Dismissal? Criminal detention? Top star StepN is stuck in legal quagmire

For those who have been paying attention to and investing in virtual assets (including but not limited to virtual currencies, NFTs, DeFi, M2E, etc.) for a long time, May is full of variables and fluctuations, as if the risks and uncertainties accumulated in the entire virtual asset circle for several years were released overnight .

Under the general environment of profound changes in the domestic and international situation, the overseas crypto asset circle has been in a mess . In mid-May, the capital whale spent a lot of money to short UST, causing LUNA to collapse. The consequence of UST being seriously decoupled from the US dollar was that a large number of retail investors were squeezed. LUNA had no choice but to sell a large amount of BTC in an attempt to maintain stability and fight back, which in turn caused BTC to plummet... The terrible chain reaction triggered panic in the market, and stampedes occurred one after another.

The domestic virtual asset circle is not much better . Almost around the time of LUNA's collapse, the platforms that opened secondary trading markets for digital collections also experienced a sharp depreciation of collections. Recently, there are rumors that the founder of Xing Mouyun, a leading computing power mining farm in China, was taken away by the police for investigation on suspicion of fraud and organizing and leading pyramid schemes.

In the early morning of May 27th, Beijing time, StepN, which has been making money quietly and users have been working hard to make money, for some reason released an "Announcement on the Investigation of Mainland China Accounts" (hereinafter referred to as the "Announcement") through social platforms. The "Announcement" clearly stated: StepN will conduct a centralized withdrawal of mainland China users at 24:00 on July 15, 2022, and stop providing GPS and IP address services . For mainland China users, StepN hopes that everyone will "make their own decisions to deal with assets in the application." Even in the early morning of the 27th, many untrue and false information appeared on social platforms: " StepN Hangzhou Operations and Development Team was taken away by the police for investigation " and other news were rampant, and people were panicked for a while.

So, what happened to StepN? Do the GameFi project and the P2E and M2E models constitute a crime in China? Today, the Sajie team will have an in-depth chat with you.

StepN, what happened?

First of all, we would like to state that our team is not aware of the "inside information" that is currently prevalent on the Internet, nor do we intend to have any impact on the StepN project or the virtual asset circle . We only make an objective analysis of the reasons for the withdrawal of the StepN project based on information obtained from investigations from major public channels and the requirements of China's current laws and regulations.

Due to the various factors mentioned above, and the various problems of StepN itself, under the double blow of internal and external factors, StepN's governance token GMT has also experienced a wave of collapse in the recent period, which is so tragic that most of the players who entered the market late are back to the pre-liberation era overnight (the specific situation is shown in the figure below). Although it has recovered somewhat with the efforts of the project party, the price of GMT plunged again after the announcement on the 27th. So, in the current environment where virtual asset projects at home and abroad are running weakly and various rumors have led to a lack of confidence among investors, why did StepN choose to make a bold move and clear out Chinese users?

(Picture data from Investing official website)

Before discussing this issue, we first need to know the approximate proportion of Chinese users in the total number of StepN users. StepN has never officially released the details of its user big data. Its founder J once said after issuing a notice of withdrawal that " users from mainland China only account for 5% of the total number of users ". If we study it through some external data and survey data from third-party agencies, this data may be more than 5%. According to unofficial statistics, as of April 30 this year, the number of daily active users in the StepN project has reached 500,000, and the number of Chinese users in the project has reached nearly 120,000, second only to the 160,000 Japanese users (see the figure below for specific data). Of course, another founder Y also said in the latest interview: 5% refers to users in mainland China, and the number of Chinese users (including Malaysia, Singapore, etc.) is certainly more than this.

(The picture is from an unofficial website and is for reference only)

In other words, if the withdrawal policy is strictly implemented, the StepN project is likely to directly lose 20%-30% of active users and funds . With such a large number of users and funds, no project owner would easily give up such a large piece of fat unless it is extremely urgent and necessary. It is based on such a simple logic that all kinds of rumors have arisen.

Data security - the sword of Damocles

In fact, according to an interview with Y, one of the founders of the StepN project, later on May 27, the biggest reason why StepN chose to clear out Chinese users was still legal compliance issues , or more precisely, the issue of data outflow .

What user data does StepN collect? In simple terms, it can be divided into two categories: (1) Personal information obtained through KYC ; (2) User GPS (Navigation Satellite Timing and Ranging) data, which can be simply understood as the user's real-time geographic location.

At present, the Cybersecurity Law, the Data Security Law and the Personal Information Protection Law, as the three laws with the highest level of effectiveness in the field of data compliance, have established the basic framework of China's data security laws, and in conjunction with the administrative regulations, departmental regulations and local regulations issued by the State Council, have laid the foundation for the development of China's digital economy. It is generally believed that data has become one of the most important production factors in the current era and has huge economic value. It can be said that whoever controls the data has the initiative, and whoever controls more data can be in the leading position in the industry. Of course, market entities cannot do whatever they want with the collection, processing and flow of data, and must be restricted and regulated by laws and regulations. Since cross-border data involves legal provisions between different countries, it may also affect the level of scientific and technological development between different countries to a certain extent, so it is particularly sensitive and important .

The Cybersecurity Law, the Data Security Law and the Personal Information Protection Law all have corresponding provisions regarding the outflow of data.

The Cybersecurity Law mainly focuses on the data outflow of "critical information infrastructure service providers". According to Article 2 of the Regulations on the Security Protection of Critical Information Infrastructure, critical information infrastructure refers to important industries and fields such as public communications and information services, energy, transportation, water conservancy, finance, public services, e-government, national defense science and technology industry, and other important network facilities and information systems that may seriously endanger national security, national economy and people's livelihood, and public interests if they are destroyed, lose their functions, or their data is leaked. We believe that although StepN has strong financial attributes, it cannot be naturally interpreted into the category of "financial industry". In addition, from the perspective of StepN's importance to the entire industry and the harm caused by the leakage of the information it holds, it seems difficult to be identified as a "critical information infrastructure service provider" .

The Data Security Law and the Personal Information Protection Law are more "compatible" with StepN, especially in the Personal Information Protection Law, which specifically stipulates the rules for cross-border provision of personal information as a chapter. According to Article 40 of the Personal Information Protection Law: Operators of critical information infrastructure and personal information processors who process personal information up to the number specified by the national cyberspace administration department shall store personal information collected and generated within the territory of the People's Republic of China within the territory of the People's Republic of China . If it is necessary to provide it overseas, it shall pass the security assessment organized by the national cyberspace administration department; if laws, administrative regulations and national cyberspace administration departments stipulate that security assessments may not be conducted, such provisions shall prevail. So, how many specific data should be stored locally, and how many cross-border flows need to be reported to the national cyberspace administration department through the provincial cyberspace administration department of the location for data outbound security assessment? According to Article 4 of the Measures for Data Outbound Security Assessment (Draft for Comments), personal information processors who process personal information of up to one million people provide personal information overseas ; and provide personal information of more than 100,000 people or sensitive personal information of more than 10,000 people overseas in total.

For the KYC information collected by StepN, depending on the specific circumstances, if the information is very specific and involves personal privacy, financial accounts and other information, it may be sensitive personal information; GPS data belongs to the "trajectory" specified in Article 28 of the "Personal Information Protection Law" and is sensitive personal information . In order to prevent the Moon Walk (i.e. cheating, such as tying a mobile phone to a pet to run for someone else), StepN must collect user GPS data. At present, StepN has neither stored the data in China nor fulfilled the corresponding security assessment and reporting obligations when the data leaves the country. There is a very high risk of administrative violations, and it may even constitute the crime of [refusing to perform information network security management obligations] stipulated in Article 286 of the "Criminal Law of the People's Republic of China". According to the principle of territorial jurisdiction, even if StepN's senior management is far away abroad and has changed their nationality, China can still pursue their criminal responsibility.

The reason lies in the particularity of crimes committed using computer networks. According to Article 2 of the "Interpretation of the Supreme People's Court on the Application of the Criminal Procedure Law of the People's Republic of China", for crimes that are committed against or mainly using computer networks, the crime location includes the location of the server used for the network service used to commit the crime, the location of the network service provider, the location of the infringed information network system and its manager, the location of the information network system used by the defendant and the victim during the crime, as well as the location of the victim when the victim was infringed and the location where the victim's property suffered losses , etc.

Therefore, from the perspective of operating in compliance and reducing legal risks, it is not difficult to understand StepN's drastic measures.

Is StepN a criminal risk?

Among the various rumors that emerged immediately after the announcement was released on May 27, the most outrageous one was that "StepN's Chinese operations team was taken away by the police in a city in Jiangsu and Zhejiang for investigation." Many people who "have inside information" even released news that the arrest had been confirmed by insiders. However, we also learned from an interview with StepN project founder Y later on the 27th that (1) StepN has no operations or R&D team in mainland China ; (2) All team members are abroad, and no one has been taken away by the police.

It is difficult for us to judge what is true and false, right and wrong from limited information, so let's let the bullet fly for a while . Is it possible that StepN has committed a crime and is therefore subject to sanctions under China's criminal law? The answer is: YES . At present, in addition to the crime of refusing to perform information network security management obligations mentioned above, the business model of StepN, GameFi, and X2E may constitute the crime of illegal business operation, the crime of issuing stocks, companies, and corporate bonds without authorization, the crime of organizing and leading pyramid schemes, and several crimes of illegal fund-raising (such as the crime of illegally absorbing public deposits). We have already discussed the crime of organizing and leading pyramid schemes and the crime of illegally absorbing public deposits in previous articles, so we will not go into details. Today, we will talk about the crime of illegal business operation and the crime of issuing stocks, companies, and corporate bonds without authorization .

In fact, the premise for the actions of StepN and its principals to constitute these two crimes is that the tokens issued by StepN are identified as financial products such as stocks, funds, and bonds . The financial industry in China is a licensed industry. Operating financial business and issuing financial products without the permission of the regulatory agency and providing funds settlement services to mainland Chinese residents privately are not only administrative violations, but are also likely to constitute crimes. According to Article 225 of the Criminal Law, [illegal business operation crime] refers to the violation of state regulations, the illegal operation of securities, futures, and insurance business without the approval of the relevant state authorities, or the illegal engagement in funds payment and settlement business, illegal business operations, disrupting the market order, and serious circumstances .

Is GameFi a game or a financial product? The Sajie team believes that the various existing GameFi and X2E projects are not playable enough and are too financial. Under the penetrating supervision of regulators, they may be identified as financial products . Although there are no legal provisions or precedents, once GameFi is identified as a financial product, the project owner may easily be convicted of illegal business operations. If it is identified as a stock bond, there is also a risk of constituting the crime of unauthorized issuance of stocks, company, and corporate bonds. If the two crimes are concurrent, the more serious crime will be punished.

Can the project party avoid criminal risks if it is located abroad?

No, even if the project party is located abroad, it is not necessarily completely isolated from criminal risks. This involves the issue of jurisdiction under China's criminal law. At present, China has four main jurisdiction principles: (1) territorial jurisdiction; (2) personal jurisdiction; (3) protective jurisdiction; (4) universal jurisdiction. In judicial practice, territorial jurisdiction is the main principle, and other jurisdiction principles are auxiliary . This is actually easy to understand. Territorial jurisdiction means that China's judicial organs have jurisdiction over criminal acts that occur within China. Crimes located within China are relatively low-cost and efficient in terms of investigation, arrest, prosecution, trial, and execution, which can maximize the realization of judicial justice.

Many people have a misunderstanding that StepN can evade the sanctions of China's criminal law by moving its operation and development team abroad and collectively changing its nationality. In fact, this understanding is not entirely correct. As mentioned above, for crimes that are committed mainly using computer networks, as long as the location of the information network system used by the defendant and the victim during the crime, and the location of the victim when the victim was violated and the place where the victim's property suffered losses are in China , China's judicial organs can pursue the criminal responsibility of StepN and the main responsible persons based on the principle of territorial jurisdiction. Therefore, as long as there are Chinese among StepN's customers, China's judicial organs may have criminal jurisdiction over it.

Final Thoughts

At a time when the international and domestic situation is changing dramatically, the lack of a stable environment has led to a sharp increase in the risk of investing in virtual assets. Therefore, when investing in virtual assets, partners should not only be prepared with their wallets, but also have a firm psychological barrier and never invest in high-risk projects at will . For many GameFi projects and X2E projects represented by StepN, they should not only guard against business risks, but also pay attention to criminal risks and never cross the legal red line .

In addition, we must keep a clear head about the various types of information currently circulating on the Internet. When it is difficult to make judgments due to lack of information, we might as well let the bullet fly for a while .