IGF 2016 - Day 3 - Room 8 - DC on Blockchain Technologies

 

The following are the outputs of the real-time captioning taken during the Eleventh Annual Meeting of the Internet Governance Forum (IGF) in Jalisco, Mexico, from 5 to 9 December 2016. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the event, but should not be treated as an authoritative record. 

***

>> MODERATOR: Hello, we'll start in two minutes to let people finish getting here and leaving from the last session and then we'll get started.

>> MODERATOR: Good morning. Thank you for joining us this afternoon. You are at a session on the Dynamic Coalition -- can you hear me before I keep talking? Now can you hear me? Yes, okay. So you are at in case you were curious or didn't know you were on the session on the day -Dynamic Coalition for blockchain technology. Welcome. The format will be as follows. We'll give a brief introduction and overview followed by a review of the Dynamic Coalition of blockchain's efforts from the last time at the and we'll give a trajectory that has changed dramatically. With the majority of our time spent what I hope turns out to be a lively discussion around several questions I've developed for you. I'll serve as the moderator for the discussion. Internet Society will be given the opportunity to comment first before we open the floor to everyone. I do hope that you all participate and that we make it a lively debate and discussion of ideas.

So by way of opening remarks, I'll begin by making introductions. This session is brought to you by the Dynamic Coalition on blockchain technologies, a multi-stakeholder group that pursues work related to the blockchain technology and new models of governance using blockchain technology. How do you govern the technology and use the technology to pursue new models of governance and Internet and social and political and economical. We look at all of those aspects of the technology. Internet Society board of trustee member and co-founder of the special interest group on blockchain technology which has been chartered and will be coming online soon for our participation. And he will talk to us a little bit more about that and how we can become involved in that effort a bit later.

My name is Carla Reyes, a professor of law at College of Law in Gulfport, Florida, a member of the Dynamic Coalition of blockchain technology. I work on the governance and regulatory working group. I'm a lawyer by training. My initial interest is asking how does the law apply? Now I look at the flip of that question, how will blockchain technologies impact the law the way we understand the law and access the law, the way we create the law? And co-members of mine look similarly at how well blockchain technologies alter the way we think about economic relationships and social and cultural relationship and the way people organize themselves? So with these sort of formal introductions completed there is a brief note I think on the aims of this session is warranted.

So at its core, for us blockchain technology represent transformative potential for peer-to-peer based economic and social coordination. Granular control of identity, reputation and data through tokenization. Dis-intermediation and central authorities and -- the rapid emerge against of blockchain use cases press opportunities and challenges directly relevant to the Internet Governance Forum's discussion for inclusive and sustainable growth. The goal of this session is to shift the discussion about governance of blockchain technologies away from what has been technical questions of scalability and intense computational requirements to the more policy-based questions about how to manage soft power accumulation within distributed governance? And other critical policy governance issues. The hope is that by the end of the session we'll have a lively collaborative discussion that will help us outline the building blocks of a governance system that's more resilient against a takeover at the institutional layer and that enables the design criteria of open access, inclusiveness and distribution of control.

With that a brief review what we've been up to the last year. We're in year two of the Dynamic Coalition. We tend to work as follows. We hold week-long in-person meetings that are split into three parts. The first two days are reserved for intense work by the working groups in person, which isn't always feasible given our distributed geographic locations. The third day is usually reserved for policy or regulatory round table of some sort where we try to bring government and intergovernmental organizations and their voices into the fold. And then the third and fourth days tend to be a public conference where we invite comments from everyone who would like to attend to engage in the conversation. And then using the momentum developed in those in-person meeting we work virtually throughout the year and continue the work that we've been doing. We try to hold the meetings in geographically diverse locations. So far since the last IGF there was one in Sydney in December of last year, just after the IGF in November. There was one at the European parliament in March of this year. There was one in New York NYU in April and next week on Monday there will begin one in Nairobi, Kenya.

Many of my fellow members of the Dynamic Coalition aren't present because they're on the way to Kenya. We're unable for us all to attend each one. That's kind of the point. The point is to get new voices each time and to build collaboratively on prior work product.

So if that's been our work in the last year, how has it evolved -- it has evolved, I would say, the topics of those discussions over the last -- the course of the last year has evolved as the blockchain has evolved. Around this time last year I would have said what has happening. We were in Sydney in December of last year there was the big hype was about that they had found -- NAKAMOT and he was in Australia. The tax authorities went to his house and broke down the door while we were in our working groups because he had evaded tax laws. And the focus was on the cryptocurrency and the mystery behind it and what it could be used for. Whether there would be public adoption, etc. That has very much shifted and over the course of the last year the focus is very much on the underlying technology, the distributed ledger technology.

Public adoption of the crypto currency itself for use in commerce has very much stagnated if not declined. Folks aren't using it to buy coffee, right? They may purchase it for investment or diversity purposes but not using it really on a large-scale basis in their everyday life. Instead what we have seen are the development of many use cases around the ledger technology. We've seen governments looking at it and how it could be used for smart property records. Personal property secured transaction systems, we have seen governments become interested in what it could be used for health data.

So in the United States the Department of Health Services issued a call for proposals around the blockchain and preserving the privacy of health data. There were a significant number of proposals in response and they're still calling through the outcome of those proposals and significant interest by financial institutions how they could be used to make their back-in systems more efficient. We've also seen securities trading on the distributed ledger take a center stage with things like overstocks.0 platform. In some the possible use cases for the distributed ledger is only limited by what people can determine how to code, right? And we expect to see additional use cases as we move forward. Other things that I can think of are distributed storage and notary services, right?

Finally, what else happened, the Dow happened. I don't know how many of you are familiar with the technology or deep this this space but the Dow was a distributed hedge fund. A company designed to operate through code. And folks could participate in the distributed company by buying tokens using ether on the Ethereum platform. The tokens would give them the ability to vote and they would vote on which sort of company proposals they would like to fund and the idea was they would fund proposals and perhaps disrupt the traditional way we think about venture capital investment, right? Unfortunately before -- so fortunately, I guess, the raising of funds for the Dow was incredibly successful. And there was a lot of money invested in the Dow. They had a lot of money to invest back in venture capital endeavors but the code was exploited by one of the token holders and enough tokens were stolen from the Dow to be the equivalent of there are 55 million. So as a result of that, the Ethereum platform itself has undergone significant transformation including a couple of hard forks and a debate in the community about whether it's ready for advanced applications the way people expect for it to be used in the future has emerged.

That's really the state of blockchain technology at the moment. A considerable focus on distributed ledger technology, a considerable level of investment in use cases and building applications on based on the distributed ledger itself not necessarily cryptocurrency but significant instances where we might think that caution is warranted, right? The Dow was hacked to the tune of $55 million. And so the question becomes going forward A, how do we govern the technology in a way that makes developing these use cases and testing them out in the real world safe for people that put their trust in the use case, in the technology for consumers in particular? And how do we, when things go wrong, how do we have governance mechanisms over the technology that sort of mitigate maybe some of the uglier sides of the Ethereum fork debate and how do we prepare for future debates like those? Similarly, how do we continue to imagine the use of blockchain for innovative governance of people, right? Flatter governance models in the socio-economic sectors, how could you flatten the management of workplaces using distributed ledger technology the way backfield has been experimenting win and how to use them to overcome the technological shortcomings that appear to be there to help with further democratize political models and help eliminate voter fraud and governance of people? That's the work of the Dynamic Coalition. How to govern the technology and how might it help us think about Internet governance and vice versa and how might blockchain technology enable new forms of governance of people as well.

So with those comments, which I think were longer than I intended but I get a little animated about this topic, the -- one other development I do think is really important to hear is that the IGF's efforts to integrate blockchain technology into the discussion is really timely because standards efforts are ongoing or just getting started. The ISO is looking at this, the WC3 is looking at this. If we have a voice in those things, we be talking about this as well. All right, with all of that sort of background in mind -- I suppose I should pause quickly and ask does anybody need a brief what is when I say distributed ledger technology and know what I mean? That's why you're here because you already know what it is. Okay. Then I won't -- yes. I think you just push the button.

>> You should say something about distributed ledger. I know a bit but I want to know more.

>> MODERATOR: Fair enough. Distributed ledgers are essentially -- I say this but there are always nuances, bear with me. In general when we talk about distributed ledger technology we talk about distributed software often open source, but not always. But it often is open source, it operates across a network of computers. It has the function of essentially operating a ledger of transactions, of things. It doesn't have to be a transaction. It is a ledger of whatever could be written into a ledger. And that the ledger is not maintained, owned or verified by any one person. There is no central authority. Rather, the network of computers verifies and maintains the ledger through the computation of extremely difficult algorithms and hash -- any structure where a central authority has traditionally been in charge of confirming for people what a shared set of facts are. In any circumstance where because you had no way to assure that we were all looking at the same set of facts because of geographical disbursement, because of asymmetrical information power so we had a third party intermediary owning the function of maintaining the confirmed record of those facts, so a bank confirming your record of transactions in your bank account, a real property registry confirming how a certain piece of property has changed in ownership over time. Any of those functions where we relied on a third party intermediary to confirm a certain set of facts for us, the distributed ledger does that without a third party intermediary. It relies on math to confirm and verify the contents of the ledger, a high level non-technical way to describe what it does. In a nutshell that's what it is. A list of records verified by no one person but by math instead. Yes.

>> Thank you. I'm from the UK. Great description of distributed ledger. You have used throughout distributed ledger technology and blockchain synonymous as if there is --

>> I think that's probably a trick question. Typically blockchain refers to the bitcoin blockchain which was the first, right. And any ledger that uses a chain of blocks to make their case. Ethereum is not that, right? Generally speaking in the literature when I write a law review article I use the term to prefer broadly to refer to any of the number of protocols that trials to do the same thing, provide a record that is maintained by no one person using any number of consensus mechanisms, right? Proof of work, proof of stake, whatever it may be. But yes, they aren't the same thing although I think in general people tend to use them interchangeably. You say blockchain because everyone knows it. The literature is to say distributed ledger technology. We may mean both public and private. Permissioned or permissionless or distributed ledger technology even though we recognize there is a strong debate in the technical community whether a permissioned ledger is a distributed ledger, right? We don't engage that debate. We only note for governance purposes it might be important to include both because if you don't you leave out a huge sector of use cases. Use cases that will be very important. Good question and I think the answer is no and yes. Other questions before we jump into the discussion questions?

>> I have one. You said that -- distributed ledger, a no synchronized control but we know that open source software or some technology has processes that may update the software, too. That group of people may view as some authority on that. How to -- how can we view this software as no centralized tool software?

>> MODERATOR: That is one of the questions on the list. We'll start there instead of leaving it for last. We agree that core developers often usually of the protocol can serve sort of as a function of accumulating a form of soft power, right? They exercise significant control over the architecture of the protocol. The question is what kind of steps do we need to take, assuming that we need to take them, to manage the accumulation of this kind of soft power in decentralized decision making? Do you have thoughts first. I've talked for too long.

>> First of all, let me introduce myself as earlier mentioned I'm a board member of ISOC and my interest came into the area of blockchain technology from a couple of words that have resonated with me personally. The two words are trustless and immutability, these words are often used when you deal with blockchain. The idea is trustless means you don't really need an intermediary. You don't need a bank, a particular agency that you put your trust in. It is purely math as mentioned earlier. And the second thing is about immutability. Whatever is on the blockchain stays on the blockchain. Not possible to modify it. You can change paths but whatever has been done to that extent is not possible to modify. These two things were the personal incentives for me to begin involved in this area and talking about the earlier question about the blockchain and being different than a distributed ledger. Everyone can have a creative blockchain. I have a blockchain on my device today. I work on smart contracts. I develop them personally for testing, for private issues. That means that the proof of concept is possible to replicate. The problems emerge when the blockchain becomes more huge and like the bitcoin blockchain, for example, which is rather enormous in size and making it difficult for scalability aspects.

So in reference to that question. Let me come back to the point of the Internet Society's role in this and maybe that's a good opportunity to make some sort of advertising for the Internet Society. We have had an internal discussions as groups within the chapters and others interested in the blockchain technology to launch the special interest group and so if you're familiar with ISOC you may know what the special interest groups are. They're similar to chapters in the way they are chartered. And you may know how chapters are chartered. Basically people come together, considering this is an important thing to deal with and we would like to advance this cause. So many people from various countries came together and we've ended up putting the charter and the bylaws and we've been chartered recently. Among the founders are, of course, Wong, who was an ICANN board member and many others including my friend OLA, who has been also involved in technology. It is a lot of people and like to use this opportunity to invite you. It is not currently on the website yet. This is a fresh announcement. Hopefully it will be on the website this week or next week. The idea behind it is now that we understand the importance of the blockchain, how could we advance and use it in advancing the Internet as we know it?

The Internet Society has been involved in maintaining or helping improving the way the Internet works and access to it. But also it has to also bear in mind there are certain evolutionary things happening around us. Things that are taking us to the next level. Blockchain as an idea came about because it had to do with data and data protection. That's one fundamental aspect of what we're facing today. Hackers constantly causing a lot of trouble, especially for financial sectors. The inability to verify information if it's true or not. Identity issues. And so all of these bring us back to the question of whether blockchain technology can serve as one way -- I'm not saying it's the only way -- but one way to advance our security on the Internet.

The other aspect is distribution. You know, the Internet itself was built around the idea that no one is in charge. No one controls it, no one is able to turn it off, turn it on. It is all of us. All of us as the end users of the Internet and analogous to that the blockchain to some degree has some promise there will be no certain entity that will take over. There are certain problems with it, the 51% if they take over that part of the blockchain they may end up moving it in a different course. But generally speaking it is much better than what we have today, which is the central authority taking charge of your data, whatever you post online has to go through it. So with that in mind, blockchain has some promise in the Internet sense. These two fundamental ideas of security and -- being secure in terms of data access and being distributed are quite encouraging.

That's the idea behind this special interest group and I would like to also note that the interest and the hype in this technology is overwhelming. Many people are thinking of it as the next big thing. The next best thing. That's what happens when people begin to think naively. What we would like to propose through the SIG is not to think of it as the golden solution to all of our problems. It is not the golden egg or the golden goose or not something that will create all -- fix all our problems but it is something we need to criticize, we need to look into and we need to evaluate. That's where we stand. We do not take it for granted it will be the best thing ever but it can be helpful in the progress of how the Internet is used and accessed. So I thought this would be an introduction to where we stand as the Internet Society on this issue and I would like to give more time for exchanges of views and opinions on this matter. Thank you.

>> MODERATOR: So we could come back to A, it is not -- we shouldn't think of distributed technology as a solution to all our problems because it has its own problems as we've noted, scalability. Technical problems but also in each case the group of core developers that increasingly exercise extra power. And the resistance of say the Ethereum community to adopting the hard fork. It shows that not everyone is in agreement with some of the decisions that the folks with the accumulated soft power take, right? What are ways -- A, do we think this is a problem for distributed ledger technology? And if we do, what are steps we could take to mitigate the accumulation of this type of soft power? Do you have thoughts on that to get us started?

>> It is quite important to raise this issue in terms of the potential of a number of people taking over. This -- blockchain technology is back again part of human product. It is a human product that involves intrinsically has some human aspects to it, which is control. I mean, you with like to think your idea is better than my idea. And so whatever -- if the technology or if the procedure allows, we could come together and result in a new, say, path for the software and that's what happened for the Ethereum foundation and we've seen a number of people had actually thought that maybe branching out in a new blockchain was not a good idea so they stuck to their old blockchain and used it using Ethereum classic which is low in less than a dollar per ether but it shows there are inherent issues with cryptocurrency aspects it to. I would like to use that to say there are vulnerabilities. The other vulnerability I like to raise is scalability. No matter what happens today in today's -- with the traditional way of thinking of the bitcoin as the currency to use for trade or purchases, it is not possible to use it in day-to-day purchases because of the very huge and massive amount of data that you would have to process and massive amount of time that you will need to have for transactions. For small transactions, it is going to take up to 10 minutes minimum. You can't wait in line for 10 minutes for waiting for process of bitcoin. This is what scientists are struggling with.

There are some proposals, for example, in which there is a proposal of launching what is called private banks. So what happens at these private banks are again decentralized but they can process small transactions and then in one group then process them into the main blockchain. So that's one way of serving it. But again it defeats the purpose of total de-centralizations. I can't say I have solutions. We need to be reflexive and aware of the potential uses and I'm involved currently in a project, for example, through which we can use smart contracts to help advance causes. For example, one of the ideas of the blockchain is to -- when you create a smart contract that extracts particular let's say fees or costs from each individual account on the smart contract you would be able to dynamically transfer that funds when it reaches a particular limit without having to have an escrow account, for example. In that case there is total transparency and accountability and lack of corruption or let's say no need for worrying about corruption or potential abuse of the money that is on this smart contract.

But again we come back to the issue of vulnerabilities in code. Not everyone is able to do a bullet-proof smart contract. They can always have bugs in the contract which has been exploited that happened. One of the exploited cases in the Dow was the person -- the one who exploited it -- I wouldn't say it's a crime per se because it is purely the taking advantage of the way the software works is that instead of sending it from an account, you can send it from another account. You can go back and send more and more and more and then once everything is settled and you would like to deduct the amount from the original account, it will be much bigger so there will be a deficit. You still get the ether but then the actual amount wasn't sufficient but the code was written in such a lousy way that it actually allowed for this to happen.

So it means the weakest link in technology in the blockchain is not the blockchain itself. I would say it is the human element within. The people who use the blockchain can actually cause issues, so there are many issues that are ahead of us and we would like to elaborate and discuss this together.

>> MODERATOR: I think there is a question here and from the online community as well.

>> I'm from the Internet Society and a member of the sig, for me the sig, Columbus took to the new continent was he was looking around and seeing all kinds of new stuff. For a lot of people the continent was familiar ground. This is not my familiar ground, that's where I am. But the Dow hack exposed something. I have a question around that and specifically, you know, the change of how we do contracts. In the Ethereum community they said the code is the contract. We need a new set of skills to evaluate those contracts. It is not lawyers anymore but it is coders. It is black and white and it is not a certain amount of ambiguity that we find in law and contracts that is allowed the play off. I think there is a lot of impact in that evolution. I wonder if there are any thoughts on projections of where that might end up or people who have spent a lot of time already thinking about how that evolution might play out. That's one of the questions that I have looking at what happened last year with the Dow hack. That's a question.

>> MODERATOR: In response here and then to you.

>> You have the microphone?

>> James from Internet New Zealand. I agree there is an issue with smart contracts the way the traditional ones operate but part of the question is about institution design. The problem with the Dow hack could be framed as one contract being too big to fail with respect to the underlying Ethereum architecture and as a matter of institution design, you could set things up in such a way that no one contract was too big to fail. And that would mean you don't have to have -- that seems a more tractable way to -- code operates whether you understand the way it operates.

>> That's actually interesting because in meet space we also don't really know how to solve that too big to fail problem. Anyway.

>> MODERATOR: You, sir.

>> My name is Pedro from the Institute for Research on Internet Society in Brazil. Perhaps an answer to that, a possible solution that perhaps the moderators may also speak further ahead is the solution of the judge as a service which is a way of relativizing the -- blockchain by giving technical powers to interested arbitrators to deal with eventual conflicts or failures in the smart contract especially when those failures are also failures in regular contract law, for example, errors, failures of will, I don't know the exact term in English. Perhaps you could talk more about that and we could discuss it. If the relativization of the activity might be a blockchain might be a way of ensuring better spread of the technology and overcoming certain problems, not relying on the absolute inflexibility of the code.

>> MODERATOR: I'll make one comment on this. I would just say you mentioned that the -- in response to the Dow and smart contract maybe now we need coders and not lawyers. I know a significant number of lawyers at least in the states who would just say yes a contract is a contract whether it's in code or not and subject to contract law and we're still relevant and contract law still applies so you'll need acceptance and offer and all the traditional things. The fact it's in code doesn't bother us that much at all. How do the two meet and maybe is a question of having capable arbitrators who can do both. Folks that understand both sides, the tech and the law and to meld them the way that you are talking. I think that's right. So from the online moderators.

>> Hello. I'm calling from New York and I just wanted to ask if we can call DOT technology by the right name because I hear a lot that people call like for example bitcoin a cryptocurrency and I would argue it's a crypto commodity because there is no central authority that controls it. So by calling it the right name, maybe the discussion of governments can take the right direction because a lot of governments are trying to think of DLT as a currency that is controllable. If they think of it as a commodity they realize it is not something they can control but adapt their governments around the technology instead of trying to control it. That was my question and my comment. Thank you.

>> MODERATOR: I think the question of how to categorize the thing that it is a good one. I'm from the United States and that's where I am most engrossed in how a government is trying to categorize this thing. It has been called virtual currency, not cryptocurrency. It has called property by the IRS. It has been called stored value by the states. Called a commodity by the CFDS but they would agree with you but it has been called a security by the securities exchange commission. So yes, categorizing what this thing is is difficult and I think though to focus on distributed ledger technology, DLT is where we might get the most bang for the governance discussion whether than focusing on the currency commodity itself. Other questions or comments about soft power or any other things we've been talking about?

>> I'm Jake -- you said that also that was very much interesting the blockchain technology and we are having a discussion for more than one year but still we found that the currency itself is not so much here, only the bitcoin is already so mature but the blockchain technology such as -- so many technology now existing. So important things for us means the fact the standard body, what kind of standard people are required for the standardization boarding? It is the same with -- so in that sense we are seeking that -- the other one is blockchain technology has some missing part such as how to connect with each other. If someone make a bitcoin, we already started to -- how to combine with your network. There is always the Internet. Each Internet ISP has their own AS number and they are connected with BZP protocol. We think that the kind of protocols are required for the future if the blockchain technology is a promised one. I think that there is another issue for the currency issue. And so we try to discuss on that part also, thank you.

>> That's a very good question. I think that they are involved in the hyper ledger projects and so is the IATF beginning to tap into this space. There have been a number of RFC proposals addressed. Among them is the interledger protocol and so it is started this year and expiring next year. The idea is that this can be worked on the standardization level if there is enough interest. But it is very immature at this stage. Very little has been achieved but the ideas are floating around. So it is very useful to combine efforts, and I believe it is a very important subject area.

>> MODERATOR: Other questions or comments on this topic? Yes.

>> I'm from Singapore. I am hearing what is said about the issue of the factors that get in the way of regulation. I think that some of the things that need to be -- some of these things need to be deconstructed. For example, we cannot regulate for bad code. I think it is bad code that gets in the way of the blockchain. We don't regulate the program. I think one of the questions the we need to look at would be even if it's good code and it works well, what are the issues that get in the way? I think you mentioned scalability. For example, instead of the whole chain literally following you around, can you cut a part of it off? A major part of it off and let it be started by somebody else, a trusted third party.

For example, I'm just thinking about it now. Say, for example, assuming we trust ISOC, we put the rest of the chain back in Geneva and we carry only a few seconds worth of the chain, for example. That is one issue to look at. And instead of bitcoin, how about bit dollars or should it be limited to only major transactions, right? All the effort going to the technology and programming and so forth will be justified dealing with such a large amount of money you talked about. My friend is doing electro polling and how you might cut up the electrical districts in Malaysia. Major issues as opposed to -- the amount of skill that maybe you can bring it down instead of trying to do it for everybody. Start big and then come down small, right? And I think the third issue we really need to look at would be the possible implications -- I'm from Singapore and the regulator has -- hired from CD bank in his office specifically to look at the role of blockchain and impact of blockchain on the financial technology area. I've heard stories -- speculations of how 50% of the people in the financial industry have been laid off as a result of blockchain. Because we're big on the financial side, it is a major concern for us. I think that is the case, we need to look at that to see what the potential consequence. I don't think we can just say well, okay, this will cause the loss of labor, I think you can probably see -- you look at the possible impact of people who might lose their jobs as a result of blockchain. I'm not saying we should stop blockchain but look at the impact and how we might in some way do something to help these people.

>> MODERATOR: I agree for government's purposes it might be important to look at in a well-functioning code environment what are the things that would naturally get in the way of the technology. I also think it's important to consider or maybe a question, do you all think it's important to consider what happens when we do regulate for bad code? From a legal perspective, from a regulator perspective that's what has happened. Most things have reacted to other big failures in the technology and their regulations are built around when the code collapsed or when people did bad things using the code. And if that's the world, the legal world we live in, does that implicate the way we should be thinking about governance of the technology as well? To the extent that reactionary regulation on the legal side from governments could hinder the way we can use the technology going forward or make it more difficult for it to operate cross borders. That's a question I pose to all of you. Thinking about the way governments do react to bad code means we should think about governing for the bad code situations as well as for the sort of perfect situation?

>> So no, it's natural to regulate the bad code. I'm talking for the discussion here the reason the government regulate there was harm involved. When there is major enough harm the government will step in. If it's minor harm and no major impact we leave it to regulation. Major harm of course government will step in. Loss of many dollars government will step in. They will step in because of this bad situation, right? What I'm saying if you talk about regulation of the blockchain technology we shouldn't be thinking only about that. Even the major focus on that.

>> I'm LIMOR from Israel. And I'm new to this discussion but I was thinking about it through my experience in regulating trust services and the initiatives made in Europe and we have the same act in Israel that governments wanted to promote the creation of this infrastructure and in some cases even did it themselves in order to give it to the civil society in order to be used as an infrastructure for commerce, etc. We have actually seen in the past it is not -- I can't say this technology, the PKICA trust services model has really proved itself to be very successful but still we've seen that in the past 10 or 15 years when governments pushed services, then this technology went through and we saw more enrollments. So perhaps this is -- this could be thought of as another case of where if governments create this infrastructure in a certain way and give it to the entire population to use, then we would be able to address regulatory issues and security issues and safety issues and perhaps commercial insurance, etc., etc., from a very organized level. This could also be an endeavor that has to be thought about from several governments, not each government by itself.

>> Let me totally agree with you on this. In fact, I often recall when talking with governments that there are certain trends that governments cannot fight. So if you can't fight them, join them. So if we can't beat them, join them. The idea here is governments need to be up to date on this. I would like to refer to an example of a government which has actually done so. It is Luxembourg. This tiny country.

Its Prime Minister had actually announced that there will be something called the infrachain. Meaning it will be a national blockchain that would combine both private and public sector segments of the country into blockchain technology and then you deal later with the uncertainties that would arise. It is almost like an experiment with the whole country being the player. So yes, it's a gamble but it is better to do it now, start working on this now instead of waiting for others to fill the gap. So if governments are progressive, they are open minded and looking into this from both the positive and negative sides it would be helpful for their economies and their future.

>> MODERATOR: I think we had one here.

>> Just a quick comment. I believe that talking about bad code and good code might spoil the discussion because once you pass a certain level of simplicity, I don't know if there is inherently bad code or good code. It might work fine for years, if we start thinking we should regulate bad or good code when there is no difference between them in practice could spoil the discussion.

>> MODERATOR: Fair enough. Maybe the better framework is good and bad outcomes, right? The failure of bots being a bad outcome for consumers from a government point of view but fair enough. Next.

>> Thank you, I'm from Togo, those of you who don't know it's in West Africa. My question is regarding -- I mean, talking about soft governance, would that make sense to propose that we tackle -- we try to set up principles to design your set of principles, high-level principles that may become a contract to guide any intervention, policy from government or any other authority in this sector on this question about governing the blockchain technology or the distributed ledger technology? Can we start trying to design a set of principles? Or has it been done somewhere? All of those other trust frameworks that preexisted, that's blockchain technology, does it look like something we can borrow from and set up those principles?

>> I would say it's very experimental at this stage. I have not seen some initiative of this level but I would say -- there are good signs. As I mentioned, the example from Luxembourg and others. It looks like this is a good opportunity to raise the word multi-stakeholders in the sense of even blockchain technology because you can tell there will be a sense or an opportunity for people to join from both the civil society, financial sector, business and governments, as well as technologists who are leading this area to come together and deal with this. We learned -- we should have learned from the past that cybercrime, for example, is where governments come rather late in the game and then try to fix things retroactively. That would be more costly as well as sometimes leads to even worse results for governments, for example, that don't understand how technology works and have not had any channels of communication with the technical community. Maybe a new call for bringing in this concept of multi-stakeholders within the framework of blockchain technology. You're correct, we need to have examples and we need to follow -- lead by example, yes.

>> MODERATOR: I believe there is a question from online.

>> Yes. This is me again from New York. One thing I wanted to point out. My experience with the regulator. I'm in the New York against my regulator because the way he brought the law forward. By learning from how they went from looking at what happened to -- to the point where the blockchain technology exists in New York, the regulator has completely decimated New York blockchain.

(No audio)

Here is an example of in Europe, Canada has taken a different point of view of how to push the government or to regulate blockchain technology, which seems to have taken the right path. So when New York tried to control it, they destroyed the technology. When Europe tried to advance it and give it a lot of free room to experiment, the technology has flourished. I think those two examples are really on both ends. And what can we do to educate all the regulators across the world to take the European model instead of the New York model?

>> MODERATOR: So does anyone have a response from the floor that they would like to offer? If not, pause there, anybody? If not, I am working on some research actually that is trying to look more empirically at the dialogues between regulators and the technology community. Think thesis is we don't talk to each other very well. The technologists may talk about things like legacy laws and use other terms that regulators don't understand and aren't particularly inclined to care about. But that if they could meet each other in the middle somewhere and speak the same or a similar enough language that they could understand each other, that they might get a little farther towards a more useful dialogue. I know that New York in particular has a sector of folks that are not fans of the bit license regime, I don't know how else to say that.

But there are other States looking at it in different ways in the United States. There is the uniform Law Commission. There is a number of Civil Society efforts to dialogue with regulators in the United States. I'm not sure in the case of the United States you'll be able to convince them to go the European model but having a more fruitful dialogue may require changing the words we use when we talk with regulators and getting them to change the words they use when they are talking to the technology community. I'm looking at research to empirically prove that out through looking through statements that folks from the community have submitted in response to public comments requests, etc. To be continued, I guess. Any other questions or comments on this issue of soft power or any of the other things? Yes.

>> I'm from Singapore, I'm from the university, not from government. In response to what the gentleman from Togo said, if you have issue principles and norms, what if they're preached? How is the person who  breached the norm to be sanctioned? Some kind of sanction for it. I think you have to answer it to determine how to even issue principles and norms. The second thing around that is generally there is a sentiment of wanting self-regulation. But I think the question we need to look at is how important is this area and how impactful in this area? I think no matter what there will be political pressure on the government to regulate. It is really impactful. We have to allow for some element of government intervention in this space on regulation and I think that's where possibly then violation of principles might be sanctioned. I think you combine those two they might get some traction.

>> MODERATOR: To build off this idea of governance principles and frameworks and what do you do if principles have been breached? What are places where you see an intersection for Internet governance and blockchain technology governance? Should we be looking toward something as we move forward?

>> I would like to first of all make a clear distinction that blockchain technology is not the Internet or not vice versa. They are two different things. The Internet helped facilitate the idea of blockchain obviously because of the way block chains operate but it doesn't mean that it has to be within the Internet realm. However, this is also important when we deal with, for example, cyber law or criminal -- laws related to cyber activity. But on the other hand there are big similarities in the way blockchain works and the Internet works. One example is cross the trans national reach of the Internet and the trans national reach of the blockchain. Blockchain can work nationally but most of them that the ones that are operating do not regard national borders.

And so that brings us to the question of whether there could be the same principles that apply to, for example, the Budapest convention when it comes to cyber and criminal law and cyber-criminal activity. Could it apply to the blockchain? But the very important distinction here to make is that it is still a very new area. It is not something that has been established. So we do not want governments to jump the fray and simply issue regulations in a way that would hamper the technology from advancing and improving.

On the other hand I would like to use the idea of forum. If governments are willing to discuss this openly with civil society and technical community and academics how to advance the cause of regulation within their respective regimes even and national IGFs be a platform and serve to help the New York chapter -- the New York issue that has been raised in dealing with this on that district level instead of putting it in this international global level. So it's important that there should be both grassroots efforts in this regard as well as more open and broad international efforts.

>> I would like to make a comment. I am from Venezuela and I am a lawyer and not an expert in block chains but I would like to raise a situation that we have there. In Venezuela we have a huge corruption and a lot of members of the government are involved in corruption. And sometimes what they are doing is that they are buying miners in order to put their money there, this money from corruption or they buy crypto coins. It joins with a lack of judicial independence in our country which is very bad and which accords cannot do anything. I'm concerned if courts would decide something against these people who have put their money in this crypto coins, is it possible to return this money back to the countries? I'm not sure about that. And I believe that it also doesn't have an impact -- a national impact but an international impact. If you can say something about it.

>> MODERATOR: I would just say. I don't know about returning the funds necessarily but I would say in the United States at the federal level they've had a significant level of success in tracing transactions and apprehending folks and seizing the cryptocurrency issue. They were able to identify when F.B.I. agents went rogue and siphoned off some of the cryptocurrency and were able to return those to the pool where it me belonged. To date the result has been that the currency issue has been seized and auctioned off. Not necessarily returned to the people who sent it to begin with. As far as tracing goes, I think things like chain-litics and other tools are being made to make it possible to trace the source of transactions which may help in efforts to return funds that have been illegally gotten. Any other comments?

>> Just to add to that, the difficulty with dealing with cryptocurrency or aspects of code, sometimes things are irreversible. If you lose the private key -- it is almost impossible -- not impossible, may take millions of years of brute force hardware and processing to get the -- to guess the password but it is not really practical to expect to reverse transactions sometimes. So it is with this mindset you get yourself involved in this area. If you don't have enough precautions in dealing with it. If you don't have ways of protecting and hard storage maybe or if you lose your essential key, then I think it is goodbye, even if it's millions of dollars. That's the trick with this area. That's one of the challenges of blockchain technology when it comes to regulation is that if you have a Visa card and you lose your card and then possibly you can revoke it and deal with it. Sometimes with technologies, you just can't get away -- you can't find a way out. And so that being said, mentioning bitcoin being used for evil is an opportunity for me to say it is not bitcoin's fault that it has been used for evil. And smuggling, it's people's fault. It is humans that drive actions. These are merely technologies. They are catalysts for whatever you do if it's good or evil but you can use bitcoins for delivering, for example, if you had a crisis, an earthquake in a particular part and the only way to get -- there used to be through bank transactions that would take long days and wire fees. With cryptocurrency you can dispatch an amount of money to help those in need. Transparently, clearly and securely. It depends what you do with it. You have given a good example of how some people could abuse it. But there might be many others that are positive.

>> MODERATOR: I think there was a question.

>> Thank you. My name is Isidora from McGill University and my questions relates to what you were just speaking about and wondering if there are suggestions to how we can con -- we remove accountability of the third party and we cannot really hold code accountable exactly as you said. It is actors, it is people using it and people developing it. So how can we approach this matter of accountability? Thank you.

>> MODERATOR: So from a legal perspective or in general? Both. I'll take the legal perspective. That's my background. I actually think the law will have to evolve to deal with that. The obvious answer under the law now is you might hold the coder responsible for the problems in the code, right? If you could identify who that was. The problem in the context -- in this context if it's a group of folks and you might not be able to identify who that is. But that would be the answer under the current law maybe now. It might still be a stretch but you might get there. My thought would be that there would have to be legal evolution to deal with that exact issue. I don't think the law is there in.

>> When it comes to technical aspect of it, how to reverse a transaction. It wasn't possible until the decision, for example, in the case of Ethereum when the Dow went bad. They simply take a moment before the -- hold or pause at the moment before the transaction, the bad transaction happened and keep that part of the blockchain intact and fork a new branch. They are almost doing what superman did in the first film when he reversed -- he flew over the planet to reverse time. They did reverse time technically speaking and eliminated everything that happened after a particular point. So it was grave and huge step to take by the Ethereum foundation but there was Democratic voting that happened and it led to that consequence. While it is not the way block chains are meant to be, it did end up happening.

>> James from New Zealand. Part of what you're talking about is a piece of infrastructure that is relatively durable and might have a long life or make take a long end in other areas people try to deal with that with certificational bonds. So similar issues come up with limited liability companies. You get a structure made by a builder and if they are a limited liability company you might not be able to pursue them for the full value of that. It might not be time that's the factor with this distributed ledger interactions but an element of control that is not foreseeable or quickly enough captured by the law of negligence. So when things are that sensitive you do things like require a bond, or as I said before, you spread the risk out so that no one failure is catastrophic for your whole set of institutions, or you have a certification scheme so that some people pay in advance and are relatively credible as suppliers. There is a range of risk management techniques that exist. How to think about those with respect to the borderless just do it possibilities the technology opens up, often for good purposes.

>> Again a suggestion, there is a distribution of responsibility. The trust service provider of the token or smart card that issues the private key and public key is responsible for the correct procedure and for the security of their own CA and for their -- to prevent attacks on their -- forging of electronic signatures. The person holding the token, smart card or whatever, hardware is responsible to keep it in his own personal ownership and not disclose the pin number to anyone. If you can demonstrate that you have not lost your card and that it has not been revoked in the CRL list, then the responsibility is on the issuer. If you've misused your card the responsibility is on yourself. There are within the regulation, there are requirements for the trust service to have an insurance policy that covers negligence and that covers incidents of fraud to a certain extent. And there are also in the terms of the bad coding, we have in our regulation and our requirements for security within the trust service, we make them review their code whenever they make changes to their system. So the whole architecture of the system is regulated and code review is required and yearly penetration tests and risk assessments are required. And so that is the framework that creates a certain amount of assurances.

>> That's an example of the evolution that we're talking about.

>> My comment or question comes from probably lack of understanding of all the details behind all of this system but it strikes me that with some of the examples of applications you are thinking about with distributed ledgers such as contracts and so on, here we are recreating -- it's a contract but you don't have a sheet of paper or something that exists in some place physically. It's out there, it's an agreement between two entities, could be in very different parts of the world that have come to some agreement and everybody else can verify actually that they have reached that agreement but they are from different parts of the world. Every time we faced this in the past we've come up -- we've come back with issues of jurisdiction and sovereignty and I'm wondering -- in terms of a question, do you foresee similar problems starting to arise here where someone will want to claim -- something goes awry in the contract, under whose jurisdiction will it actually get adjudicated and you know, if it happens to be and they're able to trails  -- trace it back from a particular person from a particular country, will that country be able to enforce some amount of sovereignty over their own people and what they've done? Just asking for general comments about that.

>> MODERATOR: First I think it depends entirely on the type of smart contract involved. There are ways where you could have a paper contract, traditional paper contract where only pieces of it are carried out through smart contracts on distributed ledgers. So then you would still have a governing law clause, right? There are -- you could always have the whole contract more or less in the code and then have separately a governing law agreement that just says this is where if anything goes wrong, this is where we will have this thing adjudicated and then I would assume the normal conflict of laws rules would apply and you would take care of jurisdiction the same way you would take care of it in any trans-border contract. This is, of course, the position that lawyers in the states, my colleagues are taking because they want to be relevant, right? So that's one look is A, it would depend on how you structured the thing. Just because your contract is in smart contracts doesn't mean you can't have a supplementary piece that says anything between us you are governed by the law of wherever you want it to be governed by and the normal rules of conflicts of loss.

>> I may also add that the interesting and unique think about smart contracts is that the smart contract itself is also on the ledger. It is impossible to have adjustments to the smart contract itself. So that itself is possibly digital evidence that you can use that in case the courts or whatever legislature has enough expertise.

>> MODERATOR: It is a problem for contract law in the United States, immutable contracts are not allowed. To the extent you have a contract on a ledger that is immutable that contract may be void because of its immutability, right? Another area where the law will have to evolve or not, perhaps, around the use of smart contracts in transacting over distributed ledgers. Was there a question online?

>> Hi, me again, sorry. A comment that caught my attention is the fact that you are talking about the security of the blockchain in a way that is we know that person A did transaction with person B, but all this technology is based on encryption and the encryption technique used when they created the keys will change over time. And there is no guarantee that encryption technique will not be broken, because encryption will always be broken. So a key that has been created 10 years ago can be stolen by a technology competent person who has broken the key. What guarantee -- as a lawyer, I hear you as a lawyer, you should think of the fact that there is no guarantee over time that person A is still the holder of that transaction. And the law should take that into consideration. Thanks.

>> MODERATOR: Is there another question online? No. Wait. So probably the time in the last few minutes that we have, want to consider what -- so we've probably stated several of the key issues we think need to be tackled in order to build governance for distributed structures but if we could sort of brainstorm those key issues and collect them so I can take them back to the others in Nairobi next week as feedback. What are the key issues that this group sees that should be tackled in order to build distributed governance structures based on blockchain technology. Feel free to restate anything that has been said that you thought was particularly important or to raise new key issues you think have been overlooked because my initial questions didn't get at them. Yeah.

>> Well, I will Kathryn Garcia from the Hague University of Applied Science. I would stress the importance of looking at good practices. In Europe we have had several conferences, meetings, European Commissions participating on these, so there has been already a very discussions of this and we have been also looking at the other uses of block chains, not necessarily the one for financial transactions. For instance, with the current refugee crisis, there has been a lot of proposals to start to use these as for instance identify specific needs in this vulnerable community. But as well in terms of land title, as you mentioned at the beginning. Notary sort of contracts as well. So therefore I think maybe the impact will be stronger if we look first at the good practices rather than -- of course, there is a lot of concerns, especially privacy and cybersecurity-wise, or security-wise, still, I think we have to learn from the good practices first in order to be able to tackle the negative aspects of it. And also be interested in the discussions that you hold on the table.

We have been also discussing several different approaches and the blockchain may need specific regulations because we already have other sets of regulations in place, GDPR, the consumer protection regulations that might touch upon specific aspects of the concerns that we have about block chains. That's all I wanted to say. Thank you.

>> I would like just to point out that there is need now more than ever to work as -- in collaboration with each other. This is a challenging subject that requires bigger amount of expertise. No single entity can have all the expertise. I would welcome collaboration between the SIG, ISOC, Dynamic Coalition, WC3 and anyone involved in the space and governments need to embrace the discussions around the blockchain technology. That's the only way we'll get through this.

>> Like to make a proposal concerning that. The mailing list for the Dynamic Coalition is kind of inactive. When you try to look at it at the website, it is -- it gives you an address that doesn't work, at least I've tried a few times to get in contact with it. So maybe we should kick start a mailing list again or you should -- you guys from coalition? The address isn't working. I don't know if anyone here is on the mailing list.

>> MODERATOR: Have you been using the discussion at koala? I've been sending emails out for a month. We'll talk afterwards. I've been using it regularly and getting very little response. Maybe it's a technical problem.

>> Second point is one of the topics that we should maybe discuss is seeing which principles from the original blockchain and digital ledger technology ideas should be somehow changed in order to achieve widespread dissemination on the technology without distorting the very idea of blockchain. Maybe a way of making it friendlier to law, to end users but not in a way that distorts its purpose.

>> I totally agree, good practice first is very important to improve the technology. I want one more thing blockchain technology is just a tool. So the blockchain and the IOT and AI are -- these three issues should not discuss independently. These three-part. The technology has similar aspects, autonomous. So if possible, we want to discuss the combined with this technology. What kind of best practice we can make it is another issue. I think it's a very interesting issue. Thank you.

>> MODERATOR: Other comments or questions? If not, that concludes this session. Thank you for attending and have a good afternoon.

(Applause)

(Session ended at 1:30 PM CT)