Problems with existing NFT and De-Fi systems

3-1. Technical Factor Problem Analysis

1) Challenges of NFTs

1. Copyright infringement in the process of NFT transaction: When reviewing what copyright infringement may occur in the process of NFT transaction, it is as follows. Since NFTs do not contain copyrighted works as metadata, copyright infringement does not occur in NFTs' transactions. However, copyright infringement may occur in the process of minting NFTs. As we've seen, some marketplaces require that the work be uploaded, and if you're not the copyright holder and you upload someone else's work, you may be infringing on the right of transmission (or reproduction). On the other hand, if you're digitising an offline work to create an NFT, you may be infringing on the right of reproduction. If the work is sold under the name of someone other than the author, there may be an issue of moral rights infringement. If a work is used during NFT trading, unless you are the copyright holder of the digital work, you must obtain a copyright transfer or permission from the copyright holder to avoid copyright infringement.

2. Problems with NFT minting by unauthorised persons: The ideal NFT transaction is for the copyright holder of a digital work to set the terms of the transaction, mint it into NFTs, and sell it on the market. However, as we have seen, there are no particular restrictions on minting works into NFTs, so it is possible for non-copyright holders to mint other people's works. Someone who doesn't understand copyright could mint and sell a digital image, thinking they own it. The problem is that the purchaser may unintentionally become involved in a copyright dispute. In the recent case of the NFT issuance of the works of artists, Joongseop Lee, Hwanki Kim, and Sugeun Park, the issue was whether the seller had the right to mint the works. Of course, a buyer who believes the seller has the right may not be liable for copyright infringement because they did not intend to infringe, but this fact alone can confuse the market.

The problem of unauthorised minting of NFTs also extends to the sale of works in the public domain, such as works whose copyright protection period has expired, which may not constitute copyright infringement but may be socially and ethically inappropriate.

To prevent this from happening, the process of NFTising a work requires a minimum level of verification. However, the process should not be excessive, as it is difficult to prove the valid owner of a copyrighted work. In this regard, a link to the copyright registration system, which is currently presumptive under the law, could be one way forward. On the other hand, the challenges of claiming rights in the public domain must be limited, concerning Chilean copyright law.

3. Problems with the disconnection between NFTs and works: Since NFTs only store metadata, some people describe NFTs as a receipt for a work transaction. As such, NFTs only contain the location and description of the work, so the work is not directly transferred when an NFT transaction is made. The work is only accessible through a link in the NFT metadata. As such, there is a gap between the existence of the original work and the NFT transaction, which raises the question of whether an NFT transaction can be substituted for the validity of a work transaction.

To answer this question, we first need to examine the legal nature of NFTs and the validity of their transactions. NFTs are a type of virtual asset like Bitcoin, and their legal status is controversial. There have been cases in which the Supreme Court has ruled that Bitcoin is "intangible property with a property value that can be transferred, stored, and transacted electronically by digitally representing an economic value" and is, therefore, subject to confiscation. Still, there is some ambiguity as to what exactly constitutes property. On the other hand, the Act on the Reporting and Use of Specified Financial Transaction Information (the "Special Act"), which came into effect on 25 March 2021, regulates virtual assets, but the Act does not clearly stipulate the legal nature of virtual assets. However, regardless of its legal nature, it should be considered that NFT transactions are valid as virtual assets are being transacted in reality, and not only the Special Act but also the Inheritance Tax Act and the Income Tax Act indirectly recognise transactions such as the sale and purchase of virtual assets.

Even if an NFT transaction is a valid transaction, it is a different matter to equate it to a work transaction. It is unclear whether NFT transactions can be viewed as valid copyright assignments or licence agreements because only metadata is provided, and there is no physical transfer of the work but rather a link to the work, which is highly unstable. Since the link is impermanent, the work may disappear after purchase, or you may purchase an NFT with a missing link. To solve this problem, artists send the work to the edition buyer separately from the NFT, or use the InterPlanetary File System (IPFS) to store the files. However, there is no clear institutional protection for this, so it is legally unstable. Of course, even if such transfers were legally recognised, it is doubtful that they could be registered under Article 54 of the Copyright Act.

4. Other copyright issues: In addition to the issues mentioned above, in Europe, it is also an issue whether NFT transactions are subject to the exhaustion of rights under the right of distribution in Article 4 of the Directive on the harmonisation of copyright and related works in certain areas in the information society (the "Information Society Directive"). It is questionable whether the trading of NFTs can be considered as an act of distribution of a work, and it is unlikely that it will be exhausted under NFTs as it is CJEU precedent that such rights are not exhausted for digital reproductions.

In addition, NFTs can be set to pay a certain royalty to the original seller every time they are resold, which is similar to Droit de suites, and there is a problem that the activation of NFT transactions may result in the introduction of Droit de suites in practice. In particular, there is a concern that it will result in the introduction of droit de suite without any restrictions on works and scope of exercise, which may significantly impact the market.

2) Challenges of De-Fi

Continuous issuance of governance coins to pay interest will eventually cause inflation in token value. As long as the De-Fi service continues, governance coins will continue to be issued increasingly. Eventually, the token value and interest rate will plummet, resulting in many users leaving the De-Fi service.

3-2. Analysis of Service Problem Factors

1) Problem factors of NFT services

1. Security threats in the marketplace: 'Smart contracts' are an essential feature of all blockchains. Smart contracts support all NFT transactions and ownership transfers. Programming smart contracts with security in mind makes them very difficult for hackers to tamper with. However, if smart contract bugs are left unaddressed, hackers can exploit them. For example, Crypto Punks, a popular NFT project and the oldest NFT marketplace on Ethereum suffered from a smart contract bug 2017 that robbed participants of their Crypto Punks NFTs. While most NFT marketplaces use decentralised systems, some use a centralised model with security vulnerabilities, including the possibility of data tampering, censorship and creation, and the potential loss of collected NFTs. Blockchain platforms such as Open Sea and Nifty Gateway, which are centralised models, store the private keys of all assets on their own platforms, meaning that if the platform is compromised, multiple accounts can be hacked quickly.

Other scams include stealing NFT assets by exploiting security vulnerabilities, impersonating celebrities or corporate managers, extorting large sums of cryptocurrency, rug-pulling scams, defrauding participants of their investments, and stealing personal information by posing as legitimate mail.

2. Governance challenges: Organisations are constantly generating data. The sheer volume of data that modern enterprises deal with has driven the need for digital transformation initiatives to manipulate and deliver this data. However, while business managers reflexively recognise the value in getting data quickly, they do not recognise the value in getting data that is well understood and controlled adequately with guardrails. A key challenge in data governance is to show business managers that getting data a little faster will ultimately get them nowhere if it is of poor quality or unknown provenance.

It's especially difficult for organisations that have been slow to embrace digital transformation to understand the business value. The benefit of digital transformation is the ability to share relevant data with employees, customers, partners, and more. Data democratisation has the potential to grow your business, but it requires the guardrails of data governance.

One solution that has emerged is the Chief Data Officer (CDO). Initially, CDOs focused on data and worked under the CIO. Still, over time, they have risen to the same level as the CIO and have taken on the role of efficiently quenching the company's multiple thirsts for data. The CDO's role includes building the architecture and data platform to enforce data governance and keep it a top priority.

Analytics groups can also reinforce the business value of data governance. Analytics groups are often responsible for providing insights and are most affected by poor quality, misinterpreted, or misused data.

The widespread perception that IT owns the data and is therefore responsible for its governance is a barrier to digital transformation. In addition, data silos are common in many parts of the organisation, and low data quality and lack of trust in data make it a barrier to strategic decision-making rather than an enabler.

2) Problem factors of De-Fi services

1. Security incidents: De-Fi has various risks, but the most significant risk is the possibility of damage due to security incidents. Hacking damage by attacking vulnerabilities in the code that makes up De-Fi services or stealing administrators' accounts has been occurring steadily. The scale of these security incidents (hacks) has already reached a significant level, with six security incidents in 2021 costing more than $1 million in damages, totalling approximately $1.35 billion. The damage from security incidents is more devastating because there is a lack of compensation and refund regulations and social infrastructure when damage occurs. The anonymity of the blockchain network makes it difficult to receive compensation for the amount of damage. Therefore, it is always necessary to be careful.

2. Reliability of the service operating entity: De-Fi is essentially a decentralised financial service, but most De-Fi services currently in operation are not fully decentralised. Complete decentralisation means that there is no centrally managed entity, and transactions must be carried out between participants in the network. Still, to operate a stable and efficient De-Fi service, a limited, decentralised service is provided by setting an "Admin key" in advance and operating the service through it. While the admin function is utilised to maintain the rules of the service, upgrade features, and respond to events such as failures or hacks, there is a risk of abuse by those operating the service. For example, they may charge users for services that are incurred for their own benefit, or they may abuse their administrator privileges to change the rules of the service to their disadvantage. In addition, there is also a risk that the operator may abandon the operation of the De-Fi service due to financial difficulties.

3. Stability of De-Fi services: Traditional financial markets are relatively low in volatility, and regulations are in place to protect users to some extent through laws and systems. However, De-Fi is highly exposed to the risk of volatility due to the nature of the virtual asset market and is very vulnerable regarding user protection. In addition, there are concerns about whether the service can operate stably even in extreme situations due to large volatility. For example, deposit and lending services in De-Fi require a certain level of asset liquidity to be established and maintained in case of intensive deposit runs. However, doubts remain whether this liquidity can be secured and the ability to regulate supply and demand in real-time can be maintained in an abnormal situation known as a black swan event.