Photo of Jonathan Mollod

Jonathan Mollod

Subscribe to Jonathan Mollod's Posts

Jonathan P. Mollod is an attorney and content editor and a part of the firm’s Technology, Media and Telecommunications (TMT) Group. Jonathan earned his J.D. from Vanderbilt Law School. He focuses on issues involving technology, media, intellectual property and licensing issues and general online/tech law issues of the day.

Contact:Read more about Jonathan Mollod

This past summer, Ohio adopted legislation (SB220) that primarily provides for a legal safe harbor from certain data-breach related tort claims to covered entities that implement a specified cybersecurity program that “reasonably conforms” to a recognized cybersecurity framework for the protection of personal information and “restricted information” or comply with certain industry-specific federal privacy laws. This legislation is intended incentivize businesses to adopt heightened levels of cybersecurity through voluntary action.

Beyond cybersecurity, SB220 also includes language amending Ohio’s version of the Uniform Electronic Transactions Act (UETA) to incentivize blockchain investment and innovation in the state by allowing transactions recorded on the blockchain to be recognized under it. Ohio’s UETA generally stipulates that records or signatures may not be denied legal effect solely because they are in electronic form and that a contract may not be denied legal effect because an electronic record was used in its formation (a discussion of the extent to which any provision of Ohio’s UETA is preempted by the Federal E-Sign Act (15 U.S.C. § 7001) is beyond the scope of this post). In pertinent part, SB220 amends the definition of “electronic record” under the UETA to provide that “a record or contract that is secured through blockchain technology is considered to be in an electronic form and to be an electronic record.” It also amends the definition of “electronic signature” to clarify that a signature that is “secured through blockchain technology is considered to be in an electronic form and to be an electronic signature.” While one could argue that signatures secured using blockchain are already presumably valid under the UETA, such a law expressly takes up this issue and signals the state’s pro-blockchain stance.

In a notable ruling, a Massachusetts district court declined to dismiss a complaint filed by the Commodity Future Trading Commission (“CFTC”) against an entity over an alleged fraudulent virtual currency offering, ruling that cryptocurrencies fall under the definition of “commodity” under the Commodity Exchange Act (“CEA”) and therefore may be duly regulated by the CFTC. (CFTC v. My Big Coin Pay, Inc., No. 18-10077 (D. Mass. Sept. 26, 2018)). Given that the CFTC has stated its intention to actively police the virtual currency markets, this decision is important in reinforcing the CFTC’s legal authority and jurisdiction over cryptocurrency offerings. Moreover, given that earlier this year a New York district court affirmed the CFTC’s jurisdiction over virtual currencies, this latest ruling is additional precedent in this regulatory area.

In January 2018, the CFTC brought suit against the defendant My Big Coin Pay, Inc. (“My Big Coin”), creator of the My Big Coin virtual currency (“MBC”), alleging that it was engaged in a fraudulent “virtual currency scheme” in violation of the CEA and a CFTC implementing regulation banning fraud or manipulation in connection with the sale of a commodity (17 C.F.R. §180.1(a)). Specifically, the CFTC alleged that the defendants fraudulently solicited customers by making false claims about MBC’s value, usage and trade status, and false statements that the virtual currency was backed by gold. The defendants also told investors that MBC was being “actively traded” on several currency exchanges, but, according to the CFTC, My Big Coin made up and arbitrarily changed the price of the MBC virtual currency to mimic the fluctuations of a legitimate, actively-traded virtual currency. As asserted by the CFTC, the defendants allegedly misappropriated over $6 million from customers for personal gain. The court previously issued a restraining order freezing the defendants’ assets.

On June 14, 2018, the New York State Department of Financial Services (the “DFS”) announced that the agency granted a virtual currency license (or “BitLicense”) to bitcoin wallet and vault provider Xapo, Inc., and authorized the blockchain financial services company Paxos Trust Company LLC to expand their business to offer exchange and custodial services to cryptoassets beyond bitcoin. Days later, the DFS announced that it had approved the BitLicense application of financial services and mobile payment provider Square, Inc. (which already possessed a state money transmitter license and whose Cash App offers a method to trade bitcoin). These developments followed last month’s approval of Gemini Trust Company to provide additional virtual currency products and services (including custodial services and trading of Zcash, Litecoin and Bitcoin Cash). With the latest approval of Square, the DFS has granted a total of nine virtual currency charters or licenses.

When a smart contract coding vulnerability resulted in the Parity wallet “freeze” that compromised over $150 million worth of user funds, we discussed the pitfalls of unsecure code in the context of cryptoassets and the extent to which software developers might be held liable to their users for losses arising

Last July, the Uniform Law Commission completed a uniform model state law, known as the Uniform Regulation of Virtual-Currency Businesses Act (“URVCBA” or the “Act”) (Steve Weise participated in the preparation of the Act).  Currently, state regulation in the virtual currency space is carried out under a patchwork of laws that typically do not directly contemplate virtual currency and blockchain technology. Attempting to bring clarity as to which types of entities require state licensure and also to encourage responsible innovation in this emerging area, the URVCBA provides a statutory framework for the regulation of companies engaging in “virtual-currency business activity.”  After carefully defining which activities fall under the Act’s purview, the uniform law requires covered entities to make the typical financial and business disclosures in its application, and also contains numerous user and consumer protections, including certain enforcement powers by the relevant state authority.

The mission of the Uniform Law Commission is to draft state laws on topics where standardized regulation across state lines is practical (e.g., the Uniform Commercial Code (the “UCC”)). Gaining final approval in 2017, the Act has so far been introduced in Connecticut, Hawaii, and Nebraska