Governance of decentralised systems is an unlikely 'hot' area for researchers, technologists and lawmakers alike
Governance and regulation. These words don't sit at all well with blockchain and its revolutionary foundational credo. But as cryptocurrencies have multiplied use cases for blockchain have grown, like it or not, so have those necessary evils.
But the global extent of public decentralised networks and the fact that most are open-source community-led projects presents some unique challenges in ensuring that decision making power and control do not become concentrated in one place - i.e. that they remain 'decentralised' - while avoiding decision-making paralysis and inefficiency. Then there's the complication of cryptocurrency tokens.
Tokens are central to the functioning of many decentralised networks, providing the fuel for their internal markets and incentivising good behaviour, and but they are also sold to raise funds and traded speculatively.
Of particular concern to regulators like the US SEC is whether tokens should be seen as utilities, and therefore beyond the scope of financial regulation, or securities in which case a whole heap of rules apply. Regulators are also digging into the exchanges where cryptocurrencies are traded. Know Your Customer (KYC) and Anti-Money Laundering (AML) laws are now in force in many countries, notably the US.
Outside of the financial arena, there is much discussion about how data protection regulations such as GDPR should apply to systems for which they were not designed; and within the projects themselves, many are struggling to work out how to allocate decision-making power without inadvertently replicating the centralised model they are trying to replace.
For these reasons, in the 'Web 3.0' world, governance is suddenly a word on everyone's lips.
Beyond bitcoin
The upswell of revolutionary idealism that greeted bitcoin had its roots in the birth of the web two decades earlier. In 1996's A Declaration of the Independence of Cyberspace, John Perry Barlow wrote of a digital utopia free from intrusions by governments of the industrial world, but by 2009 that dream was gone. Then along came bitcoin and its promise to make government obsolete and the passion reignited.
So far at least, cryptocurrency has not led to the collapse of the banks, but as blockchain use-cases proliferate beyond bitcoin, inevitably there are many more points of contact with the rest of the world. It is here, in the exchanges, wallets and interfaces with other networks, that the need to clarify the rules of engagement becomes avoidable.
We really need to be thinking about how we can design for more rules-based web - Jamie Burke
Far from ushering in a utopia, the lack of rules embedded in the original web has caused all sorts of problems, allowing the rapid spread of disinformation, malicious bots, fraud and data insecurity, commented Jamie Burke, CEO of Outlier Ventures, an incubator and investor in decentralised, AI and IoT technologies. And if we extrapolate those trends into the vastly more complex landscape of smart cities and autonomous trading bots that make up the emerging Web 3.0, we ain't seen nothing yet.
"We really need to be thinking about how we can design for more rules-based web," Burke said. Decentralised networks offer this potential, but decentralisation is not enough.
More decentralised than thou
Decentralised, peer-to-peer networks are a major technological breakthrough, allowing disparate individuals and organisations to reach agreement on actions and transactions in the absence of a central authority. While use cases are still emerging, they could be the basis for inclusive, secure and transparent systems covering many aspects of public and private life. But some are more decentralised than others in their operations and governance structures. Does this matter, and if so why and in what contexts? Unsurprisingly, it's complex.
Ben Koppelman is a governance specialist who has advised both government policymakers and blockchain and AI startups. There is an urgent need to start thinking beyond the technology, he argues. Leaving everything to automated algorithms and smart contracts as suggested by some technologists is a simplistic solution to a complex set of social issues, yet that's where we are.
"In a space dominated by engineers, the race to build things with new tech means the more social science side of things is often seen as an afterthought or a metric that can be worked out like any other," he said.
Just because the architecture is decentralised, that doesn't mean power is decentralised - Ben Koppelman
Yet people are not so easily excluded from the calculus, witness the failure of the DAO.
"Just because they're anti-government, the ideologues in bitcoin thought that politics somehow evaporated, but I always thought that was nonsense," he said. "There are still people involved. There's no such thing as a pure technology; it's always embedded in social systems. Just because the architecture is decentralised, that doesn't mean power is decentralised."
Decentralisation can become a mantra, a goal in itself. It may seem very new, but there are parallels elsewhere and not only in tech. In the political sphere, decentralisation has been in vogue, off and on, since the Second World War, but efforts such as introducing markets into public services have rarely lived up to their sales pitch as a panacea for moribund hierarchies, Koppelman points out. While there have been some successes, they are usually a result of many other factors coming together too. Decentralisation is necessary but not sufficient, and since responsibility is more diffuse, it may bring further governance problems of its own.
As with government, so it is with networks. Decentralisation alone will not guarantee a more equitable system. Without checks and balances, it's likely that the core developers of a decentralised network such as a blockchain will become very powerful indeed; after all, it is they who understand the complex technology, and it is they who release updates to the code. This tension has already caused conflicts within the bitcoin community and others, revealing that the network may be decentralised but political power certainly is not.
What projects need, Koppelman said, are carefully designed systems, a separation of powers by which responsibility for approval of new code and its implementation are devolved to the wider community of users.
At the interface
Crypto-tokens provide the networks' incentive layer, rewarding good behaviour and making bad behaviour prohibitively expensive. As such, tokens provide utility, enabling internal markets and providing a built-in governance structure of sorts. But these tokens are bought with fiat currencies on exchanges and increasingly those exchanges are subject to local or international regulations.
Moreover, with each network essentially a self-contained entity, what happens when they are integrated (which they inevitably will be)? Will there be some sort of API where the currencies are exchanged at the border, or will a single currency be adopted, and how will this affect the internal markets and governance? If currencies are exchangeable between networks will that change their classification from utility to security in the eyes of important regulators like the SEC? And if KYC rules are applied to cryptocurrencies, what does that mean for anonymity and security if a database of personal information must be stored somewhere?
For Koppelman, it is exactly at these interfaces between systems where workable rules need to emerge, and the rules will need to be multijurisdictional. Exchanges can be anywhere in the world.
The local nature of current regulation is problematic for those like Burke who see Web 3.0 as a global public utility. There needs to be more innovation alongside the distributed ledger technologies (DLTs) to make this work, he said, but at least the regulators seem to be getting to grips with the fact that cryptocurrencies should not all be regulated in the same way.
"It's a slightly painful journey, but the fact that the SEC has effectively said that ethereum is not a security indicates that they fully understand the distinction, as do other regulators, but they're wanting to control all the naughty stuff happening alongside it."
Next page: The challenges of GDPR, token sales and identity
