Falsely Framed: A choice between personal privacy and national security

By Daniel Gorfine and Michael Mosier /// July 23, 2022

A False Choice

As the world grapples with the rise of transferable digital assets— from central-bank digital currencies (CBDCs) to stablecoins — an oft-repeated concept is that national security and law enforcement will be in conflict with individual privacy.

 

This belief is based on the idea that we have only two choices: either reveal individual identities so that governments can track and trace potentially illicit digital transactions, or preserve individual privacy and severely jeopardize law enforcement interests. This binary concept is on track to inform policy, regulation and product development that could permanently impact the evolution of digital assets, computing systems, and finance.

 

It is a false choice, and one we should not accept.

 

The stakes are admittedly high when it comes both to law enforcement and individual privacy. We cannot and should not accept a future digital landscape where terrorists and criminals abuse the system. Nor can we accept a world where individuals sacrifice their right to privacy by exposing, en masse, economic and personal details to commercial or governmental actors.

State of Privacy

Today’s system of applying anti-money-laundering (AML) and know-your-customer (KYC) requirements is predicated on individuals turning over sensitive personally identifiable information (PII), which is susceptible to hackers and potential invasions of privacy by public and private sector entities. This cache of information, which includes full names, addresses, birthdates, Social Security numbers, business partners and more, is repeatedly disclosed to different institutions — making each of them a holder of exceptionally sensitive data that cannot be “put back in the bottle” once exposed.

 

Fortunately, recent years has brought a range of privacy-enhancing techniques (PETs) that may create an ideal arrangement. At their core, these techniques are focused on being able to confirm certain critical information about an individual engaging in a transaction (for example, that the individual isn’t on a terrorist watchlist), without revealing PII about that individual. Promising areas include zero-knowledge proofs, homomorphic encryption and multi-party computation, which generally enable parties to prove that an encrypted proposition is true without revealing the underlying information.

 

For example, cryptographic techniques can prove that someone is over 21 years old, rather than showing a driver’s license that reveals personal information such as a home address. A zero-knowledge proof can keep such information encrypted, but perform a computation to verify that the encrypted birthdate is on or before the threshold date 21 years prior. 

 

Likewise, cryptography can allow portable credentials that prove, rather than disclose, key elements, such as what trusted entity has conducted customer due diligence, what elements of information were checked, including sanctions lists, and more. This approach can drive expanded opportunities for people to access financial services through digital wallets faster and more broadly, including for economic impact payments and other emergency services. It will also safeguard and secure underlying personal information, which will no longer be as vulnerable to exposure from hacks. PII would only be revealed upon other risk factors justifying it, subject to legal protections.    

New technology needs new policies

The privacy technology frontier has meaningful implications for U.S. policy. 

 

First, and most importantly, it is critical that policymakers develop policy based on where technology is headed rather than where it has been.  When automobiles first emerged in England, an old law dubbed the Red Flag Act required self-propelled vehicles (previously, only steam-powered locomotives) to be led at walking pace by someone waving a red flag. The New York Times aptly pointed out in 1895 that it served to “destroy the usefulness of a horseless carriage.” 

 

We should similarly not build rules imposing traditional identity disclosure requirements — akin to a mechanic walking alongside a vehicle with a red flag — just because we believe it is the only way to satisfy key objectives. Programs including FinCEN’s PET-dedicated Innovation Hours Program that “focus on the important role of privacy-preserving principles in developing technical solutions” is an example of forward-leaning approaches that need to be replicated across government to ensure we have rules that incorporate technological advances.

 

Just as traffic laws, signals, and road signs were a better alternative to people carrying around red flags, privacy-protecting zero-knowledge proofs are a better alternative to people broadly sharing their PII.  

 

Second, the U.S. should be pursuing massive investment into public-private research efforts aimed at developing the world’s most advanced privacy-enhancing tools. Safely ensuring privacy for the digital economy will be a core global competitive advantage. It can attract global consumers to adopt American platforms and solutions as they aim to preserve their privacy in the face of increasing surveillance and exploitation efforts, including major nation-state cyber attacks and pervasive global attacks on journalists.  

 

Such collaborative efforts would also embed American norms and values into our digital infrastructure in stark contrast to global competitors. The U.S. decided long ago that although encryption (and the Fourth Amendment) makes it more difficult for the government to monitor activity, that security provides critical protection from anti-democratic authoritarians and attackers. Breaches are significantly less severe if the system comprehensively encrypts (or declines to collect) data from the beginning. Advances in PETs allows for that protection while securely and privately verifying and computing, rather than exposing, data. The choice is not binary.

US Progress

Some progress is being made. The White House issued a comprehensive Executive Order on broader digital asset policy a few months ago, and agencies are currently putting out requests for more information. For example, the U.S. Treasury Department recently issued a request for comment. There are also a number of CBDC-related bills that focus on privacy.

 

When applied to digital-asset innovations, including development of a digital U.S. dollar, PETs will solve one of the larger perceived policy barriers: having to make a binary choice between privacy and security, when in fact, privacy is a necessary part of security and our democracy.  The boundless energy of American ingenuity has been unlocked when people feel secure from exploitation. Advances in cryptography can help ensure personal and democratic resilience with more mathematical certainty and dynamic opportunity than the politically-contingent, binary (and false) trade-offs that are being presented.

 

Daniel Gorfine is former chief innovation officer of the U.S. Commodity Futures Trading Commission, co-founder of the non-profit Digital Dollar Project, and founder of Gattaca Horizons LLC.

 

Michael  Mosier is former acting director of the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN), former deputy chief of the U.S. Department of Justice’s Money Laundering & Asset Recovery Section, and is currently general counsel at Espresso Systems.