9F/ BLOCKCHAIN vs. Right To Be Forgotten: 3 Solutions

From IIW

Blockchain vs. “The Right to be Forgotten”


Session Convener: Jeff Notes-taker(s): Peter Conerly

Tags / links to resources / technology discussed, related to this session:

slides exist


Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:


“The right to be forgotten” is referred to as “the right of erasure” in europe


  1. The inherent conflict between blockchains and privacy.
    1. Privacy vs. immutability
  2. Rethinking immutability
    1. “Versioning” on the blockchain
    2. Can it be like a yearbook?
    3. What about a bank statement? Bank statements have “closing statements”, and they have records of them, but they’re only showing the last ones.
  3. Devil in the details
    1. Anytime you change records, the hashes don’t match :(
  4. Can you Reshuffle the deck?
    1. 5 + 0 = 5; but how do you prove [invisible] + 0 = 5 ?
    2. Can we use Net State at t0 and t2 to make sure that the total number of tokens is the same?
    3. Don’t remove any users that don’t have a zero balance? Or you can burn them
  5. Receive request to remove user from blockchain
    1. Create new net-state TRX, and append it


“Do we have to hard fork every time we get a request to be forgotten? Because the historical hashes won’t match up. ”


“Blockchains have checkpointing, which this first solution is proposing”


Public blockchains may never be regulatable, because there’s no owner. This solution might be more relevant to private blockchains administered by a company.


Is the right to be forgotten more possible in “proof of stake” blockchains? Or at the time of a rollup– a user and their request to be forgotten would no longer exist after a rollup. [Check with Aaron that I got this right.]


You can de-anonymize people like 80% of the time with their age, work zip code, and home zip code.


Practical considerations:

  1. These solutions can work with most blockchains
  2. To implement, needs approval of the group that governs the blockchain.
  3. Covering the cost of the reshuffling will need to be solved by the blockchain governors.


“The thing is that all of these hashes rely on– there has to be an incentive to remine the entire chain. And you have to do it within a certain timeframe. So let’s say that once a month you have to recompute the last 30 days. That’s a lot of compute!”


“I’m worried that the blockchain that implements the right to be forgotten will become less secure. To me it introduces a whole lot of security holes, because the point of the chain is that you can’t change it. Your solution will be way more palpable if we secure what can go onto the blockchain in the first place.”


Aaron talking about using a merkle tree of transactions do potentially support deletion? Keep a tombstone of the deleted transaction that records the hash of what the deleted txn was Once the block is final, then don’t need historical data and just reference the rollup Maintaining the integrity constraints is difficult


There’s a PhD thesis out of Georgia Tech about redactable medical records.


https://smartech.gatech.edu/bitstream/handle/1853/31676/bauer_david_a_200912_phd.pdf;sequence=1