Preston Byrne, a columnist for CoinDesk’s new opinion section, is a partner in Anderson Kill’s Technology, Media and Distributed Systems Group. He advises software, internet and fintech companies. His biweekly column, “Not Legal Advice,” is a roundup of pertinent legal topics in the crypto space. It is most definitely not legal advice.
I’ll let everyone reading this column in on a little secret: The definitions of “blockchain tech” used by various state legislatures to look technologically astute are something of a running joke among the hardcore crypto-lawyer set.
One exception to this is the definition used by Vermont and California, the least-bad definition of a chain I’ve read so far. Those laws refer to “a mathematically secured, chronological, and decentralized ledger or database.”
Simple, straight, to the point. I give California and Vermont a solid C-minus: the definition hits the high notes, but it also probably captures an instance of Postgres-XL that stores passwords as MD5 hashes. This is quite obviously not what the definition is supposed to do, but because it’s poorly drafted, that’s what it does.
Other states are far, far worse. Take, for example, Arizona’s definition, which says “blockchain technology” is
"a distributed, decentralized, shared and replicated ledger, which may be public or private, permissioned or permissionless, or driven by tokenized crypto economics or tokenless… protected with cryptography, is immutable and auditable and provides an uncensored truth."
“Uncensored truth.” What the hell does that even mean? Anyone who has a passing familiarity with blockchains will know that blockchains can’t guarantee an “uncensored truth” as they only show the transactions that validators committed to the chain. If censorship happened, we’re not going to find out about it, because it isn’t going to be there. “Tamper-evident” would be a more accurate description.
Furthermore, not all blockchains are ledgers, just as not all databases are ledgers.
D minus, Arizona. See me after class.
Then there’s Colorado, which doesn’t define “blockchains” but, in a bill about state records, just refers to them in plain English. Simple, and, if put in front of a judge, it probably works. Colorado also gets points for the zany title of its blockchain-aware legislation: “an Act Concerning the use of Cyber Coding Cryptology.”
Fabulous. A+.
The fact that Connecticut legislators felt the need to copy-paste other states' terrible definitions reveals only that they and legislators of other states have absolutely no clue what they're doing.
Connecticut — my home state — gets a solid F for its latest effort. The short story here is that someone managed to convince a member of the state house to introduce a bill that would abolish non-compete clauses in employment contracts where a “blockchain” company was one of the counterparties.
If you wish to see my testimony on the bill you may find it in full here. Apart from being very anti-business, the bill also proposes a definition of “blockchain” so broad that it would capture practically any contract with any employee of any company that employs distributed software architecture of any kind.
It defines “Blockchain Technology” as a
"distributed ledger technology that uses a distributed, decentralized, shared and replicated ledger that may be public or private, permissioned or permissionless and that may include the use of electronic currencies or electronic tokens as a medium of electronic exchange”.
If you recognize this, it’s because you have seen something very close to it before in Arizona (and Rhode Island, New York, Tennessee and Michigan, among others). The fact that this definition is the law in Arizona doesn’t mean it’s correct.
A blockchain, as any informed person will tell you, is a hash-linked chain of blocks. If we wanted to be a little more specific, we might say “a hash linked chain of blocks that usually (a) uses digital signatures to authenticate transactions, (b) P2P networking protocols to communicate those transactions and (c) Merkle trees to render the transaction log tamper-evident.”
The Connecticut bill doesn’t do this. It continues by defining “Distributed Ledger Technology” as a critter which
may include supporting infrastructure, including blockchain technology, that uses a distributed, decentralized, shared and replicated ledger, whether public or private, permissioned or permissionless, and that may include the use of electronic currencies or electronic tokens as a medium of electronic storage.”
This definition is both duplicative and incorrect.
Not all distributed databases are distributed ledgers, despite the fact that this bill treats them as one and the same on a plain English reading. Not all distributed systems are “decentralized,” either, despite the fact that the bill defines a blockchain system as “distributed and decentralized.” Similarly, not all blockchain systems are decentralized.
The term “decentralized” itself lacks a uniform and concrete definition in both (a) industry and (b) under any law in any jurisdiction of these United States or indeed the world. “Decentralized” is an adjective, like “fluffy” or “happy,” and the word has no place in laws deciding what software should or should not be regulated by the government.
“Why should we care?” I hear you ask.
Well, the problem with a sloppy and overbroad definition is that sloppy definitions lead to sloppy and overbroad application on businesses that the drafters didn’t intend to capture.
Second, the fact that Connecticut legislators felt the need to copy-paste other states’ terrible definitions reveals only that they and legislators of other states have absolutely no clue what they’re doing. It’s like stealing an answer key to a test, only stealing the wrong key: if everyone makes the same mistakes, everyone’s probably cheating.
Third and finally, banning non-compete clauses in employment contracts for software firms is a great way to ensure that software firms stay out of your state, and Connecticut needs all the jobs it can get.
Summing up, state legislatures have proved only one thing with bills that define “blockchain” incorrectly: that they don’t understand the technology. Accordingly they shouldn’t be writing laws that regulate it.
Legislators passing “blockchain” laws should keep it simple in the operative text, add necessary context in the preamble, rely on the Golden Rule of statutory interpretation — that is, follow the literal meaning of the words in a statute, except where the result would be absurd — in case of disputes and leave it at that.
If states want to promote the use of blockchain tech, they need to be advised by people who possess a solid technical understanding of what they’re trying to legislate, the commercial issues involved in deploying that technology, how to speak clearly about both of those things, and who are independent and disinterested.
If the current laws on the books are any indication, the states have a lot of work to do.