GDPR may well kill enterprise blockchain databases


Tech manias always end, often with a whimper, but sometimes with a hard slap in face.

The current blockchain frenzy seems to be on the verge of a rude awakening. The core issue is not whether the technology can address the   surrounding its performance, scalability, security, and flexibility. Rather, it concerns whether its fundamental architecture—that of a shared, distributed, and immutable recordkeeping system—can pass muster with regulators in the European Union (EU).

Companies everywhere are racing to comply with the EU’s  when it goes into full effect on May 25, 2018. GDPR will have a major impact on how global enterprises store, share, and use customer data. It is a legal framework for managing personally identifiable information (PII) of the residents of EU member nations. The regulation applies to any company holding such information, even those based in the US and other non-EU nations. The regulation requires that organizations that hold such data give individuals the right to request that it be deleted, corrected, and withheld from uses to which they haven’t consented.

The hard reality is that GDPR will impose significant financial penalties —fines up to €20 million or 4 percent of global revenues, whichever is higher—for failure to provide EU citizens with the rights to delete and correct their PII.

, you know that the GDPR requirements to its core architecture. A blockchain is an unchangeable historical record that’s distributed across many computers. This means that once a record is written to a blockchain, it can’t easily or feasibly be deleted or altered. refers to this as “CRAB” (create, read, append, burn), in contrast to the “CRUD”  (create, read, update, delete) architecture of the typical transactional database.