-
Notifications
You must be signed in to change notification settings - Fork 7
"Property Protocol" proposal for next gen blockchain contracting practices
The following innovative proposal was made by Law Professor Joshua Fairfield in a law review article simply titled "BITPROPERTY".
Query: Is prototype of a property protocol along the lines described by Professor Fairfield an achievable, valuable and desirable hackathon project? Would the this approach in simplify and streamline the legal dimension of bitcoin and other blockchain oriented contracting practices?
The value of information cost analysis of property extends well beyond property forms, to the system for conveying and verifying property information. This section therefore outlines some principles of information design that might further enable property systems to do the job of conveying the core information of property at lower cost with increased certainty. If property is information, property systems are a protocol for communicating, verifying, and protecting that information. To transfer land from one person to another, one must transfer the information (the deed)
-
- 1967). Smith, Property as the Law of Things, supra note 212, at 1701. See Star Trek: The Original Series: The Changeling (NBC television broadcast Sept. 29,
2015]
855
that identifies the transaction (sale or ownership) and ties the successor identity (buyer) to the resource (the land). To buy an MP3, one must record the information (on a watermark or license server) that identifies the transaction (license) and ties the successor identity (the consumer) to the resource (the music). To generate a security interest, one must record the information (in a UCC filing) that identifies the transaction (security interest) and ties the secured party (usually the bank) to the resource (the debtor’s collateral). The traditional definition of property as the relationship of actors to assets and to each other does not fall far from the mark.225 But the traditional definition does not capture the degree to which property systems not only require, but are in fact comprised of, information. The key player in a property transaction is not the seller or the buyer, but the non-involved third party, who is bound by the dispositions made by the negotiating parties.226 The directly involved parties of course already have information about the deal through their contract negotiations. They need no property system to apprise them of the terms of their own deal. That can be handled through contract rules designed to foster bilateral information disclosure. By contrast, a true property system must deliver information to third parties.227 First, non-parties need information about transactions with which they are not at all involved. Assume A and B transact in land. Party C needs to know the boundaries of the transaction entered into by A and B, which constrains where C may hunt or fish.228 Further, non-parties need information about transactions with which they are not involved yet. Assume C wishes to buy the land from B. She will need information about the A-B deal and all earlier deals.229 Finally, C needs access to change the information, that is, the records, should she decide to become owner of the land.230 The common thread is information. The essence of the property system itself is not the identity, asset, or relationship between the parties, it is the information about those elements, and the degree to which that 225. See Moringiello, False Categories, supra note 2, at 134 (noting the “widely accepted definition of ‘property’ as the ‘relations among people with regards to things’” (quoting JOSEPH WILLIAM SINGER, INTRODUCTION TO PROPERTY § 1.1.1 (2d ed. 2005))). 226. See Merrill & Smith, Numerus Clausus, supra note 191, at 33 (discussing how “to control the external costs of measurement to third parties”). 227. See Michael Trebilcock (Corresponding Author) & Paul-Erik Veel, Property Rights and Development: The Contingent Case for Formalization, 30 U. PA. J. INT’L L. 397, 411 (2008) (“[A] formal property system can also reduce transaction costs in market interactions by providing increased information to third parties about the rights that an individual has over land.”). 228. See Merrill & Smith, Numerus Clausus, supra note 191, at 33. 229. Id. 230. Id.
856
[Vol. 88:805
information is effectively stored, communicated, and verified. Procedures for quickly, effectively, securely and cheaply communicating information are, in information parlance, called protocols.231 A protocol sets the format for data.232 It sets the procedures for transmitting it. It determines to whom certain data should be sent. It sets the procedures for error checking and the procedures for confirming that the data has been received. It determines the routing procedures for moving the data through a network. It sets procedures for lost or missing data. I propose that a property system is an information communication and storage protocol. There are good protocols—ones that permit maximum information flow, accuracy, and security, and cause minimum confusion and resistance. There are bad protocols—ones that engender confusion, noise, uncertainty, and insecurity. Similarly, there are good property systems—ones that permit transactions at high velocity, with high security, and with low friction. There are bad property systems—ones that are time consuming, costly, insecure, and inaccurate. The virtues are the same, and so are the vices. Good property systems transmit information about who may do what with which resources rapidly and securely, secure it faithfully, and can verifiably reproduce it. Bad property systems fail at each of these tasks. Conceptualizing property systems as information protocols has distinct advantages over extant property theories. As worked out above, physical things themselves are not the heart of property.233 The bundle of sticks—whether an owner may use, exclude, alienate, or destroy—is not the heart of property. Personal identity is not the heart of property. Instead, a theory of property as the data consisting of who may take which action with respect to what asset, and the procedures for communicating,
- See Brett M. Frischmann & Mark A. Lemley, Spillovers, 107 COLUM. L. REV. 257, 294 (2007) (“The current Internet infrastructure evolved with the so-called ‘end-to-end’ design principle as its central tenet. This design principle is implemented in the logical infrastructure of the Internet through the adoption of standardized communication protocols (e.g., the Internet Protocol suite).”); Julian Chokkattu, Bridging The Gap As The Smart Home Industry Expands, TECHCRUNCH (July 7, 2014), http://techcrunch.com/2014/07/07/bridging-the-gap-as-the-smart-home-industry-expands/ (“[T]ech giants Google and Apple are just a few companies that have been looking to bridge connectivity to different branded products with wireless communications protocols and break this fragmentation.”). 232. Joseph Farrell & Philip J. Weiser, Modularity, Vertical Integration, and Open Access Policies: Towards a Convergence of Antitrust and Regulation in the Internet Age, 17 HARV. J.L. & TECH. 85, 91 (2003). 233. See Moringiello, False Categories, supra note 2, at 134 (“As Gilmore noted forty years ago, . . . in asking property questions, we commonly conflate rights in things with the things themselves.”).
2015]
857
changing, verifying, and storing that data, cuts closest to the bone. As one transaction follows another, forming a chain of title, we create a chain of data relating each transaction to the next. The property system resides in the procedures for tracking, transmitting, and verifying that information. A property system enables transfers by conveying the information about who now owns what. A property system enables exclusion—the most commonly discussed element of property systems—by relating a what to a not-who, that is, the set of people who are barred from making use of a resource. The received wisdom that traditional property is somehow foreign or alien to information environments is incorrect. This error stems from the underexplored and incorrect assumption that property is about physical things, or about identity, or about specific actions one may take with property. Identity, assets, and actions are all important parts of a functioning property system, but they are not its substance. The substance of property is information. If property systems are information systems, then it must be possible to implement them in an information environment. To test whether property-as-information-protocol can hold conceptual water, it is useful to consider a few of the virtues of good information communication and storage protocols, and to observe whether they have explanatory power in the property context. Although there are many descriptors of good communications protocols, three are discussed here, loosely grouped around data at rest before it is sent, data in transit, and data at rest after it has been received. The following subparts first describe how these characteristics work in information environments before drawing parallels to characteristics of property systems. 1. Data Formatting A major challenge to information systems is ensuring that data follows a simple format such that it can be transferred or searched with minimum cost. Information can come in an infinite range of forms, some sufficiently organized as to be useful to automated systems, and some so disorganized as to be useless to anyone. Good data formats include necessary data and exclude data—even relevant data—when it appears in a format that makes parsing, processing, storage, or later accurate retrieval of the data more difficult. A good data format constrains information to the essential fields necessary for the transfer, storage, and retrieval of that information. Further, the format constrains the range of ways in which information can
858
[Vol. 88:805
be entered. It selects a standard.234 Such standards necessarily exclude useful but more costly means of presenting information in favor of an agreed-upon form. The law of property operates as an information protocol in that it sets standard formats for data. Assume that there is only one property format: FSA (fee simple absolute). Under this regime, there are serious utility costs due to constrained ability to satisfy preferences, but there are no information costs. The recipient need not inquire as to the form of property she receives. Now, assume we add a new hypothetical format: FSB. A recipient must now inquire as to whether she is receiving FSA or FSB, and costs rise. Here, we see Merrill and Smith’s information cost model at work.235 But to incorporate Hansmann and Kraakman’s criticism,236 assume that we add an additional marginal format: FSC. The costs for verifying the format of the property do not change. All that one must do is exclude all results that are not FSA. To think of it another way, if one desires FSA, one need not bother with all other formats, FSB through FSZ. One must check, but as long as labels are clear, it is just as easy to see that FSH returns a result of “no, this isn’t what I want,” as it is to see that FSQ returns a result of “no, still not what I want.” Theorizing the numerus clausus as a data format rule provides a friendly amendment to Merrill and Smith’s theory, and addresses the critique that, as property forms are added, the marginal additional transaction cost steeply declines. The problem is not the total number of forms, but the ability to differentiate between forms. Property forms must be more than merely a little different; they must be different enough so as to be distinguishable. The numerus clausus as amended here is therefore a principle of the minimum difference necessary for differentiation. What is necessary—and indeed, what property law offers at its core—is a system of specific, constrained, parameterized property forms that are detectably different from one another at low cost. The dangerous case is one in which a given property format (say, FSA2) becomes confused with another (say, FSA), such that one can check and still not know what format the property takes. Worse is one in which a non-standard property form looks the same as a mainstream, common property form on the surface, but is actually different due to obscure or hard-to-obtain information.
-
The term “standard” is used here and throughout this Article in the technical sense of an agreed-upon format for the transaction, and not in the legal sense of a fuzzy legal line.
-
Merrill & Smith, Numerus Clausus, supra note 191, at 27.
-
See Hansmann & Kraakman, supra note 196, at 380–81 (arguing that the addition of property forms would not necessarily generate a “meaningful degree of confusion”).
2015]
859
A theory of property as information resolves much apparent contradiction. With Merrill and Smith, I treat information costs as central to the law of property. With Hansmann and Kraakman, I note that marginal property formats do not linearly increase information costs.237 Finally, I build on extant theory by noting that it is the ability to distinguish between formats—and not the raw number of forms—that matters in creating a low cost and high velocity property system. 2. Verification and Error Checking Verification is a vital component of information protocols, and by extension property systems.238 The value of information lies not merely in its content, but also in the degree of certainty that the information was not altered or corrupted in transit. Verification matters most if information is to be passed further along to another party or another information system, further spreading corrupted data. The flip-side of verification rules are error-clearing rules. These rules exclude corrupt data so that it does not get passed forward. Some error in a one-time transaction does not matter much. Matters are different for information that must be passed forward based on the prior chain of events. Accumulation of errors within a data chain, just like the accumulation of clouds on title in a chain of title, will eventually crash an information system or render an asset immobile in the stream of commerce because title is too clouded. Property systems have extensive error checking rules. For example, title searches serve as a form of error checking for title-based systems. The purpose of the search is not merely to make sure that the asset is sufficiently unencumbered such that the buyer is not buying a lawsuit along with her asset, but also to ensure that the information stream attached to the asset is itself not so clouded or contaminated that the buyer would have trouble selling the property forward.239 Similarly, when courts pay attention to flaws in chains of title, they encourage prospective buyers to focus attention on the chain of data. Many problems that are fixed as a result of 237. See generally id. (discussing verification rules in property). 238. Id. at 374, 380. 239. See, e.g., Feit v. Donahue, 826 P.2d 407, 409 (Colo. App. 1992) (“[The] grantee under a warranty deed, except for matters specifically enumerated therein, should be in much the same position as [a purchaser of land with the] right to demand title which will put him in all reasonable security against loss or annoyance by litigation and will enable him not only to hold his land but to hold it in peace.” (alteration in original) (quoting Fechtner v. Lake Cnty. Savs. & Loan Ass’n, 361 N.E.2d 575, 578 (Ill. 1977))); Chavis v. Gibbs, 94 S.E.2d 195, 197 (Va. 1956) (“The main purpose of recordation statutes is to give constructive notice to purchasers and encumbrancers who acquire or seek to acquire some interest or right in property.”).
860
[Vol. 88:805
title searches are minor errors in the data chain, and clearing up small errors prevents aggregation and improves the overall health of the registry. Error clearing rules also abound in the law of property. For example, rules of many different stripes protecting the rights of bona fide purchasers and buyers in the ordinary course of business clear accumulated clouds on title.240 These rules operate to insulate current transactions from errors in prior transactions. For example, buyer in the ordinary course of business rules ensure that when one purchases a flat screen television from Best Buy, one need not be concerned with whether Best Buy has granted Bank of America a security interest in inventory.241 If a consumer sells the flat screen to another consumer, a different flavor of the same rule applies to clear other complicating security interests that the seller might have left still attached to the property.242 Sales law’s rules for voidable title and entrustment ensure that bona fide purchasers for value and buyers in the ordinary course are insulated from upstream title conflicts by clearing title error in the hands of the purchaser.243 Or consider marketable title acts for real estate, which only require a search back up the chain of title for a statutory period of years.244 All prior transfers are considered good and do not interfere with the registered chain of title. These rules for both real and personal property have as many different variants as contexts, but each has the salutary function of clearing errors in the chain of title so that mistakes in prior transactions do not aggregate to immobilize the asset. 3. Data Security The third major category is data security.245 Data must be secure both in transit and at rest. Data must be routed to the proper recipient and not to a third party who fraudulently attempts to stand in the shoes of the sender 240. See, e.g., Sender v. Cygan (In re Rivera), 513 B.R. 742, 753 (Bankr. D. Colo. 2014) (“Colorado is a race-notice state where no unrecorded instrument is valid against a bona fide purchaser of the subject property who first records. Consequently, as long as an instrument is properly recorded, subsequent purchasers have an obligation to find it at the county clerk and recorder’s office and are considered to have constructive notice even if they do not locate it.”); U.C.C. § 9-320(a) (2010) (“[A] buyer in ordinary course of business . . . takes free of a security interest created by the buyer’s seller, even if the security interest is perfected and the buyer knows of its existence.”); id. § 2-403(1) (“A person with voidable title has power to transfer a good title to a good faith purchaser for value.”). 241. Id. § 9-320(a). 242. Id. § 9-320(b). 243. Id. § 2-403. 244. See, e.g., Unif. Marketable Title Act § 3(a) (1990) (“A person who has an unbroken record chain of title to real estate for 30 years or more has a marketable record title to the real estate . . . .”). 245. There are, of course, other virtues of information protocols, which are excluded here due to space constraints. Routing and addressing are major goals of a good transfer protocol. The data must go to the party to whom it is addressed.
2015]
861
or receiver. The question is whether these values are a core part of the law of property. Security has always been a feature of property. Gold has always been kept in vaults. But the argument that security is a core and integral part of property law is less immediately intuitive than it is for data formatting, error checking, and error clearing. The security surrounding an asset has rarely been directly conceptualized as a key element of the property itself. Lack of built-in security has long been a driving factor for property law. Developed rules preventing theft, trespass, and conversion are necessary because property, especially personal property, is so easy to steal, subvert, or convert.246 The strongest difference between property rules and information security principles is that most property rules secure property by ex post sanction (against thieves or trespassers), while much of information security relies on ex ante exclusion through encryption or access controls. The worse ex ante security is, the more costly and developed the ex post system for recovering the assets must be. As a result of property’s traditionally limited ex ante security, much law is concerned with making sure that unauthorized transfers do not threaten the information that possession of property conveys to third parties. For example, property law strongly sanctions unpermitted possession. It is not clear, without more, why it should do so—unpermitted possession does the property no harm. One likely answer is that possession is a powerful information rule.247 The fact of possession conveys information so powerful that the person possessing property is considered its owner for the purposes of all but a very few interactions, which are based on some superior information source (say, being pulled over by police who have run the plates).248 The best way to steal property is to hack the property system by impermissibly obtaining possession, thereby broadcasting ownership to the majority of people who encounter the thief 246. Of course, locks and safes exist, but they weaken a key feature of property, which is the ability to use the goods openly without having someone take them. Property that cannot be used while being locked up is not much good as property. 247. Carol M. Rose, Possession as the Origin of Property, 52 U. CHI. L. REV. 73, 78–79 (1985). See also Smith, The Language of Property, supra note 196, at 1117–19 (discussing different possessory rules and the informational content they provide to different audiences); Merrill & Smith, Property/Contract, supra note 196, at 803 (“[S]ubstantive legal norms associated with in rem rights are more likely to be expressed as rules that turn on one or a small number of publicly observable states of fact . . . . The common law rule that the person in possession of a resource is presumed to have a property right is one example.”). 248. See sources cited supra note 247.
862
[Vol. 88:805
with the property. Thus, law sanctions unpermitted possession even if the property is unharmed and the owner has not yet missed the property. Traditional property principles provide security for information assets as well. Consider domain names, which have been recognized by some courts as sharing some characteristics with traditional property. In Kremen v. Cohen,249 Judge Kozinski wrote for the Ninth Circuit Court of Appeals: Property is a broad concept that includes “every intangible benefit and prerogative susceptible of possession or disposition.” We apply a threepart test to determine whether a property right exists: “First, there must be an interest capable of precise definition; second, it must be capable of exclusive possession or control; and third, the putative owner must have established a legitimate claim to exclusivity.” Domain names satisfy each criterion.250
Kremen considered the theft of a domain name obtained by deceiving the centralized authority, then Network Solutions, Inc. (“NSI”), which maintained the register of domain name registrations.251 Cohen exploited NSI’s lack of security in the domain name ledger to illegitimately transfer the valuable domain name Sex.com.252 His approach was low-tech social engineering. He sent forged letters and faxes from the original registrant claiming that the domain name had been abandoned.253 The effect was a simple deletion of a claim on a registry. Once NSI had deleted the registration, Cohen snapped up the domain name.254 The effect was to transfer a valuable intangible and rival property interest through the exploitation of a security loophole (here, NSI’s employees’ credulousness) by modifying the ledger. The Ninth Circuit held that the district court should not have rejected Kremen’s claim for conversion, and remanded. In so doing, it applied entirely ordinary property rules to a ledger registration change.255 While traditional ex post property sanctions can protect digital property, new information security measures, such as advances in public
- Kremen v. Cohen, 337 F.3d 1024 (9th Cir. 2003). 250. Id. at 1030 (citations omitted). 251. Id. at 1026–27. Kremen also considered the potential liability of NSI for its failure to prevent Cohen from taking the Sex.com domain name. Id. at 1028–29. This part of the decision, bearing as it does on an Internet intermediary’s responsibility to undertake expensive verification for a cheap service, is more controversial, and is not touched upon here except to note that decentralized public trustless ledgers ameliorate this problem by reducing the role of intermediaries. 252. Id. at 1026–27. 253. Id. 254.
Id. 255. Id. at 1036.
2015]
863
ledgers and encryption, can also protect physical property. Consider smart property: property that is enhanced with embedded software, and perhaps further secured by linking the software to a slot on a block chain.256 Smart property (at least in the sense of software-embedded and networked property) is becoming the norm for objects usually considered traditional personal property. Cars, houses, glasses, and watches are rapidly joining smart phones and tablets as being primarily protected by software control. A smart car linked to the block chain might “know,” for example, that it is owned by the owner of a specific ledger entry, and will only start in the presence of the person to whom that ledger entry is ascribed. Keys cannot be duplicated because the slots on the ledger are rivalrous. The same public-key encryption infrastructure that has long secured information can now secure physical property against theft. In sum, this part has argued that the conceptual core of property is not tangible things, not identity, and not sticks from the bundle, but information. As information, property is formatted, transferred, verified, and stored through a variety of protocols that share the virtues of good information transfer protocols. The rules of property set strong data formats, verify data, clear errors, and store information securely against manipulation or theft. Viewing property in this way paves the way for an actual operational digital property system. The following part offers suggestions for how to use trustless public ledger technologies to build such a system, as well as addressing challenges to the view of property espoused here.