For developments including new services, practices, and professionals to better serve our clients as well as our contributions to the legal and business communities, check out our News & Events section.

02 Feb 2018
With Legal Questions Swirling, New York May Be the Best Environment for Cryptocurrency

The rise of cryptocurrency as a mainstream investment has brought with it one persistent question: what are the rules? Although regulators have disagreed on how to categorize cryptocurrencies, the Commodities and Futures Trading Commission (CFTC) stated that cryptocurrencies are commodities, which are therefore subject to the Commodity Exchange Act. However, beyond these rather wide guardrails to the speeding highway we call cryptocurrency, there has been a lack of effective rules of the road.

The lack of harmonized regulations leaves retail investors in vulnerable positions. A primary concern for regulators is that cryptocurrencies are subject to artificial inflation. Specifically, the widely used cryptocurrency exchange Bitfinex, which is thought to have the highest trading volume of any cryptocurrency exchange in the world, has been subpoenaed by the CFTC for pumping up the price of cryptocurrencies whenever there was an overall market drop.[1] Although Bitfinex issues its own virtual currency called Tether, which has a value equivalent to the US dollar creating a sense of financial security,[2] the company’s practices are suspected to be market manipulation. The “Tether were used on the Bitfinex exchange to make big purchases of Bitcoin and other tokens, helping push their prices back up… It could mean that a lot of the rally over December and January might not have been real.”[3]

A strong federal regulatory structure for cryptocurrencies would require congressional action or wide-reaching coordination amongst multiple antagonistic agencies. The CFTC and the Securities and Exchange Commission are in the process of creating and implementing such regulations to protect the market and investors, but more work needs to be done on the state level. How has New York State set out to regulate cryptocurrencies? In 2015 New York pioneered cryptocurrency regulation by introducing the BitLicense, a permit needed to operate a cryptocurrency-based business in the state. BitLicenses require their holders to share in-depth information about their own operation with the New York State Department of Financial Services, thereby serving as a guard against the internal malfeasance rumored to have occurred at Bitfinex. In fact, Bitfinex actually left New York when the BitLicense was introduced. [4] Moreover, the license also requires ongoing Know Your Customer (KYC) requirements which are designed to prevent money laundering, a widespread problem with current cryptocurrency ventures. [5] Beyond this foundation, multiple new bills have been introduced in the state legislature that would further address cryptocurrency regulation. One bill would, for the first time, codify the terms “blockchain technology” and “smart contract”, a necessary step for effective future regulations. Another would create a “digital currency taskforce” to ameliorate the impact of cryptocurrencies on New York’s legacy financial markets.[6]

[1] Popper, Nathaniel. (Jan. 31, 2018) “Worries Grow That the Price of Bitcoin Is Being Propped Up.” The New York Times. Available at: Accessed on: Feb. 2, 2018.

[2] Ib.

[3] Ib.

[4] Del Castillo, Michael. (Aug. 12, 2015) “The ‘Great Bitcoin Exodus’ has totally changed New York’s bitcoin ecosystem.” New York Business Journal. Available at: Accessed on Feb. 2, 2018.

[5] Ib.

[6] De, Nikhilesh. (Dec. 4, 2017) “4 Blockchain Bills Introduced in New York Legislature.” CoinDesk. Available at: Accessed on: Feb. 2, 2018.

02 Feb 2018
Cryptocurrency Wave Crashes into the World of Real Estate

There is an old adage often thrown around political circles: money in politics is like water on pavement, it finds every crack and crevice. Substitute the economy in place of politics and it seems like cryptocurrency is on its way to becoming a real world example of this maxim. Created to bypass cash and enable incorruptible financial transactions using blockchain, a distributed digital ledger, these virtual currencies have been winding there way into an ever growing number of areas of the global financial system. With a current market cap of over $450 billion[1], cryptocurrencies have even made the leap into the physical economy, expanding their reach into real estate.

Real estate is known to offer relative stability and steady growth. In contrast, the value of cryptocurrencies can be unpredictable. However, the market with the greatest potential for cryptocurrencies so far has been residential real estate. Most real estate transactions involving cryptocurrencies have unfolded the same way. “The parties agree on a fixed price in dollars and then decide on a fair exchange rate at closing. The [cryptocurrency is] then converted to cash by a third party… which [is] then given to the seller.”[2]

The main concern with these transactions is the massive day-to-day or even hour-to-hour changes in the value of cryptocurrencies. “What seems like a fair exchange rate at the time, can seem like a steal or ripoff months later. [For example,] Ivan “Paychecks” Pacheco paid 17.741 bitcoin to Frank Mainade Jr. for a two-bedroom condo in Miami’s Upper East Side… [which] was equivalent to $275,000 with an exchange rate of about $15,500 per bitcoin. As of publish time on Thursday, those 17.741 bitcoins were worth $159,577.”[3] As regulations are still in the early stages, individuals need to be aware of the risks before exchanging real property for cryptocurrency as opposed to fiat currencies.

However, using cryptocurrencies for real property transaction is becoming a more common occurrence. A new company called Deedcoin has just filed with the Securities and Exchange Commission in preparation for its upcoming initial coin offering, a capital-raising event which disperses a set amount of cryptocurrency-based tokens to investors. Within Deedcoin’s system “buyers and sellers should be able to buy Deedcoin’s Ethereum-based tokens starting at $1.50 per token, and then use them to hire real estate agents nationwide. Agents who agree would then accept the tokens as payment in exchange for reducing their traditional commissions in U.S. dollars to as low as 1 percent, or an average of $225 per token used, the company claims.”[4] Though we have yet to learn what the true extent of the use of cryptocurrencies will end up being, it is clear that the real estate market is yet another area of the economy where cryptocurrencies are beginning to fill in the cracks.

Tips for Real Estate Buyers and Sellers Considering Cryptocurrencies[5]:

  • Do your research! Seek advice from an attorney or financial advisor.
  • Understand that cryptocurrencies are both an investment and real currencies that can be used to buy products or services, including real estate.
  • Don’t dive into the deep end without first testing the waters. Before purchasing real estate with cryptocurrencies, try buying and selling cryptocurrencies on apps such as Coinbase.

[1] CoinMarketCap. (Feb. 1, 2018) “Cryptocurrency Market Capitalizations.” Available at: Accessed on Feb. 1, 2018.

[2] Jacobs, Harrison. (Feb. 1, 2018) “Someone is selling their New Jersey house for $2.3 million in bitcoin – and it’s a growing trend.” Business Insider. Available at: Accessed on Feb. 1, 2018.

[3] Ib.

[4] Hinchliffe, Emma. (Feb. 1, 2018) “Real estate cryptocurrency startup Deedcoin secures SEC registration.” Inman. Available at: Accessed on: Feb. 1, 2018.

[5] Olick, Diana. (Jan. 11, 2018) “5 Tips before you buy or sell a home in cryptocurrency.” CNBC. Available at: Accessed on: Feb. 1, 2018.

29 Jan 2018
CFTC – Err on the Side of Caution

The Commodity Futures Trading Commission aims to “foster open, transparent, competitive, and financially sound markets” by ensuring the derivatives markets is free from fraud and manipulation.[1] The CFTC notices the significant impact of cryptocurrencies on the market, especially in light of bitcoin’s popularity, however the Commission is wary of the lack of enforcement as it announced the third case of fraud within a week.

On January 24, 2018 the CFTC discovered that the cryptocurrency known as “My Big Coin” from My Big Coin Pay Inc., founded by Randall Carter and Mark Gillespie, fraudulently induced 28 people to invest a total of $6 million. What did Carter and Gillespie do with the funds from My Big Coin? Law360 reports they used the funds for “shopping sprees and [to] pay off earlier investors.”[2] The lack of regulation coupled with the public’s eagerness to purchase cryptocurrencies has created unprotected gaps in the market leaving investors vulnerable to fraud. Fraudulent market participants are capitalizing on the hype of bitcoin by creating their own “coins” and advertising false promises to potential consumers.  Carter and Gillespie assured investors that their cryptocurrency was “widely accepted as MasterCard, that it was back by gold and that there was a genuine market for it”.[3] Unfortunately for the 28 investors, these allegations were false. Chief James McDonald of the CFTC stated: “The CFTC is actively policing the virtual currency markets and will vigorously enforce the anti-fraud provisions of the Commodity Exchange Act”.[4]

What is in store for the future of cryptocurrency and blockchain technology regulation? The Securities and Exchange Commission and CFTC stated: “A key issue before market regulators is whether our historic approach to the regulation of currency transactions is appropriate for the cryptocurrency markets.”[5] Technological advancements create the potential for investors to drive the market. Regulations need to be set in place as currently market participants are increasingly vulnerable to fraud and manipulation. However, current policies were not created to regulate such technological practices such as cryptocurrency exchanges and blockchain technology. The law and regulations are living instruments – they are designed to be challenged and restructured in light of new obstacles. It is imperative that agencies implement new policies that truly reflect the needs of the market.

Tips for investors to avoid cryptocurrency fraud:

  • Consult the CFTC and SEC websites. Both Commissions provide a series of guidelines and notes on what to look out for.
  • Do your due diligence! Research the cryptocurrency and ensure it is being traded on a bona fide platform. Ask: Is the product and offering legal? Can I sell when I want to? Does the product comply with existing fintech regulations?
  • Speak to your financial advisor to understand the inherent risks.

[1] U.S. Commodity Futures Trading Commission. “Mission and Responsibilities.” Available at: Accessed on Jan. 25, 2018.

[2] Newsham, Jack. (Jan. 24, 2018). “CFTC Announces 3rd Cryptocurrency Fraud Suit in 1 Week.” Law360. Available at: Accessed on Jan. 25, 2018.

[3] Ib.

[4] Ib.

[5] SEC. (Jan. 25, 2018) “Statements by SEC Chairman Jay Clayton and CFTC Chairman J. Christopher Giancarlo: Regulators are Looking at Cryptocurrency.” SEC. Available at: Accessed on Jan. 25, 2018.

19 Jan 2018
Financing Bitcoin?

Bitcoin continues to be the most popular cryptocurrency. Despite its fluctuating value, investors are still drawn to investing in the cryptocurrency and using it for financing purposes. Financing secured by bitcoin could help increase the cryptocurrency’s value. However, because cryptocurrency regulations are in the early stages, there are a variety of obstacles in the way.

Bitcoin uses blockchain technology, a decentralized digital ledger, which allows users to anonymously transfer payments on the internet without an intermediary, such as a financial institution. How are payments tracked? Since blockchain is not centralized, the users control the database using cryptographic keys. These keys essentially secure the users financial assets and the ledger will track every purchase or transfer bitcoin. There are two types of keys, public and private. Where the public key provides the blockchain users identity, the private key allows the user to send the cryptocurrency. The private key, however, should not be shared with anyone. This is what creates a security problem when securing bitcoin for financing.

Can bitcoin be used to secure financing? The issue is that the law has not developed at the same pace as the technology, so how can bitcoin be used as collateral for a loan and provide the lender security, such as in the event of bankruptcy? Article 9 of the Uniform Commercial Code (UCC) provides provisions regulating security interests in property. Typically a commodity is used as collateral for a loan, however, cryptocurrencies do not fall neatly within its provisions because regulators cannot agree on what cryptocurrencies are. Cryptocurrencies have been defined as “virtual currenc[ies]”, “property” and even a “commodit[ies]”, but this does not provide clear guidelines.[1] Matthew Frankle and Nora Wong suggest that in order to perfect a security interest for cryptocurrencies, such as bitcoin, and satisfy Article 9 of the UCC, “the lender would need a security agreement with the borrower to establish the lien and to file a financing statement in the borrower’s jurisdiction.”[2]

However, although this may fulfill the requirements for the UCC, it falls short it other areas. The issue relates to the blockchain and the use of private keys. At the moment, although the technology is protected, it does not provide adequate security for the lender as a third party can be aware of the key and transaction and the lender lacks full control. “To alleviate the risk of destruction or theft of the collateral, no untrusted third party must know or have access to the private key.”[3] There have been instances where individuals have lost their private keys; this possibility creates a risk to the lender.[4] To secure bitcoin for financing the technology and regulators need to find a solution that alleviates a risk to lenders, protects their interest, and ensures there is actual delivery to the lender.

[1] Frankle, M. and Wong, N. (Jan. 18, 2018) “The Challenges of Bitcoin Financing.” Law360. Available at: Accessed on Jan. 19, 2018.

[2] Ib.

[3] Ib.

[4] Ib. See footnote 27.

12 Jan 2018
The Rise of Cryptocurrencies

In 2017 the value of Bitcoin surged by 1,200 percent, ending the year at a value over $19,000 per Bitcoin. Although the value has decreased to around $13,000 today, Bitcoin remains the strongest cryptocurrency. The combination of more companies implementing blockchain technology and the surge of cryptocurrency investors has created a competitive market. Bitcoin may be the most popular, but it is not the only digital currency at the table.

The New York Times compiled a list of the top cryptocurrencies that puts Ripple in second place. [1] Ripple (XRP), which started in 2012, saw a 35,000 percent growth in 2017. Ripple provides the platform to “send money globally” with blockchain technology.[2] Its members include American Express, Santander, MUFG Bank of Tokyo Mitsubishi UFG, UBS and many more. Ripple is “the world’s only enterprise blockchain solution for global payments.”[3] Ripple’s coin XRP can be purchased by individuals with a variety of exchanges such as Kraken and CoinOne.[4]

NEM (XEM), a cryptocurrency and blockchain platform, grew by 29,000 percent in 2017. NEM’s coin XEM, which can be purchased with bitcoin or traditional currency, even provides an additional safety measure called multi signature accounts to secure your cryptocurrency.

Stellar (XLM) was created by Stellar and IBM in an effort to “[improve] the speed of global payments.”[5] Stellar creates an open access “hybrid blockchain” platform that provides all actors equal access to their global financial network. The company aptly describes its model as the “future of banking” as it successfully uses blockchain technology to facilitate secure cross-border transactions. Stellar provides lumens as a digital currency, which can be purchased through Stellar Decentralized Exchange, Kraken and more.[6]

Ethereum (ETH) is a blockchain platform primarily for smart contracts, which allows Ethereum users to even crowdfund new projects. Users can “create a contract that will hold a contributor’s money until any given date or goal is reached. Depending on the outcome, the funds will either be released to the project owners or safely returned back to the contributors.”[7] Whereas Bitcoin is used as a currency, smart contracts have a greater function as they are used as “currency, a presentation of an asset, a virtual share, a proof of membership or anything at all.”[8] Ethereum grew by 9,200 percent in 2017, and can be purchased on platforms such as Coinbase.

Bitcoin Cash (BCH), also available on Coinbase, grew by 500 percent in 2017, but was only released on August 1, 2017. Bitcoin cash was created from Bitcoin as peer-to-peer electronic cash. Bitcoin cash allows investors to send money globally at a low cost within minutes using a secure system.[9]

[1] Reuters. (Jan. 3, 2018) “Bitcoin May Be King, but Ripple Dark Horse in Crypto Currency.” Available at: Accessed on Jan. 12, 2018.

[2] Ripple. Overview. Available at: Accessed on Jan. 12, 2018.

[3] Ripple. Home Page. Available at: Accessed on Jan. 12, 2018.

[4] See

[5] Reuters. (Jan. 3, 2018) “Bitcoin May Be King, but Ripple Dark Horse in Crypto Currency.” Available at: Accessed on Jan. 12, 2018.

[6] See

[7] Ethereum. Home Page. Available at: Accessed on Jan. 12, 2018.

[8] Ib.

[9] See

10 Nov 2017
What You Need to Know About Initial Coin Offerings

“Regulators have never seen a new financial product explode with the speed and velocity [of ICOs].”[1] As we discussed last week, the SEC has started to regulate matters relating to Initial Coin Offerings (ICOs), such as setting out specific guidelines for celebrities who endorse ICOs and how investors should make informed decisions on the market. In the past year “$3.3bn has been raised in more than 200 ICOs” – but what are ICOs and why have they become so popular? The Financial Industry Regulatory Authority (FINRA) has published a comprehensive explanation for individuals looking to invest in trendy ICOs.[2]

In an Initial Public Offering (IPO), a company offers its shares of its stock to the public and investors receive ownership rights of that company. However, an ICO is substantially different as investors do not obtain ownership rights and instead of a prospectus they typically receive a white paper that sets out the details of the ICO. “In an ICO, a company creates a new virtual coin or token that they offer for sale and disseminate to purchasers using blockchain technology”.[3] Blockchain technology is a digital, decentralized ledger which can record any type of transaction on a peer-to-peer basis. These tokens are purchased using fiat or virtual currencies (such as bitcoin) and are subsequently recorded on the ledger.

FINRA explains that an ICO “involves the creation of a new virtual coin or token by a company looking to raise money.”[4] In a sense it is a type of high-tech crowdfunding. However, this is different than a bond since investors are not lending the money and there is no guarantee on the gains or losses. Can an ICO be a securities offering? Yes. As we noted last week, if the ICO is a securities offering, the company must adhere to U.S. federal securities laws and register with the Securities and Exchange Commission. As an investor, it is important to verify that the ICO offering securities meets SEC guidelines, unless it is exempt and therefore limited to accredited investors. There is a fine line between tokens on a blockchain platform and securities – the “SEC, for instance, argues that the technology is irrelevant: when tokens are used to raise funds, they are securities.”[5] However, advocates for ICOs argue that these tokens have a greater and more complex purpose. Many companies to avoid scrutiny from the SEC have offered options and futures for tokens, which “[dodges] the problem posed by projects that do not yet use the tokens.”[6]

Before purchasing tokens in an ICO, it is imperative to read the company’s business literature, terms and conditions, and white paper. These will set out the investors’ rights and benefits, how the tokens can be sold or exchanged, and whether reselling on a secondary market is permissible. Typically, ICO’s differ from IPOs as they do not grant ownership rights and therefore “token holders may not have any voting rights or influence on a company, its governance and how funds are used.”[7] It is key for investors to do their due diligence before making investment decisions so that they are aware of their rights.

The encryption methods used in blockchain technology make it secure, reliable and transparent. However, as the use of virtual exchanges are still new investors should ensure that companies take the necessary steps to “protect their platform and products” from cyber security threats. FINRA has published a list of scams and red flags to look for before investing in ICOs.

[1] The Economist. “regulators begin to tackle the craze for initial coin offerings.” The Economist. Available at: Accessed on Nov. 10, 2017.

[2] FINRA. (Aug. 31, 2017) “Investor Alerts. Initial Coin Offerings: Know Before You Invest.” FINRA. Available at: Accessed on Nov. 10, 2017.

[3] Ib.

[4] Ib.

[5] Op. Cit. n1.

[6] Ib.

[7] Op. Cit. n2.

03 Nov 2017
Celebrities and Cryptocurrencies

Cryptocurrencies have become increasingly popular over the past year, especially Bitcoin which has increased over 800 percent in value.[1] Today, the cryptocurrency is worth over $7,300 per bitcoin. Bitcoin’s value has jumped this week due to the Chicago Merchantile Exchange’s (CME) statement that they are planning to launch Bitcoin futures in this year’s fourth quarter.[2] Providing futures, which are contracts setting forth the time and date an asset must be purchased or sold, will “provide investors with transparency, price discovery and risk transfer capabilities.”[3] Reuters explains how this is “a major step in the digital currency’s path toward legitimacy and mainstream financial adoption”[4] if this plan receives approval from regulators. However, offering bitcoin futures to promote cryptocurrencies is not what is troubling regulators.

The Securities and Exchange Commission (SEC) published a statement on November 1, 2017 regarding the potential unlawful promotion of celebrity endorsements of cryptocurrencies.[5] The SEC explains that investments in Initial Coin Offerings (ICOs) can include securities, therefore individuals who offer and sell these securities must comply with U.S. federal securities laws or they will be violating the anti-touting and anti-fraud provisions. The SEC states that:

“Any celebrity or other individual who promotes a virtual token or coin that is a security must disclose the nature, scope, and amount of compensation received in exchange for the promotion. A failure to disclose this information is a violation of the anti-touting provisions of the federal securities laws.”[6]

As the use of cryptocurrencies becomes more popular, the SEC wants to ensure that individuals are making strategic and safe investment decisions rather than making investments based on a celebrity endorsement. Typically these celebrities do not have the “expertise to ensure that the investment is appropriate and in compliance with federal securities laws”, therefore it is essential that the details of the promotion are clearly disclosed.[7] Even the U.S. Federal Trade Commission warned ninety celebrities, “influencers”, and brands that endorsements for products on the market must disclose to the public whether there was a paid deal.[8] The SEC notes that investors should always do independent research before investing and has provided an Investor Alert guideline available here.

[1] Kelly, J. (Nov. 1, 2017) Reuters. Available at: Accessed on Nov. 3, 2017.

[2] CME Group ( Oct. 31, 2017) “CME Group Announces Launch of Bitcoin Futures.” CME Group News Release. Available at: Accessed on Nov. 3, 2017.

[3] Ib. per Terry Duffy, CME Group Chairman and Chief Executive Officer.

[4] Kelly, J. (Nov. 1, 2017) Reuters. Available at: Accessed on Nov. 3, 2017.

[5] U.S. Securities and Exchange Commission (Nov. 1, 2017) “Statement on Potentially Unlawful Promotion of Initial Coin Offerings and Other Investments by Celebrities and Others.” SEC Public Statement. Available at: Accessed on Nov. 3, 2017.

[6] Ib.

[7] Ib.

[8] Fair, L. (Sept. 7, 2017) “Three FTC Actions of Interest to Influencers.” Federal Trade Commission. Available at: Accessed on Nov. 3, 2017.

13 Oct 2017
U.S. Regulators and the Fintech Industry: Unity for Innovation

The U.S. needs a “sandbox for regulators” that would encourage government agencies to explore blockchain and related technological innovations to avoid falling behind forces that are reshaping the markets they govern”.

Jeff Bandman, the owner of the advisory firm Bandman Advisors and former fintech advisor for the CFTC, presented a plan for U.S. regulators to help drive innovation for the fintech industry on October 12, 2017 at the U.S. Securities and Exchange Commission panel. Since the rise of blockchain technology there has been an increasing tension between the fintech industry and regulators; the foundation of the issue being that regulators have not agreed on a way to regulate the industry. Why? Because they both grow at different rates. This is evident through the growth of bitcoin (the most common use for blockchain technology so far). Bitcoin’s value in the past year has jumped from $400 per bitcoin to over $5,600. For the past year there has been a period of adjustment for regulators, but now they must decide how to react to an advancing industry. Blockchain technology has the potential to revolutionize clearing and settlement, in addition to other sectors such as decentralizing healthcare data. The fintech industry is revamping the way companies conduct business, how information is stored and exchanged, and the way in which people invest.

Regulators move at a much slower pace than the technology because they must ask the essential questions to safeguard the market and protect investors’ interests. Bandman poses the important question: “what is the proper role of the regulator?” Bandman explains that, yes regulators need to “ask the tough questions” and ensure “customer protection, market integrity, [and] financial stability”, yet they must also “engage with these new technologies and innovators, to learn about their capabilities, and make themselves accessible to innovators.” Essentially, for blockchain technology and fintech to progress, government agencies, particularly the SEC, need to become familiar with the application of these innovations when drawing up regulations. There needs to be active engagement on both ends.

As cybersecurity breaches for large companies and institutions, including the SEC, become a common occurrence, it is paramount that regulators play an active role with the fintech industry to safeguard sensitive data. Bandman explains that blockchain technology’s advance cryptography and decentralized nature “may make information stored in distributed ledgers safer than traditional methods”. However, this poses a new obstacle for regulators. The decentralized nature of blockchain technology means that regulators need to shift their focus from central actors to activities. For investor related activities this would actually be beneficial for regulators as they would be able to detect fraudulent and illicit activities quicker than by going through an intermediary party such as a broker or bank. Bandman asserts that if regulators integrate blockchain technology, it will give them access to “real-time regulation” on the markets instead of waiting for end of day reports. This in effect will greatly benefit regulators so that they can “see through the windshield instead of the rear-view mirror. They may be able to detect wrongdoing, or predator or deceptive practices, at a much earlier stage.”

The technology is new and continues to change day to day, however, U.S. regulations must reflect the nature of the fintech industry and ensure that new guidelines and laws integrate these innovations.

30 Jun 2017
Cyberattacks And How To Prevent Them

On June 27, 2017, a global ransomware attack affected computers in the U.S., Europe, India, Russia, and the Ukraine, similar to a computer virus known as Petya or Petrwrap, but more intense than the May cyberattack that impacted 150 nations with the ransomware WannaCry. Bill Wright, senior policy counsel for the cybersecurity firm Symantec, explains that “[o]nce you unleash something that propagates in this manner it is impossible to control.” And companies could not control the attack as DLA Piper lawyers showed up to work early Tuesday only to see a sign stating: “All network services are down, do not turn on your computers! No exceptions.”

The hackers used methods stolen from the National Security Agency and targeted major companies, law firms, financial institutions, and hospitals. Including: the pharmaceutical firm Merck & Co., Russia’s leading oil producer Rosneft, Britain’s WPP (the largest advertising agency), Deutsche Post’s Ukraine division, law firm DLA Piper, the Russian central bank, multiple Ukrainian banks, and hospital chain Heritage Valley Health System. The hackers encrypted some of the world’s most sensitive information and demanded a payment of $300 in Bitcoin (roughly $777,700 USD) as consideration for the decryption code.  According to the American Lawyer and blockchain records, 27 organizations have paid the ransom. Perhaps if these companies kept their information secure using blockchain technology, they would not have run into this problem in the first place since there is no centralized source with blockchain, making it virtually impossible to hack.

Between this week’s global malware outbreak, the attacks on Weil Gotshal & Manges and Cravath, Swaine & Moore last March, and the leak of the “Panama Papers” from Mossack Fonesca, law firms more than ever have an incentive to adapt their measures, technology and policies to safeguard client information. How can firms protect themselves for a major breach of security? Establish and maintain an enterprise security system to protect all electronic documents and conduct and document regular risk assessments. Installing and implementing thorough and precise cybersecurity measures, technology, and policies is essential. These practices will mitigate malware risks, provide procedures on how to locate and eliminate the virus, and attract future clients. These policies however need to be monitored not just by IT, but by the attorneys and support staff. In case of a cybersecurity attack, it is helpful to have an off-site back-up server that is frequently maintained to re-install any lost information. Firms should have cybersecurity insurance to cover the ransom, forensic investigator contracts, and legal expenses related to the malware attack.

Furthermore, law firms should also have in place malpractice insurance policies that protect against cybersecurity liability in case privileged or otherwise confidential client information is released due to the malware. Attorneys can be held liable under professional negligence such as in the case Millard v. Doran No. 153262/2016, where a real-estate attorney who used AOL email for her legal practice was liable for professional negligence for not implementing any cybersecurity protection measures and for using a server that was “notoriously vulnerable” to hackers.

Law firms with clients in the financial or health sector are subjected to further cybersecurity regulations. Pursuant to 23 NY CRR 500.03 and 500.01(n), (d), (g) and 500.11(b), the New York Department of Financial Services requires financial institutions to comply with cybersecurity regulations, which includes assessing their law firms’ (who fall within the ambit of Third Party Service Providers) cybersecurity measures and ensure law firms do not misuse nonpublic information. FINRA regulates broker-dealer firms in regards to cybersecurity as well. However, these regulations transfer to broker-dealer’s law firms if the firm is negligent in monitoring the client’s security practices. In regards to any client matters relating to health, data protection is covered in the HIPAA Data Security Regulations and the HIPAA Privacy Regulations. Law firms here fall within the ambit of “business associates” and are directly liable under HIPAA for any data breaches.

For firms that are located in both the U.S. and EU, it is imperative to understand the different regulations in each jurisdiction. The European Union has implemented the Data Protection Regulation for all Member States, which will be in effect on May 25, 2018. This Regulation requires law firms to notify clients in the event of a data breach.

Click here for a regulation implementation timeline.

14 Apr 2017
Security Measures for Bitcoin and Blockchain

Bitcoin and blockchain are on the rise as cryptocurrencies are becoming increasingly popular around the world. As financial institutions are rushing to file patents and implement blockchain technology, other companies are focusing on bitcoin and blockchain security measures so that large companies feel more secure using this innovative technology. Bitcoin and blockchain’s main criticism is the lack of security. Financial technology startups and financial institutions are collaborating around the world to make the use of bitcoin and blockchain technology more secure, efficient and user friendly.

Nets, an electronic payment provider based in Copenhagen, Denmark, works with 240 banks and is now collaborating with the software developer Chainalysis “to help banks validate bitcoin transactions and comply with regulations” (Reuters (2017) “Nets Partners with Blockchain Analysis Firm to Fight Dirty Bitcoins” New York Times). Chainalysis determines the “risk of doing business” with customers using blockchain and exchanging bitcoins. The software company can detect suspicious behavior and can    locate the source of the bitcoin funds being traded. Chainalysis works with legal and investigatory authorities such as Europol. Their technology is important to regulate illicit activity such as money laundering.

The main concern large companies and financial institutions have is that bitcoin previously fueled the dark web, such as through Silk Road. This online platform permitted anonymous users to sell illicit drugs, weapons, and forged documents using bitcoin as the currency. The collaboration of Nets and Chainalysis will facilitate financial institutions when preventing customers using cryptocurrencies for money-laundering or any other illicit activity. The issue of customers using cryptocurrencies in traditional financial institutions is that the banks need to be able to trace where the funds originatedin order to comply with legislation and anti-money laundering regulations. Therefore, banks need to tackle the risks for the growing financial technology industry. Chainaylsis CEO Michael Gronager says that “[w]e can make risk assessments and analyze block chain activities … And banks are interested in being able to risk-score customers, so they do not end up being used for money laundering.”

The partnership of Nets and Chainalysis has been beneficial to the Nordic market as it provides financial institutions with the tools necessary to combat any illicit activity when using bitcoin. The head of Fraud & Dispute Services at Nets, Katy Rintala, asserts that “banks have held back on facilitating Bitcoin payments because they didn’t have the tool we are now able to offer them.” Now, blockchain technology essentially traces bitcoin transactions and Nets with Chainalysis can create greater security measures to protect financial institutions and their customers using bitcoin.

In the U.S., the technology company Chain Inc. is working with Thales Group, an international security company, in order to create a secure platform for companies to use blockchain technology. The concern for companies and financial institutions is that blockchain technology is not completely secure. Chain “partners with organizations to build, deploy, and operate blockchain networks that enable breakthrough financial products and services.” As they believe bitcoin and blockchain are the future for all our financial assets, their main priority is securing the existing technology.

These two companies have created hardware security modules (HSM) which the companies have said are “highly secure processors designed to safeguard passwords and ‘digital keys’ – to make it more attractive for large companies to adopt blockchain”. What companies are Chain Inc. and Thales Group targeting? Large companies such as Khosla Ventures, RRE Ventures, Capital One, Citigroup, Fiserv, Nasdaq, Orange and Visa, who have already invested $40 million in Chain. This new technology, the combination of Thales’ HSMs and Chain’s technology to “operate blockchain networks”, enables these large companies to securely store data on the blockchain. Since blockchain is not centralized, the users control the database using cryptographic keys. These keys essentially secure the users financial assets. What Chain’s technology does is provide a further layer of high-grade security and privacy for large companies who hold sensitive and confidential information.  Chain’s mission is to make blockchain technology so secure for leading companies that the future of our assets will all be digitalized. This trend of financial technology start-ups collaborating with large companies and financial institutions illustrates the growing potential for cryptocurrencies in our economy. Once security measures have been ironed out, bitcoin and blockchain technology will become even more popular amongst these companies.

facebook twitter linkedin instagram
Guzov sends quarterly emails that highlight industry trends and updates to our News & Press.
  1. Loading ...
Guzov sends quarterly emails that highlight industry trends and updates to our News & Press.
  1. Loading ...