Private data, a built-in “GDPR compliant” solution for Hyperledger Fabric

How does this apply to GDPR?

My colleague Andries, made a clear article about the problems with GDPR and blockchain. I’ll describe the problem here in short but if you want to read the full article, please go here.

The problem

Data which has been added to the ledger, cannot be deleted. So when adding personal data, this is an issue for GDPR. One can not simply delete blocks. One solution which is used frequently is storing data off-chain like shown in the image below. But this solution is rather complex because you manually have to look up the validity of the data as well as the links to the data on the blockchain.

Private data as a solution

Private data is basically the solution above in Fabric itself without the extra work. It solves multiple issues with GDPR.

Limitation of data

You shouldn’t have access to data you’re not using

Private data solves this issue by not controlling access using policies similar to endorsement. By using this policy logic already present in fabric, we can use OR, AND,… operators to define which parties have access.

// collections_config.json
[
{
"name": "collectionFarmer-Store",
"policy": "OR('FarmerMSP.member', 'StoreMSP.member')",
"requiredPeerCount": 0,
"maxPeerCount": 3,
"blockToLive":1000000
}
]

Limitation of usage

You should only keep your data as long as you need

For collections, you can specify a blockToLive in the policy. This does exactly what it sounds like. You can define how long a collection should be kept in terms of blocks. This means, old blocks will automatically be purged and you do not have to worry about having unused data.

// collections_config.json
[
{
"name": "collectionFarmer-Store",
"policy": "OR('FarmerMSP.member', 'StoreMSP.member')",
"requiredPeerCount": 0,
"maxPeerCount": 3,
"blockToLive":1000000
}
]

Right to be forgotten

This is the same as the previous item, but items can manually be removed. Since nothing is written to the ledger, except for the hash, after this procedure, this item will not exist anywhere.

read original article here