Welcome back to Not Legal Advice! It’s been two weeks since the last update, so there’s no point wasting time with a long preamble – let’s get right down to it. This week:
- FinCEN issues stark warning to stablecoin administrators.
- Ethereum Foundation Head of Special Projects, former Enterprise Ethereum Alliance Mainnet Working Group Chair accused of assisting North Korea to evade sanctions
- Supreme Court denies cert in a Section 230 Communications Decency Act case, Daniel v. Armslist, No. 2017AP344 (Wis. Ct. App. Apr. 19, 2018)
1) FinCEN issues stark warning to Stablecoin administrators
Not much to say here except that FinCEN has fired a shot across the bow of MakerDAO or similar schemes which hold themselves out as decentralized protocols, but also carry out money transmission-like functions. From FinCEN Chairman Kenneth Blanco:
“Because we are technology-neutral, we can say with complete clarity that for AML/CFT purposes, it should be understood that transactions in stablecoins, like any other value that substitutes for currency, are covered by our definition of ‘money transmission services’,” Blanco said.
“This means that accepting and transmitting activity denominated in stablecoins makes you a money transmitter under the [Bank Secrecy Act]. It does not matter if the stablecoin is backed by a currency, a commodity, or even an algorithm – the rules are the same. To that point, administrators of stablecoins have to register as [money services business] with FinCEN.”
Pretty stark. However, seeing as no regulatory action has been brought against a stablecoin to date (apart, perhaps/unconfirmed, from Basis, which shuttered its doors rather than launch) whether any particular unlicensed stablecoin is determined to be money transmission, and on whom the liability for operating it will fall, remains to be seen. Although FinCEN will have a lot of options if they choose to wade into the paddling pool. As I put it on Twitter:
2) Ethereum Foundation Head of Special Projects, former Enterprise Ethereum Alliance Mainnet Working Group Chair accused of assisting North Korea to evade sanctions
From the DOJ:
[Virgil Griffith is accused of violating the] International Emergency Economic Powers Act (“IEEPA”) by traveling to the Democratic People’s Republic of Korea (“DPRK” or “North Korea”) in order deliver a presentation and technical advice on using cryptocurrency and blockchain technology to evade sanctions. GRIFFITH was arrested at Los Angeles International Airport yesterday and will be presented in federal court in Los Angeles later today…
…As alleged, Virgil Griffith provided highly technical information to North Korea, knowing that this information could be used to help North Korea launder money and evade sanctions. In allegedly doing so, Griffith jeopardized the sanctions that both Congress and the president have enacted to place maximum pressure on North Korea’s dangerous regime.
…Despite receiving warnings not to go, Griffith allegedly traveled to one of the United States’ foremost adversaries, North Korea, where he taught his audience how to use blockchain technology to evade sanctions. By this complaint, we begin the process of seeking justice for such conduct.
Whilst Griffith is innocent until proven guilty, the complaint doesn’t look great. Griffith apparently posted about his visa application process and intent to travel to North Korea publicly on his Twitter account. Other members of the Ethereum community failed to challenge and, in some cases, encouraged Griffith to make the trip. Griffith voluntarily consented to not one, but two interviews with the FBI, presumably without the assistance of counsel, in which he, among other things, admitted the conduct, admitted he intended the conduct and admitted he wanted to renounce his U.S. citizenship.
There are really only three things I have to add to this.
First: anyone who made a lot of money in Ether should understand that just because you made one good investment back in 2014, and haven’t had to do any real work since, doesn’t mean you are a polymath. More likely (but certainly not in all cases), you’re a dumbass and you got lucky. Somewhere, out there, your doppelgänger mortgaged his house twice to invest in Algorand shortly after it listed on Binance. He was ruined. You were not.
This is not to begrudge your legal if not moral entitlement to your wealth, which you won with a roll of the dice, fair and square. It is simply to say that however clever you may think you are, you are not clever enough to go toe-to-toe with the FBI without the assistance of counsel. No one is.
Second, this is an appalling governance failure by the Ethereum Foundation and the Enterprise Ethereum Alliance, two organizations principally concerned with promoting the adoption of the Ethereum cryptocurrency, and in which Griffith apparently held senior positions.
From what I can glean from the indictment, the purpose of the trip was principally to market Ethereum to the North Koreans as a sanctions-evading tool. Yes, North Korea using your coin will drive up demand for that coin. But it’s North Korea. Someone should have prevented Griffith from making this trip. Someone should have told him his position would be untenable if he went. The Ethereum community, its organizational bodies, and its leadership should have, when faced with the choice between the United States and North Korea, unapologetically and emphatically chosen the United States.
That’s not what happened.
There are things more important in this world than getting your favorite coin to the moon. Crypto is a high risk business as it is and private companies, consortia and nonprofit foundations alike need to be mindful of increased exposure arising due to the actions of rogue senior employees who wander off the reservation. If someone in your organization is going to do something like this, no matter how much crypto he might hold, no matter how much of an OG he might be, tell him “no.” If for whatever reason he insists on continuing, fire him.
Third and finally, all that remains, as with other federal criminal proceedings against early Ethereum participants such as Stephen Nerayoff, is to watch this play out.
3) Supreme Court denies cert in a Section 230 Communications Decency Act case, Daniel v. Armslist, No. 2017AP344 (Wis. Ct. App. Apr. 19, 2018)
Armslist was a big Section 230 case in which a gun marketplace website which is basically “Craigslist for Guns,” Armslist.com, was sued by the survivors of a victim of a shooting that involved the use of a gun purchased through the site.
Plaintiff Daniels lost at first instance, won on appeal, and lost again at the Wisconsin Supreme Court. Last week SCOTUS denied cert, ending the case.
As told by the plaintiff’s cert petition, the plaintiff alleged that:
after years of threats and violent abuse, Zina Daniel Haughton (“Zina”) obtained a domestic abuse restraining order against her estranged husband, Radcliffe Haughton (“Haughton”). The order, issued by the Milwaukee County Circuit Court to protect Zina, prohibited Haughton from possessing a gun, and made him a “prohibited” firearms purchaser under federal and state criminal laws. But Haughton knew how to easily circumvent the law and the order. He went on the Internet and visited Armslist.com. Armslist.com is an online gun marketplace specifically designed to facilitate the illegal purchase of firearms by people like Haughton, who the law forbids from buying guns.
Note: the contention that Armslist is intentionally designed to facilitate unlawful firearms transfers is both material and disputed. Assume for the moment what the Wisconsin Supreme Court found, which is that Armslist is intended to be used for lawful commerce in arms, even if site users are able use it for unlawful purposes.
But I digress. The plaintiff continues:
As intended by Armslist.com’s negligent and intentional design features, Haughton found a person willing to sell him a gun, Devin Linn (“Linn”), and quickly and easily obtained a handgun and three high-capacity magazines in an all cash deal consummated in a McDonald’s parking lot three days after the restraining order was issued. The next day, Haughton used the gun he purchased via Armslist.com to murder Zina and two of her coworkers and wound four others before killing himself.
For this, the plaintiff sued Armslist, alleging numerous tort claims “including, inter alia, negligence, negligence per se – based on the violation of firearms laws – negligent infliction of emotional distress, civil conspiracy, aiding and abetting tortious conduct, public nuisance and wrongful death.”
Background: the law relating to buying a gun
There’s a lot to unpack here, particularly for my overseas readers, so let’s provide a bit of background before we continue. I preface this with the warning that this column is called Not Legal Advice for a reason, so the following is definitely, 100% not legal advice, as indeed nothing on this site is legal advice. I charge for that, and if I haven’t charged you, it’s not advice.
America is well known for being one of the few countries in the world which has very strong legal protections for civil rights as envisioned in the Enlightenment, including free speech, the right to be free from unreasonable searches and seizures, and the right to civilian firearms ownership.
The primary legal rule which protects firearms ownership in the United States is the Second Amendment to the U.S. Constitution, ratified in December 1791, which states that “a well-regulated militia, being necessary for the security of a free state, the right of the people to keep and bear arms shall not be infringed.” Much ink, digital and otherwise, has been spilled over the centuries about this legal provision; the law, as stated in District of Columbia v. Heller 554 U.S. 570 (2008), is that this provision generally protects an individual right to own firearms in common use. The “militia” language which many a commentator foreign and domestic get hung up on has been ruled prefatory, not operative, and does not operate to restrict what the Court has deemed to be an individual, and not a collective, right.
This does not, however, mean that firearms ownership in the U.S. is a legal free-for-all where any man can own any weapon and use it in any manner he pleases. In fact, firearms ownership and use are very tightly regulated, although regulations can be more or less stringent depending on what state (and in some exceptional cases, such as New York or San Francisco, what city) one finds oneself in.
Generally speaking there are two layers of regulation, mirroring America’s two layers of sovereignty: federal, which primarily concerns itself with interstate transactions in firearms, and state-level, which must apply the federal rules for transactions in interstate commerce, but are free to adopt less stringent regulations for transactions which occur entirely within their own borders.
The principal federal rule on firearms transfers that one encounters in daily life is found at 18 U.S. Code § 922(a)(1), which states in relevant part that
“It shall be unlawful— (1)for any person— (A) except a licensed importer, licensed manufacturer, or licensed dealer, to engage in the business of importing, manufacturing, or dealing in firearms, or in the course of such business to ship, transport, or receive any firearm in interstate or foreign commerce”.
The short version of 922(a)(1) is this:
- if you sell a gun across a state line, you do so as a regular business or trade, and you don’t have a federal firearms license (an “FFL”, which acronym is used to refer to both the license and licensees interchangeably) you’re going to jail.
Then there’s 922(a)(5), which states it is a crime:
(5) for any person (other than a licensed importer, licensed manufacturer, licensed dealer, or licensed collector) to transfer, sell, trade, give, transport, or deliver any firearm to any person (other than a licensed importer, licensed manufacturer, licensed dealer, or licensed collector) who the transferor knows or has reasonable cause to believe does not reside in (or if the person is a corporation or other business entity, does not maintain a place of business in) the State in which the transferor resides; except that this paragraph shall not apply to (A) the transfer, transportation, or delivery of a firearm made to carry out a bequest of a firearm to, or an acquisition by intestate succession of a firearm by, a person who is permitted to acquire or possess a firearm under the laws of the State of his residence, and (B) the loan or rental of a firearm to any person for temporary use for lawful sporting purposes;
- If you’re a private seller you can’t transfer a gun to someone who isn’t a resident of your state, unless it’s part of a decedent’s estate and the transfer is being effectuated pursuant to a will or intestate succession.
Then there’s also 922(b)(3), which states
(b)It shall be unlawful for any licensed importer, licensed manufacturer, licensed dealer, or licensed collector to sell or deliver—(1)any firearm or ammunition to any individual who the licensee knows or has reasonable cause to believe is less than eighteen years of age, and, if the firearm, or ammunition is other than a shotgun or rifle, or ammunition for a shotgun or rifle, to any individual who the licensee knows or has reasonable cause to believe is less than twenty-one years of age;(2)any firearm to any person in any State where the purchase or possession by such person of such firearm would be in violation of any State law or any published ordinance applicable at the place of sale, delivery or other disposition, unless the licensee knows or has reasonable cause to believe that the purchase or possession would not be in violation of such State law or such published ordinance;(3)any firearm to any person who the licensee knows or has reasonable cause to believe does not reside in (or if the person is a corporation or other business entity, does not maintain a place of business in) the State in which the licensee’s place of business is located, except that this paragraph (A) shall not apply to the sale or delivery of any rifle or shotgun to a resident of a State other than a State in which the licensee’s place of business is located if the transferee meets in person with the transferor to accomplish the transfer, and the sale, delivery, and receipt fully comply with the legal conditions of sale in both such States.
- An FFL can’t sell a handgun to anyone under 21 or a rifle to anyone under 18.
- An FFL can’t sell someone a firearm to a resident of another state if they’re not allowed to have it pursuant to the laws of that state, i.e. a resident of Connecticut cannot drive to New Hampshire and buy an AR-15 from an FFL.
- An FFL can’t sell a handgun to someone who doesn’t reside in their state, although they can sell a rifle or shotgun if (a) the buyer meets with the FFL in person and (b) the sale would be kosher in both states.
All these rules mean the process of selling guns across state lines can be a little clunky. By way of worked example, Alice Atlanta is a hobbyist collector of firearms. If Alice Atlanta wants to sell a handgun – let’s say a Glock 19, arguendo – to Bob Birmingham, Alice would need to
- transfer the firearm to an FFL in Georgia,
- the Georgia FFL would need to ship the firearm to an FFL in Alabama, and
- Bob would need to acquire the firearm directly from the Alabama FFL.
Ordering from an online store similarly requires the online store to transfer to an in-state FFL of the recipient, rather than shipping direct to the recipient, and the in-state FFL will then customarily charge a handling fee to the ultimate purchaser on top of the purchase price. If Alice transferred the firearm to Bob on the sly in a parking lot in Gadsden, Alice would be breaking the law. If Alice were actually running a business out of the back of her car, and not just a mere hobbyist, she’d be breaking two laws.
Another federal rule involves background checks. Specifically, 18 U.S. Code § 922(t), which states in relevant part that
a licensed importer, licensed manufacturer, or licensed dealer shall not transfer a firearm to any other person who is not licensed under this chapter, unless— (A)before the completion of the transfer, the licensee contacts the national instant criminal background check system [note: known as “NICS”] established under section 103 of that Act; (B) (i) the system provides the licensee with a unique identification number; or (ii) 3 business days (meaning a day on which State offices are open) have elapsed since the licensee contacted the system, and the system has not notified the licensee that the receipt of a firearm by such other person would violate subsection (g) or (n) of this section; and (C)the transferor has verified the identity of the transferee by examining a valid identification document (as defined in section 1028(d) of this title) of the transferee containing a photograph of the transferee.
- if you are the recipient of a transfer of a firearm from an FFL you need to present photo ID and you either need to (a) pass an instant background check through NICS, the national criminal database, or (b) NICS needs to fail to come back with an answer within three business days of asking NICS whether you’re legally allowed to own a gun, before you can take possession of that gun.
Acting in concert, what these provisions do is require any interstate transfer to go through an FFL and pass a background check.
When a gun doesn’t cross a state line, however, this is not currently the province of the federal government, but rather it is a matter for the states. Even if the federal government could constitutionally assert jurisdiction over intrastate transactions (which, given the historically overbroad application of the Commerce Clause, it probably could) there simply hasn’t been the political will to do it for over 50 years. As a consequence, states have different and highly varied rules around firearms transactions that occur within their own borders.
I am not a Wisconsin lawyer, but Wisconsin’s rules, according to the Giffords Law Center, allow private sellers to transfer firearms between one another without performing a background check, which is completely legal federally as long as a state line isn’t crossed.
Armslist is, for the purposes of these transactions, like Craigslist, a classifieds site, which doesn’t perform diligence on the postings made on it. It matches the buyers and sellers, but does not perform any diligence or enforce specific compliance rules for each transaction. It is conceivable that all of the transactions on Armslist are legal; it is up to the users to actually put in the work to comply with local and federal laws, which they often do not, with attendant state and federal consequences.
Back to Daniels’ (failed) attempt to disapply Section 230 in Armslist
But Armslist is being sued here, not its users. Daniel argued that Armslist should be held liable for users’ misdeeds as it was providing its services in bad faith, in that
Armslist designed the site to easily facilitate firearms sales for otherwise prohibited possessors, like Zina’s husband. For example, she alleged that Armslist allows a prospective purchaser to filter sellers to find “private sellers” that are not required to perform background checks before selling firearms. Nor does the website require users to create accounts but instead allows them to operate anonymously. She also alleged that Armslist does not take action to delete illegal or unlawful posts.
Based on all these features and omissions, Daniel’s complaint alleges that Armslist knew or should have known that its website would put firearms in the hands of dangerous, prohibited purchasers, and that Armslist specifically designed its website to facilitate illegal transactions.
Armslist invoked Section 230 of the Communications Decency Act (“Section 230”) in its defense.
I have written about Section 230 before. Section 230 is a provision of federal law that says, broadly, two things:
- In Section 230(c)(1), platforms and users of those platforms are not liable for content created by other users (known in the statute as “Information Content Providers”).
- In Section 230(c)(2), platforms are immune from liability for making good-faith moderation calls that result in material being removed from the platform.
Armslist is principally a Section 230(c)(1) action.
Those of you new to Section 230 should note that the immunity is very specific. It does not confer legal immunity upon a website simply because they are websites, as politicians like Sen. Josh Hawley falsely claim to push ill-conceived laws through Congress. Rather, it confers civil immunity and immunity from state laws for user-generated speech that is posted on their platforms but which the website did not itself make. So, by way of example:
- Let us stipulate that rap megastar Dr Dre was born to human parents in Compton, Los Angeles County, USA, on 18 February, 1965.
- Dre protégé and fellow rap superstar Snopp Dogg, also born and raised in L.A. County, maliciously accuses Dr Dre of being a Martian – i.e., an alien from the planet Mars – in a Facebook post, despite knowing that Dre was born in L.A. County. Dr Dre sues Snoop Dogg and Facebook for defamation. Facebook would be immune from Dre’s suit, thanks to Section 230.
- Snoop Dogg accuses Dr Dre of being a Martian in a post on Facebook. Facebook issued a press release saying that it believed Dr Dre is in fact from the planet Mars, which is untrue, as Dr Dre is from Compton. Dre sues Snoop Dogg and Facebook for defamation. Facebook would not be immune from Dre’s defamation suit for the press release.
Those are extreme/clear cut examples. But what happens, for example, when:
- Snoop Dogg takes out an ad on Facebook saying “Dr Dre is a Martian.” and Facebook Ads representatives respond that referring to someone as a Martian is hate speech and suggest using the term “extraterrestrial” instead. Dre sues Snoop Dogg and Facebook for defamation.
- Snoop Dogg takes out an ad on Facebook saying “Dr Dre is…” and Facebook has a pre-populated group of personal characteristics including “tall,” “a good rapper,” “a regular reader of the Financial Times” and “a Martian.” Snoop selects the “Martian” option and Facebook runs the ad. Dre sues Snoop Dogg and Facebook for defamation.
Tricky, right? In each case Snoop Dogg initiated the ad buy, Dre was defamed, and Facebook contributed to the content, even though it did so at the behest of the user and the user was responsible for the final sign-off of the published messaging. Under the right circumstances, this might be enough for Facebook to become an “information content provider” with respect to the statement – “information content provider” being defined as, per Section 230(f)(3),
any person or entity that is responsible, in whole or in part, for the creation or development of information provided through the Internet or any other interactive computer service. (emphasis added)
…and if Facebook is an information content provider, the Section 230 shield falls away. See e.g. FTC v. LeadClick Media, LLC, 838 F. 3d 158 (2016). In Leadclick an affiliate-marketing business which displayed deceptive advertisements was found liable for statements made in those fake advertisements because they provided feedback on the content of the advertisements. For example, “[making] a false advertisement [for a dietary supplement] appear ‘more realistic’ by lowering the amount of falsely claimed weight loss.” Even if a site isn’t the principal author, affirmatively developing user generated content created by someone else can be enough to make the Section 230 immunity fall away.
This principle extends to a website’s UI, even if the website isn’t affirmatively “saying” anything in the way that one might commonly understand the term. See Fair Housing Council of San Fernando Valley v. Roommates.com, LLC, 521 F.3d 1157 (9th Cir. 2008).
Roommates.com is a website which advertises room rentals. At one time, Roommates required users to “disclose their sex, race, sexual orientation, and whether they will bring children to the household in order to use the site” in drop down menus. Roommates also provided an “additional comments” box where providers of housing could specify their preferences for renters (e.g. “black males only,” “no children”).
Racial discrimination in housing is, of course, hugely illegal. When the Fair Housing Council sued Roommates, the case worked its way up through the courts until the 9th Circuit, sitting en banc, definitively disapplied the Section 230(c)(1) immunity for one aspect of the UI but upheld it for another. The court held that while Roommates was not liable for the (entirely user-generated) comments in the “additional comments” box, they were liable for the display of the protected characteristics of prospective renters from the mandatory drop-down menus and the discrimination that this information enabled. Put another way, when the website pre-populated the choices users could complete in the drop-down menus, the website, not the user, was doing the talking. And if that speech had legal consequences, Roommates could be sued for it. As Judge Kozinski put it in his majority opinion:
Roommate created the questions and choice of answers, and designed its website registration process around them. Therefore, Roommate is undoubtedly the ‘information content provider’ as to the questions and can claim no immunity for posting them on its website, or for forcing subscribers to answer them as a condition of using its services.
Armslist qua speaker: a business that walks right up to the line, but stays on the right side of it
There are two problems with going after Armslist, then. First is that nothing about what Armslist qua Gun Craigslist does is illegal under federal law. It is also entirely feasible that every single one of its users could use the site to engage in lawful transactions. As the Wisconsin Supreme Court put it,
Armslist.com’s provision of an advertising forum and the related search functions are all “neutral tools” that can be used for lawful purposes. Sales of firearms by private sellers are lawful in Wisconsin. Further, private sellers in Wisconsin are not required to conduct background checks, and private sales are not subject to any mandatory waiting period. Accordingly, the option to search for offers from private sellers is a tool that may be used for lawful purposes…
Second and furthermore, Armslist didn’t “develop” the content users posted on the site, legal, illegal, or otherwise.
Despite the plaintiff’s assertions that Armslist was “specifically designed to facilitate” illegal arms transfers, the Communications Decency Act is specific: per the Wisconsin Supreme Court, “an interactive computer service provider will not be liable for providing neutral tools ‘even if a service provider knows that third parties are using such tools to create illegal content.'” Intent or knowledge are irrelevant since Armslist isn’t itself an information content provider, said the Wisconsin Supreme Court. The question when inquiring about Section 230(c)(1) is limited to “whether Armslist materially contributed to the unlawfulness of the third party content” such that Armslist itself became the information content provider.
The downfall of websites from Backpage to LeadClick is that site operators, keen to ensure that goods and services marketed on them appeal to users no matter how illegal those services might be, have been lured into messing with user-generated content in order to “improve” the user experience. In doing so they lower their Section 230 shield and expose themselves to civil and criminal penalties.
Armslist appears to have successfully resisted this temptation. If it hadn’t, Daniels might have been able to penetrate the Section 230 shield. But Armslist didn’t get involved with the post in question. Armslist was not an information content provider and could not therefore be civilly liable for the torts of the user, per the Wisconsin Supreme Court. Last week SCOTUS declined to overturn that decision.
A denial of cert doesn’t necessarily mean that SCOTUS agrees or disagrees with the Wisconsin court’s ruling. But it might suggest that the high court is aware of the strength of Section 230 to protect websites from litigation initiated by persons unhappy with the conduct of the sites’ users, and is in no mood – or finds no grounds – to overturn it. Entrepreneurs running their own websites should be aware, however, that Section 230 has limits and Armslist – a business that operates in an exceedingly high risk area – only escaped by not exceeding those limits.
How might have Armslist have gotten itself into trouble? Well if, like Roommates, its user interface made specific provision for illegal content, that might have been enough. For example: “Search for sellers willing to sell to prohibited possessors.” (For avoidance of doubt, Armslist has no such search function.) Or, like LeadClick, Armslist might have suggested changes to the wording of advertisements. Or Armslist might have developed an in-house seller ranking system that was not purely user-generated.
Long story short, if you’re running an interactive computer services business and some of your users are breaking the law, (a) discourage lawbreaking as much as you can, (b) cooperate with law enforcement, (c) make sure you don’t violate federal law and (d) let your users do the talking – resist the temptation to tweak user-generated content to make it look pretty. You’re a platform provider, not a seller. And, once again, this is not legal advice. If you need advice of this nature, you need to discuss your specific facts and circumstances with a licensed attorney in your jurisdiction.