EU Parliament passes smart contract regulation under Data Act

Quick Take

  • Smart contract developers may need to design reset possibilities to allow termination or interruption of transactions.
  • This may restrict innovation or make it difficult for smart contracts in the crypto industry to comply, some in the industry worry.

Smart contracts are one step closer to falling under European Union-wide regulation within a broader strategy on data markets, an issue that continues to raise concerns within the crypto industry.

The European Parliament adopted legislation under the Data Act on Tuesday, with 500 votes in favor and 23 against.

The legislation, and its provisions on smart contracts, is not explicitly aimed at the crypto industry, but focuses on data from connected devices, or the Internet of Things. Yet some in the industry worry the Data Act may have far-reaching effects on crypto if the scope isn’t clearly defined, especially as smart contracts — automated executions written into software — underpin the infrastructure of DeFi. 

The greatest potential of the legislation, according to Pilar del Castillo Vera, a centrist-right MEP and rapporteur on the Data Act, is to “contribute to optimizing existing business models and processes, boost the development of new ones, and by doing so creating new values and jobs,” she said, opening Tuesday’s plenary in the European Parliament in Strasbourg. 

‘Rigorous access control mechanisms’

Smart contracts fall under Article 30 of the Data Act, on “essential requirements regarding smart contracts for data sharing.”

Provisions include “rigorous access control mechanisms” and protection of trade secrets integrated into the design of smart contracts. There would need to be a possibility to terminate or interrupt transaction mechanisms, and lawmakers will need to decide which conditions would make that permissible.

The Parliament removed some of the onerous language from the European Commission’s proposal. For example, smart contract developers would have needed to follow cumbersome compliance processes like issuing an EU declaration of conformity, according to documents previously seen by The Block.

“These changes may limit more or less the possibility to develop harmonized standards for smart contracts,” European Commissioner for Internal Market Thierry Breton said in a press conference after the vote. He also noted that providing interoperability, harmonization standards and legal certainty were the Commission’s main motivations for the smart contract provisions.

The legislation will now travel into trilogue negotiations, where each EU institution will defend its position. This will provide an opportunity for policymakers to negotiate issues on smart contracts, del Castillo added in the press conference.


Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

Potential spillover to DLT from IoT

For Natalie Linhart, legal counsel at blockchain software firm ConsenSys, the smart contract provisions don’t seem to be too overbearing for the industry. “We see Article 30 as a marginal provision applicable to smart contracts facilitating data transfers involving IoT products — not those deployed in DeFi applications.”

But the coast is not yet clear. Linhart hopes to ensure “standards aren't extended to other smart contracts in future legislative proposals touching crypto,” she told The Block in an email. “Setting substantive requirements for blockchain development would restrict innovation and make the EU an unwelcome place for software developers."

For the European Crypto Initiative advocacy group, the Data Act has been a focus of their attention over the past months.

“It would be really hard, almost impossible, for most smart contracts that we have today to be compliant with this article,” Marina Markezic, head of EUCI, told The Block on a call. 

The rules proposed don’t align to the smart contracts that we know today, Markezic said, and may spur the development of a different technology to fit the mold. “It’s saying you will need to use a fruit that is called ‘strawberry’ and it needs to be blue. And basically you need to come up with a strawberry that is blue because all the ones we have are red.”

Correction: updates to correct details of EU conformity requirements. 

Update: story updated to add comments from Thierry Breton.

© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

Inbar is a reporter covering crypto policy and regulation with a focus on Europe. Before The Block, she worked with several publications in Brussels including The Parliament Magazine and Are We Europe. Inbar holds a bachelor's degree in international relations from University College Utrecht and a master's degree in international politics from KU Leuven.


To contact the editors of this story:
Tim Copeland at
[email protected]
Andrew Rummer at
[email protected]