commit aa59db3c90b2cb80ef36ec7f915ccc3fed8b624b
parent eef501f308fbb8abc9bb64137fa1bb08c36310df
Author: Christian Grothoff <christian@grothoff.org>
Date: Fri, 28 Jan 2022 19:23:52 +0100
edits
Diffstat:
1 file changed, 13 insertions(+), 14 deletions(-)
diff --git a/2022-privacy/privacy.tex b/2022-privacy/privacy.tex
@@ -469,19 +469,18 @@ to be trustworthy and successful.
A cross-cutting concern here is that when achieving the security goals, the
CBDC must never rely on the central bank being trustworthy. Good security
designs always strive to avoid trusted parties. This implies that neither the
-correctness nor the privacy assurances must rely on an honest central
-bank.
-This false sense of security also became evident when the former director of the
-NSA revealed his belief that with respect to control over the toxic data assets
-accumulated by the NSA ``nobody comes after us''~\cite[page 6f]{cwps}, suggesting
-that the (by the DIRNSA clearly presumed trustworthy) US government would never
-fall. The assumption turned deadly when the Taliban took over
-personal profiles including biometric data of Afgahnis that had collaborated
-with NATO forces after the retreat of NATO in 2021~\cite{afganistan2021}. We
-must not make the same mistake, that is believing that our institutions are
-good and eternal, when it comes to out private payment data. Thus, it is
-necessary that technical protections for our privacy are put in place that
-even the central bank cannot break:
+correctness nor the privacy assurances must rely on an honest central bank.
+This false sense of security also became evident when the former director of
+the NSA (DIRNSA) revealed his belief that with respect to control over the
+toxic data assets accumulated by the NSA ``nobody comes after us''~\cite[page
+ 6f]{cwps}, suggesting that the (by the DIRNSA clearly presumed trustworthy)
+US government would never fall. The assumption turned deadly when the Taliban
+took over personal profiles including biometric data of Afgahnis that had
+collaborated with NATO forces after the retreat of NATO in
+2021~\cite{afganistan2021}. We must not make the same mistake, that is
+believing that our institutions are good and eternal, when it comes to out
+private payment data. Thus, it is necessary that technical protections for our
+privacy are put in place that even the central bank cannot break:
Privacy is most meaningful when it is guaranteed via technical measures, as
opposed to mere policies. Without a technical layer providing
@@ -665,7 +664,7 @@ criteria (with some problems on the side of price stability).
There are no trusted third parties. That does not prevent people from
designing and deploying systems that rely on the assumption that a trusted
-third party exists. Central banks must not follow the NSA director's
+third party exists. Central banks must not follow the former DIRNSA's
hybris~\cite[page 6f]{cwps}
and assert that they are an eternally trusted third party.
