Privacy challenges of NFTs or Non Fungible Tokens
NFTs are digital tokens that are linked to a blockchain and used to represent and offer public proof of ownership of unique goods. They are cryptoassets that may be exchanged, but they are not the same as cryptocurrencies. Because cryptocurrencies like Bitcoin and Ethereum are fungible, one Bitcoin may be exchanged for another. NFTs, on the other hand, are non-fungible and non-interchangeable, which means that no two NFTs are alike.
Beyond digital artwork and collectibles, NFTs offer a broad range of applications, including tickets, gambling, legal documents, and tokenized bills. A smart contract that can assign ownership and control the transferability of the relevant asset is at the heart of an NFT. In many circumstances, the smart contract (which consists of a set of rights and duties vested in the holder) itself is the asset.
In contrast to “real-world” assets and transactions, which often entail payment in fiat money and may have ownership documented in a public register (e.g., for shares, real land, and some art/cultural assets) or non-public records (e.g., a retailer’s customer database), NFTs, are often purchased using bitcoin and kept on a decentralized network, where they are held in a personal but often anonymous wallet.
While numerous legal elements of non-fungible tokens (“NFTs”) have been discussed, not much has been stated regarding the privacy law implications. Because blockchain and crypto assets are not directly linked to people’s real identities, many people believe that privacy problems do not exist.
Avoiding linking transactions to any identifying information is a fundamental component of keeping crypto activities anonymous.
However, in contrast, NFTs may, by their very nature, jeopardize this purpose. NFTs are essentially unique and identifiable tokens, according to the concept. It is theoretically true that no single NFT can be replicated.
This implies that if a person links an NFT to any aspect of their online or offline identity—for example, by using an NFT as a profile image on Social media like Twitter or keeping a profile on an NFT marketplace—trivially it’s straightforward to figure out what else their wallet has done.
While it may not seem like knowing who purchased what JPEG is a big concern, crypto proponents are pushing for the use of NFTs for things like homeownership, medical information, and social networking. A single wallet—or perhaps a network of wallets if not adequately obfuscated—could operate as a big bucket of personal data that cannot be kept secret and cannot be erased from the blockchain.
Furthermore, with the onset of the Web 3.0 age, there are various ways that owning, purchasing, and disposing of NFTs might result in privacy problems, including Avatars and online identifiers, blockchain addresses, Transaction activity, and location data, etc.
Adding to this is the current non-existence of basic rights such as right to deletion of the data on present NFT marketplaces where only option is to burn the tokens including spam in the wallet which further adds to the costs.
Thus, in the present form, and with growing usage of NFTs it seems obvious that there is a growing heat between NFTs and/or similar assets and transactions and applicable Privacy frameworks and legislations like GDPR, CCPA, etc with no visibile solution.