In prior posts I have discussed what bit coin is, in terms of describing the technical aspects of the thing.  Bit coin is only one of numerous non-fiat currencies which currently exist, and seems to be the most common.  In this post I will not be focusing on the technical nature of non-fiat currencies, but rather consider what the character of a non-fiat currency is legally.  Stated more directly, is a bit coin legally a currency, security, instrument or something else.

The trick is to realize that there is no coin

Bear with me, because this is a long post.

To state the obvious, bit coin is not a currency in the sense it was issued by a sovereign.  However, non-fiat currency is not unheard of in the world.  You could argue with a straight face that the game tokens at Chucky Cheese are a form of non-fiat currency.  They can be exchanged for value (say a video game or perhaps a trinket) and there is a market to exchange them with others – if you happen to be 10 years old.  But to say that a game token is legally the same thing as a bit coin over simplifies that notion that something which represents value and can be exchanged in necessarily a currency.

In reality, anything can retain value and be exchanged for something else of value.  This is the basis for early barter system economies, such as the Mesopotamian culture.  However, currency has only one imperative, which is to be valuable.  Unlike bartering wheat for timber, a currency cannot be used to make bread or build a house.  Its only purpose is to retain value.

In the United States, this is enough for the criminal justice system to have determined that bit coin is money for the purpose of the various criminal statutes concerning money laundering, purchase of illegal items, and transferring money to conspirators.

On the civil side of the law, the Courts have yet to settle on a definition of its character.  The notion of a bit coin as a currency is, in my opinion, driven by the name itself.  If it was called bit-value, bit-stock, or bit-note the immediate perception might be different.

In fact, some forward thinking companies issue Initial Coin Offerings (an “ICO”) which is similar to an IPO, but instead of shares in the company in the traditional sense, the company will issue “coins” to investors which function more as token on ownership rather than as a fungible currency.  In using an ICO, the coins are tracked with the blockchain technology allowing for the quick and anonymous transfer of the coins instantaneously to anyone anywhere.

These ICO coins are certainly not currency because they act as ownership stakes in a company and, while they hold value and can be exchanges for value, the ICO coin is not fungible with another company’s ICO coin.

By the same token (pun intended), is a bit coin itself fungible?  While one bit coin will equal another bit coin on the exchanges, each bit coin is supremely unique because of its hashing and ownership on the ledger.

Perhaps the hashing is analogous to a dollar bills serial number, but the ownership function on the ledger has no analogous characteristic with currency.   Without the ledger there could not be a decentralized ability to transfer a bit coin from one person to another, and without that ability anything of “value” is really worthless.  It is therefore, I believe, a central element of bit coin that it requires a ledger, which likes the bit coin to the owner’s wallet.

Equally import is that fiat-currencies are backed by the sovereign while bit coin is backed by nothing but the common belief that it has value.

Both of these issues, I think, sets bit coin apart from a currency, which requires no ledger or mechanism to keep track of ownership and (for fiat currency) requires sovereign backing.  While the true owner of the bit coin may remain anonymous, the owner must like his/her wallet and public key to each of his/her bit coin.

What then, if not currency?

As mentioned above, some types of block chained “coins” are much closer to a security than a typical bit coin.  In fact, the SEC has recently ruled that these token type coins from an ICO are regulated.  However, the bit coin (and similar) are not shares of a going concern which will be run primarily by others from which you hope to capture a gain from such operations.

Rather, its value with only the purpose of being value.

If I may, I think that a bit coin is most like a letter of credit payable in a foreign currency.  The obligation of this “bit-letter of credit” would be the bit coin market place.  When a bit coin owner wants to cash out, he/she attempts to convert the bit coin into some sovereign currency, say US Dollars, by selling / assigning that “bit-letter of credit” to a person willing to accept the rights to the “bit-letter of credit”.

The letter of credit analogy is supported by the fact that actual letters of credit can be traded in exchange for value.  And, if you had a letter of credit payable in Yen, but needed US Dollars, you would be subject to the currency fluctuations among the two.

In fact, the Knights Templar, who pioneered the original letters of credit, allegedly used a cipher on the documents to ensure their validity and kept records on their ledgers.  Additionally, these letters of credit were traded as if currency because of the belief in the credit worthiness of the Knights Templar – who were not a sovereign and were specifically not subject to any sovereign by papal bull.

We are still $20 short. Who did not chip in for the tab.

Indeed, the a modern letter of credit can be assigned, and to do so requires notice to the Bank which is recorded on the bank’s ledger.  Additionally, a letter of credit is not backed by the sovereign.

For this reason, I think bit coins are most analogous to a letter of credit in terms of its legal character.

Please feel free to disagree or comment below.  This in an emerging issue and input is appreciated.

Facebook terms reviewed.  This blog is usually not a data security blog (although it’s something I care about); but the recent scandal with Facebook made me curious just what users agree to by using the site.  As the saying goes, “if the product is free, you are the product.”

The Sound Of Music Party GIF - Find & Share on GIPHY

Credit: The Sound of Music, 1965. 20th Century Fox.

Say goodbye to you personal data.

Full disclosure, I do not maintain a Facebook page.  I understand the benefits of it, but it’s not for me.  Recently, the FCC has announced an investigation into Facebook and its CEO has been called to Capital Hill over the data sharing scandal.  The headline, of course, is that Facebook shared its information and that information was used to sway the election in the US in 2016.  The underlying issue is, what, if anything did users agree to by using the site. This blog post reviews some of those things.

In general, the terms of service with Facebook are what will govern the relationship between Facebook and the user.  The first thing you need to know is that the terms of service are scattered around a lot of hyperlinks.  Links within links.  If you want to know the true terms, be prepared to spend a long time navigating the site.

For example, section I of the Data Use policy states:

Things you do and information you provide. We collect the content and other information you provide when you use our Services, including when you sign up for an account, create or share, and message or communicate with others. This can include information in or about the content you provide, such as the location of a photo or the date a file was created. We also collect information about how you use our Services, such as the types of content you view or engage with or the frequency and duration of your activities.

The “Services” are defined here https://www.facebook.com/help/1561485474074139 and include basically everything Facebook does, as well as its affiliates, which are identified here: https://www.facebook.com/help/111814505650678?helpref=faq_content.

In short, anything you consent to by using any of these pages, or their mobile apps can be shared.   Importantly, the permissions on some of the apps allow Facebook to monitor you phone calls and text messages even outside of the Facebook app.  https://arstechnica.com/information-technology/2018/03/facebook-scraped-call-text-message-data-for-years-from-android-phones/

But that’s just the beginning.  Facebook collects all of your payment and credit card information.  Again, in section I of the data use policy, a user agrees that:

Information about payments. If you use our Services for purchases or financial transactions (like when you buy something on Facebook, make a purchase in a game, or make a donation), we collect information about the purchase or transaction. This includes your payment information, such as your credit or debit card number and other card information, and other account and authentication information, as well as billing, shipping and contact details.

By using Facebook, you agree that Facebook can track you on the web and in real life:

Device information. We collect information from or about the computers, phones, or other devices where you install or access our Services, depending on the permissions you’ve granted. We may associate the information we collect from your different devices, which helps us provide consistent Services across your devices. Here are some examples of the information we collect:

  • Attributes such as the operating system, hardware version, device settings, file and software names and types, battery and signal strength, and device identifiers.
  • Device locations, including specific geographic locations, such as through GPS, Bluetooth, or WiFi signals.
  • Connection information such as the name of your mobile operator or ISP, browser type, language and time zone, mobile phone number and IP address.

Facebook then can use all of that information and provide it to third parties, because the users agreed to it.

Apps, websites and third-party integrations on or using our ServicesWhen you use third-party apps, websites or other services that use, or are integrated with, our Services, they may receive information about what you post or share. For example, when you play a game with your Facebook friends or use the Facebook Comment or Share button on a website, the game developer or website may get information about your activities in the game or receive a comment or link that you share from their website on Facebook. In addition, when you download or use such third-party services, they can access your Public Profile, which includes your username or user ID, your age range and country/language, your list of friends, as well as any information that you share with them. Information collected by these apps, websites or integrated services is subject to their own terms and policies.

Facebook users also allow Facebook to provide your “cookies” to third parties affiliated with Facebook.  The terms use for cookies states:

Where do we use cookies?

We may place cookies on your computer or device, and receive information stored in cookies, when you use or visit:

  • The Facebook Services;

  • Services provided by other members of the Facebook family of companies; and

  • Services provided by other companies that use the Facebook Services (such as companies that incorporate the Like button or Facebook’s advertising services into their websites and apps).

 

Do other parties use cookies in connection with the Facebook Services?

Yes, other parties may use cookies on the Facebook Services to provide services to us and the businesses that advertise on Facebook.

For example, our measurement partners use cookies on the Facebook Services to help advertisers understand the effectiveness of their Facebook advertising campaigns and to compare the performance of those campaigns to ads displayed on other websites and apps. Learn more about the companies that use cookies on the Facebook Services.

Third parties also use cookies on their own sites and apps in connection with the Facebook Services. To understand how other parties use cookies, please review their policies.

To help temper the extremely broad usage of your data, Facebook states in its Terms that “You own all of the content and information you post on Facebook, and you can control how it is shared through your privacy and application settings.”  However, the background data being harvested is not “posted” on Facebook.  In essence, Facebook is saying “the pictures are yours but your soul is mine”.

There are a lot of things users sign away by using Facebook.  In my opinion users agree that all of their data and habits can be used by Facebook and third parties for a wide range of things.

By using Facebook, you are agreeing that Facebook can track you, your friends and anyone who shares information about you.  Facebook can monitor you communication; both inside and outside of the platform.  Perhaps, most importantly, it seems as if that Facebook can sell all of that information to the highest bidder.

Welcome to being the product.

 

The foregoing is simply the opinion of the author, and not a legal opinion.

Bitcoin first came into public existence in 2008 with the first coins “mined” by a person/group named Satoshi Nakamoto.  As you are probably aware, Bitcoin is a method of transferring value electronically and without the need for any money issued by a sovereign entity.

The first thing to know about Bitcoin is that it is totally decentralized.  There is no master server and no bank vault with anything tangible in it.  Bitcoin exists only as complex mathematics on random computers around the world.  However, once you own a Bitcoin, you can spend is like money with anyone who will accept Bitcoin.

What is the Public Ledger

The driving factor for most Bitcoin believers is the lack of centralization or government oversight.  There is no actual coin and there is no government keeping track of who owns any particular coin.  However, this begs the question: How do does anyone know who actually owns a Bitcoin.

The answer is the Public Ledger.  To overly simply the Public Ledger, it’s a spreadsheet that exists on private computers all over the world known as nodes.  These nodes run on personal computers of people who download Bitcoin mining applications.  All of these random computers around the world share the Public Ledger and confirm not just ownership of a particular Bitcoin, but also the transfer of a Bitcoin from one wallet to another.

When a transaction of Bitcoin occurs the Public Ledgers are notified.  The transaction causes several things to occur.  Among them, the hashing on the blockchain is updated, there is a proof of work, and if all of the math checks out, then the Bitcoin is transferred to the recipient’s wallet.

What is a wallet?

A wallet is exactly what is sounds like.  It is a person’s repository of Bitcoin.  Wallets are held at recognized exchanges online.  Something like a deposit account, but with no rules and no FDIC.  Importantly, the wallet doesn’t actually hold anything.  Rather, the wallet is simply something a Bitcoin is assigned to in a Blockchain.  A bit like signing your name on one of those ride-sharing bikes.

What is Bitcoin Mining

So, to recap, there is no government regulation and the records of the transaction are on the Public Ledger that maintained by random people.  Why would anyone actually bother to keep the system working?  The answer is Bitcoin mining.

Bitcoin mining is the act of processing the transaction of a Bitcoin from one wallet to another.  For reasons discussed below, this takes a lot of computer power.  However, each time a transaction is processed a new block in the Blockchain is hashed and in return, the Bitcoin miner is awarded a fee in bitcoin for the work.  As more transactions are completed, these bit coin fees diminish.  These fees are the source all bit coin, including the “genesis” Bitcoins from 2008.

What is the Blockchain and Hashing

The short version is: the idea is simple but the execution is very complicated.  The Blockchain is the lineage of each Bitcoin from inception to the current owner as reflected on the Public Ledger.  Again, to over simplify, think of the Blockchain as stacking wooden blocks with a new block added everyone a new Bitcoin owner owns a particular Bitcoin.  The rub is proving ownership on a network of nodes, which is where the Hashing comes in.

You can think of the Hashing as the glue between the wooden blocks making up the Blockchain.  This where the complex math comes in and we circle back to the Bitcoin miners.

Each block gets a new Hash. If you looked at a Hash, it would look like a long string on random numbers and letters; but they act as a public encryption password for the owner of the Bitcoin.  You can (loosely) think of the Hash as a lock on a bike.

Every time a Bitcoin is transferred to another wallet the miners will process that transaction and add a new block to that Bitcoin, and that will give rise to a new Hash.  This new Hash can be though of as an additional lock on the bike.  So, if the new owner wants to access its Bitcoin it must know the prior bike lock combination and the new lock combination.  Meaning, every new transaction adds to the level of mathematical complication.

Here is why is gets harder and harder for computers to mine Bitcoin.  As Bitcoins are transferred over and over again Bitcoin miners are forced to compute more and more complex mathematics as they encrypt lock after lock. (Think bike locks on bike locks).

What is a Bitcoin?

Its very complicated mathematics.  In fact, its cryptology.  But more importantly – is Bitcoin “currency”?  Of course, currency and its production is regulated by a governing body.  Here the creation of Bitcoin is regulated by processing power of random computers to compute the complicated cryptology that I simplistically refer to as a bike lock.  Moreover, Bitcoin is mathematically designed to max out at 21 million Bitcoin.

A prevailing question is how to legally characterize Bitcoin: is Bitcoin a “currency”, a “commodity” or a “security” for the purposes of regulation by an actual government?

At this point is important to recall that the genesis of any Bitcoin is the mining process.  There is no sovereign currency that can simply be created by the acts of a citizen.  A citizen can earn a dollar, but cannot simply print a dollar.  In terms of being a security, the owner of a Bitcoin has not bought into anything other than the belief in the nodes and others belief in the Bitcoin.

Perhaps then the Bitcoin is a commodity?  However, for this or any cryptocurrency I would caution against using a legacy legal term to describe Bitcoin except for analogy.

Encryption is Key

I have glossed over a lot of the very complicated encryption that goes into Bitcoin.  Like anything complicated, it is difficult to include everything relevant in a blog post.

One thing I would like to mention is that the Bitcoin wallet has become less and less confidential.  Rather, even with Tor masking it is appearing that movement of Bitcoin can be more easily tracked by a sovereign entity, which strikes at the heart of the purpose of Bitcoin.

In meetings with senior executives and their in-house counsel, I hear this consistent cry: due to ever-increasing regulations, costs associated with compliance are soaring at commercial banks and at financial institutions that own banks (such as life insurance companies).  As a result, “regulatory cost collaboration” is becoming a key strategy for financial institutions with their key vendors.  It is a strategy that overlooks a very familiar and expense vendor: lawyers.

 

Puzzle missing legal

This omission will not last for long.

The impact of compliance costs is well documented (look at this report by Thomson Reuters; and this survey of small banks by Hester Peirce, Ian Robinson and Thomas Stratmann at the Mercatus Center [George Mason University]).

It is a story that I hear 100% of the time from senior executives.  Here are two examples:

  • Regional Bank (top 70 in asset size): it spent over $35million last year in regulatory compliance costs, such as rent, new employees, software and hardware
  • National Bank  (top 20 in asset size): the compliance group has grown from 100 employees to over 700 employees in the last several years

In response to the growth in regulations, financial institutions are striving to streamline processes, both internally and with their vendors.

In the context of third-party vendors, I call this “regulatory cost collaboration.”

Financial institutions with innovative leadership use “regulatory cost collaboration” like this:

  • the financial institution associates specific information, furnished by a specific vendor, with information needed under (or impacted by) regulations or compliance rules; and then
  • the scope of work for the vendor expressly requires performance of the vendor’s service or product in a form or format that minimizes the associated regulatory costs to be incurred by the financial institution

Vendors who implement this approach (or better yet, for a vendor who independently identifies a way to do this) are recognized as a “value-add vender” by the financial institution.

Of course, regulatory cost collaboration does not include the lawyers.

No one is surprised.

Collaboration from Lawyers: The Elephant in the Room
Collaboration from Lawyers:
The Elephant in the Room

 

Lawyers are one of the few “industries” where little has changed since I started in 1981.  “What” lawyers do and the “product” that lawyers deliver remains astonishingly unchanged since 1981.  Sure, today we have computers (and no secretaries), email (and no life) and instant access to everything (the internet is magical); and instead of paper closing binders, we e-mail the closing documents in a PDF format.

None of these changes meets my definition of the phrase “regulatory cost collaboration.”   Indeed, the changes remain lawyer-centric – even the PDF.

Unless the financial institution has specific rules governing the use of PDFs, the use of PDFs actually might be “anti-collaborative” in that it creates MORE work for the financial institution –

  • the PDF still must be “searched” in order to locate specific terms and provisions (since lawyers will “drop” a key provision in any location and in any document);
  • the PDF might not be in a searchable format;
  • even if searchable, the provision might be difficult to locate because the reader may fail to use the “correct” search term or phrases;
  • the identifier or name of the PDF itself might be unrecognizable (since it was generated by the law firm document management system); thus forcing the recipient to “open” it and then rename it

Of course, Richard Susskind and others continue to predict some sort of disruptive change, where the legal industry will deliver the product (be it paper or expensive advice) in a manner that assists Companies in conducting business.  There were numerous conferences and meetings on the topic in the past year (Harvard Law; Suffolk University Law [Kennedy-Mighell podcast summary]); and various legal tech thought-leaders closely monitor the topic (the ABA Law Practice Magazine, July/August 2014 issue is wonderful; and the ABA Legal Rebels is interesting).

Of course, nothing addresses the practical, real time (right now) need for regulatory cost collaboration by lawyers.

Yet.  Stay tuned.

If you see this differently or have something to add, please comment below.