commit 5947ebb782a223169033082eb05a675c5842e011
parent 3170bf212e1a7e5a52f0fda1a33ea6037bc8ae9b
Author: Christian Grothoff <grothoff@gnunet.org>
Date: Wed, 26 Jan 2022 21:40:42 +0100
editing
Diffstat:
1 file changed, 19 insertions(+), 25 deletions(-)
diff --git a/2022-privacy/privacy.tex b/2022-privacy/privacy.tex
@@ -5,7 +5,6 @@
% from the French report, others?)
% - double-check and streamline text
% - point out a few things more where the reports are actually correct? ;-)
-% - unintegrated remarks (see bottom of the TeX file)
\usepackage{url}
\usepackage{enumitem}
@@ -183,24 +182,17 @@ ignore this danger and must reestablish the principles of personal
responsibility, personal independence and subsidiarity in the design processes
for critical infrastructure created by European institutions.
-% FIXME:
-% Changed scientifically to demonstrably.
-% It is still unclear here what "the system" is and if it would be
-% mandatory because of technical or regulatory reasons.
-% The monero reference is missing/wrong and I could not find ad hoc references.
Here the wording of the French report is confusing, as it suggests that
-monitoring would be a mandatory component of the system, which is
-%FIXME dangerous for the authors? What exactly is dangerous?
-% Maybe just say it is false? An incorrect conclusion?
-demonstrably false: There are many digital currencies that do not allow such
-surveillance~\cite{monero,dold2019}. Thus, it
-is dangerous for the authors of the French report take a possible design choice
-of an account-based system as fact, for example when they write that ``the
-centralization and data tracking of central bank digital currency projects
-leads to a loss of privacy that coupled with the programmability of the
-currency can have serious consequences.'' Using the indicative here is a
-serious mistake, as it is understood that any CBDC would lead to a loss
-of privacy, when this is false.
+privacy-invasive monitoring would be a mandatory component of any CBDC, which
+is demonstrably false: There are many digital currencies and payment systems
+that do not allow comprehensive surveillance~\cite{monero,dold2019}. Thus, it
+is wrong for the authors of the French report to take a possible design choice
+of an account-based system as a necessity, for example when they write that
+``the centralization and data tracking of central bank digital currency
+projects leads to a loss of privacy that coupled with the programmability of
+the currency can have serious consequences.'' Using the indicative here is a
+serious mistake, as it is understood that any CBDC design would necessarily
+lead to a loss of privacy, when this is false.
Since this far-fetched assumption is taken as true while counterexamples
exists, the conclusion of the first part of the French report follows a logical fallacy.
@@ -287,7 +279,10 @@ Germany~\cite{koalitionsvertrag2021}. The European Parliament has members
proposing to ban the use of facial recognition in public
spaces~\cite{euai2021}. The ECB's proposal seemingly ignores the popular
rejection of treating every citizen as a criminal suspect by doubling down.
-Payment data is typically retained for 6 or more years. % FIXME: What is this referring to? Is it already retained 6 or more years? Is that proposed?
+Payment data is typically retained for 6 or more years.
+% FIXME: What is this referring to? Is it already retained 6 or more years? Is that proposed?
+% That is common fact for banking in EU/US/UK and likely other states.
+% That said, if someone has a good reference, that would be appreciated...
The missing link in the ECB proposal that would
reveal the dystopic reality they would invoke would be a statement that facial
recognition could be used to conveniently establish the payer's identity --- or
@@ -305,20 +300,17 @@ by strong identification.
% msc: Note this is a claim without a cite. Can we somehow show this? Maybe showing
% that is is not effective (as opposed to cost effective) is easier.
Not only is this simplistic approach rarely
-cost-effective, but it contributes to the conversion of soverign citizens to
+cost-effective, but it contributes to the conversion of sovereign citizens to
digital subjects.
\section{Addressing Balance Sheet Disintermediation via Self-Custody}
\label{sec:disintermediation}
-% FIXME: This is probably true in above statements as well but
-% whenever the report is referenced, a more specific pointer would be
-% helpful (e.g. section, paragraph etc).
-% I think the more accessible term (to me) here is "bank run".
The ECB report describes the risk of (commercial) bank balance sheet
disintermediation as one of the major risks to consider from the introduction
of a CBDC. Basically, the risk is that consumers loosing faith in a
-commercial bank may shift funds into CBDC, thereby exacerbating the situation.
+commercial bank may shift funds into CBDC, thereby exacerbating the situation
+by creating a ``bank run''.
The ECB report discusses various strategies, but primarily focuses on limiting
``hoarding'' of CBDC by imposing a balance limit. They then realize that this
can be quite difficult, as businesses may have varying needs for CBDC, so a
@@ -335,6 +327,7 @@ financially attractive, there will clearly again be businesses profiting from
organizing their business data to obtain high account limits. This kind of
socially unproductive optimization will happen regardless of the specific
rules that the ECB will design. Thus, this is a fundamentally flawed design.
+% FIXME: add citations on CO2 certificate abuses?
The ECB's focus on account-based solutions seems to have caused it to ignore a
better solution that was proposed in~\cite{snb2021}, even though it was
@@ -441,6 +434,7 @@ the French report, and one must at least include the following elements:
% FIXME: The first item is a bit odd in combination with the statement below
% that the properties are fulfilled for Eurp. currencies as a bit further above a lot of space was given to
% the argument that the tokens are not risk free because of the possiblity of hyperinflation.
+% RE: well, we write these properties *currently* hold. A 'risk' merely implies that it might not always hold.
\begin{itemize}
\item confidence in the non-inflationary nature of the currency (it can be hoarded without significant risk)
\item confidence in the stability of the exchange rate (it is safe to trade with other assets)
