EU Data Act smart contract ‘kill switch’ brings uncertainty
On June 28, the European Council and Parliament achieved a political consensus on the Data Act, which moves the legislation regarding non-personal data closer to fruition.
Thierry Breton, European Union commissioner for the internal market, described the agreement in an X post as a “milestone in the reshaping the digital space.”
Another deal!
⁰Tonight’s agreement on the #DataAct is a milestone in reshaping the digital space.Thanks to the swift work of the EP @delcastillop & the Council Presidency, we are on the way of a thriving data economy that is innovative & open — on our conditions. pic.twitter.com/vTWUU8xTx9
— Thierry Breton (@ThierryBreton) June 27, 2023
The Data Act complements the Data Governance Act of November 2020 by clarifying who can create value from data and under which conditions. It stems from the European Strategy for Data, announced in February 2020, which also aims to position the EU as a regulatory frontrunner in the era of data-driven society.
The Data Act is part of the European Commission’s wider data strategy aimed at making Europe a global leader in the data-agile economy. In simple terms, the Data Act proposes new rules on who can access and use data generated in the EU across all economic sectors.
For the Data Act to become law, it must be approved by a vote of the European Parliament and the Council, which represent the bloc’s 27 member states. And once again, as with the Markets in Crypto-Assets (MiCA) regulation, the crypto sector is facing a major challenge. The problem raised by the new EU data law could permanently change the use of smart contracts in the European Economic Area (EEA) –– and not for the better.
Smart contract “kill switch”
The blockchain community is largely concerned about one provision in the Data Act, namely that automated data-sharing agreements contain a “kill switch” by which they could be terminated or halted in the event of a security breach.
Many blockchain experts contend that the current definition of smart contracts in the Data Act is broad, fearing it may lead to unintended consequences for existing smart contracts on public blockchains. For example, the text of the upcoming law doesn’t distinguish between just digital contracts and smart contracts utilizing distributed ledger technology.
But above all, the Data Act supposedly doesn’t give clear details about the conditions under which safe termination or interruption kill switch should occur, and it is hard to predict the potential outcomes with a higher degree of certainty. The smart contract architecture often doesn’t allow for termination or interruption, as blockchain technology is praised for being immutable and irreversible.
Recent: Crypto P2P scams in India show digital asset education is needed
The Data Act also doesn’t say exactly what a “data sharing agreement” is, and it doesn’t explain if the smart contracts currently ubiquitous in Web3 applications follow these kinds of agreements.
“By design, most of smart contracts don’t offer a termination or interruption feature and are often un-upgradable to ensure higher levels of protection from abusive behaviors,” Marina Markežič, executive director and co-founder of European Crypto Initiative, told Cointelegraph.
“The fact that smart contracts lack such features puts their use and development at risk. They may be perceived as inconsistent with regulatory requirements.”
“The problem is if the scope of Article 30 were to be extended beyond the application of smart contracts in this narrowly defined context, and on public permissionless networks. It becomes not only problematic but almost impossible for such protocols to comply,” he said.
Per Voloder, another concern is whether these rules could spill over into decentralized finance (DeFi). “As we do not have a DeFi regulation, this is a question that will need an answer over the next 18 months as the EC prepares its position on DeFi.”
Moreover, kill switches can have errors because of human mistakes and, in smart contracts in general, “as they are rigid, bounded information environments.” This rigidity, plus an automatic feature that triggers a certain outcome following strict rules, could lead to issues like locking up assets, shutting down protocols or even losing funds and important data, said Voloder.
A lot of uncertainty
The Data Act has rules for vendors of an app using smart contracts, or for people whose business involves deploying smart contracts.
According to Markežič, the Data Act might cause such vendors and deployers to be more cautious and consider whether their smart contracts in any way contain a data-sharing agreement. Apps might need to change how they work to meet these rules if their smart contracts share data.
But first, it’s crucial to understand who exactly needs to follow these rules, Markežič said:
Erwin Voloder, head of policy at the European Blockchain Association, told Cointelegraph that Article 30 of the Data Act applies when parties agree to share data using a smart contract, and this contract follows the rules. It should be fine if it’s only for that situation, especially when used on a controlled network where the Data Act’s safety stop can be used.
“Is the regulation even targeted toward DeFi platforms and protocols? […] It should be clarified under what circumstances the ‘access control’ is provided, what, who, why and how the ‘safe termination or interruption’ measure is triggered and how protocols prevent further abusive behavior thereof.”
Markežič stated that, in the past, some changes and terminations were made on a protocol layer as part of the overall governance mechanisms.
A kill switch on the level of a smart contract might lump projects and individuals into “a single point of failure, prescribed by the regulators.”
Therefore, it’s critical that regulators clarify who has the power to use this kill switch.
Crypto community across the globe reacts
The crypto community has already proposed some alternative solutions to bring more legal clarity to smart contracts.
In April 2023, Polygon had already penned an open letter suggesting how to improve Article 30, sating that lawmakers could apply these rules to enterprises only, excluding software and developers, and make clear that smart contracts aren’t “agreements” in and of themselves.
More recently, the European Crypto Initiative and numerous organizations, such as Stellar, Iota, Polygon, Near, Coinbase, Cardano and ConsenSys, have signed an open letter voicing their concerns regarding the Data Act and calling on lawmakers to reconsider and clarify certain aspects.
We called on lawmakers to reconsider and clarify certain aspects of the #DataAct in our Open Letter, written with other 5 organisations and 55 signatories ✉️https://t.co/37IrdSsFXC
— European Crypto Initiative (@EuCInitiative) August 8, 2023
They argued that the Data Act could potentially clash with the recently agreed MiCA regulation. MiCA, which will come into force in 2024, provides a license for crypto exchanges and wallet providers to operate throughout the EU.
They further claim that European lawmakers deliberately sidestepped the more complex issue of decentralized financial regulation –– an issue the Commission will need to revisit in the coming years.
More harm than good?
The trialogue on the Data Act has been completed, and this means that the text has reached its final version and is likely to be enacted in its current form.
According to Markežič, the new law could affect the European crypto industry and businesses that want to operate in the EU, stating that the Data Act doesn’t give clear details about what use cases the new rules apply to, and that makes the whole industry unsure about what to expect. And this is just the first step in the direction of regulating smart contracts, setting a precedent for forthcoming actions, she said.
Magazine: Should we ban ransomware payments? It’s an attractive but dangerous idea
The next important step for the community is to work closely with European standardization groups. These groups are responsible for creating the standards that vendors and developers of smart contracts should follow when making agreements to share data, especially given that these vendors will need to make sure their smart contracts broadly align with the scope of Article 30.
According to Voloder, if the Data Act is extended to public networks, it could mean companies leaving the EU, at worst, and “otherwise being pigeonholed into a narrow development trajectory of smart contracts in the best case.”
“The result is capital flight, stifled innovation and a floundering blockchain industry in Europe. At a time when Europe is at the vanguard of the regulatory apex, the timing of such an outcome would be most inopportune.”
In what he said would be his last remarks as CFTC chair, Rostin Behnam said he intended to advocate for the commission to address regulatory challenges over digital assets.
A Tory bid to launch a new national inquiry into the grooming gangs scandal has been voted down by MPs amid criticism of “political game playing”.
MPs rejected the amendment to the Children’s Wellbeing Bill by 364 to 111, a majority of 253.
However, even if the Commons had supported the measure, it wouldn’t have actually forced the government to open the desired inquiry, due to parliamentary procedure.
Instead, it would have killed the government’s legislation, the aim of which is to reform things like the children’s care system and raise educational standards in schools.
Follow politics latest: Reaction to vote
Tonight’s vote was largely symbolic – aimed at putting pressure on Labour following days of headlines after comments by Elon Musk brought grooming gangs back into the spotlight.
The world’s richest man has hit out at Sir Keir Starmer and safeguarding minister Jess Phillips, after she rejected a new national inquiry into child sexual exploitation in Oldham, saying this should be done at a local level instead.
The Tories also previously said an Oldham inquiry should be done locally and in 2015 commissioned a seven-year national inquiry into child sex abuse, led by Professor Alexis Jay, which looked at grooming gangs.
However, they didn’t implement any of its recommendations while in office – and Sir Keir has vowed to do so instead of launching a fresh investigation into the subject.
Jess Phillips exclusive:
Victims can have inquiry if they want one
The division list showed no Labour MPs voted in favour of the Conservative amendment.
Those who backed the proposal include all of Reform’s five MPs and 101 Tory MPs – though some senior figures, including former prime minister Rishi Sunak and former home secretaries James Cleverly and Suella Braverman, were recorded as not voting.
The Liberal Democrats abstained.
Speaking to Sophy Ridge on the Politics Hub before the vote, education minister Stephen Morgan condemned “political game playing”.
“What we’re seeing from the Conservatives is a wrecking amendment which would basically allow this bill not to go any further,” he said.
“That’s political game playing and not what I think victims want. Victims want to see meaningful change.”
As well as the Jay review, a number of local inquiries were also carried out, including in Telford and Rotherham.
Please use Chrome browser for a more accessible video player
Grooming gangs: What happened?
Speaking earlier in the day at PMQs, Sir Keir Starmer accused Conservative leader Kemi Badenoch of “jumping on the bandwagon” after Mr Musk’s intervention and spreading “lies and misinformation”.
Referring to her time in government as children’s and equalities minister, the prime minister said: “I can’t recall her once raising this issue in the House, once calling for a national inquiry.”
He also said having spoken to victims of grooming gangs this morning, “they were clear they want action now, not the delay of a further inquiry”.
Ms Badenoch has argued that the public will start to “worry about a cover-up” if the prime minister resists calls for a national inquiry, and said no one has yet “joined up the dots” on grooming.
Girls as young as 11 were groomed and raped across a number of towns in England – including Oldham, Rochdale, Rotherham and Telford – over a decade ago in a national scandal that was exposed in 2013.
There is a critical need for a comprehensive, responsible AI approach to address privacy, security, bias and accountability challenges in the emerging agentic economy.
-
Sports2 years ago‘Storybook stuff’: Inside the night Bryce Harper sent the Phillies to the World Series
-
Sports9 months agoStory injured on diving stop, exits Red Sox game
-
Sports1 year agoGame 1 of WS least-watched in recorded history
-
Sports2 years agoMLB Rank 2023: Ranking baseball’s top 100 players
-
Sports3 years ago
Team Europe easily wins 4th straight Laver Cup
-
Environment2 years agoJapan and South Korea have a lot at stake in a free and open South China Sea
-
Environment2 years agoGame-changing Lectric XPedition launched as affordable electric cargo bike
-
Business2 years agoBank of England’s extraordinary response to government policy is almost unthinkable | Ed Conway