commit 3170bf212e1a7e5a52f0fda1a33ea6037bc8ae9b
parent 6db8fb1fa0821adb3a9cb57d14f90b34afd6fdb9
Author: Christian Grothoff <grothoff@gnunet.org>
Date: Wed, 26 Jan 2022 21:28:59 +0100
add Auer
Diffstat:
1 file changed, 18 insertions(+), 1 deletion(-)
diff --git a/2022-privacy/privacy.tex b/2022-privacy/privacy.tex
@@ -579,7 +579,7 @@ inspired by~\cite{dold2019}, given in order of priority:
\end{enumerate}
In our opinion, any candidate for CBDC must follow at least those principles
-to be trustworthy and successful.
+to be trustworthy and successful.
A cross-cutting concern here is that when achieving the security goals, the
CBDC must never rely on the central bank being trustworthy. Good security
@@ -609,6 +609,23 @@ according to business needs and protected according to local laws. In this
case, the CBDC must enable deletion of such data as soon as it is no longer
required.
+A possible trap for the design of a privacy-respecting CBDC is central banks
+merely delegating responsibility for privacy-sensitive data to commercial
+banks. Such a delegation does not provide adequate protection against state
+overreach, as commercial banks still could too easily be compelled to sanction
+opposition against the ruling party. Nevertheless, Auer's
+proposal~\cite{bis2021auer} to delegate the technical operation of a CBDC to
+tightly supervised commercial banks as an alternative to the central bank
+acquiring the technological prowess to centrally operate such a system has
+merit: such a delegation can eliminate a likely single point of failure, and
+might entice commercial banks to diversity the feature set. It would also give
+commercial banks a raison d'ĂȘtre, and thus mitigate the risks from CBDC
+disintermediation. In order for commercial banks to make a valuable
+contribution when operating the CBDC, we believe the central bank would still
+need to set an open standard to ensure interoperability. Strict
+cryptographically-enforced privacy-assurances for consumers must be baked into
+such a standard.
+
\section{GNU Taler}
We have implemented the GNU Taler token-based payment system based on the
