Wendy Gross, Simon Hodgett, Sam Ip
Dec 13, 2017
This past year saw the acceleration of transformational technologies that are increasingly impacting businesses as well as broader society. These technological developments and, more generally, the renewed and increasing pace of technological change, present tremendous opportunities for businesses.
By far the most significant headline-grabbing development in 2017 relates to the stunning rise of Blockchain. In general terms, Blockchains are a special type of database (or ledger) that can only be appended to and distributed over peer-to-peer networks, and supported by cryptography. When sufficiently widely deployed, Blockchain is virtually impervious to being overwritten. These attributes make Blockchain an ideal platform to facilitate the direct disbursements of value or to store and execute computer code that forms part of an agreement between parties (referred to as “smart contracts”).
The rise of Blockchain and its potential to become a transformational technology has been compared to the advent of the internet and the worldwide web. Some of this interest is driven by the growth in alternative fundraising through “initial coin offerings” and the exponential rise in the value of the crypto-currency Bitcoin. But beyond alternative fundraising and crypto-currency, the technology has the potential to dramatically transform practices in significant segments of the economy.
Among other things, Blockchain displaces intermediaries that previously acted as central authorities in a wide range of transactions. For example, in the case of international money transfers, Blockchain technology can decentralize many of the traditional centralized payment systems required to facilitate such transfers. It can facilitate the transfer of value across borders almost instantaneously without the participation of a traditional intermediary such as a bank. Another popular use is to securely trace products as they make their way through complex supply chains. This facilitates origin tracing and the ability to recall for product safety issues.
Transformational technologies often create a period of uncertainty with respect to how legal frameworks will respond and adapt. Many such questions remain in connection with Blockchain, including with respect to risk management, best contracting approaches, privacy and security protection, jurisdiction, taxation and governance. Here are a few emerging issues to watch:
Standards are developing to assist with the proliferation and adoption of Blockchain technology. For example, the ISO/TC 307 Committee that was approved by the International Standards Organization in 2016 held its first meeting to discuss the ISO/TC 307 standard for Blockchain. This standard is expected to specify, among other things, a reference Blockchain architecture, how identity is handled, and consistent Blockchain terminology. In addition, there is a drive to establish certain Blockchain implementations as the de facto standard for the enterprise. For example, the Linux Foundation has launched Hyperledger Fabric v.1.0 and positioned the release as the leading Blockchain platform for business and enterprise application.
Enforceability of smart contracts
While in theory smart contracts “self execute,” it is unclear whether they are universally legally enforceable. There has been legislative activity this year in some jurisdictions with respect to enforceability of smart contracts, including in the state of Arizona. In addition, we have started to see examples of smart contract practices that mitigate enforceability risks (e.g., split-contract models, where terms essential for legal compliance are presented to individuals outside of the Blockchain but linked to the smart contract residing on a Blockchain).
Privacy and security
Blockchain presents risks and opportunities for privacy and security management. Strong cryptography and the ability to manage permissions and access to information present obvious opportunities to manage consent requirements and to address how information is used. Conversely, the fact that Blockchain entries are both widely distributed and immutable creates risks of non-compliant distribution of personal information and confidential data, as well as significant challenges in correcting and mitigating such breaches when they occur. In recognition of these concerns, Vitalik Buterin, co-founder of the Ethereum (one of the prevailing Blockchain platforms for smart contracts), unveiled plans for “Ethereum 2.0,” the next-generation version of Ethereum that is designed specifically to address these concerns, among others.
Licensing issues during implementation
The prevailing Blockchain implementations are open source, meaning that the source code is free to download and inspect. There are significant benefits derived from this community-based development approach. Open-source licensing can create complexities, however. For example, some open-source licences require, as a condition of use, that all modifications are disclosed when the work product is distributed. On the other hand, other licences are difficult to comply with in conjunction with other licensing models, such as those required by widely used app stores.
Looking ahead in 2018, we expect the Blockchain ecosystem to mature at an accelerating rate. Focus will likely turn from crypto-currencies and tokens to smart contracts, with a disruptive impact on a variety of sectors, such as financial services and supply chains. The legal framework may have to quickly adapt to accommodate regulatory issues presented by the proliferation of these technologies, challenging businesses to quickly familiarize themselves with the rapidly changing landscape.
Cloud computing is the provision of computing resources on a utility model from large, highly sophisticated data centres. Over the past year, cloud computing has continued to extend into more and more enterprises and is on its way to becoming the dominant form of delivery of computing resources and applications. Its wide availability, easy scalability and relative low cost has, among other things, fuelled the rise of a vigorous technology start-up community in Canada and elsewhere. In addition, larger enterprises that formerly maintained extensive data centre assets are now increasingly looking to cloud computing to introduce efficiencies and cost savings.
This year saw the continuation of a trend whereby cloud computing providers invested in significant infrastructure in Canada, adding to their ability to provide certainty regarding the location from which services will be provided. This has resulted in a greater willingness of sectors previously wary of cloud computing, such as financial services, government and health care, to entertain the prospect of moving to the cloud.
There are a number of issues clients need to consider before they use cloud computing services. For clients in regulated industries such as financial institutions in Canada, the B-10 Guideline of the Office of the Superintendent for Financial Institutions (OSFI) includes certain requirements such as location of service, required audit rights and requirements for segregation of data that present challenges for the shared resource model of cloud computing. Where software as a service (SaaS) providers rely on a third-party cloud computing provider, there is no direct contract with the cloud provider, and issues such as data security and overall responsibility for service and compliance need to be considered.
Businesses that are considering a move to the cloud will need to consider issues such as application licence compliance, as well as negotiation of cloud computing agreements that take into account the client’s business and regulatory requirements, including the specific risk tolerance of the particular business.
Agile software development methodology
Agile software development is an umbrella term that refers to various approaches (e.g., Scrum) to software development that emphasize, among other considerations, customer collaboration and rapid response to change through iterative cycles of design and build. This is in contrast to the traditional models of development called the “waterfall model,” where a single design phase occurs, followed by a significant build effort. The potential benefits cited for adopting an Agile approach include higher quality software and greater customer satisfaction. As a result, we have seen a marked increase in interest in Agile software development among businesses.
Contracting for Agile software development requires a different framework than contracting for traditional software development services. Agile projects involve managing the service provider, deliverables, and costs through the use of tools that reflect the need for continuous and rapid change during a project. Agile projects also require a heightened level of customer commitment that is often novel to organizations accustomed to contracting for traditional software development services. The contracting approach must stress strong governance and accountability while respecting the Agile methodology.
Blockchain, cloud computing and Agile software development practices are only a few examples of the remarkable technological changes currently affecting all sectors of business and society. Clients will need to be proactive in keeping pace with these rapid changes in order to capitalize on new opportunities and mitigate risks.