Not Legal Advice, 11 March 2020 – How to ensure your startup survives the Coronavirus

As seen on CoinDesk, welcome back to another edition of Not Legal Advice.

This week, we take a slight detour from securities regulation and statutory interpretation into the nitty-gritty of running a company in the middle of a global crisis, something which – fundamentally – involves thorny legal problems.

What everyone needs to remember is that the coronavirus outbreak is not the end of the world. It sucks, but when it burns out – as it surely must – life will return to normal and all of the assets will be very, very cheap.

See also: The Markets Were Already Vulnerable, Then Came Coronavirus

This isn’t the world’s first recession and it won’t be the last. It’s not the world’s first pandemic and it won’t be the last. The key for entrepreneurs is to keep a cool head about you, don’t do anything stupid (if you have never used firearms, for example, now isn’t the time to acquire one and start carrying it while wearing a gas mask on city streets), and adopt a war footing while you steer your companies through choppy waters for 12-18 months.

While the crisis persists, your company will have obligations it is expected to perform. When the crisis recedes and the courts reopen, your company will need to provide an accounting of its obligations and answer for any it has fallen short on in the meantime.

Here’s how:

1. Protect your employees.

In my opinion, the first job of early-stage founders isn’t to protect their investors, but rather their employees.

Cognizant that the formal legal duty of an officer of a company is to promote the success of the company for the benefit of its members, early-stage firms usually fall into one of two buckets – founder-owned, or founder-and-VC-owned – and the identity of the shareholders changes a lot about where a company’s business priorities tend to lie.

In my experience, purely founder-owned companies tend to view their closest staff – who help the company make money – as assets, and regard VCs as a distraction.

Founder-and-VC-owned companies, on the other hand, tend to regard their investors and investor relationships as a major asset of the company, at least until they manage to get the business moving under its own power. Investors’ interests tend to take precedence in such businesses.

There’s nothing wrong with either approach; sometimes the tech you’re building is so early stage that you have no choice but to accept investor funds if you want to spin up a business. However, keep in mind that (a) venture investment accepts a high degree of failure as inevitable and (b) failing to keep your employees safe from an epidemic may result in the sickness or death of the employee, possible onward transmission to third parties and adverse health consequences for you, your business, and society at large.

Put another way, the venture investors can afford to lose a little money. Your employees can’t afford to get sick. Now, not next week, not tomorrow, but today, is the time to write up and plan to implement policies around halting staff travel, staggered off-peak commuting, modified paid sick leave and disability cover, and working from home.

Communicate these policies to your employees. See e.g. Coinbase’s contingency plan as an example of best practice. These things may result in a slight reduction of productivity or less “face time” in the office, but they will save lives and they will protect your workforce. People who you will have to work with again, face to face, once the epidemic subsides.

2. Cut your burn rate. Now.

When the Saudis dropped the OPEC equivalent of a nuclear weapon on the markets, tanking the price of a barrel of Brent crude to $30, it became clear that the coronavirus crash was going to have some wider consequences for the U.S. economy – chiefly, the bankruptcies of many middle American shale oil firms.

These companies will be among the casualties of the coming recession. If you don’t want to be a statistic, you absolutely must plan for at least a year of highly adverse business conditions.

Don’t wait for things to turn around or hope that the markets will turn; previous globe-spanning epidemics have taken 12-18 months to fully shake out and, absent a pharmacological intervention which renders the Coronavirus epidemic an unpleasant but nonlethal illness, you should plan for the next year to be a very bumpy ride. Expensive office space, dead weight on the team – all of it needs to go, now. Don’t be afraid to make hard calls.

3. Whatever the deal is, close it. Now.

To quote Ryan Selkis, “The startup fundraising market just got absolutely f*cking walloped. Sequoia’s ‘Black Swan’ post will spook dealmakers, and lead to recut deals, startup layoffs, and distressed M&A.”

Following the above, if there’s a deal on the table – either an acquisition or a venture financing – on less than optimal but nonetheless acceptable terms, take it. Now is the time to go on offense in terms of closing any commercial transaction that will facilitate your business’ short-term survival or any return of capital for yourself or your investors.

See also: Bitcoiners in Europe Reflect on Economic Shocks as Coronavirus Spreads

The same applies to closing new customers. If you’ve only got 12-18 months of runway, start grinding on revenue – now.

VC investors are herd animals. Right now that herd is living out the conspiratorial prepper fantasy we in the tech crowd have entertained for years: hoarding freeze dried food, buying crossbows (most VCs live in San Francisco or New York, so they can’t own firearms) and preparing to hole up in bunkers or Bay Area apartments for the long haul. Your startup is not at the top of their list.

4. Review your insurance.

If you’re looking to get insurance coverage for the coronavirus and related business interruptions, I have bad news – there probably isn’t a prospective fix here, and it’s possible that a lot of markets that did cover this type of risk might go out of business.

This doesn’t mean that you’re not covered at all or that you shouldn’t put certain types of cover in place. If you’re a very early stage company, you’ll probably want to put basic coverage in place for e.g. general liability that some of your contracts and leases will require you to have.

If you already have insurance in place, review your policies. It’s possible to find coverage in surprising places – and the assistance of counsel can help you uncover it. If you manage to uncover a policy which happens to cover a Coronavirus-related loss, before filing a claim, make sure you reach out to counsel before you submit it to increase the likelihood of its success.

5. Review and restructure your contracts.

As part of your burn rate review, look at your supplier agreements, lease agreements, and other agreements that are costing you a lot of money and which you might do better without. If there’s a force majeure clause that permits you to terminate the agreement, consider whether doing so might not be a bad idea.

If the coronavirus has interfered with the contract such that performing it has been rendered essentially impossible, there may also be common law remedies like frustration or impossibility which you can invoke. There may even be express early termination provisions that are directly on point. If you know what the terms of your contracts are, this will help you to know which ones you can jettison.

Even if you think you can’t jettison them, it might be worth approaching your counter-parties to try to restructure the deal. You won’t get an abatement in your rent or released from a fixed term agreement if you don’t ask for it. A mutually agreed negotiation ahead of time is nearly always preferable to acrimonious litigation after the fact.

6. Put in place a succession plan.

In the eyes of a virus, a CEO and an intern are exactly the same; indeed, if the CEO is older, the CEO is likely more vulnerable to the virus than more junior members of staff.

Don’t, like Quadriga, give one person the keys to the entire kingdom. Have disaster recovery plans in place and a chain of command so that if one member of staff is taken ill or dies, the company can continue operating as a going concern. Back up your data in multiple geographic locales.

Stay safe out there.

Not Legal Advice, 2 March 2020 – The States Can’t Blockchain

As seen on CoinDesk, welcome back to another edition of Not Legal Advice.

I’ll let everyone reading this column in on a little secret: The definitions of “blockchain tech” used by various state legislatures to look technologically astute are something of a running joke among the hardcore crypto-lawyer set.

One exception to this is the definition used by Vermont and California, the least-bad definition of a chain I’ve read so far. Those laws refer to “a mathematically secured, chronological, and decentralized ledger or database.”

Simple, straight, to the point. I give California and Vermont a solid C-minus: the definition hits the high notes, but it also probably captures an instance of Postgres-XL that stores passwords as MD5 hashes. This is quite obviously not what the definition is supposed to do, but because it’s poorly drafted, that’s what it does.

Other states are far, far worse. Take, for example, Arizona’s definition, which says “blockchain technology” is

“a distributed, decentralized, shared and replicated ledger, which may be public or private, permissioned or permissionless, or driven by tokenized crypto economics or tokenless… protected with cryptography, is immutable and auditable and provides an uncensored truth.” 

“Uncensored truth.” What the hell does that even mean? Anyone who has a passing familiarity with blockchains will know that blockchains can’t guarantee an “uncensored truth” as they only show the transactions that validators committed to the chain. If censorship happened, we’re not going to find out about it, because it isn’t going to be there. “Tamper-evident” would be a more accurate description.

Furthermore, not all blockchains are ledgers, just as not all databases are ledgers.

D minus, Arizona. See me after class.

Then there’s Colorado, which doesn’t define “blockchains” but, in a bill about state records, just refers to them in plain English. Simple, and, if put in front of a judge, it probably works. Colorado also gets points for the zany title of its blockchain-aware legislation: “an Act Concerning the use of Cyber Coding Cryptology.”

Fabulous. A+.


Connecticut — my home state — gets a solid F for its latest effort. The short story here is that someone managed to convince a member of the state house to introduce a bill that would abolish non-compete clauses in employment contracts where a “blockchain” company was one of the counterparties.

If you wish to see my testimony on the bill you may find it in full here. Apart from being very anti-business, the bill also proposes a definition of “blockchain” so broad that it would capture practically any contract with any employee of any company that employs distributed software architecture of any kind.

It defines “Blockchain Technology” as a

“distributed ledger technology that uses a distributed, decentralized, shared and replicated ledger that may be public or private, permissioned or permissionless and that may include the use of electronic currencies or electronic tokens as a medium of electronic exchange”. 

If you recognize this, it’s because you have seen something very close to it before in Arizona (and Rhode Island, New York, Tennessee and Michigan, among others). The fact that this definition is the law in Arizona doesn’t mean it’s correct.

A blockchain, as any informed person will tell you, is a hash-linked chain of blocks. If we wanted to be a little more specific, we might say “a hash linked chain of blocks that usually (a) uses digital signatures to authenticate transactions, (b) P2P networking protocols to communicate those transactions and (c) Merkle trees to render the transaction log tamper-evident.”

The Connecticut bill doesn’t do this. It continues by defining “Distributed Ledger Technology” as a critter which

may include supporting infrastructure, including blockchain technology, that uses a distributed, decentralized, shared and replicated ledger, whether public or private, permissioned or permissionless, and that may include the use of electronic currencies or electronic tokens as a medium of electronic storage.”

This definition is both duplicative and incorrect.

Not all distributed databases are distributed ledgers, despite the fact that this bill treats them as one and the same on a plain English reading. Not all distributed systems are “decentralized,” either, despite the fact that the bill defines a blockchain system as “distributed and decentralized.” Similarly, not all blockchain systems are decentralized.

The term “decentralized” itself lacks a uniform and concrete definition in both (a) industry and (b) under any law in any jurisdiction of these United States or indeed the world. “Decentralized” is an adjective, like “fluffy” or “happy,” and the word has no place in laws deciding what software should or should not be regulated by the government.

“Why should we care?” I hear you ask.

Well, the problem with a sloppy and overbroad definition is that sloppy definitions lead to sloppy and overbroad application on businesses that the drafters didn’t intend to capture.

Second, the fact that Connecticut legislators felt the need to copy-paste other states’ terrible definitions reveals only that they and legislators of other states have absolutely no clue what they’re doing. It’s like stealing an answer key to a test, only stealing the wrong key: if everyone makes the same mistakes, everyone’s probably cheating.

Third and finally, banning non-compete clauses in employment contracts for software firms is a great way to ensure that software firms stay out of your state, and Connecticut needs all the jobs it can get.

Summing up, state legislatures have proved only one thing with bills that define “blockchain” incorrectly: that they don’t understand the technology. Accordingly they shouldn’t be writing laws that regulate it.

Legislators passing “blockchain” laws should keep it simple in the operative text, add necessary context in the preamble, rely on the Golden Rule of statutory interpretation — that is, follow the literal meaning of the words in a statute, except where the result would be absurd — in case of disputes and leave it at that.

If states want to promote the use of blockchain tech, they need to be advised by people who possess a solid technical understanding of what they’re trying to legislate, the commercial issues involved in deploying that technology, how to speak clearly about both of those things, and who are independent and disinterested.

If the current laws on the books are any indication, the states have a lot of work to do.

Not Legal Advice, 20 Feb 2020 – The three-year token “Safe Harbor” proposal would be hilarious if it weren’t so serious

This is the latest installment of my column, Not Legal Advice, which now runs as a biweekly column on CoinDesk. As the name suggests, this is Not Legal Advice. Nothing I say is legal advice unless you have paid me a hefty retainer and signed an engagement letter. This installment of Not Legal Advice is the first to have run on CoinDesk. Read it here or read it below. Or don’t. It’s your life. Live it.

1) “CryptoMom” Hester Pierce proposes token safe harbor

Much ink has been spilled over the last six years about the extent to which U.S. securities laws can and should apply to the sales of cryptographic tokens by protocol developers.

The default position that a conservative law firm will follow is that in the U.S. the sale of a token by a protocol developer before a token network is launched is the sale of a security. Current Securities and Exchange Commission (SEC) policy appears to say that, in the life of any cryptocurrency, there will come a point when the token has been distributed to sufficiently many hands and the network’s architecture is sufficiently distributed – or as SEC corporate finance director Bill Hinman put it in 2018, “sufficiently decentralized – where purchasers would no longer reasonably expect a person or group to carry out essential managerial or entrepreneurial efforts,” and thus the token ceases to be a security.

SEC Commissioner Hester Pierce, aka “Crypto Mom,” thinks the government should facilitate startups that want to have a go at turning their definitely-are-securities-today into maybe-not-securities-tomorrow. She has proposed a safe harbor to achieve this, whereby token startups will be given a three year head start to take an ICO coin and turn it into a “decentralized” network, i.e. one which

“is not dependent upon a single person or group to carry out the essential managerial or entrepreneurial efforts… (such that) the tokens must be distributed to and freely tradeable by potential users, programmers, and… secondary trading of the tokens typically provides essential liquidity for the development of the network and use of the token.”

The three year safe harbor period will allow protocol devs time to

“facilitate participation in, and the development of, a functional and/or decentralized network, unrestrained from the registration provisions of the federal securities laws so long as [certain] conditions are met.”

In other words, under the proposal, crypto projects would be able to sell securities to the public and work towards “decentralization” by, among other things, selling still more of these securities and creating a robust market for these securities, in the hope that engaging in the sale and marketing of these securities will turn them into non-securities, despite the fact that they will function in the marketplace exactly as securities do today at all relevant times.

This proposal would be hilarious if it weren’t so serious.

The most significant issue is that the proposal relies on a standard for “decentralization” which isn’t entirely certain today. Although the SEC has “decentralization” guidelines in print, projects that appear technically indistinguishable receive differing regulatory treatment for reasons that, to industry experts, are not immediately apparent.

Take, for example, Eos, Sia, and Telegram. Eos claims to have raised north of $4 billion in a year-long, rolling ICO that kicked off with the purchase of billboard advertising in Times Square, New York, at the Consensus 2017 conference. Sia did an unregistered ICO also, raising roughly $150,000.

Telegram, by contrast, endeavored to sell its tokens to US persons via the Rule 506(c) exemption of Regulation D. At a predetermined future date, Eos’ and Sia’s presale tokens converted to live network tokens. At a predetermined future date, Telegram’s presale tokens were to convert to live network tokens.

Eos was fined $24 million, or about 60 basis points on $4 billion, and walked away, and its once-were-securities-but-I-guess-now-they’re-not coins continue to be listed on major exchanges. Comparatively smaller offender Sia was fined $250,000, or twice what they raised, and walked away. Telegram, by contrast, drew an emergency injunction in the Southern District of New York and the project has ground to a halt.

Of course, there are reasons why the SEC might be friendlier to some startups and less friendly to others. For example, startups that approach the SEC and cooperate will be treated more gently than those that do not. But, fundamentally, the real problem here is that the SEC’s “decentralization” test, as currently used, and as proposed to be used in the future, is unquantifiable to the point of being unconstitutionally vague.

There is no agreed statutory or technical definition of what makes a project more or less “decentralized.” Even highly technically competent (and prominent) developers and industry marketers cannot agree on a uniform definition of the term, which more often appears to be marketing-speak than as a definite, measurable quality, I struggle to see how the government should be in a better position to do so.

For this reason I would struggle to advise a client seeking to adhere to the “decentralization” test whether they are decentralized or not.

The only thing that is made clearer by this proposal is that, to paraphrase an industry colleague, “’blockchain technology’ and Mom & Pop investors don’t have lobbyists. Coinbase does.”

This proposal is fantastic for startups who need capital, market venues who need trading volumes to survive, and the lawyers who advise them. For this reason I don’t expect that many U.S. law firms will raise significant objections to this proposal which, if adopted, would almost undoubtedly be the single greatest creator of transactional legal work since the invention of securitization.

It would facilitate a headlong rush of issuers into the lightly-regulated crypto-capital markets as every company in the world sought to obtain American investors’ capital without selling them so much as a single basis point of equity or taking on a single dollar of debt, all without needing to sort out the details for 36 months.

If that’s the rule the SEC wishes to adopt and the result it wishes to bring about, that’s the Commission’s prerogative. I might suggest that a simpler approach would be for the government to approach tokens like it approaches Bitcoin: treat coins sold in an initial coin offering as something sold, a securities sale, and treat a mined coin as something made, a mere commodity, which will still allow for a great many experiments in blockchain tech to flourish without creating incentives for every company in America to launch its own token.

2) Crypto scam numbers on the rise

The Wall Street Journal reports on 8 February:

Seo Jin-ho, a travel-agency operator in South Korea, wasn’t interested in exotic investments when a colleague first introduced him to PlusToken, a platform that traded bitcoin and other cryptocurrencies. But the colleague was persistent…
His investment grew at a dazzling rate. He invested more—a lot more. In less than five months, he bought $86,000 of cryptocurrencies, cashing out only $500.

The story ends in a familiar way, with Seo Jin-ho losing all of the money he invested.

Crypto-analytics company Chainalysis estimates that after a fairly busy 2017 in which $1.83 billion was “invested” in crypto scams, 2018 was a quieter year. This is perhaps understandable given the noises that the SEC made from January through November.

In 2019, however, a staggering $3.99 billion – that’s billion with a B – was reportedly lost to crypto-investment scams. This suggests that regulatory intervention in 2018 was not aggressive enough to deter the continuing growth of “scam” activity.

Clamping down on scams is almost universally understood as an important prerequisite to mass adoption and acceptance of cryptocurrencies as a viable payment and financial services technology. When asking why investors seem so uniquely susceptible to crypto scams, it bears mentioning that each of the top ten coins in circulation was issued otherwise than through a regulated channel, with the SEC and Department of Justice, at least as far as the public is aware, declining to take action against ethereum, tether, XRP, litecoin, Binance Coin, bitcoin cash, bitcoin SV, and tezos, and taking a $24 million punt on EOS, despite there being identifiable promoters for each project (usually a notionally non-profit foundation but sometimes a for-profit entity).

The absence of an adequate regulatory regime means that a new “scam” project is virtually indistinguishable from one that has shed that label through accidental success. The marketing material for, say, ethereum and for any “scam” currency are primarily found on informal channels such as internet fora and Twitter promotional posts rather than in the form of an offering circular. The closest thing to “legitimacy” that any particular project can obtain is a listing on Coinbase or Binance, commercial actors with commercial interests that call for them to list and trade more coins in greater volumes, regardless of the gain or loss to investors.

A “safe harbor” that made it more difficult for retail investors to distinguish bona fide projects like Blockstack from known scams like OneCoin for a three-year period would likely undo much of the progress towards mainstreaming crypto adoption that has been made to date, which has seen large institutional players like Bakkt or Fidelity Digital Assets enter the space.

NIRP is going to ruin everything

Sam Altman, from the Valley, posted this question, which I know a lot of people have been asking:

Here’s what I replied:

I am a child of the global financial crisis (GFC).

I’m not an economist, but I spent the first half of my professional life working out the consequences of the last debt crisis, the existence of which most economists missed until it was far, far too late to stop. Any securitization lawyer who still had a job in the wake of the GFC – between New York and London there were probably a few hundred of us – will know exactly what broke in these transactions, what modifications needed to be made to fix them, and who needed to take a haircut as these fixes were implemented.

If you don’t know what securitizations are, those are the structured debt transactions which nearly brought down the economies of the Western world in 2008, an event that was stopped only by massive government and central bank intervention.

As a paralegal in a big city law firm’s securitization team in 2007, I remember reading about the gradual ticking up of default rates in the outer boroughs of New York City and asset writedowns by big banks. I was living in the City of London when Lehman went down. I remember the images of bankers clearing out their desks. I remember the long faces worn by all of the other bankers who remained employed, that week. I remember Bear Stearns going down earlier that year, and friends from university losing their first jobs. I remember the conference room on the top floor of the shipping company’s headquarters across the street from my shoebox-sized (25m square) apartment on Charterhouse Square in which I lived in my final year of law school, ablaze with light at midnight as its officers tried to position the company for the coming storm.

I remember it being overcast, drab, and gray, just like the boring, too-small suits British professionals tend to wear. I remember reading about how the overnight lending markets froze up – completely. I remember, months later, hearing how the United Kingdom was less than twelve hours away from ATM machines being switched off.

It was the end of the world. I will never forget any of this as long as I live.

I started by first job as a junior lawyer in 2009, at the same firm where I had worked as a paralegal. I spent the next five years of my career being principally concerned with securitizations. Specifically, I worked on teams that took these transactions apart, and personally spent most of my billable hours drafting documents or doing diligence for transactions that restructured or unwound deals that had gone, or were on their way to going, south. The bonds in these deals failed because they were backed by cheap debt, which itself was backed by worthless assets, the prices of which had been vastly inflated by the availability of cheap debt. What many of them shared is that the cheap debt never had any chance of being repaid on schedule, if at all.

This cheap debt therefore had no business ever being originated. Yet it was.

NIRP and the potential for an associated out of control “NIRP Bubble” gives me the willies because it is the ultimate creator of cheap debt. It creates systemically cheap debt. Cheap debt looks like a great deal at the time for happy borrowers. NIRP reduces the price of money itself – it makes low rates systemic across virtually every category of borrowing (unlike, say, mortgage securitizations, which confined the cheapest debt to secured loans – although the attendant boom also loosened credit conditions generally). It turns every man, woman, and child in the Western world into happy borrowers whenever we borrow. But, as with the subprime crisis, debt cannot stay cheap forever. Cheap debt eventually becomes expensive debt. And when that happens, if the debt load is too high, you get a debt crisis.

NIRP is very possibly laying the groundwork for a massive debt crisis which will be as obvious to our children, in hindsight, as the subprime bubble seems to us. “Well of COURSE people shouldn’t have overstated their income and taken out ARMs they couldn’t afford.” Well of course we shouldn’t have funded state entitlement programs with trillions in low-interest debt and ensured our governments and, by extension, our societies were addicted to low interest rate revolving credit facilities writ large.

Central bank rate setting is basically an adjustable rate mortgage for states and their entire economic systems.

Subprime borrowers?

The problem is that here the central banks, though nominally independent, are in fact subject to the whims of the political apparatus, and NIRP/cheap debt solves a lot of short term political problems. Not only does it juice the economy (longest bull run in history!) but it prevents governments from needing to make what Habermas identified in Legitimation Crisis as their most fundamental choice in resource allocation – between the demand for welfare by the populace and a low tax burden by enterprise – and putting that risk off for the future in the form of debt, which accumulates as and is quantified by the annual budget deficit and accumulated debt balance.

Habermas understood that this is a very dangerous game. States are, when they do this, creating expectations of satisfaction of what he termed “programmatic demands.” i.e. “stuff the population expects will get done, otherwise they’ll revolt.” The title of the book, Legitimation Crisis, refers to Habermas’ description of what happens when a state is ‘no longer able to satisfy the programmatic demands it has set for itself.’ The risk breaks out into the open, leading to the untethering of institutions and political expectations, upheaval, and revolutionary change. Accumulating debt is the process of deferring making hard choices between certain programmatic demands. When a state does this it reduces political risk in the present by increasing political risk in the future.

NIRP is the ultimate expression of state-sponsored entities kicking the can down the road.

We see this happening in places like Venezuela or Zimbabwe, but we think that it cannot possibly happen in the United States. We’re smarter than that. We’re bigger than that. We’re better than that, we think.

But the thing is, we’re really not.

The subprime crisis got its start when hitherto-illiquid markets for real estate got access to global capital markets and cheap debt. Cheap debt appeals to the eternal human proclivity towards high time preferences. So when we flood the world in it, this financing is going to be taken up and used. With gusto.

Increasing central bank balance sheets and budget deficits across the Western world indicate this is exactly what’s happening. Yet central bank governors don’t see the monster they’re creating.

NIRP is fairly new, so I’m not saying that some debt disaster is going to happen now, or next year, or even the year after that. What I am saying is that where deficit hawks might have been wrong in the past, a stopped clock is right twice a day – and NIRP might be a critical element, a missing piece, the unforeseen development, that finally makes that narrative, which while logical has consistently been wrong, relevant.

There are a couple of critiques I’ve seen of this view, that NIRP will create a debt crisis.

“So they’ll never raise rates again. Easy.”

Then they’ll have inflation. Which is equivalent to default, is already here in asset prices, and is starting to bleed over into the rest of the economy. Some say the fact that Taco Bell managers are getting paid $100,000 a year is due to “tight labor conditions.” One could argue that the tight labor conditions are the result of a glut of cheap money. Time will tell.

“The Fed can always keep rates low by buying new notes.”

This is insane.

Debt hawks like Ron Paul are widely disbelieved these days, I think, because central bankers got away with QE without hyperinflation. As a result, they think they can get away with anything.

This critique works now. It does not work when there’s a crisis. As with all crises, the next one cannot be foreseen with absolute certainty, so folks usually assume that things will continue as they are and venerable institutions like the Federal Reserve will always have clever enough boffins with effective enough tooling to allow business as usual to continue.

It is not a stretch to assume that in a future crisis those tools will have long since run out of potency. This is widely acknowledged across the banking industry.

BI quotes the CEO of Deutsche in September of last year:

The likes of the European Central Bank and the U.S. Federal Reserve have “no conventional measures left to effectively cushion” the blow of a “real economic crisis,” Christian Sewing said at the Sibos banking conference in London.

Or Larry Summers in 2015:

Central bankers bravely assert that they can always use unconventional tools. But there may be less in the cupboard than they suppose. The efficacy of further quantitative easing in an environment of well-functioning markets and already very low medium-term rates is highly questionable. There are severe limits on how negative rates can become. A central bank forced back to the zero lower bound is not likely to have great credibility if it engages in forward guidance.

NIRP can’t work forever. Eventually rates will go up or something will break. That may take the form of inflation or hyperinflation. I query how long the Fed will be able to keep rates low while people use wheelbarrows of cash to buy bread, which is where helicopter money eventually ends. If Venezuela is an indication a central bank can engage in insane behavior for a very long long time, but I suspect the non-unitary nature of the American state and the sophistication of federal constitutional arrangements would prevent a bonkers monetary policy from holding sway for very long.

Also, this isn’t a U.S. problem but a global one. Saudi Arabia, for example, has a $12 billion dollar-denominated note out there. If it were to redenominate to Riyals, print the Riyals and use that to satisfy investor claims, that would be a default. The privileges attendant with being the backbone of the global financial system accrue to one country only, the United States, and at the moment we seem to be doing everything in our power to lose that position.

“How do you default on a negative rate note?”

You don’t necessarily have to default on that note to suffer the consequences of a default. You can effectively default by triggering runaway inflation and printing money. You can also default on some other obligation you can’t pay because you have an enormous debt load and can no longer issue new notes because the market won’t lend to you affordably or at all. That’s still a default and will affect your ability to tap capital markets.

The first things to freeze up during the global financial crisis were revolvers like ABCP and short term loans like the overnight market. The government debt sector is basically a huge RCF. Modern Western governments will cease to function if they can’t issue more debt. Freezing them out of the capital markets, even for a short amount of time, would be enough to cause an immediate political crisis.

So when will all this happen?

Who knows? This is not even a theory, more a hunch, a feeling that we’ve been here before and our leaders have failed to learn from their mistakes. This post is an introductory argument based on that hunch. I leave it to folks with advanced degrees in mathematics to model and quantify this hunch. 50-year lows in unemployment and all-time highs in the stock market don’t tell me that I should sit back and enjoy the ride. These things tell me something all-time extraordinary is happening.

I could be wrong, another debt crisis may never happen, and NIRP may herald the beginning of a glorious new era where debt is infinitely cheap and growth continues forever. My instincts tell me that forever growth will not be the end result of NIRP. I think the end result is that large debts will get accumulated, lenders will begin to lose confidence that these loans will ever be paid back, rates will go up, and debts accumulated will either no longer be capable of being serviced or revolving facilities will no longer have buyers.

Crises generally break out when there’s a shock.

I think the shock required to shake the world will need to be of global proportions. Who knows what it’ll be. A big war? An invasion of space groundhogs dropping out of warp in low Earth orbit, sent here by the Marmot Star Empire?

Maybe. But I think it’ll be something that initially looks small and contained, but which scares the hell out of investors due to its macro implications, which will set off the next big crash. And we’re not talking about a correction (which we’re overdue for anyway) but a really, really big crash that could be years off.

If Ghawar Field runs dry before our species cracks fusion, say, in the next decade, that might do it. Everyone’s growth projections would be revised down and it might become apparent that countries with huge debt loads can’t grow enough to repay them.

To conclude, all I know are two facts. First, that rates today are lower today than at any time in recorded history; second, that for all our technology and sophistication, we are nonetheless subject to the same laws of economics and thermodynamics as our ancestors.


Help! The government’s at the door and they’re asking me for data… what do I do?

I preface this blog post – part of my Not Legal Advice series – by stating that it is absolutely not legal advice and I am not your attorney. See disclaimer. If you have an engagement letter that is signed by both of us and you have put a retainer on account, then and only then am I your attorney and then and only then am I giving you legal advice.

The below is provided for general informational purposes only.

Earlier today, Kraken published its annual transparency summary:

Screen Shot 2020-01-06 at 11.21.31 PM.png
Credit: Payward, Inc (d/b/a Kraken).

They received 710 requests impacting roughly 1,222 accounts. That’s just a hair under two requests per day, or, as Kraken CEO Jesse Powell put it on Twitter, “3 if you don’t count weekends!”

ShapeShift CEO Erik Voorhees took a rather dim view of Kraken’s situation:

That’s a lot of requests, but not a crushing amount; I would imagine Google and Microsoft get more. EDIT: Although I had thought one full-time paralegal should be enough to handle that kind of workflow, at least in terms of triaging the requests and initiating exports of user data, Kraken CEO Jesse Powell chimed in to indicate that the costs of servicing these requests was considerably higher:

Clearly, government inbound creates significant overheads – although practically every major company (Google, Microsoft, Facebook, Uber) each has a team dedicated to precisely that task, in many cases headed up by a former law enforcement officer or prosecutor. The greater the volume of requests, the more expensive that business function becomes.

Before I go further, I should add: I’m a libertarian. That means that, in my heart of hearts, I don’t like government overreach or state surveillance, or state power for that matter. But I’m also an attorney (in the US) and a solicitor (in England), which means that I have to live in the real world where government has these powers and businesses large and small are obliged to respect them.

If you run a small to medium-size enterprise in crypto that deals with the public, you will get hit with a subpoena or a search warrant at some point. It’s inevitable. For folks who haven’t been served with one of these before, it can be unnerving to leaf through a court order that says YOU ARE COMMANDED TO APPEAR and IT IS HEREBY ORDERED in bold font.

So what do you do?

1) Don’t panic. It’s (probably) not about you.

Yes, it’s entirely possible that you’re the target of this legal process. But if you’ve never been served with government process before, chances are good that if the subpoena is asking for disclosure about one of your users, customers, or subscribers rather than your business operations, it’s not about you. Your lawyer will tell you what the score is.

If it is about you, you will need to respond. However, for businesses that do a lot of transactions (data or financial) with the public, it’s much more likely that preservation letters, subpoenas, warrants, or other forms of request for information aren’t about the recipient but rather are about a user of the recipient’s service, e.g., someone who sets up an account to buy Bitcoin on a Bitcoin exchange.

2) Even though it’s (probably) not about you, don’t talk to the government without the assistance of counsel.

Your lawyers should be doing the talking if any talking is to happen at all. If you really feel the need to talk with the government about the data request, go talk to your lawyers, and we will talk with the government. We deal with this stuff for a living. You don’t.

Also in the don’t-talk-to-the-government column is that when you do communicate with the government you should be exceedingly polite. Do not do something like this or its written equivalent:

When you’re served with a data disclosure request by law enforcement your job is not to make a point, even if you’re a libertarian. Your job is, at minimum, to respond to the document request as completely as you can while also protecting your interests and the interests of your business. If you’re feeling particularly civic-minded, you could also say that by being responsive to law enforcement you’re helping to keep your fellow citizens safe.

It is possible to do this without acting like a jerk. If you get an e-mail containing legal process, you don’t have to respond right away (although generally it’s courteous to let the other side know it has been received, you can let your lawyer do that – more on that below). If a federal agent calls you on the phone, get his name, phone number, and e-mail address, thank him for calling, and let him know your lawyer will call him back.

3) Preserve all documents and data.

Don’t destroy or delete anything the request could have conceivably asked for. Back it up immediately.

4) Things to be aware of before you call your attorney

4A) There (probably) isn’t a rush to respond.

There (probably) isn’t a rush to respond; look on the face of the subpoena and it should have a deadline for production on it, and that date is likely to be several weeks or even a month from the date on which the subpoena has been served.

The primary exception to this is where the government is asking for disclosure of user/customer data on an emergency basis, due to the existence of a life threatening emergency, which the government can ask for under the federal Stored Communications Act.

America is a free country, so you aren’t required to comply with any information request that is unaccompanied by legal process; however, refusing such a request when the police have advised you that there’s a life-threatening emergency (a) isn’t a good look, (b) is going to really piss the government off and (c) means the government is likely to come back later with a subpoena or search warrant compelling the disclosure anyway, and they’re not going to be particularly friendly when they do.

If you run a large business, you already have a legal department that deals with these things. If you run a small business, you don’t, so make sure you have an attorney or member of in-house staff who is responsive. By this I mean when it’s 10:30 PM on a Saturday night and you get an e-mail from the FBI’s National Threat Operations Center requesting emergency disclosure of subscriber data, your attorney or staffer is willing to drop whatever he is doing to make himself available to field that request.

The law doesn’t sleep and neither can your compliance function.

4B) You (probably) don’t have to appear anywhere.

If you’re dealing with a grand jury subpoena, I know the document says in bold and all caps “YOU ARE COMMANDED to appear at the Marmot J. Squirrelstein Federal Courthouse on [date] blah blah.” There’s also (probably) another line, which is not in all caps, further down which says “In lieu of appearance you can provide documents” and that’s (probably) what the government wants. But you will want to confirm that with your lawyer.

4C) Don’t tell any third parties about the information request. In-house, ensure knowledge of government requests is kept on a need-to-know basis.

Document preservation requests, subpoenas and search warrants are often paired with non-disclosure orders that prohibit the recipient from discussing it with anyone except need-to-know staff and the company’s lawyers. Unless you have successfully challenged those orders, you must obey them.

Which brings us to the next step:

5) Call your attorney immediately after you’ve been served.

If you want to fight the order or object to the scope of disclosure, you can, but it’s not going to be cheap. If you’re a startup in the US without a sophisticated legal department with a big budget challenging a domestic US order will not be easy.

I know plenty of seasoned litigators who are experienced in this area and will be happy to refer you to them. In the alternative, call up the ACLU or the EFF, as Signal recently did to get a gag order lifted.

If you’ve never received a request for information, document preservation letter, national security letter, grand jury subpoena, administrative subpoena, search warrant, or emergency disclosure request before, call your attorney and he or she will help understand what kind of document you’ve received and what that document requires you to do – not all government data requests are the same, and not all are mandatory. Different agencies have different powers to ask for different kinds of information (and to prevent you from talking about the matter). Depending on what type of business you run, different statutory powers will authorize these requests and govern what your obligations are in relation to them.

If you’re based in the U.S., and the request comes from outside the U.S., you may have the option of refusing the request. Or you might not, if the request was validly made under a Mutual Legal Assistance Treaty, or “MLAT”, agreement. Your lawyer will help you parse your options.

If you have received a data request before, you should already have a protocol in place for dealing with them. Which brings me to my next point…

6) Plan ahead.

With any online business it’s possible to almost fully automate data production. You will need to balance the ease of automation with the requirement for data security. Err on the side of security.

The bulk of the U.S-source requests you will get will be subpoenas. Subpoenas issued under a particular statutory authority tend to request the same type of information as every other subpoena issued under that authority, and businesses tend to focus on particular types of commercial activity, so you should have a pretty good idea ahead of time what sort of information you’re going to be asked to provide.

Make sure you have a system in place where a small number of highly trusted staff have the ability to securely pull the requested data and provide it to law enforcement on short notice.

7) Your company can have a productive dialogue with law enforcement, but you have to let your lawyers do the talking.

In my experience, law enforcement officers and state prosecutors are courteous, highly professional people. However, they have a job to do. The mission comes first.

There’s no reason why you and your business can’t be on good terms with law enforcement or even helpful to law enforcement. However, your first concern should be to ensure that, in all your dealings with law enforcement, your interests are protected. The best way to do that is to run communications with law enforcement through your attorney and in writing.

For example. Suppose that one day, a few weeks after your lawyer provided a response to a subpoena, a friendly FBI agent calls you up and asks to have a casual sit-down over coffee to trade notes. She’s a nice person with a friendly demeanor, is just passing through town and is interested in Bitcoin and all things crypto.

You will think having that sit-down is a good idea, because you want to be helpful, don’t want to be rude and hey, it’s always nice to meet new people operating in your space.

Always decline these requests. At the very least, let your lawyers know that you’ve been contacted. If you want to be of assistance to law enforcement, be of assistance – through your attorneys. Ethereum dev Virgil Griffith had several such sit-downs and he has had to hire the best criminal defense lawyer in Bitcoinland, Brian Klein, to clean up the mess. Even if you are completely innocent of any offense, as most people are, let your lawyers do the talking.

Law enforcement will understand completely if you refer them to your counsel. They won’t think of you as rude. If they were in the same position, it’s what they would do.

And that’s it!

In conclusion

Summing up, if you run a business in crypto, and that business has users from the general public, it’s a virtual certainty that, at some point, the government is going to ask you to provide information in connection with an investigation.

Generally, these requests pertain to the commission of serious crime. Generally these requests are neither capricious nor unreasonable.

Dealing with these requests, and dealing with law enforcement generally, can be easy or hard. Regardless of one’s politics, keeping your business on good terms with the state is, generally speaking, the better business decision, if for no other reason than the fact that the U.S. government is bigger than you and has unlimited money and time.