5月25日，欧盟《通用数据保护条例》（The General Data Protection Regulation）就将生效实施。华盛顿特区加密货币及区块链智库Coin Center认为，随着欧洲隐私法规变更即将到来，区块链技术可能会与之产生较大冲突。
Andries Van Humbeeck是比利时区块链培训顾问公司TheLedger.be联合创始人，他赞同Michèle Finck的看法，称就性质而言，区块链上的交易并不意味着被删除，修改一个区块，意味着改变之后所有的区块，这可能产生非常可怕的后果。他说道：
华盛顿特区加密货币及区块链智库Coin Center执行董事Jerry Brito表示，监管机构应该注意到这一点，新法律与开放式区块链网络的实际情况并不相容，这些法规不应单方确认，而是应该通过多方协商。
Since people can store personal data in blockchains, the technology could fall under the purview of the upcoming European change to privacy law. But blockchain technology may be fundamentally incompatible with Europe’s new privacy rules, Washington, DC think tank Coin Center said today in a new post.
The General Data Protection Regulation (GDPR) will take effect on May 25th this year, more than two years after it was first signed into law. Under the new rule, if an EU citizen requests that their personal data be erased from a company’s records, the company will have to obey.
But with blockchain, a complete erasure of any stored personal data might not be possible, experts told The Verge. “Modifying data on a blockchain is very hard,” Oxford Law lecturer Michèle Finck told The Verge, “If you were to delete or modify data from the blockchain to comply with the GDPR’s rights to amendment or the ‘right to be forgotten,’ you wouldn’t just change that piece of data, but the hash of the block containing the data and of all subsequent blocks.”
Finck added, “I think it’s safe to say that currently, most blockchains are incompatible with the GDPR, especially permissionless blockchains.” She said that although many blockchain projects are currently thinking about how to design tech that would be GDPR-compliant, the problem is that “there are so many points of tension...way beyond the right [for personal data] to be forgotten.”
“It’s the basics of blockchain technology.”
By their very nature, transactions on a blockchain aren’t meant to be deleted but to be recorded permanently. It would also be difficult to stop every place transmitting a Bitcoin transaction. “This is by design,” Andries Van Humbeeck, co-founder and blockchain consultant at TheLedger.be, a Belgium company that provides blockchain-related training and advice, told The Verge. “It’s the basics of blockchain technology.”
Van Humbeeck reiterated Finck’s point that modifying one block meant changing all blocks that followed after, and he added that could have terrible consequences: “If you purge a block of transactions, the truthfulness of all subsequent blocks of transactions becomes questionable.” Transaction recording helps blockchains keep track of payments and a false transaction could have financial consequences for users. When it comes to the blockchain that Bitcoin is powered by, “all Bitcoin transactions after that purged block become untrustworthy, which would undermine the complete system,” said Van Humbeeck.
Jerry Brito, executive director of Coin Center wrote in a post today that regulators should notice that the new law is “incompatible with the reality of open blockchain networks,” which are ruled by no single party but are decentralized.
Given that blockchain and the GDPR currently don’t work together, one of the two may have to change. Blockchain developers could utilize new technologies to make personal data anonymous, which would keep blockchains out of the GDPR’s scope. Alternatively, European judges could rule blockchains don’t have to delete any personal data, as Coin Center advises. If both blockchains and the GDPR don’t change, Coin Center is warning that the outcome could be a problem for blockchain developers in the EU: “The result of the law, then, may be that Europe is closing itself off from the future of the Internet to its detriment