When it comes to designing digital currencies that protect the identity and transactions data of their users, developers have made a lot of progress in a relatively short period of time. It is technically feasible to design a retail central bank digital currency — or, CBDC — that promotes financial privacy. But one must also consider what is politically feasible. Unfortunately, there is little prospect that the United States government would actually adopt a privacy-protecting CBDC.
If adopted, a CBDC will eventually - if not initially - be used to surveil the transactions of Americans.
The government is already using existing technologies to surveil its citizens. There’s no reason to think the government would give up its ability to monitor transactions with the introduction of a CBDC. Indeed, it seems much more likely that the government would seize the opportunity to expand its capabilities. Therefore, it is absolutely crucial to maintain a private banking system firewall between the government and our transactions data.
Let’s start with the status quo.
The government has essentially deputized the private banking system to monitor customer transactions. Banks keep records on customer transactions, which the government can access by subpoena. The government also requires banks to report suspicious activity and currency transactions in excess of $10,000.
As Nick Anthony at Cato has shown, the real (inflation-adjusted) reporting thresholds have gradually declined over time. When the Bank Secrecy Act rules were rolled out in 1972, banks were required to report currency transactions worth $10,000 or more. If that reporting threshold had been indexed to inflation, it would be around $74,000 today. Since it wasn’t indexed to inflation, banks must file many more reports today on transactions worth much less than those that would have triggered a reporting requirement in the past.
Other thresholds are even lower. For example, money-service businesses must obtain and record information for transactions worth just $3,000.
The government vigorously defends its ability to monitor transactions. It prosecutes those making transactions just below reporting thresholds —a separate crime called structuring. It seizes cash and collectibles, which make it more difficult to monitor transactions, even in cases where there is no evidence of criminal activity. And it undermines new financial privacy-protecting technologies.
Consider the government’s response to cryptocurrencies, some of which offer a high degree of financial privacy. The Financial Crimes Enforcement Network requires cryptocurrency exchanges to register as money-service businesses and comply with Know Your Customer requirements. If transactions can ultimately be traced through the blockchain to these on- and off-ramps, then the financial privacy that cryptocurrencies offer is largely eroded.
Consider the government’s response to cryptocurrency mixing services, which make it more difficult to trace one’s transactions back to an exchange where his or her identity may be discovered. The Office of Foreign Asset Control has added the wallet addresses of mixing services to the Specially Designated Nationals and Blocked Persons list, effectively making it illegal for Americans to employ those mixing services.
Why would a government work so hard to ensure it can monitor transactions just to turn around and issue a financial privacy-protecting CBDC? Again: it seems much more likely that the government would issue a CBDC that bolsters its ability to monitor transactions.
The ostensibly private messaging service ANOM serves as a useful comparison. ANOM was not private. Unbeknownst to its users, ANOM was actually the centerpiece of the Federal Bureau of Investigation’s Operation Trojan Shield. Messages sent using the ANOM app were not only delivered to recipients, but also to the FBI’s database.
The FBI maintains that it did not technically violate the fourth amendment by using a backdoor in the messaging app to snoop on US citizens, because it transferred the data to Lithuania, where foreigners would snoop on US citizens and then tip off the FBI when illegal activity was suspected. Think about that. The FBI developed the ability to spy on US citizens, promoted the use of the enabling technology, and then handed the data collected by this technology over to foreign nationals in order to circumvent the Constitutional constraints designed to safeguard US citizens from such activities. These efforts not only undermined the due process afforded to criminals — though that would be bad enough. It also facilitated the snooping on perfectly lawful messages. Some of these messages involved intimate details shared between romantic partners. Others involved protected conversations between attorneys and their clients.
If the government will build a backdoor into a messaging app — and has been caught trying to bribe engineers to install others — then one should expect it will build a backdoor into a payments app, as well.
Americans do not have much financial privacy today. We would have even less financial privacy if not for the private banking system firewall between the government and our transactions data. This firewall isn’t perfect. But it is better than nothing.
To see how such a firewall promotes financial privacy, consider the Internal Revenue System’s efforts to access the customer data of Coinbase in 2016. At the time, Coinbase was boasting that it had 5.9 million customers — many more than had reported crypto holdings to the IRS. Citing this discrepancy, the IRS secured a John Doe summons.
In 2017, I described the summons as follows:
Basically, the IRS wants any and all information that Coinbase has so that it can sift through that information for the slightest hint of misreporting. It has requested account registration information for all Coinbase account holders, including confirmed devices and payment methods; any agreements or instructions that grant third party access or control for any account; records of all payments processed by Coinbase for merchants; and all correspondence between Coinbase and its users regarding accounts.
Needless to say, the scope of the summons was very broad.
Recognizing the duty — and, perhaps more importantly, the profit motive — it had to protect its customers, Coinbase appealed. Eventually, the courts decided that Coinbase would have to hand over some customer data on around 13,000 high-transacting users.
Kraken has also resisted an overly broad summons to hand over customer data to the IRS, to similar effect.
I hold the old-fashioned view that, in a liberal democracy, the government should have to demonstrate probable cause before acquiring the authority and ability to sift through one’s financial records. The degree of financial privacy afforded by the current system certainly falls short of that standard. Nonetheless, it affords much more financial privacy than one could reasonably hope for if the government held the data, as would likely be the case with a CBDC.
Financial privacy is very important for a free society. What we do reveals much more about who we are than what we say. And what we do often requires making payments. In order to exercise our freedoms, we must be able to selectively share the details of our lives with others — and withhold such details from those who would otherwise use them to harm us.
We should take steps to bolster financial privacy in the United States. The introduction of a retail CBDC would be a step in the wrong direction.