Get your tickets to the 2024 Coin Center Annual Dinner 

The CANSEE Act is a messy, arbitrary, and unconstitutional approach to DeFi

It is effectively a ban on decentralized software development that cedes an innovative sector to the rest of the world

by 

Blog Financial Surveillance Investor Protection Congress

Yesterday Senators Reed, Rounds, Warner, and Romney introduced the Crypto-Asset National Security Enhancement (CANSEE) Act in the Senate. This bill comes as a surprise as it was apparently developed without any input from stakeholders. While we appreciate the Senators’ desire to combat the abuse of crypto protocols by criminal and enemy actors, the bill unfortunately also would make the development of such protocols in the U.S. and by U.S. persons unfeasible. Worse, the bill would be unconstitutional legislation as it would clearly violate the First Amendment.

So what would the bill do? It would extend the penalties imposed on persons who violate sanctions to (1) anyone who “makes available an application designed to facilitate transactions using a digital asset protocol” and (2) persons who “control a digital asset protocol, as determined by the Secretary of the Treasury.” The bill would also extend all of the Bank Secrecy Act obligations that now apply to financial institutions like cryptocurrency exchanges to those same persons.

In the first instance, ‘making available an application’ is equivalent to publishing speech. If I publish a book with the code for a decentralized exchange protocol in it, I would be swept up by this legislation. Presumably the authors of this bill do not intend to cover persons publishing books, and hopefully neither persons merely publishing code to a blockchain. However, as the bill is presently drafted these and many other such persons would be covered, leaving them open to prosecution for merely publishing software and failing to register with FinCEN, for example.

In addition, who qualifies as someone who “controls” a crypto protocol, and thus also subject to the law, is completely up to the Secretary of the Treasury. The bill gives virtually unbounded discretion to the Secretary to decide what it would take to designate one as having “control” of a protocol. For example, the Secretary can say that one has “control” if one has the power to “indirectly” change the computer code of the protocol–that could cover open-source software contributors. Again, this is likely not what the authors of the bill have in mind, but it’s what the plain meaning of the bill they wrote would allow the Secretary to do. Indeed, the Senators’ deference to the executive branch is breathtaking, allowing the Secretary to define the scope of their power without any public process whatsoever.

The bill tries to avoid becoming a wholesale ban on the publication of protocols by giving the Secretary authority to grant exemptions to “controlled decentralized finance protocols” that comply with existing intermediary regulations. Again, we must first point out that these “exemptions” would be at the complete discretion of the Secretary, who would be free to never grant any at all. More importantly, this misses the entire rationale of DeFi protocols, which is to allow for peer-to-peer, non-intermediated transactions.

We can understand wanting to prosecute persons who facilitate money laundering and sanctions evasion by providing services that are decentralized in name only. Indeed, to the extent that a protocol is actually controlled by a person, it is not decentralized and would therefore already be subject to regulations that apply to financial institutions. However, to blanket ban the publication of open-source code for decentralized crypto protocols and then allow the Secretary–at their sole discretion–to give permits to centralized protocols that may as well be traditional financial institutions is to cede the field of innovation to the rest of the world. It would also be an overbroad, content-based, prior restraint on the publication of protected speech and roundly unconstitutional.

There is much more that is problematic about this bill and in the coming days we will share our further analysis. While we wish that we, other stakeholders, and the broader public would have had an opportunity to engage in a discussion about the legislation with its sponsors before it was introduced, we hope we will be able to engage in constructive discussion now. Know that we will do everything we can to make sure that the rights of software developers and users to write, publish, and run code are protected.