Links in the blockchain: Creating smarter contracts
Legal considerations include security, law and financial crime.
In a 2016 World Economic Forum report, it was suggested smart contracts based on blockchain technology could potentially codify financial agreements in a shared platform and guarantee execution based on mutually agreed conditions. This would significantly reduce manual efforts required to support the execution of financial agreements and – in theory – accelerate business processes.
But there are also important technical and legal issues.
Broadly speaking, smart contracts are self-executing electronic instructions drafted in computer code. This allows a computer to read the contract, which in many instances, will self-execute the stipulations of an agreement when predetermined conditions are triggered. The parties to the contract typically sign the agreement using a cryptographic security code and deploy it to a distributed ledger, or blockchain. When conditions in the code are met, the program automatically triggers the required action.
Blockchain is a register (or ledger) of all the contract’s transactions. Each one (or block) is authenticated by a network of computers before it’s added to the chain of all prior transactions. The blockchain is open and transparent for all to see, but is intended to be secure, permanent and immutable.
The system applies mathematical techniques to match a public address with a private security access key for each participant in a transaction. If there’s a match, the transaction broadcasts to the other participants in the blockchain for verification and entry into the ledger.
A key concern is whether smart contracts can be hacked and manipulated. In July 2016, code vulnerabilities in the Decentralized Autonomous Organization investment fund were exploited to redirect $50 million into an account controlled by a hacker, a participant in the fund.
Based on Canadian case law in the area of electronic commerce, it’s unlikely smart contracts will require any special set of new law or regulations. Rather, existing legal principles will be adapted and perhaps modified, either by statute or by the courts, to deal with the requirements of smart contracts or other emerging technologies.
But it’s unclear at this stage how smart contracts will take each legal requirement for formation and demonstrate they’re met with the proposed solution.
Smart contracts also raise concerns about anti-money laundering. Under Canadian law, participants in financial transactions are required to know and verify the identity of counterparties. They must also report any suspicious activity to law enforcement or block the transfer of funds to specific individuals or organizations. Since smart contracts are designed to self-execute without human intervention, users will need to build technical contracts that allow them to comply with such legal requirements. The identity of parties are often kept anonymous, which further complicates the work by financial institutions who are required to report such transactions, and law enforcement tasked with investigating them.
Another issue is how legal disputes between contracting parties will be settled and how evidence will be provided to the courts. For example, given the courts’ limited expertise in deciphering code, a neutral third party would securely maintain and produce it in natural language for a court to review.
Similarly, if the parties to a smart contract are using a third party platform, they may be required to agree to an established set of overarching basic legal provisions, such as dispute resolution, governing law and venue. These would need to be clearly disclosed and agreed upon to be enforceable. That’s simple enough in theory, but demonstrating the parties clearly understood what agreeing to such provisions meant is not likely to be straightforward.
Blockchain technology and smart contracts have the potential to positively transform financial markets and banking.
Given the significant costs associated with building such contracts and the underlying infrastructure to support them, businesses should invest resources in developing a legal architecture built on existing statutory and judicial guidance. This will avoid unnecessary issues down the road.
Imran Ahmad is a partner at the law firm Miller Thomson and practices in the areas of cybersecurity, privacy and technology law. E-mail email@example.com or call (416) 597-6031.