With the proliferation of NFTs and other projects related to the blockchain across the tech industry, GCs have a brave new world of privacy and regulation to take into account.

During our TechGC privacy forum, we listened to Pedro Pavon from from Meta, Thomas Chow from Chia Network, Manas Mohapatra from Trust Machines, and Maneesha Mithal from WSGR address some of the challenges and gray areas when it comes to Web3.

While Web3 is still a developing technology with widely different opinions on how privacy will be regulated in this new space, here are 3 takeaways to think about if your company is considering Web3 projects.

Current Laws Aren’t a Great Fit for Web3

Since current regulations were built for a centralized web, they don’t fit all that well within the world of Web3. Because of this, you’ll need to think about privacy deeply as you build anything on or adjacent to Web3.

Even if what you’re building doesn’t comply with the letter of the law, it’s in your best interest to still comply with the spirit of the law. You’ll still be held to some version of existing regulations if you’ve harmed consumers within the framework of Web3.

What Matters Is Your Place in the Ecosystem

Privacy issues within Web3 will be highly dependent on what blockchain you’re on.

There are four main types of blockchains, each with their own advantages and disadvantages when it comes to privacy. If you’re building a business adjacent to a public blockchain, you’ll have one set of problems. On the other hand, if you’re building a blockchain and want to run a business on top of it, you’ll have a completely different set of potential privacy issues.

You’ll need to run impact assessments for each Web3 use case and think carefully before putting consumer information on the blockchain. We don’t know what Web3 will look like in 10 years, so your actions now will likely have long-term, unforeseen effects.

Regulators Will Likely Want to Set an Example

Privacy laws are a square peg that doesn’t quite fit into the round hole of Web3. But that doesn’t mean regulators won’t want to hold someone responsible when bad things happen. When consumers are harmed, regulators will want to set an example – so how can you avoid being in their crosshairs?

As an example, if a bank is processing on the blockchain in the future and there’s a customer data breach on the blockchain, the bank will likely be held responsible. Even though they won’t technically own any of the data on the blockchain, customer data will be tied to the bank, and they’ll have to deal with regulators and potentially pay huge fines.

Regulators will likely look for the lowest hanging fruit when it comes to companies that are interacting with the blockchain. You can’t predict the future, but you can protect your company by taking extra precautions with customer data when operating in the gray area of Web3.

Want to learn from other GCs about staying ahead of global privacy changes? Apply to become a member of TechGC today. You can also read our other posts from our privacy forum about staying ahead of global regulationsbuilding a privacy program, and working with your marketing team. If you’re already a member, join us for the TechGC Going Global Forum on July 19th, 2022.

Privacy Preference Center