BDO USA LLP and IntraEdge Inc. announced today the launch of a distributed ledger blockchain solution called GDPR Edge, designed to be compliant with the imminent General Data Protection Regulation guidelines deadline in the European Union.

Intel Corp. and Microsoft Corp. joined BDO and IntraEdge as partners to provide technology to support the launch of GDPR Edge. The system will run on Intel’s Software Guard Extensions, a hardware- and software-based application platform designed to provide secure computing with Intel processors, and Microsoft will integrate its Azure cloud platform and Business Intelligence offerings for enterprise clients.

With the Friday deadline for GDPR looming in the EU, big technology companies have been implementing solutions to accommodate regulations in privacy and data security. Companies that fail to follow the new guidelines face potentially stiff penalties.

“As companies risk punitive fines up to $23 million or 4 percent of global revenue for the year, there is a very real impetus to ensure they can meet the standards of the new law, ideally without a costly overhaul of their data handling processes,” said Joe Jensen, president of Intel’s Internet of Things Group.

GDPR Edge is built for highly complex environments that need to digest a large number of data sources, customer touch points and multiple point-of-sale systems such as retail stores, websites and mobile apps. These systems are often found in the retail, hospitality and technology industries.

A blockchain, a distributed cryptographic ledger, would provide organizations a method to store and assess transactions securely across company networks. Over the years, blockchains have been sought by technology companies to allow separate organizations to privately and secure data, while also allowing third parties to audit that data without revealing proprietary information about the transactions.

Most important, the GDPR Edge platform will provide a solution that can support the rights of data users, a fundamental part of the new regulation, and will do so with a portal that allows individual subjects to review the collected personal data, modify it or request removal.

If an individual makes a request at the portal to modify that information, it kicks off an automated series of actions that record changes and then communicate confirmation of requested changes in a secure manner back to the individual.

“This centralized repository can be made available to data protection authorities, auditors and data governance professionals, as well as any other data collector or processor, meaning increased accountability, information transparency, accuracy, efficiency and auditability,” said Stephanie Giammarco, national leader of BDO’s Technology and Business Transformation Services practice.

Making a blockchain work with the privacy and security rules set forth in the GDPR may be a challenging task. Most blockchains secure a historical record of transactions in a tamper-proof format. However, encrypted and private data need not be available to everyone to allow a blockchain to be auditable and secure. It is possible to preserve historical trust while at the same time allow rights holders to control who can access their information.

Blockchain consultant Andries Van Humbeeck at TheLedger.be called this “the blockchain-GDPR paradox” in an essay he wrote on the subject. With GDPR Edge, IntraEdge’s system will have to find a balance between these needs to make compliance happen. Other blockchain technologies have also sought to attempt to resolve similar questions about how to build an indelible database while governing data control for industries such as healthcare that require strict privacy but also need the ability to share that information.

This GDPR blockchain solution follows an industrywide trend looking toward blockchains to help resolve security and trust challenges. This includes retail, healthcare, financial technology, insurance, gaming, shipping, diamonds and even food supply chains, such as for Wal-Mart Stores Inc.

“Companies are fallible, and so what blockchain does is it allows us to make a more infallible system to keep access to those records you and I care about,” Jeremy Almond, founder and chief executive officer of financial services app Paystand Inc., told SiliconANGLE in reference to the GDPR.

The blockchain ledger market is predicted to reach $60.7 billion by 2024, according to a report from Market Reports Center. Blockchain is also part of an industry where cryptographic tokens connected to the technology represented a significant amount of last year’s investments, which exceeded $5.6 billion, has already reached $6.3 billion this year.

According to IntraEdge, GDPR Edge will make use of Hyperledger Sawtooth under the hood, a collaborative open-source project hosted by The Linux Foundation, to provide its blockchain. Hyperledger is also the underlying framework for IBM Corp.’s blockchain platform, Hyperledger Fabric.

Image: Pixabay