Blockchain and the European Union's General Data Protection Regulation: A Chance to Harmonize International Data Flows

Abstract

Future economic growth is dependent on global data sharing. With the EU’s GDPR going into effect May 25, 2018, data privacy law in the EU will be uniform in text. The GDPR applies extraterritorially to any organization that can reach the EU market in terms of access by an EU citizen. While a consistent and coordinated interpretation of the GDPR provides organizations with the requisite assurances needed when operating in an international environment, stricter standards and higher fines require the organizations to rethink their international privacy compliance protocols. Trust-failures in society are the driving force behind such comprehensive regulatory frameworks, but emerging technology like blockchain can aid in minimizing these privacy concerns. Among other things, blockchain properties include decentralization, authentication, confidentiality, accountability, and access control management. By treating data flows as transactions, blockchain applications can work with regulations to facilitate the secure transfer of information. The purpose of this paper is to begin a conversation around utilizing blockchain technology and reducing harmonizing regulations like the GDPR to an automated protocol.