This article explains what are privacy coins, key regulatory concerns, and how these can be addressed.
Blockchain is gaining popularity, but it has a privacy problem. Vitalik Buterin, the founder of Ethereum, summarizes the concern:
“As seductive as a blockchain’s other advantages are, neither companies nor individuals are particularly keen on publishing all of their information onto a public database that can be arbitrarily read without any restrictions by one’s own government, foreign governments, family members, coworkers and business competitors.”
As you’d know, blockchains (by design) are highly transparent. They need transparency so that all users can easily coordinate with each other, in absence of a centralized entity. So blockchain’s transparency ensures reliable decentralization. To put it simply, blockchain trades privacy to achieve decentralization.
For instance, on the bitcoin blockchain, you have to reveal your identity (to the network) while transferring bitcoins. Once you transfer bitcoins, your bitcoin address becomes public information. And so, anyone can see the remaining balance in your bitcoin address or the transactions associated with such an address.
But privacy is a technical problem. So, there are multiple ways in which this problem is being solved for blockchains.
What are privacy coins?
Blockchains are incorporating privacy-enhancing technologies for ensuring ‘functional transparency’ (instead of full transparency). Meaning, these privacy technologies provide privacy to the users without compromising the transparency needs of the blockchain. Of course, there are some tradeoffs, but the net result is quite promising.
For instance, most blockchains that incorporate data privacy by design store transaction details in an encrypted format. This obfuscates the transaction details to the public at large. But the users are provided with ‘viewing keys’, which can be used to decrypt and read these transaction details. And so, the users can choose who to share these viewing keys with, to allow them to view the encrypted transaction details.
Cryptocurrencies issued on such privacy-friendly blockchains are commonly referred to as privacy coins.
The issue with privacy coins is that they allow you to hide transaction details. Obviously, to protect your privacy. But this makes them an ideal instrument to carry out illegal activities. Europol, in its Internet Organized Crime Threat Assessment report observed that privacy coins are gaining popularity for dark web users and vendors. Even the FinCEN in its Financial Trend Analysis report found that some ransomware attackers are requesting payments exclusively in privacy coins.
Resultantly, the difficulty of investigating illicit activities carried out using privacy coins can spook regulators. It was reported that Japan’s financial regulator was allegedly pressuring crypto exchanges to delist privacy coins. And such delisting incidences were also observed in South Korea, Australia, and United Kingdom. In fact, the president of the Finance Committee of France’s National Assembly proposed a ban on activities relating to privacy coins.
But despite the backlash, no country has implemented a blanket ban on privacy coins. There is a push to delist certain privacy coins or to require additional disclosure while transacting with cryptocurrencies – which makes it difficult to deal with privacy coins. But holding or owning privacy coins itself has not been prohibited or criminalized in any country. Even the Financial Action Task Force has not directly recommended a blanket ban on privacy coins. They opine that privacy coins may be permitted if their risks can be managed. And that’s the tricky part.
How to manage risks pertaining to privacy coin?
We often rely on crypto-intermediaries, like crypto-exchanges, wallet service providers, and crypto on ramps solutions, while dealing with cryptocurrencies. These intermediaries can conduct Know Your Customer (“KYC”) / Anti-Money Laundering (“AML”) checks on their users and their wallets – to establish their identities before undertaking any transactions.
The idea is that if KYC/AML checks are undertaken on every crypto wallet or transaction, it’s immaterial if the transaction details are not publicly viewable on blockchains. So, in case of privacy coins, hiding transaction details on the public blockchains should be fine, as long as the identities of the parties undertaking such transactions is already established. Because you’d already know, who is undertaking the transaction.
But here’s the catch. The decentralized nature of public blockchain allows everyone to create an anonymous wallet – i.e, a wallet without KYC/AML checks. From a technical standpoint, blockchains don’t really require you to rely on crypto-intermediaries to undertake transactions. We’ve only created crypto-intermediaries to provide operational convenience and increase accessibility. And so, you can easily bypass crypto-intermediaries while using privacy coins.
Privacy coins aren’t designed to carry out illicit activities. They are designed to protect the user’s fundamental right to privacy. But privacy coins coupled with anonymous wallets poses a risk – as both, the transaction details as well as the identity of the users are concealed. This leads to the difficulty in investigating illicit and criminal activities. Resultantly, managing risks boils down to a choice – the choice of allowing privacy coins or anonymous wallets. What would be beautiful though, is for the technology and regulations to develop to such an extent, that we are not required to make this choice.
Mayank Takawane, Associate with inputs from Anirudh Rastogi, Managing Partner at Ikigai Law.