The European Parliament has adopted a proposal for the Data Act which aims to harmonise rules on fair access to data, promote competition and stipulate conditions for the use of data, in particular with regard to data obtained by means of products connected to the Internet of Things (IoT). An overwhelming majority of MEPs are in favour of the proposal; however, the positive approach is not shared by players from the crypto world. Indeed, the proposal contains a specific provision relating to blockchain and smart contracts, or code-based contracts that are executed automatically when pre-defined conditions are met.
The essence of smart contracts (similar to cryptocurrencies) is that they are stored on the blockchain and take advantage of its distributed and above all immutable nature. These features ensure the security and trustworthiness of the entire network. Smart contracts, in particular, serve to automate processes that would otherwise require human intervention or an intermediary, and are often the basis for the infrastructure of decentralised finance (DeFi) services.
The most confusion in the expert community is caused by the wording of Article 30 of the Data Act - it introduces basic requirements for smart contracts, and among these requirements is the obligation of providers offering the possibility to conclude a smart contract to embed in their services mechanisms allowing to stop or interrupt the execution of the transaction and de facto have the possibility to “turn off” the smart contract (so-called Kill Switch). This point is problematic for several reasons.
The first is that the proposed solution undermines the essence of decentralised networks and the guarantees that their content cannot be changed. Some companies that focus on DeFi point out in this regard that it would be virtually impossible to comply with these requirements. In contrast to this, there are also views such that the goal is not to regulate all smart contracts, but only those that involve data sharing between IoT products. Answering this question is not entirely straightforward as the current proposal works with “smart contracts designed for data sharing”, but information and data is shared even with smart contracts in DeFi. European legislators will thus have to deal with this issue in the next rounds of deliberations.
Another equally important question is who should be able to exercise the right to switch off / interrupt the smart contract. Would it be the creator of the smart contract, or the service provider, or a public authority? In this respect, the Act does not provide many answers either.
The proposal will now move to the trilogue stage, where the EU Council and the EU Commission will discuss the details of the Act. Whether or not the European Union will take into account the comments made by the stakeholders will be known soon, as the first session is scheduled to take place on 28 March. We will, of course, keep you informed of further developments.