Analogies, the Big Picture, and Considerations for Regulating Crypto

Given all the activity, hype, and yes, the quality range of ICOs (initial coin offerings), many U.S. regulators have been thoughtfully considering how best to protect consumers from bad actors while still enabling innovations from good actors. It’s a tough balancing act, not just because it’s a difference of degree (given the pace of technological change) but also because it’s a difference of kind (these are fundamentally different technologies, that themselves evolve over time).

If we go beyond the hype around ICOs and coin prices however — and instead focus on the bigger picture of why decentralization matters — cryptocurrencies (coins and tokens) may be important tools for incentivizing crypto networks/protocols/applications; specifically, those who participate in, maintain, and build on top of them. Since much of the existing regulatory framework was written before the advent of such decentralized networks, it’s useful to consider both how these networks evolve over their lifetimes, as well as the history and evolution of the classic “Howey test” that determines whether or not they’re also investment contracts for regulatory and compliance purposes. Because that, in turn, affects their effective use and scalability as software systems and services.

But first, what is the Howey Test? It’s ICOs and oranges…

It turns out that 1940s Florida citrus groves have a lot in common with crypto networks, despite being separated by nearly 80 years. That’s because they both fall under a 1946 Supreme Court decision: SEC v W.J. Howey Co (“Howey”), which dealt with oranges — or more specifically, a services contract offered by a company known as Howey-in-the-Hills Service to produce, harvest, and market orange crops in Lake County, Florida. Many of the purchasers of these contracts were tourists who happened to be staying at a nearby hotel owned by the W.J. Howey Company, and who received a sales pitch touting the investment profits to be earned from successfully cultivating the orange groves. Although the purchasers would buy the land directly, some would also enter into a services contract with Howey-in-the-Hills by which the company would manage the full harvesting process and sales for the oranges.

The question for the Supreme Court was whether the purchase + services contracts created an “investment contract”; if so, they would be regulated as a security. The Supreme Court said yes, and in doing so laid out what has now become known as the Howey Test for determining whether things that don’t look like securities can in fact be deemed securities:

  1. there is an investment of money;
  2. with an expectation of profits;
  3. where that expectation of profits derives largely from the efforts of others.
  4. [There is a fourth prong to the test known as “common enterprise”, but its significance as an independent prong is heavily debated in the legal community, so we’ll ignore it for now.]

But Howey did not say that the oranges grown under these contracts could also be deemed securities. So while buying or selling the orange plots/services may be regulated as securities, buying or selling the actual oranges grown on them does not require compliance with securities law. No grocery store post-Howey needs to determine at the checkout line if every single shopper qualifies for a securities exemption when purchasing oranges!

This construct has been applied more recently to, among other things, purchase contracts for condominiums. For example, if you enter into a contract to purchase a condo pre-construction and, as part of that contract, the developer promises to do a bunch of work on the condo and provides ongoing services post-construction to increase the value of the condo, you likely have entered into an investment contract — a.k.a. a security. But, that contract doesn’t convert the underlying condo itself into a security. It’s still just a condo; when you want to sell the condo to someone else, you don’t need to comply with the securities laws. Thus, the buyer can’t sue you for securities fraud if the Spanish tile in the entryway didn’t actually come from Spain.

The fundamental principle here is that the nature of an investment contract can be distinct from the nature of the object of that investment contract. This distinction matters when considering the developmental stages, or “lifecycle”, of crypto networks, too.

The lifecycle of crypto networks: Pre-network, Functional, and Fully Decentralized

Cryptoeconomic networks are a fundamentally new way to design and incent internet-based networks. They arise from cryptocurrency movements (like Bitcoin and Ethereum), but the fundamental shift between these and previous internet-based economies is the creation of open, decentralized networks and protocols. An example of a past such protocol is SMTP, which enables email; even though Microsoft owns Hotmail and Google owns Gmail, no one company owns the email-enabling protocol itself. Numerous companies can therefore build on top of it without being proprietarily blocked by Microsoft and Google or having to ask permission from the original developers. This is the defining feature of open networks.

However, a classic challenge with decentralized networks is where do the resources for building, coordinating, managing, and maintaining them come from, if there is no central entity (like a Google or Microsoft) supporting it all? This is where blockchains and tokens come in: the former provides a way to keep control of the resources decentralized, and the latter provides a way to fund development.

In the beginning stage — Pre-Network — the sponsor of a particular cryptoeconomic network may raise capital to fund the development of that network/ associated digital services. This is not unlike a startup before there is a product; in many cases, there may simply be a business plan or a whitepaper. And just as with startups, there’s all sorts of criteria to assess whether or not a particular cryptonetwork and the team behind it is equipped to deliver.

But for the purposes of applying the Howey test at this stage, it’s relatively straightforward:

  1. Is there an investment of money? Yes: Anyone else who invests at this time is doing so with real money.
  2. Are people investing money with an expectation of profit? Yes: The investor is hoping to get paid at some point based on the eventual appreciation of the network token when and if the network becomes functional.
  3. Is that expectation of profits based on the efforts of others? Yes: In order for the investor to realize profit, the “others” (in this case the sponsor of the network) need to actually build the network.

Under this framework, a contract where someone provides money to the network sponsor before the network is built — in exchange for a promise to receive tokens at some point in the future — is likely an investment contract; current U.S. securities laws would apply for the token offering.

The next milestone after Pre-Network is further in the lifecycle: a Functional Network. In its simplest form, “functional” should mean that the network does what the sponsor said it was designed to do. Did those who invested money in the pre-network stage based solely on a whitepaper really get the “efforts of others” (i.e., the network sponsor) — which they were relying on to have a shot at realizing a return on their investment?

One complication that arises here due to the inherent difference between oranges and other such hard(ware) products is that software is never really done; after all, bug fixes and updates can go on for the lifetime of a software service. So, the “functional” assessment at this stage isn’t about whether another line of code is ever written, but rather, whether the network can do what it was promoted to do — can users utilize a token on the network for some specific purpose; can miners verify transactions on the network; and so on.

In applying the Howey test to Functional Networks, there are different constituents to consider:

Users of the network. These users are investing some money in tokens for the functional utility of those tokens on the network — not with an expectation of profit (or investment intent). For example, people who want to buy storage on a network, or get early access to a particular application, or other such use cases. Thus, under Howey, these tokens are not securities. This is not unlike the juicers who make orange juice from oranges.

Miners of the network. But what about “miners” (and validators, in proof-of-stake systems) — those who contribute computational resources (hardware/electricity, other effort) to verify transactions on the network? These users/entities are effectively service providers who take on this expensive computational work in exchange for tokens. Whether or not those users also speculate on those tokens is a separate matter; and in fact, in proof-of-stake systems, they are required to hold and bond their own tokens as a way to align incentives (more skin in the game) for validating transactions correctly.

Proof-of-work miners technically haven’t made an “investment of money” in obtaining their tokens, beyond of course the capital/tools and time required to provide the service. And while proof-of-stake miners (validators) do have to purchase some tokens in order to participate in the network, it’s a buy-in (the “stake”) that enables them to become active service providers on the network. However, in a very different line of cases from the 1990s, the SEC has taken the position that “investment of money” doesn’t always have to involve an exchange of money. For example, when a brewery gave a free share of its stock to anyone who purchased a case of beer, the SEC argued that there was a value exchange of some kind even though the customers didn’t pay out of pocket for the stock itself. And in other cases, the SEC has argued that “paying” with property or services may also satisfy the “investment of money” prong of Howey. Thus, it’s worth keeping this prior Howey context in mind when distinguishing the role of miners/validators in cryptonetworks.

Now, is there also an “expectation of profit”? Obviously, miners don’t provide expensive computational resources for nothing — also note, as described earlier, that lack of steady computational resources is where previous decentralized networks failed. But compared to the speculators who bought cases of beer in the 1990s in exchange for stock, miners/validators are more like a UPS, moving packages for Amazon’s network; they’re more in the business of running tight operations — and therefore need to generate cash now — than in the business of speculating about future prices (though some of them might be).

All of this means we need to turn to the “efforts of others” prong of the Howey test to complete the analysis. This is where the definition of “functional” really matters: If the network is functional and its success — and thus the realization of profit — is no longer substantially dependent on the creator/sponsor, but rather on the market’s demand for the functioning utility of the network, then we’re no longer relying on the “efforts of others”. Of course, the network sponsor may still be involved in the network by doing software updates and bug fixes. But under Howey, the tokens themselves in functional networks should not represent investment contracts.

Receivers of airdrops. One other example to consider are those who get tokens via an “airdrop”, which for our purposes means they received tokens directly from the network sponsor without paying for them. These airdrops can range from benign gifts to early supporters, to a fraudulent scam (not unlike phishing, where someone is trying to get someone else’s credit card data for instance). More often, though, airdrops are word-of-mouth marketing and awareness campaigns for ICOs and new cryptonetworks. While the Howey analysis for airdrops could be similar to what we described above for miners, there is no investment of resources of any kind on the part of those who receive them (although some have suggested that registering on a website and giving up contact details would be enough of a value transfer to count as consideration for the purchaser of otherwise free tokens).

But the bigger picture here is that airdrops are more than just free tokens. They can be used to help seed or set the tone for a cryptonetwork; for example, by drawing in coders and users (making it a more developer focused network) as opposed to say, speculators (price-focused) as token holders. Because the networks that win will be the ones that cut through the hype and come to market with functional code, building the right community early on is critical to success.

Those who invested pre-network. Coming full circle, what about those investment contracts purchased in the Pre-Network phase? Those contracts were indeed securities when purchased, but what if those investors now want to receive the tokens that underlie that contract — are the tokens themselves then securities?

Since the nature of an investment contract (orange plots/services) can be distinct from the nature of the object of the investment contract (the oranges themselves), the nature of the token itself — not the token sale agreement — would need to be analyzed under the Howey test. If the profit expectation for a token in a functional network is not substantially reliant on the efforts of others (i.e., the network sponsor), then the token itself may not be a security.

At first blush, this may seem odd — that a contract for a to-be-built token could be a security, but not the token itself? Yet it’s exactly what the securities laws were intended to protect: If network sponsors lie about what they’re building or otherwise try to sell me a bill of goods, I have recourse to sue them under the securities laws (as does the SEC) because the contract I purchased is a security. I can’t realize my profit expectation if they don’t deliver on their promises; as a pre-network investor, I am completely reliant on the sponsor promises that induced me to buy the contract in the first place. But once that contract falls away based upon the network sponsor’s completion of the critical work, the network sponsor has no further obligations to me, and the value of the underlying token itself/ success of the network no longer wholly relies on or is primarily attributable to them.

After the pre-network and functional stages, the final stage in the developmental lifecycle of some crypto networks is that they become Fully Decentralized. Not only does the network deliver its intended functionality, but at this stage the network sponsor no longer has unilateral control of the network itself. Because the code and data is all open and therefore able to be forked, the network can go in different directions — and different versions can operate under different rules (as well as different governance models and mechanisms for voting).

There are other features of decentralized networks as well, but the key point here is that a truly decentralized network is largely at the mercy of the community to determine its future functionality. With cryptonetworks, there are a number of foundations and companies contributing to the development and improvement of the shared infrastructure. With Internet 1.0 protocols (such as HTTP, etc.) there do remain somewhat centralized standards bodies (like the W3C consortium) responsible for the upgrade and maintenance of the protocols. But, the value of network resources (like domain names or websites/companies built on top of the network) don’t depend on the actions and decisions of these groups. So for all intents and purposes those protocols act as if decentralized. For cryptonetworks, there are multiple organizations, not just one, all freely delivering different proposals and solutions; people are not just dependent on one.

With more mature cryptonetworks, the profits (if any) of a token holder are no longer reliant in any material way on “the efforts” of — in Howey test terms — the network sponsor. The actions of network sponsors, working groups/ standard bodies, or other maintainers shouldn’t significantly affect that value. Those cryptonetworks are now instead subject to broad market forces, much like other commodities and futures. A useful conceptual analogy here is gold: Think of the future, more mature phase of cryptonetworks as separating the company that mines the gold (whose value is dependent on both the effort of others as well as the price of the commodity) from the gold itself (valued on the price of the commodity alone). If the network provides utility that has value to users, the token should appreciate in value based on market conditions; if not, the value could fall.

*    *    *

The big picture here is about the evolution of networks — and about blockchains and tokens as key tools for incentivizing the creation, coordination, and maintenance of “community owned and operated digital services” built on top of those networks.

However, there’s something else to keep in mind here about the inherent nature of this technology, and how it’s a difference of kind not just degree: the role of “smart contracts”. These digital contracts are self-validating (“smart”) — they don’t require, say, a notary or other middlemen at center (they’re decentralized) — so the entire network of distributed computers essentially runs itself, by executing code submitted by developers within rules embedded in the protocols of these networks (“contracts”).

Regulatory compliance plays out very differently in this more mature and functional context. This is because these smart contracts are also building blocks on which a larger ecosystem of digital services — from file storage to games to medical records to many more — may operate. Transactions are ideally executed at the level of milliseconds; adding layers of compliance could halt these innovations altogether as they would not scale. Furthermore, there’s no reason for those builders to then try to compete with existing centralized services. No one would have used email if it had been much slower than mail. No one would buy or sell oranges if Howey had mandated that the regulatory framework for the investment contract (the plots/services agreements) were the same as that for the object of that contract (the oranges). And so on.

Hopefully a regulatory and security framework will evolve that takes into account the lifecycle of cryptonetworks, and incents strong teams with working open source code over ones with empty promises. Because the good actors in cryptoeconomic networks — developers, entrepreneurs, builders, investors — are focused on value creation, not just value extraction. They’re focused on building the next phase of the internet, which, if allowed to flourish, could create a more vibrant, open, and more inclusive internet.