FBI tokens, AI tokens and crypto wash trades: Crypto lawyers weigh in

Each month, our panel of crypto lawyers looks at the legal implications of some of the thorniest problems facing the industry in different jurisdictions around the world.

United States authorities have recently charged 18 individuals with cryptocurrency market manipulation following a Federal Bureau of Investigation (FBI) sting operation, in which law agents created a token to lure market makers into illegal wash trading. 

The case has sparked debate on the application of traditional financial laws, such as anti-market manipulation rules, within the cryptocurrency industry. The case also raises potential copyright concerns, with allegations that the FBI may have improperly used open-source code for its token.

Meanwhile, technologies like autonomous AI agents now play roles in controlling crypto wallets, and questions of accountability in crypto transactions and tokens become more complex: Who ultimately bears responsibility?

FBI’s token draws copyright infringement allegations. (David Trinks)

Magazine spoke with a panel of legal experts to find out more: Digital & Analogue Partners co-founder Catherine Smirnova in Europe, co-chair of the Hong Kong Web3 Association Joshua Chu from Asia, and Rikka Law Managing Partner Charlyn Ho from the United States. 

The discussion has been edited for clarity and brevity.

Magazine: The US Justice Department has charged 18 individuals and entities for alleged market manipulation and wash trading. How is wash trading defined legally, and how does it apply to the crypto industry?

Old rules are good enough for new markets, Chu says. (Kaboompics)

Smirnova: The definition [of wash trading] is more or less similar in different markets, whether it’s the US, the United Kingdom or the European Union. It belongs to the financial markets, not only to crypto markets. It involves simultaneous buying and selling transactions of the same security to create misleading market activity or to create the wrong impression that this asset is in high demand.

It is completely illegal in every single legal system, and — surprise, surprise — there is nothing different with crypto assets. This is a market of securities, and yes, white-collar crimes are illegal. They’re still crimes even if the asset is a crypto asset.

Chu: In Hong Kong, there are basically mechanisms that prohibit people from doing market manipulation practices as if it’s a security. We have these provisions under Section 53, set out in the Anti-Money Laundering Ordinance, which allows regulators to penalize people for recklessly promoting or inducing people into purchasing virtual assets. The wording of that law is copied from securities law.

If you know that a certain product is not justifiable to have a certain price, but you’re taking certain actions to drive it up and inducing others to follow that particular purchase, that, in itself, may result in prosecution.

I’ve always been an advocate saying that you don’t need a new set of rules to govern new technologies because existing laws are actually more than adequate in covering most crimes. Fraud will always be fraud, [and] market manipulation will always be market manipulation.

Magazine: The FBI created its own token to lure market manipulators and wash traders in this operation. Public discussions on X allege that they infringed copyright laws by doing so. So, did the FBI violate the MIT License and is it thus subject to copyright infringement?

The MIT License. (Open Source Initiative)

Ho: The FBI failed to properly include the open-source license text and attribution from the MIT open-source license, which I would say is more of an oversight rather than a copyright infringement. Copyright infringement is a lack of the legal right to use the code.

The MIT License is generally extremely permissible. It basically says permission is granted free of charge to any person obtaining a copy of this software and associated documentation to deal with the software without restriction. The only condition is that the copyright notice and this permission notice shall be included in all copies and substantial portions of the software.

So, the X user alleged that the FBI took portions of software that were licensed under this MIT License, but they failed to put the copyright notice in their work to attribute the actual snippets of code that the FBI used to the MIT license.

Magazine: Could the failure to include attribution under the MIT License constitute copyright infringement?

Ho: If we were to be super sticklers about it, you could argue, yes, it’s an infringement because the failure to meet this condition meant that they never had this permission in the first place. But if there was an actual challenge in court, it would probably be seen as the intent of the license was met. The failure to copy this attribution notice didn’t subvert the whole intent that this MIT License was broadly designed to give people broad rights to use the software.

FBI called out on alleged violation of the MIT License. (Cygaar)

I take a little bit of issue with this X user claiming it’s infringement, but clearly, the FBI is not that savvy in launching their sting operation and using open-source software.

Magazine: US authorities and regulatory agencies have been more active in their enforcement against crypto firms, while the industry itself begs for regulatory clarity.

So, why aren’t more companies attracted to the EU, where regulatory clarity is being developed through frameworks such as the Markets in Crypto-Assets (MiCA) regulation?

Smirnova: Nowadays, Europe is a mess because we still do not understand how to continue with our regulatory approach to new markets. 

MiCA provides clearer crypto rules, but startups still prefer Uncle Ben. (Adrien Olichon)

Mario Draghi, a consultant for the European Commission, issued his report about the competitiveness of the EU in the digital world. He says our regulatory approach doesn’t work. The EU tries to make life easier with the ex-ante approach, which means preventive regulation before infringement happens.

It gives quite the opposite effect. It’s easier for tech startups to be in a growing market without certain rules. I completely agree with Joshua here that new technologies often do not require new regulation because markets, in their nature, they’re still exactly the same.

The gray area is still better for startups.

Ho: There have been numerous lawsuits filed against the SEC to, in paraphrased terms, stop them from making law through enforcement actions. In the US, laws must come from the legislative body, Congress, not from an executive agency, which falls under Article One of the Constitution. An executive agency does not have the power to make laws; it is an extension of the President’s Office.

That’s why a lot of companies like Coinbase, Consensys and others have been suing the SEC and claiming [SEC Chair Gary] Gensler’s agency’s overstepping their authority. I anticipate there will be changes in the way that the SEC is operating if we were to have a certain person in power who is more pro-crypto.

Magazine: AI agents can now own cryptocurrency wallets. How will authorities look at the burden of responsibility for autonomous agents with financial capabilities?

Smirnova: We are entering really an area of uncertainty because we honestly don’t have a clear view of AI liability yet. And when we talk about AI plus crypto, it becomes really crazy.

As for liability, I believe that the owner of this AI agent could be found liable for transactions with illicit actors, illegal purposes or illegal assets. Even if it were autonomous, the owner nevertheless has an obligation to control the agent. This is what the system of civil law in the EU would say.

Coinbase’s Based Agent allows users to launch AI agents equipped with crypto wallets in a few clicks. (Lincoln Murr)

Ho: In the United States, AI liability is also not necessarily very clear. In the US, we have no EU Artificial Intelligence Act equivalent on the federal level. We have certain states that have implemented a law at the state level, but that’s only one so far: Colorado. There are lots of ordinances that are much narrower in scope, like how to use AI in hiring, but the EU AI Act — that kind of breadth of governance doesn’t really exist at all on the federal level in the US.

So, whether a crypto agent will be responsible is hard to tell. And then also because of the decentralized nature of crypto, how far do you have to go down the chain of liability? It’s going to be interesting to see how that works.

The regulators are really going to struggle to figure out how to put parameters around these AI agents, especially if they can have their own wallets and transact independently. That’s pretty crazy.

Chu: AI agents, at the end of the day, are done through user prompting. And that user, of course, bears the liability. It’s actually quite straightforward as to whether the provider of that service properly documents who is the end-user. That’s an entirely different zone. And that will actually require regulations because that goes towards KYC.

Now, of course, if you’re saying it’s really ambiguous about who owns the liability right now, I would say no because it’s pretty well articulated in the user’s terms and conditions. You can’t just basically use an AI agent deployed by Coinbase. You have to go through Coinbase. So, the terms and conditions really create that first layer of contract who owns the risk.