Following the Government’s launch of the consultation process on the setting up of a DLT Regulator with the proposed Malta Digital Innovation Authority, it is important to analyse the implications of a DAO on Distributed Ledger Technologies (DLTs).

What is a DAO?

A Decentralised Autonomous Organisation (DAO) is a computer program, running on a peer-to-peer network, incorporating governance and decision-making rules. DAOs can be programmed to operate autonomously, without human involvement, or the code used can provide for direct, real-time control of the DAO and the funds it controls. This operation is usually undertaken by a bundle of smart contracts, culminating in a set of governance rules that are automatically enforced and executed through blockchains.

So how would this work exactly?

A DAO is a collection of nodes which can be individuals whose relationships with one another are governed by rules-based computer protocols known as ‘smart contracts’. These smart contracts use modus ponens (if/then) logic to create what are in theory self-executing, self-enforcing state-contingent contracts.

At a conceptual level, a DAO would function in an autonomous manner relying on smart contacts that in turn create a link between the nodes (and hence the entity) that can function independently in cyberspace, without the need to refer to the real world. In practice, realisation of this concept should ensure the following:

  • The legal relationship is concluded by electronic means, without the need to use paper documents or traditional signatures, and it may also be modified in this manner.
  • Performance of the legal relationship or elements thereof does not have to be tied to any action in the real world—it is automatic and subject only to the rules established in the smart contract.
  • The conclusion, modification and performance of the smart contract are not dependent on the will of any third party (that is not a party to the smart contract), including a court, but only depend on the software code.

Some examples and benefits

A DAO could adopt a mediating role between different parties in a decentralised but ultimately human-controlled organisation, or it might constitute a more fully autonomous organisation that is controlled entirely through algorithms (particularly in the future with the surge of AI). For example, a DAO could own a self-driving car that acts as a taxi 24 hours a day. This would generate income that it would use to pay for its own fuel, repairs and insurance, and save money to replace the vehicle at the end of its useful life.

By way of another example, a group of individuals could write a smart contract stipulating that if a blog post is viewed by more than one hundred people, the author would automatically receive some modest payment. These smart contracts then send instructions to the blockchain or other distributed ledger platforms, theoretically thereby enabling the immediate transfer, verification and recordkeeping of payments in the form of Bitcoin, Ether or other crypto-currencies.

Some issues

1) While the simplest smart contract involves dealings between two entities, relations can be much more complex in a  DAO. Various entities are involved in a DAO, have different ties to it and are devoted to different goals. For now, humans are running these organisations. However, that may soon change, as human-run functionalities are replaced by software operating over a blockchain. However a DAO could also be programmed and released to facilitate the trade of illicit goods or banned products. Regulatory bodies would have a tough time shutting down this type of service, because it is both stored and executed in a distributed manner across an entire network of hashed nodes and computers.

2) Over time, as Internet-enabled devices become more autonomous, these machines can use decentralised organisations and the blockchain to coordinate their interactions with the outside world. We could thus witness the emergence of DAOs that enter into contractual relationships with individuals, other devices or DAOs in order to create a complex ecosystem of autonomous agents interacting with one another according to a set of pre-determined, hard-wired, and self-enforcing rules. This raises the question of what is legally versus technically binding and if the law is able to cover for machine to machine contracts without human intervention. While contract law implements a series of safeguards to protect consumers from scenarios that might either invalidate the contract or make it non-enforceable (e.g. information asymmetries, undue influence, unconscionability, and incapacitation), smart contracts operate within their own closed technological framework. Although implementing basic contractual safeguards and consumer protection provisions into smart contracts is theoretically possible, in practice, it may prove difficult given the formalised and deterministic character of code.

3) With the growing amount of data that is being created or collected and the deployment of sophisticated data mining techniques, it is now possible to extract valuable information and elaborate detailed users’ profiles stemming from big data analysis and inference techniques. As more of this data is used to inform the operation of smart contracts and decentralised (autonomous) organisations, algorithms and source code will soon start playing a significant role in our everyday lives. Once widespread, we could witness the emergence of so-called “algorithmic governance”; the term refers to a new normative system capable of regulating society more efficiently, reducing the costs of law enforcement and allowing for a more customised system of rules that is personalised to every citizen, and that is constantly revised based on their corresponding preferences and profiles. This could also raise GDPR (data protection) issues particularly where an automated decision function is performed. When pushed to its logical extreme, algorithmic governance might eventually result in a system that is highly prescriptive and deterministic; a system where people are, indeed, free to decide the particular sets of rules to which they want to abide, but—after the choice has been made—can no longer deviate from these rules, to the extent that smart contracts are automatically enforced by the underlying code of the technology, regardless of the will of the parties. This could potentially lead to the emergence of the modernised version of a totalitarian regime and would conflict with the democratic and egalitarian principles behind the notion of a decentralised democratised society.

4) Legal personality is another hot issue. The DAO is not a legal person validated and registered by the state authority as yet. The DAO could be viewed as a kind of partnership or association. The corporate governance mechanisms in a decentralised organisation like decision making, monitoring, disclosure and other policies are very simplistic or completely absent. The members of the DAO are purely informed and organised and all the activity is undertaken in a hashed and decentralised environment. The decentralised network organisation can be likened to an unincorporated entity, not having any legal personality. As noted by the American SEC ‘the legal status of DAO remains the subject of active and vigorous debate and discussion’. Not everyone shares the same definition. Some have said that the DAO are autonomous code and can operate independently of legal systems; others have said that the DAO must be owned or operated by humans or human-created entities. There will be many use cases, and the DAO will develop over time. Ultimately, if a Law or jurisdiction decides to grant legal personality to a DAO, this needs to be assessed depending on use, extent of rights to be granted to the legal entity, responsibility, as well as setting a clear demarcation line between on the one hand, the members of the DAO, and the DAO as a separate legal entity. This is very tricky, as one would need to assess if the existing laws, including civil and criminal laws, would cater for the new paradigm created by having a DAO as an independent legal entity. This intrinsically could also, indirectly, and without proper analysis and appreciation of the resulting effects, affect the rights and obligations of the Internet of Things (IOT) as well as Artificial Intelligence (AI), in instances where a DAO would be run exclusively by AI in an autonomous manner and controlling the IOT.

5) There are no rules that limit the liabilities of the DAO’s members. We can definitely state that the DAO’s members are liable for tort / delict actions. In some countries the DAO can be viewed as a partnership with unlimited legal liability. However, as discussed above, a DAO is not a readily identifiable legal entity. Its legal status would be determined by what interpretation a court, building on existing legal principles, would be willing to accept on the basis of a litigant’s argument. Were a DAO to be considered as a general partnership or a joint venture, then liability would likely flow through to the members. Such an exercise in tracing liability to members across jurisdictions (and attaching liability to a physical person connected to an Ethereum address) would be legally and practically problematic. In the absence of applying ownership liability, courts might, depending on the facts, be prepared to find liability against the developer, promoter or creator of the DAO.

6) It is also difficult to determine the jurisdiction of the decentralised network organisation (DNO). There is no certain law for the DNO and it does not exist in a specific country. There is no state where the legal entity has been incorporated. As it is a digital, non-domiciled structure, and functioning over a decentralised and disintermediated environment, the geographical approach can’t be implemented. The assets of the DNO are spread all over the world. Therefore, the principle of lex situs (law of the place where the property is situated) can’t be implemented. In case of tort or delict the place where the event/delict was committed can be applied (lex loci delicti commissi). The applicable law can be determined on the basis of jurisdiction of the other contractual party, the place where the contract has been negotiated and made (lex loci contractus) or the place where the contract was performed (lex loci solutionis), taking into account third-party participants (such as insurance companies, banks, and exchange companies) and input/output currency.

Prior to the invention of the blockchain and DAOs, a centralised authority was needed to organise businesses or states. Centralised legislative and judiciary systems were empanelled by the state to elaborate laws and resolve potential disputes. And, of course, centralised businesses were in charge of producing, aggregating, and distributing resources and services, often generating substantial producer surpluses. To obtain efficiency gains, these centralised organisations were vertically and horizontally integrated, consolidating markets and generating enormous concentrations of power, often at the expense of the individual.

This consultation process is a step into the future as Malta seeks to position itself as the natural destination for businesses operating in digital technologies and DLT in particular. A legal discussion into the realities and implications of the DAO would solidify Malta’s place among the supporters of innovations.

For more information on Smart ContractsBlockchain, DLTs and legal issues relating to AI and IoT, or if you have any questions, please feel free to contact Dr Ian Gauci on

Disclaimer: This article is not intended to impart legal advice and readers are asked to seek verification of statements made before acting on them.

Disclaimer This article is not intended to impart legal advice and readers are asked to seek verification of statements made before acting on them.
Skip to content