Analysis of solutions for a blockchain compliance with GDPR

The aim of this paper was to perform an analysis of the state-of-the-art solutions of the permissioned blockchain compliance with the General Data Protection Regulation (GDPR), including the implementation of one of the analyzed methods and the own solution. This paper covers the subject of GDPR and its impact on already existing blockchain databases to determine the domain of the problem, including the necessity to introduce mutability in the data structure to comply with the right to be forgotten. The performed analysis made it possible to discuss current research in technical terms as well as in the regulation itself. In the experimental part, attempts were made to research and implement the Reference-based Tree Structure (RBTS), including the performance tests. The proposed solution is efficient and easily reproducible. The deletion of unwanted content is quick and requires consent only from the owner of personal data; therefore, eliminating the dependency on the other blockchain network participants.

Automated summary

This paper aims to analyze the state-of-the-art solutions for permissioned blockchain compliance with GDPR, including implementing one of the methods and proposing a new solution. Through studying the impact of GDPR on existing blockchain databases and the necessity of introducing data structure mutability to comply with the right to be forgotten, the paper discusses both technical and regulatory research. In the experiment, the Reference-based Tree Structure (RBTS) is researched, implemented, and performance tests are conducted. The proposed solution is efficient, easily reproducible, and allows for quick deletion of unwanted content with the consent of the personal data owner, eliminating the need for dependency on other blockchain network participants.