Skip to main content

Tension between GDPR and Public Blockchains: A Data-Driven Analysis of Online Discussions

Chousein, Zeynep, Tetik, Hacı Yakup, Sağlam, Rahime Belen, Bülbül, Abdullah, Li, Shujun (2020) Tension between GDPR and Public Blockchains: A Data-Driven Analysis of Online Discussions. In: Proceedings of the 13th International Conference on Security of Information and Networks. . 17:1-17:8. ACM ISBN 978-1-4503-8751-4. (doi:10.1145/3433174.3433587) (KAR id:89479)

PDF Author's Accepted Manuscript
Language: English


Download (588kB) Preview
[thumbnail of SINCONF2020b.pdf]
Preview
This file may not be suitable for users of assistive technology.
Request an accessible format
Official URL
https://doi.org/10.1145/3433174.3433587

Abstract

Since coming into effect in May 2018, the EU General Data Protection Regulation (GDPR) has raised serious concerns among users of public (permissionless) blockchain systems. Such concerns are triggered by a tension between some unique characteristics of public blockchain systems and some new data subject rights introduced in the GDPR, e.g., the data immutability and the “right to erasure” (a.k.a. “the right to be forgotten”). The aim of this work is to understand how service providers and developers behind public blockchain systems have communicated about such GDPR-related challenges to their users and how the users have perceived such GDPR-related issues. To this end, for 50 public blockchain systems whose corresponding cryptocurrency had a capital market size over $150 million, we analyzed relevant communications and discussions on the following three online channels: blog and forums posts, GitHub repositories, and discussions on Twitter. Our results show that service providers and developers of the selected public blockchain systems did not play an active role in GDPR-related online discussions on Twitter. They also did not communicate with their users about GDPR on their forums and blogs frequently, where we could identify only 56 posts out of 17,821 posts for the period we studied. Our study also reveals that only an extreme minority of the studied systems (4) mentioned GDPR in their GitHub repositories. Our work adds new evidence on the lack of transparency and active communications of the public blockchain sector on the challenging GDPR compliance issue of public blockchain systems.

Item Type: Conference or workshop item (Paper)
DOI/Identification number: 10.1145/3433174.3433587
Uncontrolled keywords: blockchain, distributed ledger, permissionless, GDPR, data protection, privacy, law, Twitter, GitHub, online forum, blog, machine learning, NLP, natural language processing, classification, topic modeling
Subjects: H Social Sciences > H Social Sciences (General)
Q Science > QA Mathematics (inc Computing science) > QA 75 Electronic computers. Computer science
Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
T Technology > TK Electrical engineering. Electronics. Nuclear engineering > TK5101 Telecommunications > TK5105 Data transmission systems > TK5105.5 Computer networks > TK5105.875.I57 Internet
T Technology > TK Electrical engineering. Electronics. Nuclear engineering > TK5101 Telecommunications > TK5105.888 World Wide Web
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
University wide Teaching/Research Centres > Kent Interdisciplinary Research Centre in Cyber Security
Depositing User: Shujun Li
Date Deposited: 27 Jul 2021 17:06 UTC
Last Modified: 28 Jul 2021 10:11 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/89479 (The current URI for this page, for reference purposes)
Sağlam, Rahime Belen: https://orcid.org/0000-0002-6969-6451
Li, Shujun: https://orcid.org/0000-0001-5628-7328
  • Depositors only (login required):