Tag Archives: crypto-currency

Are Crypto-Currencies Money or Property?

Blockchains have a problem: They cannot exist in digital isolation; their value must be derived from the value of something else — something real.

There will always come a time when something real must be represented by data on a blockchain, or when data on a blockchain must represent something real. The tools that we use today for the storage, exchange and representation of value are money and title to property. This is the most over-looked peril in blockchain technology.

Are crypto-currencies actually money?

There are many prominent articles by many smart people discussing this topic. However, at the time of this writing, according to U.S. Uniform Commercial Code, article 9, a very explicit definition for money is provided as follows:

Money” means a medium of exchange currently authorized or adopted by a domestic or foreign government.

Therefore, the answer is clear. No, digital tokens are not money.

See also: Why Insurers Caught the Blockchain Bug  

While the destruction of digital tokens may represent an economic loss, that loss would need to be somehow quantified as something real. And we’re back to where we started; at some point, token must represent something real. The courts and law enforcement cannot be invoked to protect your bitcoin, and they struggle immensely to protect the value that the bitcoin is supposed to represent, except, notably, in money laundering.

While we may be able to identify the peril and even calculate the probability of loss, we cannot predetermine the consequence of the loss and therefore we cannot price the risk correctly. End of story.

Are crypto-currencies considered property?

There is some ambiguity here, as well. When we think of property, we think of discrete units that are largely inseparable. The title to an asset travels with the whole asset as it changes hands. A lien on the property would be needed to assert dominion on the asset. But bitcoins are quite easily divisible, almost fluid, lubricating a blockchain as a secondary artifact or its maintenance program. If I loaned you a car but kept the wheels as collateral, the utility of he car would be encumbered. Or it would be like holding a lien against the money to purchase the car, and not the car. This doesn’t make sense.

The answer for all practical purposes is that crypto-currencies cannot really be treated as property at least within the boundaries of law and are therefore uninsurable.

Are we stuck?

So, if bitcoins are not money and bitcoins are not property, what are they? How does one prove ownership? How does the owner assert dominion? How would liability be assigned for economic losses of another person in a transaction where all agreements are in the form of non-revocable contracts executed by software? Where do rights and responsibilities attach?

This is a deeply troublesome discussion if you are in the business of assuring or insuring blockchain-based enterprises.

More troubling is that these precise characteristics are what make crypto-currencies attractive for illegal activity, thereby increasing variance of expectations rather than reducing variance – the exact counter-effect of insurance. If assets can be converted to crypto-currency, they become difficult to seize or repossess. The extra-legal sector is categorically uninsurable by mainstream carriers.

Fortunately, some clever legal scholars at Harvard’s Berkman Center have suggested that perhaps ownership may be established with a claim against the cryptographic keys that open and close the contracts that contain the value articulated on blockchain. This is a very interesting idea. We have already established that these nodes and these keys are insurable. Logic may be built into key distribution to assign liability or limit liability and, thus, price risk correctly.

A Hybrid Approach

In earlier articles, we identified the problems that blockchain solves. We also identified the problems that blockchains cannot solve. Using a hybrid approach of decentralized computers and decentralized human interaction, we may be able to build a bridge that can cross the insurability gap between the virtual and the real world upon which everyone from banks, entrepreneurs and modern decentralized organizations may cross.

See also: What Is and What Isn’t a Blockchain?  

Some conceptualization of the hybrid approach may consider the following: a system of physical proofs that are interchangeable with the digital proofs in a blockchain — as needed or where appropriate.

For example:

  • Instead of a computer modeling a fake network of Byzantine generals, a network of real “generals” can be set up to model a computer network.
  • Instead of a solution to a trivial puzzle as a means of generating a digital token, the solution to a real life puzzle can also be used to generate a digital token.
  • Instead of a hashing program that generates a cryptographic key, a person’s résumé could be used as the algorithm to hash cryptographic keys that are authorized to open and close packets on the blockchain (see Curiosumé)
  • Etc…

As long as each component of the blockchain ecosystem is insurable, the entire system would remain insurable. There would otherwise be no limit to the number of blockchains that can exist nor the number or combination of analog and digital components that can be mixed as long as the tokens, in the end, can clear accounts.

(Adapted from: Insurance: The Highest and Best Use of Blockchain Technology, July 2016 National Center for Insurance Policy and Research/National Association of Insurance Commissioners Newsletter: http://www.naic.org/cipr_newsletter_archive/vol19_blockchain.pdf)

Ransomware: Your Money or Your Data!

Your client, ABC Corp. is going about its business and then gets this message:

police

The above is a typical ransomware message, according to a recent Symantec Security Response report. What’s next? Pay the “ransom” and move on? Ransomware is a type of malware or malicious software that is designed to block access to a computer or computer system until a sum of money is paid. After executing ransomware, cyber criminals will lock down a specific computer or an entire system and then demand a ransom to unlock the system or release the data. This type of cyber crime is becoming more and more common for two reasons:

1. Cyber criminals are become increasingly organized and well-funded.

2. A novice hacker can easily purchase ransomware on the black market.

According to the FBI, this type of cyber crime is increasingly targeting companies and government agencies, as well as individuals. The most common way that criminals execute their evil mission is by sending attachments to an individual or various personnel at a company. The busy executive opens the file, sees nothing and continues with his work day. However, once the file has been opened, the malware has been executed, and Pandora has been unleashed from the box!

Now that the malware has been unleashed, a hacker can take over the company’s computer system or decide to steal or lock up key information. The criminals then make a “ransom”demand on the company. The ransom is usually requested in bitcoins, a digital currency also referred to as crypto-currency that is not backed by any bank or government but can be used on the Internet to trade for goods or services worldwide. One bitcoin is worth about $298 at the moment. Surprisingly, the amounts are generally not exorbitant (sometimes as nominal as $500 to $5,000 dollars). The company then has the choice to pay the sum or to hire a forensics expert to attempt to unlock the system.

The best way companies can attempt to guard against such cyber crime attacks is by educating employees on the prevalence and purpose of malware and the danger of opening suspicious attachments. Employees should be advised not to click on unfamiliar attachments and to advise IT in the event they have opened something that they suspect could have contained malware. Organizations should also consider backing up their data OFF the main network so that, if critical data is held hostage, they have a way to access most of what was kidnapped. Best practices also dictate that company systems (as well as individual personal devices) be patched and updated as soon as upgrades are available.

Finally, in the event you are a victim of a ransom attack, you would need to evaluate it constitutes a data breach incident. If the data hijacked is encrypted, notification is likely not necessary (as the data would be unreadable by the hacker). However, if the data was not encrypted, or you cannot prove to the authorities that it was, notification to clients or individuals is likely necessary.

Takeaway

Cyber extortion is more prevalent than most people realize because such events are not generally publicly reported. To protect against this risk, we recommend that companies employ best practices with respect to cyber security and that they consider purchasing a well-tailored cyber policy that contains cyber extortion coverage. Such coverage would provide assistance in the event a cyber extortion threat is made against the company, as well as finance the ransom amount in the event a payment is made.

What Insurers Need to Know About Bitcoin

A bitcoin (lowercase b), as a currency, has several flaws that will continue to limit its ability to replace money, as we know it. There are millions of words published on the subject, so I’ll leave it to the reader to assess arguments on both sides. However, Bitcoin (upper case B) as a protocol for the transfer of value is an extremely important innovation that the insurance industry would be wise not to ignore.

This article looks at the issue from the point of view where the insurance industry meets the engineering profession; this combination could be where some of the most important and valuable new opportunities arise.

The Block Chain Protocol (BCP)

The Block Chain Protocol is a brilliant innovation that cannot be un-invented – it is here to stay, and it will appear in many forms long after it sheds its association with so-called crypto-currencies. Bitcoin was designed to solve an age-old problem: the possibility of spending multiple times a promissory note such as currency. In the case of virtual currency, the problem is especially acute because a currency created on a computer can be easily copied by a computer.

The BCP can be compared to a train leaving the station. When the train arrives, the door opens and everyone piles in. After a predetermined amount of time, the doors close. While the doors are closed – and only while the doors are closed – the people write contracts for each other to agree upon. When the doors open, everyone piles out, but the contracts stay. Soon after, the doors close forever.

After the doors close, absolutely no changes can be made, ever. Any changes must be renegotiated as part of a new “block” in a continuing “chain” of transactions. This prevents someone from printing “money”, i.e., issuing the same contract to many recipients.

Today, this function is performed by a legal system, brokers and intermediaries such as banks and credit agencies – it is easy to see how these institutions would be concerned that an upstart technology that is fully decentralized with no CEO or corporate structure could literally exterminate their brokerage fees. (While I used a mechanical analogy of door and trains, the BCP operates using time stamps and cryptography to manage identities, ownership, vetting, etc.)

The big deal with bitcoin as a currency is that the value of a contract can be cast in time. The “crypto-currency” simply represents that value outside of the block for that exchange inside of the block.

Many people, including the media, get hung up on the idea of currency because that is something that obviously concerns everyone in the age of impending financial doom. However, one must not be fooled by hype nor remain complacent and hope the bitcoin issue it will go away. The BPC is here to stay, and there are thousands of them in existence, not just bitcoin.

Yes, this means threats to the status quo, but there are also great opportunities for those who learn how to use smart contracts to transmit value without institutional friction. The part that the insurance industry should be concerned with is the ability to transmit contracts.

When contracts are executed on a block chain and locked cryptographically, these are called “smart contracts.” The seminal work on smart contracts was written by Nick Szabo and introduced in this 1997 primer: The Idea of Smart Contracts. The remainder of this article will focus on one very important type of smart contract: the adjudicated smart contract partnering the insurance industry and the engineering profession.

The Oracle

Adjudicated contracts are contracts involving three parties: the insurer, the insured and the adjudicator. The insurance adjuster should immediately come to mind, but the work of the adjudicator is much more flexible.

In an insurance claim, there is often a forensic investigation involved. In many cases, the investigation may reveal failures of design, quality, defects and workmanship and moral hazard. When a payout is warranted, claim money is drawn for reconstruction and remediation per a contract.

The insurance industry depends on actuarial statistics and forensics to manage these risks. What if forensics could be performed and actuarial data compiled before the failure occurs?

Adjudication can be integrated directly into the performance contracts as the project is designed and built. Licensed professional engineers can “flip the switch” that releases funding or seal coverage for specific perils as they oversee the design/build contracts during design, construction and service life of a property. This would allow insurance companies the ability to price risk and adjust exposure pools with extreme accuracy.

Assurance by Design

In other words, it is possible to develop Block Chain Smart Contracts. My firm is doing this for the engineering, construction and property management industries. The concept is to codify current standard contract templates, such as AIA contracts, into a series of smart contracts on a cryptographic block chain. Contractual events will correspond to payment milestones underwritten by bank and insurance institutions. As each milestone is reached, the professional engineer will verify the proof of work and flip the switch that released the contract to the next insurable component.

The Insurance Industry Is Threatened

Today, many insurance companies are not too concerned with construction risk as long as it is priced correctly. What the insurance industry may not realize is that if too many good properties are subsidizing too many bad properties, private parties with good properties will use these adjudicated contracts to self-insure. For example, if a 250-unit, high-rise condo spends $4 million on a new potable water system and the insurance premiums are not discounted accordingly, the condo could now easily form its own risk-sharing pool with communities known to have new water systems.

With Block Chain Protocol technology and readily available data, almost anyone can now form an insurance pool.

The challenge then for the insurance industry is to use new technologies to build more and better insurance products using the legacy tools that they are built on and rapidly adopting new technological solutions that are now available to them.

The Block Chain Protocol may be one of the most important innovations of the digital age. Pretty much anyone with the job title of “broker” should be seriously concerned.

History provides countless examples of companies and industries that failed to adapt to new changes. For this reason, insurance should take the Block Chain Protocol very seriously. The technology is simple by design and only requires some creative adjustment and strategic partnerships to assimilate into the business plan.

Nobody will do it for us. We need to do it ourselves.