Lexicon > Blockchain

IT Lexicon 


Blockchain can be defined as a decentralized registry that has been designed to allow the transmission of values, from one person to another, securely and without intermediaries.

Blockchain is based on several fundamental characteristics.

First, it is a decentralized information registry. No authority acts as a trusted third party. Trusted third parties are replaced by algorithms.

Second, it is a distributed registry. All the actors of the blockchain have access to the register and thus to all the information and transactions that are registered in it.

Finally, it is a reliable register. The information entered is irreversible.

To date, blockchain provides 3 main functions:

  • That of decentralized data registry, traceability ;
  • The automation of the execution of contracts (smart contracts);
  • The creation and transmission of assets.

The creation of cryptocurrencies is inherent to the system. Today we know Ether and Bitcoin which are, by far, the most used.

Beyond this aspect, the blockchain has also allowed the creation of a new category of digital assets, namely, tokens.

Tokens allow you to transform an asset into value. These tokens will be traded on markets. Moreover, there are different types of blockchains, namely public, permission-based or private blockchains. The former are much more problematic in terms of the regulation of personal data due to their free access.

In addition, there is a particular type of tokens that are said to be “non-fungible”. These “non-fungible tokens” or NFTs are defined as virtual objects with the particularity of being unique and unforgeable. The blockchain is their support. These NFTs guarantee the authenticity of a work. This type of tokens raises questions about the originality of the work and the ownership of the rights.

Blockchain technology also raises many questions in relation to the ” metaverse “. This term comes from the contraction of the words “meta” and “universe” and designates a virtual reality pushed to its paroxysm and in which each user would be represented by an avatar. The interactions between blockchain, cryptocurrencies, NFTs and the ” metaverse ” are very present when it is envisaged that the latter is the cradle of transactions in this virtual world.

Blockchain technology also raises data protection and privacy issues, as sender’s identifier date as well as the data itself that is in one of the blocks of the blockchain may constitute personal data whose processing must comply with the GDPR.

Thus, with regard to the right to erasure of data in particular, the irreversible nature of the blockchain may prove problematic if the data cannot be deleted, or at least anonymized.

GDPR Point

For the purposes of this regulation, the following definitions apply: (…)

processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction 

Article 4. 2) the RGPD

The Bouchara Law firm assists you in particular in :

  • Protecting your intellectual property rights in the metaverse;
  • Making your organization GDPR compliant;
  • The drafting of data protection policies (privacy policy, computer charter …);
  • Documentation of your processing (register of processing activities, register of violations, privacy impact analysis, prior consultation…);
  • Obtaining certifications and adhering to codes of conduct;
  • The study of the legal feasibility of the implementation of a new personal data processing;
  • The drafting and transmission of your codes of conduct to the CNIL for approval;
  • Legal analysis of the compliance of your data processing, including data transfers outside the European Economic Area;
  • Drafting and negotiating your data processing agreements (DPA);
  • Drafting your Binding Corporate Rules (BCR) and Codes of Conduct;
  • Training and awareness of your employees.

We are also the external Data Protection Officer of many data processors and subcontractors.