A recent case, AA v Persons Unknown and Others, re Bitcoin, involved a proprietary injunction application over Bitcoin to the English Commercial Court. A proprietary injunction stops a person from dealing with assets in which the claimant has a proprietary interest. A proprietary injunction is therefore particularly effective if the applicant can show that there is an arguable case that all of the plaintiff’s assets belong to him or her.
A Canadian based insurance company was subject to a cyber-attack. A hacker infiltrated the company’s IT system and installed malware that encrypted its contents. The hacker held the system to ransom, demanding payment in exchange for the necessary decryption tool.
The company was insured against cyber-crime attacks by the UK insurer. The UK insurer negotiated and paid a ransom of 109.25 Bitcoins, then roughly equivalent to €875,000. The hacker provided a decryption tool once it received the ransom payment.
Following this, the UK insurer engaged a specialist blockchain investigations firm to track down the Bitcoins. The bulk of the Bitcoins were traced to an account held by the Bitfinex exchange. It was inferred that Bitfinex would hold information on the identity of the hackers by virtue of their KYC anti-money laundering procedures.
The insurer therefore issued proceedings in the UK seeking a private hearing and a proprietary injunction over the Bitcoins held by Bitfinex exchange. A private hearing was granted so as not to tip off the hacker and to prevent the risk of the Bitcoins being moved or further revenge attacks.
Is Bitcoin property?
As proprietary injunctions can only be granted over ‘property’, a focal point of the case was whether Bitcoin can be considered ‘property’.
Cryptocurrencies do not sit neatly within either of the two traditional kinds of property recognised by English law. These are:
A ‘thing in possession’, that is something capable of being possessed in a tangible sense, or
A ‘thing in action’, that is a right capable of being enforced by an action
The judge carefully considered the UK Jurisdiction Taskforce (UKJT) November 2019 Legal Statement on Crypto-assets and Smart Contracts that addresses the proprietary status of cryptocurrency. The judge concluded that the statement’s detailed legal analysis of the proprietary status of cryptocurrencies as a novel kind of intangible asset was compelling and the Court should adopt it. The reasoning is that crypto-assets are:
Capable of ownership
Capable of definition and their owners can be identified
As permanent as other financial assets and only exist until they are cancelled, redeemed, repaid or exercised
Stable, as ordinary assets are subject to deterioration, corruption and loss, and
Not disqualified from being property due to their distinctive features, in that they are intangible, require cryptographic authentication, require the use of a distributed ledger, decentralised, ruled by consensus and so forth
On this basis, the Court granted the injunction. It also ordered the owners of the Bitcoin exchange to provide the identity and contact details of the hackers.
Importance of the decision
While not the first case to contemplate crypto-assets, the ruling provides the first substantive judicial reasoning to treat Bitcoin as ‘property’. The ruling could lead to other crypto-assets being treated as ‘property’. The case is also notable due to the Court’s heavy reliance on the UKJT’s statement.
Even with this decision, the question remains open as to whether crypto-assets can be used as security or how they may be treated in an insolvency situation.
The subject of cryptocurrencies and assets is an area of law that is evolving quickly. This case provides the first common law analysis of whether Bitcoin and cryptocurrencies can be treated as property. While this makes the case notable from Irish perspective, an Irish court is not bound by the decision.
Despite this, the decision provides more certainty for investors and could significantly boost confidence in the development and use of crypto-assets in the global financial services industry. It is also helpful for institutions attempting to recover misappropriated crypto-assets. The case has potentially far reaching consequences for financial institutions and corporate firms faced with the increasing threat of cyber attacks, as well as their insurers.
At a European level, the European Commission has published its Work Programme for 2020, setting out its policy initiatives and priority proposals for the year ahead. Among them is legislative proposal on crypto-assets and a cross-sectoral legislative proposal on financial services firms’ operational and cyber resilience.
The content of this article is provided for information purposes only and does not constitute legal or other advice.