All the news that’s fit to ID

I came across an interesting story via my old chum Charles Arthur’s consistently interesting “Overspill” blog. The story concerns on Oliver Taylor, a student at England’s University of Birmingham. From his picture, he appears to be normal looking twenty-something. From his profile he appears to be a coffee-loving politics junkie with an interest in anti-Semitism and Jewish affairs, with bylines in the Jerusalem Post and the Times of Israel.

Why is this interesting? For two reasons. First of all because I was involved in an interesting Twitter debate with two thoughtful identity commentators, Tim Bouma and Jonathan Williams during which this issue of “anonymous” contributions to newspapers happened to come in to the conversation and it made me think about the same issues as Charles’ story. Tim had mentioned writing for a newspaper that had kept his real name off of his stories, and I responded that if they knew who you were, then you were not anonymous.

Secondly, because Oliver’s picture was created by an AI. It’s a fake face that doesn’t belong to any living human being. It was composed to be a human face that any of us would be able to recognise and distinguish, but it is entirely synthetic.

Oh, and Oliver doesn’t exist.

Charles notes that “two newspapers that published his work say they have tried and failed to confirm his identity”. But wait. Shouldn’t newspapers try and fail to confirm someone’s identity before they publish a story?

Shouldn’t newspapers try and fail to confirm someone’s identity before they publish a story? Click To Tweet

Well, no. That doesn’t work. What about whistleblowers? What about privacy in general? If the newspaper knows who Tim Bouma is then his personal data is at risk should the newspaper be compromised or co-opted. There seems to be a conflict between newspapers wanting honest opinions and newspapers needing to know identities, even if they are hopeless at telling a real identity from a fake one.

The way out of this dead end is to understand that what the newspaper should be checking for this kind of story is not the identity of the correspondent but their credentials. I doesn’t matter who Oliver Taylor is, it matters what Oliver Taylor is. It ought to be part of our national digital identity strategy (which we don’t have) to create a National Entitlement Scheme (NES) instead of some daft 1950s throwback digitised version of a national identity card. In the NES, it then becomes part of the warp and weft of everyday life for a correspondent with something interesting to say to use his persistent pseudonym “Oliver” to post his comments along with his anonymous IS_A_PERSON credit and his anonymous IS_A_STUDENT (BIRMINGHAM) credential.

That way, the newspaper gets the information it needs to obtain a story of interest and perhaps worth publishing, while even if they are socially-engineered by genius hackers, they cannot disclose the real identity of the correspondent because they don’t know it. The mention of social-engineering, by the way, brings into focus the recent Twitter hack. What’s generally true for newspapers is generally true for Twitter: who I am is none of their business, something I written about at exhausting length before.

Incidentally, it doesn’t take hackers to obtain personal information from a platform because as I am sure you will recall, two of Twitter’s former employees have been charged in the US with spying for Saudi Arabia. The charges allege that Saudi agents sought personal information about Twitter users including known critics of the Saudi government. If Twitter doesn’t have your personal information, then it can’t  be leaked, stolen or corrupted.

There is a way forward, and cryptography can deliver it using tried and tested (albeit counterintuitive) techniques.

Margaret Attwood, Kenneth Rogoff and William Gibson (and me)

A few years ago I was involved in a series of Twitter exchanges about the relationship between cash and anonymity that stimulated me to write a blog post on that topic and that debate (see “It doesn’t have to be the handmaid’s tale” from September 2016). Some more recent exchanges on the same topic made me think about revisiting and revising that post and exploring some of the ideas in further in light of recent discussions (eg, Libra and central bank digital currencies).

The root of these debates is, of course, that many in the Bitcoin community see Bitcoin’s sort-of-anonymity as an important characteristic because it defends the individual against state power and they berate me for wanting to replace cash “in circulation” with a digital alternative. Cash, they claim, is freedom, and they are correct about this: as cash is uncensorable, you have the freedom to buy what ever you want with it.

So should we replace cash with an anonymous cryptocurrency or digital currency? There are many people who I greatly respect who think the former. For example, in his presentation on ’The Zero Lower Bound and Anonymity”, Kocherlakota tends toward some form of cryptocurrency to replace fiat currency rather than a central bank digital currency and one of the reasons for this is his (entirely reasonable) concern about anonymity. This point is illustrated by a literary reference to Margaret Attwood’s “Handmaid’s Tale”, in which a theocratic American government (the “Republic of Gilead”) has taken away many of the rights that women currently enjoy. One of the tools that this government uses to control women is a ban on cash. In Gilead, all transactions now routed digitally through the “Compubank”.

The Handmaid's Tale

It was many, many years since I’d read “The Handmaid’s Tale” so I went to my bookshelf to dig it out and re-read that part. The narrator does indeed talk about how the evil junta in charge of that future America took over and says that it would have been harder if there had still been paper money. But the truth is, I don’t see how. North Korea has everyone using paper money and virtually no cards. Denmark has virtually no paper money and everyone uses cards (and phones). To be frank, in the modern world, I don’t think cash is that closely related to dictatorship.

The point I wanted to make here, though, is that it is wrong to present the only two alternatives as total surveillance and anonymity. I simply do not accept that the alternative to the unconditional anonymity of cash and the crime that goes with it is a dystopian, totalitarian nightmare. That’s only one way to design a circulating medium of exchange and it’s not the way that I would design it. I would opt for something along the lines of a universal pseudonymous mechanism capable of supporting an arbitrary number of currencies, a Mondex de nos jours, an M-PESA with go-faster stripes. In a world where there are completely, unconditionally anonymous payment mechanisms in widespread use there’s no way to stop very bad people from using them to do very bad things, so I’d prefer a world in which there are pseudonymous mechanisms that defend against routine surveillance and petty intrusion but allow societies legitimate interests to protect against crime.

Does this mean that anonymous mechanisms should be banned? Probably not, for the good reason that it would be impossible to do so. More likely would be a situation shown in the diagram below where there is an anonymous layer that has a pseudonymous layer on top of it and a absonymous (I made this word up) on top of that. People, governments and businesses would use the pseudonymous layer for the majority of transactions: the anonymous money would be useless for almost all transactions for almost all people since no-one would accept it. I would love to give this kind of anonymous money the generic name zerocash, after the William Gibson novel (“Count Zero”) in which one of my all-time favourite quotes about the future of money appears, a quote that more accurately describes the foreseeable future of payments than anything from IBM or the IMF:

He had his cash money, but you couldn’t pay for food with that. It wasn’t actually illegal to have the stuff, it was just that nobody ever did anything legitimate with it.

(Unfortunately, someone else had already beaten me to the name! See E. Ben-Sasson, A. Chiesa, C. Garman, M. Green,I. Miers, E. Tromer, and M. Virza, “Zerocash: Decentralized anonymous payments from bitcoin” in IEEE Symposium on Security and Privacy, SP 2014, Berkeley, CA, USA, May 18-21, 2014. IEEE Computer Society, pp.459–474 (2014). But I’ll stick to using the all lower-case zerocash to mean generic unconditionally anonymous electronic cash. The wallet that this electronic cash is stored in is an anonymous digital identity. It’s just a string of bits.)

Now, you could imagine some form of zerocash in circulation as a cash alternative but not accepted in polite society (i.e., any attempt to spend it would be regarded as prima facie evidence of money laundering and exchanges would be barred from handling it). Polite society instead decides to protect privacy through managed conditional anonymity, or pseudonymity. A pseudonymous currency that is managed by a central bank but where transactions take place on a distributed ledger is much more like “RSCoin”, the cryptocurrency that was proposed by George Danezis and Sarah Meiklejohn at UCL [Danzis, G. and S. Meiklejohn. “Centrally Banked Cryptocurrencies”, NDSS ’16, 21-24 February 2016, San Diego, CA, USA] using Ben Laurie’s “mintettes” concept. By creating a pseudonym that is bound to the zerocash digital identity, we make it useful (provided that the binding is done by someone who trusted in the relevant transactional use cases).

Why bind it in this way? Well, there is the usual privacy paradox to be dealt with here: I want my transactions to be anonymous, but everyone else’s to be not anonymous in case they turn out to be criminals. I cannot see any way round this other than pseudonymity. There are people out there (e.g., my colleagues at Consult Hyperion) that know how to design systems that work like this, so there’s nothing stop the FATF, Bank of England, or Barclays or anyone else from starting to design the future, privacy-enhancing electronic money system that we need.

In the real world, as the discussions around Facebook’s proposed “Libra” digital currency have shown, regulators will never allow zerocash. In fact, in the light of the recent FATF rules about identification for cryptocurrency transfers, they will not allow any form of transaction that does not provide full details of counterparties. They might, however, as I have suggested many times before, be prepared to allow some form of pseudonymous alternative provided that we can bind the pseudonym to real-world legal entity through trusted institutions.

Bank are of course a good place to form and maintain this binding, since they’ve already done the KYC and know who I am. So I give present my pseudonym to them and they can bind it to my “real” name to form a nym. In the example below, Barclays know who I really am, and I can present my Barclays nym where needed, but most transactions with counterparties take place at the pseudonymous layer and I can present my Vodafone pseudonym “Neuromancer” there if I want to. My counterparty doesn’t know that I am Dave Birch, only that Vodafone know who (and presumably, where) I am. For the overwhelming majority of day-to-day transactions, this is more than adequate. This layered approach (show below) seems to me a viable vision of a working infrastructure. Few transactions in the top layer (for privacy), most transactions in the middle layer, few transactions at the lower layer.

Layered model of cryptomarkets

So in this made-up example, Barclays know my “real” identity and Vodafone knows a persistent pseudonym tied to my phone number. (Of course, I could go to Barclays and choose to bind my Vodafone identity to my Barclays identity, but we don’t need to think about this sort of thing here.) I’m going to reflect on how these bindings might work in practice more in the future, but for now I want to circle back to that opening concern about losing the anonymity of cash. Here’s another version of that meme that I read in Reason magazine (“Cash means freedom”) a while back: “Cash—the familiar, anonymous paper money and metallic coins that most of us grew up using—isn’t just convenient, it’s also a powerful shield for our autonomy and our privacy”

But it really isn’t. Your privacy is being taken away because of social media, people wearing cam-shades and ubiquitous drones, not because of debit cards. And none of this has anything to do with dictatorship. I wouldn’t want to live in the America of the “The Handmaid’s Tale” whether it had anonymous payments or not. I understand the concerns of those concerned with privacy (as I am) that there might be an inevitable tendency for a government to want to trespass on the pseudonymous infrastructure in the name of money laundering or terrorism, but that’s a problem that needs to be dealt with by society, not by technology.

Look, I think we should start to consigning cash to the dustbin of history, beginning with the $100 bill, the £50 note and that affront to law-abiding people everywhere, the Swiss 1,000 franc note. There are an increasing number of people coming around to my way of thinking, including the former chief economist to the International Monetary Fund (IMF) Kenneth Rogoff, who in his book “The Curse of Cash” argued that large value banknotes should be withdrawn not only because of their use in criminal endeavours but because they prevent central banks from using their full range of monetary policy tools. If we are going to start getting rid of cash though, we need to come up with alternatives the provide levels of privacy and security determined by society as a whole, not by a few engineers.

ZCash and The Glass Bank

Interesting to see the cryptocurrency ZCash in the news today, since it’s one of the ones I focussed on in my new book (in case I haven’t mentioned it, it’s called Before Babylon, Beyond Bitcoin and you can buy it from all good booksellers). As I said about Zcash in the chapter “Counting on Cryptography” written toward the end of 2016, “people, companies and governments will not use the underlying anonymous currency but instead use the privacy-enhancing kinds of money built on top of it”.

This is indeed what J.P. Morgan just announced at Consensus 2017 (see “JP Morgan Chase to Integrate Cash Technology to its Enterprise Blockchain Platform“). Or, as American Banker put it in their story “So, just to be clear: JPMorgan isn’t using Zcash”. As was set out by the parties themselves, what they intend to do is to use the Zcash technology of zero-knowledge proofs on their own Quorum blockchain to deliver privacy into financial markets where the participants want the advantages of shared ledgers but do not want to disclose the contents of transactions to all participants. I think this is quite a big deal, but that’s because the institutional use of these new technologies to create markets that work in more efficient ways accords with my own mental roadmap for shared ledgers. 

In a paper I co-wrote a couple of years ago with Richard Brown, the CTO of R3, and Consult Hyperion colleague Salome Parulava [published as Birch, D., R. Brown and S. Parulava (2016). “Towards ambient accountability in financial services: shared ledgers, translucent transactions and the legacy of the great financial crisis.” Payment Strategy and Systems 10(2): 118-131.], we adopted the term “translucent” to mean transactions that are transparent for the purposes of consensus (in other words, we can all agree that the transaction took place and the order of transactions) but opaque to those not party to the trade or the appropriate regulators under the relevant circumstances. I gave a talk introducing these concepts at NextBank Barcelona back in 2015.

It seems to me that the JP Morgan / ZCash announcement takes us another step forward in this direction and moves use towards the era of “The Glass Bank” (something I used in client workshops for many years and that I first blogged about back in 2011), an era in which translucency develops as a response to the Great Financial Crisis (GFC) and as a fundamental improvement in the way that financial markets operate, and which I have already decided will be the title of my next book!