Smart contracts: legal and regulatory challenges of smart contracts

Blockchain and smart contract technology are emerging as among the fastest growing technology innovations in recent times.

This is the final in a special series of articles in which Henry Davis York technology expert, partner Matthew McMillan, examines the benefits and risks of smart contracts, as well as the interesting - and challenging - legal and regulatory issues they raise.

Legal and regulatory challenges of smart contracts

Whilst the potential benefits and risks of smart contracts are only just starting to emerge, they do give rise to some interesting and challenging legal and regulatory issues.

I mentioned earlier the need, in previous articles in this series, to be able to satisfy the elements of contract formation - there needs to be an offer, acceptance, consideration and an intention to enter into legal relations.

Smart contracts also raise the following issues:

Interpretation and uncertainty: Because smart contracts are written in code, how do the parties to the contract, a judge or a regulator interpret the terms?

Inflexibility of the code: While the code is smart in terms of being able to self-execute within the parameters of what has been coded into the contract, it is not so smart as to be able to respond to events which are outside of the code.

This inflexibility means that it is essential for all possible scenarios to be contemplated and coded within the smart contract. A failure to do so may have unexpected - or even adverse - consequences for the parties to the contract. Unless what has been coded into the contract amounts to illegality, it is unlikely that a court would look to imply terms into an agreement that otherwise appears to be complete.

Reliance of external sources of information: The ability of a smart contract to self-execute is often reliant on external inputs or information sources, such as confirmation of delivery of a good or the receipt of cleared funds. But what happens if one of these inputs is incorrect or missing? In the world of traditional contracts, the courts can look to the text of the contract to discern the intention of the parties. This exercise is not so easy in circumstances where the gap exists in the code.

Bugs and errors: Code is something which, by its very nature, will often contain bugs or errors. If there was a coding error, how would that be identified and by whom? Who is at fault? Which counterparty would be legally required to fix it? What are the legal consequences on the rights and obligations of the parties in that scenario?

Liability and risk allocation: Smart contract 'purists' take the view that the smart contract code should simply resolve issues of liability through performance. However, this is a simplistic view. There will always be interests that differ between two counterparties, regardless of the assumptions on which the technology is built and runs. This is a reality of trade and commerce, and means that it is not possible to escape the fact that there may need to be adjudication on matters of liability.

For example, there is always the possibility that the code may not reflect the intention of the parties (giving rise to a common mistake of law or fact). Or that one party has misrepresented the effect of the execution of the code to the other party (giving rise to a misrepresentation). Or that one party to the contract was not of legal contracting age.

Smart contracts do not exist and operate outside the realm of our traditional legal system. They are subject to it. It is, therefore, plausible for situations to arise whereby the outcome delivered by execution of the code is at odds with the outcome mandated by law.

Ability to unwind: If a different outcome was mandated by law, how would a smart contract transaction on the blockchain be unwound? And what would that mean for the downstream transactions that have already formed on the blockchain? Will there be a need to legislate for 'kill switches' in times of stress?

Confidentiality, security and privacy: This is a huge challenge. Smart contracts operating on a blockchain result in massive repositories of data. This raises concerns about the ability for someone to gain unauthorised access to the information.

People will often point to the cryptography underlying the technology. But there is always the risk of things like a user's private key being inadvertently disclosed.

And encryption itself doesn’t necessarily remove the existence of 'back doors' in the software code. We've seen the US Federal Bureau of Investigations in recent times, for example, hack the Apple iPhone to get its hands on data.

The other point to note is that smart contracts formed on the blockchain are much like a cloud solution, in that they do not respect borders or boundaries. This gives rise to significant cross-jurisdictional privacy issues, particularly where transactions involving individuals are capable of being tracked and analysed.

Interestingly, the flip side to the confidentiality/privacy debate is that the availability of the data provides an audit trail and a much more efficient way for regulators to view the information they need to ensure regulatory compliance – essentially, acting as a "regulatory app".

Jurisdictional issues: Smart contracts also raise interesting jurisdictional issues. Because blockchain operates as a decentralised ledger, it means that smart contracts can be formed and accessed anywhere across the globe. They do not reside in any one location, but exist across multiple locations at the one time. Yet our laws are jurisdiction-based.

If there is no express stipulation of the governing law and jurisdiction in the smart contract, what law and jurisdiction would apply?

The differences in laws across jurisdictions - including matters as basic as ownership laws - can be highly problematic, resulting in incongruent rights and responsibilities, and confusion regarding the consequences if there is a contract violation.

Evidentiary matters: As smart contacts begin to proliferate, they will be subject to examination. This means there will be a need for new types of cryptography experts, and forensics experts, to verify software code and to translate the code into human-readable form.

Regulated contracts: Smart contracts sit uneasily with certain types of regulated contracts. Take, for example, the recent unfair contract terms legislation. A contract written in code is probably not going to be sufficiently transparent for the purposes of informing a consumer or small business.

Regulatory and policy settings: Existing regulatory and policy settings will need to be considered in greater detail. How are regulators to police smart contracts? And what opportunities exist for parties to use the technology to potentially side-step the law by hiding the identity of the parties and the governing jurisdiction of the contract? How are cross-jurisdictional issues of taxation, national security and anti-money laundering to be managed?

Smart contract technology is still only in its infancy. But these are just some of the questions and key legal and regulatory challenges that we will need to grapple with, and which will require further attention as smart contracts continue to evolve and become part of the fabric of trade and commerce.

What do smart contracts mean for the business of law?

Despite speculation to the contrary, smart contracts do not mean the death of lawyers.

Nevertheless, there are a number of areas where smart contracts will impact upon certain types or categories of work that lawyers do. This is particularly the case in the areas involving repetitive contract writing and interpretation.

Commercial contracting practices will evolve, and we will see a shift towards the hybrid contracting models mentioned earlier in this article. This shift will gain momentum as lawyers and commercial parties discover:

  • which terms of which agreements are best suited to the fixed and deterministic nature of smart code;
  • which terms of which agreements are best left to the English language; and
  • how to drive the best commercial and legal outcomes through the combination of both

Moving forward, lawyers will continue to have an important role to play in ensuring that smart contracts, in much the same way as traditional contracts, reflect the intention of the parties, and that they facilitate the proper execution of agreed outcomes.

And things will still go to wrong in trade and commerce, regardless of the evolution of smart contract technology. They always do. And lawyers will continue to have a role to play in picking up the pieces and resolving disputes when that happens.

As we move into this brave new world, lawyers would be prudent to educate themselves in the technology, how it works and the limitations and risks so they are able to effectively bridge the gap between code and law.

Wrapping up

It is feasible that smart contracts could be considered contracts at law and that our political and legal institutions will look to matters of "substance" over "form".

But not all traditional contracts, or aspects of transactions, will be amenable to smart contracts. Some arrangements will be suited, others will not.

For lawyers, it is essential to understand the limitations of the code in order to be able to properly advise on smart contracting arrangements.

And, because smart contracts do not operate in isolation, it is equally essential for lawyers to understand how our existing laws and legal frameworks apply to the technology and the broader contractual relationship between the two parties to a smart contract.

The overall message for lawyers is one of disruption, not displacement.