NIKOLAY KHOVRIN. CRIMINAL RESPONSIBILITY IN THE CRYPTOWORLD
CRIMINAL RESPONSIBILITY IN THE CRYPTOWORLD
The collapse of the Soviet Union was probably a catalyst for the down-shift in the evolution of human rights history. Universal jurisdiction in criminal matters used to be strictly limited by international treaties. For instance, the United Nations Convention on the Law of the Sea of 1982 limited the universal jurisdiction to only three basic internationally recognized crimes; namely, transport of slaves, piracy and illicit trafficking in narcotic drugs. With a post-USSR balance of world power distortion, various nations proceeded with an ex-territorial application of their domestic laws. It is not a new development. The British Empire used to apply their domestic laws over all of the high seas around the globe until the Russian Empire issued a Declaration of Armed Neutrality in 1780. Ever since, universal jurisdiction over the high seas has been limited to the very few, but very grave crimes, which are internationally recognised.
The evolution in a hard drive’s storage capacity made possible the creation of a “cyber” ocean in early 2000s which is under attack by domestic lawmakers, just as the high seas used to be.
It was not rocket science for domestic lawmakers and judiciary to apply crimes like money- laundering and unlicensed money service business to the crypto-world. It was done when humans decided that they could freely trade with each other using a “cyber ocean”. Old pillars of power like central banks were collapsing as the cyber-economy did not need them anymore. Everyone could issue ICOs and be a central bank in his or her own right. Unlike, for instance, piracy on the high seas, a “cyber ocean” does not pose any physical danger for its participants or for ‘cyber’ seapersons.
FREEDOM OF NAVIGATION IN THE ‘CYBER’ OCEAN
Wealth in the “cyber” world is yet to be defined, but may well be coin issuing and coin mining. No navies are needed and no states are needed for this activity. Access to the national AC grid may well be the last interaction point for the cyber seamen and the former statesmen, but eventual wireless electricity or the development of a private electrical grid will surely bring the concept of the nation state to an end. There is no justification for the presence of the state in the “cyber” ocean. Hence, there is no justification for any restriction in the freedom of navigation in the “cyber” ocean. Humans will create their smart contracts as nations in the past created treaties. Humans will create a “cyber” justice system, which will be impossible to hack.
The road will not be smooth. Various nations were endorsing piracy by issuing letters of marque, so that any seaman was able to kill in the name of the state. Nowadays, the state will not give up its attempt to limit the freedom of navigation on the cyber high seas, but the end result is clear. Humanity’s drive for freedom cannot be stopped. Either national states would have to sign an international treaty on the law of the cyber high seas or humans would embark on the creation of their own super-state.
UNIVERSAL JURISDICTION ON THE CYBER HIGH SEAS
Universal jurisdiction gives any state the right to effectively exercise criminal jurisdiction beyond its domestic borders. As a “cyber” ocean has no domestic borders, the concept of a universal jurisdiction needs clarification.
Universal jurisdiction cannot exist without a universal crime or a grave violation of universally accepted rights. The second key element is an agreement between nation states to allow universal jurisdiction over universally accepted crimes. Without these two elements, no state can legally claim jurisdiction beyond its borders.
What is meant is that, for instance, a person issuing and/or trading ICO within borders of a state not prohibiting such activity cannot be arrested by the order of the court of a foreign state, where such activity may be restricted. Can the act of issuing and/or trading ICO ever be accepted as a universal crime? No, as such activity would never meet the established criteria for internationally accepted crimes. Such universal criteria would involve ultimate physical harm to a human being. Cyber-activity would never pose a threat of ultimate physical harm to a human being and, as such, would never meet the established criteria for internationally accepted crimes.
One would argue that there are very many serious crimes emanating from activities without any physical harm to humans. Indeed, this is true, but the source of criminalisation of such activities is domestic and not international. So, such domestic crimes will not qualify for universal crimes.
The law enforcement agencies were quite fast to respond to the explosion of cyber-activity in the last 20 years. They did not have time to pass domestic legislation. The law enforcement agencies lacked enough knowledge to convince parliaments about the need to restrict the freedom of navigation on the ‘cyber’ high seas. So, they decided to apply qualifications of secondary crimes, like money laundering, for their targets.
I argue that money-laundering or hiding criminal proceeds are secondary crimes and cannot exist without a base crime. One can not apply qualifications for a secondary crime to activity in the cyber world unless qualifications for a base or primary crime are met.
Universal principles are strict and tough. A navy detachment can board a pirate ship and arrest her along with the pirates, but, unless the circumstances are extraordinary, the pirates will be extradited to their home country for trial under their domestic laws.
So, it is fair to allow domestic criminal law articles to develop and create awareness among local ‘cyber’ actors before there is any chance for this to be discussed and accepted among nations. Sea piracy had been going on for thousands of years as a phenomenon before being recognised as a universal crime, in 1982. ICOs are a 10-year phenomenon, but humans are already being arrested and jailed outside of their home nation, even though it is definitely outside of the scope of international law.
The all-out war against the freedom of navigation in the cyber-world is probably the result of a fear among established power groups about the loss of such power. Such power was always psychological, as nobody can, ultimately, control a human being. For the last few centuries, such power was based on gold and fiat currencies issued by central banks. ICOs are diluting the importance of fiat currencies.
CRYPTO EXCHANGE – AN ULTIMATE TARGET
The exchange of fiat currencies for ICOs is an ultimate target for law enforcement agencies. Such exchange is supposed to be regulated or self-regulated to the tune of the bank. Modern day banks lost the traditional appeal of a trusted third party for the safe storage of value. The modern day bank is, in a sense, a central bank’ agent and, in many countries, is also a fiscal agent of the government.
Blockchain technology gives a reliable platform to substitute a bank as a trusted third party. The recent financial crises of 2007-2008 and subsequent bank “haircut” in Cyprus gave a final blow to the credibility of both the central bank and its commercial private bank agents. So, it is natural for people to exchange their fiat currencies for ICOs using crypto exchanges. Crypto exchanges become an exit point for people who lost credit with banks and with governments. So, it is evident that it was not a coincidence seeing crypto exchanges and their principals as targets. Individuals are charged without mercy for money-laundering, having an unlicensed money service business, engaging in unlawful monetary transactions and other crimes, under the domestic laws of interested law enforcement agencies, They are also arrested under a self-proclaimed universal criminal jurisdiction anywhere in the world.
One could argue that some crypto exchange principals were reportedly applied to the money- laundering of very serious crimes’ proceeds and other activities. It may well be true, but in the criminal proceedings, no evidence can be used which was illegally obtained which is illegal under international law.
PLACE OF DELICT
Another fundamental principle of criminal responsibility is an application of the law of ‘the place of the delict’ or, at least, the place that the suspect has the closest relations with. One could argue that the cyber world has become international and it is virtually impossible to find the place where the delict took place. This may well be true, but, recently, nations developed a good and internationally accepted practice in prosecuting sea pirates. Various modes of “Somalia pirates” prosecutions were tried, ranging from sending them to the warship flag state prison to releasing them to the mercy of the sea. In the end, the UN sponsored the establishment of penitentiary or correctional facilities in Somalia so that Somalia pirates could be tried and punished in their homeland. So, in a sense, the principle of international jurisdiction was limited to intercepting the pirates by warships and forwarding them to their country of origin. So, the place of delict was re-defined as not the physical place of the crime, but the country where the suspect was originating from. The importance of this is vast. The mission of the country is to establish standards of behaviour and to educate its citizens. No one could claim to have universal standards of behaviour for all, as only 3 crimes, as mentioned before, were recognised as universal criminal wrongdoings. So, the people’s diversity will command the existence of the state for years to come. The nations have to respect the country of origin when defining the place of delict of international crime. No one can neither export nor import justice.
In the next issue, we will touch on the basic principals of establishing criminal responsibility.
In a technological world, where new technologies are abundant, cheap and easily available to public, it become hard to establish how good or bad they are for people. It must involve criminal intention or criminal negligence in committing the crime and a breach of the tolerance limits for criminal responsibility to apply. Tolerance limits ordinarily concern the amount of damage, but when a new technology evolves, sometimes the amount of damage is unknown or no one is interested in investigating it. For instance, since the emergence of high altitude jet passenger flights, no nation state seems to be raising alarm about the simple fact that all of the jet passengers are exposed to solar radiation at levels five times higher than on the earth’s surface. Exposing a human to radiation may well be a severe crime in many jurisdictions, but, still, millions of passengers are exposed daily, without any concerns. So, exposing passengers to solar radiation is within tolerance limits. Why not apply the same principle to cyber activity and, instead of unilateral expansion of domestic criminal jurisdiction over cyber space, expand the tolerance limit, for the sake of technology and human well-being. Japan is a good example of wise applications of the tolerance limits for the sake of technology and the well-being of society. It was one of the 1first nations to allow the free trade of Bitcoin, but it was not an accident. It was a tradition of wisdom. In Japan, the tolerance limit of road speed limit violation is 30 km/h. Japanese drivers are, reasonably, saying that they need speed to overtake the car in front of them. In Europe, the tolerance limits differs from country to country, but, generally, it is from 4 to 10 km/h. Needless to say, such a low tolerance limit made a vast amount of people speed limit criminals. Low tolerance limits in cyber space would criminalise a vast amount of the population, without creating any “good”.
GUILT AND THE STANDARD OF PROOF
Criminal guilt is an intention to breach criminal law or gross negligence when the breach of criminal law was caused by gross negligence. Unlike in civil cases, where the standard of proof is laid on the balance of probabilities principle, in criminal cases, criminal guilt must be proven beyond a reasonable doubt. As it is a very hard task for law enforcement agencies, for many centuries, they practiced forced confession. The easiest way for forced confession is an arbitrary detention of the suspect. Unfortunately, while arbitrary detention is an international human rights violation, it is widely practiced around the world. That is why the first thing that the prosecutor asks from the court is to grant a warrant of arrest of the suspect, with a search warrant along the way. Traditionally, these tools were used against organised crime members. Gravely, arbitrary detention or abuses of power or due process when an arrest warrant is issued ex-parte and without valid grounds are becoming routine in modern-day society.
Cyber actors are, in most cases, not members of the criminal underworld. They are highly-educated IT specialists, engineers or computer scientists. They have no criminal background and have no criminal mentality. Modern society needs such people as the drivers of the modern service-based IT economy. It is impossible to convince me that an average Mr. X, after graduating university and earning a PhD in computer science, all of a sudden becomes a hardcore criminal who needs to be detained or arrested and, sometimes, outside the jurisdiction. Still, prosecutors are successful in getting arrest and search warrants. The prosecutors should also understand that their authority in indicting is emanating not only ex-officio, but as a result of being an ultimate authority in understanding the guilt of the suspect on the basis of legitimately obtained evidence. The arrest and search warrants should only be sought when there is legitimate proof that the suspect is posing a real threat to domestic society. The defendant attorneys should also be well-qualified to protect the rights of the suspects and, in particular, to make sure that no arbitrary detention is taking place.
It is very important to understand that, unlike street crime, one does not need to be in the wrong place to be affected by cyber crime. The widespread use of technology makes the vast chunk of the population vulnerable to it. This is probably a justification for domestic law enforcement authorities acting without waiting for universal jurisdiction over cyber crimes to be entered into international law, along with an internationally accepted definition of cyber crime. Policing a vast cyber space may be a monumental and hardly achievable task for any single nation. A study of law enforcement practices around the globe may well be needed before applying the best solutions internationally. In the meantime, education is greatly important for all of the actors.
For the case study, the author suggests establishing two empirical crypto exchanges: one being qualified by an existing criminal case as a criminal crypto exchange or as a bad one and the other one, in contrast, as a fully legitimate exchange from law enforcement officials’ point-of-view or as a good one. Unfortunately, prosecutors are not allowed to do vetting of the crypto exchange start-ups, so business promoters have to rely on existing practice, which is always scarce in the high-tech technology field.
The key ingredient for a criminal crypto exchange is, from the prosecutors’ point-of-view, the non- existence of so called KYC or “know-your-customer” policy. A legitimate crypto exchange should follow KYC policy similar to banks, with customer’s names, ID or passport copies and addresses being collected and duly stored, in compliance with modern data protection legislation. A lack of names or biography of the key principals is also suspicious. So, the publication of names and adoption of KYC is a sign of a good and legitimate crypto exchange. On the other hand, being anonymous is a sign of a bad crypto exchange. Thus, the front office should be visible, transparent and, generally speaking, accessible by appointment only for vetted customers.
Being regulated or not being regulated by a government agency is another distinction made between a good and bad crypto exchange. Governmental supervision is definitely an issue, as no single government can offer a comprehensive solution for all. Governments, like businesses, compete and try to attract businesses in order to create employment for their citizens, but make no mistake. From the prosecutors’ point-of-view, a good crypto exchange uses a single jurisdiction, starting from the place of incorporation and phone numbers to the server location. The use of different jurisdictions is a sign of a bad crypto exchange.
The banks and some other businesses established a system of reporting suspicious transactions and, in essence, blocking such transactions in order to have time for verifications. Government agencies and law offices created a new business of checking a vast amount of so-called suspicious transactions, with reports generated either automatically or by compliance officers. One would expect a good crypto exchange to report suspicious transactions and block them for the time needed to verify them with the government. One would expect no reports from a bad crypto exchange.
Criminalisation of a sea captain or a sea master’s work, evident during recent years, drove many talented people away from the marine industry. The sea master’s time is now, in some cases, occupied not by steering his ship, but by paper work. The fear of being criminally liable is taking its toll on bankers as well, who, in many cases, become dysfunctional in granting loans out of fear of being criminally prosecuted for bad loans. Criminalisation of cyber activity will, ultimately, be a strain on technological development and a break in creating new businesses. A loss in human productivity will result in less economical development, more poverty and more ordinary crimes.
The best solution, from my point-of-view, is for governments to strive to develop their societies; educating people and creating new opportunities.