InfoSec Seminar: When technology and policy conflict: Distributed Ledgers and the GDPR right to be forgotten

Speaker: Dr. Sarah Meiklejohn and Mathilde McBride

Date/Time: 19-Jul-2018, 16:00 UTC

Venue: Robert 4.21



A distributed ledger tends to be designed to make information public and unchangeable (at least, not without infeasibly large computational costs). The General Data Protection Regulation (GDPR) that came in to force on May 25 gives EU citizens a right to be forgotten; that is, personal information about them must be erased after a reasonable request is made.
These two policies (one technical, one governmental) are in obvious conflict. This discussion will introduce the conflict here as a case study in how technology and public policy can conflict, the details of how we might resolve this case, and also enable a discussion on the meta-issue of how we might want such disputes to be mediated.


Dr. Meiklejohn is a Reader (Associate Professor) in Cryptography and Security at UCL, in the Computer Science department. She is affiliated with the Information Security Group, and is also a member of the Open Music Initiative and the Initiative for Cryptocurrencies and Contracts (IC3). For more, see Mathilde McBride is a postgraduate student at UCL department of Science Technology Engineering and Public Policy (STEaPP). She is specialising in bridging policy-making and legal mechanisms in cybersecurity particularly in respect to the GDPR and privacy. Mathilde has previously worked in technology policy at the UN/ITU in Geneva.

Add to Calendar

This page was last modified on 27 Mar 2014.