Bundesblock releases Position Paper on GDPR, Blockchain and Data Protection

Bundesblock releases Position Paper on GDPR, Blockchain and Data Protection

Today, on May 25th 2018, the General Data Protection Regulation enters into force. In time with this historic event, Bundesblock releases a Position Paper on the much needed improvements to GDPR and ways to deal with data protection on the blockchain effectively.


GDPR was created before Blockchain and is already outdated, since it doesn’t account for decentralized technologies. We make recommendations for interpretation of the current law and highlight areas that can be improved in the future.


Download the GDPR Position Paper (English)


Germany has emerged as a home to world leading blockchain companies and fostered an innovative and supportive ecosystem. However, some blockchain companies have limited their activities and expressed concerns regarding the application of the GDPR to their businesses. A leading blockchain company based in Berlin decided to abandon efforts to create a commercial product that would provide “know your customer” (KYC) and anti-money laundering (AML) services to other blockchain companies, in accordance with German KYC-AML regulations, because of their fear of the impact of the GDPR. This decision was in part because of concerns that those services might not comply with the GDPR, despite their belief that their products would improve users’ privacy. Another Berlin-based company withdrew support for a not-for-profit entity that was building a public blockchain database, citing concerns about GDPR compliance and the resulting potential exposure to liability.


In addition to the negative impact on existing German blockchain companies, the GDPR may increase the risk of liability for node or mining operators, in such a way that the balance of power on public blockchain networks shifts further away from Germany and the European Union and toward other countries, like China or Russia. This has more than an economic impact—enough control over the validating nodes could allow these countries to tamper with the integrity of the blockchains themselves, a worrying prospect as more critical applications, including governments and the financial sector, rely on these blockchains.


It’s time to act now and enable the Blockchain ecosystem to actually build the decentralized platforms that will enhance users’ data sovereignty.



Download the GDPR Position Paper (English)


Florian Glatz

Blockchain Lawyer

Gründung der Landesgruppe Hessen des Blockchain Bundesverbands


Meetup on Token Regulation in the EU, Berlin

re:publica18 at Station Berlin

Token Investment Summit, Wien


Not recently active