Blockchain is poised to be business disputer, however “Public Blockchains” and GDPR are incompatible. CNIL has provided guidance on #blockchain and GDRP and how it impacts the right to be forgotten. (Thread 1/10 ) #dragonchain

In essence, if the data stored on a blockchain is only referencing data stored off-chain, controllers may comply with requests for erasure from data subjects by removing the underlying data. (2/ 10)

Similarly, if the underlying data can only be accessed or verified via a specific private key, then making the private key inaccessible may also constitute an effect similar to the erasure of data. (3/ 10)

The CNIL provides some guidance on how individuals and companies might minimize their GDPR risk around blockchain technology. (4 / 10)

First, the CNIL recommends that companies seeking to process large amounts of personal data using blockchain technology rely on private blockchains over public blockchains. (5/10)