Skip to content
Blockchain

Why does putting personal data on a blockchain make deletion legally impossible?

81

Opportunité

GDPR Article 17 gives people the right to have their personal data erased, but public and permissioned blockchains are append-only by design, so any personal data written on-chain stays there permanently. The two workarounds in use today are storing only a hash and deleting the encryption key, or keeping data off-chain with only a pointer on-chain. Neither is legally settled: regulators have not confirmed that key deletion satisfies the right to erasure, and off-chain pointers can break silently when the backing store changes. The European Data Protection Board issued Guidelines 02/2025 explicitly flagging this conflict between blockchain immutability and GDPR storage limitation principles but stopped short of providing a technical resolution. Every tokenized asset, on-chain identity, and DeFi protocol that touches regulated personal data now carries this unresolved liability.

Pourquoi c'est important

A legally accepted primitive for selective on-chain erasure is what lets regulated financial data, medical records, and identity credentials live on ledgers without creating permanent compliance exposure.

Comment j'évalue l'opportunité

Le Score d'Opportunité est mon évaluation personnelle, pas une mesure : l'intensité de la douleur, sa fréquence et le peu de solutions qui existent aujourd'hui. Plus il est élevé, plus je pense que le problème vaut la peine d'être résolu.

Gravité8/10

L'intensité de la douleur qu'il provoque lorsqu'il se manifeste.

Fréquence7/10

La fréquence à laquelle les gens y sont réellement confrontés.

Espace libre8/10

Le peu de bons outils qui existent pour y remédier aujourd'hui.

D'autres problèmes qui méritent d'être résolus