Dear Friends,
Three very eventful years have passed us by. Now, as my leadership of the Technology Law Committee ends, I recall my efforts in trying to keep the committee and IBA relevant to members through the pandemic uncertainty. The only certainty during this bleak period was the hope and enthusiasm that all of you exuded, which kept me going. Looking back, we do well to learn from the past while we continue to move forward.
In this last message as Co-Chair of the Technology Law Committee, I wonder, while I look ahead, whether each one of us is ready for Web3.0 and the legal issues it will bring.
I leave you with some thoughts on Web3.0 as I transition to another leadership role in IBA: that of a Council Member of the Legal Practice Division.
While Gartner estimates that Web3.0 will increase global GDP by USD 1.76 trillion by 2030, the current debate focuses on what Web3.0 is. Simply put, Web3.0 may be considered as a new platform built on decentralized and blockchain technology, which is owned by the builders and users. Here cryptocurrencies, NFTs, and metaverses come together in a unified manner. These metaverses will exist in the form of online, 3-dimensional universes, combining multiple virtual spaces in which users collaborate, meet, play games, and socialize. Web3.0 will enable the provision of services directly to each user and trade items of value that inherently exist within the system.
People opine that such a decentralized platform is often unregulated. This may be so. However, I have noticed local regulators introduce laws relating to digital assets in many parts of the world. What are you seeing in your respective countries? Are parts of Web3.0 being regulated?
Regulated or not, Web3.0 has many potential uses for business, governments, social interaction, and entertainment. At its core, though, Web3.0 is a confluence of technologies and business models. This triggers many legal concerns. I discuss some here.
NFT (Non-Fungible Tokens) Issues – NFT users own the token, and have a licence to the digital asset associated with the token (e.g., digital art, video game asset, etc.) while the copyright owner retains copyright in the digital asset. So, what is and what is not being licensed, given that the scope of a licence is limited to a particular purpose?
Also, do you believe NFTs offer undeniable proof of ownership? Can they? Well, first and foremost, virtual land ownership falls under contract law rather than property law. Secondly, owning an NFT does not give ownership over the digital asset.
IP Issues – The NFT creator must ensure that they possess the necessary rights to distribute the digital asset. What if the NFT includes third-party IP and the NFT creator may not possess the necessary rights to that IP? Should brand owners rethink their IP protection strategy to ensure that they consider protection for digital objects?
Since buyers do not necessarily purchase the copyright to the artwork, they can use their NFT only for legal purposes. Being aware of these restrictions can prevent expensive mistakes. As in the case of Spice DAO, who mistakenly believed they were purchasing the rights to the “Dune Bible”. Further, one needs to consider avatar-related IP issues. Should avatars receive trademark protection?
Securities Laws – Can NFTs and cryptocurrencies be subject to securities laws? Obviously, most NFTs that are associated with a single work and sold individually are not likely to be deemed a security. On the other hand, securities laws may be triggered by fractional ownership. If ownership of a single work is represented by multiple tokens with different owners, many people share ownership of that single work. Could this fractional ownership constitute a pooled interest? Next, let’s consider futures trading. For instance, a presale of NFTs where the NFT does not yet exist and the proceeds of the sale are used to build the NFT may be looked at as an interesting securities concept.
Several countries are debating whether cryptocurrencies should be defined as securities under their jurisdiction. This would make trading in cryptocurrency subject to strict registration and reporting requirements.
Anti-Money Laundering – I have been reading of attempts to launder money through NFTs. Anti-money laundering is a serious concern for Governments. It is only a matter of time before transparency and KYC protocols will be required for NFT marketplaces and in crypto trading.
I also found helpful information in the OFAC guidance for digital asset companies related to compliance with sanctions and best practices for mitigating risks. Governments are closely watching if digital art and NFTs are being used for money laundering and sanctions avoidance purposes.
Games of Chance – Would winning virtual goods, with some element of chance, be considered gambling? Typically, winning items can be used only in-game and are not convertible to money or any other value. What if NFTs are won? NFTs may be sold on exchanges for value!
Governance Issues – These include the trading platform TOS, separate rules that apply to different virtual worlds, lands, spaces, or separate marketplaces therein, and significant content moderation issues.
Advertising – Virtual advertising by owning or leasing virtual land, using NFTs, and branded virtual items to promote products and services, employing avatar-based influencers and participating in sponsored events on the Web3.0, can create legal issues.
Privacy – In Web3.0, should there be stricter and more transparent privacy standards? How will identity verification and identity theft be checked, given that blockchain technology offers many anonymity and security features?
Cybersecurity – How secure is blockchain technology? If bad actors get hold of a private key, can they compromise entire accounts, leading to long-term damage for the account holder and (potentially) other entities? Given the effectiveness of blockchain technology in protecting privacy, it may be difficult to track these bad actors.
Collection of personal information – Web3.0 could have endless streams of data to process. Should such an unwieldy, incidental collection of personal data be limited? Are the potential interactions on Web3.0 worth the additional exposure associated with such a stash of personal information? EU readers should tell us how consent, in Web3.0, will be obtained under GDPR.
Other thoughts worth considering are international laws, taxes, and conflicts of laws, as they apply to Web3.0. It is clear that jurisprudence and uncertainty will impact the way Web3.0 develops.
Web3.0 technologies, NFTs, and metaverses will undoubtedly continue to evolve. I am keen to know how the law and jurisprudence is developing in your country in relation to these technologies.
In India, we have taken a small step towards regulating digital personal data with the release of the Digital Personal Data Protection Bill for public comment.
I encourage each one of you to read this simply-stated Bill, which is based entirely on the seven-odd principles of most data protection laws. Do provide your comments to the Indian Government here.
While I leave you to dwell on these sundry critical issues, I use this opportunity to wish you farewell. Till we meet again in a new avatar, do take care, do well, and always remain happy.
Sajai Singh
Co-Chair, IBA Technology Law Committee
Sajai's broad-based practice focuses on Mergers, Acquisitions, Joint Ventures, strategic alliances, restructurings and financings (whether debt or equity), with particular emphasis on cross- border transactions.