Can software be so nefarious that it puts the programmers, designers, or managers of the business, in jail? According to Brian Quintenz, a commissioner at the Commodity Futures Trading Commission (CFTC), the answer to that question is yes.
At the GITEX Technology Week Conference last week, Quintenz spoke about blockchain, specifically the international markets being built with the technology and remarked that if a decentralized application does not strictly follow the laws of the CFTC or other regulations put in place by the SEC or US Treasury, and if the programmers and executives knew that fact and built the application anyway, then those programmers and executives will face jail time.
Quintenz said, “The developers of the code could claim that they merely created the [blockchain] protocol and therefore have no control over whether and how users choose to use it once it is part of the public domain. They would place the liability on the individual users, who are the actual creators and counterparties of the events contracts. In my view, this analysis misses the mark. Instead, I think the appropriate question is whether these code developers could reasonably foresee, at the time they created the code, that it would likely be used by U.S. persons in a manner violative of CFTC regulations. In this particular hypothetical…I think a strong case could be made that the code developers aided and abetted violations of CFTC regulations. As such, the CFTC could prosecute.”
This is a very big step in accountability, but not unprecedented. Think of rogue traders who program and run illicit trades and are apprehended to face justice. Should Satoshi Nakamoto go to jail for building Bitcoin? Is it possible that it could be an illegal money transmitting business?
There is no question that proving someone intentionally wrote code to defraud investors in court is very difficult. There must be proof they knew they were breaking the law and that their intention was to defraud investors. The reality is that this is not at all simple to prove.
However, we are moving in the direction of accountability for smart contracts. Even if they are decentralized and no one is running them or profiting from them, the authors of that code can be held accountable. This means lots of new business for lawyers, especially those who know how to program. Imagine this: I send the solidity code to a new smart contract I built to my lawyer and ask for an opinion letter confirming my adherence to rules and regulations. This is no longer outlandish, and it should send a message to the dApp marketplace to be careful.
One great example of how this all is playing out is Augur, a decentralized oracle and predictions market on Ethereum. A few weeks after the marketplace went live, it was being used to predict who was going to die and thus created a financial incentive for hits on people. This is clearly bad. We are talking about financially incentivizing crime on a public forum. This is not tolerated in our society.
The founder and chief designer of Augur is no other than Joey Krug. This genius smart contract designer, now Co-Chief Investment Officer at Pantera Capital, has created Pandora’s Box on the blockchain. Should he be liable if anyone gets hurt because someone killed a person and cashes out on their prediction?
In an interview with ETHNews, Krug commented on the assassination markets and said, “it’s a bit like asking the creators of SMTP if they’re ok with email being used for ransom notes. Obviously, I would prefer people not use the tool for such things.”
Clearly, regulation is important, and assassination markets should not be allowed to continue. However, Augur is decentralized and no one really controls it, not even the man who built it. This is readily apparent if you dive into the Augur FAQ, which reads:
“The Forecast Foundation [Augur’s parent company] has no role in the operation of markets created on Augur, and does not have the ability to spend funds that are held in escrow on-contract, does not control how markets resolve or are created, does not approve or reject trades or other transactions on the network, and do not have the ability to modify, cancel, undo, or interact with orders on the network. The Forecast Foundation has no power to censor, restrict, or curate markets, orders, trades, positions or resolutions on the Augur protocol contracts.”
Without any power to control what is built on Augur, the FAQ suggests that the burden of compliance lies with the users: “Users of the Augur protocol must themselves ensure that the actions they are performing are compliant with the laws in all applicable jurisdictions and must acknowledge that others’ use of the Augur protocol may not be compliant. Users of the Augur protocol do so at their own risk…The Forecast Foundation does encourage users to follow their respective local jurisdictional laws, rules and regulations, even though it can’t and doesn’t control their use of the Augur protocol.”
There lies the problem. Who is held accountable for the prediction markets on Augur? Is it Krug? Is it the user? How can the creator of a market account for the participants’ compliance, or lack thereof, if there are no measures built into Augur to support that? Clearly, this is a matter that will have to be settled in court. In the meantime, we all hope (Krug too) that Augur will not be used for illegal activities.
The next big shoe to drop is decentralized exchanges. These smart contracts allow anyone to trade anything with everyone anywhere in the world. Utility tokens, security tokens, shares, bonds, derivatives, you name it. It’s a global market where anyone with internet access can participate. Sound like a dream utopia? That’s because it is. There are clear rules about how these markets can function as soon as securities become involved (and securities inevitably become involved with these exchanges).
Securities laws are different in each country, and the penalties are complex. It turns out that jurisdiction for trades lies with the country of the investor. What happens if an investor from the United States trades with another investor from France on a decentralized exchange, and the trade is fraudulent. The buyer loses everything, and the seller has all the money. How is this settled? Who pays, and who is held accountable? This opens up a great jurisdiction puzzle, and who knows where it goes from here.
Maybe a new profession is about to emerge: legal smart contract auditing. Maybe lawyers will soon have a new business of reading the software and determining if it is legally sound and can be deployed on the blockchain. It’s too bad I didn’t get a law degree because I could be one of the pioneers in this new and exciting profession.
If you liked what you read, please clap and follow me on Medium.