Report: The Legal and Regulatory Framework of Blockchains and Smart Contracts

History shows that disruptive tech and the law always find each other in the end. A similar process will unfold for Blockchain.

Written by Tom Lyons, Ludovic Courcelas, and Ken Timsit

What is the EU Blockchain Observatory & Forum?

Founded in 2018, the EU Blockchain Observatory & Forum was designed to provide analysis, discussion, education, and meaningful recommendations to foster blockchain innovation in the European ecosystem.

This article recaps the EU Blockchain Observatory & Forum’s most recent paper, ‘Legal and Regulatory Framework of Blockchains and Smart Contracts.”

Key Takeaways:

• If blockchain will indeed become the catalyst for innovation, jobs, and economic growth in the EU that many hope, a key element will be a predictable legal and regulatory framework for blockchains and smart contracts.
• Unfortunately, the new paradigms for platforms, applications, agreements, and assets (among other things) enabled by blockchain are not necessarily easy to reconcile with existing legal and regulatory norms.
• This paper emphasizes that it does not mean such reconciliation is impossible.
• The EU is convinced that blockchain technology can play a key role in building Europe’s Single Digital Market, and so drive important market innovations.
• A simple but potentially useful first step would be for policymakers to clearly define what blockchains and smart contracts are under the law at the European level in order to have a shared definition for EU and Member State regulators.
• Communicate legal interpretations as broadly as possible
• Choose the right regulatory approaches for the question at hand
• Harmonize the law and interpretations of it
• Help policymakers develop an understanding of the technology
• Work on high-impact use cases first, for example, regulatory questions around digital assets as well as bringing clarity to blockchain and the GDPR.
• Closely monitor developments in less mature use cases and encourage self-regulation
• Make use of blockchain as a regulatory tool

Clearly, if we are dealing with new kinds of currencies, new kinds of assets, and new kinds of organization, we are dealing with new kinds of legal questions. Not all of these questions are explicit.

Challenges:

• The very characteristics that make blockchain innovative, decentralization, pseudonymity/ anonymity, immutability, and automation are the root of the difficulty regarding legal and regulatory questions.
• In public/permissionless decentralized blockchain-based networks, it may be difficult to ascertain who the actors in the network are, where they are located, and what exactly their actions have been.
• That can make it challenging to assign responsibility or determine jurisdiction in the case of disputes.
• This, in turn, can make it difficult to perform basic legal and regulatory functions, such as ascertain liability, determine what law is applicable in a particular situation, carry out regulatory monitoring, or enforce rules.

Solutions

• There will be the evolution of legal and regulatory “tools” to assist authorities with some of the novel aspects of blockchain technology.
• The blockchain industry has been developing tools that can assist authorities (and blockchain companies) in enforcing regulatory compliance — for example, methods to “pierce the veil” of pseudonymity on blockchains and identify network participants.
• Additionally, there will be a natural evolution of the legal and regulatory framework to take account of blockchain.
• We already seea great deal of activity in this regard in the area of digital assets.
• When it comes to more general legal issues around the technology, smart contracts, and disruptive blockchain use cases, we also see a clear increase in activity by policymakers and regulators to understand the issues, to work on solutions and — importantly — to do so in conjunction with the wider community

Click here to access the full report

Blockchain technology and the law

The following are areas of tension between blockchain technology in general and prevailing legal and regulatory frameworks.

The legal value of blockchain registries

• Just because we can prove mathematically that transactions on a blockchain are valid, know who “owns” the data saved in a blockchain-based ledger and demonstrate that that data has not been tampered with, does not however mean that blockchain-based transactions or registration of ownership are by itself legally binding

Territoriality

• Most public, permissionless blockchain networks like Bitcoin, are not rooted in any specific location. That can make it difficult to assign legal responsibility
• Each network node may be subject to different legal requirements, and there is no “central administration” responsible for each distributed ledger, the nationality of which might act as an “anchor” in terms of regulation.
• This makes cross-jurisdictional harmonization important. That, in turn, requires regulators and lawmakers to collaborate across national borders to harmonize legal and regulatory regimes, while managing potential risks, including issues of monopolies and market manipulation.
• Addressing these would require significant legal and organizational changes and a mechanism for collaboration to ensure alignment.
• The nature of blockchains may render it difficult to determine in what country a damage occurs as a result of conduct on blockchains.
• In cyberspace, the determination of the place of damage may require a delict analysis approach, as evident from binding judicial precedent
• Many of these tensions arise from fundamental properties of blockchain protocols, which are built on decentralized paradigms conceptually quite different from the more centralized approaches that are currently the norm.

Enforceability

• Laws can only be effective if they can be enforced through penalties or sanctions against the lawbreakers. To do so, the law needs to be able to identify them. As we have seen, this is not always easy to do on a blockchain platform.
• The potential for pseudonymity and, in some cases, full anonymity on blockchains has given rise in some circles to the impression that they can be used to create lawless zones for the benefit of criminals.
• While the potential is there, the truth so far has been different.
• On private/corporate permissioned blockchains, all actors are identifiable, and accountability is easily determined.
• On public/permissionless blockchains, ledger entries in the ledgers are immutable, providing an audit trail and evidence of wrongdoing.
• While not always identifiable at the moment of the transaction, given enough time and effort, many parties to a transaction can be unmasked. Therefore, at this point, there is no question of total impunity for blockchain actors.
• However, it can not be denied that some privacy-focused blockchains, for example, Monero or ZCash, can provide bad actors with effective tools for true anonymity. It is important to note that in practice, anonymous transactions are currently not widely used: Bitcoin and Ethereum, the most popular platforms, do not support anonymity.
• Governments also try to discourage the use of anonymization techniques in blockchain networks by, for example, imposing AML rules, thereby policing the gateway between the worlds of cryptocurrencies and fiat money (see also next section).

Liability

• The law consists of obligations and prohibitions of specific behavior, and places a liability/ responsibility on the person who fails to comply with it.
• The primary goal for which such a responsibility is imposed is to motivate/ steer the behavior of a person towards the direction desired by the legislators. Liability regulations also have a compensatory function: their purpose is to provide the injured person with the opportunity and source to obtain compensation for damages.
• Today, the rules for attributing responsibility vary greatly depending on (i) who, (ii) to whom, (iii) what for, and (iv) on what kind of consequences/pain a person is liable. The main kinds of liability in law systems usually include criminal responsibility, administrative responsibility, contractual liability, and tort liability.

Liability of core software developers

• Core developers make attractive access points for the enforcement of laws and regulations. Considering their role in designing, developing, and maintaining blockchain platforms, they are also accessible enforcement targets for questions of liability.
• Should software developers be responsible, for example, for the fact that the code is used for illegal activities — say for creating and operating illegal exchanges? Should they be responsible for the fact that the code does not have features that could prevent illegal activities?
• Should they be responsible for creating open source code that supports anonymity?
• These issues are not, however, new with blockchain. Problems with delineation and definition of obligations imposed on various digital space actors have arisen also in the Internet space (e.g., distinguishing what is the responsibility of internet service providers, search engines, application operators, website administrators, and end-users).

Data Protection

• The European Union has long looked to protect the personal data rights of its citizens. Its most recent and far-reaching effort in this regard has been the General Data Protection Regulation (GDPR), which became generally applicable in 2018.
• While the GDPR is meant to take into account the significant developments in the online world over the past 25 years, it was written before the rise to prominence of blockchain and was therefore conceived with more traditional, centralized data-processing paradigms in mind.
• This has led to what many see as a number of tensions between blockchains and the GDPR. It is a very important issue for the blockchain industry. The EU Blockchain Observatory has addressed GDPR in a previous paper.

Smart contracts and the law

• In the blockchain context, it generally means computer code that is stored on a blockchain, and that can be accessed by one or more parties. These programs are often self-executing and make use of blockchain properties like tamper-resistance, decentralized processing, and the like.
• Clearly, if we are dealing with new kinds of currencies, new kinds of assets, and new kinds of organization, we are dealing with new kinds of legal questions. Not all of these questions are explicit.
• For this reason, the report breaks up the discussion into two parts:
  — Smart legal contracts, which are smart contracts on a blockchain that represent — or that would like to represent — a legal contract, along with the issues that it involves.
  — Smart contracts with legal implications, which are artifacts/constructs based on smart technology that clearly have legal implications.

Read ‘Legal and Regulatory Framework of Blockchains and Smart Contracts’ in full.

Disclaimer: The views expressed by the author above do not necessarily represent the views of Consensys AG. ConsenSys is a decentralized community with ConsenSys Media being a platform for members to freely express their diverse ideas and perspectives. To learn more about ConsenSys and Ethereum, please visit our website.