Security

Subscribe to Security

Have you ever wondered how blockchains can be considered secure even though hacks of cryptocurrency exchanges routinely make headlines?  Or whether distributing a permanent ledger to every participant in a network might run afoul of privacy laws and regulations?  Data security and privacy are frequently part of the conversation about blockchain and technology in general, and they raise complicated legal issues for practitioners and clients to consider.
Continue Reading An Overview of Blockchain Cybersecurity Risks and Issues

Imagine a world where you could easily register and claim ownership over your original creative works – from music to photos to blogs. Gone would be the days of seeing your work duplicated all over the internet without proper credit and having no way to prove ownership. With the use of blockchain technology, that world is not so far away. Distributed ledger technology promises to transform the way intellectual property rights are established and enforced – and the way IP creators are compensated.

Before joining Steptoe, I oversaw the Justice Department’s IP criminal enforcement program.  In that role, I worked closely with others in law enforcement and with the content industry – from film and television to publishing to music – in an effort to try to stop piracy and to ensure that artists and creators of all types of IP were protected.  At that time, the world was just beginning to hear about Bitcoin but had yet to discover the many other applications for blockchain technology that go far beyond digital currencies.

Today, however, as “blockchain” is on its way to becoming a household word, we’re poised for a revolution in the protection of all types of IP.  That’s because the blockchain can be used to control and track the distribution of protected IP.  By putting IP on the blockchain, creators would have an immutable, secure, time-stamped record of the creation and distribution of their works.  In addition, it can be used to establish and enforce licenses for IP through smart contracts and even to transmit payments in real-time to IP owners.

Continue Reading Can the Blockchain Block IP Theft?

One of the most intriguing uses of the blockchain may be the enhancement of identity solutions.

As we know, the blockchain offers enhancements over current mechanisms for creating and storing digital identities, such as security and resilience built in by design, a greater ability to control the uses of encrypted information, and the ability to provide standardization across a range of legacy IT systems.  But what does this actually mean for identity applications in different industries?

A lot, actually.  Identity validation for internet applications is a persistent problem.  As the New Yorker cartoon famously says, “On the Internet, nobody knows you’re a dog.”  Yet as we have seen, the use of fraudulent identity on the internet leads to mistrust in electronic transactions, a mistrust of the identity of individuals and organizations posting materials to social media, crowdsourced reviewing applications, and other sites, and an inability to take forward applications such as internet polling and voting.

Continue Reading Taking Control of Your Identity

This week, we will have a five-part series highlighting the legal issues presented by blockchain applications in a number of different industries. Today, we’re looking into the legal considerations of implementing the blockchain in the pharmaceutical industry.  Among other benefits, distributed ledger technology can help reduce sales of counterfeit drugs and improve supply chain management, increase the security of digital patient records, improve processing of health insurance claims, and enhance the reliability and accuracy of clinical trials.

One of the biggest problems in the pharmaceutical industry is the proliferation of counterfeit drugs, which are increasingly difficult to detect and regulate.  Sales of counterfeit pharmaceuticals are a billion-dollar business, and pharmaceutical companies invest enormous resources in sophisticated efforts to prevent and investigate counterfeiting of their products all over the globe.  But the impact of this problem goes far beyond dollars and cents – because it places consumers’ lives directly at risk.

Continue Reading This is Your Blockchain on Drugs…

The election cycle has reached its predictable fever pitch, and one issue receiving particular attention this year is the vulnerability of electronic voting systems to tampering, either intentionally (think hacking or voter fraud) or unintentionally (think hanging chads or lost ballots). Although it is unlikely that a consensus solution will be implemented in the near future, experts in both public and private sectors are advocating a technology upgrade for America’s voting systems, and blockchain technology may offer the best hope of eventually cyber-securing our elections.  Potential applications of blockchain technology are still in their infancy, but voting systems that adopt the technology may be able to provide significantly higher levels of certainty, transparency, and security, making elections much more efficient and much less susceptible to fraud, hacking, or simple human error.

An estimated 70 percent of states use some form of electronic voting, but aging technology has increased the susceptibility to insider manipulation and hacking. In one incident drawing national attention last year, Virginia decertified certain electronic voting machines, after state officials determined that the machines posed a serious risk of being compromised by hackers.  This year, experts have repeatedly demonstrated the ease with which some electronic voting machines can be tampered with.  Recent examples include a team at Symantec and Princeton professor Andrew Appel, both of whom conducted successful mock hacking exercises to illustrate the risks facing this year’s election.  In August, the Senate Homeland Security Committee warned that “a cyberattack by foreign actors on our elections systems could compromise the integrity of our voting process.”

Perhaps the most prominent election-related security breach this year, however, involved the release of Democratic National Committee and Clinton campaign emails obtained by hackers. Although not related to voting machines, these hacks demonstrate the risks posed by the growth of online voting, which is now offered by 32 states mostly for military and other citizens located abroad. In short, online voting exponentially increases the accessibility of the system, which exponentially increases the associated threats.  In fact, the Department of Homeland Security’s cyber-division has warned against the adoption of online voting for any elections at this time, due to risk of tampering and potential loss of voter privacy.

Continue Reading Is a Tamper-Proof Election Possible with the Blockchain?

Anyone who has tried to explain bitcoin around their kitchen table knows that it is not easy to put your finger on what exactly the technology is.  Because of their innovative nature, digital currencies don’t have obvious analogs or fit easily into existing categories.  Bitcoin is part currency, part digital payment system, and part immutable ledger.

This confusion is not merely academic.  How digital currencies are defined determines how they are regulated.  For instance, the Internal Revenue Service (IRS) determined that bitcoin is a form of property, not currency, for tax purposes.  The Commodity Futures Trading Commission (CFTC) labeled bitcoin a commodity.  Could the Securities and Exchange Commission (SEC) decide that bitcoin is a form of security?

Continue Reading Are Bitcoin and Other Digital Currencies Securities?

Following the attacks in Paris and San Bernardino, polls show that Americans identify terrorism—more than any other issue—as the most important problem facing the US.  In this environment, some media outlets have predicted a pending “crackdown” on digital currencies, particularly by European governments, because of the risk that the technology could be used to fund terrorism.

But do digital currencies like bitcoin actually pose a unique threat when it comes to funding terrorist networks?  Jason Weinstein published a post on Medium earlier this week—“Combating Bitcoin Use by Terrorists?”—that seeks to answer this question.

Continue Reading Bitcoin and Terrorist Financing

It’s only been about a week since New York’s outgoing Superintendent of Financial Services Ben Lawsky released the long-awaited “BitLicense” rules for digital currency businesses operating in New York, but it’s not too early to try to assess the potential impact of those rules on the development of Bitcoin-related businesses and emerging financial technologies.

The primary question on everyone’s mind: Are the BitLicense regulations – the product of a nearly two-year rulemaking process – good or bad for Bitcoin? The answer: A little of both. The truth is that the BitLicense rules are a mixed bag, and how you perceive them depends to some extent on whether your glass is half-full or half-empty.

Continue Reading Are New York’s BitLicense Rules Good or Bad for Bitcoin?