A Data-Driven Analysis of Blockchain Systems' Public Online Communications on GDPR

Abstract: The version in the Kent Academic Repository may differ from the final published version. Users are advised to check http://kar.kent.ac.uk for the status of the paper. Users should always cite the published version of record.

“…Analysis of the GitHub repositories, blogs and web forums of selected public blockchain systems was done more manually because it was much harder to automate the process, and the findings were checked by at least two independent human encoders. Our analysis revealed a finding similar to what we reported in [27]: only a minority of the systems communicated about the GDPR through the channels investigated in this study. It was also observed that blockchain companies did not play an active role in blockchain-and GDPR-related discussions on Twitter.…”

“…Although it has been more than 2 years since the GDPR came into effect, there are still very limited research about how (public) blockchain developers and service providers perceive the GDPR compliance issue and how they communicate related challenges to their users for transparency purposes. The only work we are aware of is our previous research reported recently [27], in which we focused on how public blockchain developers and service providers communicated the GDPR compliance issue to their users by examining two online communication channels: 1) legal documents including privacy policies, T&C (Terms and Conditions) documents and other similar legal documents published on systems' official websites; and 2) public tweets of their official Twitter accounts. Their study revealed a systematic lack of transparent and detailed communications by public blockchain developers and service providers to their users, and discovered questionable statements about GDPR compliance in their public communications.…”

“…In this study, we extend our work in [27] by examining three other public communication channels not covered before: 1) source code repositories (Github), 2) blogs and web forums, and 3) public tweets of a much more diverse group of Twitter accounts, including not just official accounts of public blockchain systems but also any Twitter accounts that mentioned at least one of such public blockchain systems we selected to study. For the third channel, we automated the analysis of tweets by using machine learning based classification and NLP (natural language processing) based topic modeling techniques to extract GDPR-related discussions from a corpus with more than 11 million tweets.…”

Tension between GDPR and Public Blockchains: A Data-Driven Analysis of Online Discussions

“…Analysis of the GitHub repositories, blogs and web forums of selected public blockchain systems was done more manually because it was much harder to automate the process, and the findings were checked by at least two independent human encoders. Our analysis revealed a finding similar to what we reported in [27]: only a minority of the systems communicated about the GDPR through the channels investigated in this study. It was also observed that blockchain companies did not play an active role in blockchain-and GDPR-related discussions on Twitter.…”

“…Although it has been more than 2 years since the GDPR came into effect, there are still very limited research about how (public) blockchain developers and service providers perceive the GDPR compliance issue and how they communicate related challenges to their users for transparency purposes. The only work we are aware of is our previous research reported recently [27], in which we focused on how public blockchain developers and service providers communicated the GDPR compliance issue to their users by examining two online communication channels: 1) legal documents including privacy policies, T&C (Terms and Conditions) documents and other similar legal documents published on systems' official websites; and 2) public tweets of their official Twitter accounts. Their study revealed a systematic lack of transparent and detailed communications by public blockchain developers and service providers to their users, and discovered questionable statements about GDPR compliance in their public communications.…”

“…In this study, we extend our work in [27] by examining three other public communication channels not covered before: 1) source code repositories (Github), 2) blogs and web forums, and 3) public tweets of a much more diverse group of Twitter accounts, including not just official accounts of public blockchain systems but also any Twitter accounts that mentioned at least one of such public blockchain systems we selected to study. For the third channel, we automated the analysis of tweets by using machine learning based classification and NLP (natural language processing) based topic modeling techniques to extract GDPR-related discussions from a corpus with more than 11 million tweets.…”

Tension between GDPR and Public Blockchains: A Data-Driven Analysis of Online Discussions

“…Similar to what we previously mentioned, the use of blockchain technology causes compliance issues regarding the difficulty in role identification, data modification, and deletion. Saglam et al [53] proposed the use of smart contract and off-chain data storage techniques. Smart contracts can be used for consent management as mentioned in previous sections as well [39][67].…”

“…•Consensus design for deleting requested block[36]. • Integrating compliance code in blockchain design.•Introducing protection by design[38,35,36,44,53]. • Smart contract-based solution using non-PBFT (Practical Byzantine Fault Tolerance) consensus in consortium blockchain platform[39].…”

GDPR Compliant Blockchains–A Systematic Literature Review

Blockchain for Cyber-Physical Systems: Challenges and Applications