An algorithmic theory of Private Law E-Book

INTRODUCTION

1- Algorithms as legal rules

Can an automaton reason like a human being? This question, which has troubled mankind for millenia, only began to be systematically studied in the 20th century. Although precedents can be found in Ramon Llull’sArs Magnaor inGottfried Leibniz’scalculus ratiocinator, it was David Hilbert who in a 1928 lecture posed the so-calledEntscheidungsproblem(decision problem): What are the limits of formal logic? Can we create an algorithm that determines in a general way the validity or invalidity of a given proposition of first-order logic? The debate that immediately followed was extraordinary fruitful, and we owe to it disciplines such as Alonzo Church’s lambda calculus, the automata theories of Turing and Post or Gödel’s two teorems.

This paper aims to explore to what extent the development of the Theory of Automata, that took place mainly from the 1930’s onwards, can affect the field of Private Law. Specifically, we intend to explore questions such as the following: Can legal rules be expressed algorithmically? Is it possible to create an algorithm that interprets legal rules and is capable of applying them to a specific case? Can and individual right reside in cyberspace?

Through this entire work we will be unraveling the different possibilities that cyberspace offers for the representation of rights. And to what extent it is possible for the said rights to be altered by the automatic application of an algorithm, without any human intervention whatsoever.

The first section of this book is devoted to digital law and identity. A subjective right residing in cyberspace in called adigital right. Each digital right is structured in two elements: Thesubject(also called the holder) and theobject, which are the powers or possibilities of action that the right grants to its holder. Within cyberspace, subjects are recognized by means ofdigital identityprocedures, which ensure that the declarations of will issued telematically are invested by the notes of integrity, confidentiality and non-repudiation. Such systems include asymmetric cryptography, two-factor authentication and biometric data. All of them will be briefly analyzed in the corresponding section.

In the digital field, subjective rights are embodied in the machine state of an electric automaton (e.g. a computer, a bank database, a blockchain). Transmission of rights is thus equivalent to transitions (state modifications) of such an automaton.

The second section of the book refers to objective law, which is the set of legal norms in force in a given territory. A legal norm is a general mandate of behaviour imposed on the members of a certain community, which has amodus ponenslogical structure composed of two elements:Factual assumptionandlegal consequence.Within the digital sphere, some algorithms have undoubtedly the characterization of a legal norm, since they have amodus ponensstructure and impose deterministic rules of behavior on certain classes of automata: those that represent digital rights. The functions that regulate the state transtitions of blockchains (and consequently, the transmission of cryptocurrencies) or those algorithms residing in the servers of public administrations are therefore considered legal norms.

Normativealgorithms can be of two types: dependent or independent. The former come from state authorities and their main function is to execute certain legal regulations of that state. The latter reside exclusively on a distributed ledger, and their execution does not require the collaboration of any state authority. We introduce the notion ofindependent algorithmic legal system, which is the system of independent algorithms residing on a given blockchain. It has a pyramidal structure and carries out its activity under a series of basic principles that we analyze in the corresponding paragraphs.

The third section proposes to use the scheme outlined in the previous sections to incorporate real estate and corporate traffic into cyberspace.

Under this new model, ownership and other rights over real estate are represented by the machine state of an automaton called theLand Registry. Any alteration of these rights must take place through transactions requested by third parties via an HTTP request. The automaton must verify the validity of the requested transaction and, if it is correct, it will perform a state transition, equivalent to a modification of rights. The Land Registry database can be centralized or decentralized. In the latter case, data related to real state rights would be stored in the form of non-fungible tokens (NFTs) in a private Ethereum network.

In the commercial and corporate field, we believe that it is possible also to represent commercial companies, foundations and other legal entities by means of the machine state of an automaton that we should call theRegistry of Legal Entities. The modification of circumstances of these legal entities must also be articulated through transactions and state transitions requested by third parties. The Registry can be organized in a centralized or decentralized manner, in the same terms as indicated in the previous paragraph.

Before beginning the first section, the reader will be given an introduction to the concepts ofcyberspace, which is the realm where digital rights reside, andFourth Industrial Revolution, which is the set of techniques that have emerged to articulate the growing interaction between cyberspace and the physical world.

2- Definition of cyberspace

Although the termcyberspaceappeared, in a loose sense, in the novelsBurning in Chrome(1982) andNeuromancer(1984) by science fiction writer William Gibson, the word acquired its current meaning as “interconnected cybernetic space” in the mid-1990s, with the emergence of the World Wide Web. In my view, cyberspace could be defined as thedomain of virtual reality created by the electric activity of computing systems. Just as the human brain and its neurons support the mental world, thoughts and ideas, the electrical activity of computer circuits shapes a virtual world calledcyberspacethat evolves over time according to predetermined rules.

From the point of view of information content, cyberspace could be subdivided in three different domains: Data, emergent structures and algorithms (executable code). We will analyze each of these areas separately:

The first of these is composed of digital information (

data

) stored in electrical computers through multiple memory systems, like flip-flop circuits (SRAM, registers and CPU cache), capacitors (DRAM memory cards), hard disk cylinders or the flash memory of USB devices. In all these cases, the information is discrete, not continuous, and is stored by creating stable electromagnetic fields over time. In the case of memories operated by capacitors or flash memory, the electric charge stored in them creates an electrostatic field by virtue of Maxwell’s first equation (Gauss’s law for the electric field), which only disappears when the capacitor (or the flash memory) is discharged again. In flip-flop circuits, characteristic of the internal memory of precessors, it is the electrical current of the circuit that remains stable over time. The circuit is switched on and off externally by transistors (formerly, by relays or vacuum valves). In hard drives, on the other hand, information is recorded by magnetizing the material of its cylinders. In all these cases, electromagnetic fields encode binary signals (off, on), which can be used to store natural numbers in base 2 and, in general, to perform logical-mathematical operations. It should be emphasized at this point that all the information stored in cyberspace is of a discrete nature. Although electrical computers that operated with continuous variables appeared at the beginning of the 20th century, the fact is that the presence of noise extraordinarily reduced their computational capacity. Therefore, in the 1930s, Claude Shannon and Konrad Zuse proposed the abandonment of analog computing and the adoption of a new model of discrete, digital computation based in binary arithmetic, boolean algebra and circuit switching. Their system, universally adopted from the 1950s onwards, proposed that mathematical operations should be performed by circuits controlled by other circuits through switches (relays, vacuum tubes, transistors), and always on discrete variables. It should be noted that the absence of continuous variables is, perhaps, the most important feature that currently distinguish cyberspace from physical space. Thus, in the realm of the visible Universe, the laws of the four fundamental forces of Physics are expressed in a continuous way, by means of differential equations, such as Schrödinger’s, Maxwell’s or Dirac’s ones. It is true that the description of the

Universe also involves discrete elements (e.g. atomic energy levels) related fundamentally with the field of Quantum Mechanics, but in the macroscopic realm, space and time are continuous and the laws governing the mechanics of bodies are differential in nature. In contrast, in cyberspace computation is always digital, and the machine states of each program are described by n-tuples of natural numbers stored in the processor registers or in RAM. Thus, while physical space is continuous and cannot be divided into quanta, the virtual space of a video screen is discrete, and is divided into pixels, each of which is assigned three integers between 0 and 255, describing the intensity of the colors green, red and blue, respectively. If one day it were possible to create effective denoising mechanisms that would make analog computation viable, in my opinion there would no longer be substantial difference between the physical space and the virtual space generated by computers, and any observer located inside cyberspace would not be able to determine whether he or she lives in a simulated space or not.

On a the second level stand the

structures

that emerge from the stored strings of ones and zeros. This area includes the files, hard drive partition tables, their file assignation tables, directories and databases.

Finally, at the third and last level lay the

algorithms

, which are the algebraic rules that govern the temporal evolution the machine state of an electrical automaton. Algorithms are composed of three kind of instructions:

logical-arithmetic operations

(ADD, SUB, DIV, MUL, etc. in the x86 architecure),

data transfer instructions

(MOV, STOSB, etc.), which copy information from one location to another within a computer, and

flow control instructions

(LOOP, JZ, etc.), which determine the global structure of the algorithm and the existence of loops and branches. Computer programs, communication protocols, cellular automata and computer viruses (which would be a sort of parasitic algorithms) would be placed in this area.

The definition of cyberspace we have provided focuses on its purely virtual, informational aspect, and excludes the physical support. Just as the human mind does not encompass the brain that supports it, neither does the notion of cyberspace extend to computer hardware. Thus, a DRAM card inserted in the motherboard of a device is not part of cyberspace, but the information stored inside it is.

In recent decades, the emergence of Internet has transformed cyberspace in a topologically connected space, in which the vast majority of electronic devices are conected to each other by means of the TCP/IP protocol. However, there are areas of cyberspace which are segregated from the rest, either because they are part of an isolated intranet (like the North Korean one), or because they lack a network interface connecting them to Internet. In the latter case, we speak of an “air gap”.

3- The fourth Industrial Revolution

The increase of the computational capacity of processors and external data sensors (visual, auditory, eg.), has made it possible to implement algorithms capable of making decissions based on large amounts of data, thus generating greater interaction between the physical world and cyberspace and a social and tecnological transformation that commentators have come to call “fourth Industrial Revolution”, which is causing an extraordinary change in the economy or interpersonal relationships. One may think in the widespread use of cell phone payments or the sociological changes brought about by social networks.

The term “fourth Industrial Revolution” or “Industry 4.0” was coined by three notable members of the German industry, Henning Kagermann, Wolf-Dieter Lukas and Wolfgang Wahlster in a 2011article, published shortly before the annual edition of the Frankfurt Fair. These authors, closely following Jeremy Rikfin, considered that during the last 300 years the material progress of the West had been driven by four different industrial revolutions: the first of these, which arose in 18th century England, used the steam engine as the main source of power and propulsion, and employed coal as its predominant fuel. The second Industrial Revolution, which took place throughout most of the 19th century, led to the generalization of means of transportation based on the internal combustion engine, as well as technologies that used electricity for information transmission or night lighting (incandescent bulbs). The third industrial revolution (20th century) gave rise to vacuum valves, the transistor, integrated circuits and computers. Robotics reached an extraordinary level of developement and SCADA systems arose, allowing the automation and remote control of industrial processes. Finally, the fourth Industrial Revolution, which is already underway, would be characterized by the growing interaction between physical space and cyberspace through what these authors have come to callcyberphysical systems, specialized in capturing information, storing it, and making automated decisions based on it. This last technological revolution would include phenomena such as Big Data or Machine Learning.

The legal field will certainly not be left out of the extraordinary repercusions of this fourth Industrial Revolution. Natural Language Processing (NLP) techniques, combined with the use of formal logic are able to imitate some aspects of human reasoning, and may in the future be used to perform legal argumentation tasks similar to those performed by judges. In my view, this will only be possible if systems with general artificial intelligence are ever created, a possibility which is quite remote at present. For this reason, this work will focus in the repercusions that othertechnologies like assymetric cryptography, smart contracts or distributed protocols may have in the configuration of citizens’ rights and duties.

FIRST SECTION: THE SUBJECTIVE RIGHT

4- Subjective rights within cyberspace

In the last decades we have witnessed a progressive process of incorporating the citizens’ rights and duties into electronic databases. The process began in the 1950s with the invention of credit cards and continued with the progressive integration of computer systems in banking and stock markets, replacing the previous paper-based systems. It was a revolutionary process, comparable to the one that took place in Europe with the invention of exchange documents in the 13th century or the generalization of the property registries in the 19th century, which led to the incorporation of credit rights into written documents and of real estate rights into public registries. Currently, many types of rights and duties, like shares in corporations, debts owed by citizens to tax authorities or the balance of current accounts, have been transferred to electronic databases, whose content not only represents rights but also embodies them.

Adigital subjective right(or, simply, adigital asset) can be defined as a“position of specific legal power granted to a certain individual, and whose representation and exercise take place by telematic means”. It is made up of three essential elements: subject, object and faculties.

a) Subject

The subject is the holder of the digital asset. It may consist in a natural or legal person or a simple automaton. Examples of holders of digital assets include owners of cryptocurrencies, holders of current accounts in commercial banks or parties to smart contracts. The cybernetic area has the particularity that automata can also be holders of rights and duties, as in the case of somesmart contracts. A smart contract is one whose execution takes place according to rules predetermined by an algorithm. It is usual for contracts to be concluded between natural persons. However, some blockchains, like Ethereum, allow accounts controlled by smart contracts (called Contract Accounts) to enter into contracts with individuals. In the later case, it can be stated, without any fear of exaggeration, that the persons contracting with such an account are actually doing so with the program residing in it, and that this program issues automated declarations of will.

a.1.) The digital identity

In cyberspace, the digital identity is based upon three fundamental elements:integrity,confidentialityandnon-repudiation.Integrityinvolves that there must be mechanisms to ensure that the issued declarations of will do not suffer any alteration in their content. Error correction algorithms and hash functions are often used for this purpose, producing strings of hundreds of bits that summarize the contents of a file or a paragraph of text. These strings undergo major alterations in the event that a single character of the original file or text is modified (“avalanche effect”).Confidentialityguarantees (generally through the use of cryptography) that the content of the parties’ declarations of will not be known to third parties.Non-repudiationimplies that, once a declaration of will has been issued, its author cannot deny having issued it. This last principle can be implemented through multiple mechanisms, among which we can mention the following:

-Assymetric cryptography:Each subject is identified by means of a pair of numbers,private keyandpublic key, which are mathematically intertwined with each other. The former is used tosign, and remains in the exclusive possession of the subject, who must not disclose it to anyone. The latter is made avalaible to everyone, and is used for signature verification. The binding of a public key to a physical or legal person (or to a website) is done through a file calledX.509 certificate(coloquially referred to as“digital certificate”).

To fulfill its mission, the digital certificate must contain aserial number,version,signature algorithm(generally, a variant of the famous RSA system or some elliptic key cryptography algorithm is used),public keyandperiod of validity. It also includes thecommon name(name, surname),organization,country,state(or province) of both thecertificate holderand theissuer of the certificate.

The entities that issue digital certificates are calledcertification authorities. The CA can in turn authorize the certificate holder to issue new certificates to third parties, forming a sort of chain (certification path), with the CA’sroot certificatein one side and thefinal certificateat the other. The certificates in the middle are calledintermediate certificates. Each of these certificates must be signed by the holder of the previous certificate, except for the root certificate, which is signed by the CA itself. CAs can impose restrictions (constraints) to the intermediate certificates, related to the common name, the maximum size of the certificate chain, or the mathematical signature algorithms to be used.

In general, electronic signature procedures begin with the application of the hash function to the document to be signed, after which a string is obtained, that normally is 256 or 512 bits long. The private key is then applied to this chain (that can be interpreted as a number in binary format) and the result obtained is the electronic signature. To verify the validity of the digital signature, the public key (which is avalaible to all and is contained within the certificate) must be applied to it. If the result obtained is the hash of the document, the signature is authentic. Appendix A.2 briefly explains how the public and private keys are applied within the framework of the RSA algorithm.

The public key is included within the certificate itself, and is avalaible to all. The private key may be stored in a separate file, or together with the digital certificate in a file type calledPKCS12, which usually has the extension.pfxor.p12and is password protected.

Figure 1: This digital certificate has been issued to the author of this work. The window shows the signature algorithms, the holder’s common name, the issuing entity, as well as the validity period of the certificate.

In the European Union, the technical requirements for the creation and verification of electronic signatures are contained in theETSI EN 319 102-1