Why compliance and data protection are important in the Blockchain space
Elisenda Fabrega is head of legal and data protection in Bricken. She discusses data protection, decentralization for commercial enterprises and compliance within the blockchain space. She says data protection is important in the “digital world”, but it is also extremely important in the “analogue world”. She says the regulator needs to step forward and adopt a regulatory approach that applies to our life because of technological advancements that happen every time. day. The EU Intellectual Property Office has already linked two of its search services as “Design” and “TM”
Gabriel Mangalindan
Into tech, AI, startups and blockchain
Today I’m talking to Elisenda Fabrega, Head of Legal & Data Protection Officer at Bricken. We will discuss data protection, decentralization for commercial enterprises and compliance in the blockchain space.
Hi, what’s your name and what do you do?
My name is Elisenda, and I am head of legal and DPO in Bricken.
My day-to-day at Brickken includes a variety of tasks, from resolving questions and preparing documentation regarding corporate, contractual, compliance and data protection topics to managing and resolving questions and concerns related to applicable security and utility token laws or their non-existence of them.
In short, my primary function, as well as the legal department at Brickken, is to assist our colleagues from other departments with legal-related topics, as well as clients and suppliers of our company, to find creative solutions to modern legal problems.
Why is data protection important for users in the blockchain space?
From my point of view, data protection is not only very important in the blockchain environment, or as I like to call it in the “digital world”, but it is also extremely important in the “analog world”. In this sense, I consider that data protection is used in almost the same way in both worlds, since the main purpose is to avoid and prevent companies or other types of entities from using personal data of natural persons for their benefit or without taking into account the consideration of the rights of such natural persons and interests.
Despite that, I believe that the main difference between both worlds — digital and analog — and personal data protection lies in how personal data can be obtained, extracted and stored. Analyzing this topic in more depth, it is important to point out that in the “analog world” the personal data can be obtained, extracted and stored: (i) in a legal way, for example when we buy a product online, we introduce willing information on websites and providing our personal information, etc.; and (ii) in an illegal manner, when we suffer some kind of cyber attack.
However, in the ‘digital world’ our data can be obtained, extracted and stored: (i) in a lawful manner when we wish to make a transaction in the blockchain environment. Our data is converted into alphanumeric code. In this case, the difference between the “digital” and “analog” world is clear, since the digital world provides a higher level of security regarding our data that can in theory only be understood by such a person who has a public key to decrypt our message; and (ii) in an illegal manner, which may also be a cyber attack. In this case, however, the main difference between both worlds is that the blockchain environment is practically an inviolable technological space since, in order to change the information it contains, a cyber attack would have to affect almost all copies of the registry simultaneously.
Therefore, and to summarize, data protection is important from an overall perspective, as it affects all aspects of our life, regardless of whether we shop, trade, etc. in the “digital” or “analog” world. However, since blockchain has specifications that the analog world does not come with, I believe that the regulator needs to step forward and adopt a regulatory approach that applies to our life due to the technological advancements that happen every day.
Is blockchain a viable way to protect intellectual property?
Yes absolutely. I believe that since blockchain is a decentralized and distributed immutable ecosystem that contains all the actions and transactions performed on it, it consequently provides the perfect environment to protect intellectual property rights.
For example, imagine that there is a painter who wants to protect his intellectual property rights regarding one of his paintings and does not know how to do it. In this case, a viable solution would be blockchain. The painter will be able to introduce a reference regarding the painting or document that proves its authenticity and ownership in the blockchain, which will create a unique alphanumeric code.
In addition, together with this alphanumeric reference, a time stamp will be created, which will provide the perfect proof of the date and the person who introduced the first reference to that painting in the blockchain. In this sense, it is important to point out that since the blockchain is immutable, if a person tries to change the block in which the reference to the painting was entered, the chain in which the block is included will be broken, since the summary of that block will no longer be valid.
Finally, I believe that the usefulness of blockchain to protect intellectual property rights has already been proven, as important institutions involved in protecting intellectual property rights enter the blockchain environment and achieve successful results. For example, the European Union Intellectual Property Office (EUIPO) has already connected two of its search services, designated as “Design View” and “TMView”, through blockchain to provide real-time trademark and design data. Moreover, it is currently implementing a “Digital Evolution Program 2025” program, and one of the projects included in it is the creation of a Blockchain Intellectual Property Rights registry.
What are the benefits of decentralization for commercial companies?
There are so many benefits of decentralization for commercial companies. In this sense, from my perspective, the most important ones I have encountered in my daily life are:
1. Scalability: Decentralization allows companies to offer their services efficiently and appropriately worldwide. In addition, this global decentralization makes it easier for a company’s customers to become investors in the future.
2. Innovation: By being within the blockchain environment, companies have easier access to new technologies that are developed daily and to new digital processes that can generate exponential economic growth.
3. Efficiency: Decentralization allows for faster and easier decision-making in a company. For example, there is no need for all partners or shareholders to be in the same physical location, etc.
4. Processes before public entities: In the future, if public entities are part of the blockchain ecosystem, complex processes that normally require physical displacements will be easier and faster.
Therefore, I believe that decentralization can allow businesses to grow faster and more efficiently.
How does blockchain help compliance?
I believe blockchain opens up a new opportunity for companies and entities to meet their compliance obligations. It provides a quick and easy way to check sanctioned lists, blacklists, etc.
In some countries, for example, it is mandatory that the companies and/or entities that have specific functions implement and perform a Know Your Customer (KYC) procedure. This KYC procedure must be carried out by these companies and entities before entering into a commercial relationship with a potential client, where the identity, suitability, risks, etc. regarding the structure, purpose and personnel of the potential client are verified. . In this case, I think blockchain can be very useful because it is a decentralized network where data about sanctioned lists, blacklists, etc. can be stored securely.
However, it is important to note that for the companies and/or entities to use these resources, public entities and states must also be engaged in the blockchain environment because they have relevant information about the sanctioned lists, blacklists, etc. For example, if we are a company that performs a KYC and we need to check the consolidated list of the EU, do we need the EU to share this information in the blockchain, or if we need to confirm UN sanctions, we need the UN to share this information. So the main problem is that the intervention in the blockchain by public entities and states has proven difficult.
Despite that, some states have started to be interested in joining the blockchain ecosystem, as for example the Monetary Authority of Singapore (MAS), which tried to create a national KYC tool to be a shared service among banks to facilitate customer verification, a project that ultimately did not work. However, following this failure, MAS partnered with the Bank of Canada and achieved cross-border and cross-currency payments using central bank digital currencies.
I am fascinated to see how this topic develops over the next few years and whether more public entities finally decide to become part of the blockchain ecosystem.
What made you pivot from your legal career to being part of a decentralized tokenization platform?
Working in the analog world as a legal advisor has always been my dream. But in recent years, before I joined a decentralized tokenization platform, I didn’t feel challenged anymore. Instead, I was eager to learn and one of my passions has always been finding ways to apply the law to technology to solve legal problems; When the opportunity to become legal manager at Bricken was presented to me, I did not hesitate to take it.
Being a part of a decentralized tokenization platform has been one of the best decisions of my professional life because I learn new laws, business cases and market opportunities every day. Nevertheless, the most important thing is that I feel that every day is a new challenge.
What were your biggest data protection challenges in the blockchain space?
The main challenge I have faced in relation to data protection in the blockchain environment is that the main regulations I work with on a daily basis (eg Regulation 2016/679) do not adequately regulate or have any “loopholes” regarding the structure and how blockchain works.
From my perspective, the challenge is that regulation 2016/679 states that a data controller must exist, and the natural persons must be able to freely exercise the rights recognized by such a regulation against such a data controller, such as the right to be forgotten, right to limitation of processing, etc. However, these values clearly clash with the principles of permanence and immutability that govern the blockchain.
Therefore, I can repeat what I already said; the regulations must be changed so that the legal systems and the blockchain environment can find common ground. I am sure it would be very interesting to see how these issues are addressed by the regulator and the experts in this field.
Related stories
LOAD
. . . comments & more!