Blockchain and data protection: developing a functional erasure framework for storage limitation

This article aims to contribute to the contemporary issue of blockchain’s compatibility with data privacy regulations. Existing literature primarily focuses on the potential legal challenges associated with using blockchain technology for processing personal data. This article focuses specifically on the storage limitation principle and shifts from merely identifying problems to proposing a more solution-oriented approach. The underlying rationale is that while the use of blockchain technology in processing personal data is in itself challenging, it is workable with appropriate legal guidance. With broad reference to EU and UK data privacy laws, this article considers the creation of a framework that seeks to balance blockchain's immutability with the storage limitation requirement, which requires that personal data be erased when no longer needed. To do so, this article takes advantage of the broad definition of erasure, which extends to rendering existing personal data unidentifiable where technical considerations make total erasure infeasible. The discussion culminates in the proposal of the functional erasure paradigm, which lays out requirements that could be contained in yet-to-be-determined guidance on the use of blockchain technology. This framework aims to contribute to the eventual regulation of blockchain technology for processing personal data.