Distributed architectures for private and efficient data management

Executive summary

The objective of this project is to analyze -both from the juridical and the software point of view- the potential of distributed data management architectures for telecommunications companies.

Background

Data contained in Blockchains is practically impossible to edit. Moreover, a blockchain does not contemplate the appointment of a specific and individuable figure responsible for the content found in the blockchain itself.

Its Peer to Peer nature and the absence of a Data Controller, together with the fact that there is no easy way to edit what’s already stored inside the blockchain, causes it to be incompatible with the rules regarding the processing of personal data inside the European Union, and especially the GDPR.

Objectives

The goal of the analysis, from the juridical point of view, is to clearly and precisely list the rules that enterprises must follow, with respect to privacy, when adopting decentralized architectures, with a focus on blockchain. From the point of view of the information systems, real experimentations of distributed architectures in scenarios relevant to telecom companies are synthetized.

Results

The research found that while a traditional blockchain is indeed incompatible with the current legislations, there are indeed many tools that can be of aid while trying to set up a database of personal data based on blockchain technology.
These solutions are both technical and juridical, and often twist the nature of the blockchain to the point where it almost becomes not a blockchain anymore.
Through some of these solutions, however, the data stored in the blockchain can reach sufficient standards of anonymity and protection, and a central figure, the Data Controller, can be identified more easily if the blockchain becomes more centralized, therefore solving the main incompatibility problems.