As we approach the end of 2017, it is a time to reflect on the dizzying pace of technology evolution this year, and the amazing array of legal issues it presented. Similarly, it is a time to look forward and anticipate what technology-related issues we will be thinking about in the coming year.
For 2017, the list is long and varied.
This year, the true potential of blockchain was recognized by many in the commercial sector. While recent blockchain-related headlines have focused on the rise (and regulation) of cryptocurrencies, a great deal of the blockchain action has been in back office applications in financial services, supply chain and other areas. Industry wide consortia have been formed, trials and proof of concepts have been run, and, as evidenced by the recent announcement by the Australian Stock Exchange to replace its clearing and settlement system with a blockchain based system, we are moving into full production implementations of blockchain systems.
Cybersecurity garnered major attention in 2017. Unfortunately, data breaches continued to be a constant headline item, as were related class action litigation. As a result, cybersecurity was a “top of the agenda” item for state and federal agencies, state legislatures, regulators, corporate boards, GCs and plaintiffs’ lawyers.
As a related matter, privacy issues were also front and center this year. In particular, we saw increased activity in some of the cutting edge areas of privacy law, including biometrics-related litigation (particularly under the Illinois Biometric Information Privacy Act (known as BIPA)), video streaming privacy (particularly under the Video Privacy Protection Act, or the VPPA)) and mobile-related privacy issues.
There are many other issues that occupied our minds this year, including artificial intelligence, virtual and augmented reality, online copyright liability (including application of the DMCA in online contexts), and publisher/distributor liability for third party content online (under Section 230 of the Communications Decency Act). Additionally, parties involved in agreements of all types have been increasingly focused on technology-related legal risk, and were more intent on addressing and shifting technology-related risks with very specific contractual provisions.
So, what do we see happening in 2018? All of the above and more.
As noted above, blockchain is in enterprise “production mode” and we expect that to be a continuing trend in 2018. How will all of the related legal issues be fully resolved? That is yet to be determined. Will the regulatory frameworks apply smoothly or will we see the litigation that usually occurs when old laws are applied to new technology? How will the UCC apply? Will permissioned blockchains operate smoothly, and how will they navigate the usual collaboration-related concerns (e.g., antitrust, standardization, intellectual property)? What will happen with cryptocurrencies? Will regulators embrace or stifle cryptocurrencies? How will the SEC deal with ICOs? How will global consistency be achieved?
Cybersecurity will of course continue to be important to all businesses and require deft strategies to handle emerging threats. How will company boards face this issue? Who will regulators hold as responsible? Is there any chance Congress will finally adopt national legislation to simplify breach notification standards? Who will bear the increasing levels of liability associated with breaches? How will the US deal with other countries on this truly global problem? And will this area continue to be a magnet for plaintiffs’ class action lawyers?
As for privacy, these issues will continue to become more complex. Given the sophisticated data analytics and tracking techniques being developed to discern patterns and information from our “digital exhaust,” and given the new and creative ways that individuals can be identified and profiled, this will be a ripe area of activity for 2018. Mobile tracking is evolving and we are likely to see more legal activity in that space in the coming year. Satellite and drones, largely unregulated in a comprehensive and uniform way, may be the subject of more scrutiny. BIPA and VPPA litigation is expected to increase as well.
2018 also promises to be the year of Europe’s General Data Privacy Regulation, often referred to as GDPR. It comes into effect in May 2018 and by its terms, applies to a very broad swath of organizations (including some that may be based in the US). As the penalties for non-compliance could be steep, many organizations have been focused on GDPR compliance this year, and we expect the topic to be of increased interest in the new year.
All of the other 2017 areas discussed above are likely to be busy as well. But, people ask, what is the next issue on the radar of tech lawyers?
We have begun to work in the area of quantum computing. The limits of traditional computer processing are purportedly reaching an apex in the near future – Moore’s Law, which observed how the power of computer chips would double in power about every 18 months, seems to be slowing down due to the technological limitations of how many transistors can conceivably fit on a computer chip.
While chip manufacturers continue to seek innovations and efficiencies, one of the next big things on the horizon that promises expanded capabilities beyond transistor-based processing is “quantum computing.” While conventional computers use binary data or bits (i.e., Os and 1s) to store and process information (a bit can either store a 0 or 1), a quantum computer operates based on the laws of quantum mechanics and uses quantum bits or “qubits,” which can be in what’s called the superposition of zero and one at the same time (e.g., a qubit can store a 0, 1, or a summation of both 0 and 1). Ultimately, it is expected that quantum computers can solve complex computations exponentially faster – as much as 100 million times faster — than classic computers.
As a result, the government and technology companies are investing in and developing emerging quantum computing architecture platforms and new computing languages that vastly increase algorithm performance and processing while reducing energy consumption. For example, IBM has launched a major quantum computing research project and is collaborating with a cross-industry group to apply quantum computing to business. Google is making similar efforts, and at one point announced that it expects to achieve “Quantum Supremacy” by the end of this year.
While currently in the experimental phases and not ready for commercial markets, quantum computers could someday allow scientists and others to solve very complex problems in chemistry, applied mathematics, biology and engineering, and also push huge advances in areas such as artificial intelligence, machine learning, and large database searching and big data processing.
What are some of the legal issues that quantum computing presents?
- Encryption and cryptography: Current encryption and cryptography systems are premised on the assumption that there are limits to the resources and processing power that can be brought to breaking such systems. Quantum computers may be powerful enough (perhaps) to break the public key cryptography systems currently in use that protects secure online communications and encrypted data. If the resources of quantum computers are ever generally available or otherwise fall into the “wrong” hands, encryption and cryptography, as we know it today, could be in jeopardy. This has led NIST to begin the process to standardize so-called post-quantum cryptography. [Clearly, basic password protection would appear quaint and “a nice try” in light of the resources quantum computing could bring to a “brute force” hack.]
- Blockchain: On a related front, bitcoin and blockchain technology rely on public key cryptography to maintain the security of the ledger. Moreover, bitcoin relies on the work of “miners” to use computing power resources to solve certain complex mathematical problems to verify transactions, a task that would be upended by entities with quantum computing platforms. Again, quantum computing presents a real threat to existing blockchain algorithms. As a result, developers are working on quantum-resistant ledgers.
- Securities Industry Issues: To the extent quantum computing is available to those in the securities industry, will the lightning-fast speed of transactions (or something even faster than high-frequency trading) be a problem for regulators? How will regulators be able to effectively monitor securities activities if the speed and volume of transactions expands exponentially at the levels that quantum computing might make available?
- Military Applications: While there is already a great deal of concern about the use of artificial intelligence and autonomous machines in the military context, if that is coupled with the speed of quantum computing, the concerns are even more acute.