| dc.contributor.author | Jussila, Jani-Pekka | |
| dc.date.accessioned | 2018-11-16T22:00:25Z | |
| dc.date.available | 2018-11-16T22:00:25Z | |
| dc.date.issued | 2018-10-23 | |
| dc.identifier.uri | http://www.utupub.fi/handle/10024/146293 | |
| dc.description.abstract | This thesis focuses on the issues between a blockchain technology and the new European Union General Data Protection Regulation (GDPR). The Blockchain technology is a rather new technology which potential has been recognised only in the recent years. Essentially, a blockchain is a distributed database in which data is stored in blocks, which form a chronological chain of blocks. Blockchains have many types and possible use cases, but this research focuses on public and permissionless blockchains, which primary objective is to enable individuals to transact with each other without centralised intermediaries.
The GDPR entered into force on 25 May 2018. The GDPR was not drafted taking account of distributed ledger technologies, such as the blockchain technology, which has raised several points of tension between the regulation and the technology. The primary focus of this thesis is on the conflict between the ‘immutability’ of blockchain technology and the right to erasure under Article 17 of the GDPR. One of the main features of blockchains is the immutability, that is to say, data on old blocks is extremely difficult to modify or delete. This feature seems prima facie to conflict with Article 17 of the GDPR that provides data subjects with the right to request erasure of their personal data under certain conditions.
Firstly, this thesis analyses the current state of the conflict. Before analysing the conflict, the research addresses two essential preliminary questions: the question about anonymisation and personal data and the question about allocation of responsibilities on blockchains. After that, different solutions proposed to reconcile the conflict are analysed to understand the current situation. While public and permissionless blockchains currently may infringe Article 17 of the GDPR, there are potential solutions for the conflict in the future.
The second purpose of this thesis is to identify relevant legal problems and propose how to address the problems in the future. Blockchain developers should consider data protection obligations already in the design phase. From the legal side, this research has provided flexible interpretations for the legal problems that could help to comply with the right to erasure. There is a need for a flexible approach to the problems between the regulation and the technology. | |
| dc.format.extent | 98 | |
| dc.language.iso | eng | |
| dc.rights | fi=Julkaisu on tekijänoikeussäännösten alainen. Teosta voi lukea ja tulostaa henkilökohtaista käyttöä varten. Käyttö kaupallisiin tarkoituksiin on kielletty.|en=This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.| | |
| dc.subject | General Data Protection Regulation, data protection, the right to erasure, blockchain technology, blockchain. | |
| dc.title | Reconciling the conflict between the ‘immutability’ of public and permissionless blockchain technology and the right to erasure under Article 17 of the General Data Protection Regulation | |
| dc.type.ontasot | fi=Pro gradu -tutkielma|en=Master's thesis| | |
| dc.rights.accessrights | avoin | |
| dc.identifier.urn | URN:NBN:fi-fe2018111648359 | |
| dc.contributor.faculty | fi=Oikeustieteellinen tiedekunta|en=Faculty of Law| | |
| dc.contributor.studysubject | fi=Oikeustiede, OTM-tutkinto|en=Law, Master of Laws| | |
| dc.contributor.department | fi=Oikeustieteellinen tiedekunta|en=Faculty of Law| | |
