Blockchain Bites: UK fixes ‘travel rule’ plans for crypto, Texas Judge’s Testament to Treasury’s Toppling of Tornado Cash, CBDC pilot cites potential innovation benefits, US judge appraises AI artistry and finds copyright lacking, Google’s Group Policy Grants Gaming with NFT integration


Authors: Michael Bacina, Steven Pettigrove, Jake Huang, Kelly Kim, Luke Higgins

Service: Blockchain | FinTech
Sector: Financial Services | IT & Telecommunications

Michael Bacina, Steven Pettigrove, Luke Higgins, Jake Huang and Kelly Kim of the Piper Alderman Blockchain Group bring you the latest legal, regulatory and project updates in Blockchain and Digital Law.

UK fixes ‘travel rule’ plans for crypto

From 1 September 2023, crypto-asset businesses in the UK will be required to collect, verify and share information about crypto-asset transfers, known as the ‘travel rule’.

In advance of implementation, the UK’s leading financial services regulator, the Financial Conduct Authority (FCA), together with HM Treasury and the Joint Money Laundering Steering Group (JMLSG), have published draft guidance for implementation of the travel rule. The JMLSG is a UK-based private sector body made up of the leading UK Trade Associations in the financial services industry. The guidance is open for public comment until 25 August 2023.

The Money Laundering and Terrorist Financing (Amendment) (No. 2) Regulations 2022 introduced the travel rule for crypto-asset transfers by amending the UK’s Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017. The travel rule effectively requires crypto-asset businesses (like exchanges and wallet providers) to obtain, hold and exchange information regarding the originator and beneficiary of crypto-asset transfers.

The draft guidance issued by the JMLSG addresses a number of practical problems relating to the implementation of the ‘travel rule’ for digital assets. It addresses batch transfers, returns, unhosted wallet transfers, linked transactions, and the use of Layer-2 solutions such as the Lightning Network. While the guidance requires that originator and beneficiary information accompany crypto-assets transfers, nothing in the guidance indicates that such information must be shared on-chain addressing potential privacy concerns.

Although the guidance is issued by a private sector body and therefore not legally binding, it has the approval of His Majesty’s Treasury and is indicative of the regulator’s expectations for travel rule implementation.

The application of the travel rule to certain blockchain interactions (including Layer-2 solutions) has been a grey area since the Financial Action Task Force (FATF) first introduced its recommendations to implement the travel rule for digital assets. The JMLSG’s guidance clarifies a number of these matters in the context of UK implementation and will be influential as other jurisdictions move to implement the travel rule for digital assets.

Patrick Hansen, Director of EU Strategy & Policy at Circle, tweeted the following in support of the JMLSG’s guidance:

In April this year, the Australian government announced its intention to designate a wider range of crypto-asset related services as designated services under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) and implement the travel rule consistent with FATF recommendations. Once implemented, it is likely that digital currency exchanges and other crypto-asset businesses operating in Australia will need to take additional steps to collect and verify payer and payee information and share that information along the payment chain.

Although no draft legislation or timeline for implementation of the travel rule has been released for Australia, it is likely that the UK’s approach to implementation will be highly influential.

Texas Judge’s Testament to Treasury’s Toppling of Tornado Cash

On 17 August 2023, the United States District Court for the Western District of Texas sided with the US Treasury in a lawsuit disputing the Treasury’s authority to impose sanctions on the cryptocurrency mixer, Tornado Cash.

Cryptocurrency mixers, or ‘tumblers’, are services that mix users’ cryptocurrencies together to allow users to transact on the blockchain while protecting their privacy. Mixers like Tornado Cash achieve this by pooling cryptocurrencies deposited by many users. The mixed funds can then be withdrawn by users to fresh digital wallets (i.e. unused wallets with no transaction history). Cryptocurrency mixers can also be exploited by bad actors seeking to obfuscate the transfer of illicit funds.

Tornado Cash was officially sanctioned by the US Treasury in August 2022, on the basis that Tornado Cash had indiscriminately facilitated illicit uses of the application, such as money laundering, tax evasion, and terrorism financing. The Treasury specifically cited Tornado Cash’ use by the Lazarus Group, a North Korean state-sponsored hacking group, to launder hundreds of millions of dollars worth of virtual currency.

In a legal challenge brought by six individuals who alleged that the US Treasury’s action to sanction Tornado Cash violated the First Amendment, arguing that they were denied the ability to engage in “socially valuable speech” as they would have used Tornado Cash to make anonymous donations to important social and political causes.

US District Judge Robert Pitman sided with the US Treasury on all of its arguments and granted summary judgment in the case, affirming that the Treasury was entitled to designate Tornado Cash under US sanctions regulations.

Justice Pitman raised several significant points in his judgment, in particular that:

  1. the Tornado Cash protocol operated as an “association”, comprising its founders, developers and its DAO, and therefore can be properly sanctioned as an “entity” under the International Emergency Economic Powers Act;
  2. the smart contracts deployed by Tornado Cash constituted “property” being “a code-enabled species of unilateral contracts” and are therefore potentially subject to sanctions under the Treasury’s broad regulatory definitions;
  3. Tornado Cash had a beneficial interest in the deployed smart contracts because they provided it with a means of control and use of crypto-assets (from which the smart contracts could generate fees for the DAO). In so finding, the Court explicitly rejected the assertion that the smart contracts were “abstract and ownerless”;
  4. the Court was not sufficiently persuaded that OFAC’s action in any way implicated First Amendment protections on free speech. Specifically, the Court held that the government had not imposed general restrictions on interacting with open source code, only the use of the code in question to conduct transactions; and
  5. The plaintiffs have waived their claim that their inability to access Ether (the native cryptocurrency of the Ethereum blockchain) trapped in a Tornado Cash smart contract pool violated the Fifth Amendment (which protects individuals from having their property seized by the government without compensation).

Paul Grewal, the chief legal officer of cryptocurrency giant Coinbase, tweeted his support of the plaintiffs’ claims in a series of posts:

Amid the clash between blockchain based innovations and existing regulation, Justice Pitman’s decision again highlights that the Courts may adopt novel or broad approaches in seeking to attribute responsibility to persons involved in the development of open source code, smart contracts and DAOs. In this case, the Court sided with the US Treasury’s view that Tornado Cash was an association of persons, rather than autonomous software. It remains to be seen whether the Plaintiffs will appeal the decision.

Blockchain businesses in the meantime need to be carefully advised to meet their compliance obligations, particularly in relation to the application of financial services and sanctions laws. The broader questions raised by this case over privacy as a human right are likely to remain a subject of intense debate.

Aussie CBDC pilot cites potential innovation benefits

The Reserve Bank of Australia (RBA) and Digital Finance Co-operative Research Centre (DFCRC) have released their final report on the findings from their recently completed central bank digital currency (CBDC) pilot.

The 44-page report summarizes the 15 use cases explored in the pilot program and identified four primary ways in which Australia’s payment system could benefit from a CBDC:

  1. enabling ‘smarter’ payments by taking advantage of the automation inherent to smart contracts;
  2. supporting innovation in asset markets e.g. the tokenisation of financial and real-world assets by allowing these tokenised assets to be used for the atomic settlement of transactions;
  3. promoting private digital money innovation by improving the interoperability and transposability across different kinds of private money e.g. tokenised bank deposits and liabilities; and
  4. enhancing resilience and inclusion in the digital economy by providing households and businesses with an alternative way to make electronic payments.

The report also includes a number of legal and regulatory findings. The pilot CBDC (the e-AUD) was structured as a contractual liability of the RBA rather than under a legislative framework, meaning there was inherent uncertainty about its legal status and regulatory treatment. A number of participants were uncertain if they were providing custody services or dealing in a regulated financial product by holding or dealing in the pilot CBDC. The report noted that these issues would ordinarily be anticipated and resolved in any legal and regulatory reforms that accompany the issuance of a CBDC.

Industry participants also noted how difficult it was to correlate the existing regulatory regime to their use case (as opposed to the actual pilot CBDC itself). These issues primarily related to the legal and regulatory treatment of digital assets, in particular whether they constituted ‘financial products’ under the Corporations Act 2001. Concerns were also raised by participants regarding taxation and the applicability of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006.

The pilot nevertheless underscored the potential for new business models enabled by CBDC to emerge in the future while noting the need for potential regulatory adjustments to accommodate those business models. The report also recommends that consideration be given to establishing regulatory sandboxes to enable future industry experimentation and testing of new financial products and services.

The report notes that while the introduction of a CBDC could improve the payments system and overall financial infrastructure of Australia, it concedes that many benefits proposed in the use cases could be achieved in other ways (e.g. by using privately issued tokenised bank deposits or asset-backed stablecoins).

Noting the recent developments and efforts by Australian regulators and legislators (see Treasury’s token mapping consultation paper, the government’s plan to improve the existing payment system, and the ATO’s promise to release additional guidance by December 2023), the report emphasised the importance of the research to inform future analysis and regulatory enhancement.

The findings from this project, alongside other policy work on CBDC, should help to inform future analysis of the legal implications of using a CBDC, and regulatory enhancements that may be considered to enable responsible entities with new business models to operate with appropriate regulatory oversight.

In summary, the report highlights the industry-changing potential of distributed ledger technology and will likely be seen as boost to further research and development work to assess the benefits of an Australian CBDC.

US judge appraises AI artistry, finds copyright lacking

A Washington DC court has ruled that works of art created by artificial intelligence without any human input cannot be copyrighted under US law.

On 18 August 2023, US District Judge Beryl Howell affirmed the decision of the US Copyright Office to reject an application filed by well-known computer scientist and AI-specialist, Stephen Thaler. Judge Howell’s decision made it clear that copyright can only be attributed to works involving a human author. As noted below, what that means in the context of generative AI will likely fall to be determined in future litigation.

The applications were made by Mr Thaler for artworks created by his Creativity Machine. In his copyright application, Mr Thaler claimed that the works in question had been created autonomously by AI and lacked human authorship, but argued that he should properly be attributed as the author of those works.

The single legal question that fell to be determined was whether a work generated autonomously by a computer falls under the protection of US copyright law upon its creation. Judge Howell found that it does not and, unfortunately for Mr Thaler, on procedural grounds, excluded newly raised arguments noting Mr Thaler’s role in developing and prompting the Creativity Machine.

Friday’s loss was not the first for Mr Thaler, who earlier this year failed in his challenge to the US Patent and Trademark Office’s refusal to issue patents for inventions that his DABUS system created which included a beverage holder and emergency light beacon. DABUS is short for Device for the Autonomous Bootstrapping of Unified Sentience.

In February this year, the US Copyright Office also rejected an artist’s bid for copyrights in artworks generated through the generative AI system ‘Midjourney’, despite the artist’s arguments that the program was simply part of their creative process. In distinguishing how the software was different to other programs used by artists (like Adobe Photoshop), the Copyright Office contended that Midjourney’s specific output could not be predicted by users making it different to other tools for copyright purposes.

In this case, Judge Howell noted that although the rapidly evolving field of generative AI has raised several intriguing intellectual property issues, this case was straightforward in that ‘human authorship’ was a bedrock requirement of copyright based on centuries of precedent. However, she also noted that:

We are approaching new frontiers in copyright as artists put AI in their toolbox. The increased attenuation of human creativity from the actual generation of the final work will prompt challenging questions regarding how much human input is necessary to qualify the user of an AI system as an “author” of a generated work, the scope of the protection obtained over the resultant image, how to assess the originality of AI-generated works where the systems may have been trained on unknown pre-existing works, how copyright might best be used to incentivize creative works involving AI, and more

Accordingly, it remains to be determined whether copyright may apply in AI-generated works which involve a degree of human prompting or under foreign laws.

AI has been identified as a critical technology in Australia’s national interest by the Department of Industry, Science and Resources (DISR). The DISR recently released the ‘Safe and responsible AI in Australia’ discussion paper, which aims to support the adoption of fast-paced technologies like AI for Australian business whilst mitigating the potential legal and commercial risks associated with the technology.

The rapidly evolving AI landscape presents significant opportunities as well as uncertainties. As new technologies or ways of working and doing business arise with AI, it is important for artists (and for anyone working with AI) to engage with AI in a considered manner noting the potential legal risks. A consideration of how to address and mitigate these risks will be an important part of any go-to-market strategy.

Google’s Gamble: Group Policy Grants Gaming with Ground-breaking NFT integration!

Google Play’s group product manager Joseph Mills announced on 12 July 2023 that the app store policy has been updated to enable developers to integrate NFTs and other tokenized digital assets into their apps, to better facilitate blockchain-based applications. Importantly, the revised policy promotes user transparency and prohibits developers from glamorising ‘any potential earning from playing or trading activities’. Mills emphasised that applications noncompliant with Google’s Real-Money Gambling, Games and Contests policy or other requirements cannot profit from or offer ‘blockchain-based items’.

Key changes introduced include:

  • Ban on apps that facilitate cryptomining on devices
  • Checks on compliance with regulatory or licensing requirements
  • Transparency and declaration requirements for distributing tokenized digital assets
  • Additional eligibility requirements for NFT gamification

The new policy was developed in a partnership with the social news site Reddit and incorporates feedback from ‘close consultation with app and game developers’ to:

Provide a platform for developers to thrive with innovation and build more enriched, immersive experiences for users

Google has previously acknowledged the ‘tremendous potential’ of Web3 and has been continuing its efforts to boost support for web3 in line with customer requests. In 2022, Google announced plans to develop a Web3 team and assembled an internal blockchain specialist team dedicated to exploring blockchain opportunities for Google. With Google Play being home to a diverse range of blockchain related apps already, the changes are expected to greatly expand offerings to ‘create more engaging and immersive digital experiences with tokenized digital assets’.

The company’s willingness to collaborate with more industry partners to further enrich support of the blockchain technology in the future is in stark contrast with Apple’s hesitant approach. Apple has imposed rules to restrict user interactions with NFTs through their apps and has maintained that NFT purchases can only be made through their in-app payment system.

The recent changes demonstrate Google Play’s ambition to reconceptualize ‘traditional games with user-owned content to boosting user loyalty’, in line with the increasing importance of user ownership in Web3.0 gaming. While the new policy awaits testing by a select group of developers, it will be effective from December 7 2023.

The preview of the upcoming Blockchain-based Content policy is available here.