[en] Blockchain technology has the potential to resolve trust concerns in cross-organizational workflows and to reduce reliance on paper-based documents as trust anchors. Although these prospects are real, so is regulatory uncertainty. In particular, the reconciliation of blockchain with Europe’s General Data Protection Regulation (GDPR) is proving to be a significant challenge. We tackled this challenge with the German Federal Office for Migration and Refugees. Here, we explain how we used Action Research to guide the Federal Office in creating a GDPR-compliant blockchain solution for the German asylum procedure. Moreover, we explain the architecture of the Federal Office’s solution and present two design principles for developing GDPR- compliant blockchain solutions for cross- organizational workflow management.
Disciplines :
Sciences informatiques Gestion des systèmes d’information
Auteur, co-auteur :
Guggenmos, Florian
Lockl, Jannik
RIEGER, Alexander ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
FRIDGEN, Gilbert ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
Co-auteurs externes :
yes
Langue du document :
Anglais
Titre :
How to Develop a GDPR-Compliant Blockchain Solution for Cross-Organizational Workflow Management: Evidence from the German Asylum Procedure.
Date de publication/diffusion :
2020
Nom de la manifestation :
Hawaii International Conference on System Sciences 2020
Organisateur de la manifestation :
University of Hawaii
Lieu de la manifestation :
Maui, Hawaii, Etats-Unis
Date de la manifestation :
from 7-01-20 to 10-01-20
Manifestation à portée :
International
Titre de l'ouvrage principal :
Proceedings of the Hawaii International Conference on System Sciences 2020
Alketbi, A., Nasir, Q. and M.A. Talib, "Blockchain for government services-Use cases, security benefits and challenges", in 2018 15th Learning and Technology Conference. IEEE.
Avison, D.E., R.M. Davison, and J. Malaurent, "Information systems action research: Debunking myths and overcoming barriers", Information & Management, 55(2), 2018, pp. 177-187.
Avital, M., R. Beck, J.L. King, M. Rossi, and R. Teigland, eds., Jumping on the Blockchain Bandwagon: Lessons of the Past and Outlook to the Future, ICIS Proceedings, 2016.
Baskerville, R. and M.D. Myers, "Special issue on action research in information systems: Making IS research relevant to practice: Foreword", MIS Quarterly, 2004, pp. 329-335.
Beck, R., C. Müller-Bloch, and J.L. King, "Governance in the Blockchain Economy: A Framework and Research Agenda", Journal of the Association for Information Systems, 19(10), 2018.
Chanson, M., A. Bogner, D. Bilgeri, E. Fleisch, and F. Wortmann, "Privacy-Preserving Data Certification in the Internet of Things: Leveraging Blockchain Technology to Protect Sensor Data", Journal of the Association for Information Systems, 2019.
Christidis, K. and M. Devetsikiotis, "Blockchains and Smart Contracts for the Internet of Things", IEEE Access, 4, 2016, pp. 2292-2303.
Condos, J., W.H. Sorrell, and S.L. Donegan, Blockchain technology: Opportunities and risks, 2016.
Davison, R.M., M.G. Martinsons, and C.X.J. Ou, "The roles of theory in canonical action research", MIS Quarterly, 2012, pp. 763-786.
Dorri, A., S. Kanhere, R. Jurdak, and P. Gauravaram, "Blockchain for IoT Security and Privacy: The Case Study of a Smart Home", 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), 2017, pp. 618-623.
Evered, R.D., "An Assessment of the Scientific Merits of Action Research Gerald 1. Susman and", Administrative science quarterly, 23(4), 1978, pp. 582-603.
Fridgen, G., N. Guggenberger, T. Hoeren, W. Prinz, and N. Urbach, "Chancen und Herausforderungen von DLT (Blockchain) in Mobilität und Logistik", https://www.bmvi.de/SharedDocs/DE/Anlage/DG/blockchain-gutachten.pdf?__blob=publicationFile, 2019.
Fridgen, G., F. Guggenmos, J. Lockl, A. Rieger, and N. Urbach, "Supporting communication and cooperation in the asylum procedure with Blockchain technology- A proof of concept by the Federal Office for Migration and Refugees", 2019.
Fridgen, G., S. Radszuwill, N. Urbach, and L. Utz, "Cross-organizational workflow management using blockchain technology-towards applicability, auditability, and automation", Proceedings of the 51st Hawaii International Conference on System Sciences, 2018, pp. 3507-3516.
General Data Protection Regulation: Regulation (EU) 2016/679, 27 April 2016.
Glaser, F., "Pervasive Decentralisation of Digital Infrastructures: A Framework for Blockchain enabled System and Use Case Analysis", Proceedings of the 50th Hawaii International Conference on System Sciences, 2017, pp. 1543-1552.
Korpela, K., J. Hallikas, and T. Dahlberg, "Digital Supply Chain Transformation toward Blockchain Integration", in Proceedings of the 50th Hawaii International Conference on System Sciences, Waikoloa, Hawaii, USA. 2017.
Lacity, M.C., "Addressing key challenges to making enterprise blockchain applications a reality", MIS Quarterly Executive, 17(3), 2018, pp. 201-222.
Lewin, K., "Action research and minority problems", Journal of social issues, 2(4), 1946, pp. 34-46.
Lyons, T., L. Courcelas, and K. Timsit, "Blockchain and the GDPR", https://www.eublockchainforum.eu/sites/default/files/reports/20181016_report_gdpr.pdf.
Mansfield-Devine, S., "Beyond Bitcoin: using blockchain technology to provide assurance in the commercial world", Computer Fraud & Security, 2017(5), 2017, pp. 14-18.
Mathiassen, L., M. Chiasson, and M. Germonprez, "Style Composition in Action Research Publication", MIS Quarterly, 36(2), 2012, pp. 347-363.
Mendling, J., I. Weber, W.V.D. Aalst, J.V. Brocke, C. Cabanillas, F. Daniel, S. Debois, C. Di Ciccio, M. Dumas, S. Dustdar, A. Gal, L. García-Bañuelos, G. Governatori, R. Hull, M. La Rosa, H. Leopold, F. Leymann, J. Recker, M. Reichert, H.A. Reijers, S. Rinderle-Ma, A. Solti, M. Rosemann, S. Schulte, M.P. Singh, T. Slaats, M. Staples, B. Weber, M. Weidlich, M. Weske, X. Xu, and L. Zhu, "Blockchains for Business Process Management - Challenges and Opportunities", ACM Transactions on Management Information Systems (TMIS), 9(1), 2018, pp. 4-20.
Mettler, M., "Blockchain technology in healthcare: The revolution starts here", in 2016 IEEE 18th International Conference on e-Health Networking, Applications and Services. 2016.
Min, H., "Blockchain technology for enhancing supply chain resilience", Business Horizons, 62(1), 2019, pp. 35-45.
Nakamoto, S., "Bitcoin: A peer-to-peer electronic cash system", 2008.
Pedersen, A.B., M. Risius, and R. Beck, "A Ten-Step Decision Path to DetermineWhen to Use Blockchain Technologies", MIS Quarterly Executive, 18(2), 2019.
Peters, G.W. and E. Panayi, "Understanding modern banking ledgers through blockchain technologies: Future of transaction processing and smart contracts on the internet of money", in Banking Beyond Banks and Money. 2016. Springer.
Porru, S., A. Pinna, M. Marchesi, and R. Tonelli, "Blockchain-Oriented Software Engineering: Challenges and New Directions", in 2017 IEEE/ACM 39th International Conference on Software Engineering Companion (ICSE-C). 2017. IEEE.
Rapoport, R.N., "Three dilemmas in action research: with special reference to the Tavistock experience", Human relations, 23(6), 1970, pp. 499-513.
Recker, J., Scientific research in information systems: a beginner's guide, Springer Science & Business Media, 2012.
Sadique, K.M., R. Rahmani, and P. Johannesson, "Towards Security on Internet of Things: Applications and Challenges in Technology", Procedia Computer Science, 141, 2018, pp. 199-206.
Schweizer, A., V. Schlatt, N. Urbach, and G. Fridgen, "Unchaining Social Businesses - Blockchain as the Basic Technology of a Crowdlending Platform", in Proceedings of the 38th International Conference on Information Systems, Y.J. Kim, R. Agrawal, and J.K. Lee, Editors, Seoul; South Korea. 2017.
Yang, S.O., C. Hsu, S. Sarker, and A.S. Lee, "Enabling effective operational risk management in a financial institution: An action research study", Journal of Management Information Systems, 34(3), 2017, pp. 727-753.
Yun, H., G. Lee, and D.J. Kim, "A chronological review of empirical research on personal information privacy concerns: An analysis of contexts and research constructs", Information & Management, 56(4), 2019, pp. 570-601.
Zheng, Z., S. Xie, H.-N. Dai, and H. Wang, "Blockchain Challenges and Opportunities: A Survey", Int. J. Web and Grid Services, 2016, pp. 1-25.
Zyskind, G. and O. Nathan, "Decentralizing privacy: Using blockchain to protect personal data", 2015 IEEE Security and Privacy Workshops, 2015.
