🇬🇧9🔻CBDC and Digital Rights: Better Think About It Sooner Than Later
The consequences that the Introduction of Central Bank Digital Currency, Digital State Currencies, May Have For Individual Freedoms and a Possible Preventive Scenario
- a CBDC by its digital nature:
ì- it is potentially always traceable, unlike cash which by its nature is not;
ìì- as a consequence, not-fungible if its characteristics are aimed at identifying the path and the actors to be tracked; this unlike cash which, apart from the serial number of the banknotes, is perfectly fungible for path and actors;
- each country, when issuing CBDC, must deal with its own system related to the freedoms guaranteed and protected at the level of regulatory structure, in view that the perfect potential traceability of the currency issued by the state can affect the system itself;
- no project currently in place, whatever the current phase of development, provides for the disappearance of cash, then its replacement in its entirety with CBDC;
On the one hand CBDCs are, in general, an excellent innovation. The advantages of adoption are different, in this blog it has been discussed several times: financial inclusion without the yoke of intermediation costs and profitability evaluations of intermediaries, direct transmission of monetary policy, multidimensional programmability, i.e. temporary validity and finalization of use and, last but not least among the benefits, the possibility of automating the system payment/consideration through smart-contract, with all that this implies in terms of transaction costs and system integration.
On the other hand there is the problem of privacy and individual rights, which is no small thing.
Let’s leave two aspects related to the topic:
- the cybersec: we give it for the sake of convenience (not for ease) of treatment taken for granted and presumably maximized, both at the level of central management and user wallet, with reference to quantitative and qualitative theft of data, the protection of I.D. and access, etc.;
- the centralization or the decentralization (not DLT or DLT with different degrees of opening) of the system of management and distribution: it is an aspect that interests marginally, as we will see, the privacy problematic and connected.
A fairly common line of thought states that, ultimately, the advent of CBDC would not move the ball of habits, and therefore of current problems. The reasoning is based on the fact that everyone, depending on the services (supply) that are made available to him and the (demand) his own degree of digital literacy and need/preparedness, already now has to do with digital money, from ATMs to cryptocurrencies.
It is not.
First of all the digital currency is a representation, exactly digital, of the paper currency which has its dematerialization in function of the services offered by the intermediaries and the demand for them. The digital transformation has allowed a greater efficiency of the services of payment/ collection/processing of paper through its processing into numerical strings.
From the simple ATM, more efficient than the teller, to cryptocurrencies, when they leave the crypto world and interface with the fiat world, passing through all intermediate forms of the SWIFT or debit/credit cards, exchanging digital data is a more efficient service under a multitude of aspects than exchanging paper.
In all this, however, the issuers have nothing to do with it: the intermediaries replace paper with virtual, downstream of the process for which the issuers act on ‘M0’ for monetary policy reasons and through the reserves provided for the intermediaries themselves.
Also the variation of the reserves is, always for reason of efficiency, implemented through digital representation exchanged, between issuer and intermediary: this does not mean that it does not exist in the form of cash or assets (also they represent digitally) in charge of the intermediaries but, simply, the bytes that represent them are transferred.
This has essentially two general consequences: the first, if the end user, in theory, wanted to keep his cash in a mattress can now do so; the second, the persons responsible for ‘privacy & Co.’ related to the circulation of money, cash or digital, are now the intermediaries. They have no interest, if not their own, in going beyond what is required by the applicable rules.
The solutions in the pipeline for CBDC are of two types.
The first, that is going online in China, provides that intermediaries continue to perform their function of monetary policy transmission, through the change of reserves, and the interface with users. For the tests conducted so far, in fact, public banks of a commercial nature have been used. The Chinese system is a centralized DLT.
Therefore the emission of the state digital currency, from the operational side, does not change the situation with respect to the cash: in conclusion a part of M0 is emitted only in digital and it could be said that, simply, the serial on paper is replaced by the string necessary for the automatic processing. In this case the intermediaries manage the whole matter, including the wallets and their contents.
The second one, that has already gone on-line in the Bahamas, provides that the central bank issues wallets available to citizens who, in order to obtain CBDC, transfer digital funds and change them 1:1. The system is a DLT permissioned based on blockchain. In this case the commercial banks can:
- to be completely excluded, a vision desirable in view of disintermediation, from the process of creation/destruction: they cover the figure of simple users and dialogue with their wallet portfolio with the central bank, on the one hand, and with customers, on the other;
- to be part of the system, a desirable vision from the point of view of monetary policy, of the creation/destruction process: it is a system that, compared to the previous one, would have a greater impact of fine-tuning transmissive character. The mixed hypothesis, for which the final user can choose between a direct wallet with the issuing institution and/or one with an intermediary, does not change the scenario.
Whatever solution is adopted all the assumptions remain firm and, clearly, the problem of tracking and its accessibility arises.
Previously cybersec has been taken for granted because it is not the problem: better said, and although the topic is complex, there are technologies and skills that provide a CBDC solution with technological robustness so that it does not suffer damage from third parties. In this case we are talking specifically about robustness: not resilience, the system does not have to adapt to any cybersec stress but, rather, to deal with it in a pro-active way; not antifragility, there is no reason why a CBDC system benefits from cybersec stress if not for predictive purposes.
If the bad guys are eliminated by the actors, the process of data protection and personal rights affects on the one hand the users and on the other hand the issuing institution and/or intermediaries.
Skimming, the protection of the user’s identification data can fall within the framework of existing legislation and, technically, in its cybersec processes. The tracking remains.
This is a completely new problem: in fact, if with paper currencies and their digital representations you could choose, within certain limits, to use the cash without being tracked with the CBDC option this is not possible.
In other words the state, or who for it, adds a service from scratch in the payment market and this service, as prerequisite, can always be tracked.
- the first, the objection that even in this case the user can make a choice between paper (and/or its digital representation) and CBDC does not make sense: it is not a service offered by a commercial entity but by the state that, potentially, must guarantee to CBDC the same non-traceability of cash, if both coexist;
- the second, a short while ago it was said that, within limits, the choice between the use of cash and its current digital representation is free; it is equally true that the current trend, on a global level, sees the level of this limit progressively lowering towards the ‘almost obligation’ use of digital money for payments between private, corporate and public components. Regardless of the reasons that lead governments towards this direction, the pervasiveness component of state digital control towards individuals is increasing: there is reason to believe that the advent of CBDCs not only confirms the trend, lowering further the limit of obligations, but makes it even more pregnant, putting a digital eye in the pockets of companies and citizens;
- the third, as we have been forced to learn as the digital transformation in the last 50 years has run its course, on the one hand there are the norms and on the other the factual reality. It has been characterized, with regard to the confidentiality of personal data and individual digital rights, by abuses, including state abuses, which have their origin in finalized regulations of different kinds (for example, national security or tax evasion) and have had their own path for completely different and illicit purposes. Cash, within the world of money and by its nature, is one of the few things that cannot be affected by this type of abuse. Being, in this perspective, the end user the weak part of a CBDC system, what guarantees does he have, beyond the norm, of who/when/why he can (he is not authorized to do, but he can do) see what?
- finally the programmability. It is an exceptional tool because combined with smart-contracts it can give rise to specific multidimensional and fine-tuning interventions otherwise not possible: consequently it is a totally new aspect. If it is true that even with cash, and with its digital representation, these interventions are the usual, their realization can be foreseen effectively upstream of the online deployment but, the actual efficiency, must necessarily include a more or less stringent control phase downstream of the disbursements. With CBDC efficiency is maximized because the need for control disappears: either you respect the terms that gave rise to the ‘issuance’ or you can not (get and / or) spend the money paid out. We have written ‘issuance’ in general, instead of ‘issuance connected to the intervention’ not by chance: in a world where norm and factual reality are on two separate levels nothing forbids to block accounts at discretion, and the end user is always the weaker party.
So the problems that affect the rights (not only privacy and not only in the digital environment) of everyone, as a result of CBDC issuance, are neither few nor slight.
The treatment of individual rights, digital or not, is in the different CBDC designs, for now a series of declarations of intent. Focus, as right, on the cybersec aspects but only good intentions of trust placed in institutions regarding digital rights.
If we take as an example the document elaborated by ECB and recently published, the focus of the reasoning (ref.pag.27) is on the concept of differentiated privacy for different levels of amounts of transactions: it is a naive concept.
It is based on the framework provided for cash, and its digital representation, but not for CBDCs, for which the anonymity of the transaction cannot actually exist: it is explicitly proposed in the document for transactions of modest value but the report does not indicate, not even broadly, how to guarantee it, as well as taking for granted the unconditional trust in institutional centralization and, if anything, in commercial intermediaries.
The same technical solutions proposed reveal superficiality and contradiction of approach. In almost all projects, the transaction between wallets is foreseen even off-line: theoretically it is possible. If the wallet that pays has a consolidated balance in the total amount it is feasible to transfer CBDC to another wallet, both off-line, for a maximum amount equal to the balance and, if the level allows it, with the theoretical protection of anonymity. However, no one explains how it is possible to maintain it and, therefore, avoid tracking when, by necessity, the two wallets come back online and have to align with the central system.
Even assuming that one of the two wallets never goes back online, and always carries out transactions below the anonymity limit and offline, sooner or later one of the other wallets will go back online and this will cause the tracking of the reference transaction, after which business intelligence is an art.
Beyond the declarations of intent no one reveals the technical condition to maintain anonymity simply because, in the case of CBDCs, it does not exist: one has to trust and, considering the past, there are very few reasons to do so.
This has to be translated into adopting new solutions for new problems and, slightly, the need has also been acknowledged by ECB when it writes:
‘Users’ trust in the privacy model of the underlying digital euro system could be reinforced through auditing by independent third parties.’
The solution must be based on ‘transparency’, which becomes not the key-word but the magic-word:
- transparency in coding: it must be open-source, verifiable in its effects, including smart-contract;
- transparency in the ledger: it must be given the ability to everyone, in the possibilities not only allowed but also in those not prevented by legislation, to verify who/how/when he has put his eyes on his pockets;
- non-systemic third parties must be able to perform due-diligence on systemic operation for two reasons:
ì- to ensure the level of systemic trust in a factual manner;
ìì- make up for the lack of knowledge in people with low digital literacy, weak users among the weak.
We will see, with little confidence because why the premises for now are not the best.
Blog logo by Cathy Moser
This is an English adaptation of a neuronal Italian/English AI translation by DeepL