The DAO Debrief: Lessons Learned on DAO Liabilities and Regulations
We dedicated this March at the Blockchain Law for Social Good Center (“BL4SG”) to Decentralized Autonomous Organizations (“DAOs”). With the release of the DAO Toolkit at the World Economic Forum (“WEF”), we first examined how DAOs can be leveraged as vehicles for positive social impact and align with Environmental, Social and Governance (“ESG”) objectives. As an example of how DAOs are already making real-world impacts, we spotlighted H.E.R. DAO and their efforts to enable inclusion in Web 3.0. On February 14th, BL4SG hosted the first event at its new home, University of San Francisco School of Law, to discuss the potential liabilities that could arise from DAOs and the emerging regulatory landscape. Our panelists – Nik De from CoinDesk, Lisa Rubin from Paul Hastings and Min Wei from the Algorand Foundation – offered legal, policy and technical perspectives as we explored these topics in greater depth.
Unlike traditional entities, where decisions are made by a central authority, DAOs are governed by their members. Even though several thousand DAOs have already come into existence, with over $10 billion collectively held in their treasuries, there are still numerous legal uncertainties in this space (1). Specifically, existing corporate forms, which emphasize centralized management structures, might not necessarily apply to DAOs and have prompted several states to adopt legal frameworks specific to DAOs (2). Without a formal “legal wrapper” or liability protection, however, DAOs could be construed as unincorporated associations that could be subject to joint and several liabilities. In other words, a member signing on behalf of a DAO could unknowingly be signing on behalf of themself and become “accidentally liable.”
Ooki DAO, a Decentralized Finance (“DeFi”) platform, is a contemporary example of how legal frameworks for DAOs are being developed in real-time. In September of 2022, the Commodity Futures Trading Commission (“CFTC”) filed a complaint alleging that Ooki DAO had violated CFTC regulations, the Bank Secrecy Act and the Commodity Exchange Act (3). Given the “minimum contacts” that Ooki DAO had established with residents of Northern California, the Court – in this instance the United States District Court for the Northern District of California – was granted jurisdiction over this matter. Unbeknownst to the CFTC, however, service of the complaint to Ooki DAO would become an unexpected hurdle.
Since DAOs are effectively leaderless, and many (if not all) members tend to remain anonymous, it can be difficult to determine who gets served. Faced with this predicament, the CFTC ultimately served Ooki DAO via its website help chat box (4). Despite amicus briefs contending that Ooki DAO is a technology and not an entity, thereby providing an exemption to service, the Court noted that members of Ooki DAO had seemingly acknowledged the complaint through internal communication channels (5). Additionally, Ooki DAO conspicuously firewalled its website to prohibit access for United States internet protocol (“IP”) addresses soon after the CFTC filed its complaint.
While the Court’s acceptance of service via help chat box does not set a judicial precedent, it could have persuasive authority in future proceedings against DAOs. As the Court has asked Ooki DAO members to come forward, presumably with the risk of liability exposure, it is yet to be determined if non-voting token holders could be exculpated from the CFTC’s claims. Conceivably, token holders that voted against proposals that allegedly violated federal laws and CFTC regulations would have the strongest defense. This would align with existing corporate jurisprudence that protects directors in fiduciary duty actions who voted in the best interest of the company and in accordance with the law, but the implications for DAOs have yet to be determined.
Without codified laws, it appears that founders will continue to push the envelope to see what might be possible given existing regulatory frameworks. Those that take a more prudent approach and enlist legal counsel early on must still consider a number of factors. Specifically, it is important to think about the DAO’s priorities and what it seeks to protect. Even in jurisdictions that appear favorable to DAOs, there could also be reputational risk that might diminish the trust of investors or even create unexpected tax consequences. While DAO Limited Liability Corporations (“DAO LLCs”) in Wyoming, for example, might be compelling at the outset, some have suggested that certain statutory provisions – such as the requirement for smart contracts to be amendable – do not necessarily comport with the purpose of DAOs and are more restrictive than general LLC requirements (6).
The lack of concrete rules for the crypto industry – whether that be through congressional or judicial creation – has opened the door for administrative agencies, particularly the CFTC and Securities and Exchange Commission (“SEC”) to pursue “regulation by enforcement” actions. This is evidenced by how the SEC has broadened the scope of the Howey Test, a longstanding framework to determine if there has been the issuance of an investment contract (7). As Ripple Labs continues its defense over an alleged unregistered initial coin offering (“ICO”), the SEC recently shut down Kraken’s crypto asset staking protocol after alleging that it was an unregistered security. Although the latter ended in a settlement, and does not set legal precedent, there is a sense that regulators are actively pursuing “lower hanging fruit” where there are greater odds of success. For Kraken, the advertisement of exceedingly high investment returns could have triggered the SEC’s complaint.
Regulations will ultimately lay the foundation for the broader adoption of Web 3.0, the next iteration of internet that is built on blockchains. In light of recent developments, particularly at the cost of consumers, there is a sense that lawmakers are ready to have conversations and move forward with legislative drafting. Eventually these policies may permeate into DAOs and provide clarity such that members do not inadvertently expose themselves to liabilities. Fundamentally, DAOs are the essence of democracy – with a focus on building communities where everyone has a voice – and have the potential for untold amounts of social impact.
(1) Framework for “Investment Contract” Analysis of Digital Assets, U.S. Securities and Exchange Commission (April 3, 2019) (2) Legal Entity, DAO Research Collective (February 24, 2023) . (3) Turner Wright, CFTC can issue summons through Ooki DAO’s help chat box, says judge, Cointelegraph (October 4, 2022) (4) George P. Angelich et al., Service of Process in the Digital Age: Twitter, Blockchain, and Chatbox Valid Methods or Modern Nail & Mail?, The National Law Review (February 16, 2023) (5) Release Number 8590-22, Commodity Futures Trading Commission (September 22, 2022) . (6) Despite the first on-chain decentralized autonomous organization, The DAO, being hacked for $150 million in 2016, DAOs have steadily grow in popularity. Jamie Redman, Decentralized Autonomous Organization Statistics Show $10 Billion Is Held by DAO Treasuries, Bitcoin.com (June 10, 2022). (7) Vermont recognizes Blockchain-Based Limited Liability Corporations (“BBLLCs”), Tennessee recognizes Decentralized Organization LLCs (omitting “autonomous”) and Wyoming recognizes DAO LLCs. Jana S. Farmer and John Cahill, DAOs: A game changer in need of new rules, Reuters (October 7, 2022)