Yahoo and the Designated Scapegoat

So it turns out Yahoo had another gigantic data breach, this time involving the theft of data from over a billion accounts. Once again, they’re blaming state-sponsored actors. According to government officials via The Washington Post, the FBI believes this was the work of Russia.

State-sponsored hacker from a country we don’t like” is the new designated scapegoat. Every generation needs one. If you were late for work in the 19th century, you would claim that Indians stole your horse. Those who lived in cities blamed immigrant groups and their associated gangs. Last century, anything bad could be attributed to communists, communist sympathizers, Iraq, drugs, and dangerous minorities. Now the go-to fall guy is global warming, terrorists, and state-sponsored hackers. North Korea, Iran, China, Russia, or any former Eastern bloc country will do.

“Hacked by a nation-state” is a great excuse because it invites all sorts of confirmation-seeking. If there’s malware involved, find some similarities it shares with tools used in previous attacks attributed to that country, like FOR loops. If the hackers sent a phishing email, registered a misspelled domain name, or accessed your database using the internet, point out that that’s consistent with the techniques of state-sponsored hackers. If there’s no evidence at all, it’s because state-sponsored actors have super sophisticated exfiltration techniques that can’t be detected.

Did your company cut corners on the security budget only to get royally pwned? Blame the Russians and instantly escape all liability! It’s like a get-out-of-jail-free card. Instead of dealing with class action lawsuits and demands to fire the CEO, you’ll instantly be treated with sympathy and hailed as a martyr.

(Remember that time Susan Smith drowned her two kids in a lake, and then went on national television and swore that a black guy took them? Is it bad that that’s the first thing I think of whenever someone blames an unpopular nation-state for a big data breach?)

Note: This is not intended to make any implications about the DNC hack. I’m still getting hate mail over this one so let’s just assume the DNC and Podesta are special and leave it at that.

Leper Colony Currency

Yesterday, Isoroku and I spent several minutes arguing over whether I should pick up a dime that I spotted near a gas station garbage can. (Spoiler alert: I did!)

On the one hand, ten cents is ten cents. On the other hand, ground money is filthy. In fact, here’s currency expert and former IMF chief economist Kenneth Rogoff:

Researchers at New York University analyzed $1 bills and found evidence of thousands of microbes, including a wide range of bacteria, even some antibiotic-resistant ones. Though most people are aware of the hygiene problems associated with handling cash, one can imagine paper currency being an agent of transmission in some future pandemic.

OH MY GOD.

This belief was popular at the end of the 19th century, when leprosy was thought to be highly contagious and patients were quarantined in isolated colonies. Healthy people worried about touching money that had been in contact with leprosy patients, so many governments issued separate currency only for use in leper colonies.

The US operated the Palo Seco Leper Colony in the Panama Canal Zone. Palo Seco coins were backed by US currency deposits and corresponded to US coins in size and weight, except that they had holes. Leprosy affects peripheral nerves, and holed coins made it possible for patients to string them together for ease of handling.

Here are some more pictures of leper colony coins.

Leprosarias Nacionales (Leprosy Nation), Venezuela 1939.
Nagashima-Aisei En Leprosarium, Japan 1931.

Today, we know that leprosy isn’t transmissible by money. Most doctors knew this back then as well. The differentiated currency was mainly an excuse to further segregate leprosy patients and prevent them from escaping from their colonies.

Currency is a poor agent for disease transmission. First of all, human skin is naturally covered in thousands of strains of bacteria (even antibiotic-resistant ones!), many of which play a protective role by competing against pathogens and suppressing fungal growth. A deadly microbe on a dollar bill would have little chance of infection unless people are stuffing currency into their respiratory passages. (Or picking their nose and rubbing their eyes after handling money. Don’t do that.)

Even then, pathogens don’t transfer well on porous surfaces like paper or fabric*. Viruses and bacteria actually survive much longer on hard surfaces like plastic credit cards. Every time you insert your credit card in a card reader, you’re picking up germs from every other credit card that reader has processed. One can imagine credit cards being an agent of transmission in some future pandemic.

*Note: This statement comes from the National Health Service in the UK, but it seemed suspect so I consulted a microbiology professor at USC. He speculates that the experiment was conducted by spraying viruses on different surfaces and measuring the recovery efficiency after different lengths of time. A porous surface like paper would have a low recovery rate because viruses get pulled into the fibers, where they suffer protein degradation until they are effectively dead.

Self-Enforcing Smart Contracts

Here’s Matt Levine on why my earlier smart contracts post was wrong:

Just because your contract has enforced itself automatically, that doesn’t mean that courts don’t get any say. They can order you to un-enforce it, or to pay damages for enforcing it wrong.

It’s not that the courts don’t get any say, it’s that it’s not economically rational for the courts to have any say. Oliver Hart’s 1989 paper on incomplete contracts talks about “self-enforcing contracts” [1]. Not smart contracts or anything on the blockchain, but the fact that people mostly do the things described in a contract without a court order and a pointed gun.

This is largely motivated by the assumption that it’s cheaper NOT to go to court. If I don’t make my monthly car payments, a repo man will take my car. And maybe I can hide the car in the backyard for a few days, but that just means the repo man has to obtain a court order that forces me to not only return the car but also pay for the associated costs. If I still ignore THAT, then I go to jail.

Most people anticipate this sequence of events so they do what they promised without getting the courts involved. A smart contract that disables a car’s starter after a missed payment simply replaces the steps between the repo man and the court order.

Levine points out a case where someone missed a car payment (or three) and the creditor used a starter interrupt device to disable her car. So she sued the creditor.

The starter interrupt device worked exactly right! Asking a court to enforce (or un-enforce) a contract is expensive, and someone has to bear the cost of taking the case to court. In this case, the starter interrupt device placed the burden on the person who breached the contract. Without this device, it’s the job of the creditor to hire a repo man and deal with the cost of repossessing the car.

By removing the burden of lawsuit from the creditor, lenders will have a lower cost of lending, and be able to offer lower rates and provide more loans. Repo men don’t have a perfect recovery rate, which makes it hard for a lender to assess a transaction’s risks and set appropriate rates to accommodate the allocation of costs. Smart contracts offer accurate loss expectations that mean creditors are better able to repackage the loans, sell the debt, increase bond market liquidity, and avoid a potential subprime-auto-loan financial crisis.

Or maybe you think that technological determinism is bad, because a computer can’t have the warmth and compassion of a repo man. That’s fine! Not everyone needs to use a smart contract or agree to have a starter interrupt device!

There’s an unfortunately popular notion that smart contracts are standalone agreements that exist as “immutable, unstoppable, and irrefutable computer code.” I blame the idiots who created the DAO.

Even irrefutable computer code has human user interfaces that set the expectations for contract performance. Those who felt that the DAO’s performance failed to meet their expectations have every right to use the legal process. Presumably these people live in some human jurisdiction, and in that jurisdiction there are courts. The courts don’t even need to be able to interpret computer code, because the DAO came with human-language terms and conditions:

The terms of The DAO Creation are set forth in the smart contract code existing on the Ethereum blockchain at 0xbb9bc244d798123fde783fcc1c72d3bb8c189413. Nothing in this explanation of terms or in any other document or communication may modify or add any additional obligations or guarantees beyond those set forth in The DAO’s code.

The fact that no one has turned to the legal process doesn’t mean that they live in a techno-utopian absolutism; it just means that going to court is a gamble that no one wants to bet on. A smart contract can shift the burden of lawsuit, but it can’t shift the law.

References
1. Allocation, Information and Markets (I can’t find a copy of the paper outside of this book so here is an excerpt: 1, 2)

Vending Machines for Plane Crash Insurance

air-ins

Remember airport life insurance kiosks? Airport terminals used to have vending machines where passengers could buy life insurance policies before boarding. The machines accepted quarters and dispensed an insurance policy, which the buyer would fill out and deposit in an envelope addressed to the beneficiary. The insurance policy expired the next day.

Source: StraightDope
Woodrow Wilson bought the first flight passenger policy in 1919.

This is a brilliant business model! Airplane accidents were uncommon, but planes were new and intimidating enough that the media made a big deal every time an airplane crashed. As a result, passengers thought they were taking a very real risk every time they flew. Plus, dying in a fiery crash is easy to verify, so there was little opportunity for insurance fraud.

Airplane accident insurance companies had one of the lowest loss ratios in the industry.

dec2015x11wnv1935willrogersdeadfp

Over time, people realized that airplanes didn’t actually crash all that much, so passengers stopped buying accident insurance at the airport and now we waste our money on duty free shopping instead.

Insurograph machine. Floyd Bennett Field I think. 1946.
Insurograph machine. Floyd Bennett Field (I think). 1946.

See Also:
Airplane Trip Insurance, 20 Wash. & Lee L. Rev. 346 (1963)

Can Smart Contracts Be Legally Binding?

A couple weeks ago, I was pointed to this whitepaper (h/t @squarelyrooted) by law firm Norton Rose Fulbright that asks, Can smart contracts be legally binding contracts? I was totally gonna read it and post a summary, except that I couldn’t manage to get past the first page without vomiting.

screen-shot-2016-12-05-at-11-46-17-am

Turns out I had norovirus (the KFC on El Camino, I bet), but I’m all better now so let’s get to it.

I’ll skip straight to the whitepaper’s conclusion: Can smart contracts be legally binding? It depends! Okay, done.

But being written by lawyers, the key findings are summarized using a lot more words:

Legally binding contractual effect depends on a number of variables. It is tempting to conclude that, just because the moniker “smart contract” includes the word contract, it is a legally binding contract as a matter of law. This is not necessarily correct. Whether it is so in a given situation may turn in part on the type of smart contract at issue, the factual matrix within which it operates, and the applicable law determining the issue.

Huh. The conclusion is nonsensical because the entire question is nonsensical. Asking whether smart contracts can be legally binding is like asking whether submarines have gills or blowholes. You’re thinking of the wrong animal! Except you’ve not only got the wrong animal, you’ve got the entirely wrong thing.

A smart contract isn’t a legally binding contract. It makes no attempt to be a legally binding contract. It’s only called a “contract” because it mimics the effect of a legal contract.

Legal contracts exist to provide incentives for certain actions. One really big incentive that legal contracts provide is “Do the things you promised or else I will take you to court.”

You could also call that a threat, but that’s just the other side of the same token. “Do things or I will take you to court” is a really shitty and expensive incentive that most people only turn to as a last resort.

Smart contracts incentivize performance too, but they do it using software instead of the threat of litigation. The incentives tend to look more like “Make your car payments on time or else your ignition won’t start,” or “Deposit a quarter or else you don’t get a candy bar.”

fruit

The whitepaper isn’t just 52 pages of ambivalence; it explores nuances like the elements needed to form a legally binding contract. Under English common law, that means there needs to be an offer, acceptance, an exchange of value (consideration), intent, and certainty.

Like, does a stationary vending machine constitute an offer? The paper says Yes, as demonstrated in the case of Thornton v Shoe Lane Parking.

And if you put money into the vending machine, does that constitute acceptance?

In the case of Thornton v Shoe Lane, some guy named Francis Thornton bought a parking lot ticket from a vending machine, parked his car, and later got hit by another car. He sued the parking lot company for his injuries, and there was a lot of arguing because the vending machine had printed a ticket that said: “This ticket is issued subject to the conditions of issue as displayed on the premises.”

There were signs on the parking lot pillars that said the management shall not be held liable for damage or injury, but Thornton was not aware that those signs applied to him until the ticket told him so. Really, those signs could have been for anybody. So the acceptance didn’t count cuz the terms were uncertain.

The Norton Rose Fulbright paper also draws comparisons to clickwrap agreements. When you download an iPhone update and click “I Agree” on the Terms & Conditions, is that legally binding??

centipad

It doesn’t matter! None of this is a smart contract!

Smart contracts make it so lawyers don’t get to argue over nonsense and write 52-page papers discussing clickwrap case law. The whole point of a smart contract is to NOT go to court.

If you need to ask whether your smart contract is legally enforceable, you’re doing it wrong. Smart contracts make it so people don’t have to litigate over details like “Did this guy pay for parking or not?” Sure, smart contracts should be designed to model the common-law process of contract formation – not because that makes them legally binding, but because it’s a highly-evolved process that has been used for hundreds of years.

And in higher-value cases, smart contracts can be used with traditional contracts to control the burden of lawsuit. But if you’re worried about how the courts might interpret the terms of your smart contract, you should probably try using words.

See Also:
Nick Szabo, Formalizing and Securing Relationships on Public Networks. 1997.