How to Develop a GDPR-Compliant Blockchain Solution for Cross-Organizational Workflow Management: Evidence from the German Asylum Procedure

Blockchain technology has the potential to resolve trust concerns in cross-organizational workflows and to reduce reliance on paper-based documents as trust anchors. Although these prospects are real, so is regulatory uncertainty. In particular, the reconciliation of blockchain with Europe’s General Data Protection Regulation (GDPR) is proving to be a significant challenge. We tackled this challenge with the German Federal Office for Migration and Refugees. Here, we explain how we used Action Research to guide the Federal Office in creating a GDPR-compliant blockchain solution for the German asylum procedure. Moreover, we explain the architecture of the Federal Office’s solution and present two design principles for developing GDPRcompliant blockchain solutions for crossorganizational workflow management.

[1]  Hokey Min,et al.  Blockchain technology for enhancing supply chain resilience , 2019, Business Horizons.

[2]  Jan Recker,et al.  Scientific Research in Information Systems - A Beginner's Guide , 2012, Progress in IS.

[3]  Michael Devetsikiotis,et al.  Blockchains and Smart Contracts for the Internet of Things , 2016, IEEE Access.

[4]  Richard Baskerville,et al.  Special issue on action research in information systems: making is research relevant to practice--foreword , 2004 .

[5]  Roman Beck,et al.  A Ten-Step Decision Path to DetermineWhen to Use Blockchain Technologies , 2019, MIS Q. Executive.

[6]  Q. Nasir,et al.  Blockchain for government services — Use cases, security benefits and challenges , 2018, 2018 15th Learning and Technology Conference (L&T).

[7]  Alex Pentland,et al.  Decentralizing Privacy: Using Blockchain to Protect Personal Data , 2015, 2015 IEEE Security and Privacy Workshops.

[8]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[9]  Robert M. Davison,et al.  Information systems action research: Debunking myths and overcoming barriers , 2017, Inf. Manag..

[10]  G. Fridgen,et al.  Supporting communication and cooperation in the asylum procedure with Blockchain technology : A proof of concept by the Federal Office for Migration and Refugees , 2019 .

[11]  Gareth W. Peters,et al.  Understanding Modern Banking Ledgers Through Blockchain Technologies: Future of Transaction Processing and Smart Contracts on the Internet of Money , 2015, ArXiv.

[12]  Mary Lacity,et al.  Addressing Key Challenges to Making Enterprise Blockchain Applications a Reality , 2018, MIS Q. Executive.

[13]  Shirley Ou Yang,et al.  Enabling Effective Operational Risk Management in a Financial Institution: An Action Research Study , 2017, J. Manag. Inf. Syst..

[14]  Robert M. Davison,et al.  The Roles of Theory in Canonical Action Research , 2012, MIS Q..

[15]  Tomi Dahlberg,et al.  Digital Supply Chain Transformation toward Blockchain Integration , 2017, HICSS.

[16]  Elgar Fleisch,et al.  Privacy-Preserving Data Certification in the Internet of Things: Leveraging Blockchain Technology to Protect Sensor Data , 2019 .

[17]  R. Rapoport Three Dilemmas in Action Research , 1970 .

[18]  G. Susman,et al.  An Assessment of the Scientific Merits of Action Research. , 1978 .

[19]  Mathias Weske,et al.  Blockchains for Business Process Management - Challenges and Opportunities , 2017, ACM Trans. Manag. Inf. Syst..

[20]  Mike Chiasson,et al.  Style Composition in Action Research Publication , 2012, MIS Q..

[21]  Roman Beck,et al.  Governance in the Blockchain Economy: A Framework and Research Agenda , 2018, J. Assoc. Inf. Syst..

[22]  Praveen Gauravaram,et al.  Blockchain for IoT security and privacy: The case study of a smart home , 2017, 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops).

[23]  Matthias Mettler,et al.  Blockchain technology in healthcare: The revolution starts here , 2016, 2016 IEEE 18th International Conference on e-Health Networking, Applications and Services (Healthcom).

[24]  Nils Urbach,et al.  Unchaining Social Businesses - Blockchain as the Basic Technology of a Crowdlending Platform , 2017, ICIS.

[25]  Steve Mansfield-Devine,et al.  Beyond Bitcoin: using blockchain technology to provide assurance in the commercial world , 2017 .

[26]  Nils Urbach,et al.  Cross-Organizational Workflow Management Using Blockchain Technology - Towards Applicability, Auditability, and Automation , 2018, HICSS.

[27]  K. Lewin Action Research and Minority Problems , 1946 .

[28]  Florian Glaser,et al.  Pervasive Decentralisation of Digital Infrastructures: A Framework for Blockchain enabled System and Use Case Analysis , 2017, HICSS.

[29]  Zibin Zheng,et al.  Blockchain challenges and opportunities: a survey , 2018, Int. J. Web Grid Serv..

[30]  Andrea Pinna,et al.  Blockchain-Oriented Software Engineering: Challenges and New Directions , 2017, 2017 IEEE/ACM 39th International Conference on Software Engineering Companion (ICSE-C).

[31]  Haejung Yun,et al.  A chronological review of empirical research on personal information privacy concerns: An analysis of contexts and research constructs , 2019, Inf. Manag..

[32]  Rahim Rahmani,et al.  Towards Security on Internet of Things: Applications and Challenges in Technology , 2018, EUSPN/ICTH.