The new DIN SPEC on Privacy by Blockchain Design: A standardised model for processing personal data using blockchain technology has been published and can be accessed for free after registration at Beuth Verlag.
The DIN SPEC on privacy by blockchain design has been established through a consortium led by Christian Wirth, Michael Kolain and Anja Grafenauer with participation of TechGDPR’s Alex Carroll and Silvan Jongerius (also the person behind this website) and many other experts including: Dennis Hillemann Jörn Erbguth Alexis Cosson Katrin Kirchert, LL.M. Frederic Hannesen, Oliver Guderjahn, Frank Jander, Stiepan Aurélien Kovac, Harald Krefting, Elke Kunde, Dominik Mueller, Fabian Pohl, Detlef Olschewski, Martin Quensel, Diana Rees, Craig Sailor, Steffen Schwalm, Olga Stepanova, Lisa Trujillo, CIPT, Kristina Unverricht.
The introduction reads “The DIN SPEC’s immediate aim is to help analyze the degree to which a natural person, in BC/DLT-systems, is identifiable, providing developers with tools and methods that preserve privacy and reduce the risk of legal uncertainty. The DIN SPEC “privacy by blockchain design” looks at the risk for the data subject and lists and maps technical measures that increase the effort required to recreate any personal reference to a data subject.
The privacy by blockchain design DIN SPEC classifies different approaches of handling personal data and exemplifies them with architectural blueprints. The latter describes technical design patterns in order to mitigate the risk and therefore raise the data protection level in an IT system.
Overall, the work in this DIN SPEC is guided by the “Privacy by Design” principle (art. 25 GDPR) and specifies technical and organizational measures in line with the principles laid out in the GDPR. It aims to lay a framework accessible to lawyers and computer scientists alike.
There are only a few organisations specialised in designing privacy friendly products when it comes down to deep tech/emerging technologies such as blockchain. For example TechGDPR can help with such challenges. (Disclaimer: the author of this article is the Managing Partner of TechGDPR and contributor to the DIN SPEC).