Hot Takes

A Florida court just dismissed a money laundering case and said that bitcoin isn't "money."

There's a great passage in the Court's opinion:

The Florida Legislature may choose to adopt statutes regulating virtual currency in the future. At this time. however, attempting to fit the sale of Bitcoin into a statutory scheme regulating money services businesses is like fitting a square peg in a round hole.

We've had a lot of time to think about square pegs and round holes; our State Framework explains the two approaches for state regulation that we favor, either:

  1. Clearly issue regulatory guidance excluding virtual currencies from existing money transmission regulation, or
  2. Craft new legislation (not regulation or guidance) that would set up a regulatory system that countenances the peculiar squareness of a virtual currency peg.

You can see how different states have measured up against our framework on our State Tracker. You'll notice that Florida is not on that tracker because there hasn't been any new guidance or legislation proposed there in this space: which may explain the confusion that led to this case.

Link/Tweet

Patents for an open source project sound scary, but it makes sense.

Bitcoin was born of the open source movement, the sort of passionate fervor that makes you want to scream STALLMAN! late in the night, while charging the Oracle campus gates. And open consensus model blockchains have added another layer of "open" to the mix: both software and consensus methods should be unencumbered by permissions for maximum libre!

So it's no surprise that talk of patents tends to get this community riled up. This week Blockstream announced its defensive patent strategy, which indeed involves seeking patents on some of the awesome tech they've been developing. But before you go grab a gnu-pitchfork or libre-flaming-torch, consider the alternative: a world where some outsider or troll gets patents to this technology and uses them to hold the entire ecosystem hostage. Blockstream is doing the right thing: seeking patents so they can be used (and only ever used) to defeat the claims of charlatans and trolls (our space has a few).

This is the same IP strategy that's been effectively employed by Google, Tesla, and a host of other cool kids who understand that innovation = open. We hope more companies and developers will join Blockstream in this effort.

Image credit to the always on-point XKCD.

Link/Tweet

We got a data dump of all the complaints about "virtual currency" filed with the CFPB.

This was thanks to a Freedom of Information Request filed by Muckrock News.

A first glance at the data left us scratching our heads. According to the CFPB response, there were a total of 5,177 complaints filed from 2011 to the end of 2015. Of those, the top ten companies complained about were:

  1. Western Union Company - 1,003 complaints
  2. MoneyGram - 784 complaints
  3. PayPal - 435 complaints
  4. Bank of America - 193 complaints
  5. Wells Fargo - 167 complaints
  6. JP Morgan Chase - 155 complaints
  7. Citibank - 71 complaints
  8. Ria - 42 complaints
  9. Walmart - 39 complaints
  10. PNC Bank - 11 complaints

Those are obviously not digital currency firms. So we took a look at the CFPB’s online complaint form and discovered that the agency has not yet developed a form specific to virtual currency complaints and therefore lumps in virtual currency complaints with complaints about traditional money transmission (see screenshot below). When the CFPB responded to the FOIA request asking for virtual currency complaints, the overwhelming majority of complaints they returned were therefore not related to “virtual currency”.

So, we went through the data, cleaned it up, and then marked all those firms that we could recognize as clearly related to digital currency. What we found is that there was only a grand total of 37 complaints against "virtual currency" companies over the five-year period.

Coinbase took pole position with 10 complaints, which makes sense given the large number of customers they have. “Bitcoin” itself had two complaints lodge against it. GAW Miners had four complaints, Bitcoin Trader three, and Butterfly Labs two. After those, the rest only had one complaint each, and they are as follows: Bitfinex, BitInstant, Bittrex, Blockchain, C-Cex.com, CampBx.com, CoinMX, igot, Local Bitcoins, minerslab, Moonasics, MtGox, PERBTC, Purse, and Terabox. Many of these will be recognizable as known scams, and we have previously explained why there are so many Bitcoin scams.

In August 2014 the CFPB announced that “consumers who encounter a problem with a virtual currency product or service can now submit a complaint with the Bureau.” No doubt the agency wanted to see how widely consumers were being affected by the risks it had previously identified with digital currency. It’s remarkable, then, that in five years of data there have been so few complaints, and that so many of the products and services in the space are completely absent. Let’s keep it up.

Link/Tweet

A resolution calling for a pro-bitcoin national policy was just introduced in Congress.

The bi-partisan H.R. 835 was introduced by Rep. Adam Kinzinger and co-sponsored by Rep. Tony Cardenas. Its preamble cites bitcoin and blockchain innovation:

Whereas emerging payment options, including alternative non-fiat currencies, are leveraging technology to improve security through increased transparency and verifiable trust mechanisms to supplant decades old payment technology deployed by traditional financial institutions; and

Whereas blockchain technology with the appropriate protections has the potential to fundamentally change the manner in which trust and security are established in online transactions through various potential applications in sectors including financial services, payments, health care, energy, property management, and intellectual property management

It then calls for “a national policy to encourage the development” to encourage these technologies and their use.

It’s important to note that a House Resolution, if passed, only sets forth the sense of the House of Representatives (and not necessarily the Senate) about what kind of policy the federal government should adopt, either through future legislation or through agency rule-making. It’s not binding and it’s not specific, but it is a good way for the House to communicate in what direction it would like to see government policy move.

The proposed House Resolution from Rep. Kinzinger shows that many in Congress understand that the federal government should adopt policies that encourage blockchain innovations to flourish. That means a national fintech charter from the Office of the Controller of the Currency, as well as smart treatment of cryptocurrencies by the SEC, CFTC, FinCEN, and others.

Link/Tweet

A law firm just filed a petition with the CFTC asking for a "comprehensive rulemaking" on Bitcoin.

Steptoe and Johnson, which has many Bitcoin industry clients, is asking that the commission clarify what constitues as “actual delivery” of bitcoins after a transaction.

As Houman Shadab, Andrea Castillo, and I explained in one of the first law review articles on this topic, this matters because if a trade results in actual delivery of bitcoins (rather than deferred delivery or simply receiving contract rights to bitcoins) the exchange is exempt from certain commodities futures regulations.

The recent CFTC order against Bitfinex has prompted this call for greater clarity. The petition explains:

In the Bitfinex Order, the Commission found that Bitfinex, a Hong Kong based online platform for exchanging and trading cryptocurrencies, violated certain CEA provisions by engaging in retail-financed commodity transactions in bitcoin that did not result in “actual delivery” under CEA … Specifically, the Commission found that the margin transactions were within the scope of the Retail Commodity Transactions provision because the transfer of cryptocurrency from one person’s account to another’s did not satisfy the requirement of “actual delivery” to exclude the transactions from the jurisdictional reach of the CEA.

If the Commission takes up such a rulemaking, we’ll be looking at whether “actual delivery” can be said to take place when ownership of bitcoin is changed on a third party’s books, or only when a transfer happens on the blockchain. And when does a transfer actually happen on the blockchain? Fun times ahead.

Link/Tweet

Is your crypto-crowdsale a security?

The legal test for what is and is not considered a security is pretty flexible. Beyond the financial instruments that obviously fit the bill, things as weird as orange groves and country club memberships have been regulated as securities too.

DAOs are about as weird as it gets. Things can get muddy very quickly for regulators seeking to understand their purpose and how their work. Recently our director of research Peter Van Valkenburgh went on The Ether Review podcast to discuss the work we have done in educating securities regulators about the finer points of DAOs and other cryptotoken based crowdfunds.

The episode was recorded before theDAO was exploited but foresaw a number of pertinent issues. This makes it an even more interesting primer on the regulatory issues raised by these novel corporate structures.

Listen below:

Link/Tweet

What does Coin Center actually do day-to-day, anyway?

That’s a question we’re frequently asked, and the reason we’re asked this so often is because we rarely talk about what we actually do day-to-day. We don’t talk about it because a lot of it is meeting with policymakers to explain how cryptocurrencies work and to discuss how the law should treat them (i.e. generally leave them alone), and it’s not really polite to hold a private meeting and then send out a press release about it.

The problem, though, is that this approach isn’t very transparent, and folks end up having no idea what it is we do. So, we’ve thought about it and realized there’s quite a bit we can share either because it’s public or because we can generally say what we did. So we’re going to give you an update from time to time on what we’ve been up to. Here are some highlights of what we did this week:

  • We attended attended Consumer Research’s Bretton Woods conference, at which Peter moderated a panel with representatives from the FTC and NIST.
  • We gave a two-hour briefing to the World Bank’s digital currency working group, focusing on how permissionless blockchains work and reach consensus.
  • We gave a briefing to program officers and staff at the Center for International Private Enterprise.
  • We had catch-up meetings with several staff on the Hill.

So now you know what we do. 😉

Link/Tweet

Maybe the EU's proposed new AML rules are not so clear after all.

While I think it’s very heartening they seem to draw a distinction between custodial and non-custodial wallet services, Bitcoin Magazine reports that some in the Netherlands are unsure what would qualify as “custodial” and what wouldn’t. Bitonic CEO Jouke Hofman:

Under the current provision, it’s not that clear who or what the regulation applies to, exactly. It covers wallet providers that hold onto private keys of their users. But does it also include wallet providers that hold onto one key for a two-of-three multisig address? What if bitcoins are time-locked and wallet providers cannot spend the funds now, but perhaps in the future? And if the regulation applies to any key holder, where does the definition of a wallet provider begin? Could the regulation perhaps even apply to Lightning Network nodes?

This kind of uncertainty is exactly why we need absolutely clear language both in AML and consumer protection rules. Typically you want to avoid over-specifying when you draft a law, but in this case you want to be as clear and specific as possible to make sure you are exempting applications that should not be covered. For example, here’s the definition of “control” (i.e. custodial) that we helped the ULC develop for its draft Virtual Currency Business Act:

(3) “Control” means possession of sufficient virtual currency credentials or authority on a virtual currency network to execute unilaterally or prevent indefinitely virtual currency business transactions. The term does not include possession, for a reasonably time-limited period, of virtual currency credentials sufficient to prevent virtual currency transactions to provide a service such as an escrow, provided that the user is able to regain unilateral rights to execute transactions following the period in which the escrow was in effect.

We think such clear language would address all of Hoffman’s questions.

Link/Tweet

The UK's new blockchain welfare benefits trial has privacy advocates freaking out.

Representatives from the Open Data Initiativesay:

Experimenting with putting highly personal data in immutable data stores is fraught with danger. To avoid undermining trust in government’s use of data, DWP should be much more open and transparent about the policy objective of these trials, the safeguards they are putting in place to limit the risks and the lessons being learnt through the trial.

And that's a reasonable concern. As tools, blockchains are better at provably revealing truthful information than they are at obscuring information; they are engines for trustworthy agreement not privacy. Even Bitcoin lacks robust privacy or anonymity for transactions (which is why the continued development of ZCash and Confidential Transactions is so important).

But it's not the supposed use of a "blockchain" that has me worried in this GovCoin case. I can't find the source code for this trial tech anywhere, and have to suspect that the software is proprietary. The public can only judge the privacy of a technology if the software can be openly audited. Bitcoin and other cryptocurrencies are powered by open source software, anyone can look at every detail of its technical specification. We should expect no less from a blockchain software stack employed by a government.

Link/Tweet

The OCC’s new banking risks report mentions “virtual currency” twice.

The first mention is:

Banks and other businesses continue to receive extortion demands to be paid in virtual currency in exchange for preventing or stopping distributed denial of service attacks or for the decrypting or return of proprietary information.

The report cites a McAfee study finding that ransomware samples are one the rise. As we have noted before, cryptocurrencies are not a but-for cause of these attacks. Rather, threats like ransomware depend on poor cybersecurity, which has nothing to do with digital currencies.

The second mention of “virtual currency” in the report reads in its entirety:

New platforms and technologies, such as virtual currencies, enable anonymity for cyber criminals, including terrorists and other groups seeking to transfer and launder money globally. These methods not only pose substantial challenges for compliance with the Bank Secrecy Act and Anti-Money Laundering (BSA/AML) laws and regulations, but also help cyber criminals raise funds to pay for physical and cyber attacks.

It’s interesting that “virtual currency” is used as an example of a broader set of “new platforms and technologies” about which the report is warning. To our knowledge, there is no evidence that cryptocurrency has been used by terrorist groups to ‘pay for physical attacks.’ Cryptocurrencies are also not as anonymous as many believe. A better example for this broader set of these enabling technologies might be prepaid cards.

Link/Tweet