With the rapid growth of cryptocurrencies have come increasing calls for its regulation and both uncertainty and overreach concerning the applicability of existing rules. If Congress doesn’t address the regulatory confusion, that job may fall to the Supreme Court.
Most of the attention has focused on the Securities and Exchange Commission, which has sued a number of companies in the cryptocurrency field, citing its authority to regulate securities under the 1933 Securities Act and the 1934 Securities Exchange Act. But that’s quite a stretch. Unsurprisingly, those 90-year-old statutes did not include anything like crypto—that is, digital assets existing only on a decentralized ledger (the "blockchain") that’s distributed across disparate computers—in their definition of a security.
Instead, the Acts defined a “security” by listing well-understood examples, such as “stock” and “bond,” then adding a catch-all term, “investment contract.” Because cryptocurrency is not among the examples, the SEC argues that crypto is sometimes an investment contract.
It fell to the Supreme Court to give meaning to the catch-all term. In 1946, the Court ruled in SEC v. Howey that an investment contract is “a contract, transaction or scheme whereby a person invests his money in a common enterprise and is led to expect profits solely from the efforts of the promoter or a third party.” The SEC has based its regulatory attacks against cryptocurrencies on that old ruling.
Like the definition of a security in the statutes, the Howey test is a poor fit for crypto. Unlike the investors in citrus groves in the 1946 case, who expected the W. J. Howey Company to do the cultivating and marketing, buyers of cryptocurrency are typically unaware of and don’t care what third party first created the crypto token or decentralized blockchain.
Moreover, unlike the citrus grove investors, who never planned to see—much less eat—the fruit, buyers of crypto often have more than investment profits in mind. They use tokens for digital payments on networks and for access to smart contracts and decentralized apps, among other things.
Rather than admitting the shoe doesn’t fit, the SEC has awkwardly tried to shoehorn crypto into the Howey test by suing companies whose tokens differ subtly from the familiar Bitcoin model. On top of that, the agency has provided no rules and few clues about what token characteristics will draw SEC scrutiny.
SEC Commissioner Hester Peirce and former Commissioner Elad Roisman have criticized this “clue-by-enforcement approach.” At best, they say, “People can study the specifics of token offerings that become the subject of enforcement actions and take clues from particular cases.” That kind of approach, which yields arbitrary outcomes and a lack of transparency, is no way to regulate an industry.
Digital assets and blockchain technology offer enormous, transformative potential for a modern economy. Uncertainty about which companies or business models will be targeted by a regulator stifles innovation and disadvantages our nation in the competition for leadership of this global industry.
The highest profile target of the SEC’s clue-by-enforcement approach has been Ripple Labs, which uses the popular XRP crypto token to enable faster and cheaper cross-border payment services using a decentralized blockchain network. XRP, which was launched in 2013, grew to become the world’s third largest cryptocurrency on the eve of the SEC’s 2020 lawsuit against Ripple, which alleged that Ripple's sales of XRP make it a security that should have been registered. Ripple disagreed, arguing that XRP doesn’t fit several of the Howey test’s criteria and that the SEC is “trying to stretch Howey beyond its breaking point.”
The case is “expected to become a key precedent for how U.S. regulators craft rules and laws covering cryptocurrencies,” says the Wall Street Journal.
What is ideally needed is a clear regulatory framework for cryptocurrency. Federal agencies can only interpret statutes and court rulings, so this should come from Congress. As an example, Senators Cynthia Lummis and Kirsten Gillibrand have introduced a bill that would deem most cryptocurrencies to be commodities. However, in a Congress that has trouble agreeing on anything, no one is holding their breath waiting for such a bill to pass.
A solution may well have to come from the courts. One or more of the SEC’s crypto lawsuits could reach the Supreme Court, which is uniquely situated to say what relevance, if any, its Howey test and the underlying statutes have to cryptocurrency. SEC v. Ripple is perhaps the most likely, given that clarification of Howey is a central issue in the case and the company has chosen to fight rather than settle.
The Ripple case or a similar one would allow the High Court to clarify the application of Howey to crypto—ideally ruling that decentralized cryptocurrencies don’t meet the test—or create a new test for determining when a digital token is a security covered by the 90-year-old statutes.
Perhaps the best outcome would be if the Supreme Court’s review of the issue motivates Congress to act promptly. That’s exactly what happened in U.S. v. Microsoft, a data privacy case argued before the High Court in 2018.
At issue was whether law enforcement could compel American service providers to turn over data stored on extraterritorial servers. The answer hinged on interpretation of another outdated statute, the 1986 Stored Communications Act, which did not anticipate cloud computing. With a decision imminent, Congress was motivated to provide the long-needed legislative update, enacting the Clarifying Lawful Overseas Use of Data (CLOUD) Act.
The regulatory uncertainty plaguing the cryptocurrency industry can be best cured by Congress, the Supreme Court, or some combination of the two. Whatever the path, the resolution will be a victory for American competitiveness and the rule of law.
Note from the Editor: The Federalist Society takes no positions on particular legal and public policy matters. Any expressions of opinion are those of the author. To join the debate, please email us at email@example.com.