This is for my boyfriend, so don't tell my husband! (Library of Congress via Wikimedia Commons).
Cryptocurrencies,  Regulation

Rationing Privacy: ECB suggests digital currency ‘anonymity vouchers’

An EU-issued central bank digital currency could provide an allowance of tokens good for keeping Big Brother from looking at your spending

Planning to score some cocaine before meeting your girlfriend at a hotel? Neither the cops nor your wife will be any the wiser if you use some of the “anonymity vouchers” Europe’s central bank just proposed building into an e-euro.

These vouchers could be attached to central bank digital currency transactions, instructing authorities not to investigate them.

It’s kind of like trying to sneak across a room unseen by screaming, “nobody look at me!”

At least the Chinese central bank’s Orwellian “controllable anonymity” proposal for its own digital yuan doesn’t insult your intelligence. Sure, the government will be able lift the lid and see what you’re doing. But you won’t be telling them when to look.

Super centralized

The idea for anonymity vouchers came in a European Central Bank (ECB) paper, which credited the razor-sharp minds at global consulting firm Accenture and R3. A “proof of concept” test of the voucher system was built on R3’s Corda blockchain platform.

We promise we won’t look… (via Pixabay).

Formally run by the European System of Central Banks (ECSB), the test’s goal was to balance the need to build anti-money laundering (AML) and countering the financing of terrorism (CFT) controls into a digital currency while still giving consumers a sense of privacy. 

“This prototype… provides a digitalization solution for AML/CFT compliance procedures whereby a user’s identity and transaction history are nevertheless hidden from the central bank and intermediaries other than that chosen by the user.”

The test assumes a European CBDC model much like the one China has proposed. A central bank would issue the digital currency stablecoin to banks, and possibly to other intermediaries such as Apple Pay in the U.S. or AliPay in China. The consumers and businesses using the CBDC would only deal with the intermediaries. 

But, each individual transactions would actually be run through the central bank. Intermediaries would make a request to the central bank on behalf of clients.

In addition, the proof of concept calls for a dedicated AML authority. All transactions would run through it to check for illicit transactions. 

Rationed privacy

The anonymity vouchers, the ECB paper explains, would only cover lower-value transactions. So, you could buy a gram of cocaine but not a kilo. Or more legally, a cab ride but not a car.

A set number of anonymity vouchers would be issued to digital currency users on a regular basis. They would be free but non-transferable. And, they would have an expiration date.

The mechanism is somewhat complex, but it boils down to the anonymity vouchers allowing a transaction to bypass the AML authority.

The only information any of the banks or authorities could see—in theory—would be the amount of fiat money in a transaction, and if the spender’s wallet actually has that much money in it.

A “chain snipper” not a mixer

There are a few holes in theory, the paper admits.

One of those is such a glaring privacy problem that the authors essentially recommended that a mixing service be built into the system. You know, like the Bestmixer.io service that the Europol agency and Dutch law enforcement shut down in May for money laundering.

When we do it, it’s a lottery; when you do it, it’s running numbers (via Europol).

In that announcement, Europol said bestmixer.io “offered to mix potentially identifiable or ‘tainted’ cryptocurrency funds with others, so as to obscure the trail back to the fund’s original source.”

Which brings us back to the ECB’s R3/Accenture digital currency proof of concept test. 

In the test, the banks acting as intermediaries between the digital currency user and the central bank had to validate each transaction. 

That was a privacy “challenge” as it meant the banks had “to look at information on past transactions of the CBDC units being transferred, all the way back to the moment when they were first issued,” the report said. 

Thanks to the “chain” nature of the Corda blockchain, that meant “details of past transactions can be seen by new holders’ intermediaries [banks] that were not involved in those transactions,” it added.

The solution suggested was not mixing, however. It was “chain snipping.” 

This means having the central bank regularly redeem and reissue all of the CBDC units outstanding. This would reset the “history of a user’s units… reduc[ing] the amount of information that is visible to other participants,” the report said.

But AML regulators need not worry, it added. “[T]hat has no impact on the user’s privacy vis-à-vis the central bank, which still receives all information carried by redeemed units,” the paper said. 

Of course, that in turn suggests that the “anonymity vouchers” don’t make CDBC users anonymous, or even pseudonymous. It just means those transactions are waved through the first checkpoint.

Leo Jakobson, Modern Consensus editor-in-chief, is a New York-based journalist who has traveled the world writing about incentive travel. He has also covered consumer and employee engagement, small business, the East Coast side of the Internet boom and bust, and New York City crime, nightlife, and politics. Disclosure: Jakobson owns no cryptocurrencies.