Vermont Passes New Blockchain Legislation
Vermont continues its play to bring blockchain business to the state.
On May 30, 2018, Vermont Governor Phil Scott signed into law Senate Bill 269: An Act Related to Blockchain Business Development, which became effective on July 1. The Act is designed to stimulate economic development in Vermont through the promotion of blockchain technology. In passing the Act, Vermont joins the limited ranks of other states that have legislatively recognized the potential of blockchain technology to innovate and spur economic opportunity.
While blockchain may be most widely known as the technology underlying cryptocurrencies, it is, at its core, a system of recording and confirming transactions through a decentralized, shared ledger or database. The decentralized verification ability of blockchain provides for greater security and the fact that the ledgers are immutable creates widespread opportunities for the application of blockchain in many contexts other than just cryptocurrencies.
The Act positions Vermont as an attractive environment for blockchain companies by, among other things, authorizing the creation of a new type of business entity—a blockchain-based limited liability company, or a “BBLLC,” for limited liability companies that utilize blockchain technology for a material portion of their business activities. Pursuant to the Act, a BBLLC is allowed to customize its governance structure, in whole or in part and as it sees fit, given its own particular business and technology, through blockchain technology. More specifically, a BBLLC may (1) adopt any reasonable algorithms that it chooses to validate records, as well as requirements, processes, and procedures for conducting its operations, and (2) select the blockchain technology that it will use.
To become a BBLLC, an entity must specify in its articles of organization that it has elected to become a BBLLC, and it must include in its operating agreement a summary of its mission and purpose. The BBLLC must also include in its operating agreement certain decisions regarding such items as access and permission protocols. These provisions include whether the BBLLC’s blockchain will be fully or partially decentralized or fully or partially public or private; the extent of a participant’s access to information and read and write permissions; how the BBLLC will respond to system security breaches or other unauthorized actions affecting the blockchain technology’s integrity; and the rights and obligations of each participant group within the BBLLC. The operating agreement must also set forth voting procedures, which may include smart contracts—that is, whether there will be software code stored on the blockchain that will execute a transaction automatically when certain conditions are met.
The Act also directs Vermont’s Department of Financial Regulation to review the potential application of blockchain technology to the insurance and banking industries; to consider areas for potential adoption of blockchain technology; to identify any regulatory changes needed for blockchain technology to have a positive impact on those local industries; and to submit a report of its findings.
Further, the Act allows Vermont’s Agency of Commerce and Community Development, together with the Department of Financial Regulation, and representatives from academia and private sector businesses, to organize and hold a fintech summit to, among other matters, explore opportunities to promote blockchain technology in Vermont’s state government, private sector, and high schools, colleges, and universities. The Act also requires the agency of Commerce and Community Development to incorporate into one or more of its economic development marketing and business support programs, events, and activities: opportunities to promote blockchain technology in the private sector; legal and regulatory mechanisms that enable and promote the adoption of blockchain and financial technology in Vermont; and educational and workforce training opportunities in blockchain technology, financial technology, and related areas.
Finally, the Act creates another new type of business entity—a personal information protection company, or a “PIPC.” PIPCs are businesses organized for the primary purpose of providing personal information protection services to consumers. “Personal information” is defined by the Act as data capable of being associated with a particular natural person, such as gender identification; birth information; marital status; citizenship and nationality; biometric records; government identification designations; and personal, educational, and financial histories. The Act regulates the conduct of these companies, and establishes that any PIPC that accepts personal information pursuant to a written agreement to provide personal information protection services now has a statutory fiduciary responsibility to the consumer in that context. The Act also requires PIPCs to adopt and maintain a comprehensive information security program (that may include the use of blockchain technology) to protect personal information.
© 2018 Blank Rome LLP. All rights reserved. Please contact Blank Rome for permission to reprint. Notice: The purpose of this update is to identify select developments that may be of interest to readers. The information contained herein is abridged and summarized from various sources, the accuracy and completeness of which cannot be assured. This update should not be construed as legal advice or opinion, and is not a substitute for the advice of counsel.