With the rise of new technologies like Web3, AI, DeFI, we often come across the question whether there is a way around to avoid involving legal professionals? To cut the answer short, NO – legal support is needed, and it is recommended to have such support from the outset and not just before the launch of a project. Why is that?
From Web1 (read only) to Web2 (read-write) to Web3 (read-write-own) we are witnessing the surpassing evolutionary path of the Web. Web3 introduces a paradigm shift, encompassing the internet as a database, digital convergence, and the semantic Web. Coined by computer scientist Gavin Wood in 2014, Web3 redefines the internet by embracing decentralization, novel protocols, and revolutionary blockchain technology. This challenges not just the traditional model of centralized service providers, but the legal landscape as well.
Switzerland is known for its favorable regulatory framework regarding blockchain and distributed ledger technology (“DLT”). Both, the Swiss federal government as well as the Swiss Financial Market Supervisory Authority (“FINMA”) have embraced a generally supportive approach to foster innovation while maintaining a solid level of consumer protection and mitigating risks associated with digital assets.
With Web3 being decentralized and borderless, many participants expect to be in an unregulated space, free of rules dictated and enforced by governments and hence free of the need of legal support. In reality, the opposite may be the case. Here is a list of a few potential issues you might want to pay attention to:
- Jurisdiction and enforcement
Jurisdiction and enforcement in decentralized environments pose significant challenges. Figuring out which laws to apply when the blockchain spans through multiple jurisdictions poses a continuous challenge among legal experts and as such it always requires a case-by-case analysis.
- Ownership
Furthermore, the ownership and control of virtual assets are critical considerations. Determining who has the right to use, transfer, and profit from digital assets with real-world value is essential. For example, in the case of NFTs, there is often the misconception between ownership of the token vs. ownership over the content of the token.
- Civil law and intellectual property (“IP”) rights
Accordingly, failure to comply with civil law may result in the inability to enforce contracts with the outside world and the lack of appropriate licenses and registrations may result in IP infringements or users not having the necessary intellectual property rights.
- Data privacy and security
Close attention is required also in the field of data privacy and security. As personal data might be shared and stored in decentralized systems, the lack of centralized authority makes it difficult to determine where and how the data is stored, processed, and used. It also makes it difficult to identify the participants. Accordingly, decentralized systems are more vulnerable to data breaches and unauthorized access than centralized systems. Reason why data privacy and robust security measures should be implemented by default from the outset of the project.
- Anti-Money Laundering (“AML”) and Know Your Client (“KYC”)
AML and KYC regulations also apply to cryptocurrency exchanges and other virtual asset service providers. These entities are required to conduct customer due diligence, monitor transactions for suspicious activities, and report any suspicious transactions to the relevant authorities. Non-compliance with AML regulations results not only in criminal charges, but can also open the door to legal penalties, business restrictions, as well as to reputational damages and financial losses.
- Regulatory landscape
To figure out whether financial regulations apply, businesses need to first classify their tokens and the activities they want to engage in (e.g., issuing of tokens, deposit taking, trading, custody services). As part of its efforts to promote innovation and provide guidance, FINMA has issued guidelines to help distinguish different categories of tokens, in order to assess the applicability of regulatory requirements. Asset Tokens promise, for example, a share in future company earnings or future capital flows. Payment Tokens (synonymous with cryptocurrencies like Bitcoin) are tokens which are intended to be used as a means of payment for acquiring goods or services or as a means of money or value transfer and Utility Tokens (like Ethereum’s gas token) are intended to provide access to an application or service by means of a blockchain-based infrastructure. A case-by-case analysis of the token characteristics and planned activities is therefore required in order to determine whether any financial market license is needed under Swiss law. Failure to comply with regulatory laws may result in enforcement actions and fines, as well as potential further lawsuits.
In conclusion, it is without any doubt that the development of Web3 brings both opportunities and risks. Businesses must consider whether to comply with all applicable laws or establish a specific governing law and jurisdiction. These questions require careful analysis before launching a product or service. Addressing these issues is vital for navigating the Web3 landscape, mitigating legal and reputational risks, and safeguarding participants from enforcement actions and liabilities. To foster trust and accountability, it is advisable for businesses to seek legal guidance from the beginning rather than only after product launch. By doing so, you can establish a solid foundation and ensure compliance in the evolving Web3 environment.
_________________________________
Authors
Timea Nagy, Sibil Melliger, Paula Zimmermann, Margherita Bandirali