Governance to Keep Private Information Private
The Role of Blockchain
What may not be as well known, says Patricia C. Franks, a professor at the School of Information at San José State University, is the role of blockchain when it comes to information governance. Blockchain, the digital ledger technology most commonly associated with cryptocurrency such as Bitcoin, is gaining ground as a means of securing data against corruption and improving efficiency in many transactions by removing the “middleman.” Real estate, finance, and government are experimenting with blockchain to see if it has real business advantages.
The downside to blockchain, as Franks points out, is susceptibility to exposure of personal data. It could run counter to the basic premise of GDPR, which is the right to be forgotten, also known as the right of erasure. Data stored in digital ledgers, complete with public/private keys, digital signatures, and cryptographic hashes, should be tamper-proof. However, this also means that it can’t be changed. If the data is incorrect or reveals something an individual wants erased, it’s unclear how that could happen in the blockchain environment.
Franks cites the French Commission Nationale Informatique & Libertes (CNIL) as a good source for possible solutions to the data deletion dilemma posed by blockchain. CNIL explains about legislative exemptions, deleting the private key, and creating an editable blockchain. Franks recommends that, before actually deploying blockchain, an enterprise should consider the implications from a data privacy and information governance perspective. In a rapidly changing technological world, constant monitoring is called for.
Outfitting for Data Privacy
Keeping your individual data private is more under your control than ever before. Information governance is an integral part of today’s business environment, and maintaining compliance with GDPR and other privacy legislative initiatives, including keeping personal data off a blockchain implementation, is key to best information governance practices.
But about that outfit you wore to the high school dance? It doesn’t fall under GDPR and blockchain technology isn’t keeping track of it. Hoping it is non-viewable could be completely out of your control. You may just have to grin and bear it, sorry to say.