What are the smart contracts and how do they work?
When we talk about smart contracts, we are referring to programs or algorithms that are stored in a blockchain, which execute pre-programmed instructions for automated operation, and can deal with a variety of issues, from verifying the identity of users, to investments or financial data. Through smart contracts, intermediaries are eliminated, and, with this, there are cost savings for the consumer.
This new type of contract is decentralized, immutable and transparent, since the code is visible to all, protected by blockchain technology and distributed among thousands of computers (avoiding its custody by a single company).
It is important to emphasize that, being computer programs, these are created by people, only that, once programmed, human intervention is minimal, trying to avoid any human factor, so that there is a fully automated operation of the decisions of smart contracts.
As indicated in art. 35 and 36 of the RGPD, since it is an automated system, special attention must be paid to security measures, which must be proportional to the prior data protection impact assessment, which must be carried out in any case.
Smart contracts must have minimum security measures, such as some examples given below:
– Human intervention by the responsible party.
– The possibility for the user to challenge the automated decision.
– Data protection policy
– Governance measures proportionate to the service
– Protection, security and management measures
– Immediate notification of security breaches
When dealing with contracts governed by this automated nature, we must bear in mind art. 22 of the GDPR, which states that individuals may not be subject to decisions based solely on automated means when such decisions entail legal effects or are likely to significantly affect them.
However, art. 22 has some limited exceptions:
1. Explicit consent (express, unequivocal and informed consent of the data subject).
2. The conclusion or performance of a contract between the data controller and the data subject.
3. The existence of an enabling law
Smart contracts are created with the idea of being executed through the data inside them, without having access to external information. Even so, there is a possibility of accessing this information, provided that it is relevant to the information already stored, through what is called the “oracle”. The oracles are instruments that allow updating the internal state of a smart contract through external information, acting as a link between the blockchain and the outside. However, the source that uses the oracle, being a third party, is contrary to the idea of decentralization of these contracts, since we are talking about a third party that can corrupt the information. In any case, there are already projects that are developing solutions for this circumstance.
In addition, any alteration in the blockchain will produce new transactions, which produces changes in the stored information and can lead to the cascade execution of other smart contracts.
This new reality will occupy a greater part of our lives on a daily basis and, therefore, from Letslaw, as lawyers specialized in digital law, we will not only continue to inform you about the latest developments in this area, but we will also answer your questions.
Letslaw es una firma de abogados internacionales especializada en el derecho de los negocios.