Blockchains and the GDPR pursue similar objectives where they seek to grant users greater control over their personal data. While the latter pursues this goal by imposing duties of care to centralised controllers and collectors of data, blockchains go a step beyond by trying to eliminate these stakeholders and the need to trust them. Nevertheless, the rules set out by the GDPR apply whenever personal data are at stake, and various actors of the blockchain ecosystem risk liability for controlling of processing data in violation of privacy requirements. A possible solution is to re-contextualise the concepts of data controlling and responsibility, as framed by the GDPR, in light of blockchains’ enhanced individual autonomy. In this paper, we ...