Skip to main content

Tech Heavyweights Tap Blockchain to Operationalize GDPR Compliance

Two days before the May 25 General Data Protection Regulation (GDPR) deadline, a group of tech and professional services firms teamed up to debut a blockchain-based software solution for industries like retail that’s aimed at operationalizing compliance with the data privacy overhaul taking effect throughout the European Union (EU).

GDPR is prompting companies whose customers reside in the EU to update their approach to collecting, securing and storing individuals’ data, with stiff penalties of 20 million euro ($23 million) or 4 percent of annual global revenue for those violating the regulation. Because many firms today operate across borders, myriad companies not based in the EU have found themselves scrambling to get their data practices in order before the Friday deadline. As a result, in recent weeks you’ve likely received an onslaught of privacy terms update emails from the companies you interact with and the websites you use.

Because of the challenges associated with GDPR compliance—an IBM survey last week found that just 36 percent of companies will be compliant before May 25—professional services firm BDO, tech talent company IntraEdge, Intel and Microsoft banded together to deliver and promote GDPR Edge. It’s based on Intel’s Software Guard Extensions and Hyperledger Sawtooth distributed ledger technology—also known as blockchain—to facilitate transparent and accurate record keeping while enabling consumers to access their information at any time.

GDPR Edge was created specifically for industries like retail, hospitality and technology, highly complex sectors that feature an abundance of customer touchpoints, disparate point-of-sale systems and countless data points. By integrating GDPR into a company’s existing processes, the software is designed to reduce a company’s risk exposure while diminishing the burden of compliance.

Related Stories

“GDPR presents extensive requirements and creates significant risk, and operationalizing GDPR is a significant challenge for merchants,” Jim Halpert, co-chair of the data protection, privacy & security practice at global law firm DLA Piper, said. “I am encouraged that GDPR Edge offers a centralized operational solution to address key and difficult areas of compliance for merchants ahead of the May deadline.”

BDO’s Karen Schuler, national data & information governance practice leader, said GDPR Edge will help businesses enhance the value of their data throughout the enterprise. “As regulators across the world turn their focus to issues of data privacy, we’re thrilled to work together with Intel to help our clients adapt to the evolving regulatory environment and facilitate an unprecedented level of trust,” she said.

“The value of the GDPR Edge platform as it pertains to the changing regulatory environment and the importance of privacy within the global landscape cannot be overstated,” said Chris Dieringer, U.S. retail and CPG industry practice leader for Microsoft, which is leveraging its Azure and business intelligence offerings to recast the GDPR requirements as an “enterprise value extension” for its clients.

Companies have had two years to update their data management practices to meet the new standard, but Facebook’s high-profile scandal with Cambridge Analytica pushed GDPR into the spotlight, spurring increased interest in and action of the sweeping privacy regulation.