Financial anonymity is a controversial topic. It’s no wonder that central bankers, a conservative lot, tend to shy away from it. A recent paper from the European Central Bank (ECB) outlining a proof of concept for anonymous digital currency payments is a rare exception.
Entitled Exploring anonymity in central bank digital currencies, the paper attracted some criticism on social media for not providing genuine anonymity. The skeptics may be right. But, even so, I think it’s a positive sign that central banks are at least thinking about financial privacy.
The authors describe a hypothetical payments system in which citizens are provided with a monthly allotment of ‘anonymity vouchers’. The vouchers expire and cannot be traded. If users wish to make an anonymous payment, they must attach a voucher to each payment request. By doing so neither the issuing central bank nor the anti-money laundering authorities will be privy to the payor’s identity. Once the allotment is used up, payments can no longer anonymous.
By rationing anonymity, the authors of the paper hope to allow for lower-value anonymous payments while filtering out larger ones. Presumably large payments are more likely to be used for nefarious purposes. In the ECB’s words, this hypothetical system strikes a balance between “an individual’s right to privacy with the public’s interest in the enforcement of anti-money laundering and the financing of terrorism regulations.”
This sort of compromise is likely to upset people on both sides of the financial privacy debate. For privacy advocates, any limitation on the ability to transact anonymously represents a slippery slope towards a Panopticon of complete digital surveillance. For law enforcement professionals, anything less than full transparency amounts to a gift to crooks.
For my part, I’m comfortable with some sort of compromise. While I believe it’s important for people to be able to transact anonymously, I also recognize how anonymous systems are ripe for abuse.
For instance, the emergence of bitcoin, a semi-anonymous digital payments option, has made a whole range of extortion scams possible. The riskiest part of any extortion attempt is the ransom payment. Bank accounts are not a great place to accept ransom– they leave a paper trail. Cash is anonymous, but the ransom will have to be physically transferred, and this handover can be easily surveilled.
Bitcoin has the benefit of being relatively anonymous, like cash, while also allowing extorters to maintain a safe distance from their victims–bitcoin payments can be done remotely. Ryuk, WannaCry, TeslaCrypt, and other types of ‘ransomware’ have exploited these properties to successfully target individuals, companies and governments all across the world. The software invades a victim’s computer and encrypts files, a key only being provided when a bitcoin ransom has been paid.
Scams using gift cards and non-reloadable prepaid cards are also becoming increasingly popular with fraudsters. These sorts of cards are useful because, like bitcoin, they offer a degree of anonymity and can be transferred remotely. In one variation (there are many of them) a victim is contacted by a “cop” who claims to have a warrant out for the victim’s arrest. If the victim buys an iTunes gift card and texts the PIN, the charges will be dropped.
Where to draw the line? Limits on the amount of gift cards that stores can sell is probably reasonable, as would a cap on anonymous bitcoin withdrawals from exchanges.
But if we should be wary of too much payments anonymity, we should also worry about the opposite: a complete absence of it. Credit cards, debit cards, and online wallets leak tremendous amounts of personal information to retailers, payment processors, card networks, governments, marketers, and more.
Rebecka Ricks’s website is worth a visit. She provides an eery visualization that shows how PayPal shares your information.
Even if we trust third-parties not to abuse our personal financial information, they can still be hacked. The stolen data is often sold on dark markets to identity thieves and the like.
How can law-abiding citizens who want to buy stuff online protect their personal information from snoops, marketers, and hackers? The same non-reloadable debit cards that scammers use for anonymity can help. I recently made an anonymous online donation with my own prepaid card. Unfortunately, this option is quite expensive thanks to high activation fees. Cryptocurrencies like bitcoin, Monero, or Zcash may offer a degree of financial privacy, but they are incredibly volatile and not widely accepted.
When it comes to financial privacy, we still have very few options. That’s why creative solutions like the ECB’s should be welcomed. It’s time to start thinking about how we can safely shift away from 100%-identified digital payments networks to systems that offer at least small amounts of anonymity.