Skip to content
Blockchain

Why does putting personal data on a blockchain make deletion legally impossible?

81

Oportunidade

GDPR Article 17 gives people the right to have their personal data erased, but public and permissioned blockchains are append-only by design, so any personal data written on-chain stays there permanently. The two workarounds in use today are storing only a hash and deleting the encryption key, or keeping data off-chain with only a pointer on-chain. Neither is legally settled: regulators have not confirmed that key deletion satisfies the right to erasure, and off-chain pointers can break silently when the backing store changes. The European Data Protection Board issued Guidelines 02/2025 explicitly flagging this conflict between blockchain immutability and GDPR storage limitation principles but stopped short of providing a technical resolution. Every tokenized asset, on-chain identity, and DeFi protocol that touches regulated personal data now carries this unresolved liability.

Por que importa

A legally accepted primitive for selective on-chain erasure is what lets regulated financial data, medical records, and identity credentials live on ledgers without creating permanent compliance exposure.

Como avalio a oportunidade

A Pontuação de Oportunidade é minha própria leitura, não uma medição: o quanto dói, com que frequência aparece e o quanto pouco existe para resolvê-lo hoje. Quanto maior, mais vale a pena construir, na minha opinião.

Gravidade8/10

O quanto de dor causa quando aparece.

Frequência7/10

Com que frequência as pessoas realmente se deparam com isso.

Lacuna8/10

O quanto pouco de boas ferramentas existe para isso hoje.

Mais problemas que merecem ser resolvidos