Conspiracy theorists have long warned of the vaunted βinternet kill switch,β often arguing that any point of failure by which authorities can shut off the internet threatens the free flow of information and expression and, in its place, censorship, and control.
Something akin to an internet kill switch has been used in countries like China, Iran, and Egypt, and legislation implementing an internet kill switch passed in the United Kingdom as far back as 2003. Perhaps unsurprisingly, in this context, the European Union has now proposed a kill switch for crypto in the Data Act, which went into law on January 11, 2024, and poses a threat to the foundational crypto principle of immutability, whereby a blockchainβs history cannot be altered. Despite the threat, the industry was asleep at the wheel as the legislation marched through the European tripartite and went into law.
In particular, Article 30 of the Act amounts to a clause to shut off smart contractsβa kill switch at the smart contract layer. It requires that automated data-sharing agreements can be terminated in the event of a security breach, completely undermining immutability. Smart contracts are explicitly designed not to feature termination or interruption. They canβt even be upgraded in many respects. If the Data Act were to pass, it would dramatically alter the use of smart contracts in the European Economic Area (EEA).
Blockchain technology is designed to preserve the entire history and data trail of an event. If authorities can manipulate, replace, or falsify data on the network, they can essentially rewrite modern-day history booksβthe internet, paving the way for dangerous falsities like 1+1=3.
If the Data Actβs Article 30 applies to public networks, the European crypto industry would be dead, with truly decentralized smart contracts essentially outlawed. They represent a form of innovation because they cannot be terminated nor interrupted by, for instance, an intermediary with control over something like a smart contract kill switchβwhether that be a smart contract creator, public authorities, or the courts.
The fact there is not a considerable pushback against requirements for access control mechanisms, which goes against the permissionless nature of public blockchains, does not bode well for the future of crypto in Europe.
Parties that agree to share data using smart contracts would have to abide by Article 30. Whether that includes defi remains unclear, as do the circumstances in which βaccess controlβ is given and how the kill switch is triggered.
On a continent once optimistic about its approach to crypto, the future has grown murkier with the recent passing of Markets in Crypto Assets (MiCA) legislation. Instead, we might see capital flight, stagnated innovation, and no true European blockchain industry.
As it is currently written, Article 30 will likely have dramatic unintended consequences for Europeβs crypto industry as well as Europeβs competitiveness globally. For instance, the definition of βSmart Contractsβ in the legislation must be refined, lest public blockchains be shut out of the European market.
Regulators have several avenues available to create a more sensible Article 30, such as requiring these rules for enterprises only, not software and developers. Lawmakers must reconsider and clarify important aspects of Article 30 or risk sending an entire industry overseas.
Nonetheless, the Data Act was passed with 500 votes of approval and 23 against the bill, so it has momentum. A minor opposition of crypto companies has spoken out against the bill, but more is needed.
Now is the time for the European crypto industry to prove it is a community first and unite to demand lawmakers clarify and even amend Article 30 of the Data Act to ensure the future of the blockchain within the bloc. As it currently stands, Article 30 threatens defi, which relies on public blockchains and smart contracts. The internet is the modern public record, and smart contracts can secure it unless we allow EU authorities to alter it forever.