By now, most people have heard of ‘blockchain’ but not everyone would claim to understand it, or indeed what it can be used for. This emerging technology is generating a huge amount of interest in the technology community in Silicon Valley and elsewhere. It is widely predicted to transform huge swathes of the industry over the next five to ten years and beyond. A vast number of potential applications have been identified, some of which are already starting to be exploited.
What is blockchain?
A digital database (or ledger) that is distributed across a network of computers (i.e. a decentralized peer-to-peer network) containing an increasing number of data records that are protected by powerful cryptography; and, therefore, almost entirely protected against human error, editing, tampering, removal, and revision.
Each record (or ‘block’) contains details of a transaction and is time-stamped and associated with certain data that links it to the previous ‘block’ in the chain. When a new transaction takes place, it is authenticated across the network by users known as ‘miners’ (using specialized IT equipment) before being recorded as a new ‘block’ and being made available to view by other members of the blockchain.
Some key points
Blockchain can best be described as a digital platform or database for securely storing information and recording transactions. However, there are some key points to be aware of:
Firstly, there is no single or definitive ‘blockchain’. In fact, there can be an infinite amount of blockchains and anyone with the necessary coding skills can create one.
- Blockchains can be:
‘Public ‘, for example, where used for trading shares; or
‘Private ‘, for example, a real estate company’s blockchain that stores title documents of properties.
Whether a blockchain is private or public will, as the name suggests, determine the user group that has access to the information on that blockchain.
- Blockchains can also be:
permissionless or permissioned, which allows anyone to contribute data with all participants possessing an identical copy of the ledger; or
permissioned or private, which allows only specified actors (e.g. banks, approved individuals, etc.) to submit transactions and/or validate them across the network.
This submission and validation process is achieved via a control layer built into the ledger.
Smart contracts One of the terms that almost inevitably comes up in the context of legal issues and blockchain is ‘smart contracts’. There is no universally established and accepted definition of a smart contract, but in essence, they have coded instructions that self-perform when certain criteria are met.
The relevant computer code is uploaded to a ledger, in place of more basic passive data entries. A simple example might be a smart contract-enabled insurance policy that automatically pays out to a policyholder on the occurrence of an insured event. Smart contracts often use blockchain technology to record and execute transactions.
What are the legal issues associated with blockchain?
As with any new technology, blockchain gives rise to some interesting — and in some cases entirely new — legal challenges. Businesses are well advised to be aware of those issues so that they can be addressed and managed to ensure that the technology is deployed in a compliant manner. Key points that businesses will need to consider include:
Will it be possible to capture all the elements of a ‘traditional’ contract in a set of computer-coded instructions? How will coders capture concepts and principles that require a degree of subjectivity or judgment on a case-by-case basis? How about capturing a non-exhaustive list of circumstances, such as force majeure events?
Even if that is possible, how will smart contracts cope with events that occur outside their underlying code (in the ‘real world’)? If, for example, circumstances arise that would frustrate a contract or make its performance illegal or even contrary to business common sense, is it possible to hardwire that into the code of the smart contract, so that it does not automatically perform itself in those circumstances?
It’s also crucial to note that some transactions, for example relating to the transfer of land, need to be in writing, which does not currently include computer code Data.
Any blockchain system that holds personal data will need to comply with applicable data protection laws. The distributed nature of blockchain causes concern here. Which will data protection laws apply? In reality, there may be a need to comply with the laws of numerous different territories in relation to personal data held on the blockchain in question.
What mechanisms will be put in place to ensure that any cross-border transfers of data are compliant? In Europe, this could include implementing approved Model Clauses or (for transfers involving the US) recipients signing up for the EU-US Privacy Shield, for example.
The new General Data Protection Regulation will formalize an obligation on data processors to pseudonyms data and a right for data subjects to request the erasure of their personal data (the ‘right to be forgotten’). While pseudonymization tends to go hand in hand with data stored on a blockchain, the right to be forgotten presents more of a challenge in light of the immutability of records on a blockchain.
Clearly, creating huge data repositories on a blockchain gives rise to the potential for security breaches. Blockchain operators will need to take cyber security particularly seriously to avoid potential regulatory action and — not to be underestimated — reputational damage.
Most regulators are taking a ‘wait and see’ approach to the blockchain (see our article here on a report by the European Securities and Market Authority, for example). While on one hand this approach tends not to stifle innovation and allows regulators to see the way in which the technology is used before taking any action, it does nothing to create certainty for businesses or blockchain innovators.
As with any development, it seems likely that legal issues will be resolved in line with existing laws, principles, and guidance. However, it’s no secret that laws can quickly fall out of date, so it’s almost inevitable that laws will need to be adapted, or that entirely new laws will need to be implemented, to cater to the blockchain.
As noted above, records on a blockchain are intended to be immutable. On that basis, it remains to be seen how a blockchain system will cope with changes to the law. For example, where blockchain holds personal data in a way that complies with the law at a particular date, but the law subsequently changes, how will the relevant records be amended to comply with the new rules?
Liability and responsibility
What is the legal status of an entirely blockchain-enabled organization (DAO or distributed autonomous organization), which operates through pre-programmed smart contracts, without human involvement? Does it have its own legal personality?
If no business entity has been formed to ‘host’ a DAO, would the blockchain operators and/or participants have unlimited liability (on the basis that the DAO falls within one of the existing categories of unincorporated business types, e.g. a general partnership)? In the absence of certainty about the nature of a DAO, how will ownership and control be determined? Can a contribution of crypto-currency be deemed to be an ownership stake in the same way as shares? It’s worth noting that most issuers of crypto-currencies do not attach ownership rights to their tokens.
Similarly, how will DAOs contract with third parties if they have no legal personality?
This could be solved by having the DAO ‘members’ contract in their own name or, more likely, setting up a dedicated business entity to operate the system and deal with customers and suppliers.
Who will be responsible for defects in a blockchain system/DAO? Would it be the ‘managers’ of the DAO or, perhaps, if defects arise due to the way in which the underlying code was written, it would be the coder?
These questions remain unanswered and the legal landscape will develop over time. However, we expect that the status of a DAO and questions of liability will depend on a number of factors, e.g. how the DAO code is used, the purpose for which the DAO has been established, who ‘controls’ it, and how many owners there are.
Litigation and dispute resolution
Players in a blockchain system will — by definition — be ‘distributed’ and are likely to be spread around the globe. How will the parties determine which laws apply and which forum should be used to resolve disputes? Should that be determined, for example, by reference to the location of the parties themselves, or perhaps to the location of the relevant computer servers? What happens when those laws conflict?
Will current dispute resolution mechanisms be sufficient to settle blockchain disputes?
Technology disputes are common and the English court system can cater to them, but it may take some time for judges to develop their expertise in this specialist area. There have been several suggestions of ‘decentralized’ dispute resolution mechanisms, whereby members of the blockchain community effectively vote on the issues in question. While these present challenges of their own, it is certainly a space to watch.
If the parties are in different jurisdictions, advance thought should be given to which dispute resolution mechanism is the most appropriate. For example, might an arbitral award be easier to enforce against an overseas counterparty than a court award?
Similarly, how would decisions made by the blockchain community be enforced?
How will blockchain-enabled assets, such as Bitcoin, be recovered if they are stolen?
There are a number of legal theories that may assist, e.g. claims for unjust enrichment, but none has yet been tested in the courts. When that happens, some big questions will need answering, in particular, whether such assets constitute ‘property’ capable of being ‘owned’.
Mediation and Arbitration is the best solution made available through law Blocks paid by its home token Law Blocks Token (LBT), A team of expert lawyers and Judges from the legal fraternity are at the disposal of the community to resolve their disputes through ADR (Alternate Dispute Resolution).