Michael Bacina, Jade McGlynn, Luke Misthos and Jordan Markezic of the Piper Alderman Blockchain Group bring you the latest legal, regulatory and project updates in Blockchain and Digital Law.

KPMG Canada Collects Crypto in Treasury

As a first direct investment in cryptoassets, KPMG in Canada has allocated an investment in cryptoassets to its corporate treasury. The cryptoassets include Bitcoin, Ethereum and carbon offsets, which goes towards the firm's ESG commitments. KPMG Canada acquired the cryptoassets on its balance sheet through Gemini Trust Company LLC's execution and custody services.

Benjie Thomas, KMPG Canada's Managing Partner for Advisory Services said:

Cryptoassets are a maturing asset class.

This investment reflects our belief that institutional adoption of cryptoassets and blockchain technology will continue to grow and become a regular part of the asset mix.

A KPMG governance committee was established to provide oversight and approve the allocation. The committee includes stakeholders from various areas who completed an intense assessment process.

The investment reflects the firm's view on blockchain and emerging technologies. KPMG Canada's Advisory Partner and Cryptoassets and Blockchain Services co-leader, Kareem Sadek said:

The cryptoasset industry continues to grow and mature and it needs to be considered by financial services and institutional investors.

We've invested in strong cryptoassets practice and we will continue to enhance and build on our capabilities across DeFi, NFTs and the Metaverse to name a few. We expect to see a lot of growth in these areas in the years to come.

Like Australia, Canada makes an outsized contribution to crypto and blockchain projects, with Ethereum co-founder Vitalik Buterin hailing from Toronto. KPMG offices operate quite separately at country level, but KPMG Australia must surely feel some pressure with the Canucks grabbing the treasury innovation lead!

Blockchain Traceability Leads to Bust of Criminals in USD$3.6 billion bitcoin seizure

The US Department of Justice has arrested 2 individuals in New York, alleging they were conspiring to launder cryptocurrency stolen during the 2016 hack of Bitfinex. At the time, the hack involved the theft of 119,754 bitcoin (worth USD$70 million then). As part of the arrest, the DoJ seized bitcoin and other cryptocurrency worth USD$3.6 billion on today's prices, including over 94,000 bitcoin.

Thanks to the traceability of transactions on the bitcoin network, the wallets where the stolen bitcoin was moved have been watched for years, and movements in wallets over a month ago were the subject of speculation online, but it turns out those movements were the DoJ shifting the seized assets. The complaint from the DoJ includes diagrams setting out the alleged laundering methods used by the accused.

The Assistant Attorney General Kenneth Polite said:

Today, federal law enforcement demonstrates once again that we can follow money through the blockchain, and that we will not allow cryptocurrency to be a safe haven for money laundering or a zone of lawlessness within our financial system

Steve Francis of Homeland Security said:

[the accused] attempted to subvert legitimate commerce for their own nefarious purposes, operating with perceived anonymity. Today's action demonstrates HSI's commitment and ability to work with a collation of the willing to unravel these technical fraud schemes and identify the perpetrators, regardless of where they operate.

It is interesting how the DoJ press release both refers to following "money" through the blockchain and the importance of ensuring consumer confidence in the financial system. It follows other busts including the takedown of the Welcome to Video site, the return of most of the Colonial Pipeline ransom paid in that ransomware incident, sanctioning of a Russian exchange involved in laundering as well as reports showing crypto-crime is concentrated in a very small number of wallets relative to the size of the overall market.

The way the cookie crumbles: Facebook / Meta loses Privacy Act Appeal

The Full Federal Court of Australia recently handed down their decision dismissing an appeal from Meta (Formerly Facebook) which challenged the validity of service of a lawsuit against Meta on the grounds that Meta either conducted business nor collected personal information within Australia.

The litigation against Meta arose from alleged "serious and repeated interferences with privacy in contravention of Australian privacy law" arising from the Cambridge Analytica scandal of 2018. Cambridge Analytica harvested the personal data of millions of Facebook's consumers without their consent using a personality test app called 'This is Your Digital Life.' The data harvested was notably used for the Brexit campaign in 2016 for targeted advertising.

The Office of the Australian Information Commissioner (OAIC) announced proceedings in 2020 in the Federal Court of Australia against Facebook Inc – the U.S. based parent company – as well as its Irish subsidiary, Facebook Ireland Limited.

The latest proceedings saw the Full Federal Court sensationally throw out Facebook's argument that, as it did not carry out business or collect and hold personal information in Australia, it could not be sued under the Privacy Act 1988 (Cth). Chief Justice Allsop and Justices Perram and Yates noted (at [77]) that Facebook's arguments were

divorced from reality

The Full Federal Court held that it was sufficient that Facebook installed cookies on the physical devices of Australian consumers on behalf of its parent company and other subsidiaries – which forms a critical operational mechanism for the Facebook platform, where those cookies stored a variety of data used in the platform.

The Court also rejected Meta's contention that finding that any website accessible within Australia carries on business in Australia would 'open the floodgates' for litigation against tech service providers, with Perram noting (at [44] and [45]) that the matter related to a narrow appeal of an interlocutory matter, and that the facts would drive the analysis, specifically a simple password cookie was identified as something which may be treated differently to a complex cookie (as was used by Facebook).

The Court also rejected Facebook's argument likening their business to sending mail by post. Facebook relied upon the fact that their datacentres transmitted signals to Facebook user's devices and subsequent to this, the transmission changed the digital state of those devices. Facebook compared this to an international post model, where the recipient of an international letter acted in a way so much that an economic benefit might accrue to them. Facebook contended that this model meant that it could not operate within Australia.

Importantly, the Federal Court noted at [75]:

Whether a particular foreign-based business providing goods or services in this country carries on business here will depend on the nature of the business being conducted and the activity which takes place in this country. There is no one size fits all answer to this question. Correspondingly, the menace of opened floodgates from which Facebook Inc was commendably keen to protect the Australian legal system, is in my view very much overstated.

The decision may be held up as a broadening of the test of when a business is doing business in Australia, the Court was at pains to qualify the position and emphasize that the facts determine each case. However, being potentially the subject of the full weight of the laws of another jurisdiction is a matter which is serious and needs careful consideration for each business, particularly given our globally connected and increasingly decentralised world.

Nike says 'No' to NFT Receipts of Stored Sneakers

Apparel giant Nike has filed a lawsuit against StockX, accusing the resale marketplace of using Nike trademarks to mint and sell Non-Fungible Tokens (NFTs) without permission. StockX are selling NFTs which are tied to popular Nike shoes, supposedly making it easier for consumers to purchase and 'flip' the shoe without having to worry about shipping costs.

The 'StockX Vault' is the marketplace's NFT project allowing customers to purchase and sell like-for-like sneakers, linked to NFTs, operating on a public blockchain. While the project is a creative use of the technology and potentially a sign of things to come, it was unable to sneak past Nike.

The complaint was filed in a New York federal court and outlines the extent of the breach by StockX:

Nike did not approve of or authorize StockX's Nike-branded Vault NFTs. Those unsanctioned products are likely to confuse consumers, create a false association between those products and Nike, and dilute Nike's famous trademarks.

Nike criticizes StockX's terms of purchase for being "murky" while also accusing the marketplace of inflating stock prices, going so far as to allege that the Vault NFTs are a "scam".

Part of Nike's complaint relates to a concern that the marketplace is claiming association with Nike, and that this would negatively impact Nike's reputation in the digital space:

Given Nike's longstanding use in this space, StockX's unauthorized and unapproved branding of Vault NFTs with Nike trademarks is all the more likely to confuse consumers, create a false association between the parties, jeopardize the capacity of Nike's famous marks to identify its own digital goods in the metaverse and beyond

Nike's acquisition of RTFKT, a digital art and collectible creative studio, in December 2021 demonstrated Nike's intention to enter into the virtual space and start issuing NFTs themselves. Nike has set up a designated team to facilitate this project:

On or around January 18, 2022, Nike announced to its employees the formation of Nike Virtual Studios, a new division that will operate as an independent studio to further develop Nike's business around virtual products and partner with its core business to deliver best-in-class Web3, metaverse, and blockchain-based experiences.

Along with damages for compensation and profits, Nike is seeking orders to prevent StockX from dealing in any NFT products that fall under Nike's asserted trademarks, as well as requesting an order that all Vault NFTs in StockX's possession be delivered to Nike for destruction.

It remains to be seen whether Nike's allegations will run the distance or if an NFT showing a picture of a product stored and redeemable by the holder will jog into legal safety. What is clear is that there is an increasing willingness for major brands to move to protect their trademarks in the NFT space, as they look to take a piece of the growing market for these digital products, with recent examples including a DAO mistakenly thinking they could use rights from a purchased manuscript to create a cartoon, Hermes suing over MetaBirkins for infringement and Miramax getting into a fight with Quentin Tarrantino over movie NFTs.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.