The EU Innovation Hub, a collaborative venture involving various European Union agencies and member states, recently unveiled its first ever report on encryption. The report spotlights the “dual-use” nature of cryptographic technologies, underscoring their potential for both privacy protection and exploitation by bad actors.
In the digital realm, encryption has applications for privacy, and also poses a potential threat to collective security by concealing financial crime and other threats. The dichotomy between privacy and security in technology has been a battleground since the 1990s when the "encryption/crypto war" started, noting that but crypto referred to cryptography generally and not cryptocurrency specifically.
Cryptocurrencies are reliant on cryptography for their core security, including storage, mining, validation, and transfers and for privacy coins encryption protects the privacy of those using them from easy observation. The technology is neutral and may be used for good of illicit purposes, and the report highlights the concerns around illicit use of privacy coins, mixers, and layer-2 platforms, which can obscure the linear visibility of transactions on the blockchain. The report contends that these privacy-enhancing applications of blockchain technology can assist in facilitating money laundering. It should of course be noted that the amount of illicit use involving crypto assets is vastly lower than that in the cash economy and is more easily traced.
The controversial mixer 'Tornado Cash' recently came under scrutiny again when its developer, Alexey Pertsev, was sentenced to over five years in jail by a Dutch court. The court ruled that the platform, which allows users to exchange tokens while concealing wallet addresses, was created for money laundering purposes. This verdict was handed down despite Tornado Cash being a non-custodial crypto mixing protocol, which implies it never assumes control of the funds processed through it. The service has been caught up in a broader crackdown on mixing services led by US law enforcement.
The report also expressed concerns with privacy coins (e.g., Monero) which have privacy mechanisms built into their protocols, concealing the identities of the sender, receiver, and the actual amount being sent. Also in the firing line are layer-2 solutions such as the Lightning Network, which the report stated could be misused by criminals to make payments without revealing the times and amounts of transactions. The report also foreshadowed that new wallet encryption schemes may further complicate lawful access by law enforcement.
Following the publishing of the report, crypto enthusiasts took to social media to highlight comparisons to other technologies with good or bad applications:-
Coincidentally, France’s Autorité des Marchés Financiers (AMF) also warned in a report that crypto remains a high risk for money laundering due to its popularity, cross-border nature, and the anonymity provided by platforms like mixers, echoing the sentiment of the EU Innovation Hub but it appears from a translation of the report that it focuses mainly on the theoretical risks of illicit use.
Despite regulators’ increasing concerns over the privacy of our data, the status of financial data remains heavily contested. The importance balance between individual privacy and the fight against financial crime continues to play out in the cryptocurrency landscape and is clearly a hot topic in the EU (and the rest of the world). As regulators around the globe continue to grapple with these issues, a new wave of innovators is attempting to thread the needle by developing novel applications which embrace zero knowledge proofs and related technologies to preserve user privacy while curbing financial crime.
Written by S Pettigrove, M Bacina and L Higgins
Comments