A GDPR-by-Design Blockchain Architecture for Spontaneous and Ephemeral Social Networks
摘要
Online Social Networks (OSNs) have become an integral part of daily communication but continue to face critical challenges related to privacy, trust, and compliance with regulatory frameworks such as the General Data Protection Regulation (GDPR). In this work, we introduce and formalize Spontaneous and Ephemeral Social Networks (SESNs), a novel class of event-driven and short-lived networks designed to support real-time content exchange in geographically localized contexts such as conferences or sports events. SESNs leverage distributed peer-to-peer communication and mobile ad hoc networking, reducing reliance on centralized infrastructures while enabling opportunistic interaction among participants. A key challenge in SESNs lies in ensuring trust and data protection in the absence of centralized authorities. To address this, we propose a blockchain-enabled SESN architecture built on BigchainDB, which combines the scalability of distributed databases with the immutability and decentralization of blockchain. Our approach integrates distributed certificate authorities, encryption, and crypto-shredding to guarantee confidentiality, integrity, authentication, and GDPR-aligned data management. This paper makes several contributions: (i) a critical review and classification of existing centralized, decentralized, and hybrid OSNs; (ii) the design of a GDPR-compliant SESN architecture with a refined transaction model and node-level design; (iii) a comprehensive security analysis, including GDPR compliance, threat modeling, and attack resistance; and (iv) an extended performance evaluation covering latency, throughput, and resource utilization. Experimental results show that the system maintains real-time responsiveness (