In this opinion piece, Czarnecki discusses European regulatory developments beyond blockchain, arguing that some laws under review outside the industry’s oversight could prove impactful to its practices.
We know that ‘virtual currencies’ (the term to be hardwired into European Union law) are going to be covered by new anti-money laundering and terrorist financing regulations.
But, while the small print on this industry-specific regulation will follow shortly, there also are other pieces of the EU legislation that deserve attention within the meantime.
Going forward, it’s quite clear that blockchain as a technology will primarily attract the eye of regulators curious about particular applications.
Lawyers, by and enormous , believe bitcoin from the attitude of monetary regulations or check out smart contracts from the purpose of view of jurisprudence . this is often not necessarily correct, (smart contracts may replace not just legal contracts, for example), but it shows a pattern of thinking that we could also be knowing confine mind going forward.
Namely, that other use cases of blockchain would require legal analysis supported specific areas they impact.
Am I regulated?
This has one important consequence: the regulations which will apply to any specific blockchain use case aren’t clear.
In other words, counting on particular applications of blockchain, different laws may apply. for instance , token crowdsales are going to be scrutinized under securities regulation, since they fairly often serve an equivalent aim as IPOs, or a minimum of have very similar economic meaning.
Naturally, this could not come as a surprise. the web might provide a useful example.
We are already wont to the very fact that different activities performed over the web may trigger wide selection of varied regulations, like consumer protection, personal data protection or property law.
The practical result’s that blockchain projects will often require legal analysis to work out what quite regulation will apply to a specific application (if any).
This should be also taken under consideration by lawmakers and regulators. New legislation, albeit not drafted with blockchain in mind, may cause side effects which will stifle innovation.
Changing data laws
With this in mind, we’ve recently seen variety of other regulations that, while not specifically aimed toward the technology, could nonetheless impact its growth.
Examples include the new personal data protection framework within the EU, which – although declared as ‘technologically neutral’ – may potentially cause conflicts.
Another interesting example is that the EU’s directive on security of network and knowledge systems (the NIS Directive, also dubbed as cybersecurity directive), adopted in 2016. a number of its provisions, which are getting to become binding law in 2018, pose questions with reference to blockchain projects.
The new directive is vital for the private sector, because it imposes cybersecurity obligations on some entities, including certain rules of handling cybersecurity incidents or obligations to require specific measures to manage risks in such systems.
The NIS Directive sets forth three sorts of digital services: online marketplace, online program and cloud computing.
The cloud computing service is especially interesting here.
The cybersecurity directive defines it as a “digital service that permits access to a scalable and elastic pool of shareable computing resources”. While the definition of cloud computing isn’t controversial, it’s worth noting that it are often interpreted broadly.
The directive itself confirms that a good interpretation should be applied when it says that “cloud computing services span a good range of activities which will be delivered consistent with different models”.
What does it mean for blockchain technology and its applications?
The first consequence is that some activities like cloud mining are often covered by the above definition.
Much more interesting is how the new regulation will apply to ethereum and similar solutions. Services provided via ethereum (which may be a quite a distributed computing platform) may potentially fall within the above mentioned definition of a cloud computing service.
In such a situation, providers of such services are going to be subject to obligations set forth within the cybersecurity directive. it’s even more interesting if we expect of distributed services that can’t be easily attributed to any specific provider.
We will know the size of issues following from potential application of the cybersecurity directive to blockchain-related matters when the law is implemented by the EU member states. However, it already gives us a thought how various regulations may, sometimes surprisingly, apply to applications of blockchain technology.