Blockchain technology might pose challenges pertaining to jurisdictional, data protection and privacy, and competition, according to a discussion paper by fair trade watchdog CCI.

A blockchain is a virtual chain consisting of information on various blocks (transactions) grouped together in a sequential manner. It maintains a decentralised, distributed, immutable and secure record (or ledger) of the transactions.
The decentralised and distributed nature of blockchain implies that there is no central authority that has control over it, making it challenging for the competition authority to enforce an order against any anti-competitive conduct in this, as per the discussion paper.
The paper on ‘blockchain technology and competition’ noted that in the case of any legal, policy or regulatory issue, it is difficult to understand which jurisdiction’s policies and regulations might apply.

Despite this inherent strength, blockchains may not be fully compatible with the current privacy and data protection frameworks:

  •  Privacy laws have been designed on the basis that data is centrally collected, stored and processed, i.e., privacy laws assume that a singular entity is responsible for data management. Blockchains, on the other hand, are decentralised and a particular entity is not responsible for ensuring that an individual’s data stays confidential. Further, data can be understood to be of different types such as personal data, sensitive personal data, anonymised or pseudonymised data. There are different obligations on how each of these data should be stored and shared under the privacy laws.
  • Privacy laws such as the European Union’s General Data Protection Regulation (EU GDPR) enforce the “right to erasure” or the “right to be forgotten”. These rights (and corresponding obligations) include:
  • The right to have the personal data erased immediately when it is no longer needed72 . ? The right to request a controller (a third-party) to rectify inaccurate or incomplete personal information73 .
  • The right to object to data processing based on a data controller’s legitimate interests (including profiling) unless the controller can demonstrate compelling legitimate grounds that override the interests or rights and freedoms of the data subject, or for the establishment, exercise or defense of legal claims.

Policymakers and regulators are also likely to face enforcement challenges in terms of identifying liable entities and penalising them for wrongful conduct. It is because network participants in case of permission-less blockchains may be anonymous or pseudonymous, the paper said.
Further, it said that an authority in blockchains can be totally decentralised and it might be difficult to understand who is responsible for the actions of a blockchain.
Also, blockchains might not be fully compatible with the current privacy and data protection frameworks, it added.
This raises the question if a blockchain application can be viewed as a dominant enterprise. One possibility could be to consider all participants together as collectively dominant, it added.

  • However, the paper noted that collective dominance is not yet recognised in India.
    According to the paper, awareness about competition issues that may emerge in the case of blockchains may help in the development and use of blockchain applications in line with the principles of the competition law.

Localised data processing: Some countries may also require the data from the country to be stored and processed locally. For instance, India’s draft Personal Data Protection Bill, 2018, mentions that in case of critical personal data, the data should be processed within India (data localisation) only. However, a blockchain can run across multiple jurisdictions. Any resulting cross-border transfer of critical personal data could stand to violate the law.

“This may be achieved by proactively engaging the blockchain stakeholders (miners, developers, users, etc.) at an early stage while the technology is still being developed, making these stakeholders aware about the likely concerns of competition law that may arise and how competition authorities deal with them,” it added.

The 49-page discussion paper has also provided some broad-level guidance for various stakeholders in a blockchain ecosystem, including that blockchain applications should not be used to exchange competition-sensitive information among competitors.
Blockchain or smart contracts should not be designed to enable enforcement of any collusive or anti-competitive conduct of any form, the paper said.

72General Data Protection Regulation (GDPR). (2013). Art. 17 GDPR – Right to erasure (‘right to be forgotten’) [online] Available at: https://gdpr[1] 73General Data Protection regulation (GDPR) (2013). Art 16

(Image courtesy:

Leave a Reply

Your email address will not be published.