Digital Assets Defined: Consumer Protection and Cybersecurity Enter the Stage

In this latest White Paper on our Bill analysis, we underscore headline proposals in the Lummis-Gillibrand Responsible Financial Innovation Act (the "Bill") regarding consumer protection standards (Title V) and cybersecurity standards (Title VIII, Section 808). As for consumer protection standards, the Bill lays out the notices and disclosures that digital asset service providers must give customers, and the subjects that customer agreements must address. The Bill also covers rules for managing the accrual of gains to digital assets, the implementation of source code changes to digital assets, the enforcement of the standards laid out in the title, and customers' rights to individual management of their digital assets. As for cybersecurity standards, the Bill requires the Commodity Futures Trading Commission ("CFTC") and the Securities and Exchange Commission ("SEC") to develop guidance related to cybersecurity for digital asset intermediaries (as described in our previous White Paper).

We conclude this White Paper by highlighting important unresolved questions that should be the focus of future stakeholder efforts to refine the Bill before it—or aspects of it—becomes law.

Read the White Paper here

Insights by Jones Day should not be construed as legal advice on any specific facts or circumstances. The contents are intended for general information purposes only and may not be quoted or referred to in any other publication or proceeding without the prior written consent of the Firm, to be given or withheld at our discretion. To request permission to reprint or reuse any of our Insights, please use our “Contact Us” form, which can be found on our website at This Insight is not intended to create, and neither publication nor receipt of it constitutes, an attorney-client relationship. The views set forth herein are the personal views of the authors and do not necessarily reflect those of the Firm.