Blockchain: Risks Related to Regulatory Issues and Security

I think there are several risks that people need to consider. One, the regulatory scheme. If you’re a financial company you need to be worrying about financial regulators, potentially the SEC, potentially the CFTC, as well as state authorities
if you’re here in the U.S. Antitrust considerations abound. Anytime that there’s one dominant technology by one dominant provider, they’re necessarily going to be losers in such a scenario. And those losers may be looking at antitrust laws for remedies and arguing that certain policies, procedures, what not our violative of those laws. And then finally I think the third thing that folks should really consider is how can I apply blockchain technology such that from the beginning of the data that I want to capture, to the end of the data that I need to capture is secure and complies with all the privacy provisions that are out there in all of the jurisdictions in which your technology is going to be deployed. You know this is a nascent technology. We’re starting to see it implemented. We don’t yet know how scalable the technology is. We don’t yet know how secure the technology is. We know that the algorithmic basis of it and the cryptographic basis of it is capable of withstanding all of the currently known forms of attack. But if you look at sort of developments for example in quantum computing, could a quantum computing attack overcome a blockchain security? That’s a really fundamental question we don’t know yet, because we don’t have blockchains that are of that scale, and we don’t have quantum computing. But we know it’s a risk. I think one of the other areas that people really need to think about is what I would call the physical aspects of security. Because blockchain systems rely on the holding of certain keys, cryptographic keys that allow transactions to be authorized and taking place. Those keys have to sit somewhere. They either have to sit on a system or they have to sit with a person. And we’ve certainly seen in the cryptocurrency space, you know initial actions against individuals in order to access keys, effectively theft of cryptographic keys. That I think is a really big issue that doesn’t get enough attention. How you marry your blockchain digital security with the physical security that you need to secure your infrastructure. I guess the sort of third overarching risk is if you are a business looking to implement blockchain how do you design a risk framework? And certainly that’s what I spend an awful lot of my time doing. You know we have clients who are very smart lawyers or general counsel who understand the way the technology is going to be implemented in their business. And what they’re really looking for is to understand what new risks it brings in, what risks it gets rid of, how they need to update their systems and processes and actually how they need to train their people to make sure that that system is operated in a way that continues to create value for the company and doesn’t expose it to excessive risk. There are a lot of really smart and advanced computer programmers out there working on the technology side of blockchain applications. But they don’t always think about what the legal risks could be on their way to developing a great new application. So the risks that I try to keep at the forefront of their mind when people come to talk to me are sometimes the cavalier attitude that people take towards the securities laws You know as they’re developing a new technology they don’t always stop and think, well what do existing laws say about that technology? What are the laws that I need to comply with? Everybody operating in the space should take a step back and work very closely with their lawyers to ensure that these legal risks are being accounted for and making sure that you have a legally compliant blockchain application.

Leave a Reply

Your email address will not be published. Required fields are marked *