavior of social media giants like Facebook and Google, to survive these companies may need to begin concentrating more sincerely on the data security of their users, more so than the profitability of data sales. With the changing data privacy regulatory framework as exemplified by the GDPR, exploring and developing blockchain technology may be the best option to offset potential costs related to data privacy infringements down the road.