Hostname: page-component-669899f699-chc8l Total loading time: 0 Render date: 2025-04-26T16:53:16.715Z Has data issue: false hasContentIssue false
  • English
  • Français

Layers of privacy in the blockchain: from technological solutionism to human-centred privacy-compliance technologies

Published online by Cambridge University Press:  28 September 2022

Pablo Marcello Baquero
Pablo Marcello Baquero*
Affiliation:
Assistant Professor, HEC Paris, France
*
*Corresponding author. E-mail: baquero@hec.fr
Get access Rights & Permissions [Opens in a new window]

Abstract

Different organisations recently published reports identifying the challenges and potential solutions to ensure privacy in blockchain platforms. The proposed solutions frequently emphasise the role of privacy-compliance technologies to be incorporated into the blockchain design. Often, these solutions imply a techno-regulatory approach, ignoring that the level of privacy implemented in a blockchain involves legal and policy choices, disregarding the need to implement human participation and contestability in these platforms. Against this backdrop, this paper proposes to examine how privacy-compliance technologies can incorporate human participation and contestability: first, resorting to the interdisciplinary literature to examine how technological design could balance privacy with human oversight; second, discussing the challenges to ensure ex post contestability for aggrieved data subjects; third, examining the difficulties in identifying liable parties in a blockchain platform. The current disregard of the social and human element risks undermining the role of privacy-compliance technologies in the blockchain.

Keywords

blockchaindata protectionprivacy compliance technologieshuman-centred technologies
Type
Special Issue Article
Information
International Journal of Law in Context , Volume 19 , Special Issue 1: Algorithmic Law in Context , March 2023 , pp. 51 - 69
Copyright
Copyright © The Author(s), 2022. Published by Cambridge University Press

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

Article purchase

Temporarily unavailable

References

Alza, G Jr (2020) Blockchain & CCPA. Santa Clara High Technology Law Journal 37, 231255.Google Scholar
Becker, M and Bodó, B (2021) Trust in blockchain-based systems. Internet Policy Review 10, 110.CrossRefGoogle Scholar
Benedetto, Neitz M (2020) How to regulate blockchain's real-life applications: lessons from the California Blockchain Working Group. Jurimetrics 61, 185218.Google Scholar
Burt, A, Rossi, A and Bourdillon, S (2021) A Guide to the EU's Unclear Anonymization Standards. Available at: https://iapp.org/news/a/a-guide-to-the-eus-unclear-anonymization-standards/ (accessed 28 June 2022).Google Scholar
Casino, F, Dasaklis, TK and Patsakis, C (2019) A systematic literature review of blockchain-based applications: current status, classification and open issues. Telematics and Informatics 36, 5581.Google Scholar
Chainanalysis (2021). The Blockchain Data Platform. Available at https://www.chainalysis.com/ (last accessed 15 September 2021).Google Scholar
CNIL (Commission Nationale Informatique & Libertés) (2018) Premiers éléments d'analyse de la CNIL – Blockchain. Available at: https://www.cnil.fr/sites/default/files/atoms/files/la_blockchain.pdf (accessed 30 August 2022).Google Scholar
Cointelegraph (2021) Five Proposed Crypto Class Actions over Unregistered Securities Dismissed in NY. Available at: https://cointelegraph.com/news/five-proposed-crypto-class-actions-in-ny-over-unregistered-securities-dismissed (accessed 4 October 2021).Google Scholar
Daoui, S, Fleinert-Jensen, T and Lempérière, M (2019) GDPR, blockchain and the French Data Protection Authority: many answers but some remaining questions. Stanford Journal of Blockchain Law & Policy 2, 240251.Google Scholar
De Filippi, P (2016) The interplay between decentralization and privacy: the case of blockchain technologies. Journal of Peer Production 7, 018.Google Scholar
De Filippi, P, Mannan, M and Reijers, W (2020) Blockchain as a confidence machine: the problem of trust & challenges of governance. Technology in Society 62, 114.CrossRefGoogle Scholar
Elliptic (2020) A Brief Guide to Analytics on Blockchain. Available at: https://www.elliptic.co/blog/a-brief-guide-to-analytics-on-blockchain (accessed 4 November 2021).Google Scholar
Ethernodes.org (2022) The Ethereum Network & Node Explorer. Available at: https://ethernodes.org/countries (accessed 28 June 2022).Google Scholar
Etherscan (n.d.) The Ethereum Blockchain Explorer. Available at: http://etherscan.io/ (accessed 15 July 2021).Google Scholar
European Parliament (2019) Blockchain and the General Data Protection Regulation: Can Distributed Ledgers Be Squared with European Data Protection Law? Available at: https://www.europarl.europa.eu/RegData/etudes/STUD/2019/634445/EPRS_STU(2019)634445_EN.pdf (accessed 13 August 2022).Google Scholar
European Union Blockchain Observatory Forum (2018) Blockchain and the GDPR. Brussels: EU. Available at: https://www.eublockchainforum.eu/sites/default/files/reports/20181016_report_gdpr.pdf (accessed 30 August 2022).Google Scholar
Fairfield, JAT (2019) The human element: the under-theorized and underutilized component vital to foster blockchain development. Cleveland State Law Review 67, 3340.Google Scholar
Feng, Q et al. (2019) A survey on privacy protection in blockchain system. Journal of Network and Computer Applications 126, 4558.Google Scholar
Finck, M (2018a) Blockchain Regulation and Governance in Europe. Cambridge: Cambridge University Press.Google Scholar
Finck, M (2018b) Blockchains and data protection in the European Union. European Data Protection Law Review 4, 1735.Google Scholar
Finck, M (2021) Cobwebs of control: the two imaginations of the data controller in EU law. International Data Privacy Law 11, 333347.CrossRefGoogle Scholar
Gaur, V and Gaiha, A (2020) Building a Transparent Supply Chain. Harvard Business Review, May–June.Google Scholar
Hacker, P et al. (2019) Regulating blockchain: techno-social and legal challenges – an introduction. In Hacker, P et al. (eds), Regulating Blockchain: Techno-social and Legal Challenges. Oxford: Oxford University Press, pp. 124.Google Scholar
Hannah Murphy (2021) Monero emerges as crypto of choice for cybercriminals. Financial Times, 22 June. Available at: https://www.ft.com/content/13fb66ed-b4e2-4f5f-926a-7d34dc40d8b6 (accessed 13 August 2022).Google Scholar
Harikrishnan, M and Lakshmy, KV (2019) Secure Digital Service Payments Using Zero Knowledge Proof in Distributed Network, 5th International Conference on Advanced Computing Communication Systems (ICACCS), Coimbatore, India, 15–16 March 2019, pp. 307312. Available at: https://doi.org/10.1109/ICACCS.2019.8728462 (accessed 13 August 2022).Google Scholar
Harz, D and Boman, M (2019) The scalability of trustless trust. In Zohar, A et al. (eds), Financial Cryptography and Data Security, Lecture Notes in Computer Science. Berlin and Heidelberg: Springer, pp. 279293.CrossRefGoogle Scholar
Herian, R (2019) Regulating Blockchain: Critical Perspectives in Law and Technology. New York: Routledge.Google Scholar
Herian, R (2020) Blockchain, GDPR, and fantasies of data sovereignty. Law, Innovation and Technology 12, 156174.Google Scholar
Hildebrandt, M (2020a) A philosophy of technology for computational law. In Mangan D, Easton C and Sithig DM (eds), The Philosophical Foundations of Information Technology Law. published online 18 November 2020. Available at: https://osf.io/preprints/lawarxiv/7eykj/ (accessed 30 August 2022).Google Scholar
Hildebrandt, M (2020b) Code driven law: scaling the past and freezing the future. In Deakin, S and Markou, C (eds), Is Law Computable? Critical Perspectives on Law and Artificial Intelligence. Oxford: Hart Publishing, pp. 6783.Google Scholar
Ibanez, LD, O'Hara, K and Simperl, E (2018) On Blockchains and the General Data Protection Regulation. Working Paper, EU Blockchain Forum and Observatory, 2018. Available at: https://eprints.soton.ac.uk/422879/1/BLockchains_GDPR_4.pdf (accessed 13 August 2022).Google Scholar
INATBA Privacy Working Group (2020) Report on Data Protection Regulations Applicable to Blockchain Technology in Different Jurisdictions Worldwide. International Association for Trusted Blockchain Applications. Available at: https://inatba.org/wp-content/uploads/2021/01/2020-12-Privacy-WG-Report-on-Data-Protection.pdf (accessed 13 August 2022).Google Scholar
Investopedia (2021) 6 Most Private Cryptocurrencies. Available at: https://www.investopedia.com/tech/five-most-private-cryptocurrencies/ (accessed 18 November 2021).Google Scholar
James, A (2018) Privacy coins are ‘one of the greatest emerging threats to U.S. National Security,’ states US congressman. Bitcoinist. Available at: https://bitcoinist.com/privacy-coins-greatest-emerging-threats-national-security/ (accessed 13 August 2022).Google Scholar
Jimenez-Gomez, BS (2019) Risks of blockchain for data protection: a European approach. Santa Clara High Technology Law Journal 36, 281344.Google Scholar
koe, , Alonso, KM and Noether, S (2020) Zero to Monero: A Technical Guide to a Private Digital Currency for Beginners, Amateurs, and Experts, 2nd edn. Available at: https://www.getmonero.org/library/Zero-to-Monero-2-0-0.pdf (accessed 13 August 2022).Google Scholar
Law Society of England and Wales (2020) Blockchain: Legal and Regulatory Guidance. London: The Law Society of England and Wales. Available at: https://www.lawsociety.org.uk/topics/research/blockchain-legal-and-regulatory-guidance-report (accessed 30 August 2022).Google Scholar
Leenes, RE (2011) Framing techno-regulation: an exploration of state and non-state regulation by technology. Legisprudence 5, 143169.CrossRefGoogle Scholar
Li, Y et al. (2021) Traceable Monero: anonymous cryptocurrency with enhanced accountability. IEEE Transactions on Dependable and Secure Computing 18, 679691.CrossRefGoogle Scholar
Lippe, P, Katz, DM and Jackson, D (2015) Legal by design: a new paradigm for handling complexity in banking regulation and elsewhere in law. Oregon Law Review 93, 833852.Google Scholar
Meshel, T and Yahya, MA (2021) Crypto dispute resolution: an empirical study. University of Illinois Journal of Law, Technology and Policy 2021, 187256.Google Scholar
Meyer, D (2018) Blockchain Technology Is on a Collision Course with EU Privacy Law. Available at: https://iapp.org/news/a/blockchain-technology-is-on-a-collision-course-with-eu-privacy-law/ (accessed 15 July 2021).CrossRefGoogle Scholar
Mirchandani, A (2018) The GDPR-blockchain paradox: exempting permissioned blockchains from the GDPR. Fordham Intellectual Property Media & Entertainment Law Journal 29, 12011241.Google Scholar
Moerel, L (2018) Blockchain & data protection – and why they are not a collision course. European Review of Private Law 26, 825851.CrossRefGoogle Scholar
Monero.how (n.d.) A Low-level Explanation of the Mechanics of Monero vs Bitcoin in Plain English. Available at: https://www.monero.how/how-does-monero-work-details-in-plain-english (accessed 16 June 2022).Google Scholar
Morais, E et al. (2019) A survey on zero knowledge range proofs and applications. SN Applied Science 1, 946.Google Scholar
Möser, M et al. (2018). An empirical analysis of traceability in the Monero blockchain. Proceedings on Privacy Enhancing Technologies 2018, 143163.CrossRefGoogle Scholar
Nakamoto, S (2008) Bitcoin: A Peer-to-Peer Electronic Cash System. Available at: https://bitcoin.org/bitcoin.pdf (accessed 30 August 2022).Google Scholar
Nasdaq (2021) Bittrex to Delist ‘Privacy Coins’ Monero, Dash and Zcash. Available at: https://www.nasdaq.com/articles/bittrex-to-delist-privacy-coins-monero-dash-and-zcash-2021-01-01 (accessed 4 November 2021).Google Scholar
NewsBTC (2021) An overview about privacy coins in 2021: what's ahead? Available at: https://www.newsbtc.com/sponsored/an-overview-about-privacy-coins-in-2021-whats-ahead/ (accessed 16 November 2021).Google Scholar
Oliva, GA, Hassan, A and Jiang, ZM (2020) An exploratory study of smart contracts in the Ethereum blockchain platform. Empirical Software Engineering 25, 18641904.CrossRefGoogle Scholar
Patterson Law Firm (n.d.) Cryptocurrency Litigation Lawyer & Litigation Law Firm – Chicago. Available at: https://www.pattersonlawfirm.com/practice-areas/cryptocurrency-litigation/ (accessed 4 October 2021).Google Scholar
Peng, L et al. (2021) Privacy preservation in permissionless blockchain: a survey. Digital Communications and Networks 7, 295307.CrossRefGoogle Scholar
Pinto, R (2019) Council post: on-chain versus off-chain: the perpetual blockchain governance debate. Forbes, 6 September. Available at: https://www.forbes.com/sites/forbestechcouncil/2019/09/06/on-chain-versus-off-chain-the-perpetual-blockchain-governance-debate/ (accessed 13 August 2022).Google Scholar
Posadas, DV Jr (2018) The Internet of Things: the GDPR and the blockchain may be incompatible. Journal of Internet Law 21, 129.Google Scholar
Reuters (2020) Cryptocurrency issuers, exchanges face U.S. class action lawsuits. Available at: https://www.reuters.com/article/us-cryptocurrency-usa-lawsuit-idUSKBN21O2I5 (accessed 13 August 2022).Google Scholar
Satybaldy, A and Nowostawski, M (2020) Review of Techniques for Privacy-preserving Blockchain Systems, Proceedings of the 2nd ACM International Symposium on Blockchain and Secure Critical Infrastructure, BSCI ’20, Association for Computing Machinery, New York, NY, USA, 5–9 October 2020, pp. 19.Google Scholar
Schellekens, M (2020) Conceptualizations of the controller in permissionless blockchains. Journal of Intellectual Property, Information Technology and E-Commerce Law 11, 215227.Google Scholar
SerHack and the Monero Community (2018) Mastering Monero – the Future of Private Transactions. LernoLibro. Available at: https://masteringmonero.com/book/Mastering%20Monero%20First%20Edition%20by%20SerHack%20and%20Monero%20Community.pdf (last accessed 13 August 2022).Google Scholar
Snyder, S (2021) The privacy questions raised by blockchain. Law360, 14 January. Available at: https://www.law360.com/articles/1115579/the-privacy-questions-raised-by-blockchain (accessed 13 August 2022).Google Scholar
Statista (2022) Bitcoin Mining by Country 2021. Available at: https://www.statista.com/statistics/1200477/bitcoin-mining-by-country/ (accessed 28 June 2022).Google Scholar
Teperdjian, R (2019) The puzzle of squaring blockchain with the General Data Protection Regulation. Jurimetrics 60, 253314.Google Scholar
The Legal Examiner (2021) Privacy coins 101. 23 September. Available at: https://www.legalexaminer.com/technology/crypto/privacy-coins-101/ (accessed 13 August 2022).Google Scholar
Verstraete, M (2019) The stakes of smart contracts. Loyola University Chicago Law Journal 50, 743795.Google Scholar
Voss, WG (2020) Cross-border data flows, the GDPR, and data governance. Washington International Law Journal 29, 485532.Google Scholar
Walch, A (2019) Deconstructing ‘decentralization’: exploring the core claim of crypto systems. In Brummer, C (ed.), Cryptoassets: Legal, Regulatory, and Monetary Perspectives. Oxford: Oxford University Press, pp. 3968.CrossRefGoogle Scholar
Walters, N (2019) Privacy law issues in public blockchains: an analysis of blockchain, PIPEDA, the GDPR, and proposals for compliance. Canadian Journal of Law and Technology 17, 276305.Google Scholar
Wang, D, Zhao, J and Wang, Y (2020) A survey on privacy protection of blockchain: the technology and application. IEEE Access 8, 108766108781.Google Scholar
Werbach, K (2018) The Blockchain and the New Architecture of Trust. Cambridge: MIT Press.CrossRefGoogle Scholar
Wirth, C and Kolain, M (2018) Privacy by blockchain design: a blockchain-enabled GDPR-compliant approach for handling personal data. Reports of the European Society for Socially Embedded Technologies 2, published online at: https://dl.eusset.eu/bitstream/20.500.12015/3159/1/blockchain2018_03.pdf (accessed 30 August 2022).Google Scholar
Yeung, K (2019) Regulation by blockchain: the emerging battle for supremacy between the code of law and code as law. The Modern Law Review 82, 207239.Google Scholar
Zaslowsky, D (2021) Block.one to Pay $27.5 Million to Settle Class Action Lawsuit Related to ICO – Blockchain. Available at: https://blockchain.bakermckenzie.com/2021/06/17/block-one-to-pay-27-5-million-to-settle-class-action-lawsuit-related-to-ico/ (accessed 4 October 2021).Google Scholar
Zhao, JL, Fan, S and Yan, J (2016) Overview of business innovations and research opportunities in blockchain and introduction to the special issue. Financial Innovation 2, 17.CrossRefGoogle Scholar