Blockchain or distributed ledger technology, has the power (its supporters say) to transform the processes traditionally used by banks, power supply companies and logistics providers to name but a few.
In fact, the technology is potentially suitable for any business process which operates in a pre-arranged, methodical and organised basis. Transacting in real estate and securities would be other good examples. It even has its uses in intellectual property as a method of verifying the authenticity and ownership of works of art, authorship, creation and design. From a data privacy perspective there is potential for application of blockchain technology to verify an individual’s identity, without the need to process that individual’s personal data.
The reported key benefits of blockchain technology include:
- lower costs, due to the lack of a requirement for a trusted party to verify the data held on the blockchain ledgers;
- faster contracting and processing times;
- improved reliability, due to the removal of a single central point of failure;
- improved security, due to the use of encryption between each “block” of data held on each ledger forming part of the private or public “blockchain”; and
- permanence, in that transactions cannot be amended without a consensus of participants in the system.
Despite these benefits, blockchain technology is still viewed with a mixture of caution, and interest by many regulators. Particularly sectoral regulators in the areas of data privacy and financial services. For example, when used as the underlying technology for processing bitcoin payments, the non-application of existing regulations such as the Electronic Money Directive and the Payment Services Directive (which only applies to “real” money such as banknotes and even electronic money as defined by the EMD) raises real consumer and business protection concerns.
From a data privacy perspective, it is not always clear whether the distributed nature of blockchain servers/nodes across multiple jurisdictions, enables or facilitates compliance with international personal data transfer requirements under GDPR and related data privacy legislation.
From a business technology perspective, any organisation considering utilising blockchain technology as a means of working with its customers and suppliers, will have to commission the development of systems be it with a blockchain development company or by sourcing “Blockchain-as-a-Service”.
In either case consideration needs to be given to the contracts entered into with the service providers to ensure that requirements are clearly identified and linked to a business goal, liability appropriately limited, privacy issues addressed and intellectual property position in terms of ownership agreed. As you can imagine these considerations will differ depending on whether an organisation sources to develop its own blockchain solution or utilises a cloud service.
In summary, as sexy as blockchain technology sounds with its many potential applications and ability to disrupt traditional business processes, organisations wishing to transition to blockchain technology should still consider the usual run-of-the-mill, but indescribably important contract, legal and regulatory matters forming part of any well-run IT transformation project.
Please contact us if you require legal advice or would like to find out more information about our services.