I hope that is not an article from Russian hackers attacking the EU and US via infowarfare propaganda. We should also consider how governments are dealing with these issues in Russia and China.

BTC>The Lightning Network (LN) and GDPR share a goal of empowering individuals to have more control over their personal data. However there are challenges in both technical aspects. For example LN reduces on chain data storage, which aligns with GDPRs data minimization principles.

When it comes to pseudonymity, versus anonymity, data controllers and processors must consider that LN transactions are linked to pseudonymous addresses rather than directly to personal identities. By implementing anonymity measures it becomes easier to uphold another core GDPR principle; the right to be forgotten.

Additionally determining the roles of data controllers and processors is complicated by the nature of LN.

Stepping back for a perspective the question arises; Should messages exchanged in LN be considered "personal data " or should they exclusively be viewed as financial data?