Considering blockchain? Here are nine items that in-house counsel should keep in mind.

1. Less Simple = Less Secure

  • The more features and complexity in a distributed application, the more potential vulnerabilities
  • Ask: What is our strategic goal? What functionality is necessary vs. just desirable?

2. Jurisdiction issues

  • Consider cross-border transactions, different laws and regulatory schemes
  • Ensure clear and comprehensive choice of law, venue and jurisdiction provisions for resolving any disputes

3. Vendor issues

  • Blockchain vendors will want to disclaim as much risk and liability as possible
  • Consider necessary service levels and performance required for business application in determining when to walk away

4. Testing / Liability

  • Robust testing environment to validate and debug application before launch
  • Consider risk of improperly settled transactions, network failures, and other risks inherent to business application
  • In customer and vendor agreements, clearly allocate risks and liabilities under all potential dispute and/or failure scenarios

5. Privacy / Customer Data

  • Understand benefits and need for comprehensive permission-based structure
  • Verify identification of participants and set access levels to ensure compliance with all applicable privacy and security regulations

6. Intellectual Property

  • Ensure appropriate user permissions and access limitations to prevent harvesting of proprietary business data or trade secret information
  • Vendor and customer agreements should address ownership of existing IP, later developed IP, and comprehensive restrictions on use / disclosure

7. Enforceability / Dispute Resolution of Smart Contracts

  • Automated process, but what if something goes wrong?
  • Allocate liability & risks, and outline procedures for enforcement / dispute resolution
  • Have “in case of fire” plan – may need to unwind transactions or manually evaluate and create corrective entries.
  • Consider including real-time monitoring and auditing functionality

8. Regulatory Compliance

  • Same rules, different game
  • Critical to understand technology, how it works, what processes it is supplanting, and what it is doing to coordinate and update compliance regimes

9. Transaction Due Diligence

  • Ownership of data / property on Blockchain
  • Critical to understand how Blockchain technology works
  • Traditional approaches to due diligence may need to be altered