TY - CONF AU - Stach, Christoph AU - Gritti, Clémentine AU - Przytarski, Dennis AU - Mitschang, Bernhard A2 - Hong, Jiman A2 - Bures, Miroslav A2 - Petrlic, Ronald A2 - Sorge, Christoph T1 - Can Blockchains and Data Privacy Laws be Reconciled? A Fundamental Study of How Privacy-Aware Blockchains are Feasible T2 - Proceedings of the 37ᵗʰ ACM/SIGAPP Symposium On Applied Computing PB - ACM AD - Brno Y1 - 2022/apr SP - 1209 EP - 1218 M3 - https://doi.org/10.1145/3477314.3506986 KW - blockchains; immutable; tamper-proof; GDPR; privacy assessment N2 - Due to the advancing digitalization, the importance of data is constantly increasing. Application domains such as smart cars, smart cities, or smart healthcare rely on the permanent availability of large amounts of data to all parties involved. As a result, the value of data increases, making it a lucrative target for cyber-attacks. Particularly when human lives depend on the data, additional protection measures are therefore important for data management and provision. Blockchains, i.e., decentralized, immutable, and tamper-proof data stores, are becoming increasingly popular for this purpose. Yet, from a data protection perspective, the immutable and tamper-proof properties of blockchains pose a privacy concern. In this paper, we therefore investigate whether blockchains are in compliance with the General Data Protection Regulation (GDPR) if personal data are involved. To this end, we elaborate which articles of the GDPR are relevant in this regard and present technical solutions for those legal requirements with which blockchains are in conflict. We further identify open research questions that need to be addressed in order to achieve a privacy-by-design blockchain system. ER -