Predictions 2023: Digital business and asset disputes

We predict 2023 will see the first large commercial disputes before the English courts concerning digital assets.

Why?

• The collapse of FTX highlighted the importance of certainty in areas where the law is still developing regarding digital assets. How these matters are determined by the Courts will have a significant impact for parties in a similar scenario.
• To date, the English Courts have considered the legal treatment of digital assets in a series of cases concerned with fraud, usually where the claimant is seeking to recover misappropriated assets from persons unknown. However, there have been relatively few disputes between commercial counterparties both of whom are represented and contend points of law.
• Case law establishes a number of key principles: including that digital assets are 'property' for the purpose of English law, are in principle capable of being held on trust; and, to the standard of showing a serious issue to be tried, may be deemed to be located in the jurisdiction where the person who owns them is domiciled.
• However, there remain areas of considerable uncertainty which will likely crystallise in disputes connected with an insolvency. In particular:
  • where digital assets are held on trust by a custodian in a comingled omnibus wallet, it is unclear how any shortfall in the asset pool would be treated (eg whether beneficial owners would share pro-rata the shortfall);
  • it remains unclear whether any digital assets are capable of being classified as 'money' which could form the basis of a debt claim (as opposed to a claim for liquidated damages). This characterisation could determine the valuation date for a claim in an insolvency and have a material impact on its value given the volatility of digital assets;
  • governing law and jurisdiction in digital asset disputes is likely to be controversial given the uncertainty as to how principles of private international law apply to digital assets. Indeed, the Law Commission will be consulting on this in 2023 via its consultation 'Digital assets: which law, which court?'. Given the global nature of many digital asset transactions, disputes concerning governing law and jurisdiction are likely to arise and may have a significant impact in view of the developing nature of digital asset law around the world.
• It is highly likely that some, or all, of the issues above will give rise to the first major commercial dispute before the English Courts in 2023. The amounts at stake in some disputes will mean that issues are fully argued by represented parties, with the ultimate outcome being greater certainty as to the application of legal principles to digital assets.

Prediction author: Douglas Robinson

We predict the FCA will increase its focus on crypto advertising in 2023.

Why?

• There has been a significant rise in Advertising Standards Authority (ASA) complaints against crypto companies in 2022 (some from the FCA itself).
• The ASA has worked closely with the FCA to produce specific guidance for crypto advertising, including an Enforcement Notice which it proactively sent to various crypto companies. Formal legislation is pending, but current proposals indicate that the FCA will begin to enforce advertising standards in relation to 'qualifying crypto assets' (which won’t include NFTs).
• The proposals are not dissimilar to the ASA’s established guidance (which is familiar ground for most crypto companies). The biggest change will be the role of 'authorised firms' to approve crypto advertising while crypto companies continue to push for their own registration.
• Something has to give; either mainstream banks must partner with cryptos, or the FCA needs to make registration a more achievable goal.
• In the meantime, the FCA is likely to use any material breach of ASA guidance, or its own draft proposals, as a reason to delay (and perhaps refuse) registration.

Prediction authors: Emily May, Robert Allen

We predict 2023 will continue to see a rise in high-profile cyber-attacks, particularly as the growth in the Internet of Things ('IoT') creates ever more opportunities for malicious actors to breach security systems. This will lead to group litigation from affected parties, and greater regulatory scrutiny (with possible enforcement).

Why?

• Recent years have seen several high-profile cyber-attacks which have highlighted how malicious actors are becoming increasingly more capable in their ability to compromise national security and disrupt key infrastructure.
• The upward trend in cyber-attacks will continue, particularly given the exponential growth of IoT which has led to vast increases in the volume (and vulnerability) of data generated, thereby creating more opportunities for sophisticated cyber-attacks with greater repercussions.
• This trend will drive further instances of breaches and enforcement. It is also likely to harden, even further, the cyber insurance market. Increasing incidents are likely to drive up premiums, as carriers attempt to mitigate the effects of a seismic change to their risk profiles.
• In addition, the trend of class actions built off the back of cyber-attacks (see, for example, the group actions against British Airways and Ticketmaster) will continue, driven by litigation funding.
• As a result of a consultation on the improvement of cyber resilience, the government will shortly be passing into law the Product Security and Telecommunications Infrastructure Bill (the 'Bill') which will require manufacturers, importers and distributors of all such consumer connectable products sold across the UK to meet minimum cyber security requirements – this will profoundly impact supply chain processes. The government also proposes to expand the scope of digital services regulated under the Network and Information Systems Regulations 2018 to include 'managed services', and for these providers to be subject to the same duties as other digital service providers. This will cause a wider range of cybersecurity incidents to come within the remit of the Department of Digital, Culture, Media and Sport by effectively: strengthening the security requirements; addressing the security of supply chains; streamlining reporting obligations; and introducing more stringent supervisory measures and stricter enforcement requirements. Although these 2023 legislative reforms are welcome, it remains to be seen how quickly and how effectively they curb the risk of cyber-attacks.

Prediction authors: Robert Allen, Chloe Morris, Russell Cowie, Rosalind Dunn