Europe's Hidden Agenda on Crypto Wallets

What you need to know today in crypto and beyond

July 23, 2021

Sponsored By:

Welcome to The Node.

If you were forwarded this newsletter and would like to receive it, sign up here.

Questions? Feedback? We'd love to hear from you! Simply reply to this email.

–Daniel Kuhn

Today's must-reads

Top Shelf

GOING PUBLIC? BlockFi, a crypto lender facing regulatory scrutiny, is pursuing plans to go public in 12 to 18 months, according to documents circulated to investors Wednesday. The company is set to close a $500 million round of funding.

SEEKING CRYPTO TALENT: Amazon is looking for a digital currency and blockchain product lead as the e-commerce giant progresses with plans to bring its payments systems into the crypto age. There has been chatter about a so-called Amazon Coin, with job postings from back in February hinting that a digital currency was in the offing.

DIGITAL NIGERIA: The Central Bank of Nigeria could be testing a digital currency as early as October, the bank's director of information technology, Rakiya Mohammed, said on Thursday. The bank has been researching a possible CBDC for years, Mohammed said.

BITCOIN ATMS: Bitcoin Depot is making a play for brick-and-mortar foot traffic through a "long-term" crypto ATM partnership with the Circle K convenience store chain. The crypto ATM company plans to install kiosks at "thousands" of Circle K locations with more than 700 already live in 30 states. CEO Brandon Mintz is aiming for 6,000 kiosks across North America before the end of the year.

–Helene Braun

A message from Nexo

Your digital assets deserve a savings account in their BEST INTEREST. Leading crypto lender Nexo treats you, your crypto and your fiat to industry-best Crypto & Fiat services, featuring:

* Up to 12% interest on digital assets, paid out daily!

* Yields available on BTC, ETH, LTC, BCH, XRP, XLM, EOS, TRX, LINK, BNB, PAXG, USDT, USDC, TUSD, PAX, DAI, HUSD, GBP and EUR.

* No minimum or maximum limits on funds deposited, offering infinite opportunities to earn.

* #ZeroFees on all transactions.

* Military-grade wallet security and top-tier insurance on all custodial assets with SOC 2 Type 2 certified crypto custodian BitGo.

Get started at nexo.io

Overheard on CoinDesk TV

Sound Bite

"I think we're looking for what's after DeFi."

—Thesis CEO Matt Luongo, on CoinDesk TV's "First Mover."

A message from CoinDesk

The Investor's Perspective on the Bitcoin Taproot Upgrade

Taproot is a bundle of three upgrades to Bitcoin aimed at improving network security, privacy and scalability. At the same time, it poses some potential drawbacks to Bitcoin including risks of low adoption, unintended privacy shortcomings and Bitcoin community disappointment and fracturing.

CoinDesk Research's newest report dives into the economic impact and investment implications of the Taproot upgrade. Download the full report.

What others are writing...

Off-Chain Signals

Men's Journal breaks into crypto reporting with an investigation of Tether
J.P. Koning argues the U.S. dollar isn't a meme, unlike some currencies we know (Moneyness)
Thorchain suffers $8 million loss by hacker wanting to 'teach lesson' (The Block)
Bitcoin will be a 'big part' of Twitter's future, says CEO Jack Dorsey (The Block)

–D.K.

Sponsored Content

YouHodler: Integrating crypto in the financial mainstream

With traditional interest rates close to or even below zero, the whole concept of earning interest on deposits has been turned on its head, making it harder than ever for asset holders to generate returns. That's about to change, thanks to YouHodler, which combines the growth of crypto assets alongside the structures of traditional financial systems so asset holders can start to make decent returns again.

Putting the news in perspective

The Takeaway

Europe's hidden agenda on crypto wallets

On Wednesday, we covered the misleading messaging around Europe's proposed new anti-money laundering law, which was advertised as "banning anonymous crypto wallets." That wasn't really true – the law only impacts third-party custodians, and doesn't impact software or hardware wallets.

However, it turns out the rules, while not banning self-hosted anonymous wallets, could indirectly strangle them. The provisions, and the larger strategy behind them, point to genuinely scary encroachments on financial freedom and should be opposed.

On the other hand, these pernicious portions of the EU rules could be narrowed or removed before they're slated to be implemented in 2024. According to members of Europe's Data Protection Authority, they may violate Europe's recently-implemented GDPR data-protection rules.

The poison pill is in article 58 of the proposed rules (full PDF here), which says that "Owners and beneficiaries of existing anonymous accounts, anonymous passbooks, anonymous safe-deposit boxes or crypto asset wallets shall be subject to customer due diligence measures before those accounts, passbooks, deposit boxes or cryptoasset wallets are used in any way."

According to Simon Lelieveldt, compliance advisor for the Dutch crypto exchange Bitonic, this language would require that both the owners of hosted crypto wallets, and the owner of any crypto wallet they transact with, including self-hosted wallets, be subject to KYC procedures under the new rules. (At least in the U.S. we tend to use "beneficiary" to mean the recipient of assets after the owner's death, but in this context it just means transaction recipients.)

This, Lelieveldt argues, is part of a larger strategy to kill anonymous crypto wallets.

"In sum, the travel rule is used as a wedge to push decentralised [wallets] into a legitimate custody world, making all else illegitimate and criminalised. And it will be used to ban anonymous wallets from existing in the regulated world. Hence the expressed intentions of the Commission are correct." Lelieveldt delves into the point in this excellent Twitter thread, and has written at length about Bitonic's successful confrontation with similar rules.

It's hard to say whether European authorities fully comprehend how draconian, malicious and outright absurd this measure is. At the highest level, it could be seen as making it illegal for any custodial crypto account holder to withdraw their holdings as cash. It sets a European agenda fundamentally hostile to the right to transact privately on the internet.

It's also very hard to imagine how it would work. The Financial Action Task Force (FATF), which broadly sets the agenda for international anti-money laundering (AML) measures, itself says it "is not aware of any technically proven means of identifying the person that manages or owns an unhosted wallet, precisely and accurately in all circumstances." Any system for linking identities to on-chain wallets would be highly subject to errors and abuse, for deep technological reasons.

But even more disturbing is the indirect nature of the initiative. As I wrote Wednesday, the proposed rules do nothing to directly "ban" self-hosted wallets. But they would create a huge moat between third-party hosted wallets and self-hosted wallets, significantly undermining the utility of cryptocurrencies.

Shockingly, this is an explicit enforcement strategy floated by the FATF in a March 2021 guidance document on virtual assets, (thanks again to Lelieveldt for the tip here). The document includes a list of "options to mitigate risks posed by P2P [peer-to-peer] transactions at a national level if the ML/TF risks are unacceptably high. This includes measures that seek to bring greater visibility to P2P transactions, as well as to limit jurisdiction's exposure to P2P transactions."

(Remind yourself here that "jurisdictions exposure to P2P transactions" is a synonym for "citizens' rights to transact freely.")

The FATF's third recommendation for controlling peer-to-peer transactions is "denying licensing of VASPs if they allow transactions to/from non-obliged entities (i.e., private or unhosted wallets).

The GDPR Problem

Now, there is some good (and fairly funny) news here. Before the draft AML rules were circulated publicly, the European Financial Commission received a fairly stern letter from the European Data Protection Board (EDPB), which oversees the enforcement of Europe's General Data Protection Rule. When it was implemented, GDPR was largely seen in the context of social media and advertising, coming as it did in the wake of the Cambridge Analytica scandal.

But the Data Protection Board is making it crystal clear that it regards financial data as subject to GDPR too. And though the letter tiptoes around the issue, it hints that they may regard the proposed new AML framework as flawed.

"The EDPB ... has repeatedly noted the privacy and data protection challenges related to the AML-CFT framework … a fair balance has to be struck between the interest to prevent money laundering and terrorist financing, on the one hand, and the interests underlying the fundamental rights to data protection and privacy, on the other."

The EDPB points to principles including "data minimization" and "necessity and proportionality" as key to crafting AML regulations that don't violate GDPR. Digging into these is a task for another day. But suffice it to say that requiring transactors' detailed personal information be sent with every large financial transaction, as current AML rules often do, does not mesh easily with those principles.

"Why broadcast 99.8% of redundant data of innocent citizens via the payment channels to capture 0.2% of the people [committing crimes]," Lelieveldt asks, "in a day and age where other surveillance technologies are better suited? Data breaches [of financial services] are just around the corner." Rules requiring on-demand delivery of data about suspicious transactions to police, he says, would be just as effective while preserving privacy.

The new AML rules, moreover, could create a perverse incentive for companies whose data-centric business models are being threatened by rising privacy standards such as GDPR and Apple's recent opt-in tracking feature.

"[Companies like] Cambridge Analytica (or Facebook itself) will jump at the opportunity to use the FATF-crypto travel rule to push all the customer data along to all business partners under the pretense of complying with FATF-rules," Lelieveldt warns.

It would be great if cooler heads prevail and Europe's AML rules are revised before they're implemented. But whatever the letter of the law, it seems unlikely that the Data Protection Board has the heft to go up against the Finance Commission, who can just start talking about "terrorist financing" and use fear to push through pretty much whatever they want. Fighting back is going to require broad resistance. It's time for loud voices from around the world to make themselves heard.

–David Z. Morris

The CoinDesk Quarterly Review 2021 Q2

After two consecutive quarters of strong price gains for most of the top crypto assets, Q2 2021 finally brought an end to market euphoria with a resounding crash.

Most CoinDesk 20 assets, which constitute 99% of the crypto market by verifiable volume, ended the quarter with negative returns. Meanwhile, protocol development for the world's largest cryptocurrencies by market capitalization, Bitcoin and Ethereum, reached new milestones.

CoinDesk Research's latest Quarterly Review dives into the trends, developments and technological progress that shaped the crypto markets from April to June 2021. The full report is now available from the CoinDesk Research Hub.

The Chaser...

ATTENTION: Scammers have been sending fraudulent emails with links to sites disguised to look like coindesk.com. If you are in doubt about a link, type https://www.coindesk.com directly into your browser; do not copy and paste. Remember, if something seems too good to be true, it probably is.