A lawyer at Anderson Kill, PC in Washington, DC, Stephen D Palley (@palleylaw) focuses his law practice on construction, insurance and software development, including blockchain and smart contract design. The opinions in this article are Palley’s alone, are not intended to be legal advice, and may not be shared by past, present or future clients or any firm with which he is associated.
In this op-ed, Palley explores the question of liability and jurisdiction in the context of decentralized autonomous organizations (DAOs).
Does distributed presence create distributed liability? Does participation in a blockchain based decentralized autonomous organization (DAO) subject you to worldwide liability? While a one-sized fits all rule isn't possible, it may help to understand what jurisdiction means and how Courts acquire it.
(If you're trying to understand why this even matters, you'll find this author's views on the subject in an earlier post titled "How to Sue a DAO").
1. What is jurisdiction anyway?
Jurisdiction refers to a Court's authority to apply laws to disputes between parties and to do so in a way that can be enforced. (My old legal dictionary is even pithier: it's "the power to hear and determine a case").
Legal liability (distributed or not) can only be established by a Court that has jurisdiction. Enforceable legal liability presupposes jurisdiction.
In the US, the Constitution and a variety of statutes define the scope of Court's jurisdiction and describe the kinds of disputes that they can adjudicate. (I'm a U.S. lawyer, so I do draw on U.S. legal principles, though I imagine that jurisdiction is a threshold requirement in most places).
What do Courts do? As Justice Marshall famously (to lawyers, anyway) and carefully put it in Marbury v. Madison:
"It is emphatically the province and duty of the Judicial Department to say what the law is. Those who apply the rule to particular cases must, of necessity, expound and interpret that rule."
In short, US Courts interpret, expound, and apply laws. They rely upon the Executive Branch to carry out and enforce their judgments. (For example, US Marshals work for the Department of Justice, which is within the Executive Branch).
Next, some basic jurisdiction concepts and terms.
2. Subject matter jurisdiction
The threshold jurisdictional requirement I discussed above is sometimes called "subject matter jurisdiction."
For example, "diversity jurisdiction" is one type of subject matter jurisdiction US Federal Courts exercise. It allows a Court to decide certain kinds of disputes between parties where the plaintiffs and defendants are not citizens or residents of the same state and the amount in controversy is greater than $75,000, exclusive of fees, costs and interest. There's more to it, of course, and it can also apply to non-US parties. (See 28 U.S.C 1332. This is just one example, and there are many other kinds of Federal Court subject matter jurisdiction).
Similarly, if you want to sue someone in small claims court in Washington, DC, the amount in controversy has to be less than $5,000. The court doesn't have subject matter jurisdiction over disputes in excess of $5,000.
Nutshell: courts have to have subject matter jurisdiction to resolve disputes or find someone liable. While it may be true in practice that anyone can sue anyone for anything, or try to do so, Courts don't have unlimited subject matter jurisdiction, at least not U.S. Courts.
So if you're in DAO and you're wondering about liability and U.S. Courts' jurisdiction, the first thing you have to figure out is how, if or why a Court would have subject matter jurisdiction.
3. Scope of subject matter jurisdiction
Neither parties nor courts can manufacture subject matter jurisdiction. Here's what happened in a civil case that I once handled:
- The case involved a dispute over a contract between (1) a company that was a citizen of state X and (2) a company that was a citizen of country Y.
- The parties had agreed to a forum selection clause naming a federal district court located in a state N where (1) neither of them was a citizen or resident and (2) where no business related to the contract was performed.
- They had also consented to personal jurisdiction in state N, and agreed to apply State N's laws to any dispute.
- A lawsuit was filed in state N and it was promptly dismissed for lack of subject matter jurisdiction.
- Neither the parties, the contract, nor the dispute had anything to do with N (and the Court had plenty of other work to do).
And here's a recent example from a criminal case. In United States v. Levin, a warrant issued by a magistrate court judge was deemed void ab initio by the district court, rendering evidence seized with the warrant in admissible. 2016 U.S. Dist. LEXIS 52907 (D. Ma 2016). The Court observed that "the NIT Warrant made clear that the NIT would be used to 'obtain information' from various "activating computers."'
As is clear from Levin's case – his computer was located in Massachusetts – at least some of the activating computers were located outside of the Eastern District of Virginia. That the Website A server is located in the Eastern District of Virginia is, for purposes of Rule 41(b)(1), immaterial, since it is not the server itself from which the relevant information was sought."
I may have made you feel a little bit better, but please don't get too comfortable: I've only noted two cases. And while subject matter jurisdiction isn't unlimited, Courts in the US exercise broad jurisdiction over many, many things, and through the Hague Convention and extradition treaties can reach outside of territorial boundaries to enforce US laws over matters they deem to be within their subject matter jurisdiction. To that end, someone running an illegal Ponzi scheme in Country Z that is directed to US citizens and causes harm in the US, may still be deemed subject to a US Court's subject matter jurisdiction. (This is not a normative evaluation or judgment, by the way, it's simply the lay of the land).
To illustrate this scope, here's how a "I'm outside of the US" argument was recently rejected by a federal court in the Southern District of New York:
"Budovsky's nexus argument is meritless. Assuming that the Government is required to state the nexus of the alleged crimes to the United States in an indictment, the Indictment includes several allegations that establish a sufficient nexus with the United States. The Indictment alleges, among other things, that Liberty Reserve had over 200,000 users in the United States; the site's users included criminal rings operating in the United States; Budovsky moved $13.5 million from a Costa Rican bank account held by Liberty Reserve through a correspondent bank account in the Southern District of New York; and Budovsky engaged in money laundering with the object of transferring funds in and out of the United States.
Budovsky argues that his conduct and Liberty Reserve's operations occurred wholly outside the United States, that Liberty Reserve targeted a global market rather than the United States, and that the Indictment's claim that Liberty Reserve had 200,000 users in the United States could "only be supposition." Since in a motion to dismiss an indictment the facts alleged by the Government are taken as true, Budovsky's evidentiary arguments do not require dismissal.
Budovsky further argues that even if the existence of a large user base in the United States constitutes a sufficient nexus, "any operator of any web business -- located anywhere in the world -- could be hauled into United States courts." While the advent of the web may create a theoretical concern about the extraterritorial reach of U.S. criminal laws, in this case the Indictment has sufficiently alleged the conduct of a criminal business with the aim of causing harm to US citizens and U.S. interests. See Al Kassar, 660 F.3d at 118; see also United States v. Rowe, 414 F.3d 271, 279 (2d Cir. 2005) (upholding venue in a child pornography case based on viewing of defendant's Internet advertisement in the forum state)."
See United States v. Budovsky, 2015 U.S. Dist. LEXIS 127717 (D. S.D.N.Y. 2015).
Takeaways: Subject matter jurisdiction isn't unlimited. At the same time, it's broader than many understand. How can you protect yourself against unwitting distributed liability? Understand your use case, identify jurisdictional nexuses, and don't assume that because you're in Country X that Country Y can't touch you. If particular jurisdictions are a concern, can you make a good faith effort to try to block them, understanding that there may be ways around any wall.
(Also, I'm not suggesting that anyone break laws or look for safe havens to do so, but extradition treaties and international judgment enforcement of course have some limitations. If Country X doesn't accept that conduct that Country Y deems a crime is in fact a crime, this may impact its court system's willingness to cooperate. Thus, an attempt to exercise jurisdiction extra-territorially can be dependent and limited by cooperation by other sovereigns).
4. Personal jurisdiction
In addition to authority to decide a dispute between people, US courts need to have jurisdiction over the people themselves. By people, I include "natural persons" and corporate entities. This is known as personal jurisdiction or (if you like Latin) in personam jurisdiction.
Physical presence is the easiest way to get personal jurisdiction. If you are a citizen or resident of state A or happen to be in A state when a process server hands you a Summons and Complaint, your presence may be enough to give the Court in that state personal jurisdiction over you. Corporate entities may designate representatives who can be served for the entity, and rules or statutes may identify people who can be served on their behalf. Just because you own stock in a corporation, or are employed by it doesn't necessarily mean your presence in a particular state gives the state jurisdiction over the corporation.
How about personal jurisdiction over an unincorporated association? It's tricky, at best. For a flavor of this, if you're a hockey fan, take a look at Donatelli v. NHL,893 F.2d 459 (1st Cir. 1989), in which the Court held that "an unincorporated association which does not itself conduct significant activities in, or enjoy affiliating circumstances with, a state cannot be subject to the general personal jurisdiction of the state's courts on the basis of a member's contacts within the state unless the member carries on the in-forum activities under the association's substantial influence. Because such control is absent here – there is no "plus" factor beyond the Bruins' mere membership in the association – the district court's assertion of jurisdiction over the NHL was not constitutionally permissible. Reversed."
Parties can also consent to personal jurisdiction (which you'll often see in a boilerplate contract). Parties may also waive objections to personal jurisdiction, as opposed to subject matter jurisdiction, which can't be waived. (See, e.g., Federal Rule of Civil Procedure 12(b)(2)).
Most states (it may be all, but I haven't done a survey recently) have laws that govern a court's exercise of personal jurisdiction over non-resident defendants. These are called "long arm statutes". Entering into a contract in a state, contracting to insure a risk in a state, or committing a tort in a state are some common examples of things that will subject someone to personal jurisdiction in another state, under a long-arm statute.
F.R.C.P 4(e) tells US federal courts that they are to follow the law of the state in which the court is located, though this is subject to constitutional limitations.
Ask a US lawyer about personal jurisdiction and even a transactional lawyer who hasn't thought about civil procedure for 25 years will probably mumble something about the International Shoe case and the requirement that someone "purposefully avail" themselves of the benefits of doing business in a particular jurisdiction.
Over-generalizing, a bit: a random, incidental, episodic connection to a state may not be enough. Parties fight about this all the time, though, and it's up to a court to determine whether contact by someone from outside of the state would be sufficient to trigger long-arm jurisdiction. (The Supreme Court revisited personal jurisdiction in a 9-0 decision handed down in 2014 in Daimler AG v. Bauman et al.)
The takeaway: even if you are not physically present you can be subject to a court's personal jurisdiction. But you have to have some contact. How much? What kind? It depends. We'll talk about this a bit more in a second.
5. In rem jurisdiction
Can you sue a thing? Well, yeah, you kind of can.
If you can't locate or serve a person, a court may still be able to exercise "in rem" jurisdiction, or power/authority over a thing. When looking for an example, I came across a reference to a case that I wish we had studied in law school: United States v. One Tyrannosaurus Bataar Skeleton (SDNY 1:13−cv−00857).
In rem jurisdiction can be used to seize property, transfer ownership, and do so when the owner can't be haled into court for some reason but the property is physically within the Court's jurisdiction. (See also, http://www.usmarshals.gov/assets/2015/dpr-february-auction/sale-order.pdf; http://www.ibtimes.co.uk/us-government-auction-10m-worth-bitcoins-silk-road-seizure-1522672).
6. Concurrent jurisdiction and co-equal sovereigns
I've mostly referred to US Federal Courts. As a federal system, the US also has state courts, and states are treated as "co-equal sovereigns". There's a complicated collection of law that deals with this interaction. You can do something that is isn't a problem under federal law but is a problem under state law. You can also sometimes be liable under both.
Lot's of nuance here, but the nutshell is this: more than one court can have jurisdiction over the same thing (blue sky is one example).
7. Conclusion: purposeful availment, presence, and paths forward
I'm going to conclude with a return to personal jurisdiction over foreign defedants for a second, as this is very much on point for distributed ledgers and DAOs.
How do concepts like presence or "purposeful availment" work for a distributed organization or project or platform that relies upon a distributed ledger? Are they relevant? What does presence mean? Physical? Virtual?
The good news (yes, there's good news) is that this isn't entirely uncharted territory. Everything old is new again. Back when the Internet was still a new(ish) thing to most people, courts had to grapple with defendants who were located outside of their states operating websites that could be viewed within their states. Courts applied existing legal principles to the technology, relying on International Shoe, Burger King v. Radiewicz and other precedent. They still do. (See and compare , Maritz, Inc. v. Cybergold, Inc., 947 F.Supp. 1328 (E.D. Mo. 1996) and ITI Holdings, Inc. v. Prof'l Scuba Ass'n, 2006 U.S. Dist. LEXIS 3747; and see Sebastian Brown Prods., LLC v. Muzooka Inc., 2015 U.S. Dist. LEXIS 40132 (D. Del. 2015)).
With or without legislative guidance, blockchain jurisdiction cases will do the same thing, whether a DAO is involved or not. It's how the Common Law works; life of the law = experience != logic, paraphrasing Holmes.
Still, it's tempting to head down a rabbit hole here and attempt to provide a simple answer, or to go the opposite direction and not try at all and hope for the best. Neither is a good approach. It's more helpful to consider specific use cases and identify jurisdictions that might be implicated or interested.
It may also matter whether civil or criminal laws are at issue. If you're doing something clearly illegal in country X and are doing so in concert with people in Country X, or are directing communication to, with or into Country X, the fact that you are in country Y or the fact that it's blockchain don't seem like a terribly good jurisdictional defense to me. For a DAO, one might consider the forums where a dispute might arise and the form that the DAO takes. One might also consider whether an unincorporated association would be treated differently than a corporation, and if the latter is a structure for which presence and jurisdiction are easier to predict.
I'm not taking an absolute position on these things because I firmly believe that you need specific facts to determine outcomes. Anything else is advice or guidance in a vacuum.
That caveat in mind, I wouldn't agree that "distributed presence" always equals "distributed liability" any more than I would agree that it never equals "distributed liability". It depends on who you are, what you're distributing, what sort of presence you have, and where you have it.
Justice Holmes would be right at home.
. These are my opinions only, are not legal advice, and are neither shared nor sanctioned by past, present or future clients or any firm with which I'm associated. Also, while I'm aware that several DAOs have been in the news lately, my observations are generic, and not directed at any particular organization. The "How to Sue a DAO" piece has been misunderstood by many. Anyone who thinks it's a roadmap for a lawsuit is encouraged to re-read the piece, footnotes 3 and 4 in particular. Nor does it say that all DAOs are general partnerships or associations. It points out some general legal principles that *might* apply.
. Barron's Law Dictionary (3d Ed., 1991).
. I'm steering clear of distinctions between equity/law and other important but nuanced concepts like inherent authority because this isn't intended to be a hornbook review of jurisdiction, but some first principles, mostly for non-lawyers working on blockchain projects who may be asking basic questions.
. Here's a link to the District of Columbia's Long Arm Statute: § 13-423. Personal jurisdiction based upon conduct.
This post originally appeared on LinkedIn and has been republished here with the author's permission.