The first exclusively online law review.

Author: JOLT Page 1 of 10

Epic Apple Fight: Round 2 & 3

By Drew Apperson


In a 2020 blog post, I summarized some of the issues between Fortnite developer, Epic Games, Inc., and the respective app markets of Apple and Google. The feud lead to the then-pending lawsuit between Epic Games, Inc. and Apple, Inc. concerning allegedly anticompetitive policies of the App Store.[1] In September of last year, the United States District Court for the Northern District of California ruled in Apple’s favor.[2] However, Apple and Google are far from being in the clear.

In dismay of the District Court’s holding, “[n]early 40 law, business and economics academics” filed an amicus brief in the Court of Appeals for the Ninth Circuit this past January “arguing the [district court] judge wrongly accepted Apple’s justifications that restrictions on third-party app distribution are necessary to protect users.”[3] The brief hit on various flaws it saw in the District Court’s analysis, such as:

[T]he court could have concluded that, on balance, Apple’s restraints were anticompetitive. Short-circuiting the analysis at an earlier stage prevented the court from assessing the ultimate competitive effects under the Rule of Reason, as courts have done for the past 45 years. The court erred in not balancing harms and benefits.[4]

Meanwhile, the federal legislature has simultaneously been working to combat anticompetitive policies in app markets. The United States Senate’s introduced Bill 2710, Open App Markets Act, on August 11, 2021, The Congressional Research Service’s bill summary described the bill as follows:

The bill prohibits a covered company from (1) requiring developers to use an in-app payment system owned or controlled by the company as a condition of distribution or accessibility, (2) requiring that pricing or conditions of sale be equal to or more favorable on its app store than another app store, or (3) taking punitive action against a developer for using or offering different pricing terms or conditions of sale through another in-app payment system or on another app store.

A covered company may not interfere with legitimate business communications between developers and users, use non-public business information from a third-party app to compete with the app, or unreasonably prefer or rank its own apps (or those of its business partners) over other apps.[5]

Just last week at the Global Privacy Summit in Washington, D.C., Apple CEO, Tim Cook, was reported as “slamming” the proposed legislation, arguing that unvetted apps would cause profound results, such as developers circumventing Apple’s privacy rules and putting users at risk.[6] The bill for the Open App Markets Act cleared the Senate Judiciary Committee earlier this year.[7]

As the threat of private suits continue, and as the Congressional bill continues to progress, Apple’s App Store and Google’s Play Store will likely remain under the microscope for the foreseeable future.


[1] Drew Apperson, An Epic Apple Fight, Rich. J.L. & Tech. Blog (Dec. 25, 2020),

[2] Epic Games, Inc. v. Apple Inc., No. 4:20-cv-05640-YGR, 2021 U.S. Dist. LEXIS 172303 (N.D. Cal. Sep. 10, 2021).

[3] Bryan Koenig, Apple Can’t Hide Behind Privacy In Epic Fight, 9th Circ. Told, Law360 (Jan. 27, 2022, 7:17 PM),

[4] Brief of Amici Curiae: Law, Economics, and Business Professors in Support of Appellant/Cross-Appellee at 38, Epic Games, Inc. v. Apple, Inc., No. 21-16695 (9th Cir. Jan. 27, 2022).

[5] S.2710 – 117th Congress (2021-2022): Open App Markets Act, S.2710, 117th Cong. (2022),

[6] Ben Kochman, Apple CEO Claims Antitrust App Store Laws Will Hurt Privacy, Law360 (Apr. 12, 2022, 8:27 PM EST),

[7] S.2710 – 117th Congress (2021-2022): Open App Markets Act, S.2710, 117th Cong. (2022),

Image source:


How Will the I.R.S. Tax Staking Rewards? Examining Jarrett v. United States

By Merritt Francis


In prior blog posts, I’ve written on blockchain technology, its future implementation into the private and public sectors, and NFTs.[1]  Blockchain technology is a decentralized, distributed ledger that records transactions.  It may be helpful to think of blockchains like a bank ledger, where computers record the transactions rather than individuals. Blockchains are “decentralized” because there is no central authority for data stored on them; transactions are recorded by a peer-to-peer network run by participant “nodes”.  Blockchains are “distributed,” because all transactions are viewable by the public.  Once a transaction is recorded on a blockchain, it is unmodifiable.

Transactions are recorded on a blockchain by participant “nodes,” which are computers completing consensus algorithms, allowing the transaction to be recorded on the blockchain.  Once an individual submits a transaction on a blockchain, the transaction is only recorded once a participant node satisfies the blockchain’s respective consensus algorithm.  There are two main examples of consensus algorithms blockchains use today: proof of work (PoW) and proof of stake (PoS).  I will first explain the PoW and PoS consensus algorithms, then proceed to examine the tax consequences Joshua Jarrett found himself in by engaging in a PoS blockchain.

PoW (Proof of Work) Consensus Algorithms

Bitcoin and Ethereum, two widely adopted blockchain technologies, employ a proof of work (PoW) consensus algorithm.[2]  Under a PoW consensus algorithm, participant nodes (crypto miners) download and run the full chain through a mathematical function.  Once a node has satisfied the PoW consensus algorithm, it’s rewarded by “mining” a block, which is the act of adding valid blocks onto the blockchain.  For example, the hash for Bitcoin block #660000, mined on December 4, 2020, is 00000000000000000008eddcaf078f12c69a439dde30dbb5aac3d9d94e9c18f6.  The block reward for that successful hash was 6.25 BTC.[3]

PoW makes it extremely difficult to alter any aspect of the blockchain, since such an alteration would require re-mining all subsequent blocks.  Unfortunately, however, PoW is bad for the environment because it uses up an immense amount of computing power.  Ethereum’s PoW consumes 73.2 TWh (terawatt-hour) annually, which is the energy equivalent of a medium-sized country like Austria.[4]  Tesla suspended vehicle purchases using Bitcoin due to climate change concerns.[5]  Elon Musk elaborated on the decision in a tweet, saying “Cryptocurrency is a good idea on many levels and we believe it has a promising future, but this cannot come at great cost to the environment.”[6]

PoS (Proof of Stake) Consensus Algorithms

In response to the PoW blockchains’ negative externalities, the proof of stake (PoS) consensus algorithm was created as an environmentally friendly alternative.  PoS “doesn’t rely on expensive hardware using vast amounts of electricity to compute mathematical puzzles,” like bitcoin’s PoW system.[7]  Under a PoS consensus algorithm, owners of a cryptocurrency offer their coins to nodes as collateral, and those nodes have a chance to validate new blocks.[8]  Offering coins as collateral to participant nodes is the process of “staking” your cryptocurrency.[9]  Coin owners with staked coins become “validators,” which entitles them to cryptocurrency rewards for each new block its node validates.[10]  This is what happened in Jarrett v. United States.[11]

Jarrett v. United States of America

During 2019, a Nashville couple, Joshua and Jessica Jarrett, received 8,876 tezos (XTZ) in staking rewards.  The tezos coins were worth $9,407 when the Jarretts received them, and they reported $9,407 as income and paid the related taxes.[12]

On July 31, 2020, the Jarretts filed an amended tax return demanding a $3,793 refund from the IRS.  Under IRS Notice 2014-21, virtual currencies are considered property for federal tax purposes.[13]  And, pursuant to § 1001(a) of the IRC (Computation of gain or loss), the gain from the sale or other disposition of property shall be the excess of the amount realized over the adjusted basis.[14]  As such, the Jarretts argued the virtual currency they received as staking rewards did not amount to taxable income because property is only taxed when it is sold or dispossessed, rather than when the property is created.[15]

The United States Department of Justice ordered the IRS to issue a $3,793 refund to the Jarretts, which they received on February 14, 2022.  The Jarretts, however, refused to accept the refund because the IRS failed to acknowledge the true rationale for issuing the refund.[16]

The rationale behind issuing the refund would provide precedent for other stakers to properly file their income taxes in the future.  So, the Jarretts sought a formal ruling from the United States District Court for the Middle District of Tennessee.  In response, the United States filed a motion to dismiss arguing the Jarretts’ action was moot because the United States fully refunded the claimed overpayment.[17]

In its February 28, 2022 motion to dismiss, the United States stated that “Mootness is ‘the doctrine of standing set in a time frame: The requisite personal interest that must exist at the commencement of the litigation (standing) must continue throughout its existence (mootness).’”[18]  Because the Jarretts received a full refund, as the United States argues, the Jarretts’ action for a refund is moot.

Taxpayers who engage in staking their cryptocurrencies will likely have to continue to speculate as to how the IRS will approach taxing staking rewards.  One thing is clear: it is time for the I.R.S. to release guidance on the matter.


[1] Merritt Francis, You Bought a JPEG File for $69.3 Million – What Are You Allowed To Do With It?, Richmond J. L. Tech. (2021),; Merritt Francis, Blockchain as Best Practice: The Benefits of the Criminal Justice System Implementing Blockchain Technology, Richmond J. L. Tech. (2021),

[2] Jake Frankenfield, Proof of Work (PoW), Investopedia (July 22, 2021),

[3] Id.

[4] Proof-Of-Work (POW), Ethereum (Mar. 28, 2022),

[5] Lora Kolodny, Elon Musk says Tesla will stop accepting bitcoin for car purchases, citing environmental concerns, CNBC (May 12, 2021),

[6] Id.

[7] Rachel-Rose O’Leary, The Creator of Proof-of-Stake Thinks He Finally Figured It Out, CoinDesk (Sept. 13, 2021, 4:21 AM),

[8] Id.

[9] Id.

[10] Id.

[11] Jarrett v. United States of America, Docket No. 3:21-cv-00419 (M.D. Tenn. May 26, 2021).

[12] Id.

[13] I.R.S. Notice 2014-21.

[14] I.R.C. § 1001.

[15] Jarrett, Docket No. 3:21-cv-00419.

[16] Id.

[17] Id.

[18] Id.

Image source:

An Overview of the Social Credit System and the Challenges It Creates

By Walker Upchurch


The Chinese government has been widely criticized for its social policy of providing a social credit score to its citizens. The thought of a score based on a person’s morality and conformity to overreaching government regulation is terrifying. Our country was founded on personal freedoms. We pride ourselves on our ideology that everyone is free from government surveillance and unjust treatment. Thus, the thought of an Orwellian system in which “Big Brother Is Watching” and counting our moral missteps on a scoreboard is abhorrent. However, the ideology that the government in China is scoring every individual may be slightly more of a mythological scare tactic than fact.[1] According to the Mercator Institute for China Studies (MERICS), the Chinese Social Credit System (CSCS) is less a social boogeyman and more of an accounting system. [2] The system judges businesses based on their social and financial credit history.[3] The study states that under the social credit system, only violations of law and regulations are ground for a CSCS reduction and that the CSCS should be considered more of a loyalty rewards program than a score that determines citizens’ place in society.[4]

Additionally, according to the China News Service “Personal credit points can be combined with trustworthiness incentives, but they cannot be used as Punishment.”[5] Likewise, the Chinese government laid out that better administrative services, financing, and lower transaction costs were critical factors for a company to raise its CSCS.[6] However, this does not mean that the CSCS not a significant threat to international companies and private citizens. This has led to significant increases in the surveillance of a population and companies, leading to further corruption.[7]

According to a study out of Stanford, the CSCS is out of a total possible score of 1,000.[8] The required data submitted to the Chinese government are Basic Data, Finance and Taxation, Governance, Compliance, and social responsibility.[9] Basic Data is the information collected by the government on high-ranking corporate members and the business that they perform. This data set is collected to decipher whether they have engaged in dishonest acts or “abnormal’ operations.[10] Additionally, the catchall “compliance” indicator, which accounts for nearly half of all the points given, considers the company’s compliance record with several agencies and judicial authorities.[11] The system could allow for significant manipulation of a company’s credit due to “not complying.” As it seems, there is an extremely high level of deference given to the government actor to determine whether a company should be considered highly trustworthy or untrustworthy. [12]

This creates a system where government actors are enabled to determine whether a company will prosper or fail, and the company will do whatever possible to appease them. The system is highly likely for corruption as government actors could be incentivized to give high compliance scores because of unsavory dealings. As written in a wired article, “For the Chinese Communist Party, Social credit is an attempt at softer, more invisible authoritarianism. The goal is to nudge people toward behaviors ranging from energy conservation to obedience to the party.”[13] When asked for a quote in the same article Samantha Hoffman with the International Institute for Strategic Studies in London stated that “Social credit ideally requires both coercive aspects and nicer aspects, like providing social services and solving real problems. It’s all under the same Orwellian umbrella.”[14]

According to the U.S.-China Economic And Security Review Commission, the origin of the document was founded not to subject its citizens to harsher regulations but instead to crack down on corporate misconduct.[15] Additionally, the USCC has laid out 14 significant points which overview the Chinese Social Credit System (CSCS):

  1. The CSCS was created to address domestic concerns regarding their domestic market entities.[16]
  2. The CSCS is a mechanism to strengthen the enforcement of China’s existing laws.[17]
  3. The CSCS is operational, but the degree of implementation is divergent across sectors.[18]
  4. The CSCS files have been established on most registered entities in China, including U.S. companies.[19]
  5. The files are primarily aggregated government records relating to corporate compliance.[20]
  6. In popular discourse, the ability of these systems is massively overstated, and the sophistication of the technologies is not high.[21] However, the scale of the government centralization effort, of which the CSCS is massive.[22]
  7. Government bodies and state regulators control Blacklists relevant to their jurisdictional mandate. Likewise, government bodies may determine which companies are added to the list.[23]
  8. The CSCS aims to improve “trustworthiness” by creating a dragnet under which these companies Blacklisted by one regulator are subject to sanctions from multiple regulators, and companies red-listed by one regulator are subsequently granted incentives.[24]
  9. The CSCS creates a more significant amount of vulnerability to regulatory corruption.
  10. The CSCS likely could be politicized as a trade weapon.[25]
  11. Under the CSCS system, the social credit files are kept on file for a company’s legal representative, key personnel, and actual controllers.[26]
  12. Companies with more extensive business experience are likely to be more exposed.[27]
  13. CSCS data is being used to supplement financial credit data in the assessment of lending.[28]
  14. As the platforms gain insights from social credit data become more sophisticated, “algorithmic accountability” or the inherent difficulty in verifying the fairness or accuracy of machine-generated recommendations is a crucial concern.[29]

There are two categories in which the CSCS’s policies are scored.[30] First, the CSC looks at public credit information or PCI, which is data or information that has been collected by the government or legally authorized administrators.[31] The second is market credit information or MCI, which is information that has been generated by businesses organizations and credit services such as investigative bodies.[32] The PCI is the information collected regarding a company during its interactions with the government. The MCI is directly tied to corporation’s business dealings.[33] As stated by the USCC, the PCI is the critical set of records on which the CSCS is based.[34] With this being considered, interactions these companies have with the Chinese government are crucial to their success.

While this system may be built on the ideology of social amicability, it is a system that is rife with corruption. While, in theory, as Fortune magazine notes, these companies could not be arbitrarily Blacklisted, regulatory bias and corruption could result in an abuse of the system.[35]

Additionally, one of the surprising things is the sheer amount of information that the CSCS holds. According to Trivium, the operation is equal to that of the IRS, the FBI, the EPA, the FDA, the Department of Agriculture, the health department, HUD, the Department of Energy, the Department of Education, and the State Agency sharing records on one single platform.[36] Likewise, these regulators can access the databanks and use the information to provide benefits to corporations that are performing ideally.[37] The predominant issue is that the CSCS could hypothetically surpass the international credit scoring that is currently in place.[38] This could lead to a problem for the U.S. economy as the CSCS could be used negatively against American companies in China and across countries that adopt the CSCS.[39]


[1] Vincent Brussee, China’s social credit score – untangling myth from reality, MERICS (Feb. 22, 2022),

[2] Id.

[3] Id.

[4] Id.

[5] Development and Reform Commission: Personal credit points can be combined with trustworthy incentives but cannot be used for punishment, China News Service (Jul. 18, 2019),

[6] Id.

[7] Brussee, supra note 1.

[8] Lauren Yu-Hsin Lin & Curtis J. Millhaupt, China’s Corporate Social Credit System and the Dawn of Surveillance State Capitalism, Stan. L. School (Mar. 30, 2022),

[9] Id. at 9.

[10] Id.

[11] Id.

[12] Id.

[13] Mara Hvistendahl, Inside China’s Vast New Experiment in Social Ranking, Wired (Dec. 14, 2017),

[14] Id.

[15] Kendra Schaefer, China’s Corporate Social Credit System, U.S.-China Economic and Security Review Commission & Trivium (Nov. 16, 2020),

[16] Id. at 6.

[17] Id.

[18] Id.

[19] Id.

[20] Id.

[21] Id. at 6-7.

[22] Id.

[23] Id. at 7.

[24] Id.

[25] Id.

[26] Id. at 7-8.

[27] Id. at 8.

[28] Id.

[29] Id.

[30] Id. at 19.

[31] Id.

[32] Id.

[33] Id.

[34] Id.

[35] Eamon Barrett, Blacklist vs.‘redlist’: What to know about China’s new corporate social credit score, Fortune (Dec. 10, 2020),

[36] Id.

[37] Id.

[38] Id.

[39] Id.

Image source:


Regulating Ransomware Under United States Law

By Liz Jacobs


Ransomware is a type of malicious software cybercriminals use to block you from accessing your own data.[1] Ransomware remains a global cybersecurity threat, as it is a unique kind of attack because it is the one cybercrime that has a high direct return of investment associated with it, by holding the victims’ ransom for financial payment.[2] On a global scale, cybercriminals will continue to focus their efforts on this revenue-generating stream.[3] There is no industry that is exempt from the ransomware threat,[4] and it requires constant focus, assessment, and review to ensure that critical information assets remain safeguarded and protected against it.[5]

Ransomware involves digital extortionists encrypting the files on your system and adding extensions to the attacked data and holding it “hostage” until the demanded ransom is paid.[6] Ransomware enters your network in a variety of ways, the most popular is a download via a spam email attachment.[7] The download then launches the ransomware program that attacks your system.[8]

Ransomware can occur in both a large scheme and a smaller scale. It can occur to individuals, small businesses, large businesses, and even the government. There are two types of ransomware, crypto and locker.[9] Crypton Ransomware targets the data and file systems on the device versus the device itself, so the computer is functional except for the ability to access the encrypted files.[10] Locker ransomware prevents the victim from using the system by locking components or all of the system.[11]

Biden has referenced ransomware to “fit comfortably within a legal framework,” the United States should expressly endorse three interdependent legal positions; to wit, that: “1) Sovereignty is a rule of international law; 2) States must exercise due diligence to terminate hostile cyber operations from their territory; and 3) States may engage in collective countermeasures.” [12]

The United States faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people’s security and privacy. There are many different arguments on how to address this nationwide problem. For one, the government and private sector work together to help decrease ransomware attacks by using preventative measures and reporting attacks.[13] This ultimately comes in shape by requiring the private sector to work with the government in reporting ransomware attacks. Biden has signed an executive order meant to strengthen the federal government’s cybersecurity standards for software and technology services it uses, which a senior administration official described as a fundamental shift in the federal government’s approach to cybersecurity incidents away from spot responses and toward trying to prevent them from happening in the first place.[14]

Others argue that the government cannot and should not regulate the private sector to prevent these actions. This argument believes that the government should regulate their own technology and let private businesses control their own. Ultimately, ​the growth of unregulated cryptocurrency, one official said, is “what’s driven the growth of ransomware.”[15]

As mentioned, ransomware is a type of malicious software cybercriminals use to block you from accessing your own data.[16] Ransomware effects vary depending upon who the victim of the attack is. As a country, we are reliant on technology, so any sort of ransomware attack can make us extremely vulnerable to other sorts of attacks. Overall, the increase in ransomware has been a concern for the United States government and lawmakers. The impact of such legislation and choice of governmental involvement will ultimately affect the country’s safety from such attacks.


[1] How Ransomware Works, Unitrends,,from%20accessing%20your%20own%20data.&text=During%20this%20time%2C%20the%20cybercriminals,use%20of%20backups%20for%20recovery.

[2] Alicia Hope, A Suspected Ransomware Cyber Attack Shuts Down World’s Fifth Largest Beermaker Molson Coors, CPO Magazine (Mar. 19, 2021),

[3] Id.

[4] Ransomware: The Trust Cost to Business, Cybereason,

[5] Alicia Townsend, Watch Out! Cyber Criminals Are Coming, Onelogin (Jan. 5, 2022),

[6] How Ransomware Works, supra note 1.

[7] Id.

[8] Id.

[9] Ransomware Attacks and Types – How Encryption Trojans Differ, Kaspersky,

[10] Id.

[11] Id.

[12] Gary Corn, International Law’s Role in Combating Ransomware, Just Security (Aug. 23, 2021),

[13] Press Release, Treasury Takes Robust Actions to Counter Ransomware, U.S. Dep’t of the Treasury (Sept. 21, 2021),

[14] Maria Henriquez, President Biden Signs Executive Order to Strengthen U.S. Cybersecurity Defenses, Security Magazine (May 13, 2021),

[15] Ellen Nakashima, Hamza Shaban & Rachel Lerman, The Biden Administration Seeks to Rally Allies and the Private Sector Against the Ransomware Threat, Wash. Post (June 4, 2021, 2:24 PM),

[16] How Ransomware Works, supra note 1.

Image source:

A Sample Amendment to the Revised Uniform Fiduciary Access to Digital Access Act: How California Can Advance User Interests

By Kevin Frazier*


I. Introduction

American users of cloud providers, social media services, or other digital content providers place the value of their digital assets at $55,000, on average.[1] However, property law has yet to undergo a commensurate transformation to provide ownership rights over digital assets.[2] Generally, digital assets refer to the accounts, documents, information, records, photos, and other media accessible through an electronic device.[3]

Despite users feeling as though they own and control their digital assets, the law has left these assets in a perilous position. State law in California exemplifies how the current legal framework in most states excessively defers to providers in the determination of how to distribute a user’s digital assets.


II. The Current Legal Framework to Access Digital Assets Fails Californians

By 2100, millions of Californians will be among the 4.9 billion deceased individuals with social media accounts held by private entities.[4] Absent reform, those mourning their lost loved ones will have few means to locate and obtain the digital assets left behind.[5] Under current California law, digital assets do not explicitly constitute property and may not, therefore, be passed down through the intestate proceedings.[6] This is a regrettable omission given the ever-expanding importance of digital assets to their owners.

A confusing combination of federal, state, and private laws makes accessing a decedent’s digital assets difficult.[7] For example, each state has an anti-hacking statute, which complicates accessing the account of a decedent.[8] That’s why, in part, California, along with 45 other states, passed the Revised Uniform Fiduciary Access to Digital Assets Act (“RUFADAA”)[9] to govern how fiduciaries may access this increasingly prevalent asset class.[10] The California version of RUFADAA (“California RUFADAA”) provides,[11] through new California Probate sections 870-884,[12] nearly all the protections and assurances as the Uniform Law Commission’s version of RUFADAA. However, the California legislature, in the same way as other states, made certain changes to its version. Additional changes must occur to decrease the barriers to fiduciaries accessing the digital assets of decedents.

Online service providers or custodians have their own terms of service agreements (“TOSA”) that thwart the purpose of RUFADAA.[13] Many TOSA treat content, such as photos, files, and documents, created by the user as the property of the user.[14] However, providers specify in their TOSAs that the account itself, which stores the user’s content, remains in their control;[15] TOSAs often have provisions that prevent the transfer of rights with respect to a decedent’s account.[16] Many providers even retain the authority to delete accounts at any time.[17]

Federal laws also “pose legal obstacles” in an executor’s attempt to gain access to a decedent’s online accounts.[18] The Stored Communications Act (“SCA”) represents one such federal barrier. It criminalizes the intentional access to “a facility through which an electronic communication service is provided” without authorization.[19] A provider may disclose the contents of a communication with “the consent of the originator or an addressee or intended recipient of such communication[.]”[20] Content includes the text of emails as well as social media accounts.[21]

The Computer Fraud and Abuse Act (“CFAA”) bans “unauthorized access to computers.”[22] Unauthorized access includes anyone other than an account owner accessing the online account in violation of the provider’s terms of service agreement.[23] If an executor found a decedent’s password and used it to access their accounts, the executor may have violated federal law. Neither the SCA nor the CFAA explicitly addresses what happens when a user dies.

Reforms at the state level have tried to lower these federal barriers. Kansas took the step of explicitly defining property to include digital assets because legislators there regarded RUFADAA’s treatment of digital assets as property as insufficient to ensure fiduciaries could access digital assets as they would any other property under intestate succession.[24] That clarification is an important one. Probate laws generally differentiate between intangible property interests in a copyright and tangible property;[25] the former may be passed separately from the tangible property under a will or a state’s intestate succession laws.[26] These reforms may not go far enough, though.

If California (and any other state that has passed a version of RUFADAA) wants to ensure that providers do not exercise undue control over the digital assets of descendants, then the legislature should enact the amendments detailed below.



RUFADAA allows fiduciaries to access a deceased user’s online accounts hosted by a custodian.[27] A “user” is “a person that has an account with a custodian.”[28] A “custodian”, or provider, is “a person that carries, maintains, processes, receives, or stores a digital asset of a user.”[29] And, digital asset “means an electronic record in which an individual has a right or interest.”[30] Custodians may offer “online tools” for users to set forth directions for the disclosure of digital assets to a third person.[31]

If a custodian does provide an online tool, then the directions established by the user to distribute their assets carry legal force and take priority over any other instructions.[32] If an online tool is not available or used, then the user can set forth legally-binding instructions in their will.[33] If the user has not provided any directions via an online tool or will, then the provider’s TOSA governs.[34]

RUFADAA lacks sufficient guidance to remedy all the issues associated with fiduciary access to digital assets.[35] The scope of fiduciary powers to manage the digital assets of decedents needs clarification.[36] The unchecked discretion of providers to delete accounts, to require court orders to access deceased users’ digital assets, and to specify the manner in which they’ll disclose any digital assets creates costly uncertainty and “administrative delays” for fiduciaries.[37]

These issues could be ameliorated, in part, by making it easier for users to use online tools and by granting more finality to the determinations made in those tools. Yet, only a few providers offer online tools.[38] And, the users who do discover these tools may have to go through a number of steps to outline their directions for the distribution of their digital assets.[39]

Even in the case of a decedent using an online tool, the fiduciary must get through several barriers to access the user’s content. RUFADAA requires that they (1) send a request to the custodian, (2) provide the custodian with a copy of the user’s death certificate, and, (3) provide the custodian with documentation of their authority.[40] And, at the custodian’s discretion, the fiduciary may have to obtain a court order finding that the administration of the estate reasonably necessitates disclosure of the user’s digital assets.[41] Custodians exercise this discretion despite having protection against any liability for actions taken while complying with RUFADAA.[42]

As discussed above, many providers also may delete an account at their discretion, despite recognizing that users have a property interest in those accounts. The ability of providers to take such action contradicts their own declarations related to the user’s retention of ownership of their content.[43] There’s also a strong argument that providers that exercise this discretion violate all wills that include residuary clauses, “which transmit any items, such as digital assets, not specifically mentioned to named beneficiaries.”[44]


IV. Possible Amendments to California RUFADAA

Amendments to California RUFADAA can resolve many of these issues. Click here for an example of possible amendments. First, RUFADAA must clarify the rights of fiduciaries with respect to the digital assets of the decedent and use constant terminology through the Act to refer to those rights.[45] The fact that these changes would it easier for fiduciaries to control and manage the digital assets would align with the purpose of the act, which Professor Patricia Sheridan derived from the Prefatory Note and summarized as “to give fiduciaries the legal authority to manage digital assets in the same way they manage tangible assets.”[46]

Second, RUFADAA should require service providers to offer online tools to users. Additionally, providers should obligate users to complete the online tool prior to the user receiving access to the provider’s service. A higher rate of completion of these online tools would significantly reduce the barriers to accessing the digital assets of decedents.

Third, RUFADAA should pare down the discretion of providers to delete accounts and require court orders to exercise otherwise authorized access to the content of a deceased user. Under current law, this discretion has few limits. For example, providers can mandate a court order even when a fiduciary can show that the decedent provided explicit instructions in their will to allow the disclosure of their electronic communications.[47]

Fourth, clarify under RUFADAA and the civil code in general that personal property must expressly include digital assets. The latter clarification requires legislative action outside the scope of the sample amendment below but merits concomitant attention. Following the lead of reformers in Kansas, California should amend its definition of property to state the following:

“Personal Property” includes money, goods, chattels, evidences of debt and things in action, and digital assets as defined in California RUFADAA.

This definition would guarantee that digital assets would receive the same treatment as traditional property in the context of intestate succession. Additional research should take place prior to this possible legislative step. For instance, Californians deserve to know whether such a change to the Civil Code would subject their digital assets to remedies other than those spelled out in contracts and in statute. Hopefully, legislators can pursue this research and, subsequently, amend the Civil Code alongside updates to RUFADAA.

The former clarification can also take place in this reform of RUFADAA. An amendment that specifies that personal property includes digital assets will ensure that Californians unable to make use of online tools will have some assurance that their digital assets will pass down pursuant to their wishes or intestate succession. These dual efforts to categorize digital assets as personal property will create beneficial redundancy in the law.[48] In the event both pass, the legislature will have made clear their intent to treat digital assets as personal property.


V. The Path to Amending California RUFADAA

To amend California RUFADAA legislators and advocates will have to anticipate and circumvent several barriers. RUFADAA’s status as a uniform law presents the first barrier. States legislators receive guidance from the developers of uniform laws to adopt them in their entirety “with as few changes as possible.”[49] Still, RUFADAA’s status as a uniform law has not previously stopped California legislators from modifying it. California adopted a version of RUFADAA with several amendments, omitting whole parts from the final Act.[50]

Opposition from Internet service providers (“ISPs”) and privacy advocates represents another barrier. These groups have at times been on the same side in opposing laws intended to lower barriers to granting third parties control over the accounts of a decedent.[51] For example, they managed to nudge the Uniform Law Commission to remove text from an earlier draft that allowed fiduciaries to “access” the digital assets of the decedent.[52] Tech companies in California have shown a willingness to thwart efforts by Californians and their elected officials to add new responsibilities to their operations.[53]

While other states with versions of RUFADAA should analyze the amendments below, legislators in California have additional reasons to consider them because California RUFADAA has not lived up to expectations. State legislators avoided passing several other pieces of legislation because they worried that executors would have to jump through too many hoops to control and manage digital assets. California Assembly Member Ian Calderon initially introduced model legislation that would have “require[d] a probate court to order a [provider] to disclose to the executor [] a record of other information pertaining to the deceased user, but not the contents of communications or stored contents.”[54] By eventually passing the California RUFADAA, the legislature signaled a desire to create an easier process through which digital assets of deceased users could be disclosed to fiduciaries.

The “clear path” that legislators wanted to pave has been cluttered by court orders demanded by providers. That’s why the amendment outlined above makes three key changes: (1) clarifying language that providers could cite as a reason for delaying the production of digital assets; (2) insisting on a default setting for disclosure of digital assets by mandating that providers offer online tools; and, (3) raising the threshold for when a provider may request a court order. Californians deserve these amendments to become law.


* Kevin Frazier is a Fellow at the Miller Institute for Global Challenges and the Law at the UC Berkeley School of Law.

[1] McAfee Reveals Average Internet User Has More Than $37,000 in Underprotected ‘Digital Assets’, Business Wire, (last visited Jan. 25, 2022).

[2] See generally Sjef van Erp, Ownership of digital assets?, 5 Euro. Prop. L.J. 73 (Aug. 2016).

[3] See Patricia Sheridan, Inheriting digital assets: does the revised uniform fiduciary access to digital assets act fall short?, 16 ISJLP 363, 364-65 (adding online credit and bank accounts, cloud storage accounts, and digital music subscriptions among the things commonly considered to be “digital assets,” while noting that “no single definition” exists.).

[4] See Carl J. Ohman & David Watson, Are the dead taking over Facebook? A Big Data approach to the future of death online, Big Data & Society (2019), available at:

[5] Sheridan, supra note 3, at 364 (“Dealing with digital property after the account owner’s death has emerged as an important issue for state legislatures, online service providers, and the family members of those individuals who maintain an online presence.”).

[6] Cal. Prob. Code § 62 (2018).

[7] Sheridan, supra note 3, at 364.

[8] Computer Crime Statutes, NAT’L CONFERENCE OF STATE LEGISLATURES (Feb. 24, 2020), [].

[9] Revised Uniform Fiduciary Access to Digital Assets Act (2015), NAT’L CONFERENCE OF COMM’RS ON UNIF. STATE LAWS (Mar. 8, 2016), [] [hereinafter “RUFADAA”].

[10]Access to Digital Assets of Decedents, NAT’L CONFERENCE OF STATE LEGISLATURES (Jan. 24, 2021), available at: (listing the states that have passed RUFADAA).

[11] 2016 Cal. Stat. Ch. 551, § 1 (AB 691) (effective Jan. 1, 2017).

[12] Cal. Prob. Code §§ 870–884 (2017) [hereinafter “California RUFADAA”].

[13] See Sheridan, supra note 3, at 364.

[14] See id. at 373-74 (enumerating the social media companies with TOSA that regard certain content as the property of the user).

[15] Ashley F. Watkins, Digital Properties and Death: What Will Your Heirs Have Access to After You Die?, 62 BUFFALO L. REV. 193, 216 (2014).

[16] See Sheridan, supra note 3, at 375-76.

[17] See id. at 376 (detailing the provisions of several providers).

[18] Id. at 366.

[19] Electronic Communications Privacy Act of 1986, Pub. L. No. 99-508, 100 Stat. 1848, at § 2701(a) (2012) (codified as amended at 18 U.S.C. §§ 2510-22, 2701-12, 3121-27).

[20] 18 U.S.C. § 2702(b)(3) (2012).

[21] See Sheridan, supra note 3, at 371.

[22] 18 U.S.C. § 1030 (2012).

[23] Id.

[24] K.S.A. 77-201 Ninth.

[25] Jonathan J. Darrow & Gerald R. Ferrera, Who Owns A Decedent’s E-Mails: Inheritable Probate Assets or Property Of The Network?, 10 N.Y.U. J. LEGIS. & PUB. POL’Y 281, 286-87 (2007).

[26] Natalie M. Banta, Death and Privacy in the Digital Age, 94 N.C. L. REV. 927, 988 (2016).

[27] RUFADAA, supra note 9, § 2(10).

[28] California RUFADAA, supra note 12, § 871(v).

[29] Id. § 871(f).

[30] Id. § 871(h); note that this definition excludes digital assets created in an employment setting because the individual would not have a right to that electronic record. See, e.g., Solomons v. United States, 137 U.S. 342, 346 (1890) (“If one is employed to devise or perfect an instrument, or a means for accomplishing a prescribed result, he cannot, after successfully accomplishing the work for which he was employed, plead title thereto as against his employer. That which he has been employed and paid to accomplish becomes, when accomplished, the property of his employer.”).

[31] Id. § 2(16).

[32] Id. § 4(a).

[33] Id. § 4(b).

[34] Id. § 4(c).

[35] Sheridan, supra note 3, at 377.

[36] Id.

[37] See id. at 377-78.

[38] See id. at 370 (outlining the online tools of Google and Facebook).

[39] See id.

[40] RUFADAA, supra note 9, §§ 7, 8.

[41] Id. §§ 7(5)(D), 8(4)(D).

[42] Id. § 16.

[43] Sheridan, supra note 3, at 377.

[44] Id. at 377 (citing David Horton, Contractual Indescendibility, 66 HASTINGS L.J. 1047, 1052 (2015)).

[45] See id. at 379.

[46] See id. at 379 (citing RUFADAA Prefatory Note).

[47] RUFADAA, supra note 9, § 7(5)(C).

[48] See John M. Golden, Redundancy: When Law Repeats Itself, 94 Tex. L. Rev. 629, 630 (“[A]nti-redundancy principles should generally be contextually confined to condemnation of excessive or otherwise problematic redundancy, rather than redundancy per se.”).

[49] Linda D. Jellum, Mastering Legislation, Regulation, and Statutory Interpretation at 253 (3d, Carolina Academic Press) (2020).

[50] Michael T. Yu, Towards a New California Revised Uniform Fiduciary Access to Digital Assets Act, 39 Loy. L.A. Ent. L. Rev. 115, 143 (2019).

[51] See Sheridan, supra note 3, at 368.

[52] Id. at 378-79.


[54] Cal. Leg., Assemb. B. No. 691 (2015-2016 Reg. Sess.) as introduced Feb. 25, 2015.


SEC – Securities and Environment Commission?

By Troy Fowler


SEC – Securities and Environment Commission?[1]

In 1933, President Franklin Delano Roosevelt signed the Securities Act (’33 Act), federalizing securities law in wake of the devastation of the United States’ financial system brought on by the Stock Market Crash of 1929.[2] The ’33 Act was followed shortly thereafter by the Securities Exchange Act (’34 Act) which established the Securities Exchange Commission (SEC) as the purveyor of US securities laws.[3] While the two acts govern different aspects of securities law, they share one common method for achieving their goals: disclosure.[4] By increasing investor transparency into the material financial risks around investments, and by establishing laws that proscribe misrepresentation and fraudulent activities by issuers, the federal securities laws can be boiled down to having been purposed to elicit honest financial disclosures.[5]

Companies that are subject to disclosure requirements must file an initial registration statement[6] followed by periodic quarterly and yearly reports with the SEC.[7] They must include therein any of the line items required by Regulation S-K.[8] Among other things, companies must disclose any material changes to previously disclosed risks as well as identify any new material risks to the business.[9] They are subject to liability for any material misstatements or omissions in their registration statement or any of their periodic filings.[10]

One thing that has been clear since the conception of Reg. S-K is that materiality forms the basis for the disclosure requirement.[11] When the SEC tasked Commissioner Francis M. Wheat with the study that ultimately led to the adoption of Reg. S-K, it indicated that Wheat’s study was intended to “improv[e] the … dissemination to the investing public of information material to investment decisions.”[12] The materiality standard has been clarified through caselaw and is considered a mixed question of law and fact.[13] The Supreme Court has instructed that information is “material” when a reasonable investor would view its omission or misstatement as having significantly altered the “total mix” of information available.[14] According to the Court, materiality “will depend at any given time upon a balancing act of both the indicated probability that the event will occur and the anticipated magnitude of the event in light of the company activity.”[15]

In March, the SEC promulgated a final rule which, if enacted, would add to the litany of required disclosures a category lacking any tenable connection whatsoever to financial regulation: Environmental, Social, and Governance (ESG) disclosures.[16] I will focus on the environmental aspect of the proposed rules. The SEC has the authority to enact disclosure requirements that are “necessary or appropriate in the public interest or for the protection of investors.”[17] The proposed climate disclosures are as unnecessary as they are antithetical to the SEC’s stated purpose of protecting investors. The existing disclosure regime is sufficient to address any such issues and it is far from clear that investors—as opposed to non-investor stakeholder activists—wish for or require any such protections.

The proposed climate-related provisions under Reg. S-K would require disclosure of a registrant’s: governance of climate-related risks; any material climate-related impacts on its strategy, business model, and outlook; climate-related risk management; GHG emissions metrics; and climate-related targets and goals, if any.[18] The proposed rule would require disclosure of both “physical” and “transition” risks from climate-change,[19] effectively imposing presumptive materiality upon anything climate related.[20] The climate disclosures are split into three categories: financial impact metrics; expenditure metrics; and financial estimates and assumptions.[21] The SEC claims that these financial metrics have the objective of increasing transparency around how climate-related risks impact a registrant’s financial statements.[22] It justifies tacking these climate disclosure rules onto Regulations S-K and S-X “because the required disclosure is fundamental to investors’ understanding of a registrant’s business and its operating prospects and financial performance ….”[23]

The issue is that “[c]ompanies should [already] be disclosing material risks under our current rules. If ESG opportunities are driving management-decision making, our existing disclosure rules also pull those in.”[24] According to William Hinman, the director of the SEC’s Division of Finance, a principles-based disclosure requirement such as materiality “articulate[s] an objective and look[s] to management to exercise judgment in satisfying that objective by providing appropriate disclosure when necessary.”[25] He further explained that “[t]he flexibility of our principles-based disclosure requirements should result in disclosure that keeps pace with emerging issues, … without the need for the Commission to continuously add to or update the underlying disclosure rules as new issues arise.”[26]

Among the “transition risks” that companies would be required to disclose are “actual or potential negative impacts on a [company’s] consolidated financial statements, business operations, or value chains attributable to regulatory, technological, and market changes to address the mitigation of, or adaptation to, climate-related risks.”[27] Specifically, it states that such risks would include “increased costs attributable to climate-related … competitive pressures associated with the adoption of new technologies.”[28]

The financial markets react to business news every day.[29] In fact, baked into the current understanding of securities laws is the notion that in an efficient capital market, all information known to the public affects the price and thus every investor.[30] Good businesses prosper, bad businesses fail. The father of modern economics, Adam Smith, stated, “The real and effectual discipline which is exercised over a workman is … that of his customers. It is the fear of losing their employment which restrains his frauds and corrects his negligence.”[31] Thus, the “competitive pressures” the SEC cites as a potential cause for transition risk should already pressure companies into making ESG disclosures—if investors really cared.[32] Commissioner Hester M. Pierce believes that non-investor stakeholder activists are those for whom these proposed rules are truly intended:

Current … disclosure mandates are intended to provide investors with an accurate picture of the company’s present and prospective performance through managers’ own eyes. … The proposal, by contrast, tells corporate managers how regulators, doing the bidding of an array of non-investor stakeholders, expect them to run their companies. … It forces investors to view companies through the eyes of a vocal set of stakeholders, for whom a company’s climate reputation is of equal or greater importance than a company’s financial importance.[33]

Two recent Deloitte studies indicate that although 92% of respondents saw a need for their companies to “invest more in technology to address demand for consistent and reliable measurement, reporting and disclosures,”[34] 25 out of 26 companies from diverse practice areas stated that climate change is not yet material.[35] In fact, the only one that did say it was material was already disclosing it on its 10-K.[36] In other words, the content of a company’s current voluntary ESG disclosures, or lack thereof, forms part of the basis for that firm’s stock price. Recent studies suggest that companies choosing to voluntarily disclose climate risks achieve a higher valuation post-disclosure.[37] Competitive pressures arising from other companies adopting more progressive models may or may not induce managers to adopt the sort of new technologies the SEC envisions will constitute costly “transition risks,” but at the very least the market will judge those firms and their value will be adjusted accordingly.

To further support transition risk disclosures, the proposed rule also cites “reputational impacts (including those stemming from a registrant’s customers or business counterparties) that might trigger changes to market behavior.”[38] Commissioner Allison Herron Lee’s argument that regulation is needed because firms have incentives to hide material risks as they compete for capital “simply is not correct: Firms are long-lived entities, at least in principle, meaning that their long-run interest is served by preservation of their credibility.”[39] Commissioner Lee fails to consider that market forces may compel companies to voluntarily adopt measures to achieve these results.[40] Companies respond to issues that further their incentives. Preserving their credibility by offering full and truthful material information to the market is the most prudent way to ensure their customers and business counterparties come back for more.[41]

Additionally, climate risks might simply be too far off in the future for financial disclosures—based on materiality—to be the appropriate governing mechanism.[42] Even an “application of the Environmental Protection Agency climate model strongly suggests that climate policies, whether implemented by the U.S. government alone or as an international cooperative policy, would have temperature effects by 2100 that would be virtually undetectable or very small.”[43] That notwithstanding, assume we use 2100 as the threshold past which climate change must be addressed, as many scientific studies do.[44] The issue is that no prudent corporate manager can plan intelligently past 5-10 years.[45] “No board meeting in 1942 could have predicted the future development and importance of the integrated circuit—much less the chip shortage currently impacting the auto, appliance, and aerospace sectors.”[46] “[B]anks did not fail in 2008 because they bet on radios not TV in the 1920s. [They] failed over mortgage investments made in 2006. Trouble in 2100 will come from investments made in 2095,”[47] at least as far as businesses are concerned. If the idea is to set environmental policy, leave that to the EPA or Congress, the SEC should not mask it as financial regulation.

“The campaign for evaluation and disclosure of climate ‘risks’ by public companies is an obvious effort to use private-sector resources for ideological purposes, in the context of the unwillingness of the Congress to enact such policies explicitly.”[48] The proposed SEC rules do not serve to better inform the market: stocks are already priced based on all available information.[49] Rather, the SEC seeks to use the new rules to compel companies to adopt new technologies because the appropriate avenue for bringing about environmental change—legislation by elected bodies subject to political accountability—has failed or otherwise proven unwilling to pass any substantive climate legislation.[50] Otherwise, this is “climate activism in finance-regulation drag.”[51] “[F]inancial regulators are not allowed to ‘mobilize’ the financial system, to choose projects they like and de-fund those they disfavor.”[52] “A mandate from the SEC that public companies evaluate climate ‘risks’ is likely to distort the allocation of capital away from economic sectors disfavored by certain political interest groups pursuing ideological agendas.”[53] If the materiality standard is to bear any weight, the proposed SEC rules should not be implemented.


[1] Hester M. Pierce, We are Not the Securities and Environment Commission – At Least Not Yet, SEC (Mar. 21, 2022), [].

[2] Andrew Beattie, The SEC: A Brief History of Regulation, Investopedia (Feb. 3, 2022), [].

[3] Id.

[4] Id.

[5] The Laws That Govern the Securities Industry,,,in%20the%20sale%20of%20securities [].

[6] See 15 U.S.C. § 77e.

[7] See 15 U.S.C. §§ 78m, 78o.

[8] See id.; see generally 17 C.F.R. § 229.

[9] See 17 C.F.R. §§ 229.101, 229.105.

[10] See 17 C.F.R. § 240.10b-5.

[11] Hester M. Pierce, Comm’r, Sec. Exchange. Comm’n., Speech at the Brookings Institution: What Role Should the SEC Play in ESG Investing? (July 20, 2021).

[12] Announcement of Disclosure Study, SEC Release (Nov. 27, 1967), [] (emphasis added); see Pierce, supra note 11.

[13] TSC Indus. v. Northway, 426 U.S. 438, 450 (1976).

[14] Id. at 449.

[15] Basic Inc. v. Levinson, 485 U.S. 224, 238 (1988).

[16] Proposed 17 C.F.R. §§ 210, 229, 232, 239, & 249 (2022), available at [] [hereinafter Proposed SEC Rule]; Richard Morrison, Climate Change: The SEC Turns Up the Heat, National Review (Mar. 24, 2022, 6:30 AM), [].

[17] See, e.g., 15 U.S.C. §§ 77g, 78l, 78m, & 78o.

[18] Proposed SEC Rule, supra note 16, at 52.

[19] Id. at 60–61.

[20] Morrison, supra note 16.

[21] Proposed SEC Rule, supra note 16, at 52.

[22] Id. at 53–54.

[23] Id. at 53–54.

[24] Pierce, supra note 11.

[25] William Hinman, Director, Sec. Exch. Comm’n Div. of Fin., Remarks at the 18th Annual Institute on Securities Regulation in Europe (Mar. 15, 2019), available at [].

[26] Id.

[27] Proposed SEC Rule, supra note 16, at 61.

[28] Id. at 62.

[29] Brian Beers, How the News Affects Stock Prices, Investopedia (Sept. 30, 2021), [].

[30] See Basic Inc., 485 U.S. at 247.

[31] Adam Smith, The Wealth of Nations 117 (Ernest Rhys ed., J.M. Dent 1937) (1776).

[32] Pierce, supra note 11.

[33] Id.

[34] US Public Companies Prepare for Increasing Demand for High Quality ESG Disclosures, Deloitte (Mar. 14, 2022), [].

[35] Nicola M. White, SEC Drops Hints About ESG Rule in Retorts to Vague Disclosures, Bloomberg Law (Mar. 18, 2022, 4:45 AM), [].

[36] Id.

[37] Competitive Enterprise Institute, Comment Letter on Request for Input from Commissioner Allison Herron Lee, Securities and Exchange Commission on Climate Risk Disclosure (June 11, 2021), available at [] [hereinafter CEI Comment].

[38] Proposed SEC Rule, supra note 16, at 62.

[39] Benjamin Zycher, The SEC’s Climate ‘Disclosure’ Gambit, National Review (Oct. 29, 2021, 6:30 AM), [].

[40] Benjamin Zycher, Response to Request for Input from Commissioner Allison Herron Lee, Securities and Exchange Commission on Climate Risk Disclosures 3–4 (June 10, 2021), [].

[41] Id. at 12.

[42] See id. at 2.

[43] See id. at 3.

[44] CEI Comment, supra note 37.

[45] Id.

[46] Id.

[47] 21st Century Economy: Protecting the Financial System From Risks Associated With Climate Change: Hearing 117-214 Before the S. Comm. on Banking, Housing, and Urb. Affairs, 157th Cong. 13 (2021) (Statement of John H. Cochrane, Senior Fellow, Hoover Institution, Stanford University).

[48] Benjamin Zycher, The SEC Demands a One-Size-Fits-All Climate ‘Risk’ Disclosure System, National Review: (Apr. 21, 2021, 6:30 AM), [].

[49] See Basic Inc. v. Levinson, 485 U.S. 224, 247 (1988).

[50] Zycher, supra note 40, at 14.

[51] Morrison, supra note 16.

[52] Cochrane, supra note 47.

[53] Zycher, supra note 40, at 13.

Image source:

European Union Cracks Down on Big Tech

By Michaela Fuller


European policymakers reached an agreement this week on the terms of the Digital Markets Act—a piece of legislation that has been donned “one of the world’s most far-reaching laws to address the power of the biggest tech companies, potentially reshaping app stores, online advertising, e-commerce, messaging services and other everyday digital tools.”[1]

The Digital Markets Act (the “DMA”) imposes a strict set of restrictions on big tech companies that qualify as “gatekeepers” under goals of ensuring fairness and regulation in the digital marketplace.[2] Gatekeepers include companies that measure at least €7.5 billion in annual revenue and €75 billion in market capitalization and have at least forty-five million monthly users and 10,000 yearly business users.[3] Companies like Amazon, Google, Meta, Microsoft, and Apple will be affected.[4]

The DMA aims to “protect consumers and give rivals a better chance to survive against the world’s powerful tech juggernauts” with rules that will force gatekeeper companies to, among other things, offer its users alternative payment systems, search engines, and messaging platforms.[5] These regulations seek to increase the number of service options available for consumers to choose from while creating real opportunities for new innovators and start-ups to thoughtfully compete in the tech market.[6]

As far as the gatekeepers go, the European Commission notes the tech giants “will keep all opportunities to innovate and offer new services … [but] will simply not be allowed to use unfair practices towards the business users and customers that depend on them to gain an undue advantage.”[7] To hold the gatekeepers accountable, non-compliance with the DMA can result in fines reaching up to ten percent of the company’s worldwide revenue, and up to twenty percent for repeat offenders.[8]

What will these rules actually look like in practice? The DMA will grant users “the option to uninstall pre-installed software applications on a core platform service at any stage.”[9] This means that, for example, iPhone users will be able to delete Safari and Android users can remove Chrome from their devices without affecting the operating systems’ functionality. Apple and Google will also have to allow alternatives to their application stores and payment methods, and online advertising sellers “will see new limits for offering targeted ads without consent.”[10]

Perhaps most controversially, the DMA will also “force messenger services to ensure interoperability with other messaging services,” which will allow for seamless group chatting between users with different operating systems.[11] This means that messaging services like WhatsApp “could be required to offer a way for users of rival services like Signal or Telegram to send and receive messages to somebody using WhatsApp.”[12] Critics fear this interoperability requirement could lead to a huge divide in the market and even a potential collapse of service providers that may provide users with perks like better privacy practices, but cost more than other options.[13]

Messaging interoperability is not the only piece of the DMA that has received criticism, and many questions still remain as to the future of the law. Deemed “one of the fiercest lobbying efforts ever seen,” big tech companies have fought against the regulations at every step of the legislative process and are now “expected to look for ways to diminish [the DMA’s] impact through the courts.”[14]

The DMA will now seek final approval by a full session of the European Parliament and by ministers from the E.U.’s twenty-seven member states.[15] Once passed, the DMA will be “directly applicable across” the entire European Union.[16] Meanwhile, European regulators now face the task of enforcing the new law with the rest of the world watching the effects of his monumental step toward taming big tech.


[1] Adam Satariano, E.U. Takes Aim at Big Tech’s Power with Landmark Digital Act, N.Y. Times (Mar. 4, 2022),

[2] The Digital Markets Act: Ensuring Fair and Open Digital Markets, Eur. Comm’n, [hereinafter The Digital Markets Act].

[3] European Union Reached a Political Agreement on the Digital Markets Act, Nat’l L. Rev. (Mar. 29, 2022),

[4] Satariano, supra note 1.

[5] EU Negotiators Agree Landmark Law To Curb US Big Tech Giants, Al Jazeera (Mar. 25, 2022), [hereinafter EU Negotiators].

[6] The Digital Markets Act, supra note 2.

[7] Id.

[8] EU Negotiators, supra note 5.

[9] The Digital Markets Act: What You Need to Know About the EU’s New DMA, The Stack (Mar. 28, 2022), [hereinafter What You Need to Know].

[10] Satariano, supra note 1.

[11] What You Need to Know, supra note 9.

[12] Satariano, supra note 1.

[13] What You Need to Know, supra note 9.

[14] Satariano, supra note 1.

[15] EU Negotiators, supra note 5.

[16] The Digital Markets Act, supra note 2.

Image source:

The Future of Banking for Black (African-American) Communities

By Najah Walker


Earlier this year, “Black Panther” director Ryan Coogler was arrested after attempting to withdraw $12,000 from his Bank of America account in Atlanta, Georgia.[1] The teller told her boss that she suspected Coogler was attempting to rob the bank- even though he presented valid identification and had an account with the bank.[2] Coogler was eventually released, but this incident triggered public outrage and accusations of racism.[3] Coogler’s experience is a part of a larger issue.[4] Black communities are financially shut out and discriminated against everyday through the steady decline of black-owned banking institutions and the decrease in the number of banks in Black-majority neighborhoods.[5]

In the wake of the murder of George Floyd, many national banks announced efforts to address lower bank branch density in historically underserved areas.[6] However, the problem persists with Black adults being more likely to have to travel more than 10 minutes to a bank branch, if there is a local branch at all.[7]

Because of the lack of access to in-person banking services, Black adults have turned to digital only banks to meet their financial needs.[8] A survey conducted by Morning Consult between July 2021 and January 2022 found that 14% of Black adults consider a digital bank to be their primary banking provider.[9] To keep pace with Black consumers’ financial preferences and needs, banking providers must continue to evolve their digital capabilities.[10]

Daniel Griggs, founder of ATX The Brand, suggests that digital transformation could even help black-owned banks and be a tool to keep them alive.[11] His hope is that the growing number of consumers will want financial institutions that provide digital services such as virtual account management, banking apps, and video meetings.[12] Several black-owned banks and credit unions have already taken steps to enhance their digital presence and attract customers.[13] Although black-owned banks have historically been unsupported by our government,[14] they are needed and wanted in the United States.[15] As black-owned banks continue to embrace new digital tools, one can only hope that the future of banking is more equitable and accommodating for black communities.


[1] Black Panther Ryan Coogler Director Mistaken for Bank Robber, BBC News (Mar. 9, 2022),

[2] Id.

[3] Peony Hirwani, Ryan Coogler Fans Accuse Bank of America of Racism Over Robbery Fiasco, Independent (Mar. 10, 2022),

[4] See Kristen Borady, Mac McComas, and Amine Ouazad, An Analysis of Financial Institutions in Black-majority Communities, Brookings (Nov. 2, 2021),

[5] Id.

[6] Charlotte Principato, The Black Banking Experience is Digital, but Banking Leaders Must Understand Why, Morning Consult (Feb. 22, 2022),

[7] Id.

[8] Id.

[9] Id.

[10] Id.

[11] Jefferey McKinney, Digital Transformation Could Help Black Banks Survive and Not Surrender, Black Enterprise (Jan. 20, 2022),

[12] Id.

[13] Id.

[14] See Borady, supra note 4.

[15] McKinney, supra note 11.

Image source:

Pirates on the High S(tr)ea(m)s!

Pirates on the High S(tr)ea(m)s!

By Grayson Walloga

Piracy is once again on the rise. Going into 2021, the number of visits to websites containing pirated media rose 16% from 2020.[1] The “State of the Internet” report released by the cybersecurity firm Akamai recorded 132 billion visits to pirate websites.[2] That number may seem high, but it is nowhere near the 190 billion visits for 2018 or the 206 billion for 2017.[3] It does seem odd that 2020’s numbers were lower than previous years when everyone was trapped in their homes, bored out of their minds looking for any source of entertainment during the COVID 19 lockdown, but there is a good reason for that. Many believe that the ample availability of streaming services caused online piracy to decline.[4]

Page 1 of 10

Powered by WordPress & Theme by Anders Norén