Why Blockchain Firms Shouldn’t Ignore New EU Cybersecurity Laws
Why Blockchain Firms Shouldn’t Ignore New EU Cybersecurity Laws
Jacek Czarnecki is an attorney at Warsaw-based law firm Wardynski & Partners, where he specializes in areas including FinTech, digital currencies and blockchain.
In this opinion piece, Czarnecki discusses European regulatory developments beyond blockchain, arguing that some laws under review outside the industry’s oversight could prove impactful to its practices.
We know that ‘virtual currencies’ (the term to be hardwired into European Union law) will be covered by new anti-money laundering and terrorist financing regulations.
But, while the details on this industry-specific regulation will follow shortly, there are also other pieces of the EU legislation that deserve attention in the meantime.
Going forward, it is quite clear that blockchain as a technology will primarily attract the attention of regulators interested in particular applications.
Lawyers, by and large, think about bitcoin from the perspective of financial regulations or look at smart contracts from the point of view of contract law. This is not necessarily correct, (smart contracts may replace not just legal contracts, for example), but it shows a pattern of thinking that we may be wise to keep in mind going forward.
Namely, that other use cases of blockchain will require legal analysis based on specific areas they impact.
Am I regulated?
This has one important consequence: the regulations that may apply to any specific blockchain use case aren’t clear.
In other words, depending on particular applications of blockchain, different laws may apply. For example, token crowdsales will be scrutinized under securities regulation, since they very often serve the same aim as IPOs, or at least have very similar economic meaning.
Naturally, this should not come as a surprise. The internet might provide a useful example.
We are already used to the fact that different activities performed over the internet may trigger wide range of various regulations, such as consumer protection, personal data protection or intellectual property law.
The practical result is that blockchain projects will often require legal analysis to determine what kind of regulation will apply to a particular application (if any).
This should be also taken into account by lawmakers and regulators. New legislation, even if not drafted with blockchain in mind, may cause side effects that can stifle innovation.
Changing data laws
With this in mind, we’ve recently seen a number of other regulations that, while not specifically aimed at the technology, could nonetheless impact its growth.
Examples include the new personal data protection framework in the EU, which – although declared as ‘technologically neutral’ – may potentially cause conflicts.
Another interesting example is the EU’s directive on security of network and information systems (the NIS Directive, also dubbed as cybersecurity directive), adopted in 2016. Some of its provisions, which are going to become binding law in 2018, pose questions with regard to blockchain projects.
The new directive is important for the private sector, because it imposes cybersecurity obligations on some entities, including certain rules of handling cybersecurity incidents or obligations to take specific measures to manage risks in such systems.
The NIS Directive sets forth three types of digital services: online marketplace, online search engine and cloud computing.
The cloud computing service is particularly interesting here.
The cybersecurity directive defines it as a “digital service that enables access to a scalable and elastic pool of shareable computing resources”. While the definition of cloud computing isn’t controversial, it is worth noting that it can be interpreted broadly.
The directive itself confirms that a wide interpretation should be applied when it says that “cloud computing services span a wide range of activities that can be delivered according to different models”.
What does it mean for blockchain technology and its applications?
The first consequence is that some activities such as cloud mining can be covered by the above definition.
Much more interesting is how the new regulation will apply to ethereum and similar solutions. Services provided via ethereum (which is a kind of a distributed computing platform) may potentially fall within the above mentioned definition of a cloud computing service.
In such a situation, providers of such services will be subject to obligations set forth in the cybersecurity directive. It is even more interesting if we think of distributed services that cannot be easily attributed to any specific provider.
We will know the scale of issues following from potential application of the cybersecurity directive to blockchain-related matters when the law is implemented by the EU member states. However, it already gives us an idea how various regulations may, sometimes surprisingly, apply to applications of blockchain technology.
Article Source: http://www.coindesk.com
On the first day of the Financial Cryptography and Data Security conference in Malta, an academic with a cryptography career …
April 10, 2017 4:24 pm | Jit Sutradhar
Bitcoin bears may be in the midst of taking an upper-hand. At press time, BTC is changing hands at $7,536 …
August 1, 2018 9:19 am | Jit Sutradhar
An enterprise consortium is exploring the possibility of using blockchain-based governance technology to help its members vote on various measures. …
February 21, 2017 4:47 pm | Jit Sutradhar
- Threats Fly As Fight Over $200 Billion Siacoin’s Crypto Code Intensifies
August 21, 2018 8:30 AM | By Jit Sutradhar
- Tron’s BitTorrent Acquisition Triggers String of Employee Exits
August 21, 2018 8:19 AM | By Jit Sutradhar
- SEC Faces Thursday Deadline for ProShares Bitcoin ETF Decision
August 21, 2018 8:11 AM | By Jit Sutradhar
- China Zheshang Bank Issues Securities Worth $66 Million on Blockchain
August 21, 2018 8:02 AM | By Jit Sutradhar
Threats Fly As Fight Over $200 Billion Siacoin’s Crypto Code Intensifies
Tron’s BitTorrent Acquisition Triggers String of Employee Exits
Bitcoin’s Lightning Network Is Getting Its Own Hacker Camp
Bitcoin Awaits Decisive Move as Price Range Tightens
As No-Deal Brexit Looms, UK Blockchain Startups Are Weighing Options