commit 9b3406f25c2cd6a9dd39adeaa4eeb0e6e9cbadb8
parent e70572f189e0241077b7f7890b0ed7c19d91e7af
Author: Christian Grothoff <grothoff@gnunet.org>
Date: Wed, 23 Mar 2022 15:24:09 +0100
cut down for suerf
Diffstat:
2 files changed, 401 insertions(+), 2 deletions(-)
diff --git a/2022-privacy/suref.tex b/2022-privacy/suref.tex
@@ -0,0 +1,399 @@
+\documentclass{article}
+
+\usepackage{url}
+\usepackage{enumitem}
+\usepackage{authblk}
+
+\title{Cental Bank Accounts are Dangerous and Unnecessary \\ A critique of two
+ papers\footnote{We thank Martin Summer for encouraging us to put our
+ critique of the ECB's report in writing. We thank central bankers for their
+ good aspirations, which they should keep up even if we question their
+ universal realization.}}
+
+\author[$\triangle\pounds$]{Antoine~d'Aligny}
+\author[$\triangle$]{Emmanuel~Benoist}
+\author[$\dagger\heartsuit$]{Florian~Dold}
+\author[$\triangle\dagger\heartsuit$]{Christian~Grothoff}
+\author[$\S$]{\"Ozg\"ur~Kesim}
+\author[$\ddagger\heartsuit$]{Martin~Schanzenbach}
+\affil[$\triangle$]{Bern University of Applied Sciences}
+\affil[$\pounds$]{École d'Ingénieurs Généraliste du Numérique}
+\affil[$\dagger$]{Taler Systems SA}
+\affil[$\S$]{Freie Universit\"at Berlin}
+\affil[$\ddagger$]{Fraunhofer Institute for Applied and Integrated Security}
+\affil[$\heartsuit$]{The GNU Project}
+\date{\today}
+\begin{document}
+
+\maketitle
+
+\abstract{
+In December 2021 the European Central Bank (ECB) published a report on ``Central Bank Digital
+Currency: functional scope, pricing and controls'' in its Occasional Paper
+Series~\cite{ecb2021}, detailing various challenges for the
+Digital Euro. While the authors peripherally acknowledge the existence of
+token-based payment systems, the notion that a Digital Euro will somehow
+require citizens to have some kind of central bank account is pervasive in the
+paper. We argue that an account-based design cannot meet the ECB's stated
+design goals and that the ECB needs to fundamentally change its mindset when
+thinking about its role in the context of the Digital Euro if it wants the
+project to succeed.
+
+Along the same lines, the French National Council for Digitalization published
+a report on ``Notes and Tokens, The New Competition of
+Currencies''~\cite{french2021}. Here, the authors make related incorrect
+claims about inevitable properties of Central Bank Digital Currencies
+(CBDCs), going as far as stating that a CBDC is not possible without an eID
+system. Our paper sets the record straight.
+
+% [oec] Shouldn't we also mention GNU Taler already here as an example for an alternative?
+
+\noindent
+{\bf JEL Classification Codes:} E42, E58 \\
+{\bf Keywords: } retail CBDC, privacy, trust
+
+
+\section{Introduction}
+\label{sec:intro}
+
+This article presents our comments regarding two papers that have been written
+by the European Central Bank (ECB)~\cite{ecb2021} and the French National
+Council for Digitalization\footnote{Conseil national du numérique}
+(CNNum)~\cite{french2021}. As the French report is using some rather unclear
+definitions of currency, we will begin with a brief introduction of terms and
+technologies.
+
+We will then explain why the ECB should not be the only guardian of the
+privacy of the European citizen and why coupling of a Central Bank Digital
+Currency (CBDC) with an identity system is a bad idea. We address a question
+raised in the ECB's report on the risks of a retail CBDCs promoting
+disintermediation to a degree that might threaten traditional banks.
+
+
+\section{Currency and payment systems} \label{sec:terms}
+
+Currency is ``something that is used as a medium of exchange;
+ money.''\cite{dictionaryCurrency}. From the French dictionary, currency
+(i.e. la monnaie) is an ``Instrument of measurement and conservation of
+ value, legal means of exchanging goods''\footnote{Instrument de mesure et
+ de conservation de la valeur, moyen légal d'échange des biens.}, or
+``Unit of value accepted and used in a country, a group of
+ countries.''\footnote{Unité de valeur admise et utilisée dans un pays, un
+ ensemble de pays.}~\cite{LeRobertMonnaie}
+The main desired properties of a currency are therefore: conservation of value and
+availability for exchange.
+
+For more than a hundred years, most currencies have been issued by central
+banks, while with the exception of cash, retail payment systme have typically
+been implemented by the private sector. In general, any payment system
+enables participants to make financial transactions, but does not in itself
+establish a new currency. Additionally, payment systems can provide credit,
+make transactions faster, cheaper, more private or more usable. Payment
+systems may require their users to trust payment system providers, as these
+intermediaries may introduce new failure modes into the system. As a result,
+payment service providers are generally regulated entities, at least when they
+deal with traditional fiat currencies.
+
+There are two types of CBDCs, retail CBDCs and
+wholesale CBDCs. Wholesale CBDC is expected to be primarily used to trade
+between banks and between the central bank and banks. An example of wholesale
+CBDC can be found in the description of the project Helvetia of the Swiss
+National Bank~\cite{BISHelvetia2020}.\footnote{We note that the French report
+ confuses project Helvetia (which implements a wholesale CBDC) with an
+ entirely different proposal~\cite{chaum2021} for a retail CBDC.} In
+contrast, a retail CBDC is intended to be used by citizens and businesses in
+their daily lives for their ordinary expenses, basically providing a form of
+digital cash that is, like physical cash, a liability of the central bank.
+This paper is about retail CBDCs. Our discussion will
+assume that the currency for the CBDC already exists, and thus focus on the
+requirements for the payment system that facilitates ordinary people to make
+digital transactions with such a currency.
+
+
+\section{Central Banks cannot be the Guardian of Privacy}
+\label{sec:guardians}
+
+The ECB's report starts with a public interest-oriented self-image of central
+banks. For example, the authors claim that ``central banks operate in the
+interest of society, setting goals in the public interest rather than private
+interest'' and ``as public and independent institutions, central banks have no
+interest in monetising users' payment data. They would only process such data
+to the extent necessary for performing their functions and in full compliance
+with public interest objectives and legislation.'' While this is a laudable
+aspiration, it is a false statement: The Bank of Greece, one of the central
+banks of the Eurosystem, is dominantly privately held and listed on the Athen's
+stock exchange~\cite{BG2016}. Similar constructions with privately owned
+central banks exist outside of the Eurozone, for example with the Swiss
+National Bank~\cite{SNB}. That all central banks are independent and operate
+in the public interest is sometimes questioned in the popular
+press~\cite{tcimer2020}. With counter-examples inside the
+European System of Central Banks (ECBS) itself and within Europe, it is clear
+one needs to be careful to avoid confusing the idealistic view of central
+banks as politically neutral and public-minded institutions with reality.
+To build secure systems, it is best to assume that all parties,
+including the system's designers, implementors and main operators
+themselves, could be malicious.
+
+Central banks thus need to take a different mindset, and idally picture
+themeselves as malicious actors when working on the design of a CBDC. Only
+this way, they will avoid designs which would entrust them with information
+and decisions that they must not be entrusted with. For example, the ECB's
+report currently suggests that the ECB ``may also prefer the (...) the ability
+to control the privacy of payments data''. This is a fundamental misconception
+of the notion of privacy. Citizens will \emph{only} have privacy with a
+Digital Euro if they themselves have control over their payment data. Privacy
+and the human right of informational self-determination requires that each
+(legally capable) citizen is in control of their personal data. A central
+bank asserting the ``ability to control the privacy'' is thus an oxymoron:
+once anyone else has control, citizens have no privacy. Public institutions
+that act in the public interest must acknowledge this to not patronize their
+sovereign: the citizens.
+
+The French report~\cite{french2021} correctly states that a Digital Euro based
+on accounts poses ``democratic risks''\footnote{risques démocratiques} and could allow ``state surveillance of
+all transactions of every individual''\footnote{surveillance de toutes les transactions de chaque individu par l’État}.
+Subsequently the wording of the French report is misleading, as it turns the
+possibility of privacy-invasive monitoring into a mandatory feature of any
+CBDC, which is demonstrably false: There are many digital currencies and
+payment systems that do not allow comprehensive
+surveillance~\cite{monero,dold2019}. Thus, it is wrong for the authors of the
+French report to take a possible design choice of an account-based system as a
+necessity, for example when they write that ``the centralization and data
+tracking of CBDC projects leads to a loss of privacy
+that coupled with the programmability of the currency can have serious
+consequences.''\footnote{Toutefois, la centralisation et la traçabilité des données des projets de monnaie numérique de banque centrale conduit à une perte de vie privée qui, associée à la programmabilité de la monnaie, peut avoir de lourdes conséquences. } Using the indicative here is a serious mistake, as it is
+understood that any CBDC design would necessarily lead to a loss of privacy,
+when this is false.
+
+Furthermore, the use of the term ``surveillance'' in the French report actually
+understates the negative impact of an account-based CBDC, as with an
+account-based CBDC the central bank would likely also be in a position to
+prevent individuals from spending money and to manipulate their balances,
+thereby gaining comprehensive power over the economic activities of
+individuals going far beyond mere analytical capabilities. The use of
+permissioned blockchains does not inherently prevent such manipulations as
+long as the participating operators are colluding. Thus, if European
+democratic ideals and personal freedoms are to prevail, we clearly cannot
+ignore this danger and must reestablish the principles of personal
+responsibility, personal independence and subsidiarity in the design processes
+for critical infrastructure created by European institutions.
+
+Since this conjecture is taken as fact while counterexamples
+exists, the conclusion of the first part of the French report follows a
+logical fallacy. The authors assert that ``the new properties of CBDC raise
+political questions''\footnote{``Dans un contexte où les nombreux projets d’émettre
+des monnaies numériques viennent étendre le rôle des banques
+centrales se pose la question des enjeux démocratiques et politiques de
+ces nouveaux attributs.''} which implies that the deployment of a CBDC would be
+impossible in the current state. But adaptations of central bank missions to
+include ``absolute control over the rules and regulations of the use'' of
+money via the issuance of a CBDC (as envisioned by Agustin Carstens of the
+Bank of International Settlement\footnote{See speech given on October 19th
+ 2020 on ``Cross-Border Payment -- A vision for the future''}) are dangerous
+if the central bank can choose to void privacy assurances. Carsten's reasons
+include that the central bank should have the ability to know about every
+payment. As he states that the central bank would be able to strictly enforce
+its rules and regulations, this implies the bank could arbitrarily block
+payments by private citizens. The repressive potential of a government with
+such a capability is so large that it must be firmly rejected.
+
+\section{Harmful coupling with identity}
+\label{sec:coupling}
+
+The risk is not theoretical. The Emergencies Act of February 2022 granted the
+Canadian executive the right to freeze bank accounts without judicial
+oversight. The Canadian minister of justice David Lametti promptly used this
+to threaten people on CTV News with extrajudicial asset freezes if they were
+making significant financial contributions to a political cause he strongly
+disagrees with.\footnote{\url{https://www.youtube.com/watch?v=xoTCxWSQW30}} If
+this is possible in Canada today, we do not want to imagine what might happen
+in less established democracies if an account-based CBDC were to largely
+displace cash.
+
+Consequently, the question should be if central banks should limit CBDC
+issuance within the scope of their current mission instead of modifying their
+rulebooks. Wisely, the US Federal Reserve is currently barred from
+maintaining digital account balances for individuals~\cite{usfed2022}. We
+consider this law wise, as we argue that tightly coupling payments with
+identity is harmful. While the law prevents the Federal Reserve's from
+issuing an account-based retail CBDC, it does not seem to prevent the Federal
+Reserve from issuing a token-based privacy-respecting CBDC. This is crucial,
+as the technology behind token-based privacy-respecting CBDCs would
+fundamentally not support the kind of asset freezes enabled by the Canadian
+Emergencies Act.
+
+In contrast, ECB report suggests that ``combining use of digital identity and
+CBDC'' might be beneficial. The same idea is echoed in the French report which
+quotes an unpublished report from Catenae (2020) to say that ``it is difficult
+to envisage the creation of a retail CBDC, and more specifically a Digital
+Euro without first creating a reliable, secure digital identity offering the
+necessary guarantees''\footnote{il est difficile d'envisager la création d'une
+monnaie numérique de banque centrale de détail, et plus particulièrement d’un
+``euro numérique'', sans création préalable d'une identité numérique fiable,
+s\'ecuris\'ee et offrant les garanties nécessaires}. From a technical
+perspective, the statement is hard to defend since payment systems exist that
+work perfectly well without depending on a ``trusted digital identity''.
+
+From a regulatory perspective, it is understood that institutions working with
+a Digital Euro will at times be legally required to establish the identity of
+actors. However, when a Digital Euro needs a digital identity for some of the
+actors in the digital currency production chain, one can use existing
+Know-Your-Customer (KYC) processes of commercial banks or use certificates
+based on the already widely used X.509 standard, which are both already in
+common use on the Internet.\footnote{They correspond to the ``s'' in
+``https'', for example.} While we can imagine a world in which a new
+``trusted digital identity'' exists, and develop new protocols for this world,
+this is by no means a prerequisite to any work on a Digital Euro. Waiting for
+the creation of a new trusted digital identity at the European level before
+creating a CBDC may be equivalent to postponing the decision indefinitely, and
+the necessity of first deploying a new electronic identity scheme is not shown
+by the authors.
+
+What neither report appreciates is that combining payments with such a digital
+identity system would create a serious liability. Even if central banks were
+neutral custodians of citizens' privacy (see Section~\ref{sec:guardians}), the
+problem is the data itself. As Bruce Schneier has concisely argued already in 2016:
+``Data is a toxic asset. We need to start thinking about it as such, and treat
+it as we would any other source of toxicity. To do anything else is to risk our
+security and privacy.''~\cite{schneier2016toxic}
+Despite this well-established insight, the ECB report is insinuating to link
+identities with payments which consequently and inevitably produces highly
+sensitive\footnote{Or to stick with Schneier's analogy, ``super-toxic''}
+metadata. Referring to the toxicity of this metadata, Edward Snowden famously
+said at IETF 93 in 2019
+that \begin{quote} ``(...) we need to get away from true-name payments on the
+ Internet. The credit card payment system is one of the worst things that
+ happened for the user, in terms of being able to divorce their access from
+ their identity.''
+\end{quote}
+If the European Union wants to avoid a dystopia of the transparent citizen
+and catastrophic cases of personal data theft, it must enable citizens to put a
+firewall between their identity and their payments.
+
+Citizens themselves are well aware of this aspect and it consequently would
+have a significant impact on acceptance of a CDBC: The Swiss population
+recently rejected a proposal for a national eID~\cite{eid2021}, and the newly
+elected German government is promising a reversal of ubiquitous data retention
+(without cause)~\cite{koalitionsvertrag2021}. The European Parliament has
+members proposing to ban the use of facial recognition in public
+spaces~\cite{euai2021}. The ECB's proposal seemingly ignores the popular
+rejection of treating every citizen as a criminal suspect by doubling down.
+The missing link in the ECB proposal that would reveal the dystopic reality
+they would invoke would be a statement that facial recognition could be used
+to conveniently establish the payer's identity --- or ``pay with your smile'',
+as contemporary account-based digital payment offerings already put it. We
+stress that CBDC payment data, like other payment data, can be expected to be
+retained for 6 or more years~\cite{fca}. If CBDC payment data is additionally
+strongly coupled with our identities, those who dislike living in a panopticon
+could only hope for such a CBDC to be rarely used.
+
+
+
+\section{Addressing Balance Sheet Disintermediation via Self-Custody}
+\label{sec:disintermediation}
+
+The ECB report describes the risk of (commercial) bank balance sheet
+disintermediation as one of the major risks to consider from the introduction
+of a CBDC. Basically, the risk is that consumers losing faith in a
+commercial bank may shift funds into CBDC, thereby exacerbating the situation
+by creating a ``bank run''.
+The ECB report discusses various strategies, but primarily focuses on limiting
+``hoarding'' of CBDC by imposing a balance limit. They then realize that this
+can be quite difficult, as businesses may have varying needs for CBDC, so a
+fixed low limit would strangle the utility of the CBDC, while a fixed high
+limit may not be effective. They then propose a dynamic limit which they would
+``calculate in accordance to (...) presumed cash needs''.
+
+Here, the authors might want to review some of the hard lessons from the
+introduction of $CO_2$ emissions certificates, where initial allocations were
+calculated based on ``presumed emission needs'' of certain industries,
+resulting in windfalls for shifty polluters that managed to rig the
+calculations, giving them excess certificates that they could then
+resell.~\cite{carbon} If CBDC holdings are limited and financially attractive,
+there will clearly again be businesses profiting from organizing their
+business data to obtain high account limits. This kind of socially
+unproductive optimization will happen regardless of the specific rules that
+the ECB will design. Thus, this is a fundamentally flawed design.
+
+The ECB's focus on account-based solutions seems to have caused it to ignore a
+better solution that was proposed in~\cite{snb2021}, even though it was
+clearly on the table: When justifying the need to control hoarding of CBDC,
+the authors write that ``risk-free assets have a negative yield (apart from
+banknotes, which are costly and risky to store in large amounts)''. Here,
+they presume that hoarding CBDC must be risk-free. However, with Digital Euros
+represented as tokens that citizens hold in self-custody, the CBDC would not
+be risk-free: citizens would have to safeguard their digital devices (both
+physically and against malware).
+Thus, a CBDC
+design using digital tokens under the control of citizens indirectly provides a
+good solution for hoarding, as self-custody of the digital assets entails a
+risk, quite comparable to the risk of hoarding cash. By analyzing this risk,
+citizens and businesses would themselves determine appropriate individual
+limits for their CBDC holdings based on their actual cash needs.
+
+
+\section{Conclusion}
+
+There are no trusted third parties. That does not prevent people from
+designing and deploying systems that rely on the assumption that a trusted
+third party exists. Central banks must not follow the former DIRNSA's
+hybris~\cite[page 6f]{cwps}
+and assert that they are an eternally trusted third party.
+
+The dominance of accounts on the Internet and the resulting delegation of
+economic and political power to big Internet service providers sets a
+dangerous precedent for the design of CBDCs. It is time for central banks
+to abandon this account-centric mindset, which will help them address
+privacy issues and help the Internet transcend surveillance capitalism.
+
+More specifically, the ECB needs to review its design approach for the Digital
+Euro and commit to granting financial sovereignty to its constituents. Instead
+of controlling the citizen's privacy and forcing a particular ECB App onto
+% FIXME: I'd suggest "users' phones",
+% unless it is really meant that one
+% user has multiple phones.
+CBDC user's phones, the ECB needs to design a Digital Euro based on respect
+for the citizen's sovereignty and self-responsibility. A digital cash system
+can be build using privacy-preserving open protocols with Free Software
+reference implementations. The resulting self-responsibility of citizens will
+address various key design challenges inherent to account-based designs,
+including the biggest challenge of all: creating a product citizens would
+actually like to use.
+
+%[oec] Highlight again that alternatives _are_ on the table
+
+
+
+% We thank XXX for insightful comments on an earlier draft of this text.
+
+\bibliographystyle{alpha}
+\bibliography{literature}
+
+
+\end{document}
+
+Cut for brevity:
+
+
+
+Most crypto-currencies seek to have the properties of a currency, the
+conservation of value and the availability for exchange. For the two largest
+of them (BTC and ETH), we must note that since their creation they have been
+able to play the two roles of a currency. These currencies are both available
+for exchange and can be hoarded. These currencies are subject to great
+variations in price, but they are far from the variations of the Argentine
+Peso (which is commonly considered to be a currency). Some also have limited
+availability for real-time transactions, with Bitcoin for example requiring a
+very long validation time preventing its use for everyday purchases, but can
+be used for remote purchases (say for international remittances) where
+latencies and costs are actually competitive compared to existing payment
+systems.
+
+Central banks manage fiat currencies. These currencies are also mainly
+digital, as often the actual transactions are facilitated by digital payment
+systems bolted on top of the currency provided by the central bank. While it
+is in most cases still possible to use the central bank provided physical cash
+directly, transactions using real coins and bills are declining. The quantity
+of money, as well as the interest rate at which this money is made available
+to banks, allows central banks to influence the value of the currencies they
+manage.
diff --git a/presentations/2021-cb/boj.tex b/presentations/2021-cb/boj.tex
@@ -100,7 +100,7 @@
\title{GNU Taler as a Retail CBDC}
%\subtitle{}
-\setbeamertemplate{navigation symbols}{\includegraphics[width=1cm]{inria.pdf} \includegraphics[width=2.3cm]{bfh.png} \includegraphics[width=1.6cm]{fub.pdf} \includegraphics[width=0.4cm]{ashoka.png} \includegraphics[width=0.4cm]{gnu.png} \includegraphics[width=1cm]{logo-2020.jpg} \hfill}
+\setbeamertemplate{navigation symbols}{\includegraphics[width=1cm]{inria.pdf} \includegraphics[width=2.3cm]{bfh.png} \includegraphics[width=1.6cm]{fub.pdf} \includegraphics[width=0.4cm]{ashoka.png} \includegraphics[width=0.4cm]{gnu.png} \includegraphics[width=1cm]{logo-2021.pdf} \hfill}
%\setbeamercovered{transparent=1}
\author[C. Grothoff]{{\bf C. Grothoff}}
@@ -118,7 +118,7 @@
\vfill
% \includegraphics[width=0.66\textwidth]{logo-2017-fr.pdf}
- \includegraphics[width=0.66\textwidth]{logo-2020.jpg}
+ \includegraphics[width=0.66\textwidth]{logo-2021.pdf}
as a Retail CBDC
\vfill
