Adan thanks the European Data Protection Board (EDPB) for the opportunity to contribute to the consultation on the Guidelines regarding the application of the GDPR to blockchain technologies. This initiative is crucial to ensure that the European framework balances data protection with the Union’s digital ambitions.

However, the Guidelines adopt contentious legal interpretations that jeopardize decentralized innovation and Europe’s competitiveness. By overqualifying technical actors as controllers, imposing a right to erasure incompatible with blockchain immutability, and overlooking community governance structures, they risk marginalizing the EU in the Web3 ecosystem.

The Association thus calls for adjustments: exemptions for nodes and miners exercising no effective control, a contextual analysis of data identifiability, and recognition of solutions such as zero-knowledge proofs (ZKPs). These proposals aim to uphold technological neutrality (Article 55 TFEU) and support European leadership in the face of competing jurisdictions.

Summary of key issues identified:

  • Misclassification of nodes as controllers despite their technical role (Article 4(7) GDPR).
  • Requirement for full blockchain erasure to comply with the right to erasure, legally disproportionate (Article 17).
  • Systematic assimilation of pseudonymous data to personal data without contextual analysis (Article 4(1)).
  • Overlooking decentralized governance in the assignment of responsibilities.
  • Ambiguity in rules on international data transfers, making compliance impractical for global blockchains (Chapter V).
  • Lack of guidelines for DPIAs tailored to modular blockchain architectures.
  • Deviation from the principle of technological neutrality, implicitly favoring private blockchains (Article 55 TFEU).

Adan is committed to collaborating with the EDPB to develop clear Guidelines that serve Europe’s digital sovereignty.