Control over personal data in blockchain distributed ledgers

Researchers from Slovenian research institution founded in 1975 developed an innovative blockchain-based system technology that is considered a top technological innovation. This innovative approach provides a solution to enable the blockchain sharing of data while still ensuring data protection. There are many options for storing data in a digital form. In most cases, the storing is performed within a private digital storage, a database, that allows for subsequent editing or deleting of data. Access to the storage and data management is enabled only to the entity that owns the database, or any other entity which is authorized by the storage owner or database manager to manage the data. In some cases, there is a requirement for a publicly available/accessible digital storage. When personal data is kept in a storage for which public access is not permitted, then such storage must be protected in such a way that an unauthorized access is not permitted, which, by default, public digital storages do not restrict. In such cases, the data can be protected using cryptographic methods that ensure data unreadability even though data is publicly available. The proposed technology presents the solution of the described problem in the form of a method and a device for storing data in a permanently immutable, distributed and decentralized storage, and the control of each separate inspection attempt of the data and the retrieval of data from a permanently immutable distributed and decentralized storage. In the storing process, the proposed method deals with the actual and linking data separately. The content of the linking data is the direct or indirect identifier of an owner of the actual data (e.g., personal data), and is de-identified several times, using various pseudonymization techniques supported by cryptography, before stored in such storage.The process of re-identification of pseudonymized data by means of the proposed method and device allows the owner control over each respective inspection request into his data stored in the permanently immutable, distributed, and decentralized storage. The proposed method and device allow storing data in compliance with regulations relating to the processing of personal data. The companies/public entities that can use this blockchain-based system are boundless – some relevant examples include an electoral roll database for registering whether votes have been counted or not, or a COVID-19 vaccination database accessible by border authorities for international travel. Slovenian researchers are searching for companies in all areas to sign license agreement in EU and beyond.