commit 9e37f2c56769a8e518c0612c096d8c0c9f061f06
parent 6a97883c699c9e2c02ec27f306da7535a25b42e6
Author: Christian Grothoff <christian@grothoff.org>
Date: Fri, 14 Jan 2022 22:48:07 +0100
edits
Diffstat:
1 file changed, 167 insertions(+), 112 deletions(-)
diff --git a/2022-privacy/privacy.tex b/2022-privacy/privacy.tex
@@ -1,10 +1,16 @@
\documentclass{article}
+% TODO:
+% - expand bibliography with cited papers (French report, catane-citation
+% from the French report, others?)
+% - double-check and streamline text
+% - point out a few things more where the reports are actually correct? ;-)
+% - unintegrated remarks (see bottom of the TeX file)
+
\usepackage{url}
\usepackage{enumitem}
-\title{Accounts are an Unnecessary Evil}
-\subtitle{A critique of two papers}
+\title{Accounts are an Unnecessary Evil \\ A critique of two papers}
\author{Antoinne Aligny \and Emmanuel Benoist \and Christian Grothoff \and \"Ozg\"ur Kesim}
\date{\today}
\begin{document}
@@ -25,9 +31,9 @@ project to succeed.
Along the same lines, the French council scientific numerique published a
report on ``Notes and Tokens, The New Competition of Currencies''. Here, the
-authors fall for the same trap, but even go as far as stating that a CBDC is
-not possible without an E-ID system.
-
+authors make similar false assumptions about inevidable properties of CBDCs,
+going as far as stating that a CBDC is not possible without an E-ID
+system. Our paper attempts to set the record straight.
% [oec] Shouldn't we also mention GNU Taler already here as an example for an alternative?
}
@@ -63,28 +69,89 @@ citizen is in control of their personal data. The ECB asserting the ``ability
to control the privacy'' is thus an oxymoron: once anyone else has control,
citizens have no privacy. As an institution that claims to act in the public
interest, the ECB's report thus shows a fundamental lack of respect of its
-sovereign: the European citizens. If European democratic ideals are to
-prevail, we clearly need to reestablish the principles of personal
+sovereign: the European citizens.
+
+The French report~\cite{french2021} correctly states that a Digital Euro based
+on accounts poses ``democratic risks'' and could allow ``state surveillance of
+all transactions of every individual''. The use of the term ``surveillance''
+here actually understates the negative impact of an account-based CBDC, as
+with an account-based CBDC the central bank would likely also be in a position
+to prevent individuals from spending money and to manipulate their balances,
+thereby gaining comprehensive power over the economic activities of
+individuals going far beyond mere analytical capabilities. The use of
+permissioned blockchains does not inherently prevent such manipulations as
+long as the participating operators are colluding. Thus, if European
+democratic ideals and personal freedoms are to prevail, we clearly cannot
+ignore this danger and must reestablish the principles of personal
self-reliance, personal independence and subsidiarity in the design processes
for critical infrastructure created by European institutions.
+Here the wording of the French report is confusing, as it suggests that
+monitoring would be a mandatory component of the system, which is
+scientifically false: There are many digital currencies that do not allow such
+surveillance, such as Monero~\cite{monero} or Taler~\cite{dold2019}. Thus, it is dangerous for the authors
+of the French report take a possible design choice of an account-based system
+as fact, for example when they write that ``the centralization and data
+tracking of central bank digital currency projects leads to a loss of privacy
+that coupled with the programmability of the currency can have serious
+consequences.'' Using the indicative here is a serious mistake, as it is
+understood that any CBDC would leads to a loss
+of privacy, when this is false.
+
+Since this far-fetched assumption is taken as true, the conclusion of the
+first part of the French report is obviously flawed. The authors ask ``Should
+the objectives, mandate and governance of central banks be redefined?'',
+implying that the management of a CBDC would be impossible in the current
+state. This is likely wrong. They should have written that central banks
+should limit CBDC issuance corresponding to their mission, and not that their
+missions must be adapted. Especially adaptations of central bank missions to
+include complete control over money via the issuance of a CBDC (as envisioned
+by Agustin Carstens of the Bank of International Settlement\footnote{ See
+speach given on October 19th 2020 on ``Cross-Border Payment -- A vision for
+the future''}) are dangerous and must be firmly rejected.
+
+
+
\section{Harmful coupling with identity}
The probably most dangerous idea of the ECB report is ``combining use of
-digital identity and CBDC''.
-Because even if central banks were neutral custodians of citizens' privacy
-(see above) the problem is the data itself.
-As Bruce Schneier has concisely argued already in 2016: ``Data is a toxic asset.
-We need to start thinking about it as such, and treat it as we would any other
-source of toxicity. To do anything else is to risk our security and privacy.''~\cite{schneier2016toxic}
-And here, the report is insunuating to link identities with payments which
-consequently and inevitably produces highly sensitive metadata.
-Referring to the toxicity of this metadata, Edward Snowden famously said at IETF 93
-in 2019 that \begin{quote}
- ``(...) we need to get away from true-name payments on the Internet.
- The credit card payment system is one of the worst things that happened
- for the user, in terms of being able to divorce their access from their
- identity.''
+digital identity and CBDC''. The same idea is echoed in the French report
+which quotes Catenae~\cite{catenae2020} to say that ``it is difficult to
+envisage the creation of a retail CBDC, and more specifically a Digital Euro
+without first creating a reliable, secure digital identity offering the
+necessary guarantees''. The statement is hard to defend, since current
+cryptocurrencies work perfectly well without depending on a ``trusted digital
+identity''.
+
+Naturally, it is understood that institutions working with a Digital Euro will
+at times be legally required to establish the identity of actors. However,
+when a Digital Euro needs a digital identity for some of the actors in the
+digital currency production chain, one could use certificates based on the
+already widely used X.509 standard, which are already in common use on the
+Internet.\footnote{They correspond to the ``s'' in ``https'', for example.}
+While we can imagine a world in which a new ``trusted digital identity''
+exists, and develop new protocols for this world, this is by no means a
+prerequisite to any work on a Digital Euro. Waiting for the creation of a new
+trusted digital identity at the European level before creating a CBDC may be
+equivalent to postponing the decision indefinitely, and the necessity of first
+deploying a new electronic identity scheme is far from being proven by the
+French report.
+
+What neither report appreciates is that combining payments with such a digital
+identity system would create a serious liability. Even if central banks were
+neutral custodians of citizens' privacy (see above), the problem is the data
+itself. As Bruce Schneier has concisely argued already in 2016: ``Data is a
+toxic asset. We need to start thinking about it as such, and treat it as we
+would any other source of toxicity. To do anything else is to risk our
+security and privacy.''~\cite{schneier2016toxic} Despit this well-established
+insight, the ECB report is insunuating to link identities with payments which
+consequently and inevitably produces highly sensitive\footnote{Or to stick
+with Schneier's analogy, ``super-toxic''} metadata. Referring to the toxicity
+of this metadata, Edward Snowden famously said at IETF 93 in 2019
+that \begin{quote} ``(...) we need to get away from true-name payments on the
+ Internet. The credit card payment system is one of the worst things that
+ happened for the user, in terms of being able to divorce their access from
+ their identity.''
\end{quote}
If the European Union wants to avoid a dystopia of the transparent citizen
and catastrophic cases of personal data theft, it must enable citizens to put a
@@ -191,42 +258,94 @@ limits for their CBDC holdings based on their actual cash needs.
\section{Tokenization beyond CBDC}
With electronic tokens it is possible to tokenize payment systems that are not
-CBDCs. For example, a Swiss group around Claudio Zanetti is considering
-launching an electronic payment system based on gold. Direct payments with
-physical gold are problematic, as giving change (the exact problem GNU Taler
-solves for Chaum's DigiCash~\cite{digicash1989}) is impractical with gold (as
-is the validation that the gold is pure). With eGold, Zanetti plans to
-``establish a private competitor to the Swiss National Bank, that is not able
-to deflate economic crises by inflating the currency at the expense of the
-working class''.\footnote{Personal communication.} It remains to be seen if
-this effective limitation on central bank policy making is ultimately
-beneficial, given the ecological cost of mining gold and the detrimental
-effect of rampant economic crises on the poor. However, we find this to be an
-interesting idea, as it may require politicians to take a more preventative
-stance against economic crises.
+CBDCs. For example, a Swiss group around Claudio
+Zanetti~\footnote{\url{https://www.zanetti.ch/}} is considering launching an
+electronic payment system based on gold. Direct payments with physical gold
+are problematic, as giving change (the exact problem GNU Taler solves for
+Chaum's DigiCash~\cite{digicash1989}) is impractical with gold (as is the
+validation that the gold is pure). With eGold, Zanetti plans to ``establish a
+private competitor to the Swiss National Bank, that is not able to deflate
+economic crises by inflating the currency at the expense of the working
+class''.\footnote{Personal communication.} It remains to be seen if this
+effective limitation on central bank policy making is ultimately beneficial,
+given the ecological cost of mining gold and the detrimental effect of rampant
+economic crises on the poor. Regardless, the idea is interesting as it may
+require governments to take a more preventative stance against economic crises
+--- and economists (naturally ignoring the global environmental impact of
+mining gold) have previously claimed that a competing gold-backed payment
+system might be inherently beneficial to the (Swiss) economy~\cite{szz}.
Systems like Bitcoin and Ethereum that are based on distributed ledger
technology are often confused with true token-based systems. In Bitcoin and
Ethereum funds are still stored in accounts that have a value because of an
incoming transaction, and not because some issuer backs the token. With the
-Depolymerizer~\cite{\url{https://git.taler.net/depolymerization.git}} we have
-created an adapter that allows the tokenization of blockchain-based
+Depolymerizer~\footnote{\url{https://git.taler.net/depolymerization.git}} we
+have created an adapter that allows the tokenization of blockchain-based
cryptocurrencies. Here, the cryptocurrency would be held in escrow by a
-trusted third party that backs the Taler tokens representing Bitcoin or
+trusted third party that backs the tokens representing Bitcoin or
Ether. By reducing the need for on-chain transactions, we expect that a
Depolymerized DLT can in theory scale linearly with the available
computational resources, primarily limited by the much slower transaction rate
of the underlying DLT for inbound and outbound on-chain transacitons. The
resulting system would also provide durable transactions within milliseconds,
-making cryptocurrency payments significantly more practical.
+making cryptocurrency payments significantly more practical. However, like
+with e-gold it would do nothing to migitage the environmental cost of
+(cryptocurrency) mining, so fiat currency remains an environmentally
+preferable choice.
-For the conversion between fiat currency, e-gold and Taler-based
+For the conversion between fiat currency, e-gold and Depolymerizer-tokenized
cryptocurrencies it is likely that regulated payment service providers will be
required to perform some kind of know-your-customer (KYC) procedure to
identify their customers. However, this is no different from identification
-procedures required by banks today, and hardly predicated on the creation of a
-national or even global electronic identity platform with its associated
-dangers for democracy~\cite{helbing}.
+procedures required by banks today, and hence hardly predicated on the
+creation of a national or even global electronic identity platform with its
+associated dangers for individual freedom and
+democracy~\cite{dirkhelbingXXXX,french2021}.
+
+An interesting aspect that all these electronic payment systems based on a
+tokenization system like Taler would share is that they require some trust
+into the issuer of the currency, as in all cases the issuer could reneg on its
+promise to redeem the electronic tokens for the underlying asset. With Taler
+it is possible for third parties to audit the issuer of
+tokens~\cite{dold2019}, which in the absence of fractional reserve banking
+reduces the risk from the issuer to that of the underlying asset class.
+
+We note that issuer risk always exists and this mitigation is crucial. With
+cryptocurrencies, an issuer (like a cryptocurrency exchange) defaulting is
+commonly called an exit scam. For (largely historic) currencies tied to gold
+such a ``default'' was legalized by calling it ``abandoning the gold
+standard'' or ``currency reform''. We note that even modern fiat currencies
+usually have some limited backing in the form of assets held by the central
+bank that the central bank is expected to wisely use these assets to stabilize
+the value of its currency. Here, the equivalent of an exit scam is
+hyperinflation from quickly balooning central bank liabilities. The effect is
+equivalent to an exit scam, as it again effectively disowns the holders of the
+central-bank backed tokens. Hence, even central bank liabilities are hardly
+``risk-free assets'', a final questionable claim repatedly made in the ECB's
+report. The same assumption of the Euro not requiring trust into the ECB is
+made in the French report. In their section on trust, the authors try to
+contrast ``natural'' trust in fiat currencies with ``abnormal'' trust for
+cryptocurrencies. The authors write that ``While trust in money has long
+relied on a mechanical guarantee in gold or the role of the state, neither of
+these guarantees of trust exist for cryptocurrencies.''. Here, the authors
+pretend to be unaware that the Euro is neither based on a mechanical guarantee
+in gold (first abandoned in France during the First World War and then
+definitively under the Popular Front almost a century ago), nor on the role of
+a state since the Eurozone has none of the prerogatives of a state (army, tax,
+foreign policy, or even government).
+
+Confidence in fiat currencies is much more complex than what is described in
+the French report, and one must at least include the following elements:
+\begin{itemize}
+\item confidence in the non-inflationary nature of the currency (it can be hoarded without significant risk)
+\item confidence in the stability of the exchange rate (it is safe to trade with other assets)
+\item confidence in the banking system (that assets will not disappear overnight)
+\end{itemize}
+All these properties are currently those of the major European currencies,
+even if this has not always been the case. From this perspective, we can see
+that some of the large crypto-currencies also more or less respect these
+criteria (with some problems on the side of price stability).
+
\section{Conclusion}
@@ -251,7 +370,10 @@ use.
\section*{Acknowledgements}
We thank Martin Summer for encouraging us to put our critique of the ECB's
-report in writing. We thank Ulrich Bindseil for listening.
+report in writing. We thank central bankers for their good aspirations, which
+they should keep up even if we question their universal realization.
+
+
% We thank XXX for insightful comments on an earlier draft of this text.
@@ -261,82 +383,15 @@ report in writing. We thank Ulrich Bindseil for listening.
\end{document}
-
Yet to integrate:
-
-In the section "Which modality of central bank digital currency?", the authors
-quote a report (Catenae, 2020) to say "it is difficult to envisage the
-creation of a retail central bank digital currency, and more specifically a
-"digital euro" without first creating a reliable, secure digital identity
-offering the necessary guarantees". The statement is hard to defend, since
-current cryptocurrencies work perfectly well without depending on a "trusted
-digital identity."
-
-When we need a digital identity for some of the actors in the digital currency
-production chain, we use certificates in the X509 standard format, which are
-already in common use on the Internet (they correspond to the s in https, for
-example). We can imagine a world in which a new "trusted digital identity"
-would exist and propose new algorithms for this world, but this is by no means
-a prerequisite to any work.
-
-Waiting for the creation of a "trusted digital identity" at the European level
-before creating a central bank digital currency is equivalent to postponing
-the decision indefinitely. This necessity is far from being proven by this
-report.
-
-
-In the section "The democratic risks of central bank digital currencies", the
-authors suggest that such a currency could allow "state surveillance of all
-transactions of every individual". There are many digital currencies that do
-not allow such surveillance (Monero or Taler, for example). The wording chosen
-suggests that monitoring would be a mandatory component of the system, which
-is scientifically false.
-
-In the rest of the section the authors take their assumption as fact "However,
-the centralization and data tracking of central bank digital currency projects
-leads to a loss of privacy that coupled with the programmability of the
-currency can have serious consequences." Using the indicative here is a very
-serious mistake. It is understood that any central bank digital currency leads
-to a loss of privacy, when this is false.
-
-Since this far-fetched assumption is taken as true, the conclusion of the
-first part is obviously flawed. The authors write "Should the objectives,
-mandate and governance of central banks be redefined?" implying that the
-management of a central bank digital currency would be impossible in the
-current state. This is obviously wrong. They should have written that central
-banks must give specifications corresponding to their missions, but not that
-their missions must be adapted to the specifications of existing systems. This
-is even more false when one knows that a system already exists that allows
-banks to respect both the privacy of citizens and to calculate the taxes of
-merchants (c.f. Chaum, Grothoff, Moser (2021)).
-
Part two of the report is of a much better level, one should still note that
the ontological difference between pure digital currencies and traditional
currencies is not very well addressed.
-
-In the section on trust, the authors try to contrast natural trust in FIAT
-currencies with abnormal trust for cryptocurrencies. The sentence "While trust
-in money has long relied on a mechanical guarantee in gold or the role of the
-state, neither of these guarantees of trust exist for cryptocurrencies." The
-authors pretend to be unaware that the Euro is neither based on a mechanical
-guarantee in gold (first abandoned in France during the First World War and
-then definitively under the Popular Front almost a century ago) nor on the
-role of a state since the Eurozone has none of the prerogatives of a state
-(army, tax, foreign policy, or even government).
-
-Confidence in FIAT currencies is much more complex than what is described in the article and one must include the following elements
-- confidence in the non-inflationary nature of the currency (it can be hoarded without risk)
-- confidence in the stability of the exchange rate (it is safe to trade between two currencies)
-- confidence in the banking system (that assets will not disappear overnight).
-
-All these properties are currently those of the major European currencies,
-even if this has not always been the case. From this perspective, we can see
-that the large digital currencies also more or less respect these criteria
-(with some problems on the side of price stability).
-
This report is very heterogeneous. While some sections are of a very good
level and well documented, there are still too many approximations and very
superficial statements about central bank digital currencies in this report.
+Mention somewhere French report's confusion between retail CBDC (SNB-Taler
+paper) and wholesale CBDC (Swiss Helvetia project).
