LEGAL ISSUES IN CORPORATE GOVERNANCE RELATED TO BLOCKCHAIN TECHNOLOGY

This article is written by Shayaree Sen of 4^th Semester of Jogesh Chandra Chaudhuri Law College, an intern under Legal Vidhiya

ABSTRACT

As blockchain technology continues to revolutionize corporate governance, it brings forth a host of legal intricacies demanding thorough exploration. This article delves into the multifaceted legal landscape surrounding blockchain integration in corporate governance. Beginning with an introduction to the transformative potential of blockchain, it addresses critical issues such as regulatory compliance, data privacy, and security concerns inherent in blockchain systems. Strategies for safeguarding privacy within the transparent blockchain ecosystem are examined, alongside the enforceability challenges of smart contracts and potential solutions. Furthermore, the article analyzes pertinent legal precedents in key jurisdictions including the US, EU, and Singapore, shedding light on evolving digital asset ownership frameworks and the concept of tokenization. It scrutinizes jurisdictional challenges arising from the decentralized nature of blockchain technology, proposing strategies to navigate these complexities effectively. Ultimately, the article underscores the imperative for adaptable legal frameworks to accommodate the disruptive impact of blockchain on corporate governance. By providing insights into these legal nuances, it aims to equip stakeholders with the knowledge needed to navigate the legal terrain of blockchain integration seamlessly.

KEYWORDS

Blockchain technology, Decentralized ledger system, Data privacy, Smart Contract, Digital Assets, Jurisdictional challenges, GDPR, SEC, ESMA, CFT, KYC, AML, Encryption

INTRODUCTION

Blockchain technology is a distributed, decentralized ledger system that maintains the integrity and security of data shared by recording transactions across several computers. Numerous transactions are contained in each block of the chain, and each new transaction is validated by a network of computers, or nodes, prior to being added to the blockchain. It is immune to manipulation and fraud because, once recorded, the data in any given block cannot be changed without also changing all following blocks. Though most people primarily identify blockchain technology with cryptocurrencies like Bitcoin, it has applications in a number of different areas, including supply chain management, healthcare, and banking.[1] Because blockchain technology has the potential to completely transform accountability, transparency, and efficiency, it is extremely significant for corporate governance. Corporate governance is the framework of policies, procedures, and guidelines that govern how an organization is run. It entails striking a balance between the interests of numerous parties involved, including the government, the community, suppliers, consumers, shareholders, and financiers.[2] Blockchain improves record-keeping, shareholder participation, and proxy voting procedures by offering a transparent and impenetrable log of transactions, building stakeholder trust. Board governance is streamlined by automated smart contracts, which also guarantee compliance and openness in decision-making. Furthermore, blockchain facilitates ethical sourcing and risk management by increasing supply chain transparency. Its cryptographic security mechanisms support data security and privacy by protecting critical corporate data. All things considered, blockchain technology gives businesses the ability to improve stakeholder trust, fortify their governance procedures, and run more honourably and effectively.[3] But effective corporate governance in blockchain-based systems requires addressing legal concerns because doing so assures adherence to current laws, reduces the likelihood of legal conflicts, and builds stakeholder trust. Legal frameworks facilitate smoother operations and investment by giving clarity on ownership, liability, and contract enforcement. They also set rules for intellectual property rights, data protection, and dispute settlement, which improves accountability and openness throughout the ecosystem. Through early resolution of legal issues, blockchain companies can establish a strong basis for long-term expansion and extensive integration.

REGULATORY COMPLIANCE

Globally, regulatory frameworks for blockchain technology differ, but they usually center on things like financial transactions, data security, and anti-money laundering. As an illustration, the SEC is in charge of securities rules in the US, whereas FinCEN is responsible for anti-money laundering legislation.[4] The GDPR oversees data protection in the EU, whereas state authorities and ESMA are in charge of financial operations.[5] As governments struggle with the particular difficulties presented by blockchain, this complex terrain is changing.

Compliance Requirements

Corporations utilizing blockchain for governance purposes must consider various compliance requirements, including:

• Businesses need to make sure that any personal information handled or stored on the blockchain conforms with applicable data protection laws, such as the CCPA[6] in California or the GDPR[7] in Europe.
• Financial regulations like KYC (Know Your Customer), AML (Anti-Money Laundering) and CFT (Combating the Financing of Terrorism)[8] may apply to a firm depending on the nature of its operations.
• The company must abide by securities laws if it is tokenizing assets or issuing tokens. This means that they must follow rules set forth by organizations like the SEC[9] in the US or comparable authorities abroad.
• When incorporating blockchain technology, corporations are required to uphold adherence to current corporate governance standards. This entails making certain that the corporation’s bylaws and regulations are adhered to by the blockchain-based governance mechanisms.
• If using smart contracts for governance procedures, comprehensive audits are required to make sure they operate as intended and adhere to any legal and regulatory requirements.[10]
• Since blockchain technology is still in its infancy, maintaining compatibility with current systems and conformity to industry standards is crucial for efficient operations and legal compliance.

In general, managing the compliance requirements for blockchain-based governance calls for a complex strategy that frequently calls for cooperation between corporate governance specialists, blockchain developers, and legal experts.

DATA PRIVACY & SECURITY

Data privacy concerns arise from the immutable and transparent nature of blockchain technology.

Permanent Record:- Data on the blockchain cannot be changed or removed after it has been recorded. This could be dangerous if the data has sensitive or inaccurate information that has to be changed or removed.

Data Leakage:- All participants can view transaction details saved on the blockchain, which may reveal private information about certain people, businesses, or transactions.[11]

Pseudonymity:- Although blockchain transactions are anonymous, it is occasionally possible to deduce a connection between addresses and actual identities, which could result in privacy violations.[12]

Regulatory Compliance:- The inability to edit or remove data from the blockchain makes compliance with data privacy laws more complex. This makes it harder to follow rules like the GDPR’s right to be forgotten.

Third-party Data Correlation:- Blockchain data can be further compromised by third-party data sources or analytics tools that link it to other types of information.

Smart Contract Vulnerabilities:- Because smart contracts run automatically in response to predetermined triggers, they may unintentionally divulge private information or have security holes that might be used to access or change data.[13]

In order to allay these worries, privacy-enhancing technology like encryption and zero-knowledge proofs must be put into practice, and explicit rules and guidelines pertaining to data privacy in blockchain applications must be established.

Strategies For Ensuring Privacy

Encryption:- Encrypting data before putting it on the blockchain makes sure that only people with the proper authorization may view and decrypt private data.

Private Blockchains:- By limiting visibility to a specific group of users, permissioned or private blockchains improve data privacy by limiting access to approved participants.

Zero-Knowledge Proofs:- These techniques preserve transaction privacy by enabling verifiable calculations on encrypted data without disclosing the data itself.

Off-Chain Storage:- Data integrity is preserved while exposure is minimized by storing sensitive data off-chain and referencing it via hashes or encrypted pointers on the blockchain.

Consensus Mechanisms:- The overall resilience of the blockchain network can be improved by using consensus mechanisms that prioritize security and privacy, such as Proof of Stake or Practical Byzantine Fault Tolerance.

Smart Contracts Audits:- Ongoing audits of smart contracts assist in locating and addressing flaws that may jeopardize the security and privacy of data.

Identity Management:- By putting strong identity management systems in place, the danger of unwanted access is decreased because only authorized users are able to view and interact with data on the blockchain.

By implementing these tactics, companies can take advantage of blockchain technology’s openness and immutability while reducing security and privacy vulnerabilities related to data in networks.[14]

SMART CONTRACT ENFORCEABILITY

The enforceability of smart contracts presents interesting legal questions in the context of corporate governance. Smart contracts subvert conventional contract law concepts since they are self-executing contracts with provisions encoded directly into the code. These contracts’ legitimacy depends on a number of elements, such as the parties’ intentions, the terms’ clarity, and adherence to relevant legal frameworks.

The suitability of conventional contract formation components, such as offer, acceptance, and consideration, in the digital environment is one important factor. Courts may carefully examine whether smart contracts satisfy these conditions, making sure they replicate the fundamental components of conventional contracts in order to be enforceable. Furthermore, because smart contract wording might be ambiguous, it must be carefully drafted to avoid misunderstandings or unintended consequences. Courts have the authority to evaluate the code’s effectiveness in addressing various scenarios and potential disputes, as well as how correctly it reflects the parties’ objectives.

Additionally, jurisdiction and governing law issues are relevant, especially for multinational firms that operate in multiple legal countries. Carefully examining international treaties, legal precedents, and regulatory requirements is necessary to ascertain the suitable legal framework for smart contracts in corporate governance. Moreover, smart contracts’ enforceability can depend on their adherence to legal requirements including data privacy laws and securities regulations. Smart contracts may become unenforceable or face legal challenges if certain rules are broken.[15]

Challenges

• Contract Formation:-

In cases of automated execution, courts may closely examine whether smart contracts adhere to customary conditions for contract creation, including offer, acceptance, and consideration.

• Interpretation:-

Conflicts may arise from unclear terminology in smart contracts. In interpreting codes, courts may take into account the context, industry norms, and intent of the parties.

• Enforceability:-

It can be difficult to make sure smart contracts abide with current laws and regulations. Legal systems might need to change in order to accept blockchain-based transactions, automated performance, and digital signatures.

• Security:-

Coding mistakes, fraud, and hacking can all affect smart contracts. Liability and remedies for parties impacted by such situations may need to be determined by courts.

• Jurisdiction:-

It can be difficult to decide which jurisdiction is best for conflicts involving foreign transactions carried out through smart contracts; this requires taking into account both contractual provisions and international law.

• Remedies:-

In the context of smart contracts, courts may find it difficult to impose conventional remedies like specific performance or damages. There may be a need for new types of relief designed for digital transactions.

• Regulatory Compliance:-

When using smart contracts in regulated sectors of the economy, they have to abide by applicable rules, such as those pertaining to consumer protection or finance. Failure to comply may result in fines and legal issues.

• Privacy:-

It can be difficult to strike a balance between privacy concerns and the transparency of blockchain technology. When deciding cases involving private information kept on the blockchain, courts could have to deal with privacy concerns.

Legal professionals, technologists, regulators, and industry stakeholders must work together to address these issues and create frameworks that support innovation while guaranteeing legal certainty and protection for all parties.[16]

Potential Solutions

• Code audits:-

There are various ways to improve the enforceability of smart contracts and reduce risks: Code Audits: To help find vulnerabilities and make sure the contract works as intended, independent experts should conduct routine audits of smart contract code.

• Legal Framework:

Enforceability can be improved by creating legal frameworks that acknowledge smart contracts and offer channels for legal remedies in the event of disagreements.

• Multi-signature wallets:-

By requiring multiple parties to authorize transactions, multi-signature wallets can provide an additional degree of protection.

• Oracle solutions:-

Reducing reliance on potentially manipulable data sources can be achieved by using trusted or decentralized oracles to offer external data inputs.

• Escrow services:-

By keeping money until certain requirements are satisfied, escrow services can provide both parties confidence.

• Insurance products:-

By developing insurance plans especially for smart contracts, financial risks related to contract failure can be reduced.

It is possible to greatly enhance the enforceability and risk management of smart contracts by fusing technology advancements with financial and legal procedures.[17]

LEGAL PRECEDENTS

Although there are still many unresolved instances in the field of smart contract execution and dispute resolution, the following cases stand out:

• The DAO Hack (2016)[18]: This event resulted in a substantial financial loss due to the exploitation of a decentralized autonomous organization (DAO). It brought up issues with smart contract code weaknesses, governance, and liability.
• SEC v. Ripple Labs[19]: The XRP coin from Ripple was the subject of a class-action lawsuit claiming it was an unregistered security, which brought attention to regulatory issues with cryptocurrency-based smart contracts.

These instances highlight the difficulties and unpredictabilities in law that arise while executing smart contracts and resolving disputes. The outcomes of these court cases help to establish legal precedents that influence the direction of smart contract law in the future.

DIGITAL ASSET OWNERSHIP

Legal Frameworks

United States:-

• Securities laws:- Under the Securities Act of 1933 and the Securities Exchange Act of 1934, the Securities and Exchange Commission (SEC) regulates digital assets as securities.

• Commodity laws:- Under the Commodity Exchange Act, digital assets are governed by the Commodity Futures Trading Commission (CFTC) like commodities.

• Anti-Money Laundering(AML) & Know Your Customer (KYC) ;- Compliance with the Bank Secrecy Act (BSA) is required for entities dealing with digital assets.

• Taxation:- Cryptocurrencies are regarded as property by the Internal Revenue Service (IRS) and are therefore subject to capital gains tax.[20]

European Union:-

• Markets in Crypto-assets Regulation (MiCA):- Proposed regulation to harmonize the treatment of digital assets across EU member states, providing legal certainty and consumer protection.

• Fifth Anti-Money Laundering Directive (AMLD5):- Lays forth rules for cryptocurrency exchanges and custodian wallet providers in terms of AML and KYC.

Singapore:-

• Payment Services Act:- Governs digital payment token services and cryptocurrency exchanges.

• Personal Data Protection Act:- Governs the handling of personal data by cryptocurrency businesses.[21]

These examples show the various approaches that different jurisdictions have adopted to govern digital assets, which reflects the different stages of development and sophistication of the legal systems pertaining to this newly developed asset class.

TOKENIZATION

In corporate governance, tokenization—the act of transforming an asset’s rights into a digital token on a blockchain—has legal ramifications. Tokens that are backed by underlying assets, like stocks or real estate, signify possession or eligibility to those assets. Tokenization may complicate issues with liability, shareholder rights, and regulatory compliance in terms of company governance. First and foremost, it is imperative to adhere to securities rules since tokenized assets could be regarded as securities and be governed by stringent laws like as the Securities Act in the United States. Tokenization also changes the dynamics among shareholders by perhaps broadening the pool of potential investors and posing issues with dividend payments, voting rights, and information disclosure. It might be necessary to modify established corporate governance frameworks in order to satisfy token holders’ concerns and promote open decision-making. Liability concerns also surface over token issuers’ obligations to token holders and their compliance with fiduciary duties. To safeguard the interests of all parties involved and reduce the likelihood of disputes, contractual arrangements regulating token issuance and trading must be strong legally. All things considered, even while tokenization provides advantages in terms of efficiency and liquidity, maintaining corporate governance standards and reducing regulatory risks requires careful legal navigation. Working with legal professionals knowledgeable about securities law and blockchain is essential for businesses pursuing tokenization.[22]

JURISDICTIONAL CHALLENGES

Corporate governance based on blockchain presents a multitude of jurisdictional challenges to established legal frameworks across the globe. Due to blockchain’s decentralized structure, laws that were created for centralized organizations are difficult to implement across national borders. The difficult issue for legislators is to create legislation that balance maintaining legal clarity and enforceability with accommodating this paradigm shift. In the United States, legislative examples illustrate the struggle to adapt. The Securities and Exchange Commission (SEC) grapples with classifying tokens issued through Initial Coin Offerings (ICOs) as securities, commodities, or currencies. This classification determines the regulatory requirements for token offerings, trading platforms, and investors.[23] The SEC’s guidance evolves as the technology advances, reflecting the ongoing effort to reconcile blockchain innovations with existing securities laws, such as the Securities Act of 1933 and the Securities Exchange Act of 1934. Similarly, the General Data Protection Regulation (GDPR) of the European Union (EU) presents difficulties for blockchain initiatives because of its strict data protection guidelines. The immutability of blockchain raises questions regarding compliance with GDPR’s permission and data deletion requirements. In an effort to resolve these conflicts and reconcile blockchain development with GDPR and other pertinent rules, the EU Blockchain Observatory and Forum was established.[24] Moreover, international transactions make jurisdictional issues worse. When smart contracts are carried out on a blockchain, parties from several jurisdictions may be involved, each governed by their own legal system. International collaboration and attempts towards legal harmonization are necessary due to conflicts that develop in relation to contract enforceability, dispute settlement, and taxation. To sum up, the intricate legal framework around blockchain-based corporate governance highlights the necessity for innovative and flexible regulatory strategies. In an increasingly interconnected world, legislators, regulators, and legal experts must work together to design complex frameworks that promote innovation while preserving legal integrity and investor interests.[25]

CONCLUSION

There are benefits and drawbacks to incorporating blockchain technology into corporate governance. Blockchain increases legal complexity even as it provides efficiency, security, and transparency. The enforceability of smart contracts, data privacy concerns, and jurisdictional ambiguity are important challenges. Future trends indicate that regulations will become more clear as governments work to adjust to blockchain advancements. Furthermore, developments in decentralized governance models might occur, providing more open and democratic corporate decision-making procedures. Policymakers, engineers, and legal experts must work together to address legal challenges. Blockchain-specific regulatory frameworks can bring clarity and build confidence in the technology. Furthermore, standardizing smart contract templates and putting strong privacy safeguards in place can improve legal compliance and reduce risks. Ultimately, a comprehensive strategy that embraces innovation while respecting legal standards and safeguarding stakeholders’ interests is needed to navigate the legal terrain of blockchain technology in corporate governance. Through proactive resolution of these obstacles, enterprises may fully leverage blockchain technology, maintain regulatory compliance, and cultivate confidence in the digital economy.

REFERENCES

1. Ravikiran A S, What is blockchain technology? How does blockchain work? [updated] Simplilearn.com (2023), https://www.simplilearn.com/tutorials/blockchain-tutorial/blockchain-technology (last visited Apr 15, 2024).
2. Corporate governance: What it is and why it matters, Pitt Law MSL Online Program (2023), https://online.law.pitt.edu/blog/corporate-governance-what-it-is-and-why-it-matters (last visited Apr 15, 2024).
3. Author(s) Anne Lafarre   et al., The viability of blockchain in corporate governance Oxford Law Blogs (2023), https://blogs.law.ox.ac.uk/oblb/blog-post/2023/07/viability-blockchain-corporate-governance#:~:text=Blockchain%20technology%20can%20offer%20increased,and%20improved%20fairness%20among%20stakeholders (last visited Apr 15, 2024).
4. Josias N. Dewey & Samir Patel, Blockchain & Cryptocurrency Laws and regulations: USA GLI – Global Legal Insights – International legal business solutions (2023), https://www.globallegalinsights.com/practice-areas/blockchain-laws-and-regulations/usa (last visited Apr 16, 2024).
5. Privacy policy, ESMA (2022), https://esma.org/privacy-policy/#:~:text=ESMA%20will%20process%20(collect%2C%20store%20and%20use),keep%20it%20for%20longer%20than%20is%20necessary (last visited Apr 16, 2024).
6. California Consumer Privacy Act (CCPA), State of California – Department of Justice – Office of the Attorney General (2024), https://oag.ca.gov/privacy/ccpa#:~:text=The%20California%20Consumer%20Privacy%20Act,for%20exercising%20their%20CCPA%20rights (last visited Apr 16, 2024).
7. Rohit Tambe & Jayaram Bhat SSI, Blockchain and Data Privacy: GDPR compliance and beyond Smart Sight Innovations (2023), https://www.smartsight.in/technology/blockchain-and-data-privacy-gdpr-compliance-and-beyond/#:~:text=Key%20principles%20of%20GDPR%20include,rectify%2C%20or%20erase%20their%20data. (last visited Apr 16, 2024).
8. What are KYC + AML checks? Overview, IDnow (2023), https://www.idnow.io/regulation/aml-kyc-overview/#:~:text=Processes%20for%20AML%2C%20Combating%20the,using%20modern%20artificial%20intelligence%20techniques (last visited Apr 16, 2024).
9. Home, SEC Emblem (2017), https://www.sec.gov/ (last visited Apr 16, 2024).
10. What is a smart contract audit?, Hedera, https://hedera.com/learning/smart-contracts/smart-contract-audit#:~:text=A%20smart%20contract%20audit%20involves,and%20reliability%20of%20blockchain%20applications. (last visited Apr 16, 2024).
11. Author links open overlay panel Vinay Gugueoth a et al., A review of IOT security and privacy using decentralized blockchain techniques Computer Science Review (2023), https://www.sciencedirect.com/science/article/pii/S1574013723000527 (last visited Apr 17, 2024).
12. Amlegals, Data privacy issues in Blockchain Law Firm in Ahmedabad (2023), https://amlegals.com/data-privacy-issues-in-blockchain/ (last visited Apr 17, 2024).
13. Issues and challenges (privacy, security, and trust) in Blockchain-based applications (2021): Siddharth M. Nair: 6 citations, SciSpace – Paper (2020), https://typeset.io/papers/issues-and-challenges-privacy-security-and-trust-in-5e8eq8expd (last visited Apr 17, 2024).
14. Jessica Groopman, How to secure blockchain: 10 best practices: TechTarget Security (2023), https://www.techtarget.com/searchsecurity/tip/8-best-practices-for-blockchain-security (last visited Apr 17, 2024).
15. Agnes Tcherneva, Are smart contracts legally binding? Here is all you should know INDUSTRIA (2023), https://www.industria.tech/blog/are-smart-contracts-legally-binding/#:~:text=While%20smart%20contracts%20could%20be,binded%20by%20a%20legal%20agreement (last visited Apr 18, 2024).
16. Smart contract challenges | Hedera, https://hedera.com/learning/smart-contracts/smart-contract-challenges (last visited Apr 18, 2024).
17. PDF) challenges and common solutions in smart contract development, https://www.researchgate.net/publication/355021808_Challenges_and_Common_Solutions_in_Smart_Contract_Development (last visited Apr 18, 2024).
18. The dao: What was the dao hack?, Gemini, https://www.gemini.com/cryptopedia/the-dao-hack-makerdao (last visited Apr 18, 2024).
19. Sec. & exch. Comm’n v. Ripple Labs., 20 CIV. 10832 (at) | case text search + citator, https://casetext.com/case/sec-exch-commn-v-ripple-labs-28 (last visited Apr 18, 2024).
20. Capital Markets Risk & Business Transformation authorfirstname:John|authorlastname:Boyle|authorjobtitle:Principal, Capital Markets Strategy and Business Transformation author first name: Mark |author last name: Nichols| author job title: Principal & Ernst & Young LLP|authorurl:/content/ey-unified-site/ey-com/local/us/en_us/home/people/profile-blueprint.people.html/content/dam/content-fragments/ey-unified-site/ey-com/people/en_us/m/michael-winter.html author first name: Michael| author last name: Winter |author job title: EY US-West Region Financial Services Risk Management Lead, Digital Asset Ecosystem: US Regulatory Licensing and registration EY, https://www.ey.com/en_us/insights/financial-services/navigating-digital-asset-risks-and-controls (last visited Apr 19, 2024).
21. Digital Assets – Regulatory Framework and emerging legal trends, Legal Developments, https://www.legal500.com/developments/thought-leadership/digital-assets-regulatory-framework-and-emerging-legal-trends/#:~:text=The%20legal%20definition%20of%20digital,and%20Digital%20Token)%20Order%202019.&text=Governing%20Law-,Capital%20Markets%20and%20Services%20(Prescription%20of%20Securities)%20(Digital%20Currency,(the%20%E2%80%9COrder%E2%80%9D) (last visited Apr 19, 2024).
22. (PDF) governance challenges of blockchain and decentralized autonomous organizations, https://www.researchgate.net/publication/337239592_Governance_challenges_of_blockchain_and_decentralized_autonomous_organizations (last visited Apr 19, 2024).
23. Digital tokens: A legal perspective, WP/23/151, July 2023, https://www.imf.org/-/media/Files/Publications/WP/2023/English/wpiea2023151-print-pdf.ashx (last visited Apr 19, 2024).
24. Cory Hymel, SEC classifies tokens as securities, is crypto regulation bad? Gigster (2023), https://gigster.com/blog/sec-classifies-tokens-as-securities-is-crypto-regulation-bad/ (last visited Apr 19, 2024).
25. Art. 17 GDPR – right to erasure (‘right to be forgotten’), General Data Protection Regulation (GDPR) (2017), https://gdpr-info.eu/art-17-gdpr/ (last visited Apr 19, 2024).
26. Kevin Werbach, Trust, but verify: Why the blockchain needs the law SSRN (2016), https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2844409 (last visited Apr 19, 2024).

---

[1] Ravikiran A S, What is blockchain technology? How does blockchain work? [updated] Simplilearn.com (2023), https://www.simplilearn.com/tutorials/blockchain-tutorial/blockchain-technology (last visited Apr 15, 2024).

[2] Corporate governance: What it is and why it matters, Pitt Law MSL Online Program (2023), https://online.law.pitt.edu/blog/corporate-governance-what-it-is-and-why-it-matters (last visited Apr 15, 2024).

[3] Author(s) Anne Lafarre   et al., The viability of blockchain in corporate governance Oxford Law Blogs (2023), https://blogs.law.ox.ac.uk/oblb/blog-post/2023/07/viability-blockchain-corporate-governance#:~:text=Blockchain%20technology%20can%20offer%20increased,and%20improved%20fairness%20among%20stakeholders (last visited Apr 15, 2024).

[4] Josias N. Dewey & Samir Patel, Blockchain & Cryptocurrency Laws and regulations: USA GLI – Global Legal Insights – International legal business solutions (2023), https://www.globallegalinsights.com/practice-areas/blockchain-laws-and-regulations/usa (last visited Apr 16, 2024).

[5] Privacy policy, ESMA (2022), https://esma.org/privacy-policy/#:~:text=ESMA%20will%20process%20(collect%2C%20store%20and%20use),keep%20it%20for%20longer%20than%20is%20necessary (last visited Apr 16, 2024).

[6] California Consumer Privacy Act (CCPA), State of California – Department of Justice – Office of the Attorney General (2024), https://oag.ca.gov/privacy/ccpa#:~:text=The%20California%20Consumer%20Privacy%20Act,for%20exercising%20their%20CCPA%20rights (last visited Apr 16, 2024).

[7] Rohit Tambe & Jayaram Bhat SSI, Blockchain and Data Privacy: GDPR compliance and beyond Smart Sight Innovations (2023), https://www.smartsight.in/technology/blockchain-and-data-privacy-gdpr-compliance-and-beyond/#:~:text=Key%20principles%20of%20GDPR%20include,rectify%2C%20or%20erase%20their%20data. (last visited Apr 16, 2024).

[8] What are KYC + AML checks? Overview, IDnow (2023), https://www.idnow.io/regulation/aml-kyc-overview/#:~:text=Processes%20for%20AML%2C%20Combating%20the,using%20modern%20artificial%20intelligence%20techniques (last visited Apr 16, 2024).

[9] Home, SEC Emblem (2017), https://www.sec.gov/ (last visited Apr 16, 2024).

[10] What is a smart contract audit?, Hedera, https://hedera.com/learning/smart-contracts/smart-contract-audit#:~:text=A%20smart%20contract%20audit%20involves,and%20reliability%20of%20blockchain%20applications. (last visited Apr 16, 2024).

[11] Author links open overlay panel Vinay Gugueoth a et al., A review of IOT security and privacy using decentralized blockchain techniques Computer Science Review (2023), https://www.sciencedirect.com/science/article/pii/S1574013723000527 (last visited Apr 17, 2024).

[12] Amlegals, Data privacy issues in Blockchain Law Firm in Ahmedabad (2023), https://amlegals.com/data-privacy-issues-in-blockchain/ (last visited Apr 17, 2024).

[13] Issues and challenges (privacy, security, and trust) in Blockchain-based applications (2021): Siddharth M. Nair: 6 citations, SciSpace – Paper (2020), https://typeset.io/papers/issues-and-challenges-privacy-security-and-trust-in-5e8eq8expd (last visited Apr 17, 2024).

[14] Jessica Groopman, How to secure blockchain: 10 best practices: TechTarget Security (2023), https://www.techtarget.com/searchsecurity/tip/8-best-practices-for-blockchain-security (last visited Apr 17, 2024).

[15] Agnes Tcherneva, Are smart contracts legally binding? Here is all you should know INDUSTRIA (2023), https://www.industria.tech/blog/are-smart-contracts-legally-binding/#:~:text=While%20smart%20contracts%20could%20be,binded%20by%20a%20legal%20agreement (last visited Apr 18, 2024).

[16] Smart contract challenges | Hedera, https://hedera.com/learning/smart-contracts/smart-contract-challenges (last visited Apr 18, 2024).

[17] (PDF) challenges and common solutions in smart contract development, https://www.researchgate.net/publication/355021808_Challenges_and_Common_Solutions_in_Smart_Contract_Development (last visited Apr 18, 2024).

[18] The dao: What was the dao hack?, Gemini, https://www.gemini.com/cryptopedia/the-dao-hack-makerdao (last visited Apr 18, 2024).

[19] Sec. & exch. Comm’n v. Ripple Labs., 20 CIV. 10832 (at) | case text search + citator, https://casetext.com/case/sec-exch-commn-v-ripple-labs-28 (last visited Apr 18, 2024).

[20] Capital Markets Risk & Business Transformation authorfirstname:John|authorlastname:Boyle|authorjobtitle:Principal, Capital Markets Strategy and Business Transformation author first name: Mark |author last name: Nichols |author job title: Principal & Ernst & Young LLP|authorurl:/content/ey-unified-site/ey-com/local/us/en_us/home/people/profile-blueprint.people.html/content/dam/content-fragments/ey-unified-site/ey-com/people/en_us/m/michael-winter.html author first name: Michael |author last name: Winter |author job title: EY US-West Region Financial Services Risk Management Lead, Digital Asset Ecosystem: US Regulatory Licensing and registration EY, https://www.ey.com/en_us/insights/financial-services/navigating-digital-asset-risks-and-controls (last visited Apr 19, 2024).

[21] Digital Assets – Regulatory Framework and emerging legal trends, Legal Developments, https://www.legal500.com/developments/thought-leadership/digital-assets-regulatory-framework-and-emerging-legal-trends/#:~:text=The%20legal%20definition%20of%20digital,and%20Digital%20Token)%20Order%202019.&text=Governing%20Law-,Capital%20Markets%20and%20Services%20(Prescription%20of%20Securities)%20(Digital%20Currency,(the%20%E2%80%9COrder%E2%80%9D) (last visited Apr 19, 2024).

[22] Digital tokens: A legal perspective, WP/23/151, July 2023, https://www.imf.org/-/media/Files/Publications/WP/2023/English/wpiea2023151-print-pdf.ashx (last visited Apr 19, 2024).

[23] Cory Hymel, SEC classifies tokens as securities, is crypto regulation bad? Gigster (2023), https://gigster.com/blog/sec-classifies-tokens-as-securities-is-crypto-regulation-bad/ (last visited Apr 19, 2024).

[24] Art. 17 GDPR – right to erasure (‘right to be forgotten’), General Data Protection Regulation (GDPR) (2017), https://gdpr-info.eu/art-17-gdpr/ (last visited Apr 19, 2024).

[25] Kevin Werbach, Trust, but verify: Why the blockchain needs the law SSRN (2016), https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2844409 (last visited Apr 19, 2024).

Disclaimer: The materials provided herein are intended solely for informational purposes. Accessing or using the site or the materials does not establish an attorney-client relationship. The information presented on this site is not to be construed as legal or professional advice, and it should not be relied upon for such purposes or used as a substitute for advice from a licensed attorney in your state. Additionally, the viewpoint presented by the author is of a personal nature.