Disclaimer: This article is for informational purposes only and does not constitute financial advice. BitPinas has no commercial relationship with any mentioned entity unless otherwise stated.
đŹ Get the biggest crypto stories in the Philippines and Southeast Asia every week â subscribe to the BitPinas Newsletter.
In an era where digital infrastructure underpins everythingâfrom identity and finance to government systemsâdata privacy is no longer just a legal checkbox; itâs a core design principle. The Data Privacy Act of 2012 (Republic Act No. 10173) laid the groundwork for protecting the rights of individuals in the digital age. But as we embrace blockchain for transparency and decentralization, how can we reconcile the immutable nature of ledgers with the need to uphold privacy rights?
Through privacy-preserving technologies and mindful architecture, the two can not only coexistâbut complement each other.
Paul Soliman is the Founder and CEO/CTO of Hacktiv Colab Inc. and Chairman and Group CEO of BayaniChain, where he leads initiatives in blockchain, enterprise tech, and digital nation-building. He also serves as CTO of Blockfy, driving innovation in decentralized finance solutions in the Philippines.
âď¸ Understanding the Law: A Quick Look at the Data Privacy Act of 2012
The law grants individuals full control over their personal data through rights such as:
- Right to be informed about data collection and its use
- Right to access their personal data
- Right to object to processing
- Right to rectify inaccuracies or request deletion
- Right to data portability
- Right to file complaints with the regulatory body
- Right to damages for unlawful processing
These rights are enshrined in Sections 16 to 21 of the Act and serve as a baseline for digital trust.
âď¸ The Blockchain Dilemma: Transparency vs. Privacy
Blockchains are inherently transparent and immutableâfeatures that directly conflict with some of the rights outlined in the Data Privacy Act, like the right to erasure and correction. But in systems designed for public accountability, this transparency is vital.
The challenge, therefore, is not whether to use blockchain, but how to use it responsibly.
đ Privacy-Preserving Blockchain: Bridging the Gap
Modern blockchain design patterns allow us to embed data privacy principles at the protocol level. Hereâs how each Data Privacy Act right maps to privacy-preserving blockchain features:
| DPA Right | Blockchain Strategy |
| Be Informed | Show user-friendly consent interfaces powered by smart contracts and logs. |
| Access Data | Use secure APIs or wallets to let users view off-chain data anchored by on-chain hashes. |
| Object to Processing | Build opt-out switches controlled by the userâs private keys or identity. |
| Rectify/Erase | Apply âeffective deletionâ via encryption key removal or off-chain mutable pointers. |
| Portability | Implement self-sovereign identity and interoperable data formats (e.g., JSON + encryption). |
| File Complaints | Maintain immutable, timestamped audit logs on-chain, and expose them through regulator dashboards. |
đ§ A Sample Architecture: Privacy-Aware Blockchain Layers
A well-designed privacy-preserving blockchain could include:
- Immutable Anchoring Layer: Stores hashes of transactions and user actions for audit
- Data Classifier Module: Filters what should be public or private, based on legitimate purpose and proportionality
- Encrypted Data Layer: Enables computation over sensitive data using encryption techniques
- Secure Retrieval Layer: Allows fast, private access to records while maintaining strong access control
Through this layered approach, privacy becomes programmable.
đ Building Privacy-First Systems for Public Use
For blockchain platforms that interact with sensitive or government-regulated data, here are core recommendations to align with the Data Privacy Act:
- Anchor only hashes or proofs on-chainânever raw data
- Implement key-based deletion to simulate the âright to be forgottenâ
- Build a Privacy Dashboard so users can access, correct, or revoke consent
- Appoint a Data Protection Officer (DPO) or delegate this function internally for compliance
- Log all access events immutably for regulatory auditability
đ Transparency and Privacy Are Not Opposites
Transparency builds trust in systems. Privacy builds trust in people. Both are essential pillars of digital governance.
The narrative that blockchain and data privacy are in conflict is outdated. With modern cryptographyâzero-knowledge proofs, homomorphic encryption, selective disclosureâwe can build systems that honor the individual while protecting the collective.
This is how we move forwardânot by choosing one over the other, but by designing both into the core of our systems.
This Op-Ed is published on BitPinas: Privacy by Design: How the Data Privacy Act of 2012 Aligns with Blockchain
What else is happening in Crypto Philippines and beyond?
