In recent years, data privacy security has been widely and highly valued by countries around the world. In the context of European Union’s General Data Protection Regulation (GDPR), the regulatory requirements of laws and regulations are becoming increasingly strict, bringing huge impacts and challenges to enterprises with user’s personal data such as internet services and financial technology. Up to a point, federal learning ensures data privacy by storing and processing personal data locally. However, due to malicious clients or central servers being able to launch attacks on global models or user privacy data, the security of federated learning is questioned, introducing blockchain into the federated learning framework is a feasible solution to address these data security issues. In this work, the concept of Blockchain (BC), Federated Learning (FL), GDPR and other similar data protection laws are presented, where a Blockchain-empowered Federated Learning (BC-empowered FL) framework is introduced. The challenges on complying with the GDPR are described, and the solutions or principles for improving the GDPR-compliance of BC-empowered FL systems are analyzed, sorting out the differences and connections among the GDPR-compliance methods yet laying a foundation to design legal and compliant applications for different domains and scenarios which need touch upon the user’s personal data.