EU

Subscribe to EU

On November 30, 2022, amidst the tumult roiling the cryptocurrency industry following the latest collapse of a major crypto exchange and its reverberations throughout the crypto economy, European Central Bank (ECB) Director General Ulrich Bindseil and Adviser Jürgen Schaaf published a post on the ECB Blog, “Bitcoin’s last stand,” declaiming that Bitcoin “has never been used to any significant extent for legal real-world transactions” and that its market valuation is “based purely on speculation” and, on top of that, “the Bitcoin system is an unprecedented polluter.”  The scathing rebuke of Bitcoin, the largest crypto asset by market cap, was hurled at what the ECB officials see as Bitcoin’s technological shortcomings that make it “questionable as a means of payment” and “rarely used for legal transactions,” given that real Bitcoin transactions are “cumbersome, slow and expensive.” With the current price of Bitcoin having fallen since it peak of $69K in November 2021, the ECB officials described its current price (below $20K) as “an artificially induced last gasp before the road to irrelevance.” The remarks echo statements made by Fabio Panetta, Member of the Executive Board of the ECB, back in April 2022 where he decried the entire “crypto gamble,” seeing crypto-assets as “bringing about instability and insecurity – the exact opposite of what they promised.” (See also recent statements by a Bank of England deputy governor noting that cryptocurrency was a “gamble” that needs to be regulated similar to the traditional financial sector, echoing his own remarks from November 2022 that urged “bringing the activities of the crypto world within the relevant regulatory frameworks”).

In a speech given this week at Columbia University by Fabio Panetta, Member of the Executive Board of the European Central Bank (ECB), he decried the entire “crypto gamble,” seeing crypto-assets as “bringing about instability and insecurity – the exact opposite of what they promised” and calling for tighter regulation in the EU (and coordination with international partners) to curb the financial and associated risks from crypto-assets.

Panetta’s speech (entitled “For a few cryptos more: the Wild West of crypto finance”) evoked remarks made by SEC Chair Gary Gensler back in August 2021 that labeled crypto the “Wild West” and requested Congress give the Commission more authority “to write rules for and attach guardrails to crypto trading and lending” that would boost consumer trust and allow the industry to prosper.  Panetta’s scathing broadside was lobbed against what he sees as the risky, seamier side of crypto – the speculative fervor and greed, the high volatility of crypto markets, the facilitation of criminal financial activity, the lack of adequate disclosures, the largely unregulated or “insufficiently supervised” cryptocurrency miners and service providers, and other un- or under-regulated aspects of the “crypto bubble” that, if left ignored, could pose risks to financial stability (citing the sub-prime mortgage market that triggered the last global financial crisis). While far more strident in tone than President Biden’s March 2022 executive order, Panetta’s speech similarly articulated a high-level strategy for regulating and fostering innovation in the burgeoning digital assets space and pushed for central banks to move more quickly to develop central bank digital currencies (CBDCs) and “respond to the people’s growing demand for digital assets and a digital currency by making sovereign money fit for the digital age” or else sit by as the private sector satisfies this demand.

Taking a wide view, Fabio Panetta’s remarks, coupled with the multiple crypto-related regulatory developments ongoing both in the EU and U.S., suggest that some changes are afoot for the crypto industry. While there has been some industry-friendly legislation at the state level in recent years to encourage innovation, at the federal level it seems that the honeymoon period of light touch or no regulation (or largely, regulation by agency enforcement) for the crypto industry is over. Innovation in this space continues at a furious pace at the same time as regulators are slowly gaining experience and expertise about the public policy and investor risks surrounding crypto-assets. Thus, providers should expect more scrutiny and additional compliance hurdles going forward, as multiple regulators have stated that the lasting innovations and societal benefits of cryptocurrencies and DeFi applications can only occur alongside responsible regulation. Panetta stated that pulling off such responsible oversight will not be easy, as there will be “complex trade-offs, balancing the goals of promoting innovation, preserving financial stability and ensuring consumer protection.”

On February 19, 2020, the European Commission (Commission) released a communication entitled “A European strategy for data”. It lays out a vision for a “European data space” and a plan – through legislation, technical standards and public-private initiatives – for the EU to become a future leader in

Uncertainty regarding the compatibility of blockchain technology and the European Union’s General Data Protection Regulation (GDPR) has often been highlighted as a potential obstacle to the development and widespread implementation of blockchain systems involving personal data.

To address tensions between blockchain technology and the GDPR, Commission Nationale de l’Informatique et des Libertés (CNIL), the French data protection regulator, published an initial report analyzing certain fundamental questions regarding the interaction between blockchain technology and the GDPR’s requirements (the “Report”). The Report was the first guidance issued by a European data protection regulator on this topic.

CNIL’s Approach to Identifying Blockchain Data Controllers and Data Processors

The Report highlights the challenges of identifying data controllers and data processors in the blockchain context – an important distinction that determines which set of regulatory obligations applies.

In discussing the likely classification of the various types of persons and entities involved in a blockchain, the CNIL primarily distinguished between (i) participants (i.e., those who transact on the blockchain) that have the ability to determine what data will be entered into a blockchain or have permission to write on it or cause data to be written to it, and (ii) miners or other validators (i.e., those who do not transact and instead validate transactions submitted by participants). The CNIL also provided an analysis as to how to classify smart contract developers and natural persons who enter personal data in a blockchain, distinguishing, with respect to the latter, between those engaging in personal or household activities and those engaging in professional or commercial activities.

The effective date of the EU’s General Data Protection Regulation (GDPR) is fast approaching (May 25, 2018), and its impacts are already being felt across various industries. Specifically, the conflicts between the GDPR and the technical realities of blockchains raise important legal considerations for companies seeking to implement blockchain solutions