The General Data Protection Regulation and the Blockchains

Liikejuridiikka 1/2018

38 Pages Posted: 3 Apr 2018 Last revised: 27 Apr 2018

See all articles by Cagla Salmensuu

Cagla Salmensuu

University of Helsinki Law Faculty

Date Written: January 1, 2018


The current legal analysis on the blockchain technology focuses on the financial regulation of the cryptocurrencies and little investigation is done in the area of privacy regulation of this technology.

This research shows that the blockchains are much more nuanced than could be served by a one-size fits all approach from regulatory perspective. The GDPR implications for the types of blockchains differ. It is possible to achieve compliance with the GDPR if the authorities adopt a nuanced approach and make reliable advance assessments on specific features are afforded by this technology. In that regard, innovators ought to be assisted by the European Data Protection Supervisor, Article 29 Working Party and local Data Protection Authorities, in particular, on the question of recognition of the data subject as her own controller by way of implementing specific, electronic identity management techniques on top of blockchains. The utility of the blockchains depend on the GDPR regulators to understand and accept that this technological architecture is best regulated by other technological tools which establish the data subject’s agency on her personal data.

Keywords: blockchains, GDPR, regulation, privacy, european, data protection, decentralized ledgers, technology, legal instrumentalism

JEL Classification: K20, O32, M15, M13, M38, M48, K33, K42, K23

Suggested Citation

Salmensuu, Cagla, The General Data Protection Regulation and the Blockchains (January 1, 2018). Liikejuridiikka 1/2018, Available at SSRN:

Cagla Salmensuu (Contact Author)

University of Helsinki Law Faculty ( email )

Porthania 5th Floor

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Abstract Views
PlumX Metrics