Skip to main content
SpringerLink
Log in

An Analysis of Blockchain and GDPR under the Data Lifecycle Perspective

  • Published:
Mobile Networks and Applications Aims and scope Submit manuscript

Abstract

The purpose of this article is to present an analysis of the privacy principles of personal data prescribed in the General Data Protection Regulation and the treatment of data in Blockchain technology in its primary version, guided by the phases of the Data LifeCycle. The Data Life Cycle presents the stages in which the data act in a given process and are related to each other, forming a chain of dependence between them. The General Data Protection Regulation, on the other hand, presents privacy principles that contemplate the necessary treatment for data at all stages of its life cycle. This analysis made it possible to identify the influence that the phases of the Data Lifecycle have on the adequacy of the principles of the General Data Protection Regulation and the treatment of the data performed on the Blockchain technology associated with the phases, presenting an approach to lead the process of adapting the technology to compliance with the legislation. In this context, some data treatment options were presented for the phases that presented gaps, making it possible to conclude that the result of this analysis can be used as a support tool to systematize the process of adapting to the law by organizations that use or intend to adopt Blockchain technology.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

References

  1. GDPR (General Data Protection Regulation) (2016) Regulation (EU) 2016/679 of the European Parliament and of the Council. https://eur-lex.europa.eu/eli/reg/2016/679/oj. Accessed 24 April 2020

  2. Collins R (2016) Blockchain: A New Architecture for Digital Content, EContent. http://www.econtentmag.com/Articles/Editorial/Commentary/Blockchain-A-New-Architecture-for-Digital-Content-114161.htm. Accessed 20 April 2020

  3. Hernon P (1994) Information lifecycle: its place in the management of US government information resources. Gov Inf Q 11(2):143–170. https://doi.org/10.1016/0740-624X(94)90002-7

    Article  Google Scholar 

  4. Kreutz D, Malichevskyy O, Feitosa E, Cunha H, da Rosa RR, de Macedo DDJ (2016) A cyber-resilient architecture for critical security services. J Netw Comput Appl 63:173–189. https://doi.org/10.1016/j.jnca.2015.09.014

    Article  Google Scholar 

  5. Wallauer J, von Wangenheim A, Andrade R, de Macedo DDJ (2008). A telemedicine network using secure techniques and intelligent user access control. 21st IEEE international symposium on computer-based medical systems, pp. 105-107. https://doi.org/10.1109/CBMS.2008.124

  6. de Macedo DDJ, von Wangenheim A, Dantas MA (2015) A data storage approach for large-scale distributed medical systems. Ninth international conference on complex, intelligent, and software intensive systems. Pp. 486-490. https://doi.org/10.1109/CISIS.2015.88

  7. Gomes EH, Dantas MA, de Macedo DDJ, Rolt CRD, Dias J, Foschini L (2018) An infrastructure model for smart cities based on big data. International Journal of Grid and Utility Computing 9(4):322–332. https://doi.org/10.1504/IJGUC.2018.095435

  8. de Souza IA, Andrade R, von Wangenheim A, and Macedo DDJ (2014). Designing an information retrieval system for the STT/SC. 16th international conference on e-health networking, applications and services (Healthcom), pp. 500–505. https://doi.org/10.1109/HealthCom.2014.7001893

  9. Sant’Ana RCG (2016) Data life cycle: A perspective from the Information Science. Informação & Informação 21(2):116–142. https://doi.org/10.5433/1981-8920.2016v21n2p116

    Article  Google Scholar 

  10. Freund GP, Fagundes PB, Macedo DDJ (2020) identification of the relationships between the stages of the data lifecycle andthe principles of the Brazilian general data protection act. Lecture notes of the Institute for Computer Sciences, social informatics and telecommunications engineering. (Ed.): DIONE 2020, LNICST 319, pp. 1–10, 2020. https://doi.org/10.1007/978-3-030-50072-6_7 (in press)

  11. Voigt P, Von dem Bussche A (2017) The EU general data protection regulation (GDPR): a practical guide, 1st edn. Springer International Publishing, Cham

    Book  Google Scholar 

  12. Hoofnagle CJ, Van der Sloot B, Borgesius FZ (2019) The European Union general data protection regulation: what it is and what it means. Information & Communications Technology Law 28(1):65–98. https://doi.org/10.1080/13600834.2019.1573501

    Article  Google Scholar 

  13. Mercer S (2020) The limitations of European data protection as a model for global privacy regulation. AJIL Unbound 114:20–25. https://doi.org/10.1017/aju.2019.83

    Article  Google Scholar 

  14. Ruparelia NB (2010) Software development lifecycle models. SIGSOFT Softw. Eng Notes 35(3):8–13. https://doi.org/10.1145/1764810.1764814

    Article  Google Scholar 

  15. Nayak A, Dutta K (2017) Blockchain: the perfect data protection tool. International conference on intelligent computing and control (I2C2) pp. 1-3. https://doi.org/10.1109/I2C2.2017.8321932

  16. Macrinici D, Cartofeanu C, Gao S (2018) Smart contract applications within Blockchain technology: a systematic mapping study. Telematics Inform 35(8):2337–2354. https://doi.org/10.1016/j.tele.2018.10.004

    Article  Google Scholar 

  17. Lacity M (2018) Addressing key challenges to making Enterprise Blockchain applications a reality. MIS Q Exec 17(3):201–222 https://aisel.aisnet.org/misqe/vol17/iss3/3/.

    Google Scholar 

  18. Gupta V. A brief history of Blockchain. Harv Bus Rev https://hbr.org/2017/02/a-brief-history-of-blockchain. Accessed 20 April 2020

  19. Bernabe JB, Canovas JL, Hernandez-Ramos JL, Moreno RT, Skarmeta A (2019) Privacy-preserving solutions for Blockchain: review and challenges. IEEE Access 7:164908–164940. https://doi.org/10.1109/ACCESS.2019.2950872

    Article  Google Scholar 

  20. Suzuki S, Murai J (2017) Blockchain as an audit-able Communication Channel. Conference: 2017 IEEE 41st annual computer software and applications conference (COMPSAC), pp. 516-522. https://doi.org/10.1109/COMPSAC.2017.72

  21. Christidis K, Devetsikiotis M (2016) Blockchains and smart contracts for the internet of things. IEEE Access 4:2292–2303. https://doi.org/10.1109/ACCESS.2016.2566339

    Article  Google Scholar 

  22. Zheng Z, Xie S, Daí H, Chen X, Wang H (2017) An overview of Blockchain technology: architecture, consensus and future trends. 2017 IEEE international congress on big data, (BigData congress), pp. 557–564 https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8029379. Accessed 16 April 2020

  23. Bayle A, Koscina M, Manset D, Perez-Kempner O (2018) When Blockchain meets the right to be forgotten: technology versus law in the healthcare industry. 2018 IEEE/WIC/ACM International Conference on Web Intelligence (WI) pp 788–792 https://doi.org/10.1109/WI.2018.00133

  24. Zemler F, Westner M (2019) Blockchain and GDPR: Application Scenarios and Compliance Requirements. Portland International Conference on Management of Engineering and Technology (PICMET), pp. 1–8. https://doi.org/10.23919/PICMET.2019.8893923

  25. Rieger A, Guggenmos F, Locki J, Fridgen G, Urbach N (2019) Building a blockchain application that complies with the eu general data protection regulation. MIS Quarterly Executive 18(4):263–279. https://doi.org/10.17705/2msqe.00020

    Article  Google Scholar 

  26. Millard C (2018) Blockchain and law: incompatible codes? Computer Law & Security Review 34(4):843–846. https://doi.org/10.1016/j.clsr.2018.06.006

    Article  MathSciNet  Google Scholar 

  27. Moerel L (2018) Blockchain & data protection…and why they are not on a collision course. European review of private law 26(6): 825-851. http://www.kluwerlawonline.com/abstract.php?area=Journals&id=ERPL2018057

  28. Powell RR, Connaway LS (2004) Basic research methods for librarians (4th ed.) Westport, CT: libraries unlimited

Download references

Acknowledgements

This research was partially supported by Coordenação de Aperfeiçoamento de Pessoal de Nivel Superior (CAPES) and the Santa Catarina Research Foundation (FAPESC) by grant Public Note FAPESC N° 03/2017.

Author information

Authors and Affiliations

  1. Department of Information Science (CIN), Federal University of Santa Catarina (UFSC), Florianópolis, Santa Catarina, Brazil

    Gislaine Parra Freund, Priscila Basto Fagundes & Douglas Dyllon Jeronimo de Macedo

Authors
  1. Gislaine Parra Freund
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Priscila Basto Fagundes
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Douglas Dyllon Jeronimo de Macedo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Gislaine Parra Freund.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Freund, G.P., Fagundes, P.B. & de Macedo, D.D.J. An Analysis of Blockchain and GDPR under the Data Lifecycle Perspective. Mobile Netw Appl 26, 266–276 (2021). https://doi.org/10.1007/s11036-020-01646-9

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11036-020-01646-9

Keywords

Search

Navigation