commit d6489d0d24781d062f209df4011595d097dd6114
parent c2cc6214b21d3ab7f5fa07e16385f2aa095b150f
Author: Özgür Kesim <oec-taler@kesim.org>
Date: Fri, 7 Jan 2022 13:18:12 +0100
more updates on bibliography; added comments
Diffstat:
7 files changed, 72 insertions(+), 41 deletions(-)
diff --git a/2022-privacy/literature.bib b/2022-privacy/literature.bib
@@ -254,3 +254,28 @@ series = {SEC'16}
url = {https://www.snb.ch/en/mmr/papers/id/working_paper_2021_03}
}
+@article{ecb2021,
+ title={Central Bank Digital Currency: functional scope, pricing and controls},
+ author={Bindseil, Ulrich and Panetta, Fabio and Terol, Ignacio},
+ howpublished={\url{https://www.ecb.europa.eu/pub/pdf/scpops/ecb.op286~9d472374ea.en.pdf}},
+ journal={ECB Occasional Paper},
+ number={2021/286},
+ year={2021}
+}
+
+@Misc{hacks1,
+ title={Bitcoin wallet update trick has netted criminals more than \$22 million},
+ author={Catalin Cimpanu},
+ howpublished={\url{https://www.zdnet.com/article/bitcoin-wallet-trick-has-netted-criminals-more-than-22-million/}},
+ journal={ZDNet},
+ year={2020},
+}
+
+@Misc{hacks2,
+ title={How Hackers Hack Crypto Wallets, and How to Protect Yourself},
+ author={Samuel Gush},
+ howpublished={\url{https://www.makeuseof.com/how-hackers-hack-crypto-wallets/}},
+ journal={MUO},
+ year={2021},
+}
+
diff --git a/2022-privacy/privacy.tex b/2022-privacy/privacy.tex
@@ -13,16 +13,18 @@
\abstract{
The European Central Bank (ECB) published a report on ``Central Bank Digital
Currency: functional scope, pricing and controls'' in its Occasional Paper
-Series in December 2021 detailing various challenges for the Digital Euro.
-While the authors peripherally acknowledge the existence of token-based
-payment systems, the notion that a Digital Euro will somehow require citizens
-to have some kind of central bank account is pervasive in the paper. We argue
-that an account-based design cannot meet the ECB's stated design goals and
-that the ECB needs to fundamentally change its mindset when thinking about its
-role in the context of the Digital Euro if it wants the project to succeed.
+Series in December 2021~\cite{ecb2021} detailing various challenges for the
+Digital Euro. While the authors peripherally acknowledge the existence of
+token-based payment systems, the notion that a Digital Euro will somehow
+require citizens to have some kind of central bank account is pervasive in the
+paper. We argue that an account-based design cannot meet the ECB's stated
+design goals and that the ECB needs to fundamentally change its mindset when
+thinking about its role in the context of the Digital Euro if it wants the
+project to succeed.
+% [oec] Shouldn't we also mention GNU Taler already here as an example for an alternative?
}
-\section{The European Central Bank cannot be the Guardian of Privacy}
+\section{The ECB cannot be the Guardian of Privacy}
The ECB's report starts with a public interest-oriented self-image of central
banks. For example, the authors claim that ``central banks operate in the
@@ -31,16 +33,16 @@ interest'' and ``as public and independent institutions, central banks have no
interest in monetising users' payment data. They would only process such data
to the extent necessary for performing their functions and in full compliance
with public interest objectives and legislation.'' While this is a laudable
-aspiration, it is false. The Bank of Greece, one of the central banks of the
-Eurosystem, is dominantly privately held and listed on the Athen's stock
-exchange~\cite{BG2016}. Similar constructions with privately owned central
-banks exist outside of the Eurozone, for example with the Swiss National
-Bank~\cite{SNB}. That all central banks are independent and operate in the
-public interest is currently widely questioned in the popular press in the case
-of Turkey~\cite{tcimer2020}. With counter-examples inside the European System
-of Central Banks (ECBS) itself and within Europe, it is clear that the ECB's is
-caught in a dangerous self-delusion of central banks being an politically
-neutral and public-minded institutions.
+aspiration, it is a false statement: The Bank of Greece, one of the central
+banks of the Eurosystem, is dominantly privately held and listed on the Athen's
+stock exchange~\cite{BG2016}. Similar constructions with privately owned
+central banks exist outside of the Eurozone, for example with the Swiss
+National Bank~\cite{SNB}. That all central banks are independent and operate
+in the public interest is currently widely questioned in the popular press in
+the case of Turkey~\cite{tcimer2020}. With counter-examples inside the
+European System of Central Banks (ECBS) itself and within Europe, it is clear
+that the ECB's is caught in a dangerous self-delusion of central banks being
+politically neutral and public-minded institutions.
This delusion is dangerous because it leads to the ECB trusting itself with
information and decisions that it must be entrusted with. In particular, the
@@ -60,18 +62,19 @@ for critical infrastructure created by European institutions.
\section{Accounts}
-The probably worst idea of the ECB report is ``combining use of digital
-identity and CBDC''. Edward Snowden famously said at IETF 93 in 2019 that
-\begin{quote}
- ``I think one of the big things that we need to do, is we need to get away
- from true-name payments on the Internet. The credit card payment system is
- one of the worst things that happened for the user, in terms of being able
- to divorce their access from their identity.''
+The probably most dangerous idea of the ECB report is ``combining use of
+digital identity and CBDC''. Edward Snowden famously said at IETF 93 in 2019
+that \begin{quote}
+ ``(...) we need to get away from true-name payments on the Internet.
+ The credit card payment system is one of the worst things that happened
+ for the user, in terms of being able to divorce their access from their
+ identity.''
\end{quote}
-If we want to avoid the dystopia of the transparent citizen (associated in the
-West with the vilified Chinese surveilance state), we must enable citizens to
-put a firewall between their identity and their payments. Tightly coupling them
-is thus probably the worst idea so far proposed in the design space for CBDCs.
+If the European Union wants to avoid a dystopia of the transparent citizen
+(associated in the West with the vilified Chinese surveilance state), % [oec] I don't think we should mention China.
+it must enable citizens to put a firewall between their identity and their
+payments. Tightly coupling them is thus probably the worst idea so far
+proposed in the design space for CBDCs.
The Swiss population recently rejected a proposal for a national E-ID, and the
newly elected German government is promising a reversal of ubiquitous data
@@ -86,15 +89,16 @@ account-based digital payment offerings already put it. If CBDC payment data
is strongly coupled with our identities, those who dislike living in a
panopticon could only hope for such a CBDC to be rarely used.
-But the ECB is not the only institution inappropriately pushing for digital
-identity-based solutions. Another domain where this is inappropriately
-pursued is the decades-old debate about age-verification for Websites. The
-common pattern here is a security need (for example countering financing of
-terrorism (CFG), anti-money laundering (AML) or protecting the children) which
-is ``addressed'' by strong identification. Not only is this simplistic
-approach rarely cost-effective, but it contributes to the conversion of
-soverign citizens to digital subjects.
+But the ECB is not the only institution pushing for digital identity-based
+solutions. Another domain where this is inappropriately pursued is the
+decades-old debate about age-verification for Websites. The common pattern
+here is a security need (for example countering financing of terrorism (CFG),
+anti-money laundering (AML) or protecting the children) which is ``addressed''
+by strong identification. Not only is this simplistic approach rarely
+cost-effective, but it contributes to the conversion of soverign citizens to
+digital subjects.
+%[oec] maybe: \subsection{Privacy done right: GNU Taler}
Token-based payments like GNU Taler offer an alternative, enabling the state
to ensure business is legal (and tax-paying) without infringing on the
soverenity of private citizens. We recently extended this principle also into
@@ -148,10 +152,10 @@ they presume that hoarding CBDC must be risk-free. However, with Digital Euros
represented as tokens that citizens hold in self-custody, the CBDC would not
be risk-free: citizens would have to safeguard their digital devices (both
physically and against malware). Owners of cryptocurrencies are very familiar
-with the fact that self-custody is risky~\cite{hacks}. Thus, a CBDC design
-using digital tokens under the control of citizens indirectly provides a good
-solution for hoarding, as self-custody of the digital assets entails a risk,
-quite comparable to the risk of hoarding cash. By analyzing this risk,
+with the fact that self-custody is risky~\cite{hacks1,hacks2}. Thus, a CBDC
+design using digital tokens under the control of citizens indirectly provides a
+good solution for hoarding, as self-custody of the digital assets entails a
+risk, quite comparable to the risk of hoarding cash. By analyzing this risk,
citizens and businesses would themselves determine appropriate individual
limits for their CBDC holdings based on their actual cash needs.
@@ -174,6 +178,8 @@ various key design challenges inherent to account-based designs, including the
biggest challenge of all: creating a product citizens would actually like to
use.
+%[oec] Highlight again that alternatives _are_ on the table
+
\section*{Acknowledgements}
We thank Martin Summer for encouraging us to put our critique of the ECB's
diff --git a/presentations/comprehensive/gnu.pdf b/presentations/comprehensive/gnu.pdf
Binary files differ.
diff --git a/presentations/taler-mdb-36c3/Makefile b/presentations/taler-mdb-36c3/Makefile
diff --git a/presentations/taler-mdb-36c3/cf_handouts.tex b/presentations/taler-mdb-36c3/cf_handouts.tex
diff --git a/presentations/taler-mdb-36c3/cf_slides.tex b/presentations/taler-mdb-36c3/cf_slides.tex
diff --git a/presentations/taler-mdb-36c3/cf_tablet.tex b/presentations/taler-mdb-36c3/cf_tablet.tex
