Description

The General Data Protection Regulation (GDPR) replaced the old and battered Data Protection Directive on 25 May 2018 after a long-drawn reform. The rapidly evolving technological landscape will test the ability of the GDPR to effectively achieve the goals of protecting personal data and the free movement of data. This book proposes a technological supplement to achieve the goal of data protection as enshrined in the GDPR. The proposal comes in the form of digital identity management platforms built on blockchain technology. However, the very structure of blockchain poses some significant challenges in terms of compatibility with the GDPR. Accordingly, the claim of GDPR being a technologically neutral legislation is examined. The compatibility of a blockchain-based solution is scrutinised on the parameters of data protection principles like accountability, data minimisation, control and data protection by design in conjunction with the right to be forgotten and right to data portability.