On February 13, 2020, Larry Harmon, of Akron, Ohio, was charged with three counts: (1) conspiracy to commit money laundering, (2) operating an unlicensed money transmitting business and (3) conducting money transmission without a DC license.
According to the DOJ, Harmon operated “Helix,” which was also known as a “tumbler” or “mixer,” without registering as a money services business or money transmitter. These technologies allow a user to obfuscate the origin of their Bitcoin.
Regulations on Bitcoin Privacy
According to the Bank Secrecy Act (BSA), exchanging virtual currency (among other things) is a FinCEN-regulated activity. According to FinCEN, “[a]n exchanger is a person engaged as a business in the exchange of virtual currency for real currency, funds, or other virtual currency.” An exchanger must register with FinCEN as a money services business (MSB). Once registered, the exchanger must implement procedures reasonably designed to prevent money laundering.
Blockchain Analysis and Financial Privacy
While the standard of reasonableness is evolving, one possible way to prevent money laundering is blockchain analysis. Blockchain analysis companies have large marketing budgets and are persuading crypto exchanges to use their services in order to “de-risk” the exchange’s own compliance reporting duties.
Similarly, though not required by law, some larger banks have made the use of blockchain forensic analysis services a condition of getting a bank account. Akin to the dragnet surveillance exposed by Edward Snowden in 2013, these services attempt (with debatable accuracy) to identify the history of a Bitcoin, which (absent other intervening actions) potentially exposes all past and future transactions made by the user who broadcasted the transaction.
Blockchain forensic analysis can include the collection of large amounts of personal information about a user’s spending habits, total holdings, and whether or not the Bitcoin has traveled to the dark web or been used for something illegal. Aside from privacy considerations related to the over-collection of data, the requirement that companies purchase these services can significantly raise the costs of entry into the industry, reducing competition and depriving consumers of the choices they might otherwise have when obtaining financial services.
If a blockchain analysis service determines that particular Bitcoin have been involved in criminal activity, these Bitcoin are referred to as “tainted.” The concept of tainted Bitcoin is controversial. The ultimate objective for a blockchain analysis company, and thus the government to which they offer their services, is to know who owns the Bitcoin. It’s a tall order, but if they can accomplish this, financial privacy on layer-one Bitcoin will be nonexistent.
One failsafe way to remove a Bitcoin’s alleged taint is to have it seized by the government and resold at an auction. Once it’s passed through the government, regulated cryptocurrency exchanges can begin accepting it again; it is “clean.”
The other way to “clean” a Bitcoin is to break the link between the Bitcoin’s past and current transactions by running it through a tumbler/mixer, or CoinJoin. Tumblers and mixers are custodial: This means that when one uses a tumbler or mixer, they must give control of their coins to another party, and trust that this party will return the Bitcoin to them. By contrast, there are various implementations of CoinJoin that can be conducted without sacrificing control of your coins. Not your keys, not your Bitcoin.
While most agree that the government has a legitimate interest in fighting crime, some privacy advocates are concerned that industry standards are being heavily influenced by two powerful forces that may not properly weigh financial privacy concerns: (1) the global Financial Action Task Force (FATF), an intergovernmental agency that seeks to assist global governments in surveillance and tax collections; and (2) compliance companies that stand to gain immensely from lucrative government contracts.
From the privacy advocates’ perspective, the more draconian measures that interested groups (whether public or private sector) can push for, the more money the compliance companies will make. In an ideal world for a forensic blockchain analysis company, a user’s personal privacy may be considered evidence of criminal activity.
Privacy and Fungibility Go Hand in Hand
Fungibility is defined as “capable of being substituted in place of one another.” Fungibility is a critical quality of money. Consider the following example:
If Alice lends Bob a $10 bill, Alice does not need to be repaid with the very same $10 bill; any $10 bill will do. In the same sense, Alice could accept one $5 bill and five $1 bills and still be satisfied, since the total equals $10.
Conversely, as an example of non-fungibility, if Alice lends Bob her car, it is not…