The European Data Protection Board (EDPB) has finalized new guidelines clarifying how the General Data Protection Regulation (GDPR) applies to blockchain technologiesThe European Data Protection Board (EDPB) has finalized new guidelines clarifying how the General Data Protection Regulation (GDPR) applies to blockchain technologies

EU Tightens GDPR Rules for Blockchain Data Compliance

2026/07/10 13:28
Okuma süresi: 4 dk
Bu içerikle ilgili geri bildirim veya endişeleriniz için lütfen crypto.news@mexc.com üzerinden bizimle iletişime geçin.

The European Data Protection Board (EDPB) has finalized new guidelines clarifying how the General Data Protection Regulation (GDPR) applies to blockchain technologies, providing long-awaited regulatory direction for organizations processing the personal data of European Union residents. The guidance, adopted on July 8, 2026, was released alongside updated anonymization standards that collectively redefine how blockchain operators are expected to comply with EU privacy rules.

The EDPB confirmed that blockchain operators cannot avoid GDPR obligations simply because blockchain records are immutable or because personal data has been encrypted or hashed on-chain. According to the regulator, organizations remain responsible for protecting data subject rights regardless of the technical architecture they choose.

The guidelines address three principal blockchain models: public permissionless networks, private permissioned blockchains, and consortium chains. The EDPB stated that private and consortium blockchains are generally better suited for GDPR compliance because they allow clearly identifiable organizations to act as data controllers and processors. In contrast, the regulator noted that assigning these responsibilities on public permissionless networks remains extremely difficult due to the decentralized nature of their participants.

The board also emphasized that the GDPR’s right to erasure continues to apply even when blockchain technology makes deleting records technically challenging. According to the guidance, technical limitations do not exempt organizations from compliance obligations. The EDPB advised companies to determine whether blockchain technology is necessary before deploying it and, where possible, avoid storing personal data directly on-chain.

Another major aspect of the guidance concerns encryption and hashing. The EDPB stated that encrypted or hashed personal data generally remains subject to GDPR because it can potentially be linked back to an identifiable individual through wallet addresses, external databases, decryption keys, or future advances in cryptographic analysis. The accompanying anonymization guidance establishes that data can only be considered anonymous if it cannot be isolated, linked, or used to infer an individual’s identity.

The regulator also acknowledged the long-term risks associated with encryption, noting that technological advances, including quantum computing, could eventually make currently encrypted blockchain records readable. As a result, organizations are expected to consider future re-identification risks when designing blockchain systems that permanently retain information.

The guidance recommends that organizations keep personal data off-chain whenever possible, using blockchain primarily to store cryptographic references while maintaining deletable personal information in conventional databases. According to the EDPB, this architecture offers the most practical method of satisfying GDPR erasure requirements while preserving blockchain functionality.

Where storing personal data on-chain cannot be avoided, the regulator outlined limited alternatives. These include encrypting blockchain data with securely managed off-chain encryption keys that can later be destroyed when an erasure request is received, or using hashed data secured with confidential off-chain salts that may also be destroyed. The board indicated that while these methods may serve as practical substitutes for deletion, they do not convert personal data into anonymous information.

The guidelines further highlight challenges associated with international data transfers on public blockchains. Because transactions are automatically replicated across nodes located in multiple countries, organizations may unintentionally transfer personal data outside the European Union without the safeguards required under GDPR. The EDPB warned that satisfying international transfer requirements on permissionless blockchain networks could prove particularly difficult due to the inability to identify or contract with anonymous node operators.

The regulator also addressed smart contracts, explaining that automated blockchain-based decision-making may trigger GDPR Article 22 when decisions produce legal or similarly significant effects for individuals. Organizations deploying smart contracts for financial services, identity verification, lending, insurance, or access management may therefore need to provide transparency regarding automated processing while ensuring affected individuals have opportunities to request human review.

The guidance affects a broad range of sectors using blockchain technology, including financial institutions, healthcare providers, supply chain platforms, digital asset custodians, NFT marketplaces, and tokenized asset providers. Existing blockchain deployments containing personal data may require technical modifications, architectural redesigns, or migration toward off-chain storage to improve compliance.

The EDPB stressed that the guidance does not introduce new legal obligations but instead clarifies GDPR requirements that have applied since 2018, meaning organizations processing personal data on blockchain networks should review their existing systems without delay. While the regulator incorporated stakeholder feedback during public consultations, it declined requests to exempt public blockchains from controller obligations or to relax anonymization standards, reinforcing a stricter compliance framework for blockchain-based data processing across the European Union.

The post EU Tightens GDPR Rules for Blockchain Data Compliance appeared first on CoinTrust.

World Cup Combo: Aim for 200x

World Cup Combo: Aim for 200xWorld Cup Combo: Aim for 200x

Combine up to 20 World Cup matches in one order

Sorumluluk Reddi: Bu sitede yeniden yayınlanan makaleler, halka açık platformlardan alınmıştır ve yalnızca bilgilendirme amaçlıdır. MEXC'nin görüşlerini yansıtmayabilir. Tüm hakları telif sahiplerine aittir. Herhangi bir içeriğin üçüncü taraf haklarını ihlal ettiğini düşünüyorsanız, kaldırılması için lütfen crypto.news@mexc.com ile iletişime geçin. MEXC, içeriğin doğruluğu, eksiksizliği veya güncelliği konusunda hiçbir garanti vermez ve sağlanan bilgilere dayalı olarak alınan herhangi bir eylemden sorumlu değildir. İçerik, finansal, yasal veya diğer profesyonel tavsiye niteliğinde değildir ve MEXC tarafından bir tavsiye veya onay olarak değerlendirilmemelidir.

Ayrıca Şunları da Beğenebilirsiniz

CME Group to launch Solana and XRP futures options in October

CME Group to launch Solana and XRP futures options in October

The post CME Group to launch Solana and XRP futures options in October appeared on BitcoinEthereumNews.com. CME Group is preparing to launch options on SOL and XRP futures next month, giving traders new ways to manage exposure to the two assets.  The contracts are set to go live on October 13, pending regulatory approval, and will come in both standard and micro sizes with expiries offered daily, monthly and quarterly. The new listings mark a major step for CME, which first brought bitcoin futures to market in 2017 and added ether contracts in 2021. Solana and XRP futures have quickly gained traction since their debut earlier this year. CME says more than 540,000 Solana contracts (worth about $22.3 billion), and 370,000 XRP contracts (worth $16.2 billion), have already been traded. Both products hit record trading activity and open interest in August. Market makers including Cumberland and FalconX plan to support the new contracts, arguing that institutional investors want hedging tools beyond bitcoin and ether. CME’s move also highlights the growing demand for regulated ways to access a broader set of digital assets. The launch, which still needs the green light from regulators, follows the end of XRP’s years-long legal fight with the US Securities and Exchange Commission. A federal court ruling in 2023 found that institutional sales of XRP violated securities laws, but programmatic exchange sales did not. The case officially closed in August 2025 after Ripple agreed to pay a $125 million fine, removing one of the biggest uncertainties hanging over the token. This is a developing story. This article was generated with the assistance of AI and reviewed by editor Jeffrey Albus before publication. Get the news in your inbox. Explore Blockworks newsletters: Source: https://blockworks.co/news/cme-group-solana-xrp-futures
Paylaş
BitcoinEthereumNews2025/09/17 23:55
LIST: Bayanihan initiatives amid soaring oil prices

LIST: Bayanihan initiatives amid soaring oil prices

Here is a running list of initiatives and efforts you can support to help sectors affected by the oil price hikes
Paylaş
Rappler2026/04/02 18:14
Japanese Tech Giant’s Ambitious Bitcoin Accumulation

Japanese Tech Giant’s Ambitious Bitcoin Accumulation

The post Japanese Tech Giant’s Ambitious Bitcoin Accumulation appeared on BitcoinEthereumNews.com. Tokyo-based Metaplanet has made a major move in the cryptocurrency
Paylaş
BitcoinEthereumNews2026/04/02 17:47

$5M in SPCX Positions for Free

$5M in SPCX Positions for Free$5M in SPCX Positions for Free

0 fees, 100x leverage, daily prizes, 7K+ stocks/ETFs