The latest legal, regulatory and project updates in Blockchain and Digital Law brought to you by Michael Bacina, Jade McGlynn, Luke Misthos and Jordan Markezic of the Piper Alderman Blockchain Group.
The way the cookie crumbles: Facebook / Meta loses Privacy Act Appeal
The Full Federal Court of Australia recently handed down their decision dismissing an appeal from Meta (Formerly Facebook) which challenged the validity of service of a lawsuit against Meta on the grounds that Meta neither conducted business nor collected personal information within Australia.
The litigation against Meta arose from alleged “serious and repeated interferences with privacy in contravention of Australian privacy law” arising from the Cambridge Analytica scandal of 2018. Cambridge Analytica harvested the personal data of millions of Facebook’s consumers without their consent using a personality test app called ‘This is Your Digital Life.’ The data harvested was notably used for the Brexit campaign in 2016 for targeted advertising.
The Office of the Australian Information Commissioner (OAIC) announced proceedings in 2020 in the Federal Court of Australia against Facebook Inc – the U.S. based parent company – as well as its Irish subsidiary, Facebook Ireland Limited.
The latest proceedings saw the Full Federal Court sensationally throw out Facebook’s argument that, as it did not carry out business or collect and hold personal information in Australia, it could not be sued under the Privacy Act 1988 (Cth). Chief Justice Allsop and Justices Perram and Yates noted (at [77]) that Facebook’s arguments were “divorced from reality”.
The Full Federal Court held that it was sufficient that Facebook installed cookies on the physical devices of Australian consumers on behalf of its parent company and other subsidiaries – which forms a critical operational mechanism for the Facebook platform, where those cookies stored a variety of data used in the platform.
The Court also rejected Meta’s contention that finding that any website accessible within Australia carries on business in Australia would ‘open the floodgates’ for litigation against tech service providers, with Perram noting (at [44] and [45]) that the matter related to a narrow appeal of an interlocutory matter, and that the facts would drive the analysis, specifically a simple password cookie was identified as something which may be treated differently to a complex cookie (as was used by Facebook).
The Court also rejected Facebook’s argument likening their business to sending mail by post. Facebook relied upon the fact that their datacentres transmitted signals to Facebook user’s devices and subsequent to this, the transmission changed the digital state of those devices. Facebook compared this to an international post model, where the recipient of an international letter acted in a way so much that an economic benefit might accrue to them. Facebook contended that this model meant that it could not operate within Australia.
Importantly, the Federal Court noted at [75]:
“Whether a particular foreign-based business providing goods or services in this country carries on business here will depend on the nature of the business being conducted and the activity which takes place in this country. There is no one size fits all answer to this question. Correspondingly, the menace of opened floodgates from which Facebook Inc was commendably keen to protect the Australian legal system, is in my view very much overstated.”
The decision may be held up as a broadening of the test of when a business is doing business in Australia, the Court was at pains to qualify the position and emphasize that the facts determine each case. However, being potentially the subject of the full weight of the laws of another jurisdiction is a matter which is serious and needs careful consideration for each business, particularly given our globally connected and increasingly decentralised world.
DAO Regulation Roundtable
At the invitation of Senator Andrew Bragg, a who’s who of Australian crypto and blockchain talent assembled this week to discuss how a company DAO could be regulated under Australian law. With Senator Hume’s office represented at the meeting as well, the Australian politicians most actively engaged in bringing Aussie regulation into alignment with this ground-breaking technology were present.
Senator Bragg chaired the recent Senate Select Inquiry into Australia as a Technology and Financial Centre and Recommendation 4 in the Final Report included:
The committee recommends that the Australian Government establish a new Decentralised Autonomous Organisation company structure.
After being adopted by the Treasurer in December 2021 and enduring comments from the Chairman of ASIC, work is now underway to implement and establish a framework for DAOs pursuant to this Recommendation.
The group had a wide ranging discussion and some guiding principles emerged which will be further refined over the coming weeks and may inform the shape of regulation / policy. Those principles included:
1. The urgent need for Australia to give DAOs legal status so they can enter into contracts and participants can have certainty about their dealings and treatment, with the possibility of licensing and insurance and property ownership tied to legal personhood;
2. Considering a light touch DAO framework but leaving out of that framework DAOs which are purely code launched – without voting governance at the code level (exclude capture of public blockchains like Bitcoin which are ‘governed’ by miners and nodes);
3. Conditions attaching to legal personhood, but the need to keep that flexible so as not to become rapidly outdated;
4. The need to consider retail consumer protection, but also not to lose sight of the benefits of innovation from the fear of consumer risks given consumers can access blockchain systems and tokens offshore in any event;
5. That the current forms of director duties and fiduciary duties owed to shareholders don’t reflect the DAO model (at least on public blockchains) where the lack of transparency in a company is not a feature in DAOs;
6. That any law will need transitional and retrospective effect to ensure a smooth transition;
7. That the benefit of legal recognition under Australian law will likely need some standards, such as plain English audit and explanation of code and governance within a DAO so participants don’t need to be code-literate to understand a DAO they are joining;
8. But, conditions of legal recognition cannot require identification of DAO participants in the way shareholders are published in a database now, and that collection of personal information from members or those elected or fulfilling decision making roles needs further consideration; and
9. That DAOs should be treated as a flow through entity for tax purposes, that is the holders of tokens should be the parties subject to tax. The corporate tax base in Australia is eroding and DAOs may benefit from an automation of tax collection.
Attendees at the Roundtable included remarkable individuals such as:
1. Senator Andrew Bragg
2. Amelia Hamer, Financial Services Policy Lead Adviser to Senator Jane Hume, Minister for Women’s Economic Security, Minister for Superannuation, Financial Services and the Digital Economy.
3. Joni Pirovich of BADASL
4. Hannah Glass of KWM
5. Natasha Blycha of Stirling & Rose
6. Susannah Wilkinson from Digital Commerce Committee, Law Council of Australia
7. Mark Bland of Mills Oakley
8. Ass Prof Chris Berg and Dr Aaron Lane of RMIT Blockchain Innovation Hub
9. Scott Chamberlin of ANU
10. Martin Gray of Afterpay
11. Michael Harris and Ryan Parsons of Swyftx;
12. Pat McNab from Mycelium Ventures; and
13. the author.
Please note that any errors in the above summary are partner of Piper Alderman’s Michael Bacina’s as a result of his own interpretation of the event.