The European Union created the General Data Protection Regulation (GDPR) last year to help protect the data and privacy of its citizens.
The GDPR is designed to regulate the “collection, processing, and export of personal data outside the region.”
Recently Zcash published a blog post that states that its shielded addresses are GDPR compliant by default.
Zcash Presents the Case for Compliance
In a new blog post, Zcash noted that its shielded addresses are compliant with the European GDPR.
Blockchain-based offerings will be affected by the new data privacy regulations as with most applications the transaction data is public and there is a risk that identifiable information could be linked back to an individual.
Zcash is a privacy-oriented digital currency which uses a type of address called Shielded Address.
Using these addresses allows users to obscure important data related to their transactions like their wallet address or the amount they have transacted.
Zcash suggests that according to a recent TechGDPR report, it analyzed the use of Zcash in a subscription payment system.
They found that the private addresses prevent the public data from being linkable back to an individual which makes it automatically compliant with GDPR.
Consumers Demand Data Protection
“The risks associated with storing and processing personal data result in information being stolen from millions of people each year, sometimes with life-altering consequences.”
Because of these factors, customers are demanding better care and protection of their data for the sake of their security.
Breaches have led to public outcries and billions of dollars’ worth of losses.
Providing people control of their data would also empower them and decrease liability.
Zcash suggests that GDPR compliance of the project is the reason why German company Least Authority included shielded addresses in the design ‘P4’, their private period payments protocol.
Zcash goes on to write:
“Shielded addresses are GDPR compliant by default, which is an important contrast to a scenario where compliance is sought after the fact. These addresses are never at risk of leaking data in a post-compliance scenario because they neither store nor transmit identifiable information at any point in the transaction process.”
Users may consent to share their transaction data with third parties, which is permitted under GDPR.