Considering blockchain? Here are nine items that in-house counsel should keep in mind.
1. Less Simple = Less Secure
- The more features and complexity in a distributed application, the more potential vulnerabilities
- Ask: What is our strategic goal? What functionality is necessary vs. just desirable?
2. Jurisdiction issues
- Consider cross-border transactions, different laws and regulatory schemes
- Ensure clear and comprehensive choice of law, venue and jurisdiction provisions for resolving any disputes
3. Vendor issues
- Blockchain vendors will want to disclaim as much risk and liability as possible
- Consider necessary service levels and performance required for business application in determining when to walk away
4. Testing / Liability
- Robust testing environment to validate and debug application before launch
- Consider risk of improperly settled transactions, network failures, and other risks inherent to business application
- In customer and vendor agreements, clearly allocate risks and liabilities under all potential dispute and/or failure scenarios
5. Privacy / Customer Data
- Understand benefits and need for comprehensive permission-based structure
- Verify identification of participants and set access levels to ensure compliance with all applicable privacy and security regulations
6. Intellectual Property
- Ensure appropriate user permissions and access limitations to prevent harvesting of proprietary business data or trade secret information
- Vendor and customer agreements should address ownership of existing IP, later developed IP, and comprehensive restrictions on use / disclosure
7. Enforceability / Dispute Resolution of Smart Contracts
- Automated process, but what if something goes wrong?
- Allocate liability & risks, and outline procedures for enforcement / dispute resolution
- Have “in case of fire” plan – may need to unwind transactions or manually evaluate and create corrective entries.
- Consider including real-time monitoring and auditing functionality
8. Regulatory Compliance
- Same rules, different game
- Critical to understand technology, how it works, what processes it is supplanting, and what it is doing to coordinate and update compliance regimes
9. Transaction Due Diligence
- Ownership of data / property on Blockchain
- Critical to understand how Blockchain technology works
- Traditional approaches to due diligence may need to be altered