The General Data Protection Regulation (GDPR) has been signed on April 27, 2016 and will enter into force on May 25 of this year.
Contrary to the directive on data protection of October 24, 1995 which it abrogates, the GDPR is a European regulation, which means that it is supposed to be applied in all member States of the European Union without the necessity to adopt a transposition law in every state. This undoubtedly permits the harmonization at the European level of the legislation on data protection.
The particularity of the regulation is that it comes with significantly high penalties in case of breach. Companies that do not comply may receive fines from the data protection authorities of up to 20 million euros, or 4% of the company’s global turnover, whichever is highest.
The main purpose of this text is to enforce the right of people whose data are processed, to secure the organisations that carry out data processing and to establish an effective regulation.
The problem that arises here is whether and how the above goals can be achieved if blockchain is used.