The European Data Protection Board (EDPB) has issued new guidelines addressing security and data protection within blockchain technology, raising concerns and sparking debate among industry leaders. The guidelines encourage making technical and organizational measures the default, essentially building them in at the earliest possible design stages of data processing. These recommendations come against a backdrop of increasing worry over the security and privacy risks posed by blockchain tech.

Experts Weigh In on Blockchain Privacy

Harry Halpin Harry is a founder and CEO of the decentralized privacy firm Nym Technologies. To put it mildly, his reservations about using blockchain technology for managing personal data were profound. He warned that individual data should not go directly onto the blockchain.

"It's a mistake to put personal data on the blockchain." - Harry Halpin, CEO of Nym Technologies

In her post Halpin points to better ways to manage sensitive information. Nym Technologies uses zero-knowledge proofs off-chain and network privacy through mixnets for payment data.

Decentralization vs. Deregulation

Hacken’s Bryn Bennett, Senior BD at the Ukrainian Web3 security firm, drew an important delineation. He cautioned that decentralization must not be mistaken for deregulation. He thinks the EDPB’s guidelines are an important check, though, and a reminder of this important distinction.

"The EDPB’s guidelines are a timely reminder that decentralization doesn't mean deregulation.” - Bryn Bennett, Senior BD at Hacken

Bennett goes on to underscore the dangers of ignoring the need to protect user data. Projects that ignore carefully protecting user data expose themselves to legal liabilities and security threats.

"Projects that treat user data casually risk both legal blowback and security breaches. Privacy-by-design, off-chain storage, and proper governance aren't just best practice—they're survival tools.” - Bryn Bennett, Senior BD at Hacken

Key Tenets of the Guidelines

Like the European guidelines, our privacy principles emphasize transparency, right to rectification, and right to erasure of personal data. Organizations should plan to bake these principles into their systems from day one. The European Data Protection Board’s guidelines attempt to harmonize very innovative blockchain applications with very old data protection legislation. The focus here is on making privacy the core principle of all blockchain projects.