Regulation of Non-Fungible Tokens under the EU Law

Non-fungible tokens (NFTs) are presenting new legal challenges and opportunities. Their classification depends on what they’re used for, what they’re meant to do, and what makes each one special. There’s a bit of confusion about what owning an NFT really means in terms of legal rights. Since there’s no one set of rules just for NFTs, we have to look at different laws from all over the place to understand them. The kind of laws that come into play can change a lot based on what the NFT is all about.



The metaverse is a digital parallel universe where unique digital assets known as NFTs hold specific utility values. Once a user acquires an NFT on a given platform, they can utilize it within the metaverse based on its intended purpose. For instance, an NFT designed to represent an avatar can function as a controllable character in this virtual space. Additionally, NFTs can symbolize various virtual items, such as clothing for avatars, digital real estate, or artwork. While the term “metaverse” doesn’t have a universal definition, it’s generally recognized as a three-dimensional virtual world where users interact through avatars, engaging in activities ranging from leisure and gaming to professional and commercial exchanges, including financial transactions.

On the other hand, NFTs, which are part of the blockchain, and represent different elements of the metaverse like land, items, and characters typically reside on private servers. These servers run unique code and have secure databases that are not readily accessible. A key aspect of the metaverse is its interoperability and portability, theoretically allowing users to transfer their virtual assets, like avatars or digital artwork, from one virtual environment to another. However, in practice, today’s virtual worlds are often not interconnected, and the properties of an NFT (such as being an avatar) are not universally recognized across different platforms. This means that an NFT might be considered as an avatar on one platform but may not hold any practical value or recognition as such in another virtual environment.


Blockchain technology, primarily used for storing and transferring encrypted data, could be seen as a platform and within it as a component of the information society service.

Such a platform typically offers services based on the following criteria:
Monetary Exchange: Services are usually provided in exchange for payment, often in the form of transaction fees.
Electronic Delivery: Services are delivered electronically.
Remote Access: These services are available remotely, meaning that the provider and the recipient do not need to be present in the same location simultaneously.
Individual Request: Services are provided upon the specific request of the user, tailoring the data transfer to individual needs.

European Union (EU) law mandates that the control and regulation of information society services originate from their source, ensuring the protection of public interests effectively. Act on Electronic Commerce defines the scope of these information society services, which includes commercial communication, data processing, transmission, storage, searching or collection of data, and electronic mail, excluding personal electronic mail. Each national jurisdiction can then further determine its own scope of these services. For example, Slovenian jurisdiction encompasses a broad spectrum of services, including the sale of goods or services, data transfer, provision to stored data recipients in the communication network, web-based data access or advertising, and network connectivity.

When it comes to illegal activities conducted over the Internet, the primary focus is on prosecuting the direct perpetrators. In some instances, responsibility for third-party illegal content may extend to internet intermediaries, but only in a limited scope. These platforms typically function as intermediaries, with the data they handle being supplied by users within the blockchain network, except in cases involving proprietary platforms.

The Slovenian jurisdiction also sets out the foundational rules for the liability of intermediary service providers. Their legislation specifically addresses three categories of information companies offering intermediary services: those engaged in exclusive data transfer, those providing cached services, and those involved in catering services. For each category, the legal framework clearly defines the responsibilities and operational boundaries of each of the service providers within the digital ecosystem.


The European Union has established the Markets in Crypto-Assets (MiCA) Regulation, its first comprehensive regulatory framework for crypto-assets, including issuers and service providers of these assets. The European Commission introduced this proposal on September 24, 2020, and an interim agreement on the proposal was reached between the Presidency of the Council and the European Parliament on June 30, 2022.

MICA’s primary goal is to bring uniformity and consistency to the regulation of crypto-assets across all EU member states. Under this proposed regulation, any entity providing services related to crypto-assets within the EU will be required to secure authorization from national authorities. This authorization will enable them to legally issue and sell digital tokens throughout the EU. Additionally, these providers must be based in the EU and registered with the European Securities and Markets Authority (ESMA).

A key aspect of MiCA is the demand for greater transparency. Service providers will be obliged to provide detailed information about their financial status and the crypto-assets they handle. This includes issuing a comprehensive white paper detailing the features and risks associated with each token, which must be made public and simultaneously submitted to regulatory authorities. Crypto exchanges within the EU will also be required to implement stringent measures for user identification and monitoring of suspicious transactions.

The overarching objective of MiCA is to safeguard consumers and investors from the risks inherent in crypto-asset investments. It sets consumer protection standards that legally shield consumer funds from risks such as cyberattacks and misuse by cryptocurrency exchanges. Consequently, companies dealing in crypto-assets will bear increased responsibility for protecting investors and compensating for any losses incurred.


MiCA specifically excludes certain crypto-assets from its scope. This exclusion applies to unique and non-interchangeable crypto-assets, such as digital art and collectibles, because their value originates from their individuality and the benefits they offer to their owners.

In the same way, the regulation does not apply to non-fungible tokens (NFTs) that represent unique services or physical assets (like a product warranty), as their distinctive characteristics make them non-interchangeable. Even though NFTs can be traded and occasionally serve as a medium of exchange, their inability to be immediately replaced limits their utility as financial instruments. Each NFT’s uniqueness, and value, cannot be directly compared to another NFT in a standardized market context.

However, the regulation does include NFTs issued as part of a collection or series. These tokens, while they are individually unique, collectively form a part of a series, making them interchangeable within that context. Therefore, entities issuing such NFT collections will be treated as cryptoasset service providers under the MiCA regulation. They will be subject to the regulatory requirements designed to protect consumers and investors.

Looking ahead, the European Commission is tasked with conducting a comprehensive assessment. Based on this evaluation, it may develop a specific, balanced legislative proposal to regulate NFTs and address emerging risks associated with this new market segment. This step reflects a proactive approach to managing the evolving landscape of digital assets while ensuring consumer and investor protection.


While the EU is still working on new rules for cryptocurrencies and has yet to create specific laws for non-fungible tokens (NFTs), it is worth looking at existing EU laws for guidance. One such law is MiFID. This Directive forms the foundation of financial market regulation in the EU.

For NFTs, the key question is whether they can be considered transferable securities, which are types of investments that can be traded in financial markets. To be classified as a transferable security, an NFT would need to fit into a certain category of investment. However, the term “class” of securities isn’t clearly defined in the Directive, and EU Member States may interpret it differently. Typically, a “class” implies something that can be exchanged or replaced. Since NFTs are unique and cannot be interchanged, they generally wouldn’t fall under the category of transferable securities as per the Directive’s usual interpretation.

However, since each EU Member State may implement the Directive differently, and because NFTs can vary greatly in nature and use, each NFT might need to be looked at individually to decide if it falls under this Directive. This means a detailed examination of each NFT is necessary to determine its classification under EU law.


The way we legally understand NFTs largely depends on their use, purpose, and the unique characteristics of each token. To figure out which laws apply to them, we need to first understand these aspects. A lot of the confusion around NFTs comes from trying determine what ownership and rights they give to someone. Right now, there isn’t a specific set of laws just for NFTs, so we have to look at various existing laws from different countries to make sense of them. The laws that apply can vary a lot, depending on the original asset that the NFT represents. This could be something like intellectual property, or it might be about transferring ownership rights or the practical use of the NFT itself.

Since there aren’t any specific rules just for NFTs yet, both sellers and buyers need to read the fine print when they’re dealing with NFTs on any platform. They need to understand which laws will apply to their transactions and the (legal) relationships that come out of them.