Will Europe’s Digital Euro Really Protect Privacy?

Someone needs to remind the European Commission that it can’t have its cake and eat it too.

An EC proposal this week for regulating a future central bank digital currency (CBDC) insisted that it must “protect privacy,” describing a system of NFC chip-based offline payments in which “nobody would be able to see what people are paying for.”

This recognizes European citizens’ civil liberties, as politicians are wont to do. But you can be forgiven for seeing it as mere lip service. A review of the proposal’s explicit record-keeping provisions for payment service providers challenges those intentions, especially in light of recent European government crackdowns on cryptographic privacy.

You’re reading Money Reimagined, a weekly look at the technological, economic and social events and trends that are redefining our relationship with money and transforming the global financial system. Subscribe to get the full newsletter here.

The fact is the European Commission – and for that matter, the governments of the U.S., U.K. and other major liberal democracies – has generally shown itself incapable of embracing real privacy in digital money. They want the facade of privacy, something that lets them sell the idea that Western democracies would never engage in the kind of round-the-clock surveillance for which China is accused, while retaining the power to uncover users’ identities when needed.

I mean, what exactly is the difference?

European proponents of privacy-preserving CBDCs say they want to recreate the freedom of cash. But as security analyst Lukasz Olejnik pointed out this week in his critique of the European proposal, these models are a long way from the anonymity of euro notes. In the case of the offline NFC transactions, service providers would be required to record data on the amount spent; the phone or other device’s unique identifier; the date and time of the transactions and the account numbers used. Does any such identifying information get logged when you hand over a banknote to a merchant? No.

Meanwhile, the crackdowns on open-source privacy projects are a clear indication that tolerance for people engaging in private, non-monitored transactions is low, whether in Europe or elsewhere. The Netherlands played a very active role in prosecuting the U.S. case against Ethereum-based mixing service Tornado Cash, arresting developer Alexey Pertsev days after the U.S. Office of Foreign Asset Control took the unprecedented step of placing the open-source software system – not a person, nor a company, but a body of code – on its list of sanctioned foreign persons.

The Tornado Cash enforcement, which civil rights activists decry as an attack on free speech, sent a chill through the pro-privacy cryptography community. It fears for innovation in the field as developers worry about reprisals by security agencies.

Sure enough, the legal pressure on privacy coin Zen reached such extremes this week that developers relented and altered the code to strip it of its privacy protections. Zen transactions are now open for all to see, which prompts the question: why bother?

This crackdown is boneheaded. We are entering into an artificial intelligence era in which digital systems are extracting ever-ballooning amounts of data from our digital activity and can use it to manipulate us. Privacy tech is a bulwark against that encroachment into our lives. Our leaders have expressed concern about AI’s invasive powers, so they should be encouraging the development of these innovative solutions, not driving them out of town.

Let’s recognize that a half-century (since the introduction of the 1971 Bank Secrecy Act) of ever-expanding compliance rules to enable government surveillance of financial activity has built such a complex web of compliance requirements for financial institutions that true digital privacy is mostly impossible without tearing down that entire complex of regulations. That sort of reform runs counter to the principles of that surveillance system, which governments built in a (mostly futile) effort to curb money laundering and other forms of illicit finance.

This brings me back to not getting the cake and expecting to eat it too: maybe governments should give up on the illusion they can be trusted to protect privacy. They should admit that, at some basic level, these institutions systematically demand information from the people they govern. And maybe, just maybe, with that open recognition, we can start to figure out a compromise that makes sense.

You see, unlike Olejnik, I think CBCDs, if done right, could bring real economic value. I see the smart contract capabilities enabled by true peer-to-peer monetary settlement bringing new, society-wide efficiencies that bank-intermediated IOU money simply cannot. I continue to prefer a private sector-led stablecoin model and believe bitcoin and other native cryptocurrencies are critical to our financial future. But it’s simplistic to dismiss CBDCs as meaningless. Whether crypto people like it or not, CBDCs will bring the power of monetary programmability to the economy. (Bafflingly, the EC proposal would explicitly outlaw that value-added usage for a digital euro – which, again, prompts the question: what’s the point?)

Is there a world in which an enlightened but realistic government, one that is equally committed to its citizens’ freedoms as to its international obligations that it root out bad guys from the financial system, can find a workable CBDC compromise on privacy? Such a middle-ground solution would never promise to recreate true cash-like privacy, but it would erect a host of cryptographic and legal barriers that would make it extremely cumbersome and difficult for governments to snoop on users, requiring that only under the most extreme circumstances and with a court order, might they be able to access the so-called “back door.”

Zero-knowledge proofs and other pro-privacy tech make such models feasible. The Project Hamilton initiative jointly run by the MIT Digital Currency Initiative and the Federal Reserve Bank of Boston is developing this kind of privacy-preserving template for the Federal Reserve to consider. It’s just an experiment and at this stage it seems very unlikely that the Fed will be so enlightened in its development of a digital dollar.

But if the U.S. and the Europeans won’t do it, perhaps there’s an opening for other governments.

In the coming years, I see online privacy elevated in importance, not just for individuals but for businesses, which will start to view their transaction history as a kind of property right. The government that best satisfies that demand could come out as a winner.