Skip to main content
Springer Nature Link
Log in

Toward a GDPR Compliant Blockchain Governance Framework

  • Conference paper
  • First Online:
The Role of Digital Technologies in Shaping the Post-Pandemic World (I3E 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13454))

Included in the following conference series:

  • 2597 Accesses

Abstract

Recent research has highlighted multiple incompatibilities between blockchain technology and the General Data Protection Regulation (GDPR) regarding data controller and data deletion. Such incompatibilities impede the adoption of blockchain technology on a larger scale. This paper aims to resolve these incompatibilities, exploring the issues that need to be considered while developing a GDPR compliant blockchain governance framework. We collected data using 20 semi-structured interviews and discussions from 18 different IT companies involved in blockchain-based service development. We analyzed the data using the Gioia approach. We identified three major governance dimensions that must be considered for GDPR compliant blockchain services, namely community, blockchain protocol, and compliance; each of which has several sub-dimensions. Our study extends prior governance frameworks, suggesting the guidelines to comply with GDPR requirements. This guidelines might help organizations to build a GDPR compliant blockchain business model. Based on our findings, we also put forward directions for future inquiry.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. van Pelt, R., Jansen, S., Baars, D., Overbeek, S.: Defining blockchain governance: a framework for analysis and comparison. Inf. Syst. Manag. 38, 21–41 (2020). https://doi.org/10.1080/10580530.2020.1720046

    Article  Google Scholar 

  2. Beck, R., Müller-Bloch, C., King, J.: Governance in the blockchain economy: a framework and research agenda. J. Assoc. Inf. Syst. 19, 1 (2018)

    Google Scholar 

  3. Zheng, X.R., Lu, Y.: Blockchain technology–recent research and future trend. Enterp. Inf. Syst. 1−23 (2021). https://doi.org/10.1080/17517575.2021.1939895

  4. Janssen, M., Weerakkody, V., Ismagilova, E., Sivarajah, U., Irani, Z.: A framework for analyzing blockchain technology adoption: integrating institutional, market and technical factors. Int. J. Inf. Manage. 50, 302–309 (2020)

    Article  Google Scholar 

  5. Tan, E., Mahula, S., Crompvoets, J.: Blockchain governance in the public sector: a conceptual framework for public management. Gov. Inf. Q. 39, 101625 (2022). https://doi.org/10.1016/J.GIQ.2021.101625

    Article  Google Scholar 

  6. EPRS: blockchain and the general data protection regulation can distributed ledgers be squared with European data protection law? (2019). https://doi.org/10.2861/535

  7. Tankard, C.: What the GDPR means for businesses. Netw. Secur. 2016, 5–8 (2016)

    Article  Google Scholar 

  8. Truong, N.B., Sun, K., Lee, G.M., Guo, Y.: GDPR-Compliant personal data management: a blockchain-based solution. IEEE Trans. Inf. Forensics Secur. 15, 1746–1761 (2020). https://doi.org/10.1109/TIFS.2019.2948287

    Article  Google Scholar 

  9. Bayle, A., Koscina, M., Manset, D., Perez-Kempner, O.: When blockchain meets the right to be forgotten: technology versus law in the healthcare industry. In: Proceedings - 2018 IEEE/WIC/ACM International Conference on Web Intelligence, WI 2018, pp. 788–792 (2019)

    Google Scholar 

  10. Jambert, A.: Blockchain and the GDPR: a data protection authority point of view. In: Blazy, O., Yeun, C.Y. (eds.) WISTP 2018. LNCS, vol. 11469, pp. 3–6. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-20074-9_1

    Chapter  Google Scholar 

  11. Dutta, R., Das, A., Dey, A., Bhattacharya, S.: Blockchain vs GDPR in collaborative data governance. In: Luo, Y. (ed.) CDVE 2020. LNCS, vol. 12341, pp. 81–92. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-60816-3_10

    Chapter  Google Scholar 

  12. Kondova, G., Erbguth, J.: Self-sovereign identity on public blockchains and the GDPR. In: Proceedings of the ACM Symposium on Applied Computing, pp. 342–345 (2020)

    Google Scholar 

  13. Haque, A.B., Islam, A.K.M.N., Hyrynsalmi, S., Naqvi, B., Smolander, K.: GDPR compliant blockchains-a systematic literature review. IEEE Access. 9, 50593–50606 (2021)

    Article  Google Scholar 

  14. Rieger, A., Lockl, J., Urbach, N., Guggenmos, F., Fridgen, G.: Building a blockchain application that complies with the EU general data protection regulation. MIS Quart. Executive 18, 263–279 (2019). https://doi.org/10.17705/2MSQE.00020

    Article  Google Scholar 

  15. Goldsby, C., Hanisch, M.: The boon and bane of blockchain: getting the governance right. Calif. Manag. Rev. 64(3), 141–168 (2022). https://doi.org/10.1177/00081256221080747

    Article  Google Scholar 

  16. Batubara, F.R., Ubacht, J., Janssen, M.: Challenges of blockchain technology adoption for e-government: a systematic literature review. In: ACM International Conference Proceeding Series (2018).https://doi.org/10.1145/3209281.3209317

  17. Gioia, D.A., Corley, K.G., Hamilton, A.L.: Seeking qualitative rigor in inductive research: notes on the gioia methodology. Organ. Res. Methods 16, 15–31 (2013). https://doi.org/10.1177/1094428112452151

    Article  Google Scholar 

  18. Allen, D.W.E., Berg, C., Markey-Towler, B., Novak, M., Potts, J.: Blockchain and the evolution of institutional technologies: implications for innovation policy. Res. Policy 49, 103865 (2020). https://doi.org/10.1016/J.RESPOL.2019.103865

    Article  Google Scholar 

  19. Rossi, M., Mueller-Bloch, C., Thatcher, J.B., Beck, R.: Blockchain research in information systems: current trends and an inclusive future research agenda. J. Assoc. Inf. Syst. 20, 1388–1403 (2019). https://doi.org/10.17705/1jais.00571

    Article  Google Scholar 

  20. Ziolkowski, R., Miscione, G., Schwabe, G.: Decision problems in blockchain governance: old wine in new bottles or walking in someone else’s shoes? J. Manag. Inf. Syst. 37, 316–348 (2020). https://doi.org/10.1080/07421222.2020.1759974

    Article  Google Scholar 

  21. O’dwyer, K.J., Malone, D.: Bitcoin Mining and its Energy Footprint (2014)

    Google Scholar 

  22. Singh, P.K., Singh, R., Nandi, S.K., Nandi, S.: Managing smart home appliances with proof of authority and blockchain. In: Lüke, K.-H., Eichler, G., Erfurth, C., Fahrnberger, G. (eds.) I4CS 2019. CCIS, vol. 1041, pp. 221–232. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-22482-0_16

    Chapter  Google Scholar 

  23. Wright, A., de Filippi, P.: Decentralized blockchain technology and the rise of lex cryptographia. SSRN Electron. J. (2015).https://doi.org/10.2139/SSRN.2580664

Download references

Acknowledgment

This study was financially supported by the Foundation for Economic Education (www.lsr.fi).

Author information

Authors and Affiliations

  1. LUT University, 53850, Lappeenranta, Finland

    Hasan Mahmud, A. K. M. Najmul Islam & Bilal Naqvi

  2. Turku School of Economics, University of Turku, 20014, Turku, Finland

    Matti Mäntymäki

Authors
  1. Hasan Mahmud
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. A. K. M. Najmul Islam
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bilal Naqvi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Matti Mäntymäki
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Matti Mäntymäki .

Editor information

Editors and Affiliations

  1. Newcastle University Business School, Newcastle upon Tyne, UK

    Savvas Papagiannidis

  2. Newcastle University Business School, Newcastle upon Tyne, UK

    Eleftherios Alamanos

  3. Newcastle University Business School, Newcastle upon Tyne, UK

    Suraksha Gupta

  4. Swansea University, Swansea, UK

    Yogesh K. Dwivedi

  5. University of Turku, Turku, Finland

    Matti Mäntymäki

  6. University of Agder, Kristiansand, Norway

    Ilias O. Pappas

Rights and permissions

Reprints and permissions

Copyright information

© 2022 IFIP International Federation for Information Processing

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Mahmud, H., Islam, A.K.M.N., Naqvi, B., Mäntymäki, M. (2022). Toward a GDPR Compliant Blockchain Governance Framework. In: Papagiannidis, S., Alamanos, E., Gupta, S., Dwivedi, Y.K., Mäntymäki, M., Pappas, I.O. (eds) The Role of Digital Technologies in Shaping the Post-Pandemic World. I3E 2022. Lecture Notes in Computer Science, vol 13454. Springer, Cham. https://doi.org/10.1007/978-3-031-15342-6_36

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-15342-6_36

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-15341-9

  • Online ISBN: 978-3-031-15342-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships