With recreational and medical marijuana legalisation efforts comes great business opportunity, and unsolved problems. As of today, across the world, and counting. On the list is . recreational and medical marijuana legalisation efforts have succeeded in multiple jurisdictions Luxembourg to become the first European country to  join the ranks of Canada and U.S. in relaxing weed laws In the UK, despite weed being 'illegal' for ages, , in the favour of community, in my opinion. Any warnings issued by the police to a personal user of marijuana would . police forces turn a 'blind eye' to enforcing the law not show up on their criminal background or DBS checks While this creates diverse income streams and new markets, here are key challenges your tech startup needs to be aware of, before you can start selling weed, legally. Liability, licensing and law With a heavily regulated industry like cannabis, it’s always . your fault There is a lot of cash to be held upfront for licensing and regulatory fees — for some jurisdictions; though Canada has a . Also, be prepared to account for any unprecedented events arising, such as lawsuits should your startup inadvertently fail to adhere to the strictest standards. sometimes exceeding six figures "minimum security deposit" requirement of a mere $5,000 It must be ensured there's enough "cushion" in your capital funding to implement changes that may arise on the fly. Until it has become "mainstream" and established, weed legalisation is likely to be implemented in steps, and constantly evolve through different iterations and public 'pilots'. All of this means, you better have a solid legal counsel who are proactively monitoring evolving weed laws in your area. For a tech startup leveraging e-commerce, strong cybersecurity efforts are an inevitable prerequisite given the potential liability that may arise from the trade. Identity and age verification While multiple stakeholders exist in the online identity verification game, . If that sounds like a far-fetched claim, look at . Despite being backed by the British government and having multiple, reliable identity provider partners, it failed massively. not a single one can reliably verify identity online what happened to the £212 million GOV.UK Verify system Online identity verification products, as they exist today, provide enough "indication" of whether a person behind the computer are likely to be who they say they are, but do not absolutely guarantee it. This applies to both used by major credit bureaus, as well as .  The latter can indicate when an ID appears to be 'forged' but can't ever, fully rule out that it isn't, unless a public-facing authoritative database exists to verify the document by its issuer. Knowledge Based Authentication (KBA) workflows AI-powered ID document verification products For an e-commerce startup planning to distribute marijuana completely online, stringent checks need to be in place to reliably verify your customer's age and identity to ensure that the person receiving the order is legally entitled to it. Medical prescriptions The process of ID verification is further complicated in jurisdictions where only medical use for cannabis is legal for the time being, and recreational isn't. That's when an additional step is imposed on your startup to handle and verify prescriptions. Will prescriptions be electronically dispatched from a patient's doctor to your pharmacy? Are the doctor's registered in your system? Or would you rather 'partner' with an existing pharmacy and merely act as a provider? There is a lot of medical terminology and policies here to be aware of. What about the electronic platform that will handle this workflow? Will it comply with patient confidentiality and privacy laws, such as HIPAA (in the U.S.) and GDPR? Geographic restrictions and VPNs Internet as we know is a giant virtual bubble. A person in a particular area can easily pretend to be based in a completely different country, hiding behind a VPN. Granted, technologies exist today, as used by , to detect and 'blacklist' VPNs, they do not always work. VPN IPs can be 'dynamic' and the providers frequently update their global server lists, thereby introducing fresh IPs in the pool. video streaming websites For your marijuana business this means, a person or an ID thief based in a U.S. state which forbids marijuana at every level, could instead order from a state or a jurisdiction where recreational use and online sales are widely permissible, while, if applicable, using forged identity document 'scans' and somebody else's information to pass the security checks. Even if your online pharmacy only delivers in certain areas, the loopholes around the postal delivery system could be exploited to bypass the geographical restrictions altogether. Secure postal delivery I'm not talking about merely dispatching certified, signed and tracked deliveries, but having enough verification in your workflow so that somebody does not take advantage of a "forwarding address" or post office redirection policies. This one is intuitively harder to implement. Building on the previous point, a person could provide their "shipping address" as that of a mail forwarding company based in an area where ordering marijuana online is legal. The forwarding company then 'blindly' redirects the package further to the person in another state. Alternatively, post office based 'redirection' can be used to bypass any secure delivery workflows your company may be relying on. If all else fails, there is always the receiving packages on one's behalf. good ol' pal Conclusion In conclusion, the idea behind starting an online marijuana startup is a thrilling one which brings in great traction from different communities and a tremendous business opportunity. But to step into this relatively untested territory without addressing some of these challenges wouldn't be a smart idea. © 2020. ( ). All Rights Reserved. Akshay ‘Ax’ Sharma Twitter Previously published at https://medium.com/@AkshaySharmaUS/5-challenges-your-cannabis-tech-startup-needs-to-solve-in-2020-dd9616998175

fees

Funding

Twitter

Hacked Peruvian Government Servers are Sending Phishing Campaigns to Chase Bank Customers

A Security Vulnerability Let Anyone “Rewrite the Laws” of Gibraltar

My other blog: Security Report

Book a call

Read My Stories

Too Long; Didn't Read

Boost your HackerNoon story @ $159.99! 🚀

5 Challenges Your Cannabis Tech Startup Needs to Solve: 2020 Edition

5 Challenges Your Cannabis Tech Startup Needs to Solve: 2020 Edition

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

A Security Vulnerability Let Anyone “Rewrite the Laws” of Gibraltar

The Noonification: How to Deal With Flapping or Broken Tests (11/29/2023)

100 Stories To Learn About Digital Identity

29 Stories To Learn About Identity

3 Reasons Why Blockchain Won't #ReleaseTheKraken: An Interview with John Sebes of TrustTheVote.org

A Security Vulnerability Let Anyone “Rewrite the Laws” of Gibraltar

The Noonification: How to Deal With Flapping or Broken Tests (11/29/2023)

100 Stories To Learn About Digital Identity

29 Stories To Learn About Identity

3 Reasons Why Blockchain Won't #ReleaseTheKraken: An Interview with John Sebes of TrustTheVote.org

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps