A2 Review article, literature review, systematic review

GDPR Compliant Blockchains–A Systematic Literature Review

Open Access publication

Publication Details
Authors: Haque Akm Bahalul, Islam A.K.M. Najmul, Hyrynsalmi Sami, Naqvi Bilal, Smolander Kari
Publisher: Institute of Electrical and Electronics Engineers (IEEE): OAJ / IEEE
Publication year: 2021
Language: English
Related journal or series: IEEE Access
Volume number: 9
Start page: 50593
End page: 50606
Number of pages: 14
eISSN: 2169-3536
JUFO level of this publication: 2
Open Access: Open Access publication


Although blockchain-based digital services promise trust, accountability, and transparency, multiple paradoxes between blockchains and GDPR have been highlighted in the recent literature. Some of the recent literature also proposed possible solutions to these paradoxes. This article aims to conduct a systematic literature review on GDPR compliant blockchains and synthesize the findings. In particular, the goal was to identify 1) the GDPR articles that have been explored in prior literature; 2) the relevant research domains that have been explored, and 3) the research gaps. Our findings synthesized that the blockchains relevant GDPR articles can be categorized into six major groups, namely data deletion and modification (Article 16, 17, and 18), protection by design by default (Article 25), responsibilities of controllers and processors (Article 24, 26, and 28), consent management (Article 7), data processing principles and lawfulness (Article 5,6 and 12), and territorial scope (Article 3). We also found seven research domains where GDPR compliant blockchains have been discussed, which include IoT, financial data, healthcare, personal identity, online data, information governance, and smart city. From our analysis, we have identified a few key research gaps and present a future research direction.

Last updated on 2021-03-08 at 10:54

Share link