Congressional privacy proposals could kill scores of blockchain projects

May 26, 2023 | Luke Hogg

With public trust in large and medium-sized technology companies at an all-time low, Congress is once again considering comprehensive data privacy laws. But the rise of the blockchain and the nascent decentralized network represent that this omni-directional proposal has lagged behind. If there are no major changes, such a legal proposal is likely to obliterate the check and balance technology in Yolan.

The 118th Congress has already held several hearings on data privacy leaks, and it is important that due process needs to consider how his proposal might determine technological innovation. In order to properly balance the conflict between the power to manipulate its information and the importance of innovation, due process should abandon the one-size-fits-all proposal and then choose the time-tested way of personal privacy of unit data.

Although there are several types of comprehensive data privacy laws floating around Capitol Hill, the trend is greater than the U.S. Data Privacy Protection Act (ADPPA). The bill will strictly require enterprises to collect and process the form of customer data transmission, require them to minimize data collection, and give customers the right to choose to leave the data collection control.

ADPPA is a friendly law designed to help customers manipulate their information more. The bill also reflects the wish of many legislators to avoid splicing data privacy by establishing national industry standards for the protection of all-round personal privacy.

Unfortunately, when it comes to data privacy standards, there used to be only opening remarks. Similar omni-directional data privacy protection methods can not fully take into account cutting-edge technologies such as blockchain system, which seriously limit independent innovation. To find direct evidence of this, just take a look at the EU General data Privacy Policy Regulation (GDPR).

In addition to restraining the investment and innovation of traditional high-tech industries, GDPR is also completely compatible with distributed computing technologies that lack centralized controllers, such as cloud computing. In fact, the Office of Scientific Research of the European Parliament acknowledged this in a report in 2019. One of the larger but not harmonious between GDPR and blockchain is which physical line is subject to regulatory challenges.

In more traditional Internet companies, it is easier to know who is collecting, processing and transmitting data, because it is generally intensive. In block chain technology systems such as block chain systems, this situation is becoming more and more difficult to respond to. When hundreds of computers run open source code to verify public transactions, who or who are collecting and processing the data covered by transmission? Like GDPR, ADPAA pretends to be deaf and dumb about this and other puzzles about how decentralized networks must stick.

EU countries' response to such imbalances in the GDPR is that founders should make them legally technical, although it is virtually impossible to do so. Such complicated regulations have led to a lack of technological innovation throughout Europe. If the United States implements ADPPA according to the relevant regulations in short passages, the same situation is likely to occur here. Many blockchain projects will be relocated abroad or completely shut down, bringing great potential for economic development and innovation.

Fortunately, the United States can take another approach, while limiting the difficulty of data privacy splicing and providing coordination for the application of new technologies. The answer is to break down step-by-step data privacy proposals into detailed, industry-specific bills. For example, Congress can pass laws to establish personal privacy standards for data provided by e-commerce sites and social networks, or even upgrade existing laws and regulations, such as the Children's online Privacy Protection Act, which regulates the collection of underage data, rather than an one-size-fits-all comprehensive standard.

Historically, this has also been the approach taken by the United States to data privacy in other industries. From financial information laws to diagnosis and treatment information, decision makers have traditionally established data privacy standards tailored to a specific environment. For example, the Health Insurance portability and Accountability Act regulates the flow of diagnosis and treatment information, while the Gramm-Litch-Buvino Act focuses on maintaining customer accounting privacy. This standard has basically been a pre-emptive game and is generally more attractive than one-size-fits-all legal and political ideas.

According to the unit way of data personal privacy law, due process can be established to meet different environmental rules and adapt to the application of blockchain. If due process feels that a unit's approach is not deep enough in maintaining customer information, they should at least draw up a comprehensive data privacy law in a form that does not easily endanger independent innovation and drive the creators' offshore accounts. After all, most of the best and best senior experts have a reason to think about daily life, work and construction in the United States. It is unwise to use shortsighted laws to drive away them and his constant innovation.

Luke a policy manager at the nonprofit Lincoln Network in Washington, D.C., where he focuses on the intersection of emerging technologies and public policy.