Skip to main content

A Data-Driven Analysis of Blockchain Systems' Public Online Communications on GDPR

Sağlam, Rahime Belen, Aslan, Çağrı B., Li, Shujun, Dickson, Lisa, Pogrebna, Ganna (2020) A Data-Driven Analysis of Blockchain Systems' Public Online Communications on GDPR. In: Proceedings of 2020 2nd IEEE International Conference on Decentralized Applications and Infrastructures. . pp. 22-31. IEEE ISBN 978-1-72817-022-0. (doi:10.1109/DAPPS49028.2020.00003) (KAR id:81277)

PDF Author's Accepted Manuscript
Language: English


Creative Commons Licence
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Download (278kB) Preview
[img]
Preview
Official URL
https://doi.org/10.1109/DAPPS49028.2020.00003

Abstract

After the European Union's new General Data Protection Regulation (GDPR) became applicable in May 2018,concerns about the legal compliance of public blockchain systems with rights guaranteed by GDPR have emerged, e.g., on the "right to be forgotten". In order to better understand how the blockchain sector sees the challenges raised by GDPR and how such their communications could influence their users, this paper reports our data-driven analysis of GDPR-related public online communications of blockchain developers and service providers.Our analysis covers 314 public blockchain systems, and two different online communication channels: legal documents including privacy policies, T&C (Terms and Conditions) documents and other similar legal documents published on systems’ official websites and public tweets of their official Twitter accounts.Our analysis revealed that only a minority (86/314≈27.5%)of the investigated blockchain systems had covered GDPR at least once using one or both communication channels. Among the 86systems, only 27 systems (8.6%) had at least one legal document that actually talks about GDPR for the corresponding blockchain system. We noticed a systematic lack of detail about why and how the GDPR compliance issue was addressed, and most systems made questionable statements about GDPR compliance. There sults are surprising considering that the GDPR was enacted in 2016 and has been in effect since May 2018.

Item Type: Conference or workshop item (Paper)
DOI/Identification number: 10.1109/DAPPS49028.2020.00003
Uncontrolled keywords: GDPR, blockchain, distributed ledger, dataprotection, law, privacy, communication, transpareny
Subjects: K Law > K Law (General)
Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming, > QA76.76 Computer software
T Technology > TK Electrical engineering. Electronics. Nuclear engineering > TK5101 Telecommunications > TK5105 Data transmission systems > TK5105.5 Computer networks
Divisions: Faculties > University wide - Teaching/Research Groups > Centre for Cyber Security Research
Faculties > Sciences > School of Computing
Faculties > Sciences > School of Computing > Security Group
Depositing User: Shujun Li
Date Deposited: 16 May 2020 12:37 UTC
Last Modified: 27 Jul 2020 16:03 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/81277 (The current URI for this page, for reference purposes)
Li, Shujun: https://orcid.org/0000-0001-5628-7328
  • Depositors only (login required):

Downloads

Downloads per month over past year