By James Rathmell and Rodrigo Seira

One of the most clickworthy clips from the recent congressional hearing with the five SEC commissioners was Rep. Ritchie Torres grilling SEC Chair Gensler on whether the secondary sale of a baseball ticket could constitute an investment contract. In isolation, this seems like an outlandish question: What could securities laws have to do with Yankees tickets? But Rep. Torres’ line of questioning was timely, following OpenSea’s late August announcement that it had received a Wells notice from the SEC threatening the company with a lawsuit. While the SEC’s specific allegations against OpenSea remain undisclosed, we can deduce the SEC’s reasoning based on settlements last year with Impact Theory and Stoner Cats, and just a few weeks ago with Flyfish Club: “We believe NFTs are the subject of a number of investment contracts, and targeting one of the largest NFT marketplaces is the most efficient way to curb this activity.”

Yet the SEC’s gambit to regulate NFTs seems poised to fail.

NFTs are unique collectibles with consumptive uses, ranging from fine art to in-game items and, yes, even event tickets. As a practical matter, purchases for consumption are not investment contracts, since—to use Rep. Torres’ example—the buyer of a baseball ticket will ultimately exchange it for entry to a Yankees game.

But this is equally true as a legal matter.

In United Housing Foundation, Inc. v. Forman, the U.S. Supreme Court held that shares of “stock” representing ownership in a low-cost housing development were not investment contracts because of the obvious “consumptive use for the apartment and [the fact that] there was no reasonable expectation of profit in the form of either capital appreciation or participation in earnings.”

Notably, no court has yet ruled that the offer and sale of NFTs constitutes an investment contract. While the SEC might point to its settlements with Impact Theory, Stoner Cats, and Flyfish Club, these settlements do not create legal precedent and bind only the parties involved. The closest a court has come to addressing this issue was in the class action involving Dapper Labs, creators of the NBA Top Shot NFTs. There, the court denied Dapper Labs’ motion to dismiss, concluding only that the plaintiff had sufficiently alleged (not proven) that the sale of NBA Top Shot NFTs constituted an investment contract. Even then, the court emphasized that its decision was “narrow,” “a close call,” and that whether particular NFT offerings qualify as securities must be decided on a “case-by-case basis.” The case ultimately settled before final judgment.

The settlements and cases, which provide the shaky foundations underpinning the SEC’s claim over NFTs, all relate to original sales by the token creators (i.e., “primary issuances”). None have considered the extension of securities laws to secondary marketplaces. And this has important implications. In SEC lawsuits against crypto exchanges, federal courts have repeatedly found that securities laws should be applied on a transaction-by-transaction basis. Therefore, even if certain tokens may have originally been sold in securities transactions, secondary sales of those tokens do not necessarily constitute securities transactions.  

The SEC’s argument is even weaker in the context of NFTs, since secondary transactions in NFTs fail the Howey test prima facie. Consider for example that Fidenza #49 by Tyler Hobbs was sold on March 5, 2024 for 496 ETH ($1.2M at the time), while Fidenza #112 was sold that same day for only 65 ETH ($164K at the time). Where is the expectation of profits based on the efforts of others? Where is the investment of money in a common enterprise?

Rep. Torres’ line of questioning is powerful because it illustrates the potentially boundless reach of the SEC’s conception of its authority. There is a hair’s breadth between regulating the market for Fidenzas and regulating the marketplace around America’s pastime. And it should be clear that the SEC lacks the authority to regulate either. 

By James Rathmell

‍

The CFTC’s recent enforcement action against Ooki DAO is the latest example of why regulation by enforcement is bad for the rule of law. Everyone should want more responsible governance in web3, not less. DAOs represent a new democratized model for governance—one that empowers community participants to actively engage in collective decision-making and better align stakeholder interests. DAOs help unlock a decentralized and economically distributed framework for technology development.

Rather than encouraging this innovation, the CFTC has taken a big step backwards. From what we’re seeing and hearing, the fallout from the action has been to inject fear, uncertainty, and doubt among builders and participants. The CFTC’s legal theory acts a bit like a sword of Damocles over DAO participants—any tokenholder who votes her tokens, even if she votes against a proposal later deemed unsound, even if she votes and then later disposes of her tokens, could potentially be held liable under the CFTC’s theory. Another way to think about it: imagine every contributor to Wikipedia, past and present, was held personally liable for a copyright violation on the platform.

Until the CFTC issued its order, the web3 community had no meaningful notice that the act of voting tokens could expose a tokenholder to significant personal liability. That lack of notice is a big problem: many protocols governed by DAOs were built with minimum voting thresholds. If tokenholders stop voting en masse, it could become impossible to update a protocol; or, worse, it could become impossible to patch the protocol in light of vulnerabilities, creating an attack surface. Tokenholders’ fear of participating in DAOs due to the CFTC’s aggressive approach to DAO-participant liability could severely restrict this nascent but flourishing technological innovation in the United States.

Given the impact on innovation, we think it’s important for the industry to engage here. There are two obvious paths that we see.

One path is litigation. As part of a legal defense, Ooki DAO’s members will be able to raise some of the arguments alluded to above because they have what is called standing, a legal doctrine which limits who can file lawsuits. Interested third parties can also get involved in litigation by filing amicus briefs to make their voices heard. (Our friends at Paradigm did just this—recommended reading.) But civil litigation is a long and arduous path that could take several years to wind its way through the court system, courts can disagree with each other, and the uncertainty from all of this could cast a long chill over web3 development.

Another path is to go through the administrative process, which has specific rules around filing a petition for rulemaking. That’s why, today, we petitioned the CFTC to initiate a rulemaking process and promulgate a regulation to provide certainty related to the activities of individuals participating in DAO governance, including specific text for a rule we think the CFTC might adopt to limit DAO-participant liability. Given that the leadership of the CFTC has, to its credit, generally adopted an open-minded and constructive approach to web3, we’re hopeful the CFTC pursues such rulemaking. This would be consistent with its statutorily mandated mission “to promote the integrity, resilience, and vibrancy of the U.S. derivatives markets through sound regulation.”

The ball is now in the CFTC’s court to take whatever action it deems appropriate, and it will have to notify us of its decision. There could be a notice and comment period, during which the agency would solicit public input on the prospective rule. If it denies our petition, it will have to explain why. Our sincere hope is that this petition causes the CFTC to prioritize proactive rulemaking to provide clarity to web3 builders and participants versus just regulating by enforcement.

There will always be bad actors who will attempt to use new technology for illicit purposes, and CFTC and other government agencies may sensibly enforce the laws against them. But we think, by and large, there are far more people who try to use new technology for good than for ill. We think the CFTC should engage with the communities behind the many DAOs that are already, even at this early stage of innovation, having a positive impact on the world.

We hope this petition can reorient them in that direction.

Rachael Horwitz, Chris Lehane, and Tomicah Tillemann, contributed to this post. Thanks to Shahab Asghar, Brandon Neal, Marc Boiron, Rebecca Rettig for feedback.

By Tomicah Tillemann, Chris Lehane, and James Rathmell

Yesterday, we submitted extensive comments in response to a request for input from the Treasury Department. The agency is looking for help figuring out how to support the development of digital asset technology without enabling bad actors. As a reminder, an Executive Order issued by the White House in March assigned the Department responsibility for quarterbacking elements of the government’s broader web3 strategy.

To date, much of the agency’s focus has been on managing potential risks related to money laundering and illicit use of digital assets. We think that’s the wrong starting point for a conversation about how policymakers should engage with web3. Our response, available in its entirety via this link, is built around three main points:

• (1) The current financial system is failing to meet the needs of millions of Americans and billions worldwide. Consumers are currently spending $46 billion on anti-money laundering protections that only stop 0.2% of illicit financial flows. At the same time, the system is preventing millions from accessing basic financial services. Many legacy systems simply aren’t working the way they should.
• (2) Web3 technologies can provide significant improvements over a broken status quo. Programmable assets can bring new functionality to finance. For example, emergency relief funds could be programmed for use on food or housing or designed to decrease in value over time, thereby reducing the potential for inflation. ZK proofs offer better solutions for preserving privacy. And digital assets in general provide a new infrastructure with the potential to be far more efficient, inclusive, and innovative than the antiquated systems currently used for moving money.
• (3) Given the benefits of web3 architecture, the Treasury should prioritize responsible collaborative efforts with the private sector. The infrastructure of the internet and global finance is going to change. That much is clear. The question is whether the United States and other open societies can leverage web3 to provide serious alternatives to the sophisticated systems emerging from authoritarian regimes. That’s still an open question, and the answer will depend on regulators working together with technologists and industry.

We suggest that the Treasury Department take specific actions including building policy around consultative rulemaking rather than punitive enforcement, encouraging development of open standards for privacy-preserving digital identity, and embracing open-source innovation as an alternative to closed, centralized systems. Fostering the responsible growth of web3 is one of the most important steps the United States can take to ensure its strength and competitiveness in the 21st century. Our engagement with Treasury is one of many ways we’re working to help policymakers understand and embrace that potential.