Abstract
Blockchain has been gaining significant interest in several domains. However, this technology also raises relevant challenges, namely in terms of data protection. After the General Data Protection Regulation (GDPR) has been published by the European Union, companies worldwide changed the way they process personal data. This project provides a model and implementation of a blockchain system to store personal data complying with GDPR. We examine the advantages and challenges and evaluate the system. We use Hyperledger Fabric as blockchain, Interplanetary File System to store personal data off-chain, and a Django REST API to interact with both the blockchain and the distributed file system. Olympus has three possible types of users: Data Subjects, Data Processors and Data Controllers and a fourth participant, Supervisor Authority, that, despite not being an explicit role, can perform all verifications that GDPR mandates. We conclude that it is possible to create a system that overcomes the major challenges of storing personal data in a blockchain (Right to be Forgotten and Right to Rectification), while maintaining its desirable characteristics (auditability, verifiability, tamper resistance, distributed—remove single points of failure) and complying with GDPR.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.