Category Archives: Technology Law

Decentralization in 2024

One of the founders of Ethereum recently recognized, “it is rare for the interests of idealism and pragmatism to overlap” but in the case of decentralization it “is not just something we should work towards, but something we truly must deliver on.”  This fixation on “decentralization” took on new life after blockchain hit the popular press. 

Despite BTC reaching 21 month highs, true decentralization of financial systems based on crypto usage will lack mass adoption until there is sufficient trust to render Bitcoin or any other crypto “currency” a real currency.  More than likely, this lack of trust is what is stopping the acceptance of crypto for widespread purchases – an essential precursor for any currency status.  This failing is likely why the IRS from the very beginning relegated decentralized finance products and crypto’s to the status of taxable financial assets. 

To that point, on December 28, 2023, Barrons recognized, “crypto has a long path to relevancy beyond trading.  Despite years of development, blockchain networks remain on the outskirts of mainstream finance, while hacks, theft, and money laundering continue to be among the main uses.  Crypto is still gambling on an unproven technology.”

Indeed, decentralized finance (DeFi) opportunities have also been around for nearly a decade with little widespread market penetration.  With DeFi platforms, existing growing pains stem from a lack of proper security hygiene sufficient to generate trust and “only with trust will this community ever grow beyond its current early adopters.”  Moreover, DeFi platforms and their users face a full frontal attack by centralized banking authorities seeking the sort of financial disclosures currently only found with cash transactions.  DeFi will never touch the “PayPalJPMVisa” mountain peak “until at least one DeFi application checks all the relevant boxes for a sizable enough market.  It may be a decade before a DeFi project reaches that vantage point – with the classic Amazon vs. Sears endgame likely being studied along the way.”

Decentralization can also take on several non-crypto flavors.  For example, the decentralization of governance places local governmental structures above large centralized authorities.  The World Bank considers governmental decentralization in the context of community-driven development as a driver of “economic efficiency, public accountability, and empowerment” by providing “greater voice and choice to citizens to influence decisions that affect their lives” and “allowing local governments to respond dynamically to communities”, and resulting in “allocative efficiency by matching of local needs and preferences with patterns of local public expenditure (assumes substantial fiscal autonomy).”  In the same breath, the World Bank, suggests that potential dangers and challenges brought on by such decentralization include:   “Elite capture, Corruption, Patronage politics, Local civil servants feeling compromised, Incomplete information, Constituents not able to hold representatives accountable, and Opaque decision-making affecting accountability upwards and downwards.”

None of these “potential dangers”, however, are really any less of a risk in centralized governmental structures.  Indeed, “elite capture, corruption, and opaque decision-making” can be more efficiently perpetrated within centralized structures.  Corporate decentralization in the form of DAOs (decentralized autonomous organizations) have some life given the birthplace of limited liability companies – Wyoming, recognizes such a corporate structure and is typically decades ahead of the pack having been the first to recognize LLCs in 1977. Unlike a standard LLC , “a DAO can be managed by a combination of human members/managers and algorithmically.” Nevertheless, this decentralized business entity even in Wyoming remains an LLC hybrid and can be viewed as an unincorporated association able to be sued. DAOs still remain a decentralized movement to track in 2024 and beyond.

Persistent trust issues and effective governmental interventions may curtail widespread crypto adoption and increasing decentralized governance is a non-starter for most countries, but a third major area of decentralization remains a major threat to existing centralized structures – whether such structures derive from authoritative governments – which describes most existing governmental structures, or derive from financial institutions controlling major financial levers, or even are from the tech companies currently controlling most aspects of online and offline public discourse.

Simply put, the decentralization of one’s identity and personal data using self-sovereign identity (SSI) systems represents the greatest current threat to centralized power structures.  Unfortunately, this is not an easy sell or a threat that will manifest anytime soon because, for example, decentralization of one’s digital identity entails asking people to denounce their current online identity built over many years of experience in favor of a clunky and confusing decentralized online persona.

SSI specifications such as W3C VC, OpenID for Verifiable Credentials, SD-JWT – are all directly or indirectly spearheaded by large tech companies and are gaining attention due to potential adoption with European Digital Identity Architecture and Reference Framework, NIST, DHS, etc.  It is not difficult to see why these centralized structures are pushing for mostly federated SSI solutions – the EU Parliament sees SSI as a means of enforcing its privacy regime while NIST sees SSI as a means of strengthening cybersecurity and the DHS wants to deploy it as a means of improving physical security.

More to the point, after centralized authorities implement their own SSI solutions their chosen centralized solutions will never really be self-sovereign given centralized access to personal data – especially personal health information, will never be willingly given up by a centralized authority.  Even the much-ballyhooed HIPAA turns it back to “de-identified” data sales for “medical research”.  Until March 2023, the NIH and other federal agencies previously shared COVID-19 patient health data through several Open-Access Data and Computational Resources.   Indeed, there is a reason HIPAA has long had numerous disclosure exemptions that largely swallowed the law’s protective measures. 

As it stands, healthcare providers sell patient data for billions of dollars without ever violating a single word of either the HIPAA Privacy Rule or HIPAA Security Rule.  Not surprisingly, a 2021 proposed New York Privacy Law was killed in Committee not because of BigTech lobbying – it was shot behind the barn by large hospital lobbyists not keen on having their cash cows disrupted by NYS residents obtaining rights HIPAA does not currently provide.  All the while, since 2018 researchers could “accurately match 95% of adults to their data in a deidentified user dataset”.

The roughly 3 billion DNA base pairs found in human DNA can provide a hard-coded template that cannot be currently mimicked .  In other words, the future world of rapid-fire DNA ID testing envisioned by Gattaca may eventually be the primary means of distinguishing between individuals. 

DNA harvesting for research purposes became mainstream during COVID-19 testing – which is why French President Macron refused Putin’s offer of a PCR test in 2022.  The National Human Genome Research Institute describes COVID-19 PCR “amplification” tests as follows:  “Polymerase chain reaction (PCR) is a common laboratory technique used in research and clinical practices to amplify, or copy, small segments of genetic material. PCR is sometimes called “molecular photocopying,” and it is incredibly accurate and sensitive. Short sequences called primers are used to selectively amplify a specific DNA sequence. PCR was invented in the 1980s and is now used in a variety of ways, including DNA fingerprinting, diagnosing genetic disorders and detecting bacteria or viruses. Because molecular and genetic analyses require significant amounts of a DNA sample, it is nearly impossible for researchers to study isolated pieces of genetic material without PCR amplification.”  It should be no surprise that DNA analytics firms such as 23andMe are targeted by hackers eager to possess the ultimate insight for identity verification and the NIH deployed a wide-ranging voluntary DNA research program on the heels of the eMERGE Network.

Personal identification using DNA fingerprints will become more and more attractive as realistic simulations of human voice, gaits, and images/videos, etc. using generative AI increases the risk biometric identity systems will fail to distinguish real measures from fake ones.  Indeed, some vendors now focus heavily on “liveness detection” that recognizes physiological information as signs of life as an adjunct to the associated biometric data.  FaceTec is a leader in this space and even hosts its own educational site on the importance of liveness detection.  Nevertheless, even these companies will eventually reach a wall in the form of quantum AI capabilities – which points to live rapid-fire DNA testing as the key identity verification tool for future robust SSI implementations. 

Where does this leave decentralization in 2024?  While SSI, DeFi and governmental decentralization efforts today may self-correct in the future towards true decentralization left apart from centralized authority, there are projects in play right now that might more easily mature in 2024 to further data decentralization.  For example, there are efforts taking the form of improved fund distribution – one using a platform created for UNICEF by Nepal-developer, Rumsan, and one called Disburse by Scifn, offering a one-to-many approach. These and other fund distribution platforms can eventually be removed from centralized funding sources.   

In addition to Polkadot, peer-to-peer communication platforms such as Veilid allow users to build their own private distributed apps – which creates peer-to-peer communications with no resulting centralized data storage.  Believing that centralized social media is “harmful to society”, Spritely Institute replaces the current client-server architecture currently under-girding all existing social medium platforms with a “participatory peer-centric model” that places “people in control of their own identity and build the technology that would enable a shift to collaborative and intentional security models prioritizing active consent.”  These approaches still have many mass adoption barriers – the least of which is the competitive market barriers established long ago by current data oligarchs.

SSI left only in the hands of centralized authorities will eventually lead to increased hacking and continued misuse of personal data. Until new statutory requirements bring true portability of personal data – even platform-generated data that is derivative; coupled with meaningful consent rights for existing data usage – rights that limit centralized control when off-boarding to a peer-to-peer platform; individuals will never truly “own” or have control over their personal data.  In other words, decentralization of existing data silos cannot become viable until there is a complete reset of existing norms of data stewardship and lobbyists take a backseat to the preeminence of consumer rights.  If 2024 brings us even a few inches closer to that reality, it will be a good year for decentralization.

Dapper Labs Ruling Dunks on Private Networks

On February 22, 2023, The Honorable Victor Marrero of the United States District Court of the Southern District of New York released a 64-page opinion providing an instant classic exposition  of the Howey Test applied in a Web 3.0 context.  In denying Dapper Labs’s and its CEO’s Motion to Dismiss the unregistered securities offering case brought against them, the Court relies on logic and attention to detail while using an unobstructed view of the applicable law.  The decision can be easily unpacked and likely distilled to one overarching lesson:  market digital assets using your own private blockchain and marketplace and you should probably hire an SEC compliance lawyer beforehand.

In Friel vs. Dapper Labs, Inc., it is the marketing and sale of NFT “Moments” that give rise to Plaintiffs’ putative class action and not Defendant’s FLOW tokens – which were sold in an initial coin offering (“ICO”) outside the United States.  The Court defines NFTs as “digital assets whose authenticity and ownership can be recorded on a blockchain” and the underlying “Moments are a digital video clip of highlights from NBA games, such as a spectacular dunk or game-winning shot.”  Opinion at 9 (“NBA Top Shot is a platform or application, owned and operated by Dapper Labs and built on top of the Flow Blockchain. The purpose of the NBA Top Shot application is primarily to provide a platform to sell “Moments,” the alleged security at issue in this action.”). The Court could have also labeled Moments “programmable digital assets or PDAs” given these digital assets are both programmable for purposes of writing on a blockchain as well as “programmable” for purposes of automating transactions, e.g., the use of royalty payments.

As with most PDAs/NFTs, “[o]wnership of a Moment is limited to only the NFT itself. When a person purchases a Moment, the owner does not acquire any rights to the basketball highlight depicted by the NFT or the underlying artwork or other intellectual property, and thus does not acquire any rights to exploit the highlight without the express permission of the NBA, NBAPA, and Dapper Labs.”  Opinion at 10.

The Court’s ruling ultimately addressed “whether Moments are more like cardboard basketball cards, i.e., commodities, or more like crypto tokens.”  Opinion at 20.  And, in so doing, it was standing on new ground given that “no other courts have addressed either the exact substance or posture of the dispute here:  whether allegations that an unregistered offer for purchase or sale of, specifically, an NFT constitutes an investment contract under Howey and thus survive a motion to dismiss under Rule 12(b)(6).”  Id.   

The Court had little problem denying the Motion to Dismiss and finding Moments could potentially constitute “investment contracts” based on “the plausible allegations that Dapper Labs maintains private control over the Flow Blockchain, which significantly, if not entirely, dictates Moments’ use and value; that Dapper Labs touted Moments as a means for purchasers to realize substantial profits through the low sale prices for packs and marketing of the substantial profits others had made through sale on Dapper Labs’s proprietary Marketplace; and that without Dapper Labs’s essential efforts in maintaining the Flow Blockchain and Marketplace, Moments would be valueless.”  Opinion at 63.

The fact that Dapper Labs controls the marketplace where Moments are sold as well as the private blockchain where they are minted and associated transactions are recorded were the primary reasons why the Court ruled as it did.  Opinion at 11 (“[P]eople may acquire Moments through a secondary marketplace, hosted on the NBA Top Shot application and created and controlled by Dapper Labs (the “Marketplace”). In the Marketplace, Moments owners can re-sell individual Moments they acquired in packs or that they bought from other Moments owners. They may also gift Moments. Ownership of the Moments, the price paid for the Moments, and the transfer and sale of the Moments in the Marketplace are all recorded on only the Flow Blockchain.”).

Judge Marrero begins his legal analysis by referencing the definition of an “investment contract” found in the seminal case SEC v. W.J. Howey Co. where the Supreme Court of the United States defined an “investment contract” as “a contract, transaction or scheme whereby a person invests [their] money in a common enterprise and is led profits solely from the efforts of the promoter party.” Opinion at 17 – 18 (citing SEC v. W.J. Howey Co., 328 U.S. 293, 298-99 (1946)).

As pointed out by the Court, some of the instruments that “at first blush” would not appear as securities include whiskey casks, chinchillas, and rare coins.  Opinion at 19.  Similarly, PDAs/NFTs may not at first blush appear like an “investment contract”.  The Court reasoned that the Dapper Labs token “FLOW is part of the economic realities of the investment scheme in dispute. And, moreover, the Court finds that Defendants are wrong that Dapper Labs’s “embrac[ing] a new technology – NFTs – does not change the underlying legal analysis.” (Id.) In stark contrast to Defendants’ contention, “the involvement of blockchain technology does [] alter” the conclusion, as the Plaintiffs’ allegations make plausible that but for Dapper Labs’s creation, development, and maintenance of the private Flow Blockchain, Moments would have no value.”  Opinion at 22.

Buttressing its view that the private nature of the Flow Blockchain is what sets this case apart, the Court cites a law review article for the following proposition:  “Private blockchains use the same technology as public blockchains, however, a single entity administers them. This results in more control for the entity to restrict permission or allow access to only approved, or invited users.”  Opinion at 4, n. 4See also Opinion at 23 (“In each case, the promoters privatized their ledger, making the purchasers reliant upon the promoter for the asset’s value. That similarity is true whether the instrument is a crypto token or an NFT. And it is the critical similarity here.”).

Again, it is ultimately control over the private blockchain that drives the ruling:

The interplay among FLOW, the Flow Blockchain, and Moments is necessary to the totality of the scheme at issue. Plaintiffs have alleged that, without FLOW tokens, no transactions on the Flow Blockchain can be validated. Indeed, the “Proof-of-Stake” mechanism employed by the Flow Blockchain requires FLOW to power it and incentivize miners to validate transactions. In that respect, FLOW’s utility creates value for Moments through the network’s consensus as to ownership and the price of each transaction.

Opinion at 22.

Indeed, the Court affirmatively states as much:  “[T]he economic realities and technological interplay between FLOW, the Flow Blockchain, and Moments, as alleged by Plaintiffs, are what supports the Court’s conclusions.”  Opinion at 23See also Opinion at 62 (“The allegations that Dapper Labs created and maintains a private blockchain is fundamental to the Court’s conclusion. By privatizing the blockchain on which Moments’ value depends and restricting the trade of Moments to only the Flow Blockchain, purchasers must rely on Dapper Labs’s expertise and managerial efforts, as well as its continued success and existence. As Plaintiffs allege, this is unlike public blockchains, such as that underlying Bitcoin.”) (emphasis added).

Plaintiffs were found to allege a scheme providing directly correlated value between FLOW and Moments, “[i]nsofar as FLOW is necessary to creating the value of Moments via blockchain validation with “[t]he economic impact [being] that as more value is created on top of the Flow [B]lockchain, more demand is generated for FLOW tokens.”  Opinion at 23.

As for the respective component prongs of the Howey Test, such as the “common enterprise” requirement, the Court largely relied on what it called “the ICO Cases” and found this pooling of interests prong satisfied given “allegations plausibly tied the funds received by the promoter through the offering to an improvement of the ecosystem (i.e., the private blockchain) that consequently increases the value of the token offered during the ICO.”  Opinion at 28See also Opinion at 32 (“Plaintiffs allege that Dapper Labs has pooled Moments purchasers’ funds to raise additional capital, outside of and along with revenue, to ensure the Flow Blockchain does not collapse. The reasonable inference to draw from these allegations is that the capital Dapper Labs raises through the offer of Moments is used to develop and maintain the Flow Blockchain.”); Opinion at 34 (“Plaintiffs have alleged that purchasers of Moments are “hitching their wagons to the continued success of NBA Top Shot, [and] to Dapper Labs and the Flow Blockchain that underlies the platform. . . . If the fortunes of Moments purchasers were entirely divorced from the success of Dapper Labs’s Flow Blockchain, then such price reactions based on Dapper Labs’s management of the Flow Blockchain would be unlikely.”); Opinion at 56 (“[I]f Dapper Labs became insolvent and purchasers were unable to trade their Moments on the Marketplace, purchasers would lose the value of their Moments.”).

Of note, the Court rejected any temporal bar that would provide a safe harbor for promoters who waited until their project was far along before introducing the purported investment contract element.  Opinion at 30 (“Implementing the temporal bar that Defendants urge is impractical and would inappropriately limit the scope of investment contracts to pre-development initial offerings.”).

Shared success was found in the fact that Moments’ continued value is contingent on the success of Dapper Labs.  Moreover, this was reasonably inferred given “Dapper Labs controls the Flow Blockchain” and “all that Moments purchasers own is, essentially, the line of code recorded on the Flow Blockchain, as no other rights to use or display the image are transferred.” Opinion at 36

The Court also found that “Defendants’ public statements and marketing materials objectively led purchasers to expect profits.”  Opinion at 45.  Moreover, under the applicable test, the promise of profits must also be “derived from the entrepreneurial or managerial efforts of others.”  Opinion at 52.    More specifically, “[t]he law requires [] that . . . the efforts of the promoters . . . must be necessary to the success of the venture, such that without them, the ‘investments would be virtually worthless.’”  Opinion at 53 (citation omitted). Plaintiffs easily satisfied this requirement for purposes of the Motion to Dismiss.

And finally, the Court broadly concluded that “Defendants’ failure to acknowledge the blockchain technology that underlies Moments is fatal to their Motion in this respect. Without Dapper Labs’s continued maintenance of the Flow Blockchain and the “token that powers it all,” FLOW, Plaintiffs’ [complaint] plausibly alleges that Moments would have no value.” Opinion at 54See also Opinion at 56 (“a company’s efforts to develop and maintain an ecosystem for trading sufficiently establishes the third Howey prong.”); Opinion at 57 (“Dapper Labs’s implicit promise to maintain the Flow Blockchain and facilitate trades on the Marketplace drive Moments’ value.”).

While the Court made the correct ruling as to Dapper Labs, there is always the possibility a future court might misconstrue what was done to the disadvantage of others selling PDAs/NFTs using, for example, a layer 2 platform build on a public blockchain or on a platform not reliant on a native token ecosystem.  Such potential future ruling would be an obvious bridge too far. 

The Court recognizes the potential for such mistakes being made prior to signing off by providing a disclaimer that “[n]ot all NFTs offered or sold by any company will constitute a security, and each scheme must be assessed on a case-by-case basis.”  Opinion at 62.

It is highly unlikely that the Court’s ruling could be used against a fine art PDA/NFT platform using public blockchain networks. The Court even acknowledges that truly individual and unique items such as artwork would not easily square with its ruling.  See Opinion at 35 (“In each of the cases cited by Defendants, horizontal commonality did not exist because there was no causal connection between “unique pieces of artwork” being sold and the promoter making the offering.”) (citing Dahl v. English, 578 F. Supp. 17, 20 (N.D. Ill. 1983)); Opinion at 36 (“[I]f, hypothetically, Dapper Labs went out of business and shut down the Flow Blockchain, the value of all Moments would drop to zero. That is the critical causal connection that other collectibles cases lack, and which is alleged here.”); Id. (“Assessing those allegations in connection with the analogy Defendants favor – cardboard basketball cards – reveals the flaw in their analysis. Hypothetically, if Upper Deck or Topps, two longtime producers of physical sports trading cards, were to go out of business, the value of the cards they sold would be wholly unaffected, and may even increase, much like posthumously discovered art.”).

On the chance a PDA/NFT sale couples with the physical twin underlying it, there would stand yet another reason to distinguish this decision.  See Opinion at 52 (“Other than Dapper Labs’s self-serving definition of Moments as “Art,” Defendants concede that the definition connects only to “the videos and pictures underlying each Moment,” which purchasers do not own, thus ignoring that the “totality of the evidence” supports a finding that Moments were purchased with “investment intent.”); Opinion at 58 (“[W]hile Moments purchasers may “own” the NFT (or line of code that indicates ownership on the blockchain) they have no rights to the underlying intellectual property the NFT depicts.”).

Fine art NFTs also retain another point of distinction with Moments given fine art NFTs will always have intrinsic value.  As recognized by the Court, “Defendants’ argument that “Dapper’s marketing efforts would have no effect on the value of the basketball cards being sold, because each card has an inherent worth” is contradicted by Dapper Labs’s Terms of Use for the NBA Top Shot application, which repeats four times that Moments have “no inherent or intrinsic value.”  Opinion at 57See also SEC v. Kik Interactive, Inc., 492 F. Supp. 3d 169, 180 (S.D.N.Y. 2020) (“Unlike real estate, Kin have no inherent value and will generate no profit absent an ecosystem that drives demand.”).

Almost as an aside, it is also hoped that future courts citing this decision do not value too highly the Court’s comment regarding the hyping of sales – something every promoter or seller does in some form or another.  See Opinion at 55 (“Plaintiffs also plausibly allege that the value of Moments in the secondary market depends upon Dapper Labs’s ability to maintain hype and keep purchasers interested in buying and trading Moments.”).   Fine art gallery owners certainly routinely “hype” their artists in the secondary market and such conduct standing alone should never point the needle in any one direction.   

And finally, to the extent the Court extols in general terms the virtues of blockchain technology as a way of demonstrating why the entire Flow ecosystem – including Moments, necessarily relied on Dapper Labs’s success, the failure to parse between private and public blockchains might cause a future court into mistakenly equivocating privately-run blockchain network with a true public one.  See Opinion at 57 – 58 (“Plaintiffs plausibly allege that Moments would be worth far less without the price transparency and trust that the Flow Blockchain enables as well as Dapper Labs’s facilitation of trading on the Flow Blockchain via the Marketplace.”).  Overall, this language comes off as slanted in a single direction without proper distinctions being made but this criticism remains a minor quibble in an otherwise extremely well-written decision. 

There are certainly valid reasons why platforms built on private blockchains should be treated differently from public blockchains and likely why Voice wisely recently made the move to a public blockchain. Platforms that use native tokens such as Rarible with its RARI token may also have to strategize a bit after this decision. And finally, private blockchains focused on NFTs such as WAX may have to decide how the efforts of its promoters are compensated. At some point in the future, the fact that the Cayman Islands company “Exposition Park Holdings SEZC” owns the intellectual property filings referenced below may create a problem for the WAX ecosystem:

Going forward, the safest approach to take for those looking to build out a PDA marketplace is to partner with a company that has built a platform from the ground up using a public blockchain and without the use of a platform native token or any other direct means of controlling the value of the digital assets marketed using the platform. And, the PDAs/NFTs sold using such a platform least likely to be considered investment contracts are the fine art ones underlying the nascent Digital Art Movement now well underway.

NFTs are Dead, Long Live PDAs

The year may not be 1422 and the ascension of Charles VII to the French throne may not mean much six hundred years later but a formal transition of power from the “non-fungible token” blockchain throne is finally in order – with “programmable digital assets” – or PDAs, taking the place of NFTs.

Built on the same sort of blockchain technology underlying every Bitcoin ever mined, a non-fungible token is merely a digital reference certificate of ownership containing the provenance and ledger of all activity surrounding a specific digital asset. On November 13, 2018, Christie’s New York became the first auction house to register a high-end art sale on a blockchain platform with its $317,801,250 sale of the Barney A. Ebsworth collection.   In other words, the provenance utility of blockchain as a “secure digital registry” was already proven four years ago.

Because they are recorded on a public blockchain, NFT activities can be viewed by the public and any manipulations of data easily discovered.  Indeed, this ability to discover manipulations caused many to consider blockchain entries a sort of immutable ledger – an overstatement but still a useful analogy.

Despite representing only 10% of the total volume in NFT transactions, fine-art NFT sales remain the most fertile growth area for NFTs going forward.  As astutely pointed out by the owner of a leading fine-art NFT marketplace, “cryptographically provable scarcity provides value, while decentralization provides security and transparency — qualities that make both art and cryptocurrencies valuable. The NFT art movement may be nascent, but it has increased its pace from a crawl to a sprint, and the world is taking notice.”  Where Gemini is wrong, however, is in thinking the “NFT art movement” would go any further than it already has in its present incarnation.

While the term “non-fungible token” is technically accurate, it was always somewhat misleading given the term focuses only on the uniqueness of the asset, which may be a key characteristic but certainly is not the sine qua non of these digital assets.  The technology underlying NFTs offers much more than the ability to represent a unique digital item. NFTs have always been created using smart contracts, which are self-executing contracts with the terms of the agreement between buyer and seller directly written into the code.  In other words, NFTs can be programmed to perform actions or facilitate certain transactions after certain conditions are met.  For example, these digital assets could be programmed to automatically transfer ownership to a new owner when certain conditions are met, such as the passage of time or the payment of a certain amount of money.

This ability to program using smart contracts provides a level of functionality and flexibility that goes well beyond merely representing a unique digital item.  Art sold as an NFT, for example, can for the first time automatically transfer financial support to a charity of the artist’s choosing.  In other words, these unique fine art objects are much better described as programmable digital assets rather than NFTs even though a “programmable digital asset” can technically be fungible.

A nomenclature change is now in order because the term “non-fungible token” never adequately conveyed potential other use cases for NFTs. While NFTs are often associated with collectibles, they have the potential to be used in a wide range of applications, including supply chain management, provenance, and even real estate transactions. By only highlighting the “non-fungible” aspect of these digital tokens, one overlooks other potential uses and applications – characteristics that can make the art component of the token active and subject to change unlike the dominant static art already in existence for millennia.

At its essence, the term “programmable digital assets” more succinctly captures the potential range of capabilities and uses for these digital tokens, and certainly better conveys their unique position as a new type of digital asset, namely one that is programmable. The off-putting term “non-fungible” conveys a single attribute that can easily be part of a broader marketing discussion.

There is no denying the term “non-fungible token” has gained widespread use and recognition – much of it negative in recent months, so it will be difficult to completely shift to any new terminology without having significant marketing dollars thrown at the problem. Nevertheless, with awareness for NFTs evolving in a negative direction – whether Trump or fraud driven, it becomes even more crucial to apply a new product term.  This new term might as well more accurately reflect the full potential of these novel assets. 

Industry advocates would be smart to do whatever it takes so that NFTs relinquish their throne to a new and more progressive named successor no matter what the cost.  In some ways, this change is already under way. On July 7, 2022, Reddit announced it would introduce “Blockchain-Backed Collectible Avatars” – limited-edition digital assets created by artists which provide unique Reddit platform benefits to owners. 

Despite very much being NFTs, the Reddit announcement did not use the term NFT even once. Maybe in the future a company with deep marketing resources will simply try and co-opt the entire market category by using its own “brand worthy” naming convention for “programmable digital assets” .  Until that happens, however, we should help PDAs succeed NFTs.

It might be easier to imagine this name change a reality while having a Dunkin’ coffee and trying to envision what an EskimoPie or Uncle Ben’s rice pudding dessert with Aunt Jemima syrup would taste like or what an old Weight Watchers ad might look like if played while watching the Washington Redskins’ 1992 Super Bowl victory. 

World Phone is Allowed to Pursue Meta in Regulatory Proceeding

On December 8, 2022, the High Court of New Delhi ruled that World Phone “may be allowed to participate, both by means of written representation and oral submissions” before the Telecom Regulatory Authority of India (TRAI). Such relief was granted despite opposition by Respondents Facebook and WhatsApp.

In addition, the Court ruled: “Considering the extensive prevalence and use of internet telephony, TRAI would expeditiously conduct this stakeholders’ consultation and give its recommendations accordingly.” In other words, not only must TRAI consider the submissions of World Phone, it must quickly deliberate regarding its recommendations.

On one level, the Court passed the buck on this matter given no substantive ruling was reached regarding the underlying merits of the Petition. On the other hand, there was a stern message set forth in the Order regarding how the Government of India has shifted in its approach to over-the-top services and that it may be the time to reign in Meta before it is too late. World Phone – a company that has been battling Facebook since 2015, will do what is needed to assist in that endeavor.

ChatGPT

On December 7, 2022, ChatGPT was asked “write a 450 word essay on how ChatGPT works and how it can impact Web 3.0 in the future.”

Here’s how it responded:

ChatGPT is a cutting-edge natural language processing (NLP) model developed by OpenAI. It is a variant of the popular GPT-3 model, which is known for its ability to generate human-like text. Unlike GPT-3, however, ChatGPT is specifically designed to handle conversational language, making it a powerful tool for building chatbots and virtual assistants.

ChatGPT works by processing a sequence of words and predicting the next word in the sequence based on the context of the words that came before it. It uses a deep learning algorithm called a Transformer, which allows it to analyze large amounts of text data and learn the patterns and relationships between words in a given language. This allows ChatGPT to generate text that is coherent and relevant to the conversation at hand.

One of the key advantages of ChatGPT is its ability to handle a wide range of conversational scenarios. It can handle simple tasks like answering basic questions or providing information, as well as more complex tasks like carrying on a multi-turn conversation or responding to open-ended prompts. This makes it an ideal tool for building chatbots and virtual assistants that can help users with a variety of tasks.

In the future, ChatGPT and other advanced NLP models like it could have a significant impact on Web 3.0. Web 3.0, also known as the Semantic Web, is the next generation of the internet, where information is organized and interconnected in a way that allows machines to understand and interpret it. With the help of advanced NLP models like ChatGPT, machines will be able to process and understand natural language, allowing them to interact with users in a more natural and intuitive way.

For example, imagine using a virtual assistant to help you plan a trip. With the help of ChatGPT, the assistant could understand your requests and preferences, and provide personalized recommendations for flights, hotels, and activities based on your specific needs. It could even handle complex tasks like booking reservations and making payments, freeing you from the tedious and time-consuming task of doing it yourself.

In addition to making everyday tasks easier and more efficient, ChatGPT and other advanced NLP models could also have a major impact on industries like healthcare, finance, and education. For instance, chatbots powered by ChatGPT could be used to assist doctors in diagnosing and treating patients, or to provide personalized financial advice to investors. In the education sector, chatbots could be used to provide personalized tutoring and support to students.

In conclusion, ChatGPT is a powerful natural language processing model that has the potential to revolutionize the way we interact with machines. With its ability to handle complex conversational scenarios and understand natural language, it could have a major impact on Web 3.0 and a wide range of industries in the future.

++++++

Given the fact ChatGPT obtained over a million users in under a week, it won’t be long before the company that launched this tool is eventually purchased by Microsoft or Google – especially given it is a direct threat to their multiple billion dollar revenue streams.

IP Rights in NFTs, Part I

On August 31, 2022, VC powerhouse Andreessen Horowitz released a series of license templates focused on helping NFT projects create more certainty in intellectual property matters.  This comes on the heels of an August 19, 2022 report, “A Survey of NFT Licenses: Facts & Fictions” that concludes the “vast majority of NFTs convey zero intellectual property ownership” to their owners. 

Seeking to create certainty where none currently exists, the released licenses provide different approaches for NFT projects:

According to Andreessen’s Horowitz’s General Counsel, these licenses “were inspired by 20-plus years of work by the Creative Commons.”  Working with two law firms and several of their portfolio companies, the licenses have been incorporated into a Github repo so creators can build them directly into the smart contracts used in their NFT projects. And, they have been all released under the Creative Commons Zero open source license.  Andreessen Horowitz also claims that its licenses are “legally irrevocable” and create certainty in the marketplace after the license is deployed. 

All of this is of course wishful thinking. 

No matter how noble its motivations, Andreessen Horowitz cannot unilaterally dictate when licenses will be “legally irrevocable” in the same sense a smart contract deployed on one platform may not be enforceable when a minted NFT using that same smart contract is sold on another platform.  Given the many different NFT platforms deployed, this is just one of many issues that likely more pressing.  As for what a suitable NFT intellectual property framework would actually look like, that really depends on the platform used.

Axie Infinity’s Sidechain Suffers Massive DeFi Exploit

On March 29, 2022, the developers behind the Ronin Network – an Ethereum sidechain used to support the decentralized game Axie Infinity, announced a major exploit.  The developers revealed that an attacker used hacked private keys from four Ronin Validators and a third-party validator run by Axie DAO – out of a total of nine, to forge withdrawals of 173,600 ETH and 25.5M USDC – valued at over $625 million. 

This sort of 51% consensus attack plagued the proof of work crypto community since its early days but largely fizzled out as a threat as the major blockchains grew more complex and the number of mining nodes grew into the thousands.  The fact that the Ronin sidechain only had nine validators for its exit bridge – with a majority being a mere five of the nine, was a security failing by most vantage points.  Not surprisingly, to “prevent further short term damage”, the Ronin Network immediately “increased the validator threshold from five to eight.” And, more importantly, the network “will be expanding the validator set over time, on an expedited timeline.” 

The race to mass adoption of new networks has caused many DeFi platforms to forego a security-first design.  Rather than viewing such an approach as time-consuming or stifling growth, new networks competing with Bitcoin and Ethereum and underlying many new DeFi platforms, must recognize that only with trust will this community ever grow beyond its current early adopters.

UPDATE: March 30, 2022

According to a text message sent to Bloomberg by Aleksander Leonard Larsen, chief operating officer of the developer behind the Ronin Network, Sky Mavis: “We are fully committed to reimbursing our players as soon as possible. . . We’re still working on a solution, that is an ongoing discussion.”

Frosties Rug Pull Demonstrates Community is Key to NFT Projects

On January 9, 2022, creators of the Frosties NFT Collection abandoned their project after investors spent over $1.2 million buying the entire inventory of digital “cartoon ice cream” characters. The money received by the creators was transferred the same day.

Relying on the Chinese lucky number 8 four times over, the collection of 8,888 Frosties was described as “Cool, Delectable, and Unique” and quickly sold out based on claims made by the creators.  Their project website – which has since been taken down, promises the following:

Frostie NFTs are made up of over a hundred exciting traits of backgrounds, body, clothing, eyes, mouths, eyewear, hats, toppings, and items. Each Frostie is a unique, non-fungible token (NFT) on the Ethereum blockchain.

Frosties will have staking, metaverse, breeding functions, and so much more!

Holding a Frostie allows you to become eligible for holder rewards such as giveaways, airdrops, early access to the metaverse game, and exclusive mint passes to the upcoming seasons.

The Frosties presale will take place on January 7th and the main sale will take place on January 8th.

Join the Frosties community on Twitter and Discord!

After the January 8, 2022 public drop of Frosties at a floor of 0.04 ETH, the project’s Twitter and Discord server accounts were taken down and in a “rug pull” the floor price was removed.  It was also a cash grab given the NFTs stayed with their new owners whereas the creators stopped all further efforts to build or benefit the community.

What happened next is instructive.  First, the value of the underlying NFTs have been selling both low and very high.  In other words, the market is now dictating the pricing and life goes on with how these assets are going to be priced.

As for moving forward with the project, the Frosties Rug Pull demonstrates that projects can go forward with or without the original creators.  The key is to have a passionate community and at least a few folks who can help lead the charge from a technical perspective. 

In the case of Frosties, someone named EsahcHslaw took charge and posted on reddit:  “We are wrapping Frosties under a new contract for those who want to continue to hold while the project kicks off again. Old dev won’t gain royalties this way. The community will own the funds. Community ran, doxxed multisig, roadmap, website, new Twitter. DM for DC server invite.” 

By removing the possibility of creators obtaining future royalties, Frosties owners effectively removed the creators from the project going forward.  And, if the Frosties community continues growing organically – with new social media channels and active community involvement, the Frosties Rug Pull will demonstrate that an active community is the primary engine for driving NFT value.

UPDATE: March 25, 2022

Federal prosecutors New York charged two in a criminal complaint with conspiracy to commit wire fraud and conspiracy to commit money laundering, in connection with the Frosties rug pull.

As set forth in the March 24, 2022 DOJ press release, “Mr. Nguyen and Mr. Llacuna promised investors the benefits of the Frosties NFTs, but when it sold out, they pulled the rug out from under the victims, almost immediately shutting down the website and transferring the money. Our job as prosecutors and law enforcement is to protect investors from swindlers looking for a payday.”

Defi Security Growing Pains Continue with BitMart Breach

On December 6, 2021, crypto exchange BitMart – which bills itself as “The Most Trusted Crypto Trading Platform”, announced a security breach “mainly caused by a stolen private key that had two of our hot wallets compromised.”   A tweet from security analysis firm PeckShield first called attention to this hack days earlier.  According to Peckshield, the loss is around $196 million.  Interestingly, BitMart at first denied there was any hack – claiming it was “fake news”.

According to the BitMart Twitter release:  “At this moment we are temporarily suspending withdrawals until further notice.”  A Telegram “ask me anything” is scheduled for 8:00 p.m. est this evening.

Similar to what was done by other centralized crypto exchanges after a security incident, BitMart will use its own funds to compensate users impacted by the theft.   

The BitMart theft comes on the heels of a report by London-based consulting firm Elliptic revealing billions of dollars stolen from DeFi platforms.  According to Elliptic’s recently released report, the overall losses caused by DeFi exploits total $12 billion and of that amount, fraud and theft accounted for $10.5 billion, seven times the amount from last year.

Thefts hitting crypto exchanges such as BitMart and DeFi protocols such as Poly Network shine a light on the fact DeFi is largely driven by startups lacking cybersecurity maturity.   In contrast, the financial institutions that literally spend billions on cybersecurity want no part in helping DeFi projects; and more likely, welcome cyber incidents that tarnish DeFi’s reputation.  Until they reach a higher level of security and such incidents become less commonplace, DeFi projects will continue making platform users whole after a security incident – or risk a total collapse in the market for non-money laundering usage. 

Depending on their popularity, open-source products can be highly secure and DeFi should be no different. At some point in time – after decentralized protocols are adequately security tested and implemented and DeFi projects become fully independent and organic and not reliant on any centralized cloud solution or centralized servers, breaches such as the one that hit BitMart will be rare.  In other words, as the market and business opportunities for DeFi increase in scale and scope DeFi’s security profile will naturally evolve.

B2 – B1 < (P x H)1 – (P x H)2

On February 16, 2021, The Sedona Conference (TSC) – a nonpartisan, nonprofit research and educational institute “dedicated to the advanced study of law and policy in the areas of antitrust law, complex litigation and intellectual property rights”, released its final “Commentary on a Reasonable Security Test“.  TSC is well known for previously helping Courts around the country determine the proper contours of e-discovery.  

Recognizing that cybersecurity reasonableness crosses both legal and technology domains, TSC sought a reasonableness test that would help bridge that divide.  Accordingly, the proposed test for reasonable security was designed to be consistent with “models for determining reasonableness that have been used in various other contexts by courts, in legislative and regulatory oversight, and in information security control frameworks.” The Sedona Conference, Commentary on a Reasonable Security Test, 22 SEDONA CONF. J. 345, 358 (forthcoming 2021).  To that end, this test is ultimately based on the landmark Learned Hand negligence test in United States v. Carroll Towing Co., 159 F.2d 169, 173 (2nd Cir. 1947).  

The Sedona Conference Reasonable Security Test consists of “B2 – B1 < (P x H)1 – (P x H)2” where B represents the burden, P represents the probability of harm, H represents the magnitude of harm, subscript 1 represents the controls (or lack thereof) at the time the information steward allegedly had unreasonable security in place, and subscript 2 represents the alternative or supplementary control.  22 SEDONA CONF. J. at 360.  

TSC’s Commentary should be carefully studied for numerous reasons, including the fact TSC applies it to actual recent enforcement actions and provides solid arguments for its judicial application.  No different than its highly cited e-discovery initiatives, this new TSC approach may very well be relied on by courts tackling the important question of what constitutes reasonable security in the context of a data breach litigation or enforcement action.