SALES, RENTALS & LAYAWAYS

PROTECTING EVERYTHING THAT HAS EVER BEEN OF VALUE TO YOU

Open 24/7/365

We Have A Life-Time Warranty /
Guarantee On All Products. (Includes Parts And Labor)

Thought Leaders In Crypto-Currency Privacy Space Talk About The Next Century of Money (#GotBitcoin)

Former CFTC royalty and current leaders of a U.S.-based think tank to promote a digital dollar talk privacy in new AMA. Thought Leaders In Crypto-Currency Privacy Space Talk About The Next Century of Money (#GotBitcoin)

As part of the virtual conference Consensus 2020, three leaders of the Digital Dollar Project held an AMA on May 11 in which they went at length into their thoughts for the future of money in the U.S.
The speakers and the project

Related:

Researchers Use GPU Fingerprinting To Track Users Online

Ultimate Resource On Private Blockchain Brave Browser

Online Privacy Tools And Tips

How To Protect Your Online Privacy While Working From Home

The Pandemic Turbocharged Online Privacy Concerns

California Lawmaker Says National Privacy Law Is a Priority

The AMA featured J. Christopher Giancarlo and Daniel Gorfine, respectively former Chairman and former head of the fintech wing at the Commodities and Futures Trading Commission. The two spoke to Cointelegraph at the end of March as lawmakers began looking at a digital currency to distribute COVID-19 stimulus.

Today’s panel also included David Treat, an executive at Accenture, which has partnered with the Digital Dollar Project.

Nicely summarizing the goals of the project, Giancarlo said “We will do everything possible to make the dollar serve as well as it possibly could in the 21st century.”
CBDCs and privacy

Within the crypto community, there is a fair amount of concern that any prospective digital dollar, or central bank digital currency elsewhere, would threaten the privacy present with cash.

In terms of know-your-customer policies, Treat commented that “The distribution end points of the digital dollar are a key part of the policy decisions that we’re in the midst of now.” “

“You can set certain thresholds and limits,” said Gorfine, referring to the $10,000 rule for cash transactions that the government tracks. “You can draw from a lot of the analogues that we currently deploy with physical cash.”

Though adamant that the Digital Dollar Project takes no view of other countries’ CBDC projects, Giancarlo alluded to concerns over China’s human rights abuses and its planned digital renminbi: “If the US dollar can actually offer features of privacy that other sovereign currencies might not, this would further strengthen the role of the dollar.”
Only a matter of time?

During the live-streamed AMA, Consensus polled viewers. According to one that asked about when to expect widespread usage of a digital dollar, 42% of those polled said in three years, while 32% said in five. Only 7% said never.

Consensus began earlier today with a speech from a representative of the European Central Bank on the topic of CBDCs. The subject seems to have captured the imagination of regulators around the world.

Updated: 6-17-2020

Decred Co-Founder: CBDCs Can Facilitate Crony Capitalism

Co-founder of Decred believes that the CBDCs could create greater information asymmetries that would benefit ruling elites.

Decred (DCR) co-founder Jake Yocom-Piatt believes that the emergence of CBDCs will facilitate the growth of crony capitalism. He speculates that if successful, central banks will be able to play favorites without the need for intermediaries.

At Least Nominally Accountable

In a Cointelegraph interview, Yacom-Piatt opined that the way the banking system is currently set up, if the Federal Reserve wants to provide a loan to a company or an industry, it cannot do it directly. Instead, it must first make a loan to a commercial bank, who then will lend out these funds. This creates at least some level of transparency and accountability:

“So that’s a process that is at least nominally accountable in the sense that you can see how much credit the central bank gives a commercial bank. And if they were lying about it, it would be like a massive scandal.”

Issuing Credits To Favorites

He believes that this could eventually lead to the central bankers playing God. He says they could issue credit arbitrarily without any checks and balances which would, in essence, facilitate crony capitalism:

“They could launch the CBDC and then later go, well, you know what, let’s just start issuing credit to the people we like in these specific industries that we feel needs credit. So it could make the already problematic credit issue its problem with central banks far worse by increasing the opacity.”

Information Asymmetry

Yacom-Piatt contends that the issuance of a CBDC will not create greater transparency. Instead he says that it may create even greater information asymmetry which the government will be able to capitalize on:

“If a central bank really wanted to do this, the amount of opacity that they can create for themselves while at the same time, strip mining everybody else’s privacy is ridiculous, so that they could do pretty much whatever they want.”

Industry experts have been speculating for a while that the Chinese government’s main motivation for the issuance of the digital yuan is the desire to exude even greater control over the country’s financial system. Although this may sound counterintuitive at first, technology is just a tool that can be applied in accordance with the goals of its users.

Updated: 8-13-2020

The Federal Reserve Is Experimenting With A Digital Dollar

The U.S. Federal Reserve is actively investigating distributed ledger technologies and how they might be used for digitizing the dollar.

Federal Reserve Board Governor Lael Brainard said the U.S. central bank has been testing DLT over the past several years to study what a digital currency might do to the existing payments ecosystem, monetary policy, financial stability and the banking sector.

“With these important issues in mind, the Federal Reserve is active in conducting research and experimentation related to distributed ledger technologies and the potential use cases for digital currencies,” Brainard said Thursday at the Federal Reserve Bank of San Francisco’s Innovation Office Hours.

Brainard cited the ongoing COVID-19 pandemic as one issue that reinforced the need for “immediate and trusted access to funds,” noting that recipients of emergency stimulus funds spent them quickly, indicating they urgently needed access.

“The COVID-19 crisis is a dramatic reminder of the importance of a resilient and trusted payments infrastructure that is accessible to all Americans,” she said. “It was notable that after a sharp reduction in spending early in the COVID-19 crisis, many households increased their spending starting on the day they received emergency relief payments.”

The idea of a digital dollar as a tool to distribute emergency stimulus funds is not new. Congress has been kicking the idea around since at least March. However, no concrete public efforts have been made to create a blockchain-based central bank digital currency in the U.S.

Experimentation

U.S. lawmakers have asked Federal Reserve Chairman Jerome Powell about the potential benefits to a digital dollar in the past. The regulator said last November that the central bank is “carefully analyzing” the potential benefits as well as the costs.

At the time, Powell said the Fed was not actively developing a digital dollar, that it might not offer the same benefits to U.S. consumers that other nations’ central bank digital currencies would offer their citizens and that there are questions about privacy and consumer protection.

Brainard echoed these questions in her speech Thursday, but her remarks indicate the Fed is further along in its experimentation than has previously been confirmed.

“To enhance the Federal Reserve’s understanding of digital currencies, the Federal Reserve Bank of Boston is collaborating with researchers at the Massachusetts Institute of Technology in a multiyear effort to build and test a hypothetical digital currency oriented to central bank uses,” Brainard said.

The code from these experiments will be published under an open-source license for the general public to experiment with it.

International Efforts

Brainard said the existence of other CBDCs and private cryptocurrencies, like bitcoin and libra, underscore the need for the U.S. to evaluate cryptocurrencies.

“Digital currencies, including central bank digital currencies (CBDCs), present opportunities but also risks associated with privacy, illicit activity, and financial stability,” she said. “This prospect has intensified calls for CBDCs to maintain the sovereign currency as the anchor of the nation’s payment systems.”

She also singled out one country in particular, noting “China has moved ahead rapidly on its version of a CBDC.”

The Fed needs to “remain on the frontier of research and policy development” given the dollar’s role in the world, she said.

Her views have been echoed in the past by former Commodity Futures Trading Commission (CFTC) Chairman Chris Giancarlo, who is now a director with the Digital Dollar Project, which has called for tokenizing the dollar. Giancarlo has appeared before Congress three times this summer to advocate this approach.

Like Brainard, Giancarlo has said a digital dollar would benefit the U.S. both in terms of quickly distributing or transferring funds when needed, as well as continue to maintain the dollar’s dominance in the global economy.

Many questions remain before the U.S. can even consider a CBDC, Brainard said Thursday. They include whether a CBDC issued by the Fed would be legal tender under the law.

“A significant policy process would be required to consider the issuance of a CBDC, along with extensive deliberations and engagement with other parts of the federal government and a broad set of other stakeholders,” she said.

“… The Federal Reserve has not made a decision whether to undertake such a significant policy process, as we are taking the time and effort to understand the significant implications of digital currencies and CBDCs around the globe.”

Updated: 1-24-2022

The Trojan Horse of Privacy

“For privacy to take off, it needs to stop being the value proposition. It’s got to be a gift people don’t notice. Think apps first, privacy second, futurist Dan Jeffries.”

Back in the early 1990s, a rag-tag group of legendary cryptographers battled Big Government’s attempts to cripple strong cryptography with everything from key escrow to the infamous clipper chip, which would have given law enforcement a back door to decrypt voice and text messages. The cypherpunks fought back against weak encryption and the U.S. government hijacking everyone’s public keys so it could spy on people with ease. The rebels won, beating back the clipper chip and crushing attempts to subvert major encryption standards.

They won the battle but they lost the war.

They had a much grander vision that never came to pass. They wanted to make the entire internet private, free from the prying eyes of governments and spy agencies. They wanted a world where we ruled our own personal information and shared it only when we wanted to.

In a famous article in Wired from 1993, Stephen Levy wrote that the cypherpunks dreamed of a world “where an individual’s informational footprints – everything from an opinion on abortion to the medical record of an actual abortion – can be traced only if the individual involved chooses to reveal them; a world where coherent messages shoot around the globe by network and microwave, but intruders and feds trying to pluck them out of the vapor find only gibberish; a world where the tools of prying are transformed into the instruments of privacy.”

Today we have exactly the opposite.

Surveillance economies power our biggest tech companies. Facebook and Google track our every step to deliver surgical ad strikes that make us hungry to buy more stuff we don’t need, with money we don’t have, to impress people we don’t even know. They track where we go, what we like, who we know and love, and with whom we’re sleeping.

Even though the Congress smashed the Defense Department’s Total Information Awareness initiative, a program to soak up all the world’s data in a massive Orwellian dragnet, U.S. spy agencies built it anyway with “black budgets,” as Edward Snowden’s revelations demonstrated a decade ago.

The National Security Agency (NSA) programs Edward Snowden leaked line up perfectly with every single original proposal from the Defense Advanced Research Projects Agency (DARPA).

Of course, the U.S. isn’t alone in spying on its citizens and the world. Every major spy agency on the planet now has similar capabilities to gobble up private data.

In the hands of authoritarian regimes, such power is devastating, creating a panopticon where the government can peer into every aspect of its citizens’ lives. In China, artist and humanist Ai WeiWei managed to blog freely in the early 2000s, but it didn’t take long for the Chinese government to get its boot back on the neck of the internet.

U.S. companies such as Cisco helped China build the Great Firewall, even creating a custom Falun Gong module to help track down and torture dissidents who belonged to the religious movement.

Everywhere you go, and everyone you meet, and all that you love and hate are sitting in databases waiting for prying private eyes to dissect your life in exquisite detail.

If it sounds like a dystopian sci-fi novel, that’s because it is dystopian sci-fi brought to life. But even worse, the scale of it is so large that the average person doesn’t even comprehend it. They can’t imagine that the people who lead them would do something on such a massive scale.

The rebels of crypto lost their bid to build a privacy-protecting internet. But there’s new hope for tomorrow.

Now, a new band of renegades wants to deliver on the promise of the original cypherpunks.

The Private World Of Tomorrow

The biggest technological hope to deliver on those promises are zk-SNARKs.

That’s short for zero-knowledge succinct non-interactive arguments of knowledge. Basically they allow someone to prove they know something without ever revealing that information to the other person.

They have the strange and spooky magic of letting two people store information on a public blockchain so the blockchain can prove the transaction happened, and yet all the information about it, everything from the sender’s address to the amount of money sent to the receiver’s address, can stay completely private. It’s like a ninja hiding in plain sight.

Zero-knowledge proofs came to the mainstream of crypto with privacy coins like zcash. They let us fully replicate the anonymous nature of cash in the digital world. We’ll need that because governments already have physical cash in their sights.

In a few decades or sooner, they’ll make cash illegal and all we’ll have is central bank digital surveillance coins that track every single aspect of our lives.

Privacy coins give us a parallel economic operating system that lets us transact freely without worrying about the prying eyes of the panopticon.

But zk-SNARKs go way beyond money. The technologist Vinay Gupta called them “the equivalent of spaceships compared to cave technology” on my podcast. They can revolutionize privacy in thousands of different ways.

Take internet security. Snarks let me prove I know my password without sending it over the wire. That will mean a big uptick in security in apps and on websites. Most people’s passwords get hacked not because the hacker attacks their computer directly, but because they attack a big, central database that stores everyone’s passwords.

If we never have to send or store that password centrally then hackers have to go back to the low-reward grind of hitting each person’s computer or phone directly.

Early on, the tech had some downsides. It required a “trusted setup” where the founders of a zk-based system would do a big creation ceremony to get it set up and to convince people they didn’t add a sneaky backdoor to the system by keeping the one private key to rule them all. But since the early days of zk-SNARKs, researchers all over the world have figured out ways to get the system started without needing a trusted setup.

Now mega-blockchains like Ethereum are going all-in on zk-SNARKS, building in zk-Rollups that allow most transactions to happen off-chain and that will help Ethereum to scale to millions of simultaneous distributed app (dapp) users. Zk-Rollups form the backbone of Ethereum layer 2 solutions.

Zk-SNARKs can do exactly what the cypherpunks dreamed of in those early days of the Internet. They can deliver one-time, untraceable messaging. They can hide everything from monetary transactions to information shared between you and your lover. They can make medical records truly secure. Take something like a visit to your psychiatrist.

Your records with your mental health-care provider could contain everything from notes to prescriptions, all of it encrypted. You would be able to share proof that you got a prescription so your health insurance provider can pay for it, but not share your doctor’s notes or anything else that was between you and your doctor alone. (Whether the insurance company demands such information is a separate, non-technological question.)

That’s true privacy where we’re in control of our data and we share what we want to share, when we want to share it. It won’t just be zk-SNARKs either. As crypto gets more and more widespread, brilliant cryptographers will continue to deliver new innovations, mathematical flourishes that can keep all our data safe.

Of course, governments will fight privacy at every step. They’ll tell us that criminals will use it for bad things. Of course, they will. But so what? They already do bad things with the system we have now. Don’t let people fool you that crime suddenly starts with crypto. Crime is as old as civilization. Criminals use cash, the banking system and everything in between.

Nobody demands we stop using the U.S. dollar or the euro or your international bank because criminals use it, too. It’s a nonsense argument and they know it. What they really don’t want is to lose their ability to look into every aspect of our lives.

You don’t have to be a criminal to want privacy. Everyone deserves privacy.

Just as you don’t want someone looking in your window while you change, or looking over your shoulder and reading the emails you send to your best friend, you don’t want a big company watching everything you spend your hard-earned money on so they can advertise more things you don’t need or so governments can catch two more bad guys while keeping everything you ever wrote to your lover on file.

Crypto offers a way out of the maze of endless surveillance and an economy where you’re the product.

There’s only one problem.

Practically nobody cares.

Privacy Is Not A Value Proposition

If you’re in crypto, you probably think everyone cares about privacy. Most folks in the crypto space feel like the value of privacy is obvious and that nobody in their right mind would choose a state-backed surveillance coin or ubiquitous government watchdogs over a borderless, decentralized, privacy-protecting system.

That’s just selection bias at work. They’re in the community because they believe in decentralization and privacy, but in the scheme of things it’s a tiny community.

The average person doesn’t care about privacy in the least. They don’t know what it means. They certainly won’t pay for it at the moment. How many people pay for encrypted email versus just using Gmail? A tiny fraction of a percentage, even though Google’s AI algorithms are reading everything they write. It’s free.

That’s what matters to people even if they watch scary documentaries on Big Tech spying on them. They watch the horror story like any other Saturday entertainment, get mad about it over dinner and then change absolutely nothing.

Remember this interview with Snowden about government surveillance on John Oliver’s show? Oliver went to interview Snowden in Russia, where he’s in exile.

Watch the look on Snowden’s face when he realizes the average man on the street doesn’t know a damn thing about privacy and doesn’t care about it in the least! The only time they care is when the government has their dick pic on file.

Most folks who grew up in an open, democratic society and never experienced anything different in their entire life don’t think it matters because it didn’t matter all that much. I’ve got nothing to hide, they think.

They never lived in East Berlin where the Stasi could show up at your house and take you away for any reason, at any time. When soldiers arrest you on made-up charges for anything, the value of privacy gets very real. They’d pay for it then, but by then it’s too late.

There’s only one way to give people privacy.

A Trojan horse.

The Gift Of Privacy

For the dream of Web 3 and the new crypto renegades to work we have to think differently. We need to think of apps first and privacy second. We need to make privacy the foundation of the app but keep it cleverly disguised in a beautiful wrapper that works flawlessly and easily.

For privacy to really take off, privacy needs to stop being the value proposition. It’s got to be a gift that people don’t even notice.

When people are downloading apps that work as easily as Instagram but have privacy baked right in, that’s how we get our privacy back. We get it when nobody has to think about it, when it’s just background noise in a new app explosion. Make privacy the plumbing, not the marketing tagline.

But it’s bigger than that. too. In my post “The Five Keys to Crypto Evolution,” I wrote that for decentralized, nationless, privacy-preserving systems to take off they need to be more than just money. They need to be a complete and total self-contained economy.

The system needs to distribute the money, offer privacy at every level, exchange the money automatically, and offer amazing goods and services denominated in that money all without ever needing a change back to traditional, nation-state fiat currency.

Decentralized stacks need to gamify the delivery of money, remove any and all centralized choke points like exchanges, and create a super-compelling ecosystem of goods and services that nobody can resist.

In other words, there aren’t really five keys. There’s one big key.

We need a complete alternative to the surveillance economy.

If the only way developers and Big Tech companies can make money is by spying on you, that’s exactly what they’ll do. No amount of evangelizing privacy or creating awesome new cryptographic tricks like zk-SNARKS will change that hard economic reality.

That’s the most essential step. Change the economics. If you’re working in blockchain and decentralization and privacy, first come up with the economic model.

How will people make money? How easy is it? How can you make it even easier? Then make it even easier than that.

Humans are very simple creatures. If we can do the right thing but we’ll starve, we’ll take the food every time.

If you’re a new-wave cypherpunk and you want to succeed where the original cypherpunks failed then you’ve got to see the bigger picture of human nature and economic reality.

Give developers a new way to feed themselves and give everyone else privacy as a bonus.

Get that right and you’ll give us a world where we can draw the curtains instead of a world where every window is open and private eyes are always watching you.

 

Bitcoin Isn’t Private – But Its Recent Taproot Upgrade Will Help

The upgrade could give the network a much-anticipated privacy boost once its effects ripple throughout the ecosystem.

Bitcoin is somewhat private – at least for users who know what they’re doing. But most people don’t.

The network’s transaction data is fully public for anyone to view. Most people using Bitcoin might not realize that, because of the unique way Bitcoin works, their financial history is being recorded indelibly in a ledger that anyone in the world can pull up on their computer with ease.

If Bitcoin users aren’t careful, their transaction history could potentially be exposed to the world. Not to mention, analytics companies like Chainalysis are dedicated to unearthing detailed information about where bitcoin is being sent and who owns which transactions.

Behind the scenes, developers are crafting privacy updates in the hopes that users of Bitcoin can use the currency privately – without the extra thought or effort.

The wide-reaching upgrade Taproot, which activated in November, brings a variety of improvements to the table. One important piece is boosting privacy.

Taproot doesn’t fully solve Bitcoin’s privacy issues. But as we’ll see, it does pave the way for some substantial improvements.

Disguising Complex Transactions

In Bitcoin now, most transactions are simple: Just send bitcoin from one person’s wallet address to another. But there are also more complex transactions with more complex rules, such as multisignature transactions, which require two or more people to sign off on a transaction in order for it to go through.

Then there’s the Lightning Network, a way to send faster and more scalable payments on Bitcoin, which is needed because Bitcoin’s on-chain capacity is limited. Opening and closing a Lightning channel creates a unique-looking transaction on the Bitcoin blockchain.

At present, each of these complex types of transactions looks a little bit different from “normal” transactions. In Bitcoin’s completely public ledger, there are little technical details built into each transaction that make it possible to tell if someone made a multisignature transaction or a Lightning transaction.

That’s where Taproot comes in. The privacy upgrade makes it possible to make more complex transactions exactly like normal transactions. All of these different transactions will look exactly the same.

“By obfuscating the true nature of the transaction, it makes it possible for those smart contract transactions to hide amongst the ‘regular’ ones,” as Bitcoin mining company Braiins puts it.

Hiding Lightning Transactions In The Crowd

Lightning builds on top of multisignature transactions. To send bitcoin over the Lightning Network, a user needs to open a Lightning “channel.” Once they do, they can make as many transactions as they would like off-chain – potentially thousands – without touching the main Bitcoin blockchain. This process helps Bitcoin scale because there’s limited on-chain capacity.

In this way, Lightning already boosts Bitcoin’s privacy because, unlike with on-chain transactions, none of the individual transactions between the opening transaction and the closing transaction are stored directly on the Bitcoin blockchain.

But for now, each Lightning opening channel is a detectable on-chain transaction, which looks different from normal, simple transactions. Similarly, the final transaction a user makes when they want to close their channel shows up as a distinctly different type of transaction on the Bitcoin blockchain.

Taproot hides these transactions from plain view. With Taproot, any transaction on the Bitcoin blockchain could conceivably be a Lightning open or close. But no one could possibly know for sure, thanks to Taproot’s cryptography.

“So we’ll get into nice situation that many random [transactions] out there ‘could have been’ [Lightning Network] channels which actually transport coins off-chain, hugely boosting privacy even for people who don’t use [Lightning Network],” as Bitcoin privacy expert Chris Belcher tweeted in 2020, a year before Taproot activated.

PTLCs: Disconnecting Lightning Bounces

As we described above, Taproot Lightning transactions can be hidden on-chain.

But some off-chain entities can still see the payments. The Lightning Network is, as the name suggests, a network, composed of thousands of “routing nodes” connected together that help to “route” payments to their destination.

Each Lightning payment bounces from one routing node to the next through channels, until it reaches the recipient.

Each of these routing nodes can see a little bit about each payment that they route. Some of the information about the payment is already shielded to a degree – like where the payment came from.

Currently, these payments are secured with so-called “Hash Time Locked Contracts (HTLCs),” smart contracts that ensure that the routing nodes in a payment’s path cannot steal a user’s payment (though they can receive a small fee for each payment that they route).

With HTLCs, routing nodes can see the preimage. Because this preimage data is the same across all bounces in the payment path, it’s possible for spying routing nodes to figure out where a payment came from.

Say a spy owns two routing nodes which detect two payments with the same preimage. Using that information, it can potentially guess the payment’s senders and receivers.

Taproot opens the door to a HTLC replacement: Point Time Lock Contracts (PTLCs). PTLCs offer a way to undermine this kind of spying. Because each “payment point” looks different, unlike every HTLC preimage, it’s less easy to correlate each bounce in a payment route. As such, PTLCs offer better Lightning Network privacy.

Better Bitcoin Privacy Still Requires Patience

The bad news is that these types of indistinguishable transactions won’t suddenly be possible now that Taproot is activated, however. It’s exciting that Taproot transactions are now finally possible, but there’s still plenty of work to do.

Most wallets allowing users to send and receive bitcoin transactions still need to upgrade their software to support Taproot.

And for Lightning transactions in particular, each Lightning software implementation needs to add support for the new transaction type. Then, wallets do as well. This will take some time.

Similarly, PTLCs aren’t a change that will be possible straight away. As with Taproot hiding complex transactions, there’s still a lot of development to be done to support PTLCs in each Lightning implementation.

Not to mention, Taproot has one privacy problem in the short term: Taproot transactions look different from the transaction types that came before it. So far, only less than 1% of Bitcoin transactions support Taproot. So, Taproot transactions themselves stand out from the rest of the transactions.

Still, if SegWit, Bitcoin’s previous upgrade, is any indication, the Taproot adoption will grow to become the standard over time.

Taproot has finally activated after years of development, meaning a massive hurdle has been crossed in the path to these shiny privacy improvements.

 

Updated: 1-25-2022

Internet Privacy Is An Inalienable Right

Thought Leaders In Crypto-Currency Privacy Space Talk About The Next Century of Money (#GotBitcoin)

Digicash inventor David Chaum weighs in on the founding principles Web 3 needs.

As billions around the world continue to spend more and more of their lives online, making true digital privacy a reality has become imperative.

At the same time, because of a series of scandals over the last two or three years, privacy has once again surfaced as a major – and very legitimate – public concern. The rapid emergence of Web 3 provides both a challenge and opportunity.

At first sight, the current reality is anything but encouraging. The entire business model of the “Big Tech” social media companies is built on collecting and selling users’ personal information to advertisers and political groups for the purpose of microtargeting.

This information includes not only message content but all the metadata about what we search for or pay for, who we communicate with, when, how often and from where.

David Chaum, a pioneer in cryptography and in privacy-preserving and secure voting technologies, is the creator and founder of the xx network. In 1995, his company, DigiCash, created and deployed eCash, the first digital currency, which used Chaum’s breakthrough blind-signature protocol.

In other words, Web 2 is essentially founded on the almost complete absence of user privacy and the exploitation of our personal information by huge centralized organizations.

Almost as bad, these organizations maintain databases of this and other accumulated information about billions of us, which are breached by cybercriminals with shameful frequency.

To be sure, some social media companies promise or actually deliver end-to-end message encryption. But user metadata is much more valuable to these organizations than the message contents, as shown by the fact that Facebook, for instance, is proposing to offer “end-to-end” message content encryption while leaving user metadata in the clear so the company can continue to harvest and sell it.

What’s more, ever-more-powerful artificial intelligence (AI) is already being used to analyze the vast troves of scraped and sold data to both predict and manipulate user behavior. Such manipulation includes the tailoring and dissemination of disinformation for political ends.

This dissemination is abetted by social-media algorithms that steer users toward more – and more extreme – sources of related disinformation with the ostensible goal of maintaining and increasing their “engagement.”

Less apparent is that the deep structure of the internet from its origin was never intended to provide privacy.

The U.S. Defense Advanced Research Projects Agency (DARPA), which commissioned the development of the TCP/IP message-packet protocol for the internet, explicitly prevented the encryption of packet headers, the digital “label” on each data packet forming part of a message that records source, destination, and transfer addresses.

Some encryption has since been added, but as we have learned from Edward Snowden among others, the National Security Agency (NSA) and other “intelligence” organizations, here and in other countries, easily and routinely gather metadata on internet traffic as part of what they call the “full take.”

We can assume that advanced AI is also being used by these agencies to identify targets for message-content hacking even as (according to Snowden in 2014, backed by The Washington Post) 90% of those placed under surveillance in the U.S. are ordinary Americans, not the supposedly intended terrorist targets, as Snowden disclosed to The Washington Post in 2014.

Finally, when, not if, general-purpose quantum computers of sufficient power are developed, most of the types of encryption individuals currently rely on to preserve what weak, imperfect privacy and security they have will be worthless. That means all messages encrypted today will be readable retroactively.

Combined, this has a depressive effect on both democracy and individual freedom. It has long been established that widespread surveillance chills free speech and discourse. In countries with openly authoritarian governments, surveillance forestalls the emergence of democratic activity.

In more democratic societies, the chilling effect extends to the expression of opinions that are outside the centrist “mainstream” of discourse.

This chilling effect extends to corporations. Anyone working for a company these days is well advised to avoid criticizing or complaining about their work environment using their work email, let alone proposing a worker organization like a protest group or a union.

And even as more and more American states pass laws making it difficult to vote via mail or drop box – and even as the coronavirus pandemic drags on – the possibility of voting via the internet languishes.

What’s To Be Done?

Having watched this situation develop over four decades, I have come to believe the internet needs to be rebuilt from the ground up. The ground in this case is where the internet began: communications first between local university and laboratory networks and soon thereafter between private individuals.

Just people exchanging information and ideas, talking about their lives, doing business and, crucially, discussing social and political issues.

Everyone has an inalienable right to associate privately, and ought to have a right to search for information anonymously. In other words, their personal information should belong to them, and they should be in complete control of it. Period.

This principle should be enshrined in law. There are very powerful vested interests hostile to the principle so it will take a large-scale social movement, online and off, to make informational sovereignty a legal right.

The good news is that we can start building that foundation now, with existing cryptographic technologies, some of which are novel and others of which date back to the early days of the internet. Broadly, this new technological frontier is called Web 3 – a chance to reframe the web around users rather than corporations.

For Web 3 To Achieve Its Aims, It Needs To Stand On A Proper Foundation. We Require:

* Decentralization: If personal communications are passed between teams of independently owned nodes, selected at random, second by second, from hundreds or thousands around the world working as a network collaborative, there is no centralized company for a government to pressure for user data or to insert spyware. Nodes can instead be organized on a blockchain to allow remuneration for participating in the network.

* Elimination of metadata: Messages can be sent in such a way that metadata is destroyed at every node before forwarding to the next. This makes it virtually impossible to identify and link sender and receiver. Senders, however, can at will reveal the identity of receivers.

* Quantum-resistant message encryption: As I mentioned, conventional encryption, based on techniques like the factorization of large numbers, is about to be rendered obsolete by quantum computers. Fortunately, quantum-resistant cryptography, whereby reverse-computing the encryption to obtain the message is mathematically infeasible, already exists.

These and related structures and techniques can be extended to existing essential functions of the internet like peer-to-peer payments, web browsing and shopping, and to new functions that we urgently need, like truly secure online voting. But everything starts with the basic principle that information about your life should belong to you.

Updated: 1-25-2022

Tornado Cash Co-Founder Says The Mixer Protocol Is Unstoppable

 

Thought Leaders In Crypto-Currency Privacy Space Talk About The Next Century of Money (#GotBitcoin)

Roman Semenov says Tornado Cash is designed so a third-party can’t control it.

Is Tornado Cash Part Of A Criminal Conspiracy? best-known coin mixing service says that privacy protocols are defending people’s rights to financial privacy.


 

Tornado Cash, a mixer that allows users to obfuscate their digital trail on the Ethereum blockchain, has been at the center of attention since it was revealed last week that hackers were using it to mix stolen ether from digital assets exchange Crypto.com.

In an interview with CoinDesk, co-founder Roman Semenov said the team has little control over what its users do with the protocol as it’s designed to be autonomous and outside of the control of developers.

“There is not much we can do in terms of helping investigations because the team doesn’t have much control over the protocol,” he told CoinDesk. “The Tornado Cash team mostly does research and publishes the code to GitHub. All the deployments, protocol changes and important decisions are made by the community via Tornado Governance DAO and deployment ceremonies,” an event when new code is pushed live.

The way the protocol is designed, decentralized and autonomous much like decentralized finance (DeFi) protocols, means there’s nobody in charge. There’s no corporate office, executive team or CEO where the buck stops.

Semenov said there’s no backend, and the user interface comes from an Ethereum Name Service domain – a service that represents Ethereum addresses as familiar-sounding domain names.

“The protocol was specifically designed this way to be unstoppable, because it wouldn’t make much sense if some third party [like developers] would have control over it. This would be the same as if someone had control over Bitcoin or Ethereum,” he told CoinDesk.

Is Tornado Cash Part Of A Criminal Conspiracy?

Tornado Cash isn’t the first service to offer users the ability to mix, or tumble, their crypto. These have been around since the beginning of blockchain technology, with development efforts increasing in parallel to the ubiquity of darknet markets like Silk Road or Alpha Bay.

Law enforcement is very familiar with mixers. Bill Callahan, a retired U.S. Drug Enforcement Agency agent and now director of government affairs at the Blockchain Intelligence Group, told CoinDesk in a prior interview that he doesn’t think Tornado Cash is laundering money, equating it to running away from the police and trying to evade capture. But there would be grounds to investigate it as part of the scheme.

“If a mixer knows or maybe should have known, taken steps to know the source of the funds and the beneficial owner, and the funds are from an illicit source, they would be investigated as part of the money-laundering scheme. They could also be charged as an accessory to the crime in a criminal conspiracy,” he told CoinDesk.

In a previous statement to CoinDesk, the Financial Crimes Enforcement Network (FinCEN) said mixers like Tornado Cash may fall under the definition of a money transmitter, and therefore have “obligations” set by the Bank Secrecy Act (BSA). But it hasn’t given any further guidance.

With the high-profile takedown of darknet bitcoin mixing service Helix, then-U.S. Assistant Attorney General Brian Benczkowski said that “[obscuring] virtual currency transactions in this way is a crime.”

However, Larry Dean Harmon, the service’s operator, pled guilty and the prosecution never had to prove its case, meaning there isn’t precedent that can say with certainty that this is money laundering.

For its part, Tornado Cash’s Semenov said law enforcement hasn’t been in touch.

“Law enforcement usually knows that the developers don’t have any ability to assist with an investigation or change the protocol,” he told CoinDesk.

Instead, Semenov said law enforcement would spend its time obtaining logs from infrastructure providers like Cloudflare or Infura, as these could be tied to IP addresses. Law enforcment would also likely look at any addresses linked to a centralized crypto exchange, where the wallet would have customer details linked to it via the know-your-customer (KYC) process.

“Law enforcement very rarely tries to contact us directly,” he said.

Privacy vs. Security

Semenov downplayed any ideas that the protocol is a tool for criminals and said it’s an important mechanism to protect the safety of crypto traders as the blockchain reveals everything for all to see.

“Since all their crypto portfolio is visible to the public, the holders of significant amounts of crypto are very vulnerable to becoming victims of kidnapping, torture and blackmail,” Semenov told CoinDesk in an interview.

“We think that it’s a very serious threat, and the privacy protocols are very important to ensure their personal safety. The banks don’t disclose your personal holdings to anyone who asks, and we think it should be the same way with crypto.”

Semenov said the debate about the limits of digital privacy isn’t anything new. It has always flared up any time new encryption technology has become available to retail users.

“In the 1990s, the government claimed that no strong encryption should be available to people at all, arguing that it would help terrorism,” he said. “In the late 2000s, there was a similar fight over end-to-end encryption in messengers where people were defending their right to private communication.”

Now, in the 2010s and 2020’s, crypto is this latest frontier, and Semenov said his efforts in defending people’s right to financial privacy are the “continuation of the same story that started a long time ago.”

He added, “Can you imagine the world where the cypherpunks conceded from the start and we wouldn’t even have HTTPS encryption of our web communications?”

 

What If We Get Online Privacy Right? A Glimpse of 2035

Here’s what a day in the life would look like if we nail privacy infrastructure, fix the policy and squash the forces behind that “creepy feeling.”

It’s the year 2035. The bad news: There are no flying cars (although a cryogenically youthful Elon Musk is working on it), the United States is still bitterly divided, and the New YorkJets football team still doesn’t have a quarterback.

But there is one silver lining: We’ve somehow fixed all the problems with online privacy.

It’s done. We made it happen.

What would that world look like? How would your day-to-day life be different? That’s the spirit of this exercise. It’s not a prediction, it’s not an argument, and it’s not pretending to know exactly how we cracked the code. And of course all of this is very much in doubt.

“We’re at a crossroads,” said Tim Pastoor, a researcher in the Netherlands who focuses on digital identity. “We can either head towards a more utopian vision of how we do things, or a more dystopian vision.”

It’s easy to imagine the dystopia. “Look at China, for example,” Pastoor said. “If you say something the government doesn’t like, you’re not allowed onto planes and trains, and your kids aren’t allowed to go to school, and you’re not allowed to receive health care.”

But what about the flip side? In one sense, perhaps the answer is dead simple: The world looks exactly how it does today in the United States, but your privacy is secure.

“If we succeed at fixing the infrastructure, then what we get is that the culture and the norms that we all currently share … survive,” said Zooko Wilcox, founder of the zcash privacy coin. So maybe just “Avoiding the China Scenario” is enough of a win.

But there are certain concrete, tangible ways that your life could improve. And some privacy experts think this is feasible.

“It’s easy for people to think it’s hopeless and there’s nothing we can do,” said Jon Callas, director of technology projects at the Electronic Frontier Foundation, a nonprofit devoted to defending digital privacy. “But there are things that are being done that have the potential to be very good. And if we do them right, we can have a better privacy-enhanced world.”

Welcome to that vision of the future.

Privacy-Protected Social Media And Online Shopping

7:30 a.m. You log onto social media (which has deteriorated into an unholy blend of one-second videos and emojis), eager to comment on the presidential contest between Chelsea Clinton and Barron Trump. Logging in is a breeze. You don’t need to remember any passwords. Instead, you use a “Privacy Broker” – a company that acts as your intermediary and shields your data.

Apple is already working on early versions of this solution, such as its “Private Relay” now in beta. “We want more people to be doing this,” Callas said.

9:37 a.m. You go online to buy a few of the basics: Toenail fungus remover, cold sore treatment, a BDSM kit, medicine for diarrhea and a vintage album from One Direction.

You’re not embarrassed. You know you won’t be served up ads for toe fungus for the next month. And you know that the data cannot be turned over to the government … or anyone.

That’s not the case today.

“Under the Bank Secrecy Act (BSA), all sorts of transactions from banks and other financial intermediaries [can be] turned over to the government, by default, without a warrant,” said Marta Belcher, general counsel at Protocol Labs, a research and development center for network protocols.

Thanks to a court precedent called the “third-party doctrine,” in today’s world, “If any third party has your data, you lose your reasonable expectation of privacy.”

So the BSA would need to be changed to protect digital privacy. Belcher is optimistic that will happen by 2035, saying, “I think that the warrantless financial surveillance under the BSA is unconstitutional, and if it went up to the Supreme Court, I believe they would agree.”

In-Person Shopping In A Privacy-Protected World

12:04 p.m. On your lunch break you head to the grocery store, and even offline shopping is now a snap.

The grocery store won’t collect your data. The police won’t get your data.

“I would like to walk into a grocery store and pick up all my groceries, and walk out, and know that I’m paying a fair price,” Wilcox said. “And I’m safe doing this, because I’m not giving anyone … the right to watch me all the time.”

In the scenario Wilcox imagines, “The computer that I carry around with me is negotiating with the grocery store computer and making sure that both people are happy with the deal … so I don’t have to think about it.”

Privacy-Preserving IDs

12:37 p.m. While you’re out running errands, you stop by the liquor store to buy a bottle of wine. The cashier asks to see your ID. He’s a sketchy-looking dude. He stares at you while you shop, he’s openly leering and you don’t love the idea of showing him an ID that reveals your full name, much less your home address.

But you don’t need to.

You flash him an ID, he scans a barcode, and the only thing he can see is the only thing he needs to see: that you are at least 21. Done and done. Creepy Dude can’t see your address or age.

This is thanks to the magic of zero-knowledge proofs – basically an encrypted way of showing that a statement is “true” without revealing the underlying information used to reach that conclusion.

They could be especially useful for IDs. “Privacy preserving IDs are happening,” said callas, who has written extensively on the subject.

“Colorado is at the forefront” of innovating with mobile and privacy-respecting drivers licenses, Callas said, along with “half a dozen other states.”

Consumer Control Of Targeted Ads

3:00 p.m. You see a hyper-specific ad: The exact shirt you were hoping would go on sale, and now it’s 50% off.

You weren’t served up the ad because some algorithm was stalking your online behavior; instead, you were empowered to get what you want.

Pastoor has a theory for how this could work. “It’s more of a white-listing principle,” he said. Instead of centralized companies cranking out algorithms from your trove of personal data, you would simply provide information – the “white list” – of things that interest you.

“You add a shirt to the wish list, and you opt into service providers that serve you the best possible deal,” Pastoor said. “If they start spamming you, then you can remove them from your network.”

The idea shares DNA with the technologist Doc Searls’ vision of an “intention economy,” where individuals and buyers control the data and set the terms … not the centralized sellers.

4:17 p.m. You see another online ad, also hyper-specific, for the exact sofa you just searched for… and you are not creeped out.

You have no reason to be. In this 2035 world that respects privacy, thanks to a combination of things that we get right – such as the above “white list” idea, or privacy regulation, or more decentralized solutions, or competitive privacy brokers – you know that your data is not being used to track or target you, and you can relax.

Contrast this to today. Amie Stepanovich, vice president of U.S. policy at the Future of Privacy Forum, said that if we get online privacy right, then even if our day-to-day lives won’t look all that different, but they will feel different.

The future could lack the “creepy element” of how we now view technology, she said. We put up with this creepy feeling (like the kind we get from hyper-targeted ads) simply because we have no choice; it’s the only way to join online society. For many, it’s an agonizing tradeoff.

We often feel an eerie sense of invasion – that Big Tech’s omniscient knowledge of our personal data is used to target and define us. “In a world where those types of invasive activities aren’t allowed to happen, people should be more comfortable with technology, because they know their rights won’t be abused,” Stepanovich said.

The Right To Be Forgotten

5:08 p.m. You have a hot take about Tom Brady’s game last night. Brady threw four interceptions and fumbled twice, and you go online to joke that this is the year that the 57-year-old hangs up his cleats.

Maybe your take won’t age well. (You’ve posted the same thing for 16 years; you’re always wrong.) But it doesn’t matter, because soon the post will auto-delete.

“My hot take on last night’s [Stephen] Colbert episode really only needs to be around for a week,” said Callas, who personally uses a tool called Semiphemeral that scrubs and deletes his online posts, subject to certain parameters. (Tweets with X number of retweets might remain, for example.)

Callas imagines this kind of service expanding and going mainstream in the future, as it tackles a different flavor of online privacy – we forget that we’re leaving a public digital trail of all of our fleeting opinions, no matter how spontaneous or dumb.

“People should be able to shed their past,” Callas said. “If people can’t shed their past, they can’t ever change their mind.”

Employee Privacy

7:00 p.m. You chill out to watch “Fast and the Furious 23.” And while you watch Vin Diesel race cars around the rings of Saturn, something magical happens: Nothing.

More specifically, there are no emails, texts or Slacks from your boss. Your workplace respects your privacy.

“No texts or emails after 5 p.m.,” said U.S. military whistle-blower and privacy activist Chelsea Manning, who views the breaching of our personal time as an overlooked violation of privacy.

She notes that long ago, in a simpler time, we worked a 40-hour week where we punched out at 5 p.m., commuted home and then enjoyed our evening.

“We don’t have that anymore,” she said. “And that is a privacy issue. That’s your employer invading your privacy. I believe this.”

Sexual Privacy

10:30 p.m. You head to an adult website. (Yes. That kind of website. We’re all human.) Rather than just watching the free clips, you decide to splurge on some premium content. And thanks to a combination of cryptocurrency adoption and new legal safeguards, no one is able to exert financial censorship.

“This is something ordinary people don’t notice, but there’s a subset of people for whom it’s already a huge problem,” said Belcher, who notes that OnlyFans, for example, was forced to ban sexual content to appease Visa and Mastercard.

“In the sex work context, this is very apparent for them in their day-to-day lives,” she said. “In the best-case scenario, that financial censorship is gone, and people can transact openly, without Visa and Mastercard dictating what speech is and is not allowed on the internet.”

Peace of Mind

12:00 a.m. You go to bed not worrying that anything you have done today will be used against you, sold to third parties or somehow embarrass you.

You relax.

“Privacy is our birthright as Americans,” Wilcox said. “This is the way all of us grew up. It’s what we learned from kindergarten.”

You drift off to sleep, smiling, to the mellifluous sounds of One Direction.

 

How Popular Are Crypto Mixers? Here’s What The Data Tells Us

Volume data suggests crypto coin mixing is not as prevalent as one might think.

Cryptocurrency mixers and the illicit activity often associated with them regularly make headlines. To the casual observer, the frequency of these attention-grabbing stories can give the impression that crypto mixing is far more prevalent than it is. Data tells us mixer transactions make up a shockingly small fraction of overall crypto activity.

Since Bitcoin’s inception, blockchain technology has been closely associated with the dark web, money laundering, tax evasion and worse. Just last year millions in bitcoin were paid in ransom to the hackers of the Colonial Pipeline, further perpetuating the public’s belief about the underground world of blockchain-based currencies.

In reality, being a distributed, public ledger makes the Bitcoin and Ethereum blockchains overly transparent.

By just knowing a public wallet address, one can track all past and future transactions of the account. Any association between exchanges, entities or doxxed individuals – private individuals who have had publicly revealing identifying information about them published online, either intentionally or unintentionally – could give insight into who is doing what in each transaction.

In one respect, transparency is quite refreshing as societal and ecosystem norms are often imposed on venture capital firms, project founders and other members of the crypto community. However, the need for privacy exists if crypto is ever to take on a mainstream role in payments, finance and banking.

The Bitcoin and Ethereum communities understood the downside of transparency and have since built infrastructure to allow users to opt-in to further privacy through potential “unregulated or controversial” technology.

Bitcoin Mixers: In The Beginning

Early on, Bitcoin privacy was achieved through centralized mixing services that required trust in third parties.

A user would send bitcoin to a company that “mixed” or “tumbled” the funds with other depositors’ bitcoin and then sent back an equivalent amount of mixed bitcoin on the other end. Users who wanted privacy were, in effect, exchanging their bitcoins for other bitcoins that couldn’t be associated with their own.

There was a substantial risk in using these mixing services. Users had to entrust their coins to the third-party mixing platform and believe that they’d get their funds back.

Bitcoiners especially took issue with that idea since the Bitcoin protocol counts trustlessness as one of its core tenets. Centralized services were also at risk of being shut down due to regulatory action, and many early mixers were shut down.

In 2013, Greg Maxwell proposed CoinJoin, a transaction privacy method that involved no changes to Bitcoin itself. A CoinJoin takes advantage of how Bitcoin transactions are structured with a bitcoin input from a user, a signature that allows that input to be sent, and an output location for that bitcoin to end up. The signatures are unique for each input.

Although these inputs usually come from the same user, they are not required to be. This is how CoinJoin works: Many users can contribute multiple inputs to a transaction where they ultimately send bitcoin to themselves on the other side, but the details are obfuscated due to the unknown number of parties who contributed inputs.

CoinJoins have always worked on Bitcoin, but there wasn’t always an easy way for users to collaborate and carry out a CoinJoin to enable privacy. Now, there are bitcoin wallets like Wasabi Wallet and Samourai Wallet that allow users to implement PayJoins, an implementation of CoinJoin, within the wallet, making privacy available to all.

Bitcoin Mixer Usage

However, even though these privacy options have been around since 2018, the volume data suggests the penetration of CoinJoins has not increased much since the early days. Although more bitcoin has been CoinJoined each year, the highest volume month was just over 65,000 BTC in January 2021 (worth about $2.3 billion, on average), a scant 0.35% of the total bitcoin transacted in that month.

The same phenomenon shows itself when considering “Fresh Bitcoin” – a metric that describes new bitcoins that use a CoinJoin that have never been mixed before.

We can see that these data sets look strikingly similar, but the Fresh Bitcoin metric likely provides a more realistic view for demand growth for CoinJoins, given some users opt to mix the same bitcoins multiple times in order to increase privacy and mathematically guarantee untraceability.

The number of Fresh Bitcoins CoinJoined in January 2021 was closer to 45,000, or 0.25% of the total bitcoin transacted in that month.

Part of this overall lack of adoption can be due to exchanges blocking withdrawals to privacy-preserving bitcoin wallets, such as Wasabi, which would naturally suppress demand for CoinJoin as mixing would disrupt the fungibility of the owner’s bitcoin. That is, the bitcoin that went through a mixer would be “tainted” and treated differently by the exchange than other bitcoin.

The Future Of Bitcoin Mixers

Taproot was an important upgrade made to the Bitcoin protocol that was implemented late last year. Taproot enabled a handful of potential usability and privacy improvements, with the addition of Schnorr signatures an address type to Bitcoin that makes types of transactions look the same, making blockchain forensic analysis more difficult for multisignature transactions.

As it relates to mixer traffic, however, Taproot in its current state does not improve the privacy of CoinJoins because their inputs are single signature.

That said, Taproot’s activation sets the groundwork in order for cross-input aggregation (CISA) in the future, which would allow for improved privacy and efficiency of CoinJoin transactions. Digital signatures are the critical piece that allows CoinJoins to work.

If CISA makes it into the Bitcoin protocol, the many signatures needed in a CoinJoin transaction could be combined and aggregated into one, which could boost scalability and make the process cheaper.

Tornado Cash: A Mixer For Ethereum

The most popular mixer on Ethereum takes a different approach than CoinJoin because it is built and deployed on the application layer. Tornado Cash allows ETH holders to deposit a sum of their token balance into a non-upgradable smart contract that gives them an encrypted note.

Using the encrypted note, the user can withdraw the funds from another Ethereum address in a single or multiple transactions.

One step further, Tornado Cash allows third parties called “relayers” to send that encrypted note verifying the withdrawal transaction to application users. In return for passing the note, relayers receive a small fee.

The relayer system allows users to have their funds trustlessly withdrawn into a new wallet, without needing ETH in the new wallet to pay for the claim transaction because the relayers also take care of covering that cost on their behalf.

It is important to note that relayers are not able to access any transaction data beyond paying the transaction fee, stopping them from altering the destination of the claimed funds.

At the end of the process, the user who deposited their assets into Tornado Cash now has them in a fresh wallet, leaving behind a very difficult trail to follow. In turn, the relayer takes a small fraction of the deposit to pay for the claim transaction and reward them for their service.

Tornado Cash version 1 has been live since the end of 2019 and has processed 2.4 million ETH and $5.1 billion U.S. dollar-pegged stablecoins at the time of writing, according to data from Dune Analytics and Etherscan. Most often used was the fixed deposit of 10 ETH, with the contract seeing 13,819 transactions since December 2019.

November of last year was the largest month for Tornado in terms of volume, processing over $200 million ETH and stablecoin withdrawals in the last week of the month. However, during December the application released a new product dubbed Nova.

The upgrade allows users to deposit arbitrary amounts of assets instead of the outdated, tiered and fixed deposit limits. Nova has seen some adoption with 673 wallets depositing 633 ETH in the new platform in less than a month.

While Ethereum’s most popular mixer is often publicized for its use after decentralized finance (DeFi) exploits or nefarious activities, the application appears to be growing in popularity among everyday users concerned with operational security (opsec) and privacy.

Recent compliance integrations even allow the application to generate a report on whether an address’s use of Tornado Cash was in relation to any known exploits or laundering, so law-abiding users can access the technology without drawing unnecessary suspicion.

The Double-Edged Sword Of Crypto Mixers

The adoption of DeFi, non-fungible tokens (NFTs) and bitcoin have gone parabolic over the past year, making illicit activities a smaller percentage of overall crypto transactions than ever.

A recent Chainalysis report revealed that even as the notional value of illegal activity hit $14 billion, illicit transactions only made up 0.15% of all cryptocurrency volume during 2021.

Mixers will continue to support those with ill intentions – but that is the double-edged sword of privacy and decentralization. Not only is anyone allowed to access and use blockchain wallets, developers are allowed to build and deploy any product they deem fit on top of smart contract platforms like Ethereum.

As it stands now, regular bank accounts provide us a high level of personal privacy from our friends and family. It is exceedingly difficult to find out how much money someone has in their bank account even if you know a lot of identifying information about that person.

With cryptocurrencies, on the other hand, if your wallet address becomes known, your balance and all your crypto activities can become known. Bitcoin and Ethereum should be able to provide that privacy at a minimum, and the use of privacy-focused technologies like mixers provides that option to everyday crypto users.

However promising mixers are for privacy, the data shows that users are still not taking advantage of what they have to offer. Meanwhile, the mainstream narrative points to mixers enabling illicit activity rather than the potential benefits they may provide to individuals.

More education on the topic, and less stigmatization of mixers themselves, could go a long way toward improving personal financial privacy.

New Private Messaging App Claims To Be Decentralized And Quantum-Resistant

David Chaum has launched a new private messaging system that claims it can keep message data and information about its users secure against the most powerful computers.

A new private messaging app called XX Messenger has been developed by renowned cryptographer David Chaum, and it claims to be quantum-resistant.

A quantum-resistant messenger would be able to shield message content from all currently known decryption efforts. This would protect the sender and receiver, and their location data, from being intercepted or tracked by unwelcome interlopers.

The app is now available on both the Apple and Android app stores.

Quantum resistance refers to cryptographically securing data from even the most elaborate conceivable code-cracking systems. Quantum computers could potentially be used to decipher encrypted messages on other messenger apps, but quantum resistance theoretically removes that possibility from XX Messenger.

David Chaum is renowned for making the first known proposal for a blockchain protocol in 1982. He also developed Ecash, an electronic cash application that protected users’ personal information cryptographically. It was widely viewed as a precursor to Bitcoin (BTC).

Chaum told Cointelegraph that the security of XX Messenger relies on a “decentralized mixnet protocol” that “ensures that even the most determined cannot tell who you are talking to.”

The new messenger’s cryptography is open source and can be found on its GitHub page.

The private messaging app also claims to boast a globally decentralized network of 350 nodes. Chaum said:

“The current plan is to rapidly increase the number of nodes to 550 — with further increases planned as the protocol and its software mature.”

Node operators earn XX Coin as a reward for running nodes on the nominated proof-of-stake XX Network.

Other private messaging apps include Signal and Telegram. Each of those apps claims to approach user privacy with a great deal of care by utilizing end-to-end encryption or client-server encryption, respectively.

End-to-end encryption is only as secure as the encryption itself, meaning a message could theoretically be compromised and decoded by a powerful computer if it is not deleted. Client-server encryption utilizes centralized servers to encrypt and store message data.

Chaum acknowledged the impact Signal has had in the field of private messengers but pointed out a limitation of the app’s privacy capabilities.

“Signal itself, as well as many intermediaries, can see who you talk to, when, and how much. And various governments will commonly use that information.”

With the new messenger offering, the team from XX Network is dedicated to “protecting and strengthening inalienable privacy rights at the dawn of web3.”

 

 

Updated: 1-26-2022

What Is Zcash? The Privacy Coin Explained

Zcash has seen ZKP breakthroughs, its first halving and progress toward further scalability.

In a world where our personal information, interests and activities are being increasingly tracked and documented, it’s little surprise cryptocurrencies that offer users anonymity continue to remain popular despite efforts from regulators and exchanges to restrict their accessibility.

In a 2021 Big Brother Brands report, companies like Uber and Meta (formerly Facebook) were found to harvest between 56.41% and 79.49% of their users’ personal information, respectively.

If the controversial Meta-backed diem digital currency successfully launches to the masses (big IF,) Meta will inevitably gain access to its users’ transaction data. This means not only will the tech giant know who you are and what you like, but it will also know what you buy and how much you spend.

Zcash is one of the leading digital currency blockchains that looks to address this snowballing issue and seeks to return power and privacy to its users.

What is Zcash?

Zcash is a privacy-focused, blockchain-based payments network that uses zero-knowledge proofs (ZKPs) to shield transactions, making the contents of a transaction private even on a public blockchain. Born out of the Zerocash protocol, Zcash forked from the Bitcoin blockchain in 2016. Its native token, zcash, uses the ticker symbol ZEC.

ZKPs are the product of a cryptographic technique that dates back to 1980. They allow two parties to verify information with each other without sharing the underlying data related to this information. For example, you can prove that you are over 21 years old without having to reveal your actual date of birth (or any other extraneous information that some forms of identification, like your driver’s license, might contain).

The Electric Coin Company (ECC), which created Zcash, added Zero-Knowledge Succinct Non-Interactive Argument of Knowledge, or “zk-SNARKs” to the ZKP toolkit.

This cryptographic advancement basically allows shielded Zcash transactions to be fully encrypted on the blockchain while still allowing the transaction to be verified as valid by the network’s consensus.

With Zcash, There Are Two Types Of Addresses:

  • Transparent addresses: Transactions with transparent addresses, or t-addresses, can be tracked on the Zcash blockchain the same way Bitcoin’s can.
  • Shielded addresses: Shielded addresses, or z-addresses, are encrypted, meaning you aren’t able to see the data on the blockchain so transactions sent to them aren’t visible, nor are the amount of funds z-addresses hold.

If a t-address sends funds to a z-address, observers won’t be able to tell where they went. If a z-address sends a transaction to another z-address the transaction is entirely shielded from prying eyes, offering one of the most private and secure options on the market.

How Zcash Has Changed In Recent Years

Since its fork in 2016, Zcash has continued to iterate on the core services it offers and expand on them. Some big improvements over the last couple of years include Halo, a “trustless recursive” version of ZKPs; the release of an open-source, shielded-first, fully functional Zcash wallet in 2020; and the Heartwood Network Upgrade activation, also in 2020, which added Shielded Coinbase and FlyClient support.

Not to mention an increase in institutional support and the first-ever Zcash halving.

Halo And Halo 2

Zcash launched Halo in 2019, a new zk-SNARK that addressed two criticisms the privacy coin faced: scalability and trusted setups.

Zcash was launched with a trusted setup. A trusted setup creates a secret number, and a derivative of that number is used by the Zcash protocol.

This number is created in multiple parts by multiple actors. They all must then destroy what’s known as “cryptographic toxic waste” without revealing what it was. A trusted setup would have had to occur at each hard fork.

But if no one destroys that waste through intentional planning, or if the secret number is figured out, then it would provide a fundamental flaw in the protocol and even allow the individual(s) that discovered it to create Zcash tokens arbitrarily without anyone’s knowledge.

The Zcash Multi-Party Computation Ceremony, in which a trusted setup was executed, was recorded on YouTube and even made an appearance on NPR’s Radiolab.

Halo eliminated the need for a trusted setup and the “cryptographic toxic waste that went with it.

As CoinDesk Chief Content Officer Michael Casey wrote at the time of the Halo announcement:

“Halo allows a user to both prove that no one involved in the initial establishment of a large-scale, zero-knowledge proof system has created a secret backdoor with which to later amend the code and that that secure state has existed over the course of ongoing updates and changes to the system. Until now the risk of fraud at setup meant that zero-knowledge proofs often required elaborate, costly procedures at the outset to instill confidence in users.”

A trusted setup made zero-knowledge proofs, which are still fairly nascent, bulky and somewhat impractical for actions other than proving one-off individual facts.

“To be sure, one-off trustless solutions known as ‘bulletproofs’ have been around since 2017, but they lack the recursive quality needed to verify the ever-accumulating information within a large, growing, changing database,” wrote Casey.

Halo improves on ZKPs and allows them to compress any amount of data into a short proof that can be checked quickly, according to Steven Smith, director of engineering at ECC. The removal of a trusted setup is a key “step toward our Scalability 2021 initiative,” said Smith in an email.

Halo 2, announced in 2020, iterated on Halo by using PLONK, a novel z-SNARK, rather than “Sonic” to verify transactions. PLONK is more efficient than Sonic, and would better enable further scaling of Zcash as well as move it closer to being able to eliminate a trusted setup.

At its heart, PLONK is an instance of a proof that can verify itself, “allowing any amount of computational effort and data to produce a short proof that can be checked quickly,” according to the Halo 2 blog post.

Zcash Wallet

In December 2019, Zcash started the development of its ECC Reference wallet, a light client reference wallet that let shielded transactions in Sapling (an upgrade that enabled significant efficiency improvements for shielded transactions) work on mobile devices.

This reference wallet was a blueprint ECC hoped others would take up and build upon, while providing additional feedback.

Then, in June, ECC released an open-source, shielded-first, fully functional Zcash wallet that showcases its software development kit (a collection of software development tools in one installable package) for demonstration and testing.

One goal was “making sure at least 40% of the world could read and understand the ECC reference wallet,” said Smith. With the help of the community, the app was translated from English into five languages: Simplified Chinese, Russian, Spanish, Italian and Korean.

“Additionally, and due in large part to the work on our SDKs, Unstoppable became the first multi-currency wallet to enable shielded Zcash support on iOS and Android,” said Smith.

Heartwood Network Upgrade

In July 2020 ECC launched the Heartwood Network Upgrade activation, which added Shielded Coinbase and FlyClient support. Shielded Coinbase allowed Zcash users to have completely shielded ZEC from its creation, increasing privacy further.

It also gave miners the option to get mining rewards issued immediately into a z-address. Luxor and Poolin, two mining pools that represent nearly 40% of Zcash mining hash power, have implemented shielded Coinbase.

FlyClient provides a more efficient method for “light-client block-header verification” or verifying the blocks on a blockchain, and could increase the utility and market for Zcash. FlyClient enables light client use-cases and a class of cross-chain interoperability efforts like tZEC, an Ethereum-compatible ZEC token.

Zcash Halving

Zcash underwent its first halving at the tail end of 2020, triggering a cut in miners’ block rewards from 6.25 ZEC to 3.125 ZEC, and launched the network’s fifth upgrade, Canopy, which did away with the controversial “Founders Fund,” which some members of the Zcash community felt gave too much ZEC tokens back to the founders.

Instead, 8% of mining rewards will now be allocated to the Major Grants Fund, managed by the Major Grants Review Committee (MGRC), which will be made up of a community-nominated five-member committee.

The fund will fuel development and adoption efforts, separate from the work being done by the ECC and Zcash Foundation.

Halo Arc Update

ECC announced the next suite of upgrades to Zcash – Halo Arc.

Halo Arc includes updates to Zcashd (Zcash’s consensus node), an ECC wallet prototype and the ECC wallet software development kits (SDKs). The wallet will enable shielded-by-default transactions, something that is merely optional for Zcash right now.

After a number of delays, Halo Arc is set to launch on April 18, 2022, in coordination with the activation of Zcash’s Network Upgrade 5 (NU5). NU5 will be the first mainnet activation of the Halo proving system, furthering the development of zero-knowledge-proof cryptography.

The protocol upgrade will also introduce unified addresses, a feature that creates a single Zcash address that is compatible across all Zcash value pools, including shielded and transparent ones so that users no longer have to juggle multiple address types. At present, protocol upgrades at times required new address formats.

Issues To Overcome

Zcash has a few challenges to overcome.

“Like with all cryptocurrencies, there could be vulnerabilities or issues that we’re unaware of,” said Josh Swihart, VP of Growth at ECC. “Though the likelihood of an exploit is probabilistically nil, for some, Zcash’s trusted setup is a risk.”

The hope is a larger implementation of Halo 2 in 2022 will be able to do away with trusted setups and eliminate the “toxic waste” that is a byproduct of them.

“Zcash will also need better scalability if it is to be used for global payments by billions of people,” said Swihart.

Finally, there is the delisting of privacy coins such as Zcash from some exchanges that could continue to be an issue. Core privacy features built into protocols like Zcash and Monero have caused concern among regulators and policymakers due to their ability to conceal illicit activity.

Cryptocurrency exchanges Shapeshift and BitMEX are among those that have delisted ZEC (as well as XMR and DASH), allegedly due to regulatory pressure. At the same time though, in September 2020, cryptocurrency exchange Gemini was the first exchange to allow users to withdraw Zcash with its anonymizing feature.

“Since the release in September, 11.8% of Zcash withdrawals on Gemini were sent to shielded addresses,” read Electric Coin Company’s 2020 recap of Zcash.

“In terms of what we haven’t progressed on as fast as we would have liked, we had hoped to have made more progress on shielded hardware wallet support,” said Smith.

The Future of Zcash

Zcash’s Halo and Halo 2 developments offer the best opportunity for the privacy coin to address some of its most prominent criticisms. But the potential for privacy coins to be delisted by exchanges doesn’t appear to be decreasing and looks to be an ongoing forest to navigate.

But when it comes to privacy coins, and previous contenders like Dash who have all but abandoned the label and protections, Zcash is squarely in the conversation of the top privacy coins and will continue to march ahead as such.

Transition To Proof-Of-Stake

On Nov. 19, 2021, ECC announced plans to migrate Zcash away from its proof-of-work consensus mechanism based on the equihash algorithm to a more energy-efficient and interoperable staking-based system.

The CEO of ECC, Zooko Wilcox-O’Hearn, floated the idea of such a transition in a blog post earlier that year, citing the change would “[eliminate] the downward pressure on the price of ZEC and [add] additional utility for ZEC.” He was referring to the current situation where Zcash miners are forced to sell an amount of the coins they mine to cover running costs, serving to suppress the price of ZEC.

Furthermore, staking would provide additional utility and allow more users to participate in validating transactions on the network in exchange for rewards. Not to mention, the significant energy-reducing benefits of switching to PoS would make Zcash a more environmentally friendly project than it currently is.

No specific date has been given for the rollout of this transition, though ECC stated it is expected to occur sometime within the next three years.

 

Updated: 1-27-2022

A Step-by-Step Guide To Going Private

From using Bitcoin and Monero to updating your computer’s operating system, “Seth For Privacy” presents 10 “must do” security tips.

One of the most common questions I get from people who are starting to realize the need for personal privacy is, “Where do I start?”

To better answer that question for yourself, it can be helpful to build out a simple threat model by considering what data you want to protect, whom you want to protect it from, and how much trouble you’re willing to go through to protect it.

While this question is not one I can answer for you, here is how I would do it if starting from scratch in my privacy journey today.

Please remember that not all threats are equal, and not all people have the same priorities – so be sure to take what is below (especially the order!) with a grain of salt and try to assess the best path for you.

1. Find A Privacy-Loving Community

This is not a technical solution but is by far the most important step you can take. Having a group of people around you to support you, give solid feedback and bounce ideas off of is an essential aspect of a successful journey towards privacy.

A community of like-minded peers concerned about privacy can help with the psychological burdens – nihilism, loneliness, hopelessness – that can come with falling down the privacy “rabbit hole.”

Before you go any further, this should be your first priority regardless of your own personal threat model and needs.

Techlore’s Discord server, the “Opt Out” podcast and “TheNewOil” blog have all been invaluable resources. They also all have “rooms” on the social platform Matrix (here, here and here, respectively), which is a tool you should familiarize yourself with. The Bitcoin Freedom and Tech Matrix room also deserves a special plug, and is broader in scope than just the intricacies of Bitcoin.

2. Use A Privacy-Preserving Browser

This step might appear daunting if you’re used to the conveniences of Google Chrome, for instance, but in the data economy, convenience comes with privacy trade-offs.

Thankfully there are excellent browser alternatives. As we spend more and more of our lives online, a browser that is more privacy-preserving by default or being able to “tune” (configure) a browser you already use can be a huge win in decreasing the amount of data that third parties collect about you. A few choice browsers:

  • Firefox is one of the most popular browsers. The “Yet Another Firefox Hardening Guide” will walk you through the process of tuning your browser. It’s very straightforward, and only needs to be done once per computer.
  • Brave Browser has some excellent defaults but takes some odd approaches (like cryptocurrency ads all over the place and built-in cryptocurrency wallets which aren’t helpful to most people). The Anonymousplanet.org guide shows you how to make it a bit more privacy and secure.
  • Ungoogled Chromium takes the best of Chrome Browser and strips Google from it, making a very compelling and very fast browser. It can be a bit tricky to get and keep updated on some operating systems, and extension installation and updates are a bit of a pain, but it’s a great option for those who are hardcore but still like the Chrome web engine.

There are also a series of extensions that bring privacy with the convenience of a download.

  • uBlock Origin is available for all of the browsers mentioned above. It goes far beyond just blocking ads, and handles a wide swath of ad, tracker and script blocking in a way that is very rarely detrimental to the browsing experience. It’s an absolute must install, no matter which browser you choose.
  • LocalCDN helps to improve privacy by replacing potentially dangerous pieces of websites with vetted and safe local ones, reducing network calls and the risk of compromised assets being delivered by web pages. It’s similar to Decentraleyes.
  • The password manager extension you download will depend on the password manager you choose in the next step, but I highly recommend installing one, where available, for simpler autofill and password management when browsing.

3. Use A Password Manager

While this step isn’t technically privacy related, properly securing your passwords will lead to much better privacy by reducing the amount of data leaks and hacks you experience as a result of stolen or leaked credentials.

Password managers make it extremely simple to manage usernames and passwords across all of the sites and apps you use without needing to reuse these credentials.

Migrating to a password manager is also a great chance to think twice about which accounts you actually need, and close those you don’t.

  • Bitwarden is what my wife and I use. It works very well, is open-source, cross-platform and can be self-hosted if desired.
  • KeepassXC is a well-respected FOSS (free and open software) password manager. It does not sync across devices natively but works well and has a solid history.

4. Use A Privacy-Preserving Email Service

The process of switching email providers is a long and quite involved process, so should preferably be done after improving your browser. Having a password manager handy will help in migrating email and passwords.

Privacy-preserving email providers generally use native forms of end-to-end encryption (E2EE) whenever possible, and prevent them from reading your mail. They’re vital in reducing the data available about your communication, shopping, job hunting, etc. to invasive companies like Google and Microsoft.

  • ProtonMail is probably the most well-known name in the privacy-preserving email space, and for good reason. It has many solid features out of the box, a usable free tier and great cross-platform clients to go with a long history of supporting user privacy.
  • CTemplar: I personally prefer and use CTemplar, as I appreciate their pricing, approach to privacy, mobile app (in F-Droid) and their acceptance of Monero directly for payments.
  • While I haven’t used Tutanota, many people I trust do. They also provide steep discounts to FOSS and non-profit organizations, so it’s well worth a look if you happen to be a part of either of those.

5. Use A Privacy-Preserving Search Engine

This step can seem quite annoying at first as none of the privacy-preserving search engines are quite as fast or complete as simply using Google, but the data you provide to a search engine tells a lot about you and removing that is a key step towards reducing your digital footprint.

Each of the alternatives have some key pros and cons and are really up to personal choice. I recommend trying them each for a day or more as your default and see what solution fits you best.

  • DuckDuckGo uses Bing results on the back end and is one of the more polished and faster user experiences in the space. They’re one of the easiest to switch to, for sure.
  • I host a public instance of Whoogle and really appreciate the ability to get Google search results without revealing my IP address and the extra bloat of Google searches. It’s quite easy to self-host, if desired.
  • Searx is probably the most hard-core option, yet still provides a solid experience and search results. You can find public instances here.

6. Switch Yourself And Your Friends/Family To A More Private Messaging Service/App

Getting the people you chat with most to switch messaging platforms is difficult. However, to get the most benefit, you’ll have to try your hardest to get them to jump ship with you.

This is made all the more difficult in that there are so many options – an experience of decision paralysis often made worse by the “messaging wars.”

Thankfully, I was able to get all of my friends and family to switch to Signal, but I know that’s not always possible.

Introducing a private-by-default and E2EE messaging app into your workflow helps prevent self-censorship, surveillance and state censorship in private chats, and is an essential tool to liberty and freedom over the long run.

Signal has the brand recognition it does for a reason: It’s extremely easy to use, easy to onboard new people and has a similar core feature set as most other default messaging apps. It’s not perfect. But it is an incredible tool and has been a huge boon for the privacy and free speech movements.

Note that Signal does require a phone number to use. That comes with the important ability to handle SMS natively in Signal, making it an extremely capable iMessage replacement and a much easier sell in the U.S. where SMS is still quite popular for some reason.

While linking a phone number can be detrimental if pseudonymity or anonymity, this does not harm or reduce the encrypted privacy provided by Signal.

Threema takes WhatsApp’s template and orients the app around preserving user privacy, including end-to-end encrypted chats, voice messages and other features by default. It also drops Signal’s phone number requirement, which is a big win for pseudonymity.

I tend to use Signal with people I know personally, and Threema for chats with people I do not know.

7. Use A More Privacy-Preserving Form Of Money

While cryptocurrencies like bitcoin are commonly considered private or anonymous, this is a misnomer. Most cryptocurrencies are not privacy preserving by default, and merely enable fragile pseudonymity at best. With this in mind, here are a couple recommendations for using cryptocurrencies while staying private.

  • Use Monero. Monero is a privacy-preserving cryptocurrency that shields information about senders, receivers and amounts by default. If interested, these two videos (here and here) helped me get started while “Monero Outreach” provides a feature-by-feature breakdown.
  • Use Samourai Wallet for Bitcoin. Samourai Wallet is by far the best way to use Bitcoin, in my opinion, and enables fairly easy-to-use and approachable privacy on Bitcoin. While privacy on Bitcoin can be extremely fragile and difficult to achieve, Samourai Wallet makes it as simple as possible, keeps fees down and has a long track record. BitcoinQnA’s in-depth guide to bitcoin mixing, EconoAlchemist’s guide to wallet use and “Opt Out” podcast’s breezy walkthrough are fine places to start. You might also want to check Samourai’s code.

8. Use A Non-Logging And Trustworthy VPN Provider

VPNs (virtual private networks), often get a bad rap as there are so many malicious and predatory providers out there and even more that force cheesy advertisements on YouTube videos. VPNs as a tool, however, can be invaluable.

Using a VPN that does not log user traffic is a great way to shift the trust from your network provider (home ISP, mobile carrier, etc.) to a trusted third party that doesn’t have your personal information or home address.

When selecting a VPN it’s extremely important that you do your own research and come to your own conclusions. You might start by asking the question, “Do I need a VPN?” Then ask what’s Tor, and how does it compare to a VPN? At some point, you may even ask, “what’s a second realm?”.

Here’s A Handy VPN toolkit, But I Will Recommend Two VPNS As Starting Points:

  • IVPN has a trustworthy team, incredible cross-platform clients and a strong reputation that has survived external audits. They’ve been extremely honest about the shortcomings of VPNs generally – and in the spirit of full disclosure, sponsor my podcast.
  • Mullvad is a VPN I have long recommended and used, is well trusted by many in the privacy community and has a long track record of caring deeply about user privacy and not logging user traffic.

9. Use A Privacy-Preserving Mobile Operating System

This section is a bit more drastic than the others, but switching to an operating system that is designed around protecting user privacy gives you a strong foundation for all of the other steps to live on top of and enhances their effect – and often makes them easier!

CalyxOS is the only real recommendation I can make. (Full disclosure: I am a financial supporter of the Calyx Institute, the nonprofit organization behind CalyxOS.)

I’ve run it for almost a year and found it to be an incredibly powerful tool. It takes the open-source Android operating system created by Google and strips the tracking scripts out of it, then builds it back up with a focus on user privacy and FOSS app stores (like F-Droid). For more on CalyxOS and my experience/recommendations, see my blog post “Switching to CalyxOS”.

Depending on your threat model, an iPhone can also be a solid approach to gaining strong third-party privacy due to Apple’s long-standing commitment to consumer privacy. That said, you may be protected from third-party data collection on an iPhone, but not from Apple’s prying eyes.

10. Use A More Privacy-Conscious Desktop Operating System

For Linux to seem attractive, you’ll likely have to be a bit deeper down the privacy and self-sovereignty rabbit hole. Things are getting better each year, but switching operating systems still requires some extra know-how and dedication.

However, the switch is well worth it. I switched entirely to running Linux on both my desktop and laptop without serious issues. I use the Pop_OS! Linux distribution (distro) on all my computers. It’s based on Ubuntu and provides sane defaults, a powerful app store and consistent and stable updates.

System76, the company behind Pop_OS!, also sells their own laptops and desktops that are custom-built for their software. The best thing about Linux is it’s almost infinitely configurable.

While I haven’t used ZorinOS personally, it’s “easy to switch” approach makes it quite attractive. I’ve heard from trusted sources it really is the easiest jump away from Windows or macOS. And, if you’re willing to pay, you can get a lot of extra features, support and bundled apps.

The Next Step?

While the above list is certainly not the be-all and end-all of privacy, I hope it shows how straightforward a privacy-conscious journey can be.

The first step is just to start thinking about why or how you might want to improve your privacy – taking an account of what you value and perhaps ditching the so-called conveniences of modern life that you pay for with your most trusted information.

Updated: 1-27-2022

How Binance, Coinbase And 22 Other Crypto Exchanges Handle Your Data

A CoinDesk review of privacy policies from two dozen major crypto exchanges found the industry collects a wealth of personal information about users. Some disclose more about their practices than others.

Never bother to read the privacy policy when signing up for a cryptocurrency exchange? Maybe you should.

We reviewed the privacy policies and notices of 24 major crypto exchanges and lending services to see how much they know about users and how transparent they are about it. The two dozen companies represent a cross-section of popular consumer-facing platforms.

It turns out crypto platforms collect a wealth of their users’ personal data – ironic considering this asset class grew out of the privacy-championing cypherpunk movement and was originally conceived as anonymous digital cash.

All major crypto services these days are subject to laws and regulations obliging them to perform know-your-customer (KYC) checks on any new client. Crypto platforms are inherently online so to make sure they are dealing with the same person who submitted ID documents, over the past few years they adopted biometric verification, asking prospective users to provide a photo with their ID, a short video of themselves or both.

Given that many of these platforms are accepting fiat payments from bank accounts of their clients to let them buy crypto with their local currencies (acting as so-called fiat on-ramps), they also process users’ banking information, and in some cases tax IDs, too.

Such platforms collect their users’ home addresses, phone numbers, employment information, banking details, photos of their IDs and photos and/or videos of their faces. In addition, platforms can see the entire history of their users’ trades, cryptocurrency addresses they use to deposit and withdraw funds and any transactions related to them on public blockchains.

Platforms also routinely gather technical information about the devices users are logging in from, including operating systems, browser details, IP addresses and the location and time zone settings of computers and phones their clients use to trade.

This is a pretty typical set of data more or less any regulated crypto service would process and store. However, they differ in the amount of data they store, how they protect users’ privacy and how much they disclose about such practices.

The companies explain in their privacy policies that they use this data to provide quality service to their clients, prevent fraud and keep customers posted about relevant news and updates. However, this abundance of personal information makes the platforms huge data banks – and, in cases of security breaches, they may become sources of massive leaks.

It’s hard to verify how companies are actually handling their users’ data. But by reading the privacy policies these companies publish on their websites, we can see how explicit and forthright they are about it.

Here are some of the issues to be mindful of.

Financial Data Use And Storage

Crypto platforms provide varying levels of disclosure about the data they receive and store related to users’ financials. (In this article, we don’t look at the financial information platforms collect about corporate users, only about individuals.)

Most of the privacy policies CoinDesk reviewed mentioned bank account numbers and (as one would expect) trading history on the platform. Crypto lending provider BlockFi stood out with the longest list of types of banking data it collects. Exchanges Binance, BitMEX, Poloniex, and OKEx did not mention what banking data they collect at all in their privacy policies.

Paxful mentions that financial information may be stored if users send it to their trading counterparties via the chat on the platform, as Paxful keeps the chat records.

“BitMEX doesn’t operate any fiat payment gateways for its users and so does not receive credit card or other banking information in respect of its users,” explained BitMEX Communications and Content Manager Jessica Lindeman. “Instead users are able to purchase XBT or USDT through Banxa,” a payments company.

Poloniex said via spokesperson Gabriel Wang that it too “does not deal with fiat directly, so no credit card/banking info is stored on our system.”

Richard Kay, OKEx’s senior public relations manager in the U.K. and Europe, said the exchange also does not store its users’ banking information. That’s taken care of by third-party payment providers, including Coinify, MoonPay, Okcoin, Banxa, Mercuryo, Simplex and Itez, he said.

Binance told CoinDesk via spokesperson that it actually does process banking information. “We would would only process credit card or banking information when users decide to share this information with Binance, for transactional purposes, as it is not mandatory information to open an account,” the company added.

Platform
Financial Data Collected, According To Privacy policy
Bakkt (last updated Oct. 28, 2020)
Bank account number, credit card number, debit card number, details of transactions on the platform
Binance (last updated Jan. 12, 2022)
Transaction history
Bitfinex (last updated May 27, 2021)
Bank statements, bank account number
BitMEX (last updated Aug. 28, 2020)
Payment details, including wallet address(es)
Bitstamp (last updated Nov. 5, 2020)
Bank account number, bank statement and trading information
Bittrex (last updated Dec. 31, 2019)
Bank account and payment details, transactions data, portfolio data
Blockchain.com (last updated Dec. 16, 2021)
Bank account information and/or credit card details, transactions history and account balances
BlockFi (last updated June 15, 2021)
“Transaction Data such as cryptocurrency wallet address(es), information relating to your BlockFi account and cryptocurrency trading transactions and related information for deposits or withdrawals, credit card information (last four digits of number, expiration date, card status), credit card payment information (amount, date, frequency, status, balance), information relating to credit card transactions;
Financial Data such as bank name, bank account number, bank routing number, income type, annual income amount, monthly housing expenses, information that may be received from consumer reporting agencies (e.g., credit bureau reports).”
Celsius (last updated October, 2021)
Bank account or other financial information; records of products or services purchased, obtained, or considered, or other purchasing histories or tendencies
Coinbase (last updated Oct. 8, 2021)
Bank account information, payment card primary account number (PAN), transaction history, trading data, and/or tax identification.
Crypto.com (last updated Sept. 30, 2021)
Bank account, payment card details, virtual currency accounts, stored value accounts, amounts associated with accounts, external account details, source of funds and related documentation.
Deribit (undated)
Bank account statement, the address of your wallet from which you deposit/withdraw cryptocurrency into/from your account; orders, trades, positions and balances.
eToro (last updated May 20, 2020)
Annual income, investment portfolio, total cash and liquid assets and other details; value and currency of any deposit, withdrawal, or transaction made and the payment method.
FTX (last updated Dec. 23, 2021)
Bank account information, routing number, transaction history, trading data and/or tax identification, transaction information, name of the recipient and the trading amount.
Gemini (last updated Dec. 8, 2021)
Bank account information, routing number, trading activity, order activity, deposits, withdrawals, account balances
Huobi (last updated April 27, 2021)
Debit card information and/or other account information, transactions record
Kraken (last updated Nov. 23, 2021)
Bank account information, credit card details, details about source of funds, assets and liabilities, Office of Foreign Assets Control (OFAC) information, trading account balances, trading activity
LocalBitcoins (last updated June 10, 2020)
Financial information may include information related to your income, wealth, bank account information and/or tax identification, bitcoin transaction information.
Nexo (undated)
Not specified
Okcoin (last updated Dec. 18, 2020)
Bank account information, transactions data
OKEx (last updated Dec. 3, 2020)
Not specified
Paxful (undated)
Social Security number or account balances, payment history or transaction history, credit history or credit scores, trade chat messages, “which may contain financial information if you provide it to sellers”
Poloniex (last updated May 4, 2020)
Transactional data including records for trades, deposits, and withdraws, other session data linked to account
SALT (last updated Jan. 6, 2021)
Loan requests, loan amounts, loan payment information, transaction history, cryptocurrency wallet information and financial data such as bank name and account number

 

Third Parties With Access To Data

Crypto services usually need multiple partners to maintain their websites and process trades, so they have to share users’ data with those partners. Various services provide different levels of openness about which companies they share users’ data with, and about their reasons for doing so.

Some companies merely mention they might share data with third parties, while others provide names and explanations, with varying degrees of detail.

Bitfinex and BitMEX provided the longest lists of counterparties they share data with. Bitfinex lists third parties at the end of its privacy policy and BitMEX has a special page dedicated to the list of its data partners.

Europe-based platforms normally mention, among other things, if they are transferring users’ data to any places outside the EU, and how they make sure such transfers are secure. These parts of the privacy policies look pretty similar across different platforms.

Many companies separately describe their approaches for EU citizens, whose personal data since 2018 has been protected by the General Data Protection Regulation (GDPR), or for Californians, under the California Consumer Privacy Act (CCPA). Some platforms also specify their treatment of residents of Vermont, which has its own local privacy laws.

We won’t delve into those sections in this article, as they’re largely relevant only to residents of these particular areas, but if you are one, check if your crypto service notes anything important for you.

Crypto Exchange
Third Parties With Access To Data
Bakkt (last updated Oct. 28, 2020)
Service providers and/or data processors, counterparties in transactions, financial institutions and credit bureaus, other third parties
Binance (last updated Jan. 12, 2022)
Subsidiaries or affiliates, third-party service providers and others.
Bitfinex (last updated May 27, 2021)
Bitrefill, Chainalysis, Celsius Network, getResponse, happyCOINS, hCaptcha, Mercuryo, OWNR WALLET, WorldCheck, Twilio, Simplex, Zendesk. (This list does not include banks to which personal information is transferred for payment purposes in accordance with international banking practice.)
BitMEX (last updated Aug. 28, 2020)
Companies belonging to HDR Group (BitMEX parent company), Amazon Web Services, Google ReCAPTCHA, Yubikey, Jumio, Freshdesk, Segment.io, Sentry.io, Google Analytics, SendGrid, Pagerduty, Solarwinds, Intercom, Onfido.
“Personal data may be shared with third party participants in our affiliate programme (or any other successor or parallel programme of a similar nature) who referred you to our site (so they can track successful referrals), and partners for promotions or service integrations. Information on historical trades may also be shared with other trading platforms and exchanges. Personal data may be shared with courts or public authorities if required as described above, mandated by law or regulation, or required for the legal protection of our or third party legitimate interests, in compliance with applicable laws and regulations, and relevant / competent public authorities’ requests.”
Bitstamp (last updated Nov. 5, 2020)
“May share information with credit reference agencies, anti-fraud databases, screening agencies and other partners we do business with.”
“With respect to US residents, we also may share your information with other financial institutions, as authorized under Section 314(b) of the US Patriot Act, and with tax authorities, including the US Internal Revenue Service, pursuant to the Foreign Account Tax Compliance Act (“FATCA”), to the extent that this statute may be determined to apply to Bitstamp.”
Bittrex (last updated Dec. 31, 2019)
Suppliers and external agencies, subsidiaries, associates and agents, regulators, law enforcement agencies and other authorities, consultants, bankers, professional indemnity insurers, brokers and auditors; “other organizations where exchange of information is for the purpose of fraud protection or credit risk reduction,” debt recovery agencies.
Blockchain.com (last updated Dec. 16, 2021)
Affiliates, cloud service providers, fraud detection service, spam and abuse detection providers
BlockFi (last updated June 15, 2021)
Affiliates, BlockFi Rewards Visa Signature Card partners, service providers.
Celsius (last updated October 2021)
Subsidiaries, affiliated companies, subcontractors and other third-party service providers, business partners (such as GEM, Coinify, Simplex and Wyre), auditors or advisers, “any potential purchasers or third party acquirer(s) of all or any portion of our business or assets, or investors in the company.”
Coinbase (last updated Oct. 8, 2021)
Jumio, SolarisBank AG, Sift Science, Plaid, Paysafe, other financial institutions and service providers.
Crypto.com (last updated Sept. 30, 2021)
Service providers, agents, subcontractors and other associated organizations, affiliates
Deribit (undated)
Cloud service providers, software suppliers, affiliates
eToro (last updated May 20, 2020)
Affiliates, advisors, vendors, consultants and other service providers, such as payment service providers, IT hosting companies, banks, other financial institutions and credit reference agencies
FTX (last updated Dec. 23, 2021)
Service providers, business partners, NFT partners, affiliates, advertising partners
Gemini (last updated Dec. 8, 2021)
Service providers, affiliates, advisers
Huobi (last updated April 27, 2021)
Affiliates and partners
Kraken (last updated Nov. 23, 2021)
Affiliates, subsidiaries, service providers and business partners
LocalBitcoins (last updated June 10, 2020)
Onfido, Jumio, Google, Sentry.io, SendGrid Inc, Nexmo, Twilio, TM4B;
auditors, lawyers, accountants, consultants and other professional advisors, external services or authorities
Nexo (undated)
“Hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential.”
Okcoin (last updated Dec. 18, 2020)
Affiliates, service providers and other third parties, “entities in connection with any financing, acquisition or dissolution proceedings.”
OKEx (last updated Dec. 3, 2020)
Not disclosed
Paxful (undated)
Service providers, data processors, other parties to transactions, such as sellers, financial institutions, affiliates
Poloniex (last updated May 4, 2020)
Affiliates, advertisement and other business partners, service providers.
SALT (last updated Jan. 6, 2021)
Subsidiaries and affiliates, contractors, service providers, including those providing ID verification, consulting, sales, client support operations, payment processing and technical support or services; financial institutions.


Data Gathered From Third Parties

To make sure they know enough about their users, platforms gather information about them from outside sources, meaning they might know much more about you than you yourself told them.

This might include companies affiliated with the platform via common owners; third-party providers of identity verification and other technology; banks; government organizations; social networks and other sources.

Out of the 24 platforms in our list, Gemini, founded by Cameron and Tyler Winklevoss, seems to have the most exhaustive list of outside sources of information it’s gathering about users

Many companies mention they might look you up in anti-fraud databases, public court documents, sanctions lists, and also ask credit bureaus and various government bodies about you.

Crypto Exchange
Data Gathered From Third Parties
Bakkt (last updated Oct. 28, 2020)
“We also collect information about you from third parties, such as money laundering and fraud prevention information providers, marketing agencies, identity and creditworthiness verification services, and analytics and information providers. We may combine information we collect about you with information from third parties.”
Binance (last updated Jan. 12, 2022)
“We may receive information about you from other sources such as credit history information from credit bureaus.”
Bitfinex (last updated May 27, 2021)
Not specified
BitMEX (last updated Aug. 28, 2020)
“We receive personal data from partners when they refer you to us (for example, we receive data about the service you used, and that referred you). We will receive confirmation from Yubico Cloud that you have successfully authenticated using a Yubikey registered with that service. Third parties may monitor the Web on our behalf, for example looking for stolen usernames and passwords. Our communications service provider may also enable us to learn more about your social media presence, in order for us to send you more personalised communications. Finally, some authorities or other persons seeking access to information about users may provide information about the circumstances of their request, and about the individuals of interest.”
Bitstamp (last updated Nov. 5, 2020)
“We may collect Personal Data from third-party partners and public sources, which include:
– Reputational information;
– Financial information;
– Business activities of corporate customers.”
Bittrex (last updated Dec. 31, 2019)
“Analytic providers such as Google Analytics; advertising networks; search information providers.
Identity, Contact, AML / KYC Data from publicly available sources such as public court documents, the corporate registrars with the U.S. and other jurisdictions, and from electronic data searches, online KYC search tools (which may be subscription or license based), anti-fraud databases and other third party databases, sanctions lists, outsourced third-party KYC providers and from general searches carried out via online search engines (e.g. Google).”
Blockchain.com (last updated Dec. 16, 2021)
Affiliates, banks or payment processors, advertising or analytics providers.
“Banks or payment processors that you use to transfer fiat currency may provide us with basic Personal Data, such as your name and address, as well as, your bank account information.
Advertising or analytics providers may provide us with anonymised information about you, including but not limited to, how you found our website.”
BlockFi (last updated June 15, 2021)
“May include, but are not limited to, public databases, credit bureaus, identity verification partners, resellers and channel partners, joint marketing partners, advertising networks and analytics providers, social media platforms, and our BlockFi Rewards Visa Signature Card partner.”
Celsius (last updated October 2021)
“Our affiliates, our service providers, or our affiliates’ service providers; public websites or other publicly accessible directories and sources, including bankruptcy registers, tax authorities, governmental agencies and departments, and regulatory authorities; and/or from credit reporting agencies, sanctions screening databases, or from sources designed to detect and prevent fraud or financial crimes.”
Coinbase (last updated Oct. 8, 2021)
Companies affiliated with Coinbase, public databases, credit bureaus, ID verification partners, joint marketing partners and resellers, advertising networks and analytics providers, public blockchains.
Crypto.com (last updated Sept. 30, 2021)
“- Fraud and crime prevention agencies,
– a customer referring you,
– public blockchain,
– publicly available information on the Internet (websites, articles etc.).”
Deribit (undated)
Not specified
eToro (last updated May 20, 2020)
“May include, for example, identity verification agencies, credit referencing agencies and similar bodies. We may also collect information about you from third parties, when you use or connect to eToro by or through a third party platform, such as Facebook or another site, you allow us to access and/or collect certain information from your Third Party Platform profile/account as permitted by the terms of the agreement and your privacy settings with the third party platform. We will share such information with the third party platform for their use.”
FTX (last updated Dec. 23, 2021)
“We may also use Google Analytics and other service providers to collect information regarding visitor behavior and visitor demographics on our Services… We may use Plaid Technologies, Inc. (‘Plaid’), as a vendor to collect information about you…
if you access our Services through a third-party application, such as an app store, a third-party login service, or a social networking site, we may collect information about you from that third-party application that you have made public via your privacy settings. Information we collect through these services may include your name, your user identification number, your user name, location, gender, birth date, email, profile picture, and your contacts stored in that service.”
Gemini (last updated Dec. 8, 2021)
“Identification Information, such as name, email, phone number, postal address, government identification numbers (which may include Social Security Number or equivalent, driver’s license number, passport number);
Financial Information, such as bank account information, routing number;
Transaction Information, such as public blockchain data (bitcoin, ether, and other Digital Assets are not truly anonymous).
Credit and Fraud Information, such as credit investigation, credit eligibility, identity or account verification, fraud detection, or as may otherwise be required by applicable law; and additional Information.
Huobi (last updated April 27, 2021)
Not specified
Kraken (last updated Nov. 23, 2021)
Banks: name, address, bank account details.
Users’ business partners: name, address, financial.
Advertising networks, analytics providers, search information providers: anonymized or de-identified information on how you found website.
“Credit agencies do not provide us with any personal information about you, but may be used to corroborate the information you have provided to us.”
LocalBitcoins (last updated June 10, 2020)
Not specified
Nexo (undated)
Not specified
Okcoin (last updated Dec. 18, 2020)
Not specified
OKEx (last updated Dec. 3, 2020)
Not specified
Paxful (undated)
Service providers and data processors, affiliates, “third-parties who may help us verify identity, prevent fraud, and protect the security of transactions,” “third-parties who may help us evaluate your creditworthiness or financial standing,” “third-parties who may help us analyze Personal Data, improve the Website or the Services or your experience on it, market products or services, or provide promotions and offers to you,” social media platforms
Poloniex (last updated May 4, 2020)
“We may obtain Personal Data about you from other sources, including through third party services such as sanctions screening services and other organizations to supplement information provided by you.”
SALT (last updated Jan. 6, 2021)
Google Analytics, Full Story.
Public databases and ID verification partners, public blockchains: “Such information may include your name, address, job role, public employment profile, credit history, status on any sanctions lists maintained by public authorities, and other relevant data.”
“We may analyze public blockchain data to ensure parties utilizing our services are not engaged in illegal or prohibited activity under our Terms, and to analyze transaction trends for research and development purposes.”


Reasons To Share Data With Government Agencies

Major crypto exchanges these days are closely watched by regulators around the world and often asked to disclose information about their users when the authorities suspect wrongdoing, from tax evasion to money laundering.

“The companies that collect that information can – and often do – share that personal information with governments, even when the government has not gotten a warrant to collect that information,” said Marta Belcher, a cryptocurrency and civil liberties attorney.

A silver lining is that more and more companies are disclosing how many requests from authorities they get.

“What it really comes down to is whether companies are going to stand up for their users, and whether they are going to be transparent about the requests they receive from governments and whether they voluntarily turn that information over,” Belcher said.

The most famous (or infamous) precedent of a government body reaching for a trove of crypto exchange users’ data was the U.S. International Revenue Service (IRS) getting access to information on about 13,000 U.S. users of Coinbase in 2018. The move was preceded by a long court fight between the exchange and the IRS, which initially wanted data about 500,000 users.

The way a company describes its reasons for answering questions from governments matters, said Peter Van Valkenburg, director of research at Coin Center, an industry think tank.

“Do they need a warrant or subpoena, or they’re happy to answer even without the warrant from the judge?” Van Valkenburg said.

Out of 24 companies CoinDesk looked at, 13 mentioned subpoenas and court orders in their privacy policies among reasons to cooperate with the requests from government agencies and law enforcement. However, not all companies claim to require such a formal request before handing over customer information.

Blockchain.com, an exchange and crypto wallet provider, says it would insist that authorities present “a court order, or equivalent proof that they are statutorily authorised to access your data.”

By contrast, eToro says it would provide information “to assist regulatory, cybercrime, data and information protection agencies and police with their enquiries and enforcement, even if not compelled to do so.”

Bitfinex dedicated a separate page on its website to explain how it approaches requests from law enforcement bodies.

Ultimately, it’s hard to predict how a particular platform would act in a real-life situation when a regulatory body is knocking on its door, or how evolving crypto regulation around the world could change the rules of the game in years to come. But the way platforms describe their approach might give some clues about what you can possibly expect.

 

Crypto Exchange
Reasons To Share Data With Government Agencies
Bakkt (last updated Oct. 28, 2020)
“Complying with our policies and obligations, including but not limited to, disclosures made in response to any requests from law enforcement authorities and/or regulators in accordance with any applicable law, rule, regulation, judicial or governmental order, regulatory authority of competent jurisdiction, discovery request, advice of counsel or similar legal process.”
Binance (last updated Jan. 12, 2022)
“When we believe release is appropriate to comply with the law or with our regulatory obligations; enforce or apply our Terms of Use and other agreements; or protect the rights, property or safety of Binance, our users or others.”
Bitfinex (last updated May 27, 2021)
“When such requests are received, Bitfinex requires that it be accompanied by appropriate legal process. This can vary from place to place. For example, production orders, search warrants, freezing orders, seizure orders and subpoenas, but also requests for voluntary disclosure of data may all amount to legal process. Bitfinex reviews each order and request for voluntary disclosure to determine that it has valid legal basis and that any response is narrowly tailored to ensure that only the data and/or remedy to which law enforcement is entitled is provided. In addition, in respect of requests relating to the freezing and/or seizing of assets, Bitfinex requires that the request (i) follows the relevant local jurisdiction’s legal process and (ii) contains all necessary instructions, including, where applicable, the duration of the freeze.”
BitMEX (last updated Aug. 28, 2020)
“Mandated by law or regulation, or required for the legal protection of our or third party legitimate interests, in compliance with applicable laws and regulations, and relevant / competent public authorities’ requests.”
Bitstamp (last updated Nov. 5, 2020)
“We may share your Personal Data with law enforcement, data protection authorities, government officials and other authorities when:
Compelled by court order or other legal procedure;
Disclosure is necessary to report suspected illegal activity; or
Disclosure is necessary to investigate violations of this Privacy Policy or our Terms of Use.”
Bittrex (last updated Dec. 31, 2019)
“To comply with any legal obligation, judgment or under an order from a court, tribunal or authority.”
Blockchain.com (last updated Dec. 16, 2021)
“We shall require any third-party, including without limitation, any government or enforcement entity, seeking access to the data we hold to a court order, or equivalent proof that they are statutorily authorised to access your data and that their request is valid and within their statutory or regulatory power.”
BlockFi (last updated June 15, 2021)
“Comply, as necessary, with applicable laws and regulatory requirements;
Respond to legal or governmental requests or demands for information (e.g., subpoena, court order, or other legal proceedings); and meet national security requirements.”
Celsius (last updated October, 2021)
“To comply with any applicable law, regulation, legal process or governmental request.”
Coinbase (last updated Oct. 8, 2021)
“When we are compelled to do so by a subpoena, court order, or similar legal procedure, or when we believe in good faith that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity, or to investigate violations of our User Agreement or any other applicable policies.”
Crypto.com (last updated Sept. 30, 2021)
“Where the law allows or requires us to do so.”
Deribit (undated)
“We may provide your personal data to competent authorities upon their request to the extent legally required or to the extent necessary to defend our rights in legal proceedings or investigations.”
eToro (last updated May 20, 2020)
“To comply with court orders, mandatory dispute resolution determinations and mandatory government authority or law enforcement orders or directions;
to assist regulatory, cybercrime, data and information protection agencies and police with their enquiries and enforcement, even if not compelled to do so.”
FTX (last updated Dec. 23, 2021)
“To comply with law enforcement or national security requests and legal process, such as a court order or subpoena; protect your, our or others’ rights, property, or safety; enforce our policies or contracts; collect amounts owed to us; or assist with an investigation or prosecution of suspected or actual illegal activity.”
Gemini (last updated Dec. 8, 2021)
“In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.”
Huobi (last updated April 27, 2021)
“In compliance with laws, regulations, rules and regulations or orders from courts of law or other competent authorities.”
Kraken (last updated Nov. 23, 2021)
“To comply with any applicable laws and regulations, subpoenas, court orders or other judicial processes, or requirements of any applicable regulatory authority.”
LocalBitcoins (last updated June 10, 2020)
“When such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests and/or the vital interests of a third-party.”
Nexo (undated)
Not specified
Okcoin (last updated Dec. 18, 2020)
“To comply with any law, court order, subpoenas or government requests.”
OKEx (last updated Dec. 3, 2020)
“To comply with government agencies, including regulators, law enforcement and/or justice departments.”
Paxful (undated)
“In response to a request by a government agency, such as law enforcement authorities or a judicial order.”
Poloniex (last updated May 4, 2020)
“To comply with any law, subpoenas, court orders, or government request, defend against claims, investigate or bring legal action against illegal or suspected illegal activities, enforce our Terms, or to protect the rights, safety, and security of us, our users, or the public.”
SALT (last updated Jan. 6, 2021)
“To comply with any court order, law, regulatory requirement or legal process, including to respond to any government or regulatory request.”


Data Retention

Another thing to pay attention to is how long your data is stored on the exchange’s servers after you’re no longer a client. Such disclosures often are put under the title “data retention” in privacy policies.

In most cases, it would take platforms about five years to erase your data after you part ways, but most also note that due to some specific reasons, like an ongoing investigation, they can keep your data longer.

Among the 24 companies, Bittrex and Bistamp mention the longest possible time for keeping users’ data, with each saying it might store information for up to 10 years after an account is deleted.

Bitstamp appeared to be the only company among the 24 that said it destroys biometric data as soon as account verification is complete.

Coinbase and LocalBitcoins provided the most detailed descriptions of how long they keep various kinds of data. LocalBitcoins also specified that the information of users who never actually used the platform to trade will be stored for a much shorter time than that of active users: up to 13 months compared to five years.

Crypto Exchange
Data Gets Erased After…
Bakkt (last updated Oct. 28, 2020)
Not specified
Binance (last updated Jan. 12, 2022)
Not specified
Bitfinex (last updated May 27, 2021)
Not specified
BitMEX (last updated Aug. 28, 2020)
6 years from the last interaction
Bitstamp (last updated Nov. 5, 2020)
Biometric data destroyed immediately after completion of ID verification process.
Other information: stored at least 5 years after account deletion, “in some cases up to ten years, as required by applicable law.”
Bittrex (last updated Dec. 31, 2019)
7-10 years after account deletion
Blockchain.com (last updated Dec. 16, 2021)
5 years or longer after deletion
BlockFi (last updated June 15, 2021)
Not specified
Celsius (last updated October 2021)
Not specified
Coinbase (last updated Oct. 8, 2021)
“Personal information collected to comply with our legal obligations under financial or anti-money laundering laws may be retained after account closure for as long as required under such laws.
Contact Information such as your name, email address and telephone number for marketing purposes is retained on an ongoing basis until you unsubscribe. Thereafter we will add your details to our suppression list to ensure we do not inadvertently market to you.
Content that you post on our website such as support desk comments, photographs, videos, blog posts, and other content may be kept after you close your account for audit and crime prevention purposes (e.g. to prevent a known fraudulent actor from opening a new account).
Recording of our telephone calls with you may be kept for a period of up to six years.
Information collected via technical means such as cookies, webpage counters and other analytics tools is kept for a period of up to one year from expiry of the cookie.”
Crypto.com (last updated Sept. 30, 2021)
5 years after account deletion.
“Email addresses and content, chats, letters will be kept up to 6 years following the end of our relationship, in accordance with the limitation period applicable in the Cayman Islands.”
Deribit (undated)
5 years or longer after account deletion
eToro (last updated May 20, 2020)
Not specified
FTX (last updated Dec. 23, 2021)
Not specified
Gemini (last updated Dec. 8, 2021)
Not specified
Huobi (last updated April 27, 2021)
Not specified
Kraken (last updated Nov. 23, 2021)
5 years or longer after account deletion
LocalBitcoins (last updated June 10, 2020)
“For all users who have deleted their account:
Personally-identifiable analytics data is removed 14 days after account deletion.
Notification data is not generally stored by our processors but they may retain activity logs for a short period of time (this time varies depending on the processor in question but is not greater than 13 months).
For users who have not conducted or initiated any trades or bitcoin transactions to their wallet, we will delete all personal data 14 days after the approval of your account deletion request.
For users who have conducted or initiated any trades or sent or received any bitcoin transactions using their wallet and whose account deletion request has been approved by us, our data deletion policy is the following:
Your public profile and advertisements will be hidden 14 days after you delete your account.
Your personal identification information, formal identification information, company information, financial and employment information, trade information, technical information and communication information will be deleted 5 years after you delete your account.
Bitcoin transaction information from our internal systems will be removed 5 years after you delete your account, with the exception of publicly available information on the Bitcoin blockchain.”
Nexo (undated)
Not specified
Okcoin (last updated Dec. 18, 2020)
Not specified
OKEx (last updated Dec. 3, 2020)
Not specified
Paxful (undated)
Not specified
Poloniex (last updated May 4, 2020)
Not specified
SALT (last updated Jan. 6, 2021)
Not specified


Data Protection

There is no universal standard for disclosing data security measures among crypto services: Some of them just say they take technological and organizational measures to ensure your information is safe, while others mention specific tech solutions, rules of access to their data centers and other steps.

Data security is a complex task, and to prevent attacks, companies in most cases refrain from fully disclosing the details and specifics of their data security systems, so as not to tip their hands to potential attackers.

In this sense, these disclosures serve not so much as attestations of platforms’ actual security level, but more as a demonstration of how straightforward and diligent they are in talking to users about privacy and security.

“If the company doesn’t outline how they protect user data, it is a red flag,” said Lili Rhodes, senior mining analyst at Compass Mining, a bitcoin mining firm in the U.S. “Users do not know how this company will safeguard their data in the event of a breach.”

Crypto Exchange
Data Protection Measures
Bakkt (last updated Oct. 28, 2020)
“Bakkt has implemented administrative, physical and technical safeguards designed to protect your Personal Information.”
Binance (last updated Jan. 12, 2022)
“We work to protect the security of your personal information during transmission by using encryption protocols and software. We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of your personal information.”
Bitfinex (last updated May 27, 2021)
“Internally, only people with a business need to know Personal Information, or whose duties reasonably require access to it, are granted access to customers’ Personal Information. Such individuals will only process your Personal Information on our instructions and are subject to a duty of confidentiality. We audit our personal compliance regularly.”
“The Site’s systems and data are reviewed periodically to ensure that you are getting a quality service and that leading security features are in place. We have put in place procedures to deal with any actual or suspected data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.”
BitMEX (last updated Aug. 28, 2020)
Not specified
Bitstamp (last updated Nov. 5, 2020)
“…security measures include, but are not limited to:
Password protected directories and databases; Secure Sockets Layered (SSL) technology to ensure that your information is fully encrypted and sent across the Internet securely; and PCI Scanning to actively protect our servers from hackers and other vulnerabilities.
All financially sensitive and/or credit information is transmitted via SSL technology and encrypted in our database. Only authorised Bitstamp personnel are permitted access to your Personal Data, and these personnel are required to treat the information as highly confidential.”
Bittrex (last updated Dec. 31, 2019)
“We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.”
Blockchain.com (last updated Dec. 16, 2021)
“We protect Personal Data with appropriate physical, technological and organisational safeguards and security measures. Your Personal Data comes to us via the internet which chooses its own routes and means, whereby information is conveyed from location to location. We audit our procedures and security measures regularly to ensure they are being properly administered and remain effective and appropriate. Every member of Blockchain is committed to our privacy policies and procedures to safeguard Personal Data. Our site has security measures in place to protect against the loss, misuse and unauthorised alteration of the information under our control. More specifically, our server uses TLS (Transport Layer Security) security protection by encrypting your Personal Data to prevent individuals from accessing such Personal Data as it travels over the internet.”
BlockFi (last updated June 15, 2021)
“We seek to protect non-public Personal Information that is provided to BlockFi by third parties and you by implementing physical and electronic safeguards. Where we believe appropriate, we employ firewalls, intrusion prevention, encryption technology, user authentication systems (i.e. passwords and personal identification numbers) and access control mechanisms to control access to systems and data. We endeavor to engage service providers that have security and confidentiality policies, if such service providers have access to our client’s Personal Information. We instruct our employees to use strict standards of care in handling the personal financial information of clients. As a general policy, our staff will not discuss or disclose information regarding an account except with authorized personnel of our service providers, as required by applicable law and regulatory requirements law or, pursuant to a regulatory request and/or authority.
Despite our efforts to protect the security of your information, no security system is always effective and we cannot guarantee that our systems will be completely secure.”
Celsius (last updated October 2021)
“We will take reasonable steps and use technical, administrative and physical security measures appropriate to the nature of the information and that comply with applicable laws to protect Personal Information against unauthorized access and exfiltration, acquisition, theft, or disclosure.”
Coinbase (last updated Oct. 8, 2021)
“We work to protect the security of your personal information during transmission by using encryption protocols and software. We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of your personal information.
For example, we use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorize access to personal information only for those employees who require it to fulfill their job responsibilities. Full credit card data is securely transferred and hosted off-site by payment vendors like Worldpay, (UK) Limited, Worldpay Limited, or Worldpay AP Limited (collectively ‘Worldpay’) in compliance with Payment Card Industry Data Security Standards (PCI DSS).”
Crypto.com (last updated Sept. 30, 2021)
“- Organisational measures (including but not limited to staff training and policy development);
– Technical measures (including but not limited to physical protection of data, pseudonymization and encryption); and
– Securing ongoing availability, integrity, and accessibility (including but not limited to ensuring appropriate back-ups of personal data are held).”
Deribit (undated)
“We will adopt appropriate technical and organisational measures to ensure that all the information is correct, current and complete and to prevent it from being accessed by unauthorised persons inside and outside our organisation. We use ‘best practices’ to secure your personal data. For instance, your personal data is encrypted with Secure Sockets Layered (SSL) technology and our directories and databases are password protected.”
eToro (last updated May 20, 2020)
“We protect your personal information by using data security technology and using tools such as firewalls and data encryption. We also require that you use a personal username and password every time you access your account online. As set out in the relevant eToro Entity’s terms and conditions, terms of business and/or terms of use, you must not share your password with anyone else. We restrict access to personal information at our offices so that only officers and/or
employees with a legitimate business purpose can access it.”
FTX (last updated Dec. 23, 2021)
“We take steps to ensure that your information is treated securely and in accordance with this Privacy Policy.”
Gemini (last updated Dec. 8, 2021)
“Measures we take may include encryption of the Gemini website communications with SSL; required two-factor authentication for all sessions; periodic review of our Personal Information collection, storage, and processing practices; and restricted access to your Personal Information on a need-to-know basis for our employees, contractors and agents who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.”
Huobi (last updated April 27, 2021)
“(1) Physical measures: Records containing Your personal data will be stored in a properly locked place.
(2) Electronic measures: Computer data containing Your personal information will be stored in computer systems and storage media that are subject to strict log-in restriction.
(3) Management measures: We have set up an internal safety defense department to protect the users’ information, established relevant internal control systems, and adopted the principle of strict authorization for our employees who may come into contact with Your information; therefore, only properly authorized employees are permitted to come into contact with Your personal information and such employees must comply with our internal confidentiality rules for personal data. Furthermore, we provide sustained training to our staff on relevant laws and regulations, privacy and safety guidelines, enhance publicity and education on safety awareness, and organize our relevant internal personnel to carry out emergency response training and emergency drills on a regular basis, so as to enable them to fully understand their job duties and emergency response strategies and procedures.
(4) Technical Measures: encryption technology such as Secure Socket Layer Encryption may be adopted to transfer Your personal data.
(5) Security Measures: In order to ensure Your information security, we are committed to using various currently available general security technologies and supporting management systems to minimize the risks that Your information may be disclosed, damaged, misused, accessed without authorization, disclosed without authorization or altered. For example, the Secure Socket Layer (SSL) software is used for encrypted transmission, encrypted information storage and strict restriction of data center access. When transmitting and storing sensitive personal information (including personal biometric information), we will adopt security measures such as encryption, authority control, removal of identification marks, and de-sensitization, inter alia.
(6) Other measures: We regularly review our personal data collection, storage and processing procedures; furthermore, we limit the access of our employees and suppliers to Your data in accordance with the principle of “as necessary”, and our employees and suppliers must abide by strict contractual confidentiality obligations.”
Kraken (last updated Nov. 23, 2021)
“We regularly train and raise awareness for all our employees to the importance of maintaining, safeguarding and respecting your personal information and privacy. We regard breaches of individuals’ privacy very seriously and will impose appropriate disciplinary measures, including dismissal from employment. We have also appointed a Group Data Protection Officer, to ensure that our Company manages and processes your personal information in compliance with the applicable privacy and data protection laws and regulations, and in accordance with this Privacy Notice…
Securely stored in a safe location, and only authorised personnel have access to it via a username and password. All personal information is transferred to the Company over a secure connection, and thus all reasonable measures are taken to prevent unauthorised parties from viewing any such information.”
“The Company uses encryption to protect your information and store decryption keys in separate systems.”
LocalBitcoins (last updated June 10, 2020)
Not specified
Nexo (undated)
“Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.”
Okcoin (last updated Dec. 18, 2020)
“We take various measures to ensure information security, including encryption of the Okcoin communications with SSL; required two-factor authentication for all sessions; periodic review of our Personal Data collection, storage, and processing practices; and restricted access to your Personal Data on a need-to-know basis for our employees and vendors who are subject to strict contractual confidentiality obligations.”
OKEx (last updated Dec. 3, 2020)
“We take various measures to ensure information security, including encryption of the OKEx communications with SSL; required two-factor authentication for all sessions; periodic review of our Personal Data collection, storage, and processing practices; and restricted access to your Personal Data on a need-to-know bases for our employees and vendors who are subject to strict contractual confidentiality obligations.”
Paxful (undated)
“Paxful has implemented safeguards designed to protect your Personal Data, including measures designed to prevent Personal Data against loss, misuse, and unauthorized access and disclosure.”
Poloniex (last updated May 4, 2020)
“We use industry-standard data encryption technology and have implemented restrictions related to the storage of and the ability to access your Personal Data. Our servers and business operations are entirely located in the United States.”
SALT (last updated Jan. 6, 2021)
“All information you provide to us is stored on our secure servers behind firewalls. Any payment transactions will be encrypted.”


What About Data Breaches?

What if security measures fail and the platform where you’re trading is breached? We checked the privacy policies for indications if these companies pledge to disclose security breaches and data leaks to their users.

Note that the answer “No” in the table does not mean the platform won’t tell you if it gets hacked; it means it doesn’t explicitly promise to do so if that happens.

A spokesperson for Nasdaq-listed Coinbase noted that many jurisdictions have rules about disclosing breaches to customers, which the crypto exchange follows, and that disclosing everything the company does to comply with laws would make a privacy policy an unwieldy read.

Crypto Exchange
Promise To Notify About Data Breaches?
Bakkt (last updated Oct. 28, 2020)
No
Binance (last updated Jan. 12, 2022)
No
Bitfinex (last updated May 27, 2021)
“Where we are legally required to do so”
BitMEX (last updated Aug. 28, 2020)
No
Bitstamp (last updated Nov. 5, 2020)
No
Bittrex (last updated Dec. 31, 2019)
“Where we are legally required to do so.”
Blockchain.com (last updated Dec. 16, 2021)
No
BlockFi (last updated June 15, 2021)
No
Celsius (last updated October, 2021)
No
Coinbase (last updated Oct. 8, 2021)
No
Crypto.com (last updated Sept. 30, 2021)
“Where we are legally required to do so”
Deribit (undated)
No
eToro (last updated May 20, 2020)
No
FTX (last updated Dec. 23, 2021)
“We may attempt to notify you electronically by posting a notice on the Services, by mail or by sending an e-mail to you.”
Gemini (last updated Dec. 8, 2021)
No
Huobi (last updated April 27, 2021)
No
Kraken (last updated Nov. 23, 2021)
No
LocalBitcoins (last updated June 10, 2020)
No
Nexo (undated)
No
Okcoin (last updated Dec. 18, 2020)
No
OKEx (last updated Dec. 3, 2020)
No
Paxful (undated)
No
Poloniex (last updated May 4, 2020)
No
SALT (last updated Jan. 6, 2021)
No

 

Privacy policies are not the most exciting reads (no comparison to price charts and market analytics). But if you want to check them yourself and see how the platforms you use treat your sensitive information, below you’ll find links to all the privacy policy pages CoinDesk reviewed for this story.

As they say: don’t trust, verify.

Privacy Policies Reviewed By CoinDesk

FTX

 

Updated: 1-28-2022

4 Reasons Privacy Coins Haven’t Taken Off

Privacy-preserving cryptocurrencies come with stigma and added expense.

The “Cypherpunk’s Manifesto” begins, “Privacy is necessary for an open society in the electronic age.” But privacy coins – cryptocurrencies with strong privacy features—have failed to take off.

Monero and zcash are both worth less today than what they were worth in 2018. In comparison, ether (ETH) is worth more than twice its 2018 high.

That’s just price, but the adoption metrics haven’t fared much better. Even on darknet markets, where you’d expect privacy coins to thrive, bitcoin (BTC) is still the asset of choice. See the Rand Corporation’s extensive work into illicit finance, which can be found through the Dark Web Observatory.

Fewer than 10% of zcash tokens in existence are even shielded or private. User and transaction growth has been mediocre across the board compared with smart contract platforms.

Privacy coins have been a disappointment. Why haven’t they taken off?

There are four primary reasons.

1. Nobody Wants To Transact In Privacy Coins

While people may want their money to be private, they don’t want to pay each other in privacy coins. When most people think of “private cryptocurrencies,” they imagine private BTC or ETH, or perhaps private stablecoins. Few people actually want to settle debts in a special coin whose only defining characteristic is that it can be private.

This is why Ethereum-based privacy systems like Tornado Cash have so much uptake in comparison. Tornado brings privacy to where people actually are – on smart contract chains, in currencies they actually want to use like ETH, USDC or DAI. Compare that to Monero, where the wallets, off-ramps and liquidity are so poor that most users will give up.

The other reason why Tornado has been successful is because it internalizes the costs of privacy on the users who actually care about it rather than forcing everyone to bear the costs of privacy. This brings us to the second reason why privacy coins haven’t been successful.

2. Privacy Isn’t Easy Yet

The history of HTTPS, the encrypted hypertext protocol used to access almost every website today, teaches us that people will only choose privacy when it’s easy.

Website connections used to be all in plaintext. Initially, HTTPS was only used on websites that handled credit cards or banking data because it was slow and cumbersome. HTTPS became the default only after the computational costs became cheap enough that websites could enforce it without users noticing.

Something similar happened for messaging services. WhatsApp, the largest end-to-end (E2E) encrypted service, quietly turned on E2E encryption in 2016 without ever consulting users.

These two changes have done more for privacy on the internet than perhaps anything else, and neither involved users making intentional decisions to be more private.

Compare that to the difficulty of using monero or zcash for conducting everyday transactions. Both require technical sophistication and impose very high friction to protect one’s privacy.

Which brings us to the third reason privacy coins have failed.

3. Most People Don’t Care About Privacy

This is the uncomfortable truth behind the failure of privacy coins.

Look at people’s revealed preferences. They use social media apps that openly sell data to third parties. They use Venmo and publicly broadcast their payments to the world.

They use SMS, which is stored in plaintext and can be subpoenaed by law enforcement, all while WhatsApp, Signal and Telegram are free and readily at hand.

It’s tempting to blame this situation on a lack of consumer awareness, but that doesn’t fit the facts. Take social media companies: Despite a parade of massive scandals, from Cambridge Analytica to last year’s Twitter hacks, social media use has never been higher.

Privacy is a public good. The iron rule of economics is that public goods are undersupplied by free markets. If only a small number of users use privacy-preserving technologies, the use of those technologies will become stigmatizing.

Compare WhatsApp, which makes E2E encryption ubiquitous and normal, to Monero, which is similarly private but instantly flagged as suspicious.

There are two underlying types of people here. First, there are people who don’t care at all about serious privacy and just want their immediate neighbors, spouses and friends not to know what they’re doing.

Blockchains like Bitcoin or Ethereum are fine for that; their unsophisticated neighbors won’t be able to track their activities.

Then there are the privacy-conscious people who want strong enough privacy controls to defend against sophisticated third parties. Technologies like Monero, when used correctly, are robust enough to deter corporations, governments and motivated attackers. But all of that comes at a steep price.

Few people are willing to pay what the privacy-conscious group is willing to pay for privacy. Until the cost of privacy decreases dramatically, we shouldn’t expect to see an HTTPS-style transformation come to crypto.

Which brings us to regulation.

4. To Survive A Bear Attack, You Don’t Need To Outrun A Bear – You Just Need To Outrun The Person Behind You

Privacy coins have always been the first target for regulatory inquisitions. When regulators are charged to “don’t just stand there, do something,” the easiest boogeyman is shadowy privacy coins.

On the regulatory side, we’ve seen a slew of privacy coin delistings in South Korea, Japan, the U.K. and the U.S. Governments are continually trying to tighten the noose on privacy coins (see here, here, and here).

Crypto lobbies have grown larger; huge swaths of retail and many institutions now own BTC and ETH. But very few institutions are willing to come to the defense of privacy coins. Rather than allow the entire industry to be tainted, many are content to let privacy coins become the sacrificial lamb.

I’m an admirer of the bold work Coin Center and the Electronic Frontier Foundation have done to protect the civil liberties of Americans when it comes to using privacy-preserving technologies. But I worry that when it comes to private cryptocurrencies, they’re fighting a losing battle.

Until then, expect regulators to continue scapegoating privacy coins, and expect their acceptance and liquidity to suffer for it. If I were a betting man, I’d expect painless privacy solutions that integrate with decentralized finance and stablecoins to be the biggest growth area in privacy.

A Look At EU’s GDPR and What It Means For Crypto Privacy

Can open, immutable blockchains ever meet GDPR’s privacy requirements?

Given the stupendous amount of personal information stored and transferred online, it’s good that regulators are moving to bolster consumer privacy. But these rules – ranging from the “right to be forgotten” to the ability query a database to see what information they keep about you on file – may bump up against the web the blockchain industry is building, sometimes called Web 3.

Crypto’s primary benefits stem from being open, transparent and immutable. Blockchain-based web apps are necessarily different than the multibillion-dollar “walled gardens” that dominant the internet today. Privacy laws were written with the old web in mind, the web of Facebook and Google.

It’s an open question whether blockchain can develop in a way to meet the requirements of contemporary digital privacy laws while still preserving the attributes that make it successful. This is especially true for the most significant data legislation on the books today, the European Union’s “General Data Protection Regulation” (GDPR).

Europe’s GDPR: An Overview

GDPR is the grandmaster of privacy frameworks. It governs how individuals’ personal data can be used across tech and other industry sectors within the EU’s jurisdiction. It covers all businesses that maintain records of users, regardless of whether or not they’re based in the EU.

In effect, GDPR means that companies cannot act wantonly or reckless with private, personal information ranging from someone’s Google search history to a Twitter user’s social graph.

This policy towards personal data is sometimes called privacy “by design” or “by default,” and applies to both software and hardware. It has major implications for blockchains that are, generally speaking, publicly auditable protocols.

According to GDPR rules, blockchains should be “privacy-preserving by design,” meaning developers must consider user privacy while designing and developing crypto platforms, as well as crypto-based products and services.

The immutability and broad availability of data on public and permissionless blockchains is an obvious challenge for developers. It’s a balancing act between ensuring users only provide as much personal data as actually needed to get the job done and the core tenets of this novel technology.

“After all, blockchains do not forget,” Michael Kunz, senior legal associate at MME, a Swiss law firm specialized in crypto and fintech, said during our after-hours chat. “So it is essential that developers get it right from the get-go.”

Crypto founders can benefit from a close look at GDPR’s existing policies regarding users’ personal data.

GDPR Section 3 Articles 16-17: Right To Data Rectification And Erasure

Article 17 of GDPR outlines the circumstances under which an individual has the right to have their personal data erased. Similarly, Article 16 gives users the right to rectify incorrect personal data within any organization’s database by providing a supplementary statement. While an individual’s ability to alter or erase data is conditional, that person’s legal ability to do so at all clashes with blockchain’s core tenant of data immutability.

Crypto projects can find solutions to existing data rectification and erasure requirements by, for instance, storing users’ sensitive data off-chain and using cryptographic systems for on-chain verification to ensure data authenticity.

Decentralized networks don’t necessarily need to be data operators, similarly to how decentralized exchanges (DEX) might not be classified as financial intermediaries. However, by definition, system decentralization needs to be agreed upon.

One might certainly hope that in the future a precise legal framework will be introduced that takes into account users having full control over their data and sharing them directly with third parties, knowing exactly what the data is being used for and why

GDPR Article 15: Right Of Access

In addition to a data subject’s explicit rights to access and erase his or her data, GDPR’s Article 15 also requires organizations to abide by the principles of data protection and privacy. As a result, businesses must operate in a way that minimizes extraneous data collection and ensure user privacy is a foundational consideration, rather than as an afterthought.

This may present issues for public blockchains that allow anyone to anonymously access information stored on its ledger without any limits to how often they do so, or records of when, where and by whom this information was accessed.

Enter actual privacy on a blockchain. Whenever discussing regulatory compliance, we ought to differentiate between transparency of the process and transparency of the data included in that process.

Zero-knowledge proofs and multi-party computation are technical solutions to this problem. As they are deployed today, zk-proofs and MPC offer ways to keep data recognizable and verifiable on-chain, without being explicitly tied to an identity.

Adam Gagol, chief technology officer for the enterprise-grade and privacy-preserving blockchain Aleph Zero, thinks these tools would effectively address most regulatory concerns about unrestricted data access.

GDPR Chapter 4: Data Controllers And Processors

Blockchain’s distributed nature makes it essentially impossible to identify a specific “data controller.” It is difficult to envision a world in which regulations permit fully decentralized organizations to operate freely without the ability to hold a legal entity responsible for what happens on the network.

At the same time, even if decentralized autonomous organizations (DAO) register as legal entities it is unlikely that every project will be able to identify a legal party that can be held accountable for each and every infraction that occurs on their network.

As a result, there isn’t a simple solution to GDPR’s need for an accountable party. Crypto projects concerned about potential legal liabilities on this front might be better off mitigating their overall risk by enacting stricter KYC/AML (know-your-customer and anti-money laundering) policies to curtail malicious user behavior that may implicate the entire network.

So how might fully decentralized systems remain compliant while still benefiting from a network’s public nature? I’ve had a sit-down with Pawel Kuskowski, former global head of AML at the Royal Bank of Scotland and a founder of Gatenox, which offers a decentralized identifier (DID) system built on top of the Aleph Zero network.

Here’s What He Thinks: “The key is to clearly separate the responsibilities of creators and operators of a given blockchain and smart contracts developers, self-governed identity providers, as well as users of these solutions.”

This will become all the more important given the exponential growth of crypto markets. The question is whether crypto developers and organizations like DAOs will see the ethical mandate to comply with regulations.

Proactively Protecting Users

The above is just an overview of a few challenges the blockchain sector faces, especially those concerned about privacy. A deeper exploration should entail a discussion involving specific policy frameworks and user applications.

Although I cannot offer specific predictions for the future, I believe regulators will eventually draft relatively permissive laws that allow for responsible data sharing and growth, rather than treating the entire industry as an undesirable, privacy-violating monolith.

Rather than waiting to see what regulators decide, it’s up to crypto founders to proactively protect their users’ personal data while ensuring full online accountability. In other words, we should not shy away from balanced, well-intentioned privacy regulations – either now or in the future.

 

Updated: 1-29-2022

Bitcoin Protects Privacy And Fights Oppression

Central bank digital currencies, on the other hand, are financial surveillance on steroids.

Surveillance is power, as authoritarian regimes across history have known. The emergence of the internet in the late 20th century made surveillance easier than ever by creating a historically unprecedented repository of information about individuals and organizations stored on servers throughout the world.

Over the years the dangers of the internet’s panopticon have pushed many ordinary people to fight back – advocating for regulation via their governments where possible, but also by developing their own technological defenses, including popular tools like encrypted email and messaging platforms. It is no exaggeration to say that without privacy individual freedoms cannot long survive.

And the battle for privacy in the digital age is now headed to its newest and perhaps most consequential stage with the emergence of central bank digital currencies, (CBDC).

CBDCs are central government’s attempts to turn blockchain technology to its own use, utilizing its efficiencies for storing and transferring value but also through the social control via surveillance that it makes possible.

CBDCs have clear benefits over the analog financial system, but alongside the promise of increased financial access and efficiency they also expose citizens to a level of potential surveillance inconceivable in the past.

An authoritarian government administering a CBDC would have total oversight of every transaction anywhere on Earth using that currency, as well as the ability to freeze, expropriate or even force-spend funds owned by private individuals as it deemed fit.

The prospect of such state-controlled currencies, like the digital yuan already being rolled out in China, also highlights why a technology like Bitcoin might wind up in future being the only insurance against financial repression in authoritarian countries, and even in democracies like the United States.

The gravity of this issue, as it pertains to privacy and surveillance, is especially clear to me.

As a journalist I spent years reporting on classified documents provided by National Security Agency (NSA) whistle-blower Edward Snowden. The documents showed in incredible detail the powers the U.S. government had gained to surveil and, by extension, control the lives of individuals whose communications fell under its massive global dragnet.
Decentralized currencies like bitcoin represent a possible safe haven against future government overreach in a world built upon CBDCs.

Behind the scenes the NSA had developed the power to collect essentially any private message or metadata it sought from devices around the world, including from American citizens who had never suspected the level of power their government privately held over them. Surveillance can ruin lives, and I have seen up close the impact it can have on innocent people caught up in a digital dragnet.

CBDCs have the potential to supercharge the surveillance power created by the internet even further. Whereas Web 2 revolutionized how information could be created and spread, Web 3 will do the same for the creation and dissemination of economic value. Governments will seek to have as tight a control as possible over this, just as they did with the internet.

The prospect of the government in a country like China having near-total ability to monitor and manipulate the information its citizens see has been serious enough but, as soon seems possible, it gains the same level of control over people’s ability to conduct even the smallest economic activity, we will be in an altogether new world of repression.

Many countries around the world are already following China’s lead in developing their own CBDC projects, including the United States with a digital dollar.

Americans will likely expect that their government will act in good faith in how it administers such a currency, creating and enforcing regulations that protect their privacy and freedom. But as the Snowden documents have already shown, assumptions of good faith are not particularly durable.

Politics can help secure rights, but it’s not enough. Just as encrypted email and messaging platforms give individuals a robust personal defense against surveillance abuse, decentralized currencies like bitcoin represent a possible safe haven against future government overreach in a world built upon CBDCs.

The debate now taking place over the future role of bitcoin and other cryptocurrencies rarely takes the issue of privacy in the digital age into account. Bitcoin is often accused by critics of having no worthwhile use case or for serving as a tool for criminals and terrorists to conceal their activity.

But similar accusations were often leveled against encrypted email in the past. While it’s true that criminals sometimes also benefit from the existence of privacy, that same privacy is what allows the vast majority of law-abiding citizens to preserve their civil liberties.

Counting on regulation alone to do the job of protecting privacy on its own seems like a poor wager, given that regulation has failed to ensure such protections in democracies like the United States. Such a prospect of benevolent governance does not even notionally exist in undemocratic countries.

It is not hard to imagine a future coming where bitcoin and other currencies are the only safe harbor for people fleeing government abuses that have, sadly, proven to be common across the world.

In 1975, describing an analog age of spying that involved phone taps and physical bugging that we would now consider quaint, Sen. Frank Church (D-Idaho) warned of the dangers of the information surveillance regime already growing in the United States.

The surveillance power of the government and its security agencies could “at any time could be turned around on the American people, and no American would have any privacy left. Such is the capability to monitor everything: telephone conversations, telegrams, it doesn’t matter. There would be no place to hide,” he said.

Church spelled out what this would mean for democracy. If a dictator were to ever take power in the United States, that person could use surveillance “to impose total tyranny, and there would be no way to fight back.”

The government now has surveillance powers beyond what Sen. Church could ever dream of then, and those powers are on the cusp of becoming even more powerful as digital currencies rise to prominence. These state-backed digital currencies will be the next battleground in the fight over privacy, and no weapon can be discarded in defense against their possible abuse.

Bitcoin is not exempt from critique, but because of its decentralized protocol it is the most likely bet to offer strong resistance against a future financial panopticon. Those who have known what it is like to have their freedoms quashed by regimes of surveillance and social control, in the United States and abroad, know the potential virtues of censorship-resistance currency cannot be lightly dismissed.

Neither bitcoin nor cryptography in general can be a wholesale substitute for politics. But they offer a practical way to protect the most vulnerable from predation in the digital age. In the brave, new financial system now on the horizon, they are tools we will need on our side.

 

Updated: 1-30-2022

Privacy, Security, Connectivity: Can We Have It All? (Podcast)

This podcast takes a deep dive into the ideals, tools and future of privacy and crypto, addressing all facets of privacy in Web 3.

Joining “Money Reimagined” hosts Michael Casey and Sheila Warren are two guests familiar with not just the privacy pitfalls of today’s internet, but the possible solutions available to protect users.

Often recognized as the father of digital currency, David Chaum has had an accomplished career in privacy-focused digital tools, first as the founder of DigiCash and now with his new secure messaging platform xx messenger.

Alongside Chaum is Tor Bair, the founder of Secret Foundation, one of the core organizations supporting the private-by-default blockchain Secret Network.

Though most people understand that online privacy is a problem, the majority seem willing to trade privacy for convenience and connectivity.

As a result, the privacy concerns in Web 2 have become staggeringly large, as displayed in the countless data access hacks, scandals like Cambridge Analytica and Edward Snowden’s National Security Agency revelations, among others.

Within the crypto industry, the concept of transparency is highly valued, but where is the balancing point between that transparency and privacy?

Creating a secure network is important, but security is often directly tied with identity. Cryptographers have devised ways to separate the two, but will these methodologies become pervasive in Web 3?

Updated: 2-10-2022

To Understand Bitcoin, We Need To Understand What Money Is

How do financial experts reach vastly different conclusions about bitcoin and its role? The answer lies in a misunderstanding of what money is.

Related:

The Bullish Case For Bitcoin – Bitcoin Magazine LIVE #35

Recently, a popular financial Twitter (or #FinTwit) personality joined the financial TV channel Real Vision and said that “bitcoin is a pretty terrible form of money.” The same day, Fidelity Digital Assets released a report called “Bitcoin First: Why investors need to consider bitcoin separately from other digital assets,” claiming that “Bitcoin is best understood as a monetary good.

Bitcoin is likely to be the primary monetary good and another digital asset is not likely to supersede bitcoin in this role.” How can financial experts come to these vastly different conclusions? The answer lies in a misunderstanding of what money is.

This article originally appeared in Crypto for Advisors, CoinDesk’s weekly newsletter defining crypto, digital assets and the future of finance.

What Is Money, Really?

What is money? It’s one of my favorite questions to ask clients. There is no right or wrong answer, and financial advisors rarely ask this question themselves. The key to understanding bitcoin is learning monetary history and gaining knowledge of digital networks. We’ll focus on deconstructing what money is for the first part of this series.

Throughout history, we’ve moved from physical primitive goods, such as money like seashells and wampum, to physical metals like gold and silver to paper receipts backed by physical metals to government-issued fully fiat currencies.

“The better the money is at holding its value, the more it incentivizes people to delay consumption and instead dedicate resources for production in the future, leading to capital accumulation and improvement of living standards,” economist Saifedean Ammous wrote in his book “The Bitcoin Standard.

We’ve only known a fiat system during our lifetimes, so it’s not easy to comprehend anything else. Money is what we receive for the economic output we provide to society. Instead of needing a scale to weigh out precious metals, we have a scale in that dollars are our unit of account and our measuring stick on what something costs.

Money allows us to specialize and become an expert and pay for expertise from others. Money provides for trade.

Money’s Five Critical Traits

Money does not need to increase in quantity to be effective; it needs to have five critical traits – divisibility, scarcity, portability, recognizability and durability. Gold was money for thousands of years, and an ounce of gold in Roman times bought a tailored tunic, in the 1970s a fitted suit and today a broad array of fine custom suits.

Gold, while having scarcity, durability and recognizability, fails miserably at being divisible and portable. Gold receipts and fiat currency solved this issue and allowed global trade to expand.

Fiat currency is outstanding at solving for divisibility, portability and recognizability. The problems lie in scarcity and durability, again missing the mark at being optimal money. Bitcoin has all five properties of money, but, like any money in existence, the demand needs to be there.

In a previous article for this newsletter on bitcoin and inflation, I shared data highlighting the growth of demand for bitcoin. NYDIG recently shared that Bitcoin processed $3.0 trillion worth of payments in 2021, exceeding the transaction volume of American Express ($1.28 trillion) and Discover ($504 billion).
How bitcoin functions as money

The stages of monetization for any object over history has followed a similar cycle: the object being collectible, a storage of value, a medium of exchange and a unit of account. Until fiat currency, part of what gave something value was the difficulty in obtaining it or the time to create it.

Bitcoin solves this value proposition by its mining process, called proof-of-work, and the difficulty adjustment, which allows the mining network to adjust up or down the computing power needed to solve for the next block. The difficulty adjustment goal is to help ensure the supply schedule remains very predictable, which is a new block every 10 minutes.

It’s an effective, yet simple, solution to a very complicated computer science problem for distributed consensus networks.

Bitcoin mining is costly and time-consuming, yet the verification of the transactions by nodes on the network located around the globe is effortless and almost free. Bitcoin’s most significant benefit is having a final settlement in a digital world in record time, leveraging the mainchain or the Lighting network, depending on the needs of the parties involved. (When measuring speed, you must include “final” settlement – for example, credit card transactions are not finalized before 24 hours.)

The Future Of Money

Money is what allows individuals and businesses to function and thrive. Money that has all five key traits – divisibility, scarcity, portability, recognizability and durability – helps to enhance trade and economies, as all actors use the same unit of measure. Imagine for a minute we are playing Monopoly, and I am the banker – and in each round, instead of abiding by the rules established at the beginning of the game, I institute a new tweak or change. How do you strategize for your turn? How do you plan for the roll after this one?

Money is no different, as individuals and businesses make these decisions subconsciously. And when we all use the same ruler to measure goods and services, that unlocks a more productive society and economy. In my view, bitcoin as money makes that a possibility – it allows for savings, not credit, to be what families run on, quick and inexpensive payments, and an incentive structure to reward value creation. By producing value and living within your means, your purchasing power can increase by simply saving – not decrease like it does today.

Bitcoin is a nearly $1 trillion asset today in a world that is orders of magnitude larger. As Bitcoin becomes a teenager in 2022, what could a world using bitcoin as money be like? In part two of this series, join me as we unpack that world.

 

 

 

Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,Leaders Of The Digital,

 

 

Related Articles:

Bitcoin Information & Resources (#GotBitcoin?)

Meet Brian Klein, Crypto’s Own ‘High-Stakes’ Trial Attorney (#GotBitcoin?)

3 Reasons For The Bitcoin Price ‘Halving Dump’ From $10K To $8.1K

Bitcoin Outlives And Outlasts Naysayers And First Website That Declared It Dead Back In 2010

Hedge Fund Pioneer Turns Bullish On Bitcoin Amid ‘Unprecedented’ Monetary Inflation

Antonopoulos: Chainalysis Is Helping World’s Worst Dictators & Regimes (#GotBitcoin?)

Survey Shows Many BTC Holders Use Hardware Wallet, Have Backup Keys (#GotBitcoin?)

Iran Ditches The Rial Amid Hyperinflation As Localbitcoins Seem To Trade Near $35K

Buffett ‘Killed His Reputation’ by Being Stupid About BTC, Says Max Keiser (#GotBitcoin?)

Meltem Demirors: “Bitcoin Is Not A F*Cking Systemic Hedge If You Hold Your Bitcoin At A Financial Institution”

Blockfolio Quietly Patches Years-Old Security Hole That Exposed Source Code (#GotBitcoin?)

Bitcoin Won As Store of Value In Coronavirus Crisis — Hedge Fund CEO

Decentralized VPN Gaining Steam At 100,000 Users Worldwide (#GotBitcoin?)

Crypto Exchange Offers Credit Lines so Institutions Can Trade Now, Pay Later (#GotBitcoin?)

Zoom Develops A Cryptocurrency Paywall To Reward Creators Video Conferencing Sessions (#GotBitcoin?)

Bitcoin Startup Purse.io And Major Bitcoin Cash Partner To Shut Down After 6-Year Run

Open Interest In CME Bitcoin Futures Rises 70% As Institutions Return To Market

Square’s Users Can Route Stimulus Payments To BTC-Friendly Cash App

$1.1 Billion BTC Transaction For Only $0.68 Demonstrates Bitcoin’s Advantage Over Banks

Bitcoin Could Become Like ‘Prison Cigarettes’ Amid Deepening Financial Crisis

Bitcoin Holds Value As US Debt Reaches An Unfathomable $24 Trillion

How To Get Money (Crypto-currency) To People In An Emergency, Fast

US Intelligence To Study What Would Happen If U.S. Dollar Lost Its Status As World’s Reserve Currency (#GotBitcoin?)

Bitcoin Miner Manufacturers Mark Down Prices Ahead of Halving

Privacy-Oriented Browsers Gain Traction (#GotBitcoin?)

‘Breakthrough’ As Lightning Uses Web’s Forgotten Payment Code (#GotBitcoin?)

Bitcoin Starts Quarter With Price Down Just 10% YTD vs U.S. Stock’s Worst Quarter Since 2008

Bitcoin Enthusiasts, Liberal Lawmakers Cheer A Fed-Backed Digital Dollar

Crypto-Friendly Bank Revolut Launches In The US (#GotBitcoin?)

The CFTC Just Defined What ‘Actual Delivery’ of Crypto Should Look Like (#GotBitcoin?)

Crypto CEO Compares US Dollar To Onecoin Scam As Fed Keeps Printing (#GotBitcoin?)

Stuck In Quarantine? Become A Blockchain Expert With These Online Courses (#GotBitcoin?)

Bitcoin, Not Governments Will Save the World After Crisis, Tim Draper Says

Crypto Analyst Accused of Photoshopping Trade Screenshots (#GotBitcoin?)

QE4 Begins: Fed Cuts Rates, Buys $700B In Bonds; Bitcoin Rallies 7.7%

Mike Novogratz And Andreas Antonopoulos On The Bitcoin Crash

Amid Market Downturn, Number of People Owning 1 BTC Hits New Record (#GotBitcoin?)

Fatburger And Others Feed $30 Million Into Ethereum For New Bond Offering (#GotBitcoin?)

Pornhub Will Integrate PumaPay Recurring Subscription Crypto Payments (#GotBitcoin?)

Intel SGX Vulnerability Discovered, Cryptocurrency Keys Threatened

Bitcoin’s Plunge Due To Manipulation, Traditional Markets Falling or PlusToken Dumping?

Countries That First Outlawed Crypto But Then Embraced It (#GotBitcoin?)

Bitcoin Maintains Gains As Global Equities Slide, US Yield Hits Record Lows

HTC’s New 5G Router Can Host A Full Bitcoin Node

India Supreme Court Lifts RBI Ban On Banks Servicing Crypto Firms (#GotBitcoin?)

Analyst Claims 98% of Mining Rigs Fail to Verify Transactions (#GotBitcoin?)

Blockchain Storage Offers Security, Data Transparency And immutability. Get Over it!

Black Americans & Crypto (#GotBitcoin?)

Coinbase Wallet Now Allows To Send Crypto Through Usernames (#GotBitcoin)

New ‘Simpsons’ Episode Features Jim Parsons Giving A Crypto Explainer For The Masses (#GotBitcoin?)

Crypto-currency Founder Met With Warren Buffett For Charity Lunch (#GotBitcoin?)

Witches Love Bitcoin

Bitcoin’s Potential To Benefit The African And African-American Community

Coinbase Becomes Direct Visa Card Issuer With Principal Membership

Bitcoin Achieves Major Milestone With Half A Billion Transactions Confirmed

Jill Carlson, Meltem Demirors Back $3.3M Round For Non-Custodial Settlement Protocol Arwen

Crypto Companies Adopt Features Similar To Banks (Only Better) To Drive Growth (#GotBitcoin?)

Top Graphics Cards That Will Turn A Crypto Mining Profit (#GotBitcoin?)

Bitcoin Usage Among Merchants Is Up, According To Data From Coinbase And BitPay

Top 10 Books Recommended by Crypto (#Bitcoin) Thought Leaders

Twitter Adds Bitcoin Emoji, Jack Dorsey Suggests Unicode Does The Same

Bitcoiners Are Now Into Fasting. Read This Article To Find Out Why

You Can Now Donate Bitcoin Or Fiat To Show Your Support For All Of Our Valuable Content

2019’s Top 10 Institutional Actors In Crypto (#GotBitcoin?)

What Does Twitter’s New Decentralized Initiative Mean? (#GotBitcoin?)

Crypto-Friendly Silvergate Bank Goes Public On New York Stock Exchange (#GotBitcoin?)

Bitcoin’s Best Q1 Since 2013 To ‘Escalate’ If $9.5K Is Broken

Billionaire Investor Tim Draper: If You’re a Millennial, Buy Bitcoin

What Are Lightning Wallets Doing To Help Onboard New Users? (#GotBitcoin?)

If You Missed Out On Investing In Amazon, Bitcoin Might Be A Second Chance For You (#GotBitcoin?)

2020 And Beyond: Bitcoin’s Potential Protocol (Privacy And Scalability) Upgrades (#GotBitcoin?)

US Deficit Will Be At Least 6 Times Bitcoin Market Cap — Every Year (#GotBitcoin?)

Central Banks Warm To Issuing Digital Currencies (#GotBitcoin?)

Meet The Crypto Angel Investor Running For Congress In Nevada (#GotBitcoin?)

Introducing BTCPay Vault – Use Any Hardware Wallet With BTCPay And Its Full Node (#GotBitcoin?)

How Not To Lose Your Coins In 2020: Alternative Recovery Methods (#GotBitcoin?)

H.R.5635 – Virtual Currency Tax Fairness Act of 2020 ($200.00 Limit) 116th Congress (2019-2020)

Adam Back On Satoshi Emails, Privacy Concerns And Bitcoin’s Early Days

The Prospect of Using Bitcoin To Build A New International Monetary System Is Getting Real

How To Raise Funds For Australia Wildfire Relief Efforts (Using Bitcoin And/Or Fiat )

Former Regulator Known As ‘Crypto Dad’ To Launch Digital-Dollar Think Tank (#GotBitcoin?)

Currency ‘Cold War’ Takes Center Stage At Pre-Davos Crypto Confab (#GotBitcoin?)

A Blockchain-Secured Home Security Camera Won Innovation Awards At CES 2020 Las Vegas

Bitcoin’s Had A Sensational 11 Years (#GotBitcoin?)

Sergey Nazarov And The Creation Of A Decentralized Network Of Oracles

Google Suspends MetaMask From Its Play App Store, Citing “Deceptive Services”

Christmas Shopping: Where To Buy With Crypto This Festive Season

At 8,990,000% Gains, Bitcoin Dwarfs All Other Investments This Decade

Coinbase CEO Armstrong Wins Patent For Tech Allowing Users To Email Bitcoin

Bitcoin Has Got Society To Think About The Nature Of Money

How DeFi Goes Mainstream In 2020: Focus On Usability (#GotBitcoin?)

Dissidents And Activists Have A Lot To Gain From Bitcoin, If Only They Knew It (#GotBitcoin?)

At A Refugee Camp In Iraq, A 16-Year-Old Syrian Is Teaching Crypto Basics

Bitclub Scheme Busted In The US, Promising High Returns From Mining

Bitcoin Advertised On French National TV

Germany: New Proposed Law Would Legalize Banks Holding Bitcoin

How To Earn And Spend Bitcoin On Black Friday 2019

The Ultimate List of Bitcoin Developments And Accomplishments

Charities Put A Bitcoin Twist On Giving Tuesday

Family Offices Finally Accept The Benefits of Investing In Bitcoin

An Army Of Bitcoin Devs Is Battle-Testing Upgrades To Privacy And Scaling

Bitcoin ‘Carry Trade’ Can Net Annual Gains With Little Risk, Says PlanB

Max Keiser: Bitcoin’s ‘Self-Settlement’ Is A Revolution Against Dollar

Blockchain Can And Will Replace The IRS

China Seizes The Blockchain Opportunity. How Should The US Respond? (#GotBitcoin?)

Jack Dorsey: You Can Buy A Fraction Of Berkshire Stock Or ‘Stack Sats’

Bitcoin Price Skyrockets $500 In Minutes As Bakkt BTC Contracts Hit Highs

Bitcoin’s Irreversibility Challenges International Private Law: Legal Scholar

Bitcoin Has Already Reached 40% Of Average Fiat Currency Lifespan

Yes, Even Bitcoin HODLers Can Lose Money In The Long-Term: Here’s How (#GotBitcoin?)

Unicef To Accept Donations In Bitcoin (#GotBitcoin?)

Former Prosecutor Asked To “Shut Down Bitcoin” And Is Now Face Of Crypto VC Investing (#GotBitcoin?)

Switzerland’s ‘Crypto Valley’ Is Bringing Blockchain To Zurich

Next Bitcoin Halving May Not Lead To Bull Market, Says Bitmain CEO

Tim Draper Bets On Unstoppable Domain’s .Crypto Domain Registry To Replace Wallet Addresses (#GotBitcoin?)

Bitcoin Developer Amir Taaki, “We Can Crash National Economies” (#GotBitcoin?)

Veteran Crypto And Stocks Trader Shares 6 Ways To Invest And Get Rich

Have I Missed The Boat? – Best Ways To Purchase Cryptocurrency

Is Chainlink Blazing A Trail Independent Of Bitcoin?

Nearly $10 Billion In BTC Is Held In Wallets Of 8 Crypto Exchanges (#GotBitcoin?)

SEC Enters Settlement Talks With Alleged Fraudulent Firm Veritaseum (#GotBitcoin?)

Blockstream’s Samson Mow: Bitcoin’s Block Size Already ‘Too Big’

Attorneys Seek Bank Of Ireland Execs’ Testimony Against OneCoin Scammer (#GotBitcoin?)

OpenLibra Plans To Launch Permissionless Fork Of Facebook’s Stablecoin (#GotBitcoin?)

Tiny $217 Options Trade On Bitcoin Blockchain Could Be Wall Street’s Death Knell (#GotBitcoin?)

Class Action Accuses Tether And Bitfinex Of Market Manipulation (#GotBitcoin?)

Sharia Goldbugs: How ISIS Created A Currency For World Domination (#GotBitcoin?)

Bitcoin Eyes Demand As Hong Kong Protestors Announce Bank Run (#GotBitcoin?)

How To Securely Transfer Crypto To Your Heirs

‘Gold-Backed’ Crypto Token Promoter Karatbars Investigated By Florida Regulators (#GotBitcoin?)

Crypto News From The Spanish-Speaking World (#GotBitcoin?)

Financial Services Giant Morningstar To Offer Ratings For Crypto Assets (#GotBitcoin?)

‘Gold-Backed’ Crypto Token Promoter Karatbars Investigated By Florida Regulators (#GotBitcoin?)

The Original Sins Of Cryptocurrencies (#GotBitcoin?)

Bitcoin Is The Fraud? JPMorgan Metals Desk Fixed Gold Prices For Years (#GotBitcoin?)

Israeli Startup That Allows Offline Crypto Transactions Secures $4M (#GotBitcoin?)

[PSA] Non-genuine Trezor One Devices Spotted (#GotBitcoin?)

Bitcoin Stronger Than Ever But No One Seems To Care: Google Trends (#GotBitcoin?)

First-Ever SEC-Qualified Token Offering In US Raises $23 Million (#GotBitcoin?)

You Can Now Prove A Whole Blockchain With One Math Problem – Really

Crypto Mining Supply Fails To Meet Market Demand In Q2: TokenInsight

$2 Billion Lost In Mt. Gox Bitcoin Hack Can Be Recovered, Lawyer Claims (#GotBitcoin?)

Fed Chair Says Agency Monitoring Crypto But Not Developing Its Own (#GotBitcoin?)

Wesley Snipes Is Launching A Tokenized $25 Million Movie Fund (#GotBitcoin?)

Mystery 94K BTC Transaction Becomes Richest Non-Exchange Address (#GotBitcoin?)

A Crypto Fix For A Broken International Monetary System (#GotBitcoin?)

Four Out Of Five Top Bitcoin QR Code Generators Are Scams: Report (#GotBitcoin?)

Waves Platform And The Abyss To Jointly Launch Blockchain-Based Games Marketplace (#GotBitcoin?)

Bitmain Ramps Up Power And Efficiency With New Bitcoin Mining Machine (#GotBitcoin?)

Ledger Live Now Supports Over 1,250 Ethereum-Based ERC-20 Tokens (#GotBitcoin?)

Miss Finland: Bitcoin’s Risk Keeps Most Women Away From Cryptocurrency (#GotBitcoin?)

Artist Akon Loves BTC And Says, “It’s Controlled By The People” (#GotBitcoin?)

Ledger Live Now Supports Over 1,250 Ethereum-Based ERC-20 Tokens (#GotBitcoin?)

Co-Founder Of LinkedIn Presents Crypto Rap Video: Hamilton Vs. Satoshi (#GotBitcoin?)

Crypto Insurance Market To Grow, Lloyd’s Of London And Aon To Lead (#GotBitcoin?)

No ‘AltSeason’ Until Bitcoin Breaks $20K, Says Hedge Fund Manager (#GotBitcoin?)

NSA Working To Develop Quantum-Resistant Cryptocurrency: Report (#GotBitcoin?)

Custody Provider Legacy Trust Launches Crypto Pension Plan (#GotBitcoin?)

Vaneck, SolidX To Offer Limited Bitcoin ETF For Institutions Via Exemption (#GotBitcoin?)

Russell Okung: From NFL Superstar To Bitcoin Educator In 2 Years (#GotBitcoin?)

Bitcoin Miners Made $14 Billion To Date Securing The Network (#GotBitcoin?)

Why Does Amazon Want To Hire Blockchain Experts For Its Ads Division?

Argentina’s Economy Is In A Technical Default (#GotBitcoin?)

Blockchain-Based Fractional Ownership Used To Sell High-End Art (#GotBitcoin?)

Portugal Tax Authority: Bitcoin Trading And Payments Are Tax-Free (#GotBitcoin?)

Bitcoin ‘Failed Safe Haven Test’ After 7% Drop, Peter Schiff Gloats (#GotBitcoin?)

Bitcoin Dev Reveals Multisig UI Teaser For Hardware Wallets, Full Nodes (#GotBitcoin?)

Bitcoin Price: $10K Holds For Now As 50% Of CME Futures Set To Expire (#GotBitcoin?)

Bitcoin Realized Market Cap Hits $100 Billion For The First Time (#GotBitcoin?)

Stablecoins Begin To Look Beyond The Dollar (#GotBitcoin?)

Bank Of England Governor: Libra-Like Currency Could Replace US Dollar (#GotBitcoin?)

Binance Reveals ‘Venus’ — Its Own Project To Rival Facebook’s Libra (#GotBitcoin?)

The Real Benefits Of Blockchain Are Here. They’re Being Ignored (#GotBitcoin?)

CommBank Develops Blockchain Market To Boost Biodiversity (#GotBitcoin?)

SEC Approves Blockchain Tech Startup Securitize To Record Stock Transfers (#GotBitcoin?)

SegWit Creator Introduces New Language For Bitcoin Smart Contracts (#GotBitcoin?)

You Can Now Earn Bitcoin Rewards For Postmates Purchases (#GotBitcoin?)

Bitcoin Price ‘Will Struggle’ In Big Financial Crisis, Says Investor (#GotBitcoin?)

Fidelity Charitable Received Over $100M In Crypto Donations Since 2015 (#GotBitcoin?)

Would Blockchain Better Protect User Data Than FaceApp? Experts Answer (#GotBitcoin?)

Just The Existence Of Bitcoin Impacts Monetary Policy (#GotBitcoin?)

What Are The Biggest Alleged Crypto Heists And How Much Was Stolen? (#GotBitcoin?)

IRS To Cryptocurrency Owners: Come Clean, Or Else!

Coinbase Accidentally Saves Unencrypted Passwords Of 3,420 Customers (#GotBitcoin?)

Bitcoin Is A ‘Chaos Hedge, Or Schmuck Insurance‘ (#GotBitcoin?)

Bakkt Announces September 23 Launch Of Futures And Custody

Coinbase CEO: Institutions Depositing $200-400M Into Crypto Per Week (#GotBitcoin?)

Researchers Find Monero Mining Malware That Hides From Task Manager (#GotBitcoin?)

Crypto Dusting Attack Affects Nearly 300,000 Addresses (#GotBitcoin?)

A Case For Bitcoin As Recession Hedge In A Diversified Investment Portfolio (#GotBitcoin?)

SEC Guidance Gives Ammo To Lawsuit Claiming XRP Is Unregistered Security (#GotBitcoin?)

15 Countries To Develop Crypto Transaction Tracking System: Report (#GotBitcoin?)

US Department Of Commerce Offering 6-Figure Salary To Crypto Expert (#GotBitcoin?)

Mastercard Is Building A Team To Develop Crypto, Wallet Projects (#GotBitcoin?)

Canadian Bitcoin Educator Scams The Scammer And Donates Proceeds (#GotBitcoin?)

Amazon Wants To Build A Blockchain For Ads, New Job Listing Shows (#GotBitcoin?)

Shield Bitcoin Wallets From Theft Via Time Delay (#GotBitcoin?)

Blockstream Launches Bitcoin Mining Farm With Fidelity As Early Customer (#GotBitcoin?)

Commerzbank Tests Blockchain Machine To Machine Payments With Daimler (#GotBitcoin?)

Bitcoin’s Historical Returns Look Very Attractive As Online Banks Lower Payouts On Savings Accounts (#GotBitcoin?)

Man Takes Bitcoin Miner Seller To Tribunal Over Electricity Bill And Wins (#GotBitcoin?)

Bitcoin’s Computing Power Sets Record As Over 100K New Miners Go Online (#GotBitcoin?)

Walmart Coin And Libra Perform Major Public Relations For Bitcoin (#GotBitcoin?)

Judge Says Buying Bitcoin Via Credit Card Not Necessarily A Cash Advance (#GotBitcoin?)

Poll: If You’re A Stockowner Or Crypto-Currency Holder. What Will You Do When The Recession Comes?

1 In 5 Crypto Holders Are Women, New Report Reveals (#GotBitcoin?)

Beating Bakkt, Ledgerx Is First To Launch ‘Physical’ Bitcoin Futures In Us (#GotBitcoin?)

Facebook Warns Investors That Libra Stablecoin May Never Launch (#GotBitcoin?)

Government Money Printing Is ‘Rocket Fuel’ For Bitcoin (#GotBitcoin?)

Bitcoin-Friendly Square Cash App Stock Price Up 56% In 2019 (#GotBitcoin?)

Safeway Shoppers Can Now Get Bitcoin Back As Change At 894 US Stores (#GotBitcoin?)

TD Ameritrade CEO: There’s ‘Heightened Interest Again’ With Bitcoin (#GotBitcoin?)

Venezuela Sets New Bitcoin Volume Record Thanks To 10,000,000% Inflation (#GotBitcoin?)

Newegg Adds Bitcoin Payment Option To 73 More Countries (#GotBitcoin?)

China’s Schizophrenic Relationship With Bitcoin (#GotBitcoin?)

More Companies Build Products Around Crypto Hardware Wallets (#GotBitcoin?)

Bakkt Is Scheduled To Start Testing Its Bitcoin Futures Contracts Today (#GotBitcoin?)

Bitcoin Network Now 8 Times More Powerful Than It Was At $20K Price (#GotBitcoin?)

Crypto Exchange BitMEX Under Investigation By CFTC: Bloomberg (#GotBitcoin?)

“Bitcoin An ‘Unstoppable Force,” Says US Congressman At Crypto Hearing (#GotBitcoin?)

Bitcoin Network Is Moving $3 Billion Daily, Up 210% Since April (#GotBitcoin?)

Cryptocurrency Startups Get Partial Green Light From Washington

Fundstrat’s Tom Lee: Bitcoin Pullback Is Healthy, Fewer Searches Аre Good (#GotBitcoin?)

Bitcoin Lightning Nodes Are Snatching Funds From Bad Actors (#GotBitcoin?)

The Provident Bank Now Offers Deposit Services For Crypto-Related Entities (#GotBitcoin?)

Bitcoin Could Help Stop News Censorship From Space (#GotBitcoin?)

US Sanctions On Iran Crypto Mining — Inevitable Or Impossible? (#GotBitcoin?)

US Lawmaker Reintroduces ‘Safe Harbor’ Crypto Tax Bill In Congress (#GotBitcoin?)

EU Central Bank Won’t Add Bitcoin To Reserves — Says It’s Not A Currency (#GotBitcoin?)

The Miami Dolphins Now Accept Bitcoin And Litecoin Crypt-Currency Payments (#GotBitcoin?)

Trump Bashes Bitcoin And Alt-Right Is Mad As Hell (#GotBitcoin?)

Goldman Sachs Ramps Up Development Of New Secret Crypto Project (#GotBitcoin?)

Blockchain And AI Bond, Explained (#GotBitcoin?)

Grayscale Bitcoin Trust Outperformed Indexes In First Half Of 2019 (#GotBitcoin?)

XRP Is The Worst Performing Major Crypto Of 2019 (GotBitcoin?)

Bitcoin Back Near $12K As BTC Shorters Lose $44 Million In One Morning (#GotBitcoin?)

As Deutsche Bank Axes 18K Jobs, Bitcoin Offers A ‘Plan ฿”: VanEck Exec (#GotBitcoin?)

Argentina Drives Global LocalBitcoins Volume To Highest Since November (#GotBitcoin?)

‘I Would Buy’ Bitcoin If Growth Continues — Investment Legend Mobius (#GotBitcoin?)

Lawmakers Push For New Bitcoin Rules (#GotBitcoin?)

Facebook’s Libra Is Bad For African Americans (#GotBitcoin?)

Crypto Firm Charity Announces Alliance To Support Feminine Health (#GotBitcoin?)

Canadian Startup Wants To Upgrade Millions Of ATMs To Sell Bitcoin (#GotBitcoin?)

Trump Says US ‘Should Match’ China’s Money Printing Game (#GotBitcoin?)

Casa Launches Lightning Node Mobile App For Bitcoin Newbies (#GotBitcoin?)

Bitcoin Rally Fuels Market In Crypto Derivatives (#GotBitcoin?)

World’s First Zero-Fiat ‘Bitcoin Bond’ Now Available On Bloomberg Terminal (#GotBitcoin?)

Buying Bitcoin Has Been Profitable 98.2% Of The Days Since Creation (#GotBitcoin?)

Another Crypto Exchange Receives License For Crypto Futures

From ‘Ponzi’ To ‘We’re Working On It’ — BIS Chief Reverses Stance On Crypto (#GotBitcoin?)

These Are The Cities Googling ‘Bitcoin’ As Interest Hits 17-Month High (#GotBitcoin?)

Venezuelan Explains How Bitcoin Saves His Family (#GotBitcoin?)

Quantum Computing Vs. Blockchain: Impact On Cryptography

This Fund Is Riding Bitcoin To Top (#GotBitcoin?)

Bitcoin’s Surge Leaves Smaller Digital Currencies In The Dust (#GotBitcoin?)

Bitcoin Exchange Hits $1 Trillion In Trading Volume (#GotBitcoin?)

Bitcoin Breaks $200 Billion Market Cap For The First Time In 17 Months (#GotBitcoin?)

You Can Now Make State Tax Payments In Bitcoin (#GotBitcoin?)

Religious Organizations Make Ideal Places To Mine Bitcoin (#GotBitcoin?)

Goldman Sacs And JP Morgan Chase Finally Concede To Crypto-Currencies (#GotBitcoin?)

Bitcoin Heading For Fifth Month Of Gains Despite Price Correction (#GotBitcoin?)

Breez Reveals Lightning-Powered Bitcoin Payments App For IPhone (#GotBitcoin?)

Big Four Auditing Firm PwC Releases Cryptocurrency Auditing Software (#GotBitcoin?)

Amazon-Owned Twitch Quietly Brings Back Bitcoin Payments (#GotBitcoin?)

JPMorgan Will Pilot ‘JPM Coin’ Stablecoin By End Of 2019: Report (#GotBitcoin?)

Is There A Big Short In Bitcoin? (#GotBitcoin?)

Coinbase Hit With Outage As Bitcoin Price Drops $1.8K In 15 Minutes

Samourai Wallet Releases Privacy-Enhancing CoinJoin Feature (#GotBitcoin?)

There Are Now More Than 5,000 Bitcoin ATMs Around The World (#GotBitcoin?)

You Can Now Get Bitcoin Rewards When Booking At Hotels.Com (#GotBitcoin?)

North America’s Largest Solar Bitcoin Mining Farm Coming To California (#GotBitcoin?)

Bitcoin On Track For Best Second Quarter Price Gain On Record (#GotBitcoin?)

Bitcoin Hash Rate Climbs To New Record High Boosting Network Security (#GotBitcoin?)

Bitcoin Exceeds 1Million Active Addresses While Coinbase Custodies $1.3B In Assets

Why Bitcoin’s Price Suddenly Surged Back $5K (#GotBitcoin?)

Bitcoin’s Lightning Comes To Apple Smartwatches With New App (#GotBitcoin?)

E-Trade To Offer Crypto Trading (#GotBitcoin)

US Rapper Lil Pump Starts Accepting Bitcoin Via Lightning Network On Merchandise Store (#GotBitcoin?)

Bitfinex Used Tether Reserves To Mask Missing $850 Million, Probe Finds (#GotBitcoin?)

21-Year-Old Jailed For 10 Years After Stealing $7.5M In Crypto By Hacking Cell Phones (#GotBitcoin?)

You Can Now Shop With Bitcoin On Amazon Using Lightning (#GotBitcoin?)

Afghanistan, Tunisia To Issue Sovereign Bonds In Bitcoin, Bright Future Ahead (#GotBitcoin?)

Crypto Faithful Say Blockchain Can Remake Securities Market Machinery (#GotBitcoin?)

Disney In Talks To Acquire The Owner Of Crypto Exchanges Bitstamp And Korbit (#GotBitcoin?)

Crypto Exchange Gemini Rolls Out Native Wallet Support For SegWit Bitcoin Addresses (#GotBitcoin?)

Binance Delists Bitcoin SV, CEO Calls Craig Wright A ‘Fraud’ (#GotBitcoin?)

Bitcoin Outperforms Nasdaq 100, S&P 500, Grows Whopping 37% In 2019 (#GotBitcoin?)

Bitcoin Passes A Milestone 400 Million Transactions (#GotBitcoin?)

Future Returns: Why Investors May Want To Consider Bitcoin Now (#GotBitcoin?)

Next Bitcoin Core Release To Finally Connect Hardware Wallets To Full Nodes (#GotBitcoin?)

Major Crypto-Currency Exchanges Use Lloyd’s Of London, A Registered Insurance Broker (#GotBitcoin?)

How Bitcoin Can Prevent Fraud And Chargebacks (#GotBitcoin?)

Why Bitcoin’s Price Suddenly Surged Back $5K (#GotBitcoin?)

Zebpay Becomes First Exchange To Add Lightning Payments For All Users (#GotBitcoin?)

Coinbase’s New Customer Incentive: Interest Payments, With A Crypto Twist (#GotBitcoin?)

The Best Bitcoin Debit (Cashback) Cards Of 2019 (#GotBitcoin?)

Real Estate Brokerages Now Accepting Bitcoin (#GotBitcoin?)

Ernst & Young Introduces Tax Tool For Reporting Cryptocurrencies (#GotBitcoin?)

Recession Is Looming, or Not. Here’s How To Know (#GotBitcoin?)

How Will Bitcoin Behave During A Recession? (#GotBitcoin?)

Many U.S. Financial Officers Think a Recession Will Hit Next Year (#GotBitcoin?)

Definite Signs of An Imminent Recession (#GotBitcoin?)

What A Recession Could Mean for Women’s Unemployment (#GotBitcoin?)

Investors Run Out of Options As Bitcoin, Stocks, Bonds, Oil Cave To Recession Fears (#GotBitcoin?)

Goldman Is Looking To Reduce “Marcus” Lending Goal On Credit (Recession) Caution (#GotBitcoin?)

Our Facebook Page

Your Questions And Comments Are Greatly Appreciated.

Monty H. & Carolyn A.

Go back

Leave a Reply