GDPR Compliant Consent Driven Data Protection in Online Social Networks: A Blockchain-Based Approach

The enforcement of the General Data Protection Regulation (GDPR) represents a great challenge for online social networks (OSNs). Several OSNs are making significant changes to their systems to achieve compliance with GDPR. OSNs are required to obtain meaningful consent from users to achieve GDPR compliance. GDPR recognizes user's consent as a legitimate ground for personal data processing in the context of online social networks. This article presents a comparative study about the criteria for valid consent under GDPR and existing consent seeking practices of OSNs. In order to simplify the comparative process, Facebook is taken as a case study for online social networks. In conclusion of the comparative study, we argue that existing consent mechanisms in OSNs are not GDPR compliant. To achieve GDPR compliance in online social networks, we advocate a blockchain-based approach for consent management. This paper paves the way for designing a blockchain-based GDPR compliant consent management model for personal data processing in online social networks.