API3 announced today that its signature product Airnode has become GDPR (General Data Protection Regulations) compliant, the first oracle solution to receive such certification for data privacy protection in the European Union. The compliance certification was completed by GDPR compliance specialist service Tacita, which accredits companies who adhere strictly to the highest standards of EU regulatory requirements for data minimization, data integrity, and data confidentiality. This establishes Airnode as the first GDPR compliant solution for synthesizing blockchain-based applications with APIs, removing another barrier to enterprise adoption.
Even as the adoption of distributed ledger technology (DLT) continues its rapid acceleration through trends like DeFi and NFTs, for companies, regulatory compliance remains an obstacle preventing them from fully embracing the new technology. In order to fulfill the standards of both enterprise users and international data regulators, the central characteristics of DLT — immutability, transparency and global access — have to harmonize with data minimization and confidentiality, two of the key principles of the GDPR which governs the use of digital data in the EU. Airnode solves this dilemma by providing an oracle solution that does not expose data to any third parties or host its own database- thus enabling middleman-free, GDPR compliant and API-enabled enterprise blockchain applications.
“API3 Foundation is pushing the boundary of enterprise blockchain adoption by building enterprise-focused solutions that provide maximum security for real-world data through the use of first-party oracles. We are extremely proud of this certification which establishes Airnode as the go-to oracle solution when creating API-connected, GDPR-compliant enterprise blockchain applications,” said Heikki Vanttinen, Co-Founder of API3 DAO.
“In March 2021, Tacita performed a code review of API3’s Airnode product and confirmed that when operated as intended (i.e., by the API operator), Airnode does not store any personal data, store or cache any data, or expose any data to any third parties outside of the API operator,” said Andy Main, CEO of Tacita.
As a result of Tacita’s audit and certification of Airnode, enterprises across the European Union can now safely and securely develop GDPR-compliant blockchain applications and develop novel enterprise use cases for DLT. This milestone will open up the blockchain sector to organizations and businesses who now can collaborate more deeply with other enterprises, and explore a greater variety and volume of API-delivered data in connection with their blockchain-based applications. API3’s historic certification will allow for companies to explore novel, data-rich DLT use cases, ensuring that this technology is able to meet this moment for its ascendancy.
API3 is building decentrally governed and quantifiably secure data feeds that power Web 3.0 applications without employing third-party intermediaries. API3’s dAPI’s are fully decentralized and blockchain-native APIs with quantifiable security. API3’s dAPI’s — which will be set up, managed, and monetized at scale by the API3 DAO — will be the next evolutionary step to meet the inevitably strict decentralization requirements of Web 3.0.
Tacita is GDPR compliance specialist company, who performs GDPR audits of company-wide management structures, data processes, services and applications. Tacita’s approach to data privacy risk management has assisted companies from start-ups to large multinationals, achieving GDPR compliance peace of mind.