Blockchain: Hot or Myth?
Forget the murky world of crypto-currencies and look instead at the underlying technology: Blockchain. It promises uncorruptible, absolutely secure and completely auditable records of transactions – but without having to store the ledger of transaction data with any central agency or risk having different versions with different parties.
Each time a set of data – a block – is added to, the process must be authenticated by complex algorithms running on multiple participating computers across the world, and only then is it time-stamped and encrypted as a new block – and chained to each previous block in a potentially infinite set of immutable records, itself replicated across numerous computer systems.
For more background on how Blockchain works, please see our article (with glossary of terminology) “Demystifying the Blockchain”.
Commentators are falling over themselves to find potential applications, from protecting the provenance of pieces of art, to storing medical records to ensuring that no blood-diamond can enter the market. One of our clients is using Blockchain to encourage micro-lending to SMEs in developing countries, and is even now in a fintech “bootcamp” accelerator in Dubai, with the support of HSBC and Visa. Blockchain is seen as underpinning the future of commerce over the Internet – and of the Internet itself.
Revolutionary as this technology promises to be, there are legal and practical challenges that those using Blockchain or investing in Blockchain ventures need to bear in mind. We have space here to highlight just two:
- Data Privacy – if a Blockchain-based system is to store and process personal data (especially if this is sensitive, such as medical records), and the blocks are processed anywhere on the planet, how do you ensure compliance with data transfer rules? More importantly, how can you prove compliance to regulators? One answer may be to avoid the public Blockchain altogether and allow processing only by computers within a closed network: which then means that all the participants need to agree on the legal and commercial terms which will apply.
A more radical solution is to encode regulatory compliance into the very functioning of Blockchain, by way of “smart contracts”.
- Smart Contract – at its most basic, a contract that enforces its terms itself, without human intervention. You can view the “if statements” in a contract (“If the rent is not paid, the landlord can take possession of the property and is entitled to the deposit”) as being like computer instructions. If the landlord’s bank account does not receive the rental, the program running the smart contract instructs the deposit holding bank to release the deposit automatically and sends a signal to the electronic locks to deny access to the tenant to the property. A simple example and of course you could program a computer to do all this, with the right access to online accounts and a home security system. The point is that there is no human intervention or due process (assume for this example the tenant has no statutory rights). And what would happen if someone hacked the program and wrongly triggered the consequences? The theory is that if programs like this – which are simply data – were encoded into Blockchain, they would become completely trustworthy and, over time, humans would entrust smart contracts with more and more ability to affect their lives and make decisions on their behalf (conquering the fear of “computer says no” that we all have!). Going a step further, take a smart contract in a regulated sector, such as financial services. “RegTech” systems already exist to monitor and analyse the notices and decisions of financial regulators across the world and to synthesise, with no human input, changes in practice and procedure specific enough to be incorporated into the smart contract. You have a system that grows and adapts itself – instantly – to the changing regulatory environment. The challenge for lawyers is to evolve their drafting skills to express complex legal processes in the code for smart contracts. The much wider challenge is as old as computing itself: “garbage in – garbage in”. What if an error (or more subtly, a bias) is incorporated into a smart contract that affects thousands of customers? How do we establish fault and liability in a distributed system that may not be clearly attached to any one jurisdiction? Lawyers will find a way – we always do – but much thought about these common sense problems is needed to avoid smart contracts becoming more of a burden than a blessing.
Beyond legal and regulatory issues, some argue that the advent of Quantum Computing (and the potential that current industry standard encryption could be broken) also needs to be factored into decisions about the risks and rewards of using or investing in Blockchain. We’ll address this in a future article.