xxx
On a webinar hosted by the Human Rights Commission, a number of civil and digital rights advocates backed recent calls for a moratorium on the use of facial recognition technology in government decision making until appropriate privacy protections are enshrined in law.
From Experts back facial recognition moratorium – InnovationAus:
xxx
xxx
As voice cloning technology has become ever more effective, it is of increasing interest to actors… and cybercriminals.
When Tim Heller first heard his cloned voice he says it was so accurate that “my jaw hit the floor… it was mind-blowing”.Mr Heller, a 29-year-old voiceover artist and actor from Texas, does everything from portraying cartoon characters, narrating audio books and documentaries, speaking on video games, and the voiceovers on film trailers.
He says he recently turned to voice cloning to “future proof” his career.
He says it may enable him to secure more work. For example, if he is ever double-booked, he could offer to send his voice clone to do one of the jobs instead.From Voice cloning of growing interest to actors and cybercriminals – BBC News:
xxx
As we move into the inter-pandemic period, there is an interesting discussion to be had about whether the changes induced by the COVID-19 crisis are short- or long-term and to what extent those changes are an acceleration of existing trends (as I think they are, largely) or new directions for the sector. Ron Shevlin wrote an excellent piece in Forbes highlighting one element of strategic change, saying that “the new normal marks the end of fintech experimentation”. He went on to point out, somewhat harshly, that banks have used fintech partnerships as a way of convincing themselves that they are innovating rather than actually doing anything transformational.
I completely agree. I gave some seminars to bank management on the impact of technology on the business a couple of years ago, and to set up a narrative to help the executives frame my approach, I said that I thought the “fintech era” would run through to 2020 when it would be overtaken as the shared paradigm. My prediction, which I stand by, is that we are leaving the fintech era and entering the open banking era. The virus may have accelerated the transition between the eras, but it was coming anyway.
In the open banking era, fintechs will not vanish, but they will innovate and operate in a different way. They will not need to partner with incumbents, since they can use open banking infrastructure to get access to their customers’ data that the banks have, and their costs to market should be reduced through the use of standard interfaces. This means that the fintechs will be able to focus on the customer journey and user experience to bring new products and services into the market.
So what, then, should the banks focus on? At this year’s (sadly virtual) Paris Fintech Forum I hosted an interesting discussion with Simon Paris, the CEO of Finastra. Simon rather kindly reminded me of my predictions about what we now call open banking in the Centre for the Study of Financial Innovation (CSFI) report on “The Internet and Financial Services” back in 1997.
(As an aside, I remember that when the CSFI held a twenty year reunion to discuss this seminal report, it was interesting to see just how much of the report was spot on about the impact of the internet but I was spectacularly wrong about one particular point: I thought that digital TV as well as mobile would become a commerce channel. What actually happened, of course, was that the mobile became a permanent second stream for commerce.)
Anyway, Simon and I were discussing the split between the manufacturing and distribution of financial service, so I thought it might be useful to post my short and high-level recap of the strategies available to banks across this split.
The techfins are the technology companies who embed financial services to make their own products more attractive but whose business model does not depend on margin in those financial services (as that Economist article noted “Amazon wants payments in-house so users never leave its app”.). The fintechs are companies who embed technology to make their own products more attractive and whose business model depends on margin in those financial services such as one of my favourite companies, Wise).
The techfins (as opposed to the fintechs) are more than happy to have banks, for example, do the boring, expensive and risky work with all of the compliance headaches that come with it. What Big Tech wants is the distribution side of the business, as shown in this old diagram of mine. They have no legacy infrastructure (eg, branches) so their costs are lower and the provision of financial services will keep customers within their low-cost ecosystems. If you use the Google checking account and Google pay then Google will have a very accurate picture of your finances. A very accurate picture indeed.
The business model here is very clear. What Big Tech wants isn’t your money (the margins on payments are going down) but your data and just as Big Tech has made ecosystems impervious to competition, so it could cross-subsidise (with data as well as with money) its financial services products to raise such a barrier to competition that no newcomer will be able to spend enough to gain traction. Hence the evolution of bank-as-a-platform for other financial services organisations to bank-as-a-service (BaaS) that Simon and I were discussing: it will be non-financial distributors who get the products into the hands of the people. Kids opening their Next bank accounts will neither know nor care that the actual account is provided by Barclays.
That’s why I have bored audience senseless repeatedly telling them that when people talk about “challengers”, they should be talking about Microsoft and Nike not Monzo and N16. If Big Tech takes over consumer relationships, banks will end up having to give away margin but, far more seriously and far more unrecoverably, data. As Andrei Brasoveanu of Accel said, if Big Tech gets hold of the distribution side of the financial services business, then the manufacturers of financial services products will be “utilities, providing low-margin financial plumbing”. Well, that’s the lucky ones. The unlucky ones will be wiped out in a wave of manufacturing supply-chain consolidation and factory closures.
[This is an edited version of an article that was first published on Forbes, 26th June 2020.]
The Prime Minister, Alexander Boris de Pfeffel Johnson, once wrote about ID cards that if he were ever asked to produce one as “evidence that I am who I say I am” that would take it out of his wallet and “physically eat it”. Now, however, he has announced that he intends to introduce mandatory voter ID for elections. Since Britain doesn’t have an ID card, or a functioning digital identity infrastructure, he will thankfully be spared the indignity of eating an ID card (or, presumably, his phone) at the polling station. What’s more, since Britain doesn’t have a problem with voters being impersonated at the polling station in the first place*, it doesn’t matter.
If you are wondering why it is that Britain is about to demand an ID that people do not have in order to solve a problem that does not exist.. well, it’s security theatre that will keep everyone happy. A rigorous ID requirement would be problematic, because a quarter of the British electorate lack either of the principal photo ID documents, a passport or a driving licence. Hence when you go to vote you will produce either some photo ID document (eg, a Portuguese fishing licence or a British passport) that the chap at the polling station cannot conceivable verify (in Britain polling stations are manned by cheerful local volunteers, not ex-Israeli airport security counterfeit document detection experts) or some random non-photo ID document from a peculiarly English assortment of possibilities including your local library card (these are notoriously difficult to forge, of course)
To me this represents a wonderful, pragmatic British compromise — a countermeasure that doesn’t work to a problem that doesn’t exist— that avoids dealing with the real problem: the electoral fraud that does not happen at the polling booth. The main source of such fraud in the UK is not personation at the polling station but fraudulently-completed postal ballots, a situation that led one British judge to call it “a system that would disgrace a banana republic”. As far as I can understand it from reading the various reports, including the source reports on electoral fraud in the UK, the main problem is that postal votes are being completed by third parties, sometimes in bulk. No proof of identity is going to make any difference to this and so long as we allow people to continue voting by post I can’t see how the situation will improve. It is not beyond the wit of man to come up with alternatives to the postal vote. But that’s not what is being proposed. The UK government is not currently proposing an app or any other kind of electronic voting here, it is merely proposing to add a basic test of identity at the ballot box.
(This is a subject of some interest to me. My home town of Woking, one of the few places in England where people have been jailed recently for electoral fraud, was part of the government’s original voter ID pilot scheme which trialled different types of identification, including formal correspondence such as a utilities bill. I should explain here for foreign readers that in the UK we see the British Gas quarterly bill as a uniquely trusted document.)
The real way forward is, of course, not about using gas bills or indeed special-purpose election ID cards only for the purposes of voting, or a national identity scheme that Mr. Johnson dreads, but a general-purpose National Entitlement Scheme (NES). This sort of thing has been put forward for decades by informed industry observers (eg, me) but I think it now has added momentum because of the combination of technological evolution in the field of identification, authentication and (in particular) authorisation as well as the pandemic pressure to manage vaccination certificates and test results. Much as a person should be able to demonstrate that they have been vaccinated without giving away personal details so should be allowed to vote without disclosing their identity.
The key technology enabler here is that of the “verifiable credential” (VC) and the ability to create and present credentials that demonstrate proofs rather than data. This is often explained through the canonical example of proving to a bar that you are over 21 without providing a date of birth or age. As The Economist explained recently, individuals can be identified to (for example) a smartphone app much in the same way as for online banking, authenticated against their smartphone using biometrics and then when seeking entrance to a “COVID-secure” venue the app can respond to the venue’s requests for credentials (such as a valid test certificate) with a simple “yes” or “no” and nothing else. The individual’s name, age, address, the date of their vaccination and the like would not be transmitted from the app.
It seems a pretty small step to present the credential ENTITLED_TO_VOTE using a similar mechanism at the polling station. Or, indeed, anywhere else.
* There was precisely one conviction for “personation” fraud in the UK in 2019.
Do we really want anonymity in payment systems or not? It’s a really complicated subject. If anyone tells me that they think payments should be completely anonymous, or completely not anonymous, I suspect that they haven’t thought it through. Even those who are tasked with thinking about this sort of thing are not sure. A few years ago, the US Government Accountability Office published a report on “Emerging Regulatory, Law Enforcement, and Consumer Protection Challenges” (May 2014) and the first of its conclusions was that virtual currency systems “may” provide greater anonymity than traditional payment systems.
They “may”, or they may not. It’s a question of design. The design I want is privacy-enhancing pseudonymity, but that’s just one way of doing things, so I am always keen to gather illustrative use cases. It was while I was writing a piece about assassination lotteries that I remembered the very interesting use of lottery winnings. I was alerted to this by Don Thibeau a couple of years go. He pointed me in the direction of a story about the winner of a HALF A BILLION DOLLAR lottery prize in the United States who was involved in a court case (as Jane Doe) to remain anonymous because she didn’t want everyone to know about it. You can understand why this might lead to problems. Very serious problems, such as when November 2015, Craigory Burch Jr. matched all five numbers in the Georgia Fantasy 5 drawing and won a $434,272 jackpot only to be murdered in his home by seven masked men who kicked in his front door.
Apart from trying to avoid home invasion and murder, there might be all sorts of reasons that a lottery winner might like to keep her good fortune to herself. Would she really be anonymous though? After all, the money would have to go into a bank account, so not only would lottery officials know who she is but people at the bank would know who she is, and so on. Being anonymous is really difficult in an infrastructure that has no anonymity. Which leads on to an interesting question: if we are designing the identity system of the future, should it allow for this kind of anonymity? It turns out that New Hampshire actually allows people to form anonymous trusts and these trusts can buy lottery tickets. Again, though, would the trust members really be anonymous? The money would have to go somewhere…
You could of course construct the lottery to be completely anonymous from the beginning by using a variant of the cryptographic blinding invented by David Chaum for Digicash. That is, you buy a lottery ticket, fill out the numbers and add your ZCash, Monero or whatever address and then submit it with a blinding factor. The lottery signs the ticket to confirm your numbers and sends it back, at which point you divided out the blinding factor to give yourself a completely anonymous, but completely valid, lottery ticket.
If that ticket wins the lottery, the money can be sent to the cryptocurrency address in the ticket without the lottery owner or anyone else having the slightest idea who it belongs.
NFT available direct from the artist at TheOfficeMuse (CC-BY-ND 4.0)
So is this a use case for anonymous cryptocurrency then? Well, no. Here’s the thing: would you want lottery winnings to go to anonymous people? How would you know that the lottery is fair? How would you know that the lottery operator isn’t rigging it and sending all of the winnings to their family? How do you know that the lottery organiser didn’t win and send the money to themselves? There must be a way to audit, and this of course again points away from anonymity.
I understand the genuine concerns of informed observers. I read in Reason magazine (“Cash means freedom”) a while back: “Cash—the familiar, anonymous paper money and metallic coins that most of us grew up using—isn’t just convenient, it’s also a powerful shield for our autonomy and our privacy”. But it really isn’t. Privacy is being taken away because of social media, people wearing cam-shades and ubiquitous drones, not because of debit cards. I empathise with those people who are as concerned with privacy (as I am), people who worry (with good reason) that there might be an inevitable tendency for a government to want to trespass on the pseudonymous infrastructure in the name of money laundering or terrorism, but that’s a problem that needs to be dealt with by society, not by technology.
Between the rock of total surveillance and the hard place of total chaos, it remains difficult to make the case for digital cash, and central bank digital currency in particular, to be anonymous. We must choose the least worst option: privacy, not anonymity. I agree with Michael Casey’s argument in the Cato Journal that a privacy-enhancing digital Dollar would be very appealing on a global scale in contrast to digital currencies subject to continual state surveillance. He says that if the United States were to treat money “less as a means of controlling everyone and more as a field of opportunity for creative startups” then it would bring substantial benefits which, if central banks think (as I suspect they do) that one of the main drivers for a digital currency is as a platform for new products and services, will add to America’s comparative advantage.
(An edited version of this article first appeared on Forbes, 28th May 2021.)
I found an article called “Why the subscription economy has yet to hit its peak” on Marketing Week. It looked interesting and relevant to the topic of this article, so I clicked on it to read it and was confronted with two subscription options (£7 per week or £18 per week for the “ultimate” package) neither of which I was remotely interested in. I don’t want another subscription to anything. I already have a subscription to the Wall Street Journal, The Economist and MIT Technology Review (and Tabletop Gaming, which is excellent) and I don’t read even a fraction of that content.
If I had the option of paying £1 to read the Marketing Week article, then I would have cheerfully paid it, but without that option neither of us was satisfied: I didn’t get to read the article and they didn’t get my money.
If I could click on one button marked “Pay £1” and then start reading the article, I would do. If I have to click on button marked “Pay” and then type in my credit card details and my personal information and the amount etc etc they I wouldn’t, especially if I had to pay £2 in order to cover the transactions fees imposed by the platform, the acquirer, the scheme and the issuer. I have the £1, and I want to pay, but I can’t. I can go into a store a buy a pack of gum for £1 and pay in a couple of seconds with my contactless card, but I can’t do the same online.
This is hardly a new idea. The noted venture capitalist Marc Andreessen knows more about the web than I will ever do, and back in 2012 he told a Wired magazine conference in New York that “we should have built payments in the browser”. They got half way, because buried in your browser in addition to the familiar error 404 for page not found there is also error 402 for page requires payment. But no payment mechanism was provided and I note that the Collisons (the brothers behind Stripe) were quoted arguing that this is the reason that the web went from being an open environment and opportunity for all to an “oligopoly controlled by five companies now worth more than $3 trillion”.
A couple of years ago, Mance Harmon wrote here in Forbes that “today’s business models were not designed to protect consumers” and talked about the problems of trying to build micropayments on top of the legacy infrastructure. He was right: but what will stimulate the demand for micropayments and what technologies can be used to satisfy that demand? And not only for magazines with an established brand – what about the content creators trying to connect with their audience directly?
Amber Case says that micropayments could become “a new financial interface”, one where creators and consumers are both able to participate in the web economy”, and I agree. The idea of a web based on content rather than advertising is very appealing indeed. But to get there, I think we need a mechanism that is one button that sends a fixed tip (let’s say $1) to the creator of content. But I just don’t see how we can make that happen by building yet another layer on top of the legacy payment network.
Some people will talk about so-called “level 2” solutions built on top of cryptocurrencies and who knows, they may be right in the long term, but not now. Mr. Andressen said years ago that a “fascinating use case for Bitcoin is micropayments”. Observing that it was not cost-effective to run small payments through the existing payments infrastructure, he thought that Bitcoin’s divisibility would make it easy to send a thousandth of penny to anyone in the world for near-free.
A decade on, and we now have Twitter’s “Tip Jar” which does not use Bitcoin or digital currency some clever blockchain application that none of us had thought of before, but adds another layer on top of the creaking payment system to create a means to send someone a buck while simultaneously giving away your Paypal address and paying a transaction fee of one-third. Tip Jar simply sends you to a third-party payment platform (right now PayPal, Venmo, Cash App, Patreon and Bandcamp).
What could deliver the ideal form of micropayments? I’m experimenting with a few different models myself, running a subscription service on Substack and piloting a couple of online content micropayment schemes (including one from a Y Combinator startup that will go live on the 15Mb Ltd. web site shortly) but I’m not sure that any of these are the perfect solution (maybe there isn’t one – maybe it depends on the channel and content) but I have to say I am enjoying the renewed focus on the micropayments opportunity now.
Hands in the Tip Jar.
NFT available direct from the artist at TheOfficeMuse (CC-BY-ND 4.0)
We are long overdue a working micropayments infrastructure to deliver a different kind of internet, one based on content not advertising. It seems to me that there is now a chance that it will be central bank digital currency of one form or another. Not Bitcoin, not a tip system built on top of Paypal built on top of credit cards built on top of bank accounts built on top of central bank digital money. If Twitter has access to my CBDC wallet, then it can simply transfer £1 from my wallet to the creator’s wallet with the pseudonymity integral to a well-designed CBDC. I never get to see any of the creator’s personal information (unless they want me to) and the creator never gets to see any of my personal information (unless I want them to).
The micropayments dream from the earliest days of the internet may be about to be realised and I am sure that the implications of this are much, much more than helping a few Tik Tok teens get paid for whatever it is they do on Tik Tok.
(This is an edited version of an article first published on Forbes, 16th May 2021.)
In a study published last year by financial-crime expert Ronald Pol, he concluded that the global AML system could be “the world’s least effective policy experiment”. Personally, I would have guessed that that accolade belonged to the global war on (some) drugs, but perhaps Ronald has a point. He notes that the compliance costs for banks and other businesses could be more than 100 times higher than the amount of laundered loot seized.
Cash or charge? (CC-BY-ND 4.0)
NFT available direct from the artist at TheOfficeMuse (CC-BY-ND 4.0)
These comments remind me of those of Rob Wainwright, then Director of Europol, when talking about the great success of the continent’s $20 billion per annum anti-money laundering regime. He said that “professional money launderers are running billions of illegal drug and other criminal profits through the banking system with a 99 percent success rate”. This concurs with the figure given in The Economist. Although we are only intercepting a miserable one percent of the dirty money, the costs that the regime impose on the finance sector are staggering. Yet these enormous costs achieve nothing. The Money Laundering/Terrorist Financing (ML/TF) regime is, according to the Journal of Financial Crime 25(2), “almost completely ineffective in disrupting illicit finances and serious crime”.
It’s going to get worse, of course. In the UK, many organisations are not yet compliant with the EU’s Fifth Anti-Money Laundering Directive (5MLD) and there is a Sixth Anti-Money Laundering Directive (6MLD) on the way. And the reach of the Financial Action Task Force (FATF) is being extended into cryptospace, so there’s no way to get round the bureaucracy. A couple of years ago FATF extended their recommendations to include cryptocurrency exchanges and wallet providers (together referred to as Virtual Asset Service Providers, or “VASPs”). This meant that all countries should apply anti-money laundering and anti-terrorist financing controls to these businesses: that is, customer due diligence (CDD), suspicious activity reports (SAR) and, importantly, the “Travel Rule” that aims to prevent money laundering by identifying the parties to a transaction when value over a certain amount are transferred.
The decision to apply the same travel rule on VASPs as on traditional financial institutions was greeted with some dismay in the cryptocurrency world, because it meant that service providers must collect and exchange customer information during transactions. The technically non-binding guidance on how member jurisdictions should regulate their ‘virtual asset’ marketplace included the contentious detail that whenever a user of one exchange sends cryptocurrency worth more than 1,000 dollars or euros to a user of a different exchange, the originating exchange must send identifying information about both the sender and the intended recipient to the beneficiary exchange. The information must also be recorded and made available to “appropriate authorities on request”.
However, when speaking at the “V20 Virtual Asset Service Providers Summit” in 2020, Carole House from the Financial Crimes Enforcement Network (FinCEN) said that they want to see this threshold reduced to $250 for any transfers that go outside the US because their analysis of SARs filed from 2016 and 2019 showed the mean and median dollar values to be $509 and $255 respectively. Almost all the transactions began or ended outside the U.S.
Note that the information demand is quite extensive. According to the FATF Interpretive Note to Recommendation 16, the information should include name and account number of the originator and benefactor, the originator’s (physical) address, national identity number (or something similar) or date and place of birth. In essence, this means that counterparty’s personal information will sent around the web. Simon Lelieveldt, a former Head of Department on Banking Supervision at the Dutch Central Bank, is very well-informed and level-headed about such things, and even he called this a “disproportional silly measure by regulators who don’t understand blockchain technology”, which may be a little harsh even if not too far from the truth.
Surely the extension of the travel rule signals that it is time for a rethink. We need to begin with the fact that live in a world of data science, machine learning and artificial intelligence (AI) and understand that we cannot tackle crimes such as money laundering without machine brains to help us. This line of AI-centric thinking can be more disruptive than might seem at first glance because it suggests an alternative vision of regulation where we do away with a lot of the expensive barriers to entry to the financial system, those pot holes for criminals but chasms for legitimate users and instead use machine brains to police what is happening inside the system.
In other words, instead of trying to prevent criminals for getting in to the system, we should instead let them in and monitor what they are up to. If we force them to continue using cash, then we have no idea what they are up to! Whereas if we can persuade them to use electronic transactions of some kind, particularly those that leave an immutable record of criminality, then we would would actually be better off! Since cash cannot be tracked around the economy, we (society) have put in place a whole bunch of complicated and expensive rules about accounting for cash when it enters the financial system. But suppose there wasn’t any cash. Suppose there was only Bitcoin. In that case, as I pointed out some time ago, you wouldn’t need anti-money laundering (AML) regulations at all because you would be able to follow every coin around the blockchain!
Many observers, and Bitcoin fans in particular, say that this is nonsense because there are a variety of ways to jumble up and otherwise obfuscate the sources of value in transactions on the Bitcoin network. I never saw this as a realistic barrier to criminals though, and I noted that a simple rule that required banks to investigate any coins that had originated in anonymous wallets (or mixers) would be sufficient to stop the large-scale use. Also, you will remember that U.S. Department of Justice (DoJ) has already shown its intentions. You will remember they indicted Larry Harmon for creating the Bitcoin mixer “Helix” (in addition, Fincen fined him $60m last year) and have just arrested Roman Sterlingov, the alleged operator of Bitcoin Fog, a custodial bitcoin mixer that it says processed over 1.2 million BTC.
We erect (expensive) KYC barriers and then force institutions to conduct (expensive) AML operations, using computers and laser beams to emulate handwritten index cards and suspicious transaction reports (STRs). But as I have suggested before, suppose that KYC barriers were a lot lower so that more transactions entered the financial system. And suppose the transaction data was fed, perhaps in a pseudonymised form, to a central AML factory, where AI and big data, rather than clerks and STR forms, formed the front line rather than the (duplicated) ranks of footsoldiers in every institution. In this approach, the more data fed in then the more effective the factory would be at learning and spotting the bad boys at work. Network analysis, pattern analysis and other techniques would be very effective because of analysis of transactions occurring over time and involving a set of (not obviously) related real-world entities.
They have already taken a step towards this is in the Netherlands, where ABN Amro, ING, Rabobank, Triodos Bank and de Volksbank formed a consortium (Transaction Monitoring Netherlands, TMNL) to share data and identify unusual patterns in payments traffic that the individual banks cannot spot for themselves. Let’s hope they are successful, because estimates suggest that €16 billion of criminal money is laundered in the Netherlands each year from activities including drugs, human trafficking, child pornography and extortion.
Michael Harris, director of financial crime compliance at LexisNexis Risk Solutions, commented that the release of the FinCEN files highlighted the “myriad issues” with the UK Anti-money laundering (AML) system – an ineffective suspicious activity report (SAR) regime, the poor use of data and technology and a legal system that inhibits information sharing and a culture that allows companies to hide their beneficial owners through offshore registered entities. There are other related negative impacts too: I remember a discussion with the then-Treasury minister Andrea Leadsom at techUK back in 2015, during which she noted that CDD is itself a friction against a more competitive financial services sector because it serves to create a moat around the larger incumbents.
I think that UKplc should rethink compliance for competitive advantage. As part of a post Brexit project to boost British invisibles, we should take jurisdictional competition seriously and create a compliance regime built on new technology not and industrial age mishmash of shaky identification documentation and millions of suspicious transaction reports. It is time for some new thinking. Omar Magana wrote a very good piece of this for the Chartwell “Compass” magazine. He asked whether “the enforcement of a regulation that was created over 20 years ago for a fast-evolving industry, may not be the best approach”. Note that he is not arguing against regulation, he is arguing (as I do) for a form of regulation more appropriate for our age (for which I use the umbrella term “Digital Due Diligence”, or DDD) using artificial intelligence and machine learning to track, trace and connect the dots to find the bad actors. If you look at the work of Chainalysis and others
The benefits to the wider economy are obvious – more access to financial services as well as more interdiction of actual money launderers, terrorists, corrupt politicians and tax evaders. We all know that COVID-19 is accelerating the evolution of digital onboarding, and that’s great. But we need to move to the next level: DDD! Now that we live in a world where digital identity is becoming a thing (both for people and for organisations) it’s time to plan for a faster, more cost-effective and more transparent approach that is based on the world we are actually living in.
(This is an edited version of an article first published on Forbes, 3rd May 2021.)
I have written before that governments will never allow anonymous digital currencies and my comments attracted a certain amount of controversy. And I understand why. But to those who say that uncensorable, untraceable digital cash would be a shield against dictators, a force for the oppressed and a boon to free man everywhere… I say be careful what you wish for. The issue of anonymity in payments is complex and crucial and it deserves informed calm strategic thinking because digital currency touches on so many aspects of society.
One obvious and important aspect is crime. Would digital currency change crime? If I hire thugs to lure a cryptobaron to a hotel room and then beat him up to get $1m in bitcoins from him (as actually happened in Japan), is that a crypto-crime or just boring old extortion? If I use Craigslist to lure a HODLer to a street corner and then pull a gun on him and force him to transfer his bitcoins to me (as actually happened in New York), is that a crypto-crime or just boring old mugging? If I get hold of someone’s login details and transfer their cryptocurrency to myself (as has just happened in Springfield), is that a crypto-crime or just boring old fraud? If I kidnap the CEO of a cryptocurrency exchange and then release him after the payment of a $1 million bitcoin ransom is that, as the Ukrainian interior minister said at the time “bitcoin kidnapping” or just boring old extortion?
Cash or charge? (CC-BY-ND 4.0)
NFT available direct from the artist at TheOfficeMuse (CC-BY-ND 4.0)
These are just crimes, surely? And not very good ones at that, because they are recorded in perpetuity on an immutable public ledger. Personally, if I were to kidnap a cryptocurrency exchange CEO I would ask for the ransom to be paid in some more privacy-protecting cryptocurrency, because as I explained in the FT some years ago, Bitcoin is not a very good choice for this sort of cyber-criminality. It’s just not anonymous enough for really decent crimes or the darkest darknets. Hence my scepticism about claims that Bitcoin’s long term value will be determined by it’s use for crime.
But what if there were an actually untraceable cryptocurrency out there and it wasn’t up to governments to allow it or not? Would an aspiring cryptocriminal mastermind be able to use it for something more innovative than the physically-demanding felony of kidnapping? I’m sure the Mafia would be delighted to have anonymous digital cash to zip around the world, but what would they use it for? Might they come up with some dastardly enterprise that is not a virtual shadow of a crime that has been around since year zero, but a wholly new crime for the virtual world? What if they could find one with the potential to take over from drug dealing (currently approximately 40% of organised crime revenues) as the best option for the criminal entrepreneur?
Ransomware is one interesting candidate. It is certainly a major problem. Criminals seize control of organisations’ computer networks, encrypting their data and demanding payment to deliver the decryption keys. Companies paralyzed by the attacks paid hackers an average of more than $300K in 2020 (triple the average of the year before). A cyber security survey last year revealed that more than two-thirds of organisations in the United States had experienced a ransomware attack and had paid a ransom as a result! That’s a pretty decent business for criminals and it certainly was a driver for Bitcoin, although ransomware operators have been moving away from it for some time.
(Once again demonstrating the impending explicit pricing of privacy, the Sodinokibi payment website last year began charging 10% more for Bitcoin ransoms compared to the more private Monero cryptocurrency.)
On the whole, given the basic nature of most organisation’s cyber-defences (more than half of all ransomware attacks stem from spam e-mails), one might expect the ransomware rewards to continue to grow. Apart from anything else, the ransomware raiders are reinvesting their profits in increasingly efficient operations, making for even bigger and bolder attacks.
So, ransomware. But what about a more sinister candidate for large-scale criminality though? Is it time for the “assassination market”? It’s not a new idea. A few years ago, Andy Greenberg wrote a great piece about this here on Forbes. He was exploring the specific case of “Kuwabatake Sanjuro” who had set up a Bitcoin-powered market for political assassinations, but in general an assassination market is a form prediction market where any party can place a bet on the date of death of a given individual, and collect a payoff if they “guess” the date accurately. This would incentivise the assassination of individuals because the assassin, knowing when the action would take place, could profit by making an accurate bet on the time of the subject’s death.
This idea originated, to the best of my knowledge, with Jim Bell. Way back in 1995 he set it out in an essay on “assassination politics“. I suppose it was inevitable that advent of digital cash would stimulate thought experiments in this area and it was interesting to me then (and now) because it showed the potential for innovation around digital money even in the field of criminality.
Here’s how the market works and why the incentive works, as I explained in my book “Before Babylon, Beyond Bitcoin“. Someone runs a public book on the anticipated death dates of public figures. If I hate some tech CEO (for example), I place a bet on when they will die. When the CEO dies, whoever had the closest guess to their date and time of death wins all of the money staked, less a cut for the house. Let’s say I bet $5 (using anonymous digital cash through the TOR network) that a specific tech CEO is going to die at 9am on April Fool’s Day 2022. Other people hate this person too and they put down bets as well. The more hated the person is, the more bets there will be.
April Fool’s Day 2020 comes around. There’s now ten million dollars staked on this particularly CEO dying at 9am. I pay a hit man five million dollars to murder the CEO. Hurrah! I’ve won the bet, so I get the ten million dollars sent to me in anonymous digital cash and give half to the hit man. No-one can pin the crime on me because I paid the hitman in untraceable anonymous digital cash as well.
I’m just the lucky winner of the lottery.
But better than that is that if I can get enough bets put on someone, then I don’t even have to take the risk of hiring the hitman. If I use some anonymous bots or friendly tolls to coordinate a social media campaign to get a million people to put a $5 bet on the date of the tech CEOs death, then some enterprising hit man will make their own bet and kill them. If the general public had bet five million bucks on 31st March and some enterprising cryptopsycho had murdered the CEO themselves the day before, then it would only have cost me a $5, and I would have regarded that as $5 well spent, as would (presumably) everyone else who bet $5!
(This is an edited version of an article first published on Forbes, 14th April 2021.)
It seems to meet that there is something of a paradox around cash, digital cash and anonymity. The average consumer wants anonymity for their own payments because they are not crooks (and their purchasing decisions are no-one’s business except theirs and the merchant’s). On the other hand, the average consumer (not to mention the average law enforcement agent) doesn’t want anonymity for terrorists, lobbyists or fraudsters.
The Bank of England’s fintech director Tom Mutton said in a speech that privacy was “a non-negotiable” for a retail CBDC. Meanwhile, the Bank of Canada (just to pick one recent example) published a a staff analytical note on the risks associated with CBDCs stating that central banks should mitigate risks such as anonymity present in digital currencies. Note the formulation of anonymity as a “risk”. With stricter rules on the holding and exchange of cryptocurrencies coming into place around the globe. Just to give one example, South Korea’s Financial Services Commission has announced new rules to come into force in 2022, banning all anonymous digital currencies “that possess a high-risk of money laundering” (which, as far as I can see, is all anonymous digital currencies).
There is a payments privacy paradox, and cryptocurrency brings it into sharp relief. Good people should be allowed anonymous cash, but bad people should not. Click To TweetHow can we resolve this? Well, I think that we can, if we spend a little time to think about what anonymity and privacy actually mean.
This is a special case of a more general paradox. Let me explain and illustrate. A few years ago, I was invited me along to “an event” in London to enjoy a morning of serious thinking about some key issues in information security. They had some pretty impressive speakers as I recall: Mike Lynch, the founder of Autonomy, was one of them. Alec Ross, who was Senior Advisor for Innovation and Technology to the Secretary of State Hilary Clinton, gave the keynote address on “ The promise and peril of our networked world ”. Alec was a good speaker, as you’d expect from someone with a background in diplomacy, and he gave some entertaining and illustrative examples of using security to help defeat Mexican drug cartels and Syrian assassins. He also spent part of the talk warning against an over-reaction to “Snowden” leading to a web Balakanisation that helps no-one.
A decade back, I wrote about what I called the “Clinton Paradox”. This came about because I read a piece by Bob Gourley. the former CTO of the U.S. Defense Intelligence Agency, who framed a fundamental and important question about the future identity infrastructure when analysing Hillary Clinton’s noted speech on Internet freedom.
We must have ways to protect anonymity of good people, but not allow anonymity of bad people.
Mrs. Clinton had said that we need an infrastructure that stops crime but allows free assembly. I have no idea how to square that circle, except to say that prevention and detection of crime ought to be feasible even with anonymity, which is the most obvious and basic way to protect free speech, free assembly and whistleblowers: it means doing more police work, naturally, but it can be done. By comparison, “knee jerk” reactions, attempting to force the physical world’s limited and simplistic identity model into cyberspace, will certainly have unintended consequences. Hence, I had suggested, it might be better to develop an infrastructure that uses a persistent pseudonymous identity. I was looking to mobile operators to do this, because they had a mechanism to interact face-t0-face (they had retail shops at the time) and remotely, as well as access to tamper-resistant secure hardware (ie, the SIM) for key storage and authentication. It never happened, of course.
Why am I remembering this. Well, I challenged Alec about the Clinton Paradox —slightly mischievously, to be honest, because I suspected he may have had a hand in the speech that I referred to in that blog post—and he said that people should be free to access the internet but not free to break the law, which is a politician’s non-answer (if “the law” could be written out in predicate calculus, he might have had a point, but until then…). He said that he thought that citizens should be able to communicate in private even if that means that they can send each other unauthorised copies of “Game of Thrones” as well as battle plans for Syrian insurgents.
I think I probably agree, but the key here is the use of the phrase “in private”. I wonder if he meant “anonymously”? I’m a technologist, so “anonymous” and “private” mean entirely different things and each can be implemented in a variety of ways.
How will the Bank of Canada mitigate the risk of anonymity and South Korea maintain a ban on “privacy coins” when faced with a Bank of England digital currency that has non-negotiable privacy? Well, the way to resolve this apparent paradox is to note the distinction above between privacy and anonymity.
In the world of cryptography and cryptocurrency, anonymity is unconditional: it means that it is computationally infeasible to discover the link between a person in the real world and value online. Privacy is conditional: it means that the link is hidden by some third party (eg, a bank) and not disclosed unless certain criteria are met.
You can own these cartoons!
NFTs available from the artist Helen Holmes at TheOfficeMuse
(CC-BY-ND 4.0)
Surveying the landscape as of now, I think we can see these concepts bounding an expanding privacy spectrum. There will undoubtedly be anonymous cryptocurrencies out there, but I think it is fair to observe that they will incur high transaction costs. At the other end of the spectrum, the drive for techfins and embedded finance will mean even less privacy (for the obvious reason, as discussed before, that their payment business models around around data). One might argue, with some justification I think, that central banks are better positioned than banks or other intermediaries when it comes to safeguarding data, because a central bank has no profit motive to exploit payments data.
(I could go further and argue that if the central bank were to place transaction data into some form of data trust that would facilitate data sharing to the benefit of citizens, we might see some real disruption in the retail payments space. In a data trust, structure, data stewards and guardians would look after the data or data rights of groups of individuals with a legal duty to act in the interest of the data subjects or their representatives. In 2017, the UK government first proposed them as a way to make larger data sets available for training artificial intelligence and a European Commission proposal in early 2020 floated data trusts as a way to make more data available for research and innovation. And in July 2020, India’s government came out with a plan that prominently featured them as a mechanism to give communities greater control over their data.)
As The Economist once noted on the topic of central bank digital currency, people might well be “uncomfortable with accounts that give governments detailed information about transactions, particularly if they hasten the decline of good old anonymous cash”. And, indeed, I am. But the corollary, that anonymous digital currency should be allowed because anonymous physical cash is allowed, is plain wrong.
No-one, not the Bank of England nor any other regulator, central bank, financial institution, law enforcement agency, legislator or, for that matter, sane citizen of any democracy, wants anonymous digital currency whether from the central bank or anyone else. The idea of giving criminals and corrupt politicians, child pornographers and conmen a free pass with payments is throughly unappealing. On the other hand, the Bank of England and all responsible legislators should demand privacy.
I think the way forward is obvious, and relies on distinguishing between the currency and the wallets that it is stored in. Some years ago, when head of the IMF, Christine Lagarde spoke about CBDCs, noting that digital currencies “could be issued one-for-one for dollars, or a stable basket of currencies”. Why that speech was reported in some outlets as being somewhat supportive of cryptocurrencies was puzzling, especially since in this speech she specifically said she remained unconvinced about the “trust = technology” (“code is law”) view of cryptocurrencies. But the key point of that speech about digital fiat that I want to highlight is that she said
Central banks might design digital currency so that users’ identities would be authenticated through customer due diligence procedures and transactions recorded. But identities would not be disclosed to third parties or governments unless required by law.
As a fan of practical pseudonymity as a means to raise the bar on both privacy and security, I am very much in favour of exploring this line of thinking. Technology gives us ways to deliver appropriate levels of privacy into this kind of transactional system and to do it securely and efficiently within a democratic framework. In particular, new cryptographic technology gives us the apparently paradoxical ability to keep private data on a shared or public ledger, which I think will form the basis on new financial institutions (the “glass bank” that I am fond of using as the key image) that work in new kinds of markets.
So, if I send ten digital dollars from my digital wallet to your digital wallet, that’s no-one business but ours. If, however, law enforcement agencies obtain a warrant to require the wallet providers to disclose the identity of the owners, then that information should be readily available. There is no paradox around privacy in payments, but there is an imperative for practical pseudonymity.
[An edited version of this article first appeared on Forbes, 6th April 2021.]
Some people mine Bitcoin for profits but some some people mine it for politics. The operator of a Bitcoin mining pool (a group of miners who work together to share the profits) quoted in CoinDesk recently said that some are investing not to convert electricity into cash but for other reasons “such as to avoid capital controls or avoid sanctions”. Indeed. And this has some serious implications. The Foundation for Defense of Democracies (FDD), a Washington think tank, summarised the emerging situation rather well in their position paper “Crypto Rogues“. They noted that “blockchain technology may be the innovation that enables U.S. adversaries for the first time to operate entire economies outside the U.S.-led financial system”. Now, while this may be technically slightly inaccurate (there are ways to create anonymous transactions without a blockchain and, indeed, the Swiss central bank has just published a working paper describing how to do so) it again flags up that the widespread availability of decentralised financial services threatens to bypass the existing infrastructure.
Iran provides an obvious example. They have every incentive to want to try new approaches to skirt the long arm of American law. The country already published a new set of regulations designed to funnel Bitcoin mined by Iranians to the state so that the country can use them to pay for imports. When the Iranian regime, for example, set up a venture to explore Bitcoin payments with a Swedish startup, the Swedish banks refused it a bank account because they themselves did not want to become subject to secondary sanctions. As America’s Treasury Secretary Mnuchin said at the time (talking about Iran), “If you want to participate in the dollar system you abide by US sanctions”.
On the other side of the world, North Korea has been developing a digital currency of its own. According to Alejandro Cao de Benós, President of the Korean Friendship Association, the Democratic People’s Republic of Korea intends to go down the Facebook route by creating an asset-backed digital currency rather than a digital fiat currency and then use some sort of blockchain with “Ethereum-style smart contracts” to do business and avoid sanctions. The regime sees this as a way to enforce deals it makes with foreign counterparties by developing a “token based on something with physical value” (eg, gold) in order to create a stable mechanism for payments in international trade between the regime and “other companies/individuals” (although it will not be available to individuals in the DPRK, who will be stuck with the Korean Won).
Across the Pacific in Venezuela, a country often mentioned by Bitcoin enthusiasts as a living case study of the benefits of decentralised cryptocurrency in the fight against tyranny, we find more mining going on: a video posted on Instagram by the 61st Battalion of the 6th Corps of Engineers of the Venezuelan Army shows military buildings converted into giant cryptocurrency mining centres and a warehouse that appears to be full of specialist Bitcoin mining equipment is labelled the “Center for the Production of Digital Assets”.
(I noted with interest that they do not appear to be mining “The Petro”, the digital currency of the revolution which according to the Bolivarian Council of Mayors’ recent “National Tax Harmonization Agreement” may soon be required for the payment of taxes.)
It seems to me that Bitcoin is a pretty poor choice for sanction-busting shenanigans though. Not only is the record of transactions public, but the Bitcoin value is not fungible. This matters. Remember that 2014 IRS Ruling about Bitcoins being a commodity, so that traders would have to track the buying and selling price of each individual Bitcoin in order to assess their tax liability? No? Here’s a reminder : “the real lesson from the IRS Bitcoin ruling is that for a currency-or any payment system-to work, its units must be completely fungible”.
Fungible (from the Latin “to enjoy” via Medieval Latin phrases such as “fungi vice”, meaning “to take the place of”) is one of my favourite adjectives. It means that all tokens are the same and can be substituted one for another. You owe me a quarter. It doesn’t matter _which_ quarter that you give me. Any will do. Any quarter can substitute for any other quarter because they are all the same. The same is true of the Pounds in my bank account, but it isn’t true of bitcoins. They are all different and their history can be tracked through the blockchain which is, as we are often reminded, and immutable public record of all transactions.
As my good friend Marc Hochstein observed about this some time ago, blockchain’s openness could turn out to be a bug for law-abiding citizens. Click To TweetThe lack of fungibility has major implications for criminals, but also for the rest of us. In England, the High Court (in the decision of AA v Persons Unknown & Ors, Re Bitcoin [2019]) has already ruled that crypto assets such as bitcoins are a form of property capable of being the subject of injunction. You can see what is going to happen: cryptographic exchanges will be required to identity who owns stolen coins and the owner will then be the subject of legal action to recover them. This owner might be entirely innocent about the origin of the coins and will say that they didn’t know that the bitcoins they bought are the proceeds of a ransonware attack and may ask to the keep them. But, J.P. Koning points out, that’s not how property law works. Even if you accidentally come into possession of stolen property then a judge can still force you to give it back to the rightful owner.
You can own these cartoons!
NFTs available from the artist Helen Holmes from at TheOfficeMuse (CC-BY-ND 4.0)
The UK has been experimenting with the “Unexplained Wealth Order” as a way to combat crime and corruption through the traditional money and finance system, but how would this translate to the world of cryptocurrency? Well, perhaps it doesn’t need to. In the world of Bitcoin, smart criminals may well try to use “mixers” or “tumblrs” that jumble together bitcoins to obfuscate their origin but I don’t think this will help in the long run. Apart from anything else, future consumers might want to know the provenance of their money, an idea explored by the artist Nitipak Samsen a decade ago in the Future of Money Design Awards. Check out the brilliant video he made here.
Have you ever wondered where the money in your pocket had come from? Who was the previous owner? Who was the owner before that? Might it be a famous celebrity?… Smart banknotes work by presenting a readable history of ownership on the note itself, an innovation designed to prevent money laundering.
This might work in some interesting ways. People might pay a premium for coins that have an interesting past! Maybe coins that were used by a celebrity to buy drugs or were used to bribe a politician, coins that belonged to a murderer, that kind of thing, might be worth more than coins that belonged to boring people like me.
In the mundane world of dollar, dollar bills we have the concept of “money laundering” to describe what happens when dirty money is mixed with clean money (surely every one of us has touched banknotes that have been involved in some criminal activity!). But this doesn’t work for bitcoins. The “tainted” money stays tainted. Ross Anderson, Ilia Shumailov and Mansoor Ahmed from the Cambridge University Computer Laboratory wrote a terrific paper on this theme a couple of years ago. In “Making Bitcoin Legal” they pose some interesting questions about what to do with tainted cryptocurrency asking, for example, “If an identified customer says ‘Hi, what will you give me for UTXO x?’ and the exchange replies, ‘Sorry, 22% of that was stolen in a robbery last Tuesday, so we’ll only give you 78%’ does the customer then have to turn over the crime proceeds?”. Their idea of a public “taintchain” is an interesting way forward. This would be a mechanism to make stolen coins visible, in which case they might display a futuristic Gresham’s Law dynamic as good coins drive out bad ones!
Whether by taintchain or some other mechanism, it’s actually pretty each to track dirty bitcoins. You can see where this might lead: if law enforcement agencies go to the biggest miners in the world and tell them that if they continue to confirm easily identifiable mixing transaction outputs, they will be accused of money laundering? This is not difficult to imagine, which suggests to me that Bitcoin’s lack of fungibility has far-reaching implications.
These implications have not gone unnoticed in the United States. Two of the largest Bitcoin mining companies there, Marathon Patent Inc. and DMG Blockchain Solutions Inc. (which together account for about a one-twelfth the power of the Bitcoin networks), recently joined forces to create the Digital Currency Miners of North America (DCMNA). This not-for-profit trade association has come up with pretty interesting idea: their miners will only process transactions that comply with American laws, thus extending the benevolent embrace of the U.S. Government into cryptocurrency. The idea (known as “clean mining“) is that instead of selecting transactions on the basis of which ones will bring the biggest fees, they will mine transactions based on the wallets that they come from.
Along the same lines, the “celebrity investor” (as described by CNBC) Kevin O’Leary announced that he will only buy bitcoins mined sustainably in countries that use clean energy. What’s more, he also said that he will not buy “blood coin” mined in China. Mr. O’Leary was quoted as saying that he sees “two kinds of coin”, which reinforces the point about fungibility and money and suggests to me, at least, that we could well see a strange and interesting twist in the world of cryptocurrency that has no analog in the analogue world of notes and coins: black and white money, or clean and dirty money, or light and dark money (an idea that goes back to the earliest days of cryptocurrency) in which some bitcoins will be worth more than others! Maybe a year or two from now, exchanges will be quoted two BTC-USD pairs: clean BTC at $100,000 and dirty BTC at $75,000. This doesn’t happen for GBP-USD or JPY-GBP, which confirms my feeling that whatever Bitcoin is, it isn’t currency.
[An edited version of this article first appeared on Forbes, 28th February 2021.]