Morrison Foerster is an international law firm with lawyers practicing throughout the United States, Asia, and Europe. Click to discover more.

mofo_share_image.jpg

Morrison Foerster

common-default.jpeg

Terms / Notices

Cookies

Privacy Policy

Reporting Hotline

Attorney Advertising

Alumni

  Linkedin

MoFo LinkedIN

  Facebook

MoFo Facebook

YouTube

MoFo Youtube

Morrison Foerster - Footer

Blockchain Can Both Enhance and Undermine Compliance but Is Not Inherently at Odds with EU Privacy Laws

You have not solved the recaptcha challenge yet or session expired, try again.

Email Disclaimer

Disclaimer

Unsolicited e-mails and information sent to Morrison Foerster will not be considered confidential, may be disclosed to others pursuant to our <a href="https://www.mofo.com/about/privacy-policy.html">Privacy Policy</a>, may not receive a response, and do not create an attorney-client relationship with Morrison Foerster. If you are not already a client of Morrison Foerster, do not include any confidential information in this message. Also, please note that our attorneys do not seek to practice law in any jurisdiction in which they are not properly authorized to do so.

Feedback

mofo-logo-2022.svg

People

Capabilities

Resources

About

Culture

Offices

Careers

Stay Connected

Despite the fact that blockchain technology (BC) is not yet widely deployed, we have already seen quite some publications about the data protection issues raised by BC. Initially, these publications touted the promise of BC increasing privacy protection by,

We are Morrison Foerster — a global firm of exceptional credentials. Our clients include some of the largest financial institutions, investment banks, and Fortune 100, technology, and life sciences companies. Our lawyers are committed to achieving innovative and business-minded results for our clients, while preserving the differences that make us stronger.Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Prior results do not guarantee a similar outcome.

About Morrison Foerster

people-default-header-desktop.jpg

people-default-header-mobile.jpg

Default Meta Data

Despite the fact that blockchain technology (BC) is not yet widely deployed, we have already seen quite some publications about the data protection issues raised by BC. Initially, these publications touted the promise of BC increasing privacy protection by, e.g. facilitating decentralized identity management and allowing the sharing of data with trusted third parties only (Mainelli, 2017; Zyskind et al., 2015; Sater, 2017; Connor-Green, 2017; Tobin and Reed, 2017). In a second wave of publications, we saw a more in-depth discussion of the data protection issues raised by this new technology, generally concluding that public BC features are “on a collision course” and “profoundly incompatible at a conceptual level” with the EU General Data Protection Regulation (GDPR). Indeed, the current conception amongst industry stakeholders is that BC is not compatible with the GDPR, resulting in a call [4] for urgent revision already right after the GDPR came into force. The concerns are fed by public statements of Jan-Philipp Albrecht (the MEP responsible for coordinating the Parliament’s input for the GDPR), that BC “probably cannot be used for the processing of personal data” and the CNIL cautioning in its guidelines [5] that public BC may not be the most appropriate technology for processing of personal data and that priority should be given to other processing solutions that can achieve the same purpose. As the same results can currently always be achieved with another solution, this is a difficult standard to meet.Read the <a target="_blank" href="https://media2.mofo.com/v3/assets/blt5775cc69c999c255/blt6a9aa536f66a9906/6273ef950d4d8e1d7f110b9f/210414-blockchain-enhance-undermine-compliance.pdf">full article</a>.

Blockchain Can Both Enhance and Undermine Compliance but Is Not Inherently at Odds with EU Privacy Laws

Sign Up

<div class="videoWrapper"><iframe class="sticky-video" title="Meet Lokke Moerel, Privacy and Data Security Senior Of Counsel" src="https://www.youtube-nocookie.com/embed/uk873cH6OuE?rel=0" frameborder="0" allow="autoplay; encrypted-media" allowfullscreen="1" title="iframe"></iframe></div>Among the world’s best-known privacy and cybersecurity advisers, Lokke Moerel is regularly called upon by some of the most sophisticated multinational organizations to confront their global privacy and ethical challenges. Lokke routinely offers guidance to clients when implementing new technologies and digital business models and assists them with their global cybersecurity incident response and regulatory investigations.An authority on Artificial Intelligence (AI), Big Data, and the Internet of Things, Lokke has a proven track record helping clients shape complex AI projects that combine global data assets of multinational companies in the healthcare, financial services, technology, and recruitment sectors, with the intricate technologies of tech giants to create next generation AI solutions. An industry thought leader, Lokke presented a review of the drafted AI Regulation to a closed session of European Commission and Members of Parliament on behalf of the World Employment Federation and has spoken at SXSW on the subject of privacy and cybersecurity in the Metaverse. Lokke is MoFo’s lead counsel on Binding Corporate Rules (BCR) and has unsurpassed experience advising multinational companies in obtaining their BCR approvals throughout the EU, having authored the leading textbook on BCR published by Oxford University.Lokke is also professor of global ICT law at Tilburg University and co-academic director of the Tilburg University professional learning programs “Big Data: AI & Law” (teaching Algorithmic Accountability) and “Advanced Cyber Security and Governance.” Lokke is a member of the Dutch Cyber Security Council (the independent advisory body of the Dutch cabinet on cybersecurity), member of the Monitoring Committee of the Dutch Corporate Governance Code, and non-executive board member of several nonprofit organizations.Lokke has practiced law in the Netherlands, London, and Berlin, and is now resident in MoFo’s Brussels office. She is also a member of MoFo’s global Environmental, Social, and Governance (ESG) steering committee.

Lokke Moerel

Senior Of Counsel

Marijn Storm specializes on the intersection of law and technology, with a focus on cutting-edge technologies, such as (generative) artificial intelligence (AI) and large language models, ethical tech, and biometrics. Based in Morrison Foerster’s Brussels office, he advises global companies and organizations on a wide range of their most complex and pressing privacy and data security challenges.Marijn’s deep experience in both law and technology enables him to navigate the rapidly evolving landscape of privacy, data security, and technological innovation. Bridging the gap between legal requirements and technological advancements, Marijn advises and educates in-house legal teams on how to effectively manage and oversee technical applications such as AI and, specifically, generative AI. In addition, Marijn trains technical teams on implementing technical solutions in a privacy-by-design fashion, enabling compliance with AI and data protection laws around the world.Marijn also represents clients in class action and other litigation. For example, he has defended both digital advertising and public health clients against claims of alleged GDPR violations. In addition, he counsels clients on investigating and responding to major cybersecurity and ransomware incidents, including notification and related obligations. Marijn has also assisted a number of companies in obtaining regulatory approval for their Binding Corporate Rules, in both the EU and the UK.A recognized thought leader, Marijn regularly speaks at international data protection conferences (including IAPP) on topics such as the future of behavioral biometrics, the ethical application of AI, and developments in EU class actions. Marijn frequently publishes articles and client alerts on a variety of evolving topics, such as the EU AI Act and the NIST AI Risk Management Framework. Since 2019, he has been a guest lecturer at the Tilburg Institute for Law, Technology, and Society, where he teaches Algorithmic Accountability within the biannual course on AI & Law.Marijn is a Dutch-qualified lawyer and is fluent in Dutch and English.