Blockchain-based networks are no more secure than other networks when it comes to privacy. You still need to protect the cryptographic keys and the solutions for that are the same, too. At present, they may actually be less secure because due to the young age of the industry many blockchain companies are not as concerned with user security as they should be. As for GDPR applicability for blockchain networks, it is an extremely complex issue. Blockchains aren’t meant to store PII (personally identifiable information), which is subject to GDPR, by default, but some businesses still do. As the market and technologies become more educated about blockchain, they will create a tangible separation from the data on the blockchain and personal data. Moreover, the rise of DID (Distributed ID) technologies and companies will seem make this issue obsolete. Distributed ID allows each person on the blockchain to control the amount of private data each blockchain network receives and no network receives all of the data. The PII is not fully stored anywhere and is stored in a variety of virtual locations, which makes it extremely hard to steal. This sort of technology will support initiatives and regulation such as GDPR. However, the regulators need to be aware of these solutions and technolgies and offer concrete measures that blockchain companies should take in order to protect the data of the users who are registered on these networks. At the moment blockchain falls under a grey area as far as the regulators are concerned; blockchain networks will definitely not be exempt from the regulation, but they need to receive some concrete directives on how to comply.