As Central Bank Digital Currencies (CBDC) continue to materialise, so do worries surrounding the financial privacy of users, says Matthew Niemerg, co-founder of Aleph Zero – a Swiss non-profit, enterprise-ready, peer-reviewed, developer-friendly blockchain platform.
According to Aleph Zero, CBDCs will undoubtedly be subject to know-your-customer (KYC) and anti money laundering (AML) regulations, which require identity disclosure among their participants.
In fact, the Bank of Canada has already qualified anonymity as a ‘risk’ banks should look to avoid – leaving prospective users with little faith that their privacy will be assured.
Needless to say, such regulations could hinder CBDC adoption by imposing a burden on financial privacy. Fortunately, developers are looking for ways to make blockchain networks that are regulatory compliant, but still, protect the privacy and rights of their users.
To avoid disclosing personally identifiable information while still adhering to KYC and AML regulations, Aleph Zero’s open-source privacy layer, Liminal, is leveraging Zero-Knowledge proofs or ZK-SNARKS.
ZK-SNARKs work by allowing one party – the prover – to produce concise proof that can be used to convince another party – the verifier – that the ‘prover’ is who they say they are.
Importantly, thanks to ZK-SNARKS, nothing about the prover’s personal data is revealed to the verifier (hence the name of ‘zero-knowledge’).
In this way, compliance checks can be made without the user having to input or disclose the information to third parties.
ID compliance is more about proof of compliance rather than knowledge of personally identifiable information. The only issue is up until now there’s been no way to decouple the two. Aleph Zero and Liminal aim to change that.
Governments tend to have the biggest control possible says Niemerg
Coin Rivet spoke with Niemerg, regarding how central banks should adopt a ‘privacy-by-design’ approach.
He stressed that current financial institutions use Aleph Zero’s transactions and financial data for marketing and retargeting purposes, however, their financial private transactions would solve this user anonymity issue.
When talking about financial privacy, one of the reasons why cryptocurrencies became so popular sits in its decentralisation and user anonymity.
However, when talking about CBDCs it is normal that central banks and governments will be overlooking them.
Niemerg said that even though cryptocurrencies like Bitcoin or Ethereum are pseudonymous, in that there is no public data on-chain that can identify persons with an account, they still reveal the transaction history between all accounts and are not fully anonymous.
He added that central banks and governments are not just overlooking financial privacy but want to completely erode it.
“Consider the recent proposal of the US Treasury Department in the US’ latest infrastructure bill,” he said.
“Portions of the bill contain requirements to report all incoming and outgoing transactions of a bank account that exceeds $600 in aggregate over the course of a year to the IRS.
“While there is no direct data available on the limited number of people and companies not spending or receiving more than $600 from a bank account in ag (guarantee account), it is hard to conceive that this would be lower than 90% of the banked (and is most likely much higher given the economic realities of utility bills, mortgage or rent, payment for food, etc.).
“This can be viewed as an attempt to cast a dragnet and capture information on all financial transactions which, in turn, leads to more control that the government has within any given society.”
He asserted that such policies are not unique to the US and there is a broader move by central banks worldwide to monitor every single financial transaction.
“From a technology perspective, financial privacy equivalent to cash is achievable with CBDCs and with the proper design and planning can be made to work with existing regulations on cash transactions,” he said, adding that centralised institutions also use Aleph Zero’s transactions for marketing and retargeting purposes.
Privacy is not a way to keep transactions concealed
Niemerg commented that all cryptographic primitives with privacy features allow users of these protocols to perform what is known as a cryptographic reveal.
“Account holders can even restrict with whom they perform these so-called reveals that would disclose details of a financial transaction and limit revealing sensitive details to only the proper authorities,” he said.
“Privacy is not a way to keep your transactions concealed regardless of the circumstances; it’s simply a more secure way to transact for an individual.
“The common misconception of ‘I have nothing to hide’ led us to a notable amount of data reselling scandals which the foundations of Web 3.0 are trying to avoid. One of the most efficient ways of doing so is through education, especially in the user privacy area.”
He explained that anyone can verify ZK proof and, when talking about the ID compliance, he added decentralised identifiers (DIDs) could be combined in a way with cryptographic techniques to hide financial information on public ledgers yet, at the same time, disclose details to the proper authorities.
“And a prover’s persona is as anonymous as possible assuming proper operational security protocols are followed in not revealing private information that could reveal who the prover is,” he added.
Niemerg also went on to say that economic interactions are a fundamental part of the human experience.
“In free societies, citizens have long enjoyed a great degree of financial freedom,” he concluded.
“As technology improves and allows for private companies and governments the ability to collect data on the population, including data on financial transactions, as a society, we are seeing data privacy protection laws (such as GDPR), and broadly, we see people demand their continued right to privacy.
“The lip service to privacy rights means nothing when financial privacy is not a part of the conversation.”