Privacy Audit or the project compliance discloser?

[anthonyhuanggr]

Hi All:

As we know that most of DeFi projects facing Regulatory Risk due to fewer guidelines to follow from the government.

But another part of the regulatory risk is from the Privacy law, not just from finance-related regulatory, which we already have EU GDPR and CCPA (California Consumer Privacy Act) can follow up. Do the projects comply with those privacy acts? Those project should have done some Privacy Compliance audit? Or their website or GitHub should have a section or people follow up on the project compliance?

My suggestion is to consider a Privacy audit report or Regulatory compliance discloser as part of Defi score.

Or All those projects are openness and no privacy regulatory need to comply?

Please advise, Many thanks.

Anthony

[jclancy93]

Good question. I'm not a legal expert, so I may not be the best person to answer this question. Most people interact with these protocols using EOAs, which are Pseudonymous by nature. I'm not sure how this would relate to GDPR/CCPA, but it's definitely something worth thinking about. The next developments for DeFi score are around centralization risks which may tie in to some of these regulatory concerns. If we make any developments here, I will be sure to let you know

[anthonyhuanggr]

Hi Jack,

Great to get back from you. Due to the final part of Defi-score, Insurance/Regulatory Risk, not so specific due to can't be quantifiable, but we still can consider breaking this into three parts Regulatory risk:

• Financial Protection Regulatory Risk
• Privacy Protection Regulatory Risk
• Contract Law Protection Regulatory Risk

Or maybe I was wrong, we don't need this if we have some trusted zero-knowledge proof protocol can avoid those regulatory risks just by audit the code.

I am not an expert on that, but I will try to invite some related export to answer this. Many thanks.

Anthony