My article, “Cryptocurrencies entrusted to an exchange provider: Shielded from the provider’s bankruptcy?”, has been published in Charl Hugo (ed.) Annual Banking Law Update 2018: Recent Legal Developments of Special Interest to Banks (2018) at pp. 1-21. The book is a collection of peer-reviewed articles written as a basis for the presentations at Annual Banking Law Update. The full text of my article is reproduced here with permission from the publisher, JUTA.
Tag: restitution
Annual Banking Law Update
I presented a paper at the ABLU (Annual Banking Law Update) on 27 September. The ABLU is a prestigious conference with decades of tradition organised by the Centre for Banking Law of the University of Johannesburg with the sponsorship of multinational law firms. This year’s programme reflected an emerging interest in cryptocurrencies.
The topic of my paper was the same as for the earlier KLRI/UNCITRAL Trade Law Forum. But I revised the slides with some additions (attached below), reflecting a longer presentation time. Among the added slides are the first and last.
Here is what I said on the first slide.
The topic of this presentation concerns cryptocurrencies in a bankruptcy setting: the bankruptcy of an exchange which acts as an intermediary for trade. The word intermediary might sound strange because the transactions of cryptocurrencies are recorded in a blockchain which permits disintermediation: it dispenses with intermediaries. It is indeed possible to send and receive cryptocurrencies on a P2P basis without any middle person. It does not, however, mean that the users of cryptocurrencies cannot use any intermediary. If they find it more convenient to use third parties, they can use them. That is in fact what most of us do when we trade cryptocurrencies because it would otherwise be difficult to find suitable trading partners. This is why we sometimes still have to talk about intermediaries when we discuss cryptocurrencies.
Here is what I said on the last slide.
Towards the beginning of this presentation, I identified two causes of uncertainty of law in this area. Let me wrap up by coming back to them to see where in the legal analysis they fit into.
The first cause lies in the novelty of cryptocurrencies as assets. They are intangible assets registrable on a blockchain. The novelty will raise the question whether cryptocurrencies can be owned in the context of rei vindicatio and the similar question whether they can be classified as “property” in the context of the tort of conversion. It will also raise the question whether they can comprise trust property.
Another cause is the need to scrutinise legal relationships between an exchange provider and its customers. The legal relationships between them matter when we address the question to whom the entrusted cryptocurrencies belong in the context of rei vindicatio. In the course of addressing this question, it has been observed that depending on the terms of the contract with the customers, an exchange provider sometimes acts as a counter-party to transactions and other times merely facilitates transactions between customers. The legal relationships between an exchange provider and its customers also need to be scrutinised to consider whether there is a trust between them. This is so under the legal systems which allow a trust to be created by the inference of a trust agreement as well as under the legal systems which impose a constructive trust by operation of law.
Very many thanks to Prof. Charl Hugo for his kind invitation.
KLRI/UNCITRAL Trade Law Forum
I was invited to speak at the KLRI/UNCITRAL Trade Law Forum 2018 (Incheon in South Korea on 10-12 September 2018. For the programme, see a link here). The KLRI, Korea Legislation Research Institute, is a government-financed think tank.
My topic was “Cryptocurrencies entrusted to an exchange provider: Shielded from the provider’s bankruptcy?” I attach my powerpoint file below.
Very many thanks to the organisers for invitation and to the audience for stimulating questions.
"Implications of the Blockchain Technology for the UNCITRAL Works" – published.
It has come to my attention that my article “Implications of the Blockchain Technology for the UNCITRAL Works” had been published from the United Nations in November last year.
The 50th anniversary Congress was a big occasion for UNCITRAL and it was my great honour to be part of it.
Here is my article excerpted from the book.
An additional note: In my original manuscript, there were some references to specific chapter numbers. I have noticed that in the published version, they have been changed to “Ch. 0” due to the editorial work which has removed all the chapter numbers from the headings. To see where those were actually referring to, please consult my original manuscript here.
Implications of the Blockchain Technology for the UNCITRAL Works
I will be presenting my thoughts on the subject above in the upcoming Congress of the UNCITRAL for the celebration of its 50th anniversary (4-6 July 2017).
My paper currently on the Congress website is a version which I sent to the UNCITRAL Secretariat some months ago and which no longer represents my latest thinking in some significant respects. I am asking the Secretariat to replace it with the latest version, to which I make a link from here.
The paper gives a particular emphasis on the topic of proprietary restitution of blockchain-based tokens as an area which calls for a globally unified solution.
Postscript: As from 16 June, the Congress website carries the latest version. Many thanks to the Secretariat for swiftly acting on my request.
"Who Owns Blockchains? An English Legal Analysis"
The above phrase is the title of the note at http://sclbc.zehuti.co.uk/site.aspx?i=ed47875. I guess what the authors meant was who owns “bitcoins” while they also rightly point out relevance to other blockchain-based assets. It is nice to see this and other writings appearing in the course of last year which deal with the issues I have been discussing in this blog since 2015.
The note acknowledges that questions of choice of law could arise (See my previous post), it only examines English law. It does not diminish the value of the note in view of the preeminence of English law in the practice of international commercial transactions. Any global standard which might emerge in the future might indeed mirror the framework of English law.
What should attract the attention of civil law lawyers is the meaning of “ownership.” The note explains that English law recognises that there can be multiple individuals each entitled to assert ‘ownership’ rights to the same property. The note further casts doubt on the availability of a proprietary restitutionary claim, a cause of action which seems to come closest to rei vindicatio in the civil law legal systems.
Like my previous post, the note draws an inspiration from the legal treatment of emissions credits. It observes similarity with Bitcoin but is careful to point out an important difference: a Bitcoin is mere information and does not come with a bundle of rights conferred by statute.
The note finds that an unjust enrichment claim is the most promising approach in English law to the recovery of a misappropriated bitcoin. Among the “property-like” remedies, however, the note observes that a claim for knowing receipt founded by a constructive trust is the most promising avenue. As my previous post has pointed out (at page 4 of the slide), this remedy constitutes an alternative avenue for recovery in some legal systems; it can indeed be the most potent one as in English law.
Ownership dispute in the aftermath of the bankruptcy of Mt.Gox
Attached here is the powerpoint file I used in my presentation at the Cyberspace 2016 conference on 26 Nov. 2016.
I examined the Tokyo District Court’s decision in a suit filed after the opening of Mt.Gox’s bankruptcy proceedings. The suit was filed outside the bankruptcy proceedings to obtain a full recovery of the bitcoins of which the claimant had a contractual right to return from the bankrupt exchange. To do that, he sought rei vindicatio of the bitcoins over which he asserted ownership rather than making a contractual claim to join other creditors in the bankruptcy proceedings.
I considered three questions noted at p. 4 of the slides. On the first question, the Court relied on the Japanese law concept of “shoyuken” to deny that bitcoins could be an object of ownership. But if we leave aside the technicality of the Japanese law concept and understand the concept of ownership more broadly to mean a right to monopolize the exploitation of objects, it may be possible to say that bitcoins are fit to be an object of ownership. This would open the possibility of rei vindicatio, if other prerequisites are satisfied. The other two questions I considered relate to those other prerequisites. In most of the cases, a customer of a bitcoin exchange would have difficulties meeting those other prerequisites but the possibility of a successful claim is not foreclosed in all cases.
Law applicable to a restitutionary claim arising from a mistaken remittance
The bitcoin addresses are randomly generated long alphanumeric strings and prone to be mistyped. If bitcoin is transferred to a wrong address by mistake, what law is applicable to a restitutionary claim by the transferor against the transferee?
This post will consider this question under the Rome II Regulation (Regulation (EC) No 864/2007 of the European Parliament and of the Council of 11 July 2007 on the law applicable to non-contractual obligations) as it is an influential instrument in private international law. Its Article 10 contains choice-of-law rules for unjust enrichment in the following terms:
This post will consider this question under the Rome II Regulation (Regulation (EC) No 864/2007 of the European Parliament and of the Council of 11 July 2007 on the law applicable to non-contractual obligations) as it is an influential instrument in private international law. Its Article 10 contains choice-of-law rules for unjust enrichment in the following terms:
1. If a non-contractual obligation arising out of unjust enrichment, including payment of amounts wrongly received, concerns a relationship existing between the parties, such as one arising out of a contract or a tort/delict, that is closely connected with that unjust enrichment, it shall be governed by the law that governs that relationship.
2. Where the law applicable cannot be determined on the basis of paragraph 1 and the parties have their habitual residence in the same country when the event giving rise to unjust enrichment occurs, the law of that country shall apply.
3. Where the law applicable cannot be determined on the basis of paragraphs 1 or 2, it shall be the law of the country in which the unjust enrichment took place.
4. Where it is clear from all the circumstances of the case that the non-contractual obligation arising out of unjust enrichment is manifestly more closely connected with a country other than that indicated in paragraphs 1, 2 and 3, the law of that other country shall apply.
In most cases of mistaken remittance, para. 3 will be applicable. Its connecting factor is the occurrence of the unjust enrichment, as distinguished from the occurrence of the event giving rise to the enrichment.
The application of this provision to mistaken remittance of a bank deposit is not particularly difficult. If, for example, A mistakenly transfers money from his Italian bank account to B’s bank account in Spain, Spanish law is applicable to A’s restitutionary claim against B. It has been suggested that in localising the situs of enrichment, the discrete asset, rather than the centre of wealth of the enriched person, should be focused on (Huber / Huber / Bach, Rome II Regulation (2011), Art. 10, para. 28). Thus, even if B lives in Portugal and maintains all assets there, it is immaterial.
The application of para. 3 is not as simple in the case of remittance of cryptocurrency such as bitcoin, since there is no such thing as a bank account. Remittance of cryptocurrency takes place between addresses on a blockchain. The addresses are not associated with any physical location, unlike bank accounts. Neither is it possible to localise the blockchain since it is a distributed ledger. Faute de mieux, the unjust enrichment should be deemed to have taken place at the habitual residence of the enriched person. The concept of “habitual residence” is elaborated on at Article 23 in the following terms:
1. For the purposes of this Regulation, the habitual residence of companies and other bodies, corporate or unincorporated, shall be the place of central administration.
Where the event giving rise to the damage occurs, or the damage arises, in the course of operation of a branch, agency or any other establishment, the place where the branch, agency or any other establishment is located shall be treated as the place of habitual residence.
2. For the purposes of this Regulation, the habitual residence of a natural person acting in the course of his or her business activity shall be his or her principal place of business.
Paragraph 2 would not be applicable in the context presently discussed because the person enriched by receiving a mistakenly remitted cryptocurrency would not be deemed to be “acting in the course of his or her business activity.” Nor would the second sentence of paragraph 1 be applicable since it seems only concerned with the habitual residence of a tortfeasor.
Technical traceability and normative traceability
When we consider whether it is possible in law to obtain the recovery of stolen cryptocurrency units, what matters is normative, rather than technical, traceability of the stolen units. This is so whether the claim for recovery is based on the ownership of the units or the restitution of unjust enrichment.
There may be no technical traceability where stolen units are mixed up with other units in the address they have been forwarded to unless the units had been dyed prior to being stolen. In this sense, Patrick Murck seems right to observe in his presentation that while transactions are traceable, coins are less so. On the other hand, to affirm normative traceability, it might be enough to be able to say that the attacker or the persons further down the line could be deemed to hold all or part of the stolen units or their value.
Let us suppose that Alice had 70 units in her address (i.e. an address for which she holds the private key). Bob has stolen them through a phishing attack and transferred them to his address in which they have been mixed up with the 30 units he had held there. Unless the stolen 70 units had been colored, it may be technically impossible to say which of the now 100 units Bob holds in his address is originally Alice’s. It is, however, possible to say that Bob holds the stolen units.
It is true that even a normative tracing becomes harder as the stolen units are forwarded down the line. Thus, let us suppose that Bob has thereafter transferred 40 units to the address of Carol. Again, unless the stolen 70 units had been colored, it may be technically impossible to say which, or even how much, of the 40 units Carol has received is originally Alice’s. But it does not foreclose the possibility of a normative assessment that Carol holds part of the stolen units or their value. The normative assessment may take into account the circumstances surrounding Carol’s acquisition including how much, if at all, she knew of Bob’s theft. It will also be part of the normative assessment how much of the 40 units is deemed to derive from the 70 stolen units: (i) 28 units representing the proportion of the 70 units among the 100 units Bob held in his address or (ii) 10 units on the assumption that all 30 units Bob held legitimately has been transferred to Carol, or (iii) other amounts based on other calculations.
Some legal systems might opt for a simple solution of equating normative traceability with technical traceability. But other legal systems might differentiate them. It is also conceivable that different tests for normative traceability be applied between proprietary recovery and restitutionary recovery. While a test aligned with technical traceability may be preferred for proprietary recovery in order to ensure the specific identification of stolen units, it is not inevitable. Since it is ultimately a matter for legal policy whether to grant recovery merely as restitutionary relief or as proprietary relief (See my earlier post), it is not unimaginable to allow recovery of the stolen value (as opposed to the specific stolen units) as proprietary relief. The blockchain technology being a new invention, I guess that the rules are currently uncertain under most legal systems.
There may be no technical traceability where stolen units are mixed up with other units in the address they have been forwarded to unless the units had been dyed prior to being stolen. In this sense, Patrick Murck seems right to observe in his presentation that while transactions are traceable, coins are less so. On the other hand, to affirm normative traceability, it might be enough to be able to say that the attacker or the persons further down the line could be deemed to hold all or part of the stolen units or their value.
Let us suppose that Alice had 70 units in her address (i.e. an address for which she holds the private key). Bob has stolen them through a phishing attack and transferred them to his address in which they have been mixed up with the 30 units he had held there. Unless the stolen 70 units had been colored, it may be technically impossible to say which of the now 100 units Bob holds in his address is originally Alice’s. It is, however, possible to say that Bob holds the stolen units.
It is true that even a normative tracing becomes harder as the stolen units are forwarded down the line. Thus, let us suppose that Bob has thereafter transferred 40 units to the address of Carol. Again, unless the stolen 70 units had been colored, it may be technically impossible to say which, or even how much, of the 40 units Carol has received is originally Alice’s. But it does not foreclose the possibility of a normative assessment that Carol holds part of the stolen units or their value. The normative assessment may take into account the circumstances surrounding Carol’s acquisition including how much, if at all, she knew of Bob’s theft. It will also be part of the normative assessment how much of the 40 units is deemed to derive from the 70 stolen units: (i) 28 units representing the proportion of the 70 units among the 100 units Bob held in his address or (ii) 10 units on the assumption that all 30 units Bob held legitimately has been transferred to Carol, or (iii) other amounts based on other calculations.
Some legal systems might opt for a simple solution of equating normative traceability with technical traceability. But other legal systems might differentiate them. It is also conceivable that different tests for normative traceability be applied between proprietary recovery and restitutionary recovery. While a test aligned with technical traceability may be preferred for proprietary recovery in order to ensure the specific identification of stolen units, it is not inevitable. Since it is ultimately a matter for legal policy whether to grant recovery merely as restitutionary relief or as proprietary relief (See my earlier post), it is not unimaginable to allow recovery of the stolen value (as opposed to the specific stolen units) as proprietary relief. The blockchain technology being a new invention, I guess that the rules are currently uncertain under most legal systems.
It is needless to say that in the cases where it is considered normatively that the stolen units are traceable, the possibility of recovery will depend on other conditions which the applicable law puts in place to protect legitimate holders in due course.
Technical feasibility of tracking stolen cryptocurrencies and legal response
Arvind Narayanan writes in his blog post that since banks can reverse fraudulent transactions and law enforcement of digital financial crimes is relatively competent, the risk of getting caught combined with the diminished ability to cash in on attacks skew the economics against attackers. He contrasts this with bitcoin whose design puts the entire onus on preventive measures. This insightful observation is based on the assumption (in his words) that “[i]f an attacker breaks into a server containing private keys, he can steal the bitcoins … irreversibly.” This assumption seems widely accepted. It seems to rest largely on technical grounds but I think it also depends on legal issues which are unsettled yet. Narayanan comments on the technical aspect saying, “[w]hile there’s been talk of taint-tracking mechanisms to prevent thieves from cashing out, these haven’t materialized and there are fundamental technical and political difficulties with such proposals.” But he also adds a footnote referring to a paper which argues that it currently is difficult for thieves to launder large sums of bitcoins.
I do not have expertise to comment on the technical feasibility of tracking. But the point I want to make here is that should there be cases in which it is possible to trace the movement of stolen bitcoins, it will raise a legal question whether a recovery should be granted to the original owner. This question has not been tested before courts under any legal system to my knowledge. It would not be inconceivable that thieves and third parties who have acquired stolen bitcoins in bad faith are denied legal ownership and held liable to make restitution of the stolen bitcoins or their value in fiat currencies.
I do not have expertise to comment on the technical feasibility of tracking. But the point I want to make here is that should there be cases in which it is possible to trace the movement of stolen bitcoins, it will raise a legal question whether a recovery should be granted to the original owner. This question has not been tested before courts under any legal system to my knowledge. It would not be inconceivable that thieves and third parties who have acquired stolen bitcoins in bad faith are denied legal ownership and held liable to make restitution of the stolen bitcoins or their value in fiat currencies.
Blockchain, Cryptocurrency, Crypto-asset and the Law 