From Web1 (read only) to Web2 (read-write) to Web3 (read-write-own), we are witnessing the surpassing evolutionary path of the Web. Web3 introduces a paradigm shift, encompassing the internet as a database, digital convergence, and the semantic Web. Coined by computer scientist Gavin Wood in 2014, Web3 redefines the internet by embracing decentralisation, novel protocols, and revolutionary blockchain technology. This challenges not only the traditional model of centralised service providers, but also the legal landscape as well.
Switzerland is known for its favourable regulatory framework regarding blockchain and distributed ledger technology (“DLT”). Both the Swiss federal government as well as the Swiss Financial Market Supervisory Authority (“FINMA”) have embraced a generally supportive approach to foster innovation while maintaining a solid level of consumer protection and mitigating risks associated with digital assets.
With Web3 being decentralised and borderless, many participants expect to enjoy an unregulated space, free of rules dictated and enforced by governments and hence free of the need of legal support. The opposite may be the case. Here is a list of a few potential issues you might want to take into account:
1. Jurisdiction and enforcement
Jurisdiction and enforcement in decentralised environments pose significant challenges. Figuring out which laws to apply when the blockchain spans through multiple jurisdictions poses a continuous challenge among legal experts and as such it always requires a case-by-case analysis.
The ownership and control of virtual assets are critical considerations. Determining who has the right to use, transfer, and profit from digital assets with real-world value is essential. For example, in the case of NFTs, there is often the misconception between ownership of the token vs. ownership over the content of the token.
3. Civil law and intellectual property (“IP”) rights
Failure to comply with civil law may result in the inability to enforce contracts with the outside world and the lack of appropriate licenses and registrations may lead to IP infringements or users not having the necessary intellectual property rights.
4. Data privacy and security
Close attention is required also in the field of data privacy and security. As personal data might be shared and stored in decentralised systems, the lack of centralised authority makes it difficult to determine where and how the data is stored, processed, and used. It also makes it difficult to identify the participants. Accordingly, decentralised systems are more vulnerable to data breaches and unauthorised access than centralised systems. This is the reason why data privacy and robust security measures should be implemented by default from the outset of the project.
5. Anti-Money Laundering (“AML”) and Know Your Client (“KYC”)
AML and KYC regulations also apply to cryptocurrency exchanges and other virtual asset service providers. These entities are required to conduct customer due diligence, monitor transactions for suspicious activities, and report any doubtful transactions to the relevant authorities. Non-compliance with AML regulations results not only in criminal charges, but also opens the door to legal penalties, business restrictions, as well as to reputational damages and financial losses.
6. Regulatory landscape
To figure out whether financial regulations apply, businesses need to first classify their tokens and the activities they want to engage in (e.g. issuing of tokens, deposit taking, trading, custody services). As part of its efforts to promote innovation and provide guidance, FINMA has issued guidelines to help distinguish different categories of tokens to assess the applicability of regulatory requirements. Asset Tokens promise, for example, a share in future company earnings or future capital flows. Payment Tokens (synonymous with cryptocurrencies like Bitcoin) are tokens which are intended to be used as a means of payment for acquiring goods and services or as a means of money or value transfer. Utility Tokens (like Ethereum’s gas token) are intended to provide access to an application or service by means of a blockchain-based infrastructure. A case-by-case analysis of the token characteristics and planned activities is therefore required to determine whether any financial market license is needed under Swiss law. Failure to comply with regulatory laws may result in enforcement actions and fines, as well as potential further lawsuits.
It is without any doubt that the development of Web3 brings both opportunities and risks. Businesses must consider whether to comply with all applicable laws or establish a specific governing law and jurisdiction. These questions require careful analysis before launching a product or service. Addressing these issues is vital to navigate the Web3 landscape, mitigating legal and reputational risks, and safeguarding participants from enforcement actions and liabilities. To foster trust and accountability, it is advisable for businesses to seek legal guidance from the start rather than following a product launch. By doing so, they can establish a solid foundation and ensure compliance in the evolving Web3 environment.
About Women in Web3 Switzerland (WiW3CH):
WiW3CH provides a networking platform for women working or aspiring to work in the Web3 industry, promoting diversity in this young industry. The focus on Switzerland also means that the women are ambassadors for the country, which is the first place for Web3 companies to set up shop.
Connect with the Founders:
Sibil Melliger https://www.linkedin.com/in/sibil-melliger-4b002b14b/
Paula Zimmermann https://www.linkedin.com/in/paula-zimmermann-725a93122/
Margherita Bandirali https://www.linkedin.com/in/margherita-bandirali/