On October 13th-16th, Mattereum hosted the first Internet of Agreements™ (IoA) conference at the UK Government’s Digital Catapult in London. IoA™ is a vision for global supply chains and logistics, integrating national laws and regulation with international commerce through the application of technology such as blockchains and smart contracts. This is the first in a series of posts that will serve as a refresher for those who attended the conference and as a briefing for those who did not. The success of the IoA project requires engagement from experts in business, law, media, technology and government; similarly, these posts will play their part in propagating the vision of the Internet of Agreements.
Over the last day of the conference various experts discussed how the future of finance, law and trade is being reshaped by blockchains, AI and automated logistics. Smart contracts can help create financial instruments and align incentives, automate paperwork and reduce transaction costs, for example. On that day we also held a panel on dispute resolution and various topics at the intersection of law and blockchain technology. The panel comprised:
- Adam Sanitt, Head of Disputes Knowledge at Norton Rose Fulbright.
- Harriet Jones-Fenleigh, a litigation and dispute resolution lawyer based in London, specialising in cross-border commercial, banking, and finance litigation.
- Christopher Wray, Mattereum’s Chief Legal Officer, a lawyer and mediator with experience in company law, intellectual property and legal project management.
- Clive Freedman, a barrister, arbitrator and mediator specialising in commercial law; his practice covers information technology, banking and engineering, to name a few.
- Peter Susman, Q.C., a barrister and arbitrator specialising in contract litigation, especially in complex commercial and high technology areas.
Harriet and Adam gave a quick overview of smart contract dispute resolution and some scenarios that Norton Rose Fulbright has considered, and the panellists then covered various topics in dispute resolution, blockchain law, and liability for errors arising from smart contracts.
You can see the full video of the panel or read the transcript below.
Harriet: Adam and I specialise in commercial dispute resolution, and in the next 10 minutes, before we move on to a bit of a Q&A session, we wanted to start by trying to bust a couple of myths regarding smart contracts and dispute resolution, and then look at what mechanisms we might use to resolve smart contract disputes, and then finally turn to a few scenarios to illustrate how even if everything is perfectly coded, real life can intrude and disputes might arise, even if everything else is operating perfectly. If there’s one point I think we wanted to emphasise is that although I think there is plenty of scope for disputes to arise in relation to smart contracts, if you identified those potential disputes when you’re setting up the system and take legal advice, that there are many ways that you can mitigate those risks.
The first myth really that we wanted to debunk is that smart contracts will entirely prevent disputes arising. People often say to us that lawyers will be redundant, because code is essentially contract and nothing could go wrong. Certainly decentralisation and automation can reduce a large number of types of risks, reduce certain types of counterparty risk, create indelible records obviously and avoid single points of failure existing in centralised networks. But the technology does at the same time raise some fairly novel legal issues and potential for new types of disputes to arise. We’ve identified on this slide what we see as the five principal potential disputes and risks in relation to smart contracts, and the first and most fundamental is really whether a legally binding contract or contracts exist.
Obviously there’s the question as to whether legally binding contracts exist in relation to the smart contract, but there’s also another layer above that, as to whether there is a binding legal contract between participants in relation to the blockchain, so between miners and users and administrators. And that uncertainty exists, because in many common law jurisdictions a contract can only be valid if it’s entered into by a person, so a human or a legal person with legal capacity to do that. In addition, there may be certain requirements as to formality in local jurisdictions. For example, there might be a rule that a contract can’t arise if there’s insufficient certainty as to who the contracting parties are.
Even if you’ve got a legally binding smart contract, there’s uncertainty as to whether there are any non-contractual duties, both as between those parties but also as between the miners and users and administrators who might be involved in the system. Now, in English law certainly there is a well-established legal test for establishing whether one party owes non-contractual duties to another, even though they’re not parties to a contract, but there’s definitely considerable scope for argument as to how those principles would map onto decentralised ledgers, especially where participants stay anonymous. That’s the second big risk from our perspective. The third is that if something goes wrong, I think one of the questions earlier alluded to this, it’s difficult to know who you should sue, either because it’s not clear factually who is responsible for what has gone wrong, whether it’s a loss that’s been caused by a bug in the operating system, or defective code, or, more fundamentally, just because it’s difficult to identify the person behind it and sue them.
The fourth risk that we’ve identified is really the risk of satellite disputes around dispute resolution. The decentralised nature of blockchain means that there is a real risk of satellite disputes about which courts have got jurisdiction to decide a blockchain dispute and what law they should apply to decide it. That’s still a relevant issue, even if your smart contract provides for arbitration methods, like we were discussing yesterday, because where that arbitration is seated, where it’s located, will often be subject to the law of that jurisdiction. Even if you’ve got an arbitration mechanism, the arbitrator’s powers will be subject to the supervising jurisdiction of the court. So arbitration is potentially a large part of the answer but not the whole answer. Finally, there’s the question of trust boundaries. Obviously smart contracts will often need to interact with other systems or oracles, and even where the agreement between the participants to a smart contract is working perfectly and has got a dispute resolution mechanism like an arbitration mechanism, there’s going to be a question over how that applies across the trust boundary. If an oracle malfunctions, what mechanism do you use to resolve those disputes, even though as between you and your counterparty you’ve agreed on a mechanism? That’s the first myth that we wanted to talk about.
The second is this idea that the courts somehow can’t intervene in the operation of smart contracts or resolve smart contracts and other DLT disputes. Certainly the legal uncertainties that we’ve mentioned and the novel fact patterns involved in smart contracts present some real challenges for the courts, but certainly the English courts are pretty adept at applying established legal principles to new fact patterns; the difficulty is that there tends to be a period of uncertainty, both while they get up to speed with the technology and also while the common law develops precedents in relation to new fact patterns. So I think it’s just important to keep reflecting on the fact that smart contracts don’t exist in a judicial vacuum. Having said that, a lot of those risks can be mitigated by some careful drafting at the front end, and ensuring that where you’ve got a smart contracts within a permissioned or a hybrid system, you ensure that the participation agreement sets out the participant’s rights and obligations, and the mechanism for resolving disputes as between them, and that also smart contracts are either guided by some kind of master agreement with a dispute resolution mechanism, or incorporate one into individual contracts.
So, what we wanted to do now is I think Adam is going to speak briefly about some potential options for dispute resolution mechanisms that you might want to think about.
Adam: Thank you. So, let’s assume you recognise that you might actually have a dispute and you realise you do need some sort of dispute resolution mechanism. I’m just here really going to queue them up in a sort of list format — some of them already exist, some are coming into play at the moment — and then after that we’ll look at a few example scenarios, and hopefully that will stimulate some questions and discussion and we can look at how these mechanisms might work, so this is really just a quick laundry list at the start.
Firstly, permissioned blockchain, that’s a separate and discreet point. While they perhaps might not be in the spirit of a lot of different blockchains, there are a lot of use cases around permissioned blockchains at the moment. This is a blockchain where in order to participate there is some sort of mechanism to obtain permission, there is some sort of relationship between the parties involved, and there is a consensus mechanism that therefore is finite and is constrained, and one assumes it’s either implicitly or explicitly under the control of a particular party, the one who has set it up, let’s call them the administrator. Here if you have some sort of dispute and something that needs to be resolved involving the blockchain, in one sense you’ve got a very simple answer: you can go to the administrator, and they, in a sense, let’s assume, have godlike powers, and it becomes easier to deal with disputes in reality apart from the permissioned blockchain; they could just decree that things should be so. On the one hand that sounds very simple, but if you’re an administrator, you’d be very reluctant to do that. With that great power comes great responsibility, but also liability that the administrator would have for interfering, how would that affect how the blockchain as a whole works. So you would need to look quite carefully at the start at how they become part of that mechanism, how you set up the different responsibilities, but nevertheless, that’s the way that it would proceed with a permissioned version.
With a non-permissioned version, the blockchain generally, obviously you’ve got the option of litigation. Litigation doesn’t necessarily know about the blockchain, there may or may not be expertise there, but in fact judges, particularly in English courts, are used to dealing with highly technical areas that are not necessarily within their expertise but they can get expert evidence on, so we could assume that in fact they could come to grips with some of the issues. But bear in mind that they won’t actually care about the blockchain in terms of how they resolve the dispute, they will just care about reality, and the intersection between those two could cause some problems, really perhaps with the blockchain more than for the court side of things, but we could come to that later.
So what you may want is something that is a bit more of an intersection between reality and the blockchain, something that you set up in advance, some sort of arbitration mechanism or some form of alternative dispute resolution, and you need to decide, for that arbitration, how much you’re going to build into the smart contract, and you want to build it in to some extent to make it work efficiently: how decentralised it will be, who the arbitrators will be, all those sorts of questions, but the key one is how it fits in, how it intersects. Do you want to set it up so that you could just stop the execution of the smart contract and go off to some other code pile if you like, if you’ve got arbitration? Does that mean the contract isn’t smart or automated anymore? That’s one end of the spectrum. The other end is you don’t really allow the autonomy of the smart contract to be interfered with, but how are you going to enforce the arbitration? In between those two you have some sort of mechanism set up, multisig or something like that, to allow an arbitrator to be appointed, to allow them to do things on the blockchain. That’s probably the sweet spot, how you would want things to work, how you would want them to be resolved, but there’s a lot of detail there that needs to be worked out between the coders and the lawyers to make that work effectively.
I’ve just queued up that list; here’s a huge number of issues there, but I don’t want to take up all the time. I think we can take questions generally on anything that’s blindingly terribly wrong with what we’ve said so far, or we can queue up some of our example scenarios which will hopefully challenge some of the preconceptions and make you believe that some of these disputes really can come up in reality.
Chris: Thank you. Why don’t we spell out some of these scenarios.
Harriet: Certainly. The first scenario: a platform is working perfectly, but the trader’s three-year-old walks into the room when he’s on the phone, presses the button, executes a trade, and that trade executes automatically. Now, the reason that we’ve chosen this scenario is I think it’s a nice example of how even when everything is operating perfectly technically, real life can sometimes intervene. Here the question is: is Y bank bound by this transaction that was entered into by a three-year-old by mistake? From an English law perspective, you’d argue that that that child didn’t have legal capacity to enter into that transaction. Y Bank would want to unravel that trade. So even though it’s something that’s indelibly recorded on the blockchain, what does Y Bank do? Well, depending on what dispute resolution mechanism is built into the platform, it may well find itself going to court and arguing, “Well, this transaction is void. Even though it’s been executed, we should be able to unwind it.”
Adam: I think this one is why you need a dispute resolution mechanism. Kudos to the people who wrote this software, it’s perfect, there are no flaws in any of the code, everything is 100% exactly; we need these people, they’re better than NASA or whoever. So let’s assume that everything is perfect, that it is all working properly. We could have the legal discussion up here as to whether it’s valid or not, that would be very interesting for us but perhaps not for all of you, so let’s assume that in fact the contract is valid: despite your best efforts, because the button has been pressed by the three-year-old, there isn’t a contract from a legal point of view.
Comment: Surely this is a system flaw: a three-year-old should not be able to execute that trade, they’re not authorised to do so. If the system enables “hit Enter” to execute an extremely large trade, that’s a system flaw.
Adam: Yeah. Well, the trader did use the iris and retina scan and everything else, but at that precise moment that he’d gone through the several-factor authentication, he just had to rush out for some emergency and his daughter rushed in… That’s what happened.
Chris: Well, that may be a little unlikely, but we can imagine certain other scenarios, like fraud: somebody might indeed have access, and the company fully intended that they have access, but the subsequent actions resulted in there being no valid contract.
Adam: I think there is an argument there in terms of let’s try and push these fact scenarios out to the margin so much that we can just say the cost of having them we just accept, and let’s just go with the code because it’s 100% and ignore these odd fact patterns if you like. That is an argument that’s made, it’s the argument for when you stop at the red traffic light in the middle of the night, you should still stop, even though you know there’s no traffic coming the other way, the philosophical side of things, but it’s not the way that legal systems will work. We’ve got other examples, apart from this, and you will be able to come up with fact patterns where you’ve done everything right, but something else supervenes, fraud being an example. We can look at another example scenario, but this is trying to make the point that even if you do it perfectly, you might not have a valid contract. How do you deal with that?
Vinay Gupta: It’s very clear that there is so much, for example, unreliable hardware, there’s human error, and this stuff has happened in live trading systems that were non-blockchain a number of times; we know that the real world works this way.
Adam: Yeah, fat finger trades happen all the time.
Question: So legally speaking, who actually executed the trade? Because we’ve been talking a lot this weekend about what is identity in the blockchain. Would it be the identity of the person logged in, or would it be the three-year-old who actually executed the trade?
Adam: That’s a good question, it’s an interesting question, it’s going to depend on the particular facts, but I don’t want to get too bogged down in that.
Clive: I’m going to give a very short answer to the question, which is that this is exactly the sort of question that needs to be considered at the contract negotiation stage, and you need to have an expressed term in the contract which says, for example, that any trade executed on the system using this security mechanism will be binding on the person whose identity was used to make a trade, even if they want to contend that it was actually the three-year-old. The answer is you need to think about that in advance and have clauses in the contract which tell everybody what the answer is without needing to have a dispute or an arbitration.
Peter: I think it’s interesting that the technical reaction to this is it shouldn’t happen. Clyde’s reaction is the contract should take care of it, and I agree with both. But there is a third scenario, which is that look at this as an example of something which is completely unexpected. Maybe this is not a good example of something which is completely unexpected, but at some stage something will happen that is unexpected and is not dealt with by the contract, and then the lawyer says, the judge or the arbitrator. “We must deal with this situation which has arisen, which nobody has anticipated.” Well, you can deal with it in a number of ways: you can say the onus was on the person who built the system to make sure it didn’t happen, that nothing unexpected happened. You could say that the onus was on the person working at home, to make sure that his child or his dog or his budgerigar didn’t get in contact with the machine. Or you can say this is something that should be dealt with by insurance. But as far as the law is concerned, the law would struggle to come up with a just solution. I don’t think it’s up to us to say what the solution would be, but it just underlies the fact that you cannot anticipate everything that can go wrong.
Question: Isn’t that the situation we’re in today, with our current system, with or without crypto?
Peter: Yes, exactly.
Question: So why do you expect to all of a sudden solve it overnight?
Peter: The point about having the smart contract is more things will be anticipated: the solution that will be imposed will be better, and hopefully it will be cheaper to get going, and therefore cheaper in the long run because you won’t have to spend so much money on getting the problem resolved.
Comment: I completely agree, but these are all relative terms. We’re not going to solve it overnight, and that’s okay.
Question: In terms of avoiding these situations going to arbitration, is there going to be some sort of mechanism where something like this might happen, we’ll go to arbitration. When the result of the arbitration is made clear, will that then feed back into the system so the thinking would have been done in this case, where the child has done it, and everyone will be able to see this is what the outcome is going to be, because it has already been arbitrated, so both sides will know what to expect.
Adam: Exactly. The idea is that if you have unexpected situations that you need to deal with that go to the arbitrator, that the intersection between what the arbitrator can do in a smart contract allows them to automatically then enforce what that decision is. If here say the decision is to cancel the trade, the idea would be that the arbitrator, appointed according to the dispute resolution mechanism, once he has come to that view is then able to, by virtue of their appointment, to actually execute that on the blockchain so that it’s still smart in that sense, that the dispute is then resolved, that the assets, money or whatever, flow through to the right person as part of that smart contract dispute resolution mechanism.
Comment: All future smart contracts to know that that is the case
Comment: Does it become precedent basically is the question.
Adam: The actual decision?
Adam: Well, you’ve still got I suppose a legal case behind it. You’re sort of into the law of arbitration there, where it doesn’t necessarily set a precedent, it won’t necessarily be publicised, it could be confidential, it could be on the blockchain, could set a precedent…
Clive: There are two strands to this question. The first strand is to what extent are the decisions going to be made public so that other people know about them. The second strand is once they are made public, are they going to be binding for future cases, which raise the same sort of problem.
I think there are three purposes for having an arbitration scheme: the first one is to give the users of the system the confidence to know that if they have a dispute, there are specialist decision makers who will be available to decide their dispute who will have an understanding of the technology. The second aim of an arbitration scheme is so that users of the system, if this is how it’s done, can see that decisions are being made by specialist arbitrators and can see that those are sensible decisions. The third aim to achieve by an arbitration scheme is so that the users of the system can see what’s gone wrong in other cases, can learn lessons from that, and build their systems to prevent the same thing from happening in the future.
But all those three aims require that there should be some publicity given to what has happened in individual cases. Traditionally, arbitrations don’t happen in public; they happen behind closed doors. But I think we need to consider in this situation possibly having some kind of publicity to the decisions. It can either be full publicity in which everybody knows who all the parties were to the dispute, with their names being mentioned, or they could be anonymised decisions, and there are precedents for this kind of system. The ICC has a system for expert opinions in disputes relating to trade finance, in which the actual experts who are asked to give their opinion don’t know the names of the people involved in the dispute, and they issue an anonymised opinion; it is not in this situation a binding decision, unless the parties want it to be, but they issue an anonymised decision which everybody can see. So those are the three different ways of doing it, that’s the publicity side of it.
The other side of it is are these decisions going to be binding in future cases? As far as that’s concerned, there’s a real danger with having binding decisions, which is that if a bad decision gets made, you’re stuck with it. There is the risk of that happening in the real world with the court system, and that’s why we have a system of appeals to deal with it. But once you start talking about appeals, you’ve got a greater level of complexity, you’ve got greater cost for the participants. So you have to decide which of these routes you want to take.
Chris: If I could just add a fourth aim in this kind of scheme, picking up on the point that Adam made: I think it’s worth emphasising that there’s something quite novel here that wasn’t possible before, and this is the scope for direct enforcement of an arbitration award by the appropriate authorised arbitrator, and this is really quite new and exciting. There are plenty of cases you can point to where a party who was successful with arbitration takes the award to a national court where perhaps there’s some corruption, and for whatever reason they’re unable to have that award enforced. The reason they have to do that is because the asset they wanted to seize to cover their debt, for instance, would have been in a particular jurisdiction, and it’s the court of that jurisdiction that they needed to go to to achieve that enforcement. What we have here now is this interesting possibility that there may be value on the blockchain, something that is there: it might be there’s an escrowed amount, it may be that there’s other trade within the same system, but there might be something available there that has value, against which an award might be enforced. That’s something quite new and I think is especially relevant in cross-border disputes.
Adam: Let’s very briefly look at scenario two. I think it’s almost the same, except we’ve tried to come up with a fact pattern where you’re even more convinced that the trade ought to be cancelled, and where it would be quite difficult I think to set out in a contract to say that it couldn’t be cancelled in those circumstances, although I would be interested to get the other panellists’ views on that.
Vinay: This is definitely not LIBOR, right?
Peter: It’s good to know that this is not based on an actual scenario. [laughter] There is a doctrine of common law, as applied in this country and other common law jurisdictions, that if something goes horribly wrong and the contract cannot be carried the way it was intended, then it all falls to the ground. It’s called a doctrine of frustration, and there’s a possibility, I won’t say more than that, of applying that solution to this particular situation. Otherwise, it’s merely another example of something unexpected going wrong.
Adam: Yeah. I think it raises the point of the previous one, but more extreme. Should we look at the next one? Because that has got a lot of technical bits that I know you’d be interested in.
This is where there is a smart contract mechanism, a payment of a million pounds that should be made in US dollars, and unfortunately they do is as a million LBP, Lebanese pounds, and a million Lebanese pounds is about $600 US dollars, so that’s the amount that gets transferred by mistake. This one is illustrating some of the different ways it can go wrong and the different people who might be liable, who might be responsible for it. Someone has mentioned insurance before, which I think is quite important here, and if you decide that it’s just too complicated to deal with, that might be a way out. But I would be interested to have views of the panel and others as to who is responsible for these different sorts of errors, and if you can avoid them.
Ian: Clearly the programmer is responsible, because they’re using the words GBP, LBP and so forth; if they were using Ricardian contracts, that mess would never have happened.
Adam: Yeah, but when you say the programmer, there would be a number of programmers, wouldn’t there? It may have been an error in the transcription of the code part of the Ricardian contract, it could be that the contract was written out perfectly, but there’s some error in the code in the platform itself that translates it wrongly, the error could be on the buyer side, the seller side…
Ian: I grant that there could be a swapping of one hash for another, but even that would be an extremely grave error. I would say that if that is happening, then the programmers are responsible. This the question you’re trying to ask, isn’t it?
Chris: Let me generalise this, because this leads to a very interesting discussion. Conventionally in contract you have your two parties and they’re negotiating the contract between them. Let’s take the example where there’s a bug in a smart code, not this kind of grave error but something that was just an unanticipated bug. It may come to light that this bug is there, and indeed there might be a straightforward patch that could be applied as it were. Then the question is how is that going to be achieved with the smart contract on the blockchain? If the two parties are going to have to get together and decide between themselves, “Oh dear, yes, we didn’t really intend that. We better get around to scrapping that and rectifying this situation…” by that time someone may have syphoned off all the value of the smart contract. So I think in this environment, yes, there’s a question of who would be liable for that kind of bug. Somebody has drafted the software. Was it jointly drafted by the two parties? That’s one angle to go down. Another view on it is maybe we should be looking to have third party creators of the software here, so that there’s an unambiguous party both liable for any errors and therefore motivated to maintain it.
Adam: There’s a prior question, if you like, which is is anyone liable? You could say, “Well, I wrote this million lines of code, I open sourced it. It was perfectly open to you to see that it would pay in Lebanese pounds in this situation, and therefore everyone should simply be held to the smart contract as reflected in the code and no one is liable for anything.” Would anyone take that view? Or does anyone think there isn’t a problem?
Peter: One way of looking at contract law from a jurisprudential point of view, in other words legal philosophy, is that it’s all about allocation of risk. The first point of talking about allocation of risk is what the contract says. Any lawyer faced with this problem looks first at the contract and says, “Does the contract lay out who takes the risk of this happening?” and this is a general approach. If the contract doesn’t, and you go to some other form of dispute settlement mechanism, let’s say an arbitrator, the arbitrator will say, “Well, what would I expect the contract to say about the allocation of risk?” It may be, as has been suggested, that the loss lies where it falls, in other words there’s no specific allocation of risk. It may be that the correct answer is the risk is allocated to one party from the other. It may be that you have a frustration answer, which is that the whole contract falls to the ground and cannot be enforced. Or it may be that the risk is apportioned, partly because it’s the fault of one party, or there may be a contributory fault by another party. But these are all questions that have to be answered in the light of the particular facts, and I don’t think you could just say there’s bound to be one particular answer to one particular problem; everything is fact-sensitive.
Trent: In Estonia and elsewhere they were asking this question in the context of self-driving cars. If a self-driving, self-owning car crashes and kills someone, who is responsible? Is it the carmaker? Is it the programmer? Is it one of many other parties? What they arrived at was what if we give the car itself rights, but not just rights but responsibility as well? Because if you send the self-driving car to jail, it won’t care; but if you give it a combination of rights and responsibilities, when it starts to fail you can take away some of those rights or responsibilities. They arrived at this, and then they realised this applies not just to self-driving cars but to broader AI, and this is what we’ve been working on.
But my point here is many people have framed blockchains as life forms or as AI. This is actually possibly a way forward here as well, where this smart contract, this very minimalist life form maybe has rights and responsibilities. I’d love to hear your take, and whether you see other initiatives beyond that.
Chris: I think the thing about lawyers is one of our first questions might be does this life form have any assets? [laughter] Because otherwise there’s no point in suing them.
Trent: Well, the answer is yes: 20,000 Euros worth of hunk of metal and silicon.
Chris: Right, that’s the thing. If you’ve got assets tied up, whether you characterise it as a thing that has something that might be taken off it, or you characterise it as putting aside funds as a kind of self-insuring policy or whatever it might be…
Adam: We’ve actually looked at this in the context of autonomous vehicles, and I think the connection between that scenario and this one isn’t AI but autonomy, the fact that you’ve got an autonomous agent. At first it seems very far-fetched. Then the EU Commission has actually published something on it, putting out the idea of having the sort of autonomous agents given legal personality. I think it still seems far-fetched; the Commission saying something doesn’t necessarily stop it seeming far-fetched, but that’s another issue. What I would say is that over the years the common law in particular has been able to come up with novel ways to incorporate these scenarios and make them work properly in an economic context, and we’ve granted personhood to lots of entities that are not actually natural individuals. So despite sounding far-fetched, it would be about a way of achieving that, that allows you to achieve whatever aims you’ve got in jurisprudence to come up with sensible answers and to allocate risk and liability sensibly.
Peter: The way this jurisdiction has solved this problem with regard to uninsured human beings is to deal with the human being not having insurance separately under the criminal law system and by the Ministry of Transport, as it was then, making a deal with the insurance companies to set up the Motor Insurers’ Bureau so that the last insurer on the vehicle is liable for the loss. So a possible solution here would be to make, by a way of statute, it compulsory for the machine to get itself insured, which could be done by programming the machine to take out insurance and arrange for payment by the way of a blockchain mechanism with a default position that a nominated insurer or insurance body or, failing all else, the state would pay the damages.
Adam: I think the rest of these are all about allocation of responsibility to different people so they were covered by Peter’s points.
Comment: One final point on the autonomous car, stripping it of rights or something like that. It just seems to me that if there’s no actual repercussions for a non-thinking computational entity… Basically, if the repercussions don’t fall back onto the humans who coded it, you could essentially have a sneaky coder who decides to make a car kill one is every 10 people, and then it’s just the car gets scrapped and it never comes back to the coder.
Adam: Yeah, that’s exactly the issue we need to deal with.
Question: I’m interested in the situation where you talk about the kind of blame slinging or risk hot potato. But what if we for a moment assume that there’s no blame whatsoever which was predictable at all in this situation? If the data centre happened to be built on top of a mountain and a cosmic ray hits the register, after all of the protections which have all been put in place, something unexpected happens, and all parties are quite aware of the fact that there is something which is unsatisfactory to all of them, because perhaps the party who fails to deliver the amount that it had expected, their reputation is being damaged by it as well as all the rest of it. Let’s assume that there’s blameless scenario. Should we not be trying to establish some kind of position where blockchains always have a degree of flexibility, able to be engaged by a fair judicial system that they’re founded in?
Harriet: Ideally yes, but I guess my immediate reaction to that is the more you introduce nebulous concepts like fairness to a smart contract, the greater to scope for dispute. As dispute lawyers, most frequently the things that we see people arguing about are concepts like whether or not a material adverse change has occurred. You might have a contract that says, “In the event that there’s been what’s referred to as a material adverse change or a frustrating event or whatever, then I don’t have to perform my contractual obligations, or I have to use reasonable endeavours,” for example. It’s that kind of language, where it introduces an element of subjectivity, that tends to result in disputes. So I guess that’s the immediate challenge I see with introducing those kind of concepts.
But I think it’s important to remember that where someone has agreed that they will do something, if it hasn’t happened for reasons outside their control, the chances are that if they could still do it, they will be liable to pay damages to compensate the other party. If they genuinely cannot perform, because of some extraordinary event has occurred, then, as Peter mentioned earlier, they’re probably going to be entitled to treat the contract as having been frustrated and both parties will be able to walk away from it.
So I think the English law provides some mechanisms to deal with those situations, even if you don’t incorporate them into the contract, if it is English law governed. You don’t need to expressly provide for every scenario; you just need to agree what law will govern any dispute that arises.
Clive: I’ll go back to the first answer I gave this afternoon, which is this is the exactly the sort of thing that needs to be thought about at the time the contract is made. We get exactly the question of the unavailable oracle in long-term oil contracts, where somebody agrees to pay for oil over a period of 20 years, and they agree on an indexation clause based on a particular named index, and then you find 10 years down the line that index is no longer available. I myself have advised in a case where in that situation the parties had agreed that there should be an expertdetermination, and the expert should have the power to substitute an alternative index. You can easily build that kind of procedure into these kind of smart contracts.
Peter: And I would only add that blame is not a necessary precedent to allocation of risk. In short, you don’t need to find someone to blame before you can say the risk must be allocated in a particular way. The risk can be allocated without anybody being to blame, or the person being to blame is someone you can’t take action against, like a terrorist.
Question: I’m curious, we assume that there’s a legal intervention in the smart contract, but the smart contract has actually acted and the chain continues. Are there concepts in the legal field like network value? I can agree to be part of a network that contains financial value of let’s say 300,000 Euros, so all transactions that are happening within this network should not exceed 300,000 Euros, and if a failure happens within this network, that this has to be covered within the complete network’s resources. Almost like an industry body that says all arbitration has to happen…
Peter: I think what you’re suggesting is the risk can be allocated by a pooled system, that is everybody contributes something, or by limiting the liability of people. I can only repeat that you can allocate the risk any way you like, you just need to have the risk allocated; if you haven’t agreed how to allocate the risk, then that can be resolved by a dispute settlement mechanism.
Chris: I think in the blockchain space people are very familiar with the design effort that goes into tokening problems, that is financial incentives for certain kinds of action. I think maybe there’s another piece to this in some sense required, which is the… I don’t know how to describe it… Designing the risk allocation. But just working through where liabilities will fall, and whether that’s where you want them to remain, or whether there should be some kind of allocation to a particular party, whether you want to pool it, whether you’re going to have an insurance scheme… But thought needs to be given to liabilities, not just to incentives.
Adam: I think example number four is an interesting one, because there’s no getting around the fact that reality here is different from the blockchain, and, if you had a moment to look at it, the courts or whatever will allocate that ownership of steel to the person they think owns it. If you’ve got what you thought was a proprietary register of steel that you want to use for trading or some other purpose, the problem isn’t with reality; the problem is with you. You, the blockchain, have to deal with the fact that you’re out of sync with reality, and you will need to come up with some mechanism for doing that. You can’t just say, “Well, we trump reality,” or “We didn’t expect reality to get in the way.” The courts will do what they do: they might retransfer the steel, they might award damages… They’re just going to deal with it.
Can I say, the lawyers definitely wouldn’t have approved the throwing of that thing. [laughter]
Comment: We did a risk assessment.
Question: I have a much more basic question: if I’m trading with somebody via a permissioned blockchain or maybe a public blockchain and there is a dispute, how prepared are the courts in various jurisdictions to actually accept blockchain as evidence, and technically how capable are they of evaluating that evidence?
Harriet: It’s just an evidential question. The English courts are very used to receiving expert evidence from things about a thing they know nothing about. What would happen is both parties would appoint an expert, say a coder, and that person’s role would be to explain to the court what they say has happened, their implementation of the facts, explain what the code means.
Comment: That sounds like a lucrative new profession.
Harriet: Absolutely. [laughter]
Clive: Yeah, but it doesn’t have to be two experts. In many cases, in this kind of scenario, the evidence would be uncontentious and it could be dealt with by a single expert. Or better still, if it is genuinely uncontentious, the parties could agree what the state of affairs is about that evidence without there being any need for an expert witness to be paid to participate in the dispute.
Question: And if it was a closed source private blockchain implementation, do you think the vendor would be obligated to somehow participate in that process?
Clive: Nine times out of ten you don’t need to apply somebody to participate in that process, because the very fact of having to participate in it is going to cause an expense, and the risk of having to pay to meet the cost of that expense is a sanction which brings sense to them in the first place.
Vinay: The sort of language that we use think about this kind of scenario internally inside of Mattereum is delamination, that you have two layers of reality that are splitting apart, where one party clings to the technical side and the other party points to the steel in the warehouse, and both parties are in fact correct. That seems like the kind of thing that is likely to remain messy and complicated until you get a body of legal precedent. So even if the contracts that are used indicate it is one way or the other way, different parties might adhere… In different situations the contract would fail one way or the other way, or fall on each side of that line, but in the long run the general standardisation of this stuff at a societal level seems likely. Any thoughts on that?
Harriet: I think, interestingly, there’s a degree of lamination in the law as well in terms of let’s say ownership of assets. Because if you take this scenario for where there’s a disconnect between what the blockchain says and what the court says, one possible solution to that is for the court to… Ownership can be split into two parts: there’s the idea of being a legal owner, and also the beneficial owner, and it may be that the way of reconciling that scenario with real life is to say, “Well actually, what’s recorded on the blockchain is legal ownership, but in fact the beneficial owner is the one that the court decides has beneficial ownership. In some ways maybe that concept of legal and beneficial ownership can adapt to deal with blockchain type disputes.
Clive: My short answer would be there wouldn’t be much prospect of the courts of Kerplakistan saying that the blockchain knows better than it does who the owner is.
Adam: Yeah, I think that’s right and it is how you deal with it. To your point about the different layers, I’d put it as a coding analogy, the idea that you solve any programming problem by having an additional layer of indirection. Legal systems do that, as Harriet was saying, that’s the approach that they take, and here’s it’s the dispute resolution mechanism that is that additional layer of indirection that allows you to resolve that mismatch, and at the start you need to decide what powers you’re going to give that additional layer to interfere with your two existing layers, that it doesn’t interfere with the objective of having a smart contract in the first place but is powerful enough to deal with situations like this.
Clive: Of course in this situation it may be the case that precisely because the parties are concerned about this sort of thing, they say the contracts should be governed by English law. They may also say that they want neutral arbitrators to decide the case, so that the decision makers are not the courts of Kerplakistan simply saying what they’ve been told to say by their legislature, and there are ways of dealing with these sort of problems in international trade.
Adam: Although we tried to pick a situation where simply choosing an English governing law wouldn’t necessarily help, because you’re dealing with steel physically located in a warehouse in Kerplakistan.
Comment: My observation of the last four scenarios, and it goes back the talk that we had earlier about semantics, that the use of the term “smart contract”. Here is nothing smart contract, legally anyway, about the use of the blockchain platform here. What seems to be the case in all four scenarios is that you have a natural language contract which is legally binding, and that the platform is just an execution method or some sort of evidence of that contract, and therefore you have a disconnect. In law you always go to arbitrate the dispute on the terms of the natural language contract, and the only way you could possibly get around that is if you say in the natural language contract if there’s any difference between the wording of the contract and on the platform, you can say that the platform wins or the natural language wins, otherwise there’s nothing smart about what’s going on.
Chris: I think one could strive for absolute precision and complete isomorphism between one’s code and one’s prose, but the one thing I don’t yet know is how the code will provide for the reasonable function.
Adam: Actually, a lot of problems do come out that way, but I think what we’ve tried to show is actually not all problems do come about from that mismatch. You might say that in this scenario, let’s say there is no natural language, let’s say in some way everything is in the code, you could still get this fact scenario. It is true that irrespective of words or natural language a legal system will impose its own idea of what the contract is over and above the code, and it will have things in it like “If there is a fraud, then we don’t care what the code says. We don’t take what the natural language says.” You will have these problems that you will have to deal with, because you have a legal system which is separate from… It’s not just about natural language.
Chris: Ultimately, however precise this language or other way you’ve encoded the intentions, that won’t be sufficient, and then what really counts is the procedure you set to deal with that exception. But if there’s one conclusion I’d like to make is that the procedures for handling the disputes which will inevitably arise are something that you really want to get right.
Vinay: Trent made this distinction this morning, suggesting that the automated path was what we would use when everything is fine, and it gets increasingly manual as things begin to go wrong.
Question: The dispute resolution mechanisms that you stated earlier, arbitration and things like that, even if London was the choice of venue that was stated in the contract, what would that do to solve this scenario? Kerplakistan could just say no to this, right? What would Norton Rose or anyone else do about that?
Harriet: If your contact said that both parties agreed to submit to the jurisdiction of the English court system, and your counterparty started the proceedings in Kerplakistan, then you can phone up the English courts now and try to resolve the situation.
Comment: Yeah, unless they invade Kerplakistan…
Adam: You’re right, you would need to go to Kerplakistan, you would need to go there to physically move the steel. You could resolve the dispute without moving the steel in a lot of situations, but if you physica1lly wanted to move the steel, that’s a separate issue.
Chris: If you’re going to deal with a party who only has assets in a jurisdiction in which you can’t rely on the local court enforcing arbitration law or doing the right thing, that’s a commercial risk.
Clive: No, it’s not completely impossible. You can hope that there’s a bilateral investment treaty between the United Kingdom and Kerplakistan, and then you can start an international arbitration.