Community Energy Groups: Can They Shield Consumers from the Risks of Using Blockchain for Peer-to-Peer Energy Trading?

: Peer-to-peer (P2P) energy trading is emerging as a new mechanism for settling the exchange of energy between renewable energy generators and consumers. P2P provides a mechanism for local balancing when it is facilitated through distributed ledgers (‘blockchains’). Energy communities across Europe have uncovered the potential of this technology and are currently running pilots to test its applicability in P2P energy trading. The aim of this paper is to assess, using legal literature and legislation, whether the legal forms available to energy communities in the United Kingdom (UK) can help resolve some of the uncertainties around the individual use of blockchain for P2P energy trading. This includes the legal recognition of ‘prosumers’, the protection of their personal data, as well as the validity of ‘smart contracts’ programmed to trade energy on the blockchain network. The analysis has shown that legal entities, such as Limited Liability Partnerships and Co-operative Societies, can play a crucial role in providing the necessary framework to protect consumers engaging in these transactions. This is particularly the case for co-operatives, given that they can hold members liable for not respecting the rules set out in their (compulsory) governing document. These ﬁndings are relevant to other European countries, where the energy co-operative model is also used.


Introduction
In today's increasingly decentralized energy grid, a distributed ledger technology (DLT), such as blockchain, may bring the speed, automation and decentralisation necessary to coordinate the match between local supply and demand. However, the use of this technology is not without controversy, given the uncertainties around its impact on individual consumers in European countries, including the United Kingdom (UK). There is a risk that consumers' data privacy could be undermined due to a lack of legal clarity on whether and how the recently enforced General Data Protection Regulation (GDPR) applies to blockchains. Furthermore, smart contracts (an added functionality on blockchains) are not recognised in UK law and pose risks to consumers due to their immutability. The law also does not clarify the role, obligations and rights of UK consumers participating in peer-to-peer (P2P) energy trading.
This paper seeks to explore whether different types of legal forms (i.e., legal structures), used to incorporate energy communities, can alleviate concerns around the use of distributed ledgers for P2P energy trading by individuals. To answer this question, the research focuses on the UK for two reasons. First, the energy regulator, Ofgem, is enabling pilots of P2P energy trading using blockchain to take place within the framework of its regulatory sandbox. Secondly, UK energy communities have a range of legal forms at their disposal, among them Limited Liability Partnerships and Co-operative Societies. The characteristics of these legal forms could mitigate the risks associated with the use of blockchain technology by individual consumers. Other European countries, such as France [1] and the Netherlands [2], have taken this approach when requiring P2P energy trading to take place within legal entities, such as energy co-operatives. In this context, the term, 'co-operative', is defined by the International Co-operative Alliance as an "autonomous association of persons united voluntarily to meet their common economic, social and cultural needs and aspirations through a jointly owned and democratically controlled enterprise" [3].
This paper aims to inform and advise European stakeholders involved in the practical roll-out and legal recognition of energy communities testing the use of blockchain for P2P energy trading. First, the paper provides a background on blockchain, the technology's application to the energy sector, and examples of its adoption by energy communities. It will then set out three legal challenges presented by the technology and its use by individual consumers for P2P energy trading. These include challenges to consumers' data privacy, the legal recognition of smart contracts concluded to trade energy, and their rights as active consumers ('prosumers'). The most suitable legal forms available to UK energy communities wanting to engage in P2P energy trading via blockchains will then be set against these legal challenges and compared as to the extent to which they can protect consumers.

Blockchain and Energy
In recent years, there has been a rise in the number of domestic consumers across Europe regarding the generation, storage and sale of electricity, due to a decline in the cost of renewable energy technologies. Smart meters and means of energy storage further facilitate the integration of these 'prosumers' into the energy grid. The evolution towards a lowcarbon, decentralized system, in which domestic producers inject intermittent renewable energy into the grid, has been challenging to manage [4]. The current electricity grids are not designed to absorb excess energy input, such as the energy generated by solar panels. Grids are designed for the unidirectional flow of energy from generators to consumers [5]. The bi-directional flow created by consumers feeding energy into the grid causes disruption, leading to additional costs for energy consumers, due to increased network management by centralised grid parties [6].
Peer-to-peer energy trading using distributed ledgers, such as blockchain, is a potential solution to this problem, since it can facilitate the balance of demand and supply at a local level [7]. The blockchain network enables P2P transactions using cryptographic proof of ownership (i.e., pre-written codes run by computers), instead of human intermediaries. All transactions are recorded and stored sequentially in an unalterable chain of blocks of data, hence the term 'blockchain'. A copy of this ledger of transactions is kept by all participants (i.e., computers; 'nodes') on the blockchain. Other participants provide computational power to verify new transactions and accordingly update the blockchain [8]. An added functionality is the 'smart contract', which was first introduced by the Ethereum blockchain. This is a 'computerised transaction protocol' [9] that is automatically executed once the contract conditions set by blockchain participants are met [10].
A distinction can be made between 'public' and 'permissioned' blockchain. The former is open for anyone to join and transactions are public; Bitcoin is the most famous example. On the other hand, access to permissioned blockchains is restricted to approved participants by a central party, which also determines the rules governing its use. This is likely to be the model adopted for P2P energy trading, due to the use of the energy grid, which is heavily regulated in light of its status as critical national infrastructure [6].
In April 2016, the world's first blockchain-enabled energy trade took place in Brooklyn, where the owner of a solar roof panel sold excess energy to a neighbour [11]. Since then, the number of pilots testing P2P energy trading using blockchain has significantly increased. Imported and exported electricity is measured and recorded by the blockchain system with the help of a connected smart meter. Based on this data, the system matches buyers and sellers of self-generated energy and consequently settles the financial transactions between them [6].
Several energy communities across Europe are testing the use of blockchain for P2P energy trading. Goiener, an energy cooperative in Spain, is running a pilot with the tech start-up Klenergy [12]. The first phase focused on testing Klenergy's blockchain ('Pylon Network') to provide consumers with a choice of renewable energy sources, including energy generated by prosumers. Since community self-consumption (CSC), a form of P2P energy trading [13], which has become legally recognised in Spain, Goiener expanded the pilot to provide CSC services to community members [14].
In the UK, several pilots testing P2P energy trading with blockchain are being rolled out within the framework of the energy regulator's (Ofgem) regulatory sandbox, which aims to test new energy innovations without being subject to all of the regulatory requirements that would usually apply, since P2P energy trading is currently not allowed under UK law [15]. Repowering London, a not-for-profit organisation facilitating community energy projects [16], is part of a consortium currently trialing a local P2P blockchain-enabled energy trading platform in London. Urban residents living in the same apartment block source their energy from a solar PV array on the building's roof, and trade excess energy with their neighbors. The energy transactions and billing between neighbors is enabled by blockchain, with participants having the ability to set trading preferences on a mobile app [15].
Blockchain is a commonly used technology in P2P energy trading schemes, as evidenced by a range of pilots across the world (e.g., Quartierstrom in Switzerland [17][18][19], Brooklyn Microgrid in the United States [20][21][22], Lyon Confluence in France [23]). A common denominator in these pilots is that participants set basic parameters indicating the price and quantity of energy they are willing to buy/sell, usually via a mobile app (see Figure 1 below). Blockchain technology then enables trading to become automated (through the use of smart contracts), once preferences have been set by consumers. These pilots also make use of a private blockchain in order to ensure participant safety. This paper uses empirical evidence of the applications of blockchain for energy trading, as seen in pilot projects (i.e., direct involvement of consumers, smart contracts enabling trading, use of private blockchain), to carry out a legal analysis. Modelling studies aimed at further developing P2P energy trading models (e.g., [24,25]), are beyond its scope, given their focus on aspects of practical application only. buyers and sellers of self-generated energy and consequently settles the financial transactions between them [6]. Several energy communities across Europe are testing the use of blockchain for P2P energy trading. Goiener, an energy cooperative in Spain, is running a pilot with the tech start-up Klenergy [12]. The first phase focused on testing Klenergy's blockchain ('Pylon Network') to provide consumers with a choice of renewable energy sources, including energy generated by prosumers. Since community self-consumption (CSC), a form of P2P energy trading [13], which has become legally recognised in Spain, Goiener expanded the pilot to provide CSC services to community members [14].
In the UK, several pilots testing P2P energy trading with blockchain are being rolled out within the framework of the energy regulator's (Ofgem) regulatory sandbox, which aims to test new energy innovations without being subject to all of the regulatory requirements that would usually apply, since P2P energy trading is currently not allowed under UK law [15]. Repowering London, a not-for-profit organisation facilitating community energy projects [16], is part of a consortium currently trialing a local P2P blockchain-enabled energy trading platform in London. Urban residents living in the same apartment block source their energy from a solar PV array on the building's roof, and trade excess energy with their neighbors. The energy transactions and billing between neighbors is enabled by blockchain, with participants having the ability to set trading preferences on a mobile app [15].
Blockchain is a commonly used technology in P2P energy trading schemes, as evidenced by a range of pilots across the world (e.g., Quartierstrom in Switzerland [17][18][19], Brooklyn Microgrid in the United States [20][21][22], Lyon Confluence in France [23]). A common denominator in these pilots is that participants set basic parameters indicating the price and quantity of energy they are willing to buy/sell, usually via a mobile app (see Figure 1 below). Blockchain technology then enables trading to become automated (through the use of smart contracts), once preferences have been set by consumers. These pilots also make use of a private blockchain in order to ensure participant safety. This paper uses empirical evidence of the applications of blockchain for energy trading, as seen in pilot projects (i.e., direct involvement of consumers, smart contracts enabling trading, use of private blockchain), to carry out a legal analysis. Modelling studies aimed at further developing P2P energy trading models (e.g., [24,25]), are beyond its scope, given their focus on aspects of practical application only. It should be noted that the term, 'energy community' is widely used in the reviewed literature. Another term referring to this phenomenon is 'community energy', which has been defined by Community Energy England as the delivery of community-led energy supply, renewable energy and energy demand reduction projects, whether fully owned or controlled by communities, or through partnerships with public sector or commercial partners [27]. It should be noted that the term, 'energy community' is widely used in the reviewed literature. Another term referring to this phenomenon is 'community energy', which has been defined by Community Energy England as the delivery of community-led energy supply, renewable energy and energy demand reduction projects, whether fully owned or controlled by communities, or through partnerships with public sector or commercial partners [27].

Method
The aims of this paper are to assess the three key legal challenges faced by consumers trading energy using blockchain, and how the legal recognition of energy communities may shield them from such risks. The main research method of this paper consisted of reviewing secondary literature and legislation. Publications, such as reports by lawyers and international organisations, as well as research by legal academics, formed the bulk of the literature reviewed.
The first step of the research was to narrow down the main legal challenges to consumers presented by blockchain. The chosen literature focused on the regulation of blockchain, as well as of Internet platforms hosting P2P transactions. The next step was to review UK and European Union (EU) legislation in the fields of consumer, energy, contract, and data privacy law. Provisions that are applicable to P2P energy trading via blockchains were chosen for analysis. The extent to which the main legal challenges found in the first step were regulated by UK and EU legislation was then assessed. The case law on the topic was limited given the technology is novel.
The next step was to investigate the legal forms available to community energy groups in the UK. The most suitable legal forms for P2P energy trading via blockchains, namely Co-operatives and LLPs, were chosen. The characteristics of these legal forms were then used to analyse the extent to which they could protect individual consumers from the risks identified in the first step.

Legal Challenges
Energy consumers trading energy are more exposed to risk than the average energy consumer [13]. This is because they take on more tasks traditionally held by incumbents, such as energy suppliers. The choice of blockchain technology by many energy trading pilots, that are used to enable trading, further complicates matters, since it presents additional risks due to its immutable and decentralised nature. This section sets out three key legal challenges to individual consumers trading energy using blockchain technology: data privacy, smart contracts, and prosumer rights.

Data Privacy
On 25 May 2018, the European Union's General Data Protection Regulation (GDPR) became directly applicable in the legal orders of all EU Member States, including the United Kingdom [28]. In the UK the GDPR is supplemented by the Data Protection Act 2018, having recently replaced the Data Protection Act 1998. In light of the UK's exit from the European Union, the European Union (Withdrawal) Act incorporates the GDPR into UK law [29].
The GDPR lays down rules protecting natural persons with regard to the processing of their personal data by (semi-)automated means (Article 2(1)) [30]. Personal data is defined as "any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly, or indirectly, and in particular, by reference to an identifier, such as a name, identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person" (Article 4). The GDPR is not applicable to anonymous data (Preamble (26)).
The literature on GDPR and blockchain has identified several issues. One of them being that the GDPR is applicable to pseudonymised data, since this type of data can be attributed to subjects with the use of additional information (Preamble (26)) [30]. Data on the blockchain can be found in plain text, hashed (i.e., compressed), or encrypted (i.e., revealed using a set of keys) [31]. According to the Article 29 Working Party, an advisory body having issued guidelines on the application of EU data protection legislation, hashing, and encryption are considered pseudonymisation techniques [32]. Academics argue that the public keys, used by blockchain users to transact with each other, include pseudonymous data falling under the GDPR's scope [31]. This is because they can be traced back to the IP address of an individual, which is 'personal data', as concluded in the ruling Patrick Breyer v Germany [33].
The rights set out in the GDPR may, thus, be invoked by natural persons participating in blockchains. These include the right to request the data controller for rectification of inaccurate information (Article 16), the right for data to be erased ("right to be forgotten") in Article 17, and the right to data portability in Article 20. These rights clash with one of blockchain's main characteristics: once information is recorded on it, it is very difficult to remove or amend it (also known as 'immutability') [34]. This is to fend off attacks and discourage fraud [8].
The GDPR also imposes obligations on the controllers and processors of personal data, such as enforcing the rights set out in the previous paragraph. The controller is defined as a natural or legal person determining "the purposes and means of the processing of personal data", while the processor is a natural or legal person processing "personal data on behalf of the controller" (Article 4) [30]. In the context of blockchain, it is difficult to distinguish between the processor and controller. Some academics argue that the users of blockchain could be considered as data controllers, since they determine which information is included in a transaction. Yet, they could also be processors, as their computers run the blockchain [31].

Smart Contracts
A smart contract is a transaction that self-executes once parties' terms, pre-programmed into computer code, are met [10]. Once executed, it become visible to all blockchain participants and cannot be destroyed nor tampered with [35]. In the context of energy trading, smart contracts function in the following manner: terms are programmed by members of an energy community, connected by the public energy grid or a microgrid, by using a blockchain interface linked to their smart meter, such as an application [26]. The parties' terms specify the conditions under which the sale, purchase, or donation of energy take place. For instance, an individual wants to purchase energy at X price once it is made available on the grid, while another will want to sell energy for Y price. Also, someone else may wish to donate excess energy to a person with an income below X or living on benefits. Once the blockchain identifies matching terms, the 'smart contract' is executed, with a financial transaction automatically taking place whenever two traders' terms match [36,37]. It should be noted that the term, 'smart contract', can be misleading, as not all smart contracts are 'contracts' in a legal sense. This depends on the smart contract at hand, i.e., the issue which it relates to and its format [38].
Smart contracts are not explicitly recognised in UK nor European law. The revised EU Renewable Energy Directive, which entered into force in December 2018, defines P2P energy trading as taking place "by means of a contract with pre-determined conditions governing the automated execution and settlement of the transaction, either directly between market participants or indirectly through a certified third-party market participant" [39]. This could be interpreted as including smart contracts. Currently, and particularly in the case of the UK (as it is not certain if it will choose to transpose the EU Directive), national contract law is the most reliable source to assess the validity of smart contracts.
Under English law [40], parties must reach an agreement before a contract is formed. This is achieved when the offeror makes an offer that is accepted by the offeree. In this regard, there needs to be an intention to create legal relations between the parties. The contract will not be binding if it is not supported by "consideration". This is based on the idea of reciprocity, namely that '"something of value in the eye of the law" must be given for a promise, in order to make it enforceable as a contract' [41], i.e., a payment. Most of the literature agrees that such requirements are fulfilled by smart contracts [38,42]. It should be noted that an agreement lacks contractual force if it is so uncertain or vague that 'no definite meaning can be given to it without adding further terms' [41]. A smart contract without terms that purely digitises a process does not satisfy this requirement [43]. This is not applicable to smart contracts for energy trading, since they will need to specify the conditions under which a transaction should take place.
Once executed, smart contracts are immutable and cannot be undone. This means that they are not able to keep up with changing circumstances, something that is foreseen in contract law [44]. For instance, a traditional contract may be discharged on the grounds of "frustration". This is when something occurs after the formation of the contract that renders it commercially or physically impossible to fulfil. Examples include a subsequent change in the law or in the legal position of a party. Furthermore, it is common for parties in a contract to include open-ended clauses limiting the impact of unforeseen events. An example is the "force majeure" clause, a contractual term that is included as a ground to modify or cancel performance of the contract following an (un)specified event or event beyond the party's control [41]. Since it is self-executing, a smart contract cannot stop or reverse once an instance of force majeure or frustration takes place. Even if this were to become possible in the future, it is difficult to imagine how a smart contract would be able to recognise such events, since force majeure terms are usually formulated vaguely to give room for flexibility in their interpretation [45].

Prosumer Rights
The blockchain was created with the aim of enabling seamless P2P transactions without the trusted 'middleman' [8]. It provides a platform for the trading of energy within a community, where anyone having access to the Internet and a smart meter can become an active consumer and sell energy for profit [26]. In this scenario the line between traders and consumers becomes blurred [46], and it is unclear at which point consumer law, which is designed to protect the consumer in business-to-consumer (B2C) transactions, becomes applicable [47].
Under the UK Consumer Rights Act, a trader is defined as "a person acting for purposes relating to that person's trade, business, craft or profession, whether acting personally or through another person acting in the trader's name or on the trader's behalf". A consumer is defined as "an individual acting for purposes that are wholly or mainly outside that individual's trade, business, craft or profession" (Section 2) [48]. These are in line with the definitions set out in relevant EU legislation, such as the Directive on Consumer Rights, Directive on Unfair Commercial Practices, Directive on Unfair Terms in Consumer Contracts and Electronic Commerce Directive. However, the definition of 'consumer' in EU law does not contain the nuance included in the definition in the Consumer Rights Act ("wholly or mainly outside"), which was added with P2P transactions in mind. In light of this, the UK government has made it clear that UK consumer law is not applicable where an individual is simply "selling something or offering a service as a side-line" [49]. Based on these definitions, the consumer engaging in P2P energy trading would not be considered a "trader".
In its Communication on the Collaborative Economy, the EU lists the following criteria as guidelines to assess whether a consumer can qualify as a "trader": frequency of services (i.e., offering of services "on a purely marginal and accessory basis as opposed to regularly"); profit-seeking motive (i.e., those obtaining remuneration beyond cost compensation will "likely have a profit-seeking motive"); level of turnover (i.e., the higher the turnover, from one service in particular, the higher the chance that the peer is a trader). For instance, a person qualifies as a trader if they offer gardening services through a P2P platform on a regular basis, seeking to "obtain substantial remuneration" [50]. Interestingly, the first two criteria could be fulfilled in the case of P2P energy trading, particularly if an individual starts to trade daily and views it as a profit-making venture.
The revision of key EU legislative texts, such as the Electricity Directive (ED) and Renewable Energy Directive (RED), provides clarification on the rights of energy consumers and energy communities. The Renewable Energy Directive recognises "renewable self-consumers" (Article 2(14)), and the Electricity Directive recognises the "active customer" (Article 2(8)). They can generate, store, consume and sell electricity as consumers, provided that these activities "do not constitute their primary commercial or professional activity" (Article 22 RED and Article 2(8) ED) [51]. The revised Renewable Energy Directive recognises the right to conduct P2P energy trading "without prejudice to the rights and obligations of the parties involved as final customers" (Article 2(18)). Energy communities also have the right to "share . . . renewable energy that is produced by the production units owned" by the community, while retaining members' obligations and rights as customers (Article 22) [39]. Based on these provisions, peers trading energy within a community are not likely to qualify as traders, since profits would not be significant enough for it to become a "primary commercial or professional activity".
The clarity provided by the revised EU Directives is crucial, since consumer law imposes significant obligations on traders in business-to-consumer transactions. Individual consumers do not have the same organisational, technical, and legal resources as traditional companies. There is also the question of whether it is fair to impose these obligations on a peer participating in today's 'sharing economy' model. Overall, treating peers as traders could become a disincentive for further participation and eventually inhibit innovative market models [47].
Peers trading energy on the blockchain participate in consumer-to-consumer (C2C) transactions provided that they are not corporate entities. In a paper studying this issue, the UK government clarified it has no plans to extend consumer law to C2C transactions, since they fall under the scope of contract law (although there is recent evidence that it is starting to change its mind [52]). In its opinion, "both parties . . . have equal status and should therefore have the freedom to contract as they wish" [49]. The presumption of an equitable position between consumers is questionable in an online environment where there is no human contact nor room for negotiation [53]. Additional safeguards for consumers engaging in P2P trading should be formulated, as has been done in France. In February 2016, French contract law was amended so that Article 1171 of Order No. 2016-131 stipulates that clauses creating a "significant" disequilibrium between the rights and obligations of parties to a contract in "adhesion contracts", contracts containing pre-determined and non-negotiated terms (Article 1110), are considered void [54]. Smart contracts on the blockchain are equivalent to adhesion contracts, since they execute automatically once individual parties' terms match, without any prior negotiation taking place.

Legal Forms Available to Energy Communities
As stated in the introduction to this paper, several countries are making it conditional for consumers to be part of legal entities when trading and sharing energy between themselves. The revised EU energy Directives do not specify what are the best legal forms for this activity, leaving the door open to communities to choose the most suitable option [55]. The UK (which can choose to transpose the Directives) makes a range of options available to energy communities, and thus, provides an interesting setting for this paper.
In 2019, the most popular legal forms for energy communities in England, Wales and Northern Ireland were Community Benefit Societies (47%) and Community Interest Companies (11%), followed by Co-operative Societies (~10%) [56]. Another available legal form is the Limited Liability Partnership [57].
Community Benefit Societies (BenComs) and Community Interest Companies (CICs) may not be suitable for energy communities carrying out P2P energy trading. This is because they are required by law to invest their profits into the wider community and are therefore not set up with their members' own interests as a primary focus (Section 2(2)(ii) CCBSA) [58,59]. Peer-to-peer energy trading has a more individual focus, enabling participants to make a profit from trading. This paper will therefore focus on Co-operative Societies (Co-operatives) and Limited Liability Partnerships (LLPs), since they are primarily set up to benefit their own members [57].

The Importance of Incorporation
It is crucial to understand why energy communities should be 'incorporated' into a legal form, such as the LLP or Co-operative Society. As an incorporation, a legal identity is created 'for an organisation that is distinct from its members'. The corporate body has different rights and duties to its members, such as the ability to own land or enter into contracts, since it is a separate person in the eyes of the law. It is registered under an Act and with a regulator. Incorporation provides limited liability to members, leading them to share risk more evenly between themselves [60]. If the entity goes bankrupt, they will only be liable to the extent of 'the capital or guarantee they have put in or agreed to put' into the entity [61]. On the other hand, unincorporated organisations are perceived as a group of people that are jointly and individually responsible for the body's activities [57].
In the next sections, the main characteristics of Co-operative Societies and LLPs are set out.

Co-Operative Societies
Co-operative Societies are regulated by the Co-operative and Community Benefit Societies Act 2014 (CCBSA). Before registering a group as a Co-operative, the Financial Conduct Authority (FCA) considers whether the entity meets the definition of a Co-operative, as set out by the International Co-operative Alliance [3]. They are not meant to carry on business with the object of "making profits mainly for the payment of interest, dividends or bonuses" (Section 2(3) CCBSA) [58].
The Co-operative Society's governing document, or "rules", binds its members (Section 15(1) CCBSA) [58]. All Co-operatives must have such a document [62]. It may provide that any failure to comply with the rules or contravention, thereof, is an offence, punishable "on summary conviction by a fine not exceeding such reasonable sum as is specified by the rules" (Section 20 CCBSA) [58]. A register of members is to be kept at the Co-operative Society's office, which should include details such as the member's name and postal address (Section 30 CCBSA) [58]. Books of account and balance sheets should also be kept, containing details of the Society's transactions (Sections 75 and 80 CCBSA) [58]. Members may include corporate bodies (Section 32 CCBSA) [58]. Co-operative Societies have a governing committee overseeing decision-making [63]. However, control over the society lies with all members, exercising it equally ('one member, one vote') [57]. Corporation tax is to be paid on the Co-operative Society's profits [64].

Limited Liability Partnerships
A Limited Liability Partnership (LLP) is formed by two or more natural or legal persons carrying on a "lawful business with a view to profit" (Section 2(1)(a) LLP Act) [65]. The main legislative texts regulating LLPs are the Limited Liability Partnerships Act 2000 (LLP Act) and Limited Liability Partnerships Regulations 2009 (LLP 2009). The LLP's members are named in its incorporation document (Section 4(1) LLP Act) and new members are notified to the registrar at Companies House (Section 9(1)(a) LLP Act) [57]. The governing document of the LLP is the "agreement", which is not compulsory to draft and can be kept confidential (Section 5 LLP Act) [57].
Any assets resulting from business or trade with a view to profit are taxable, with members being taxed separately (Section 10(3) LLP Act). An LLP must at all times have a registered office in the UK (Section 16 LLP 2009) [66]. It should also keep a register of its members and make it available for inspection at its office (Section 18 LLP 2009). Details to be included in the register include names and dates of birth (Section 18 LLP 2009). The LLP has a duty to deliver annual returns to the registrar (Section 30 LLP 2009), as well as to make its accounting records available (Section 74 LLP 2009). It must have at least two 'designated members' who have additional administrative responsibilities [67].

To What Extent Can These Forms Protect Consumers?
Now that it is clear that Co-operatives and LLPs are the most suitable legal forms for P2P energy trading in the UK, the extent to which they can protect consumers from the three key legal challenges identified above will be analysed in the following section.
As set out in the previous section, there is lack of clarity as to how the GDPR, the recently enforced EU data privacy regulation, is applicable to blockchain technology. The GDPR is applicable to pseudonymised data, and the literature on the topic argues that information on the blockchain, including the public keys making transactions possible, are pseudonymised data. This means that persons trading energy can invoke rights in the GDPR, such as the right for their data to be erased, which is very difficult to do in the case of a blockchain. Furthermore, in a blockchain, it is not clear who can be defined as the 'controllers' (controlling the purposes/means of processing data) and 'processors' (processing data on behalf of the controller) in charge of enforcing the rights in the GDPR, due to the technology's decentralised nature.
In a private blockchain, which will probably be the model adopted by an energy community, the controller is likely to be the legal entity in charge of running the community (Co-operative Society or LLP), and the processor is a blockchain platform provider. Provided that all members are natural persons, the data processed on the blockchain falls under the scope of the GDPR. If members are legal entities, which is possible in the case of Co-operative Societies and LLPs, the GDPR will not be applicable to them [68]. Only a few members are likely to be legal entities, since the registration and running thereof implies significant costs and responsibilities [69].
In order to comply with GDPR rights, data will need to be stored off the blockchain. There are several ways to do this, such as storing it in a 'content-addressable storage system' and retrieving it by using the reference to the storage included in a smart contract [70]. Pilots, such as Lyon Confluence (mentioned above) use 'zero knowledge proofs', where data verification is 'decoupled from the source of data' [23].
As for the public keys, it is impossible to store them off-chain since they are indispensable for the validation of transactions on the blockchain. Satoshi Nakamoto, pseudonymous creator of the Bitcoin blockchain, recommends that a new pair of keys be used for each transaction to avoid disclosing the owner's identity [8]. There are other ways in which to make public keys indiscernible, such as 'Ring Signatures', a technology providing a set of public keys without disclosing which is the real one [71]. However, we do not know whether these methods will be judged as constituting anonymisation by the courts and regulators, and therefore whether public keys fall under the GDPR's scope [72,73]. It also remains to be seen how the courts will interpret GDPR rights. For instance, the term 'erasure' is not defined in Article 17 and provides margin for interpretation [31].
The document ruling the relationship between the LLP or Co-operative Society and their members, which could include the consent given by members for their data to be processed by the entity, should explain how data is moved off-chain, as well as the uncertainty around public keys. The legal entity will be penalised if the methods deployed to anonymise public keys are later judged to be inappropriate. Members would need to willingly take this risk when consenting to the ruling document. Additionally, they would be personally liable and incur significant costs if they were considered to be the processors. Should the processor be a platform provider, it will be difficult to find one that is open to accepting the potential risk of penalisation. In sum, legal entities, such as Co-operative Societies and LLPs do not remove the risk of data privacy infringement for individual consumers.
On the other hand, when it comes to the legal challenges of smart contracts and prosumer rights, Co-operatives and LLPs can play a significant role in protecting consumers. The difference with the legal challenge of data privacy is that there is a lack of legislation applicable to smart contracts and prosumer rights, enabling legal forms to fill in the gaps through internal governance rules.
As set out in the previous section, the challenge with smart contracts (which are an essential component of P2P energy trading) is that they are not recognised in EU or UK law. There is consensus in the literature that smart contracts meet the main requirements of a contract under UK law. However, it is not possible for a smart contract to include open-ended provisions protecting consumers in the face of uncertainty, such as in the case of an unforeseen event (force majeure). This is due to the automated and irreversible nature of smart contracts.
Therefore, judges and arbitrators will play a crucial role in 'reversing' transactions and assessing defendants' claims for reimbursement. The difficulty of writing flawless code into a smart contract [74,75] is also likely to increase reliance on third party input [44]. Parties should, thus, anticipate that the smart contract could go wrong, and include in a separate document kept off the blockchain that is reviewed by a qualified third party (appointed by the community), as well as linked and referred [70] to in the smart contract, their detailed individual contract terms in natural language. This is particularly relevant in the case of an energy community, be it a Co-operative Society or LLP, since members can be personally liable in case a smart contract with another member does not go as planned. It should be noted that in case of smart contracts between corporate entities, contract law also applies, albeit with less protection of parties' interests.
In order to further avoid future disputes, members of a Co-operative Society or LLP trading energy on the blockchain should sign a 'participating agreement', included in the governing document of the legal entity [43]. This agreement should make the formulation of the 'off-chain' document containing members' detailed terms compulsory, as well as indicate the third parties that will provide legal input pre-and post-dispute. It should also indicate the 'order of precedence' between the smart contract code and the off-blockchain natural language text in the event of a conflict [74]. The agreement should be enforced, particularly in the case of a Co-operative Society, by imposing financial penalties on non-compliant members (Section 20 CCBSA) [58]. In sum, it can be concluded that the characteristics of LLPs, and particularly Co-operative Societies, smoothen out smart contracts' shortcomings, since members are bound by their governing document, which could include rules on the terms of smart contracts and dispute resolution. This is significant in the current absence of legal clarity.
Equally, in the absence of legal protection of consumers in P2P transactions, Cooperative Societies or LLPs running the private blockchain will ultimately ensure the protection of members using their blockchain network. It is not clear yet whether and how blockchain trading platforms are subjected to consumer law. However, in the interest of maintaining members' trust and ensuring their well-being, energy community entities need to work together with members to formulate suitable rules for platform use [47]. These should be included in the entity's governing document, and fines should be imposed for infringements (as can be done in a Co-operative).
The burden of protecting consumers on the platform thus becomes shared between the legal entity and its members [76], creating a collective sense of responsibility [77]. Such 'platform cooperativism' [78] and 'self-regulation' approaches have been proposed by academics as suitable ways to regulate today's P2P platforms, instead of applying B2C-focused consumer law [79]. Local entities, such as LLPs and Co-operative Societies can therefore become crucial actors in the regulating of P2P energy networks. These bodies could serve as the key regulatory partners of the government, whose role in a sharing economy context will evolve from being the direct enforcer of regulation to one of overseeing the application of its standards and rules by P2P platforms [80].
As summarised in Table 1 below, legal forms, such as Co-operatives and LLPs, provide no protection to consumers in the face of challenges around data privacy (0), as opposed to providing protection for risks associated with smart contracts and prosumer rights (1). Table 1. Table summarising the protection provided by legal forms to consumers engaging in peer-to-peer energy trading using blockchain technology.

Conclusions
Distributed ledgers, such as blockchain, provide the infrastructure for the matching of supply and demand at local level, enabling prosumers to feed their self-generated energy into the grid and sell it to other consumers. Energy communities have realised the potential of this technology and are currently running pilots testing its applicability to P2P energy trading. In the UK, Co-operative Societies and Limited Liability Partnerships (LLPs) are the most suitable legal forms for a community engaging in P2P energy trading, since their focus lies on the benefiting of members.
The analysis has found that Co-operative Societies and LLPs would not be able to resolve the uncertainties around data privacy. This is because it is not clear whether users' public keys, which are impossible to remove off the blockchain, constitute data falling under the GDPR's scope. Furthermore, it is not clear who is responsible for enforcing data privacy rights. When it comes to the validity of smart contracts and consumers' rights in P2P transactions, LLPs and Co-operative Societies can play a crucial role in providing the necessary framework to protect consumers taking part in C2C transactions, which is valuable in light of the current lack of legal clarity on these issues. Co-operative Societies would provide more safeguards for consumers, since they can punish members not respecting the rules set out in their governing document. This document is compulsory for Co-operatives, which is not the case for LLPs. It should be further noted that the limited liability aspect of Co-operative Societies and LLPs is only marginally relevant in the protection of data privacy, since the entity is responsible for enforcing the GDPR if members are natural persons. In the case of smart contracts and consumer rights, this aspect plays no role, since P2P transactions are regarded as private transactions between individuals.
To conclude, energy communities have the potential to further stimulate P2P energy trading and enhance the uptake of renewable energy, as well as allow residents to collectively benefit from renewable energy installations. Entities, such as Co-operatives will play a key intermediary role in the decentralised and 'peer-to-peer' energy system of the future. The UK and other European governments should already anticipate this and provide further support to local energy communities. Furthermore, regulators should recognise that P2P transactions will eventually take place within energy communities, and accordingly adapt the registration process for Co-operative Societies, as well as the laws around the protection of their members. Further research will need to be conducted on the applicability of the 'bottom up' regulatory approach currently being applied within sectors experiencing P2P transactions (e.g., transport and accommodation) to the energy sector, and the role of energy communities in this approach. Another question deserving further research is whether consumers who become part of LLPs could still retain their consumer rights, in light of the commercial nature of this legal form.