Kilpatrick Townsend’s Michael Breslin recently led a panel presentation, alongside Kilpatrick attorney Joshua Benson and AT&T in-house attorney Jason Thelen, covering key concepts and trends that in-house counsel should be aware of regarding blockchain and cryptocurrency. The discussion highlighted how companies in a variety of industries are continuing to explore potential blockchain applications and ways that distributed ledger technologies can improve both their internal and external processes.
3 key takeaways from the presentation include:
1. Privacy Compliance Under Regimes Like GDPR. A key feature of data stored on a blockchain is that it is immutable – once verified and entered on the chain, it cannot be altered or deleted. This has the potential to conflict with privacy regimes like GDPR that grant consumers a “right to be forgotten” or “right of erasure” of personal data, if such data is stored on a blockchain. On-chain encryption of such data may provide a quasi-solution, but counsel should closely explore with their clients the nature of data that may be stored on-chain. To the extent possible in light of the business needs of the blockchain application being discussed, companies should avoid on-chain recording of personally identifiable information or other data subject to such erasure requirements.
2. SEC Guidance on Cryptocurrency Offerings. Almost without exception, the SEC has determined that organizations’ initial sale of cryptocurrencies – an initial coin offering or “ICO” – constituted the sale of investments and needed to be a registered securities offering. However, in a landmark April 2019 No Action Letter, the SEC stated it would take no action against the unregistered cryptocurrency offering of Turnkey Jets, who planned to sell cryptocurrency tokens that could be used to purchase flight time on private jets. The SEC’s decision was based on the following features of the proposed offering: (1) the funds received from the token sale would not be used to develop the platform on which the token exchange would operate; (2) the tokens would be immediately exchangeable for purchasing air charter services; and (3) the tokens would be redeemable by Turnkey Jets for $1 each – the same price at which they were sold. These unique features distinguished the Turnkey Jets offering from the majority of ICOs that imply purchases will earn a return on their investments. Regardless, companies considering a cryptocurrency sale should carefully examine whether it should be a registered securities offering, given the SEC’s position that the answer has almost always been yes.
3. Should Your Organization Hold Cryptocurrency? Given the recent wave of ransomware attacks on private and governmental organizations by hackers demanding payment in cryptocurrency, many companies are considering whether to hold an emergency balance of crypto funds. Some believe that having such funds readily available will enable them to buy their way out of a potentially-crippling ransomware attack at a price far less expensive than the business interruption and public relations damage these attacks can generate. Regardless of your organization’s stance or the reason for holding cryptocurrency, there are best practices companies can employ to do so securely. For example, multi-signature wallets can help prevent internal theft by requiring passwords from multiple company officers before the wallet will release any funds. And such funds should almost always be held in a physical wallet device stored in a safe deposit box, rather than an online wallet. In-house counsel should consult with experts to determine the appropriate security features to employ under their company’s circumstances.