Blockchain technology, also known as distributed ledger technology, is billed as 'trustless'. In other words, it allows the carrying out, monitoring, and crucially enforcement of an exchange for value over a network of computers, without a middle single party empowered with operating and governing the network. This novel structure has the potential to create significant challenges for parties relying on existing laws and regulations. It is therefore important for businesses to learn how blockchain technology works and consider the legal issues associated with deploying it in their organisation.
Our previous series of articles explains what blockchain is and how the technology can be adapted for a number of different uses. In essence, transactions on blockchain can have a three part structure: (a) an offer is sent to the network declaring the transaction; (b) the offer is accepted; and (c) the network verifies the authenticity of that transaction. Further lines could be added to this basic process to make the transaction conditional on the occurrence of certain events, which is effectively creating a 'smart contract'. Smart contracts are not 'contracts' in the traditional sense. Rather they are programmable transactions that can automatically execute the terms of a contract once a defined set of rules are met. Creative solutions will need to be put into practice to deal with the following legal issues that arise as blockchain and smart contracts become a reality.
Data protection and privacy
Blockchain technology is about efficiency, transparency and the removal of the requirement for trust in transactions. Blockchain technology records that a transaction happened, when a transaction happened and that the transaction happened correctly. In a public blockchain ledger, all counterparties can access the ledger. Making such a transparent technology comply with the requirements under data protection law and the European General Data Protection Regulation (GDPR) could prove to be tricky, particularly due to the heightened responsibilities and sanctions for infringement under the GDPR.
Contracts for blockchain solutions will need to incorporate appropriate data protection provisions if the blockchain technology is processing transactions involving personal data. Developers creating blockchain software should ensure they follow the requirements of 'privacy by design' and 'privacy by default' during the development and...