Tech Is All Around: Blockchain & Law
November 1, 2018

As noted in the previous Tech Is All Around: Hot Topics and Notes on the Future post, blockchain is touted as the next revolutionary technology, even as revolutionary as the introduction of the internet during the nineties. Blockchain is said to evolve the internet from Web 2.0 to Web 3.0. Instead of centralised entities such as Facebook or Google that control their users’ data and reap the rewards, blockchain enables the creation of decentralised systems that can offer economic incentives directly to its users.

Another aspect is the transition from “the internet of information to the internet of value”. Traditionally, the internet has consisted solely of information. This means that a trusted third party needs to verify the validity of data to prevent, for example, double spending of digitally represented assets. But blockchain technology removes the need for any administrative or supervising intermediary; the system upkeeps and verifies itself thanks to its unique consensus mechanism, effectively resolving the double-spending problem. Not only is a blockchain completely autonomous, the consensus mechanism also ensures that once data is validly added, it cannot be altered. Blockchain therefore enables the creation of unique digital assets in a way that previously has not been possible. It is a transition from information that represents an asset to unique tradeable digital assets (defined under the umbrella term “tokens”). Value can be traded directly, hence the transition from the internet of information to the internet of value.

Blockchain can also be used to connect other technologies, such as artificial intelligence (AI) and the Internet of Things (IoT) directly to a transaction platform, effectively connecting these technologies to the economy. For example, AI agents could in the future transact data and dematerialised assets between IoT devices without any human involvement at all, via the use of smart contracts, that is, automated contracts, implemented on a blockchain. Therefore, many argue that blockchain technology enables the creation of an eco-system that is going to propel the fourth industrial revolution.

Because of the unique characteristics described above, blockchain has the potential to disrupt or even abolish traditional business models while also enabling completely new ones.

An example of a traditional business that could lose its purpose is settling institutes, for example in respect of trading shares. This is evident by ongoing developments. Several banks are developing systems based on blockchain technology with the aim of simplifying settlements of various transactions. With blockchain technology, there is no need to have a separate intermediary that upholds a share registry and validates transactions. Instead, with the help of tokens representing tradeable shares, a transaction platform could be created that would simultaneously act as the share registry.

The disintermediation of businesses can even be taken one step further by creating decentralised autonomous organisations (DAO), entities that are completely governed by smart contracts. The governing functions and rules of, for example, an investment fund, or theoretically even a company, can be encoded. There is no need for a physical governing body in a DAO, as these functions are encoded into smart contracts. Instead, shareholders of a DAO participate directly, for instance by using tokens that represent votes.

There is, evidently, heaps of potential applications for blockchain, but how does blockchain technology integrate with the law? Applications developed on a blockchain need to fulfil legal requirements to be legally valid, and transactions need to occur in accordance with the law to be legally enforceable.

Perhaps the most evident legal question is the enforceability of smart contracts as legal contracts. This should not be an issue, at least not under Swedish or Finnish law, as long as the parties to the smart contract have legal capacity, the subject of the agreement is not illegal, and the parties can be said to have expressed a clear intention to be bound by its terms. The conclusion of a smart contract can further be likened to that of a tacit agreement. However, there are various kinds of smart contracts. Smart contracts do not necessarily resemble traditional agreements, and smart contacts can be used in various ways and to different degrees, for example as part of or in combination with a traditional contract. A smart contract may not be intended to form a legal contract at all. And what about the legal effect of using AI agents to conclude smart contracts? Is there any to begin with?

A particularly hot topic is the conformity of blockchain to rules on data privacy, especially the GDPR. The EU Blockchain Observatory and Forum, established by the EU Commission, has noted the benefits of blockchain technology, although recognising that the GDPR may hinder the development of the technology to its full potential. How can the right to be forgotten be satisfied on a completely immutable platform? And who is the data controller if there is no single entity in control? There are some technical solutions available that could solve these issues. For example, the right to be forgotten could potentially be satisfied by encrypting the data and deleting the key for accessing the data, or by using an off-chain system for identification. But the question is if it is enough to put the “data in a safe and throw away the key” or if the data should be completely erased to satisfy the right to be forgotten.

The EU Blockchain Observatory and Forum recently published a report, Blockchain and the GDPR, written by ConsenSys on behalf of the forum, containing some suggested solutions to the abovementioned issues. The authors highlight that blockchain can be GDPR compliant, emphasising that it is ultimately a question of how the technology is implemented. The possibility to encrypt data is recognised in the report as a possible solution to the right to be forgotten, but the authors also suggest that personal data should preferably not be stored on a blockchain at all, thus leaning towards an off-chain system for identification. Furthermore, it is suggested that the data controller on a public blockchain could be any network user that submits personal data as part of a business activity or the operators of a smart contract. Nevertheless, it remains to be seen how the EU legislators and the European Court of Justice will react, although it is likely that they will take note of the various suggestions contained in the report.

The classification of tokens is another widely discussed topic. The discussion has mainly revolved around the classification of tokens as securities or as utilities. The distinction is relevant for identifying applicable regulations for the trade of tokens, as the trade of utilities is unregulated, while securities are governed by various financial market regulations. This has been mainly of interest for companies that wish to receive funding by selling tokens through either initial coin offerings (ICO) or the increasingly popular security token offerings (STO). STOs are gaining attraction as a more stable investment form with a regulated secondary market, which in turn attracts more traditional forms of investment and involvement from venture capital and angel investors. The US SEC and Swiss FINMA have released guidelines to help companies determine if financial market regulations are applicable to their token sales. Even though helpful, the distinction between securities and utilities may not be sufficient with regard to the vast differences between tokens and their specific functions. Thus, other classifications may be more suitable. Furthermore, the lack of differentiation between tokens is evident when it comes to taxation. For example in Finland, all tokens are treated the same under tax law irrespective of their specific characteristics and intended use.

An interesting question regarding tokens is the possible legal effect of the transfer of a token that represents a real-life or dematerialised asset. At the moment, a court would not recognise the transfer of a token as simultaneously transferring the ownership and real property rights of the asset it represents. However, the transfer of a token of this kind should, arguably, in the future be recognised as having the same legal effect as the transfer of the actual asset, as there is no room for double spending on a blockchain, and an unbroken transfer of records is available. On the other hand, this requires that the rights cannot be transferred by other means. For example in Sweden, the transfer of a token that represents a share in a private limited company could in the future be given the same legal effect as the transfer of a share certificate, thereby nullifying the need for share certificates in print, which are still extensively in use. This would, however, require a legislative amendment, as there is currently an unequivocal right to receive a share certificate in print. The ownership and real property rights to a share cannot be attached to a token as long as this right exists, since the rights are attached to the share certificate, if issued, under current legislation.

There are various other legal questions besides the ones highlighted here, for example regarding competition law, intellectual property rights, tax law, the legal status of DAOs, and many more. It is also worth noticing that it is not clear how questions of applicable law, jurisdiction, and forum for dispute resolution are to be solved on a public platform if the parties have not agreed otherwise. Ultimately, the relevant questions will have to be decided on a case-by-case basis in light of the technical qualities of the underlying platform and the intended use of the particular application.

The technology is still developing and new solutions are constantly emerging, but the dominant design that will ultimately define blockchain has not been developed yet. As blockchain technology develops, some legal issues may be resolved and new issues may arise. Legislators and courts also play a vital role in this development. Regulatory uncertainty tends to hinder development and the widespread use of new applications, but too much regulation can have the same effect. Thus, it remains to be seen exactly how the technology and the legal landscape will evolve. Right now, there are more questions than there are answers.


Marcus Lehtinen
Thesis Trainee at Hannes Snellman