Treasury Today Country Profiles in association with Citi

GDPR may halt blockchain use in global supply chain

Cargo ship full of containers with trade graph overlay

The expectation that blockchain technology will transform international trade operations may have just hit a major stumbling block: GDPR.

The use of blockchain to enhance efficiency and security within the supply chain looks like it may be short-lived. Although the application of this technology could transform trade operations worldwide, US-based corporate and business law firm, Venable LLP, has raised a data protection issue that appears to have been unintentionally created by the EU’s General Data Protection Regulation (GDPR).

With technology providers keen to demonstrate how blockchain could enhance supply chain efficiency, Venable says interest has been expressed by stakeholders, including corporates and banks as well as government agencies such as customs authorities. These organisations, notes Venable, are keen to exploit the benefits of blockchain as a “foundational element for more robust trusted trader programmes and improved risk management systems”.

However, legal uncertainties around GDPR could signal an early end to progress.

Non-compatible

GDPR regulates the collection, processing, transfer and retention of every EU citizen’s personal data. It enables individuals to request the correction and deletion of this information, the EU threatening to impose huge fines on organisations failing to comply. Changing data on a distributed system of record such as blockchain becomes impractical, notes Venable.

The large volume of paperwork generated by international trade, including shipping instructions, letters of credit, master and house bills of lading, and customs documents, is ideally suited to a digital system of record and security such as blockchain. But Venable points out that these documents may also feature personal data protected by GDPR. The security benefit of blockchain is also such that it would “complicate the ability of an individual to, for example, move or delete his or her personal data”.

In terms of GDPR compliance, storing personal data in a blockchain is a major issue. If that data is moved off the blockchain, the security and efficiency benefits of blockchain are largely negated. The complexity such a move creates would also make it more difficult for the development and adoption of global standards, potentially limiting the deployment of blockchain in the supply chain.

Venable concludes that a case could be made to the EU authorities that “additional clarity and flexibility is needed to future-proof GDPR so as to allow for the use of blockchain and other new technologies that have the potential to yield immense benefits to global supply chains and enhance global economic growth”.