Legal and regulatory issues
In essence, a project to create or adopt a distributed ledger solution will be similar to negotiating any large scale technology development or outsourcing arrangement, but there are some key additional issues that will need to be considered.
- Accountability/responsibility: Control over the ledger is necessarily distributed, so how do you control or regulate the ledger, its users or other parties in the system? Who is accountable in a decentralised system? Whom (or what) do you regulate?
- Who would regulate? Given the cross-border nature of the technology, who would regulate? It's very likely that there would need to be agreed international regulatory principles and cooperation among regulators.
- Definitions: Various definitions under existing laws may need to be reassessed, e.g., in terms of the classification of assets (e.g., are virtual currencies really just commodities?).
- Smart contracts: How would existing contract law need to change to take account of automated or "smart" contracts? Would they be valid and enforceable? Moreover, is legislation sufficient, or would regulators need to regulate distributed ledgers via the technical code which defines the rules, rather than purely by legislation? Who would check that the operation of the technical code actually reflects the requirements of the legal code? If there is a problem with the code, how would this be identified and how would remedies be enforced and against whom? It's likely that smart contracts would still lead to disputes, and there will be limits on what smart contracts can do. Lawyers, regulators and the court systems would need to become familiar with smart contracts. Recordkeeping requirements and evidentiary rules would need to be adapted to enable access to underlying data by courts and other authorities.
- Consumer protection: Consumer protection will be a key concern of regulators. With such transformative technology, how do you ensure consumers understand what they are agreeing to, and their legal redress for failures?
- Privacy and security: The technology relies on an assumption that it is very secure because records would be almost impossible to decrypt. However, with the continued development of quantum computing, this may not always be the case. There are other security concerns, for example, that it could be possible to trace or deduce a party's identity from transactions or through access to a party that has permission to decrypt the data. In theory, at least, a ledger might also be "captured" if someone were able to control the majority of participating computers.
- Competition/anti-trust: If private distributed ledgers are created that are equivalent to consortia, there could be arguments of monopolistic or cartel activity. Also, there could be a risk that algorithms are set up in a manner which produces anti-competitive results that are secret or not readily detectible.
- Decentralised organisations: There are various issues that would need to be considered in terms of liability and accountability as existing legal systems are primarily designed to assign responsibilities and liabilities to persons (human or legal) rather than to a mechanism such as a distributed ledger that involves automated contracts. Lawmakers may need to consider how to adapt the existing law related to liability in the context of unincorporated associations to deal with the operation of distributed ledgers, which may be particularly challenging to the extent that these are likely to operate across borders.
- Reputational damage: Although much of the original scepticism with distributed ledgers has gone away, until distributed ledger applications have been rigorously evaluated, organisations will need to be mindful of the risk of reputational damage resulting from distributed ledger applications that don't work or don't provide the benefits envisaged.
Sign up for CIO Asia eNewsletters.