双语文章丨区块链新规解读：从否定到有限开放

区块链规定采取属地主义管辖。其第二条就区块链规定的适用范围进行了规定：“在中华人民共和国境内从事区块链信息服务，应当遵守本规定。”立法部门在对“区块链信息服务提供者”进行解释时，特地使用了“是指向社会公众提供区块链信息服务的主体或者节点，以及为区块链信息服务的主体提供技术支持的机构或者组织”的宽泛定义。“主体、节点、机构、组织”的用词实际上涵盖了目前该项技术下可能存在一切与区块链技术有关的服务主体。

The Block-chain Rule adopts a territorial based jurisdiction.  Article 2 of the rule stipulates that “the provision of block-chain information services within the territory of PRC is subject to the Block-chain Rule.”  CAC explained that the provider of block-chain information service is defined as “any entity or node which provides block-chain information service to the public (in China), as well as any institution or organization which provides technical support to such provider of block-chain information service.”  In our view, by using the terms ‘entity, node, institution and organization’, the Block-chain Rule will likely regulate all the service providers which may have any relation to block-chain information services.  

第一 ，“节点”一词的使用。目前还未有法律或者法规对于“节点”进行定义。实际上，区块链规定中的“节点”指的是区块链上特有的一种技术架构。由于区块链技术拥有一个重要的技术特征即“去中心化”，因此从技术角度来看，每一个“节点”，即参与整个区块链技术的终端，在理论上都可以拥有整个“链”上的信息。因此即使区块链服务提供者的主体、机构或者组织都不在境内，但只要有某一个节点在中国境内，理论上在该节点上可以获得有关该区块链服务的一切信息。在这样的背景下，立法部门将“节点”也纳入管理范围实际上是对区块链技术特征的一种反应。

Firstly, the Block-chain Rule includes ‘Node’ in the definition of “block-chain information service provider”. There is no definition of or interpretation on the term ‘node’ in the PRC legal regime. In practice, the term ‘node’ as used in the Block-chain Rule refers to a unique technical architecture applied in the block-chain. One of the most significant technical characters embodied in block-chain is ‘decentralization’, which means each ‘node’ distributed on the block-chain will have the right to access the all information recorded in the block-chain with no restriction. In other words, each node, as an information terminal, will be considered a ‘server’ hosted all the information stored in the block-chain. Therefore, theoretically speaking, in the event that one of the ‘nodes’ is distributed in China, even if its provider of the block-chain service do not have any entity or office in China, such node will be able to access all the information on the entire block-chain. As such, the inclusion of ‘node’ in the definition of block-chain information service provider is an reaction to the foresaid technical character of block chain.     

第二，考虑到实践中常见的“境外运营，境内技术支持”的区块链业务模式，第二款特地将“为区块链信息服务的主体提供技术支持的机构或者组织”也纳入到管理范围，这使得前述商业模式在中国境内提供服务时应当受到中国法律的约束提供了合法性理据。在2017年的风险公告后，大量的境内机构由于无法继续在境内从事区块链有关的代币融资业务，因此这些区块链服务企业与配套服务机构（例如生产矿机的企业）将主体转移到海外，以此回避可能的合规风险。而区块链规定如果最终采纳这种规定，上述商业模式仍然会落入到中国法律的管辖范围之内。

Secondly, in practice, it is a customary business model to establish a overseas entity to operate the block chain business and to use a Chinese entity to provide technical support such block chain business. On this regard, the Block-chain Rule requires that all the entities and organizations which provide technical support to block chain business operations are subject to the Block-chain Rule. In particular, quite a number of block-chain service providers were no longer able to trade coins due to the issuance of Risk Announcement in 2017. Therefore, most of bitcoin (or other coins similar in nature) business operators move the business outside of China to avoid PRC law implications. Nevertheless, if the Block-chain Rule is adopted in its current form, the said business structure will still be regulated by the Block-chain Rules.

区块链规定对区块链服务采用备案为主，审核为辅的监管模式。

The Block-chain Rule regulates the block-chain information services mainly based on filing requirement and supplemented by approval requirement. 

2.1 备案要求
Filing Requirement

区块链规定第四条规定，“区块链信息服务提供者应当在提供服务之日起十个工作日内通过国家互联网信息办公室区块链信息服务备案管理系统填报《区块链信息服务备案登记表》”。根据本款的要求，区块链信息服务提供者应当向网信办提交服务提供者、服务者类别、服务类别、服务形式、应用领域、服务器地址等信息以履行备案手续。同时根据第五条的规定，区块链信息服务者还应当每年履行备案更新的手续。

Article 4 of Block-chain Rule requires that all the block-chain information service providers file a registration form via an online management system developed by CAC within 10 days as of their provision of service. For the purpose of filing, block-chain information service provides must submit the information relating its shareholders, its operation of business and the address of servers etc. Moreover, the block-chain information service providers must renew its filing information annually in accordance with article 5 of Block-chain Rule.

但第四条没有明确：如何判断区块链信息服务者的“提供服务之日”。区块链信息服务提供者采取的“封测”、“内测”、“不公开测试”和“公开测试”等不同阶段的服务测试，是否可以认为是“服务提供之日”还有待进一步澄清。此外，对于区块链的技术提供者而言，“提供服务之日”系指该技术服务提供之日，还是接受技术服务一方向公众提供区块链服务之日，亦不明确。

However, it remains uncertain under Article 4 as to the date of the provision of service. Especially, block-chain information service providers usually adopt different testing phases such as “closed testing,” “internal testing” and “public testing” to review their services and it requires further clarification as to whether such testing is considered commencement of services.  In addition, it is also not clear whether the date of provision of service refers to the date on which the technical service is provided to the SPVs, or refers to the date on which the recipient (e.g. the SPVs) of such technical services provides the block-chain information service to the public. 

2.2 审批要求
Approval Requirement

虽然传统上区块链的主要运用场景是金融，即发行和交易代币，但是不能否认，区块链也可以应用在其他场景，比如最近热议的电子证据保全。根据区块链规定第七条的规定，提供需要准入审批行业的区块链服务提供者，仍然先需要获得有关主管部门的审核同意后，方可进行提供相应的区块链服务。也就是说，如果区块链应用的场景是需要审批的行业，那么该区块链服务的提供也需要得到审批。

Though, ‘traditionally’, the block-chain technology is mainly used in the financial sector, especially in the context of issuing and trading ‘coins.. However, such technology can also be used in other scenarios, such as preservation of electronic evidence. According to Article 7 of Block-chain Rule, the block-chain information service provider must apply for an approval from the relevant government departments if the service to be provided falls within the scope of restricted industry.  In other words, the pre-approval requirement in restricted industries still applies to the block-chain related services in such areas.

2.3 网络安全要求
Cyber Security Requirement

网络安全是中国政府自2015年以来长期强调的国家战略。不出意外的，区块链规定在第八条至第十条，第十四条和第十六条对于网络安全提出了相应的要求，其中包括用户实名制（对应网络安全法第二十四条）、信息审核（对应网络安全法第四十七条）、应急处置（对应网络安全法第二十五条）、投诉渠道设立（对应网络安全法第四十九条）、安全防护和网络日志留存要求（对应网络安全法第二十一条）以及禁止危害信息传播（对应网络安全法第十二条）等法律义务。

The ‘network security’ has been considered a national strategy formulated by PRC government since 2015. Unsurprisingly, the Block-chain Rule provides for a number of cyber security requirements, which including real name registration (corresponding to Article 24 of PRC Cyber Security Law), content censorship (corresponding to Article 47 of Cyber Security Law), formulating a emergence plan (corresponding to Article 25 of Cyber Security Law), establishing a channel for reporting (corresponding to Article 49 of Cyber Security Law),  security protection and cyber logs retention requirement (corresponding to Article 21of Cyber Security Law), as well as prohibition of illegal information requirement (corresponding to Article 12 of Cyber Security Law).

值得注意的是，区块链规定特别强调了对于“用户实名制”的要求。“匿名化”是区块链技术重要的技术特征之一。在目前推出的各项区块链服务中，有一些区块链技术的应用场景就是基于“匿名化”特征而产生的，例如 “快递区块链”服务和匿名金融服务交易。而一旦法律要求区块链服务提供者开展“实名”审核，可能会导致区块链使用者的顾虑。

It is worth noting that the Block-chain Rule amphsizes the requirement of ‘real name registration.’ However, ‘anonymization’ has long been viewed as one of the most important technical characters of block-chain technology. A number of block-chain information services are developed based on the ‘anonymized function’ derived from such technology, for example ‘express delivery service’ (for protection of privacy) and anonymized financial trading service. The “real name” requirement may trigger customers’ a concerns about their privacy.  

2.4 违法信息处置要求
Eliminating Illegal Information Requirement

区块链规定第十一条要求区块链服务提供者删除非法信息，这无疑对区块链信息服务提供者提出很大的挑战。区块链技术本质上具有“不可篡改”的属性，即一旦某些信息经过使用区块链技术上链之后，除非提供足够的计算能力进行攻击（实际上实施这样的攻击需要的计算能力是不可能以商业途径购买到的），违法信息将无法以任何形式被删除。因此，对于区块链服务提供者而言，如何在区块链上履行本款的义务将会是个一个直观的难题。

Block-chain information service providers are required to eliminate all the illegal information on their ‘block-chain’ according to Article 11 of Block-chain Rule, which will be a tremendous challenge for the block-chain information service providers in China. The block-chain technology enables a community of users to record information or transactions in a ‘ledger’ that is public to such community. Mo information or transaction can be changed once published. In other words, illegal information will be immutable once it is recorded into block-chain unless hacking the block-chain with enough computing power, which power is almost impossible to be generated by any commercial entities currently. Therefore, it would be a difficult mission for block chain information service provider to perform the obligation under Article 11.  

目前，在业界已经产生了解决类似困境的区块链技术，有学者将其称之为主权区块链技术。在2018年10月7日，阿里巴巴对外宣布了一项有关“区块链系统干预技术”的专利：根据阿里巴巴的描述，这项专利将使得第三方管理员能够执行“特殊处理”，通过调动节点上的“智能合约”对特定账户执行相应的操作。如果该项技术能够实施，那么对于区块链服务提供者而言，区块链的“不可篡改性”特点将被打破，履行删除非法信息的义务成为可能。

Recently, a new technology has been created in order to solve with the above difficulties in the block-chain industry, which technology is called ‘sovereign block-chain’ by some scholars. According to a documents released on Oct 4 2018 by the U.S Patent and Trademark Office (the “USPTO”), Chinese tech giant Alibaba has applied for a patent for block-chain system that allows a third-party administrators to perform special transactions or instructions, e.g. stopping smart contracts or freeze accounts which suspicious of illegal activities.  According to Alibaba's proposed block-chain system, dedicated administrators will be able to send special processing instructions to each nodes, making smart contracts perform corresponding operations on specific accounts. If such technology can be implemented as Alibaba’s description, it will enable the block-chain information service providers to perform the obligation under Article 11 of Block-chain Rule.

2.5 安全评估要求
Security Assessment Requirement

出于审慎监管的考虑，区块链规定的第十六条还要求区块链服务提供者在开发上线新产品、新应用、新功能之前，应该向网信部门报请进行安全评估。这实际上是网络产品和服务的安全评估要求在区块链应用场景的具体化。在2017年5月2日，网信办就发布了《网络产品和服务安全审查办法（试行）》，要求关系到国家安全的网络和信息系统采购的重要网络产品和服务，应当经过网络安全审查。在2017年6月，工信部还曾就《互联网新业务安全评估管理办法》公开征求意见，希望对于互联网新业务的应用进行事前审批，以降低对于其可能的网络安全风险对于社会造成的不良影响。但考虑到目前区块链技术的复杂性与多样性，如何实施第十六条的评估，仍然需要等待实践观察。

For the purpose of prudential regulation, Article 16 of Block-chain requires that all block-chain information service provides apply to CAC or its local offices at provincial level for a security assessment prior to any development or operation of new product, new application and new function of its services, which requirement is quite similar to the security assessment review requirement applicable to network products and services.  On May 2 2017, CAC issued the Measures on Security Examination for Network Products and Service (Provisional), under which the procurement of network products or services for important networks that may have influence on national security is subject to a cyber security review.  Additionally, the Ministry of Industry and Information Technology (the “MIIT”) issued Measures on Security Assessment for New Internet Service for public consultation in June 2017, by which the MIIT would be able to establish a pre-approval system for any new internet service in order to mitigate the potential network security risks associated with such service. However, given the complexity and diversity of block-chain technology, it requires further clarification as to how the security assessment requirement will be performed.

区块链规定的颁布和征求意见表现出中国政府对区块链的矛盾态度：一方面，政府忧虑目前区块链的主要应用，即代币的发行和交易扰乱了金融市场，放大金融风险，规避外汇管制；另一方面，政府认可区块链技术本身的独特性，避免过多干预导致指数及其应用的停滞。

The public consultation for Block-chain Rule more or less reflects that Chinese government holds a contradictory view on the block-chain technology. On the one hand, the government has a serious concern on the issuance and trading of coins through block-chain information services which may distort the financial market, bypass foreign exchange controls and exaggerate financial risks. On the other hand, the government recognizes that the block-chain technology has unique merits and any excessive intervention may deter its application and development.

在法律层面，《风险公告》否定了代币发行和交易在中国的合法性，但是并不否认区块链技术本身的合法性。2018年9月底，知名比特币企业“火币中国”正式落户海南自由贸易港，这一举动被外界视为是区块链技术在中国合法化的标志。

From a legal aspect, although the Risk Announcement has imposed a ban on the initial coin offerings, the application of block-chain technology itself is not prohibited in China. In this September, according to media report, the famous bitcoin enterprises “Huobi China” officially established a WFOE in Hainan Province, which has been interpreted as a symbol of legalization of block-chain technology in China.

在过往的司法实践中，有关比特币或其他币的法律争议已经屡见不鲜，中国司法机关基本秉持 “比特币是一种法律承认并保护的商品”这一观点，并以此为基点做出了一系列的判决。而本次区块链规定征求意见稿的发布，可以视为中国政府肯定了区块链技术在中国的发展和应用，并希望其可以发展出除了“代币”之外的其他应用场景以进一步发展引领新技术的应用。

Existing cases relating to bitcoins or other coins generated by block-chain technology indicate that, Chinese courts uphold the position that bitcoins are a type of property protected under the PRC laws.  With the issuance of Block-chain Rule for public consultation, we are of the view that Chinese government will encourages the development and application of block-chain technology in China but the prohibition on initial coin offerings will still exist.