When details emerged about Coinbase’s blockchain analysis partnership with ICE, Bitcoiners were left wondering how safe their data really is.
This is an opinion editorial by Justin Ehrenhofer, the vice president of operations and multi-coin Cake Wallet, a Bitcoin privacy educator and a moderator of the r/CryptoCurrency subreddit.
Coinbase recently came under fire after a Freedom Of Information Act request from Tech Inquiry revealed details of its contract to provide U.S. Immigration and Customs Enforcement (ICE) with access to its blockchain analysis tool Coinbase Tracer.
Coinbase agreed to provide ICE with surveillance data on 12 blockchains (including Bitcoin’s). Among other tools, ICE gained access to Coinbase’s “multi-hop analysis,” “Lightning network investigation,” “historical geo tracking data” and “transaction demixing and shielded transaction analysis.” You can see a summary of the scope in this screenshot obtained by Tech Inquiry:
To privacy advocates and cryptocurrency compliance professionals, the existence of these features is unsurprising. Chainalysis, CipherTrace, Elliptic and other blockchain analysis firms have sold similar services for many years. Per the chart below, ICE has purchased licenses from Chainalysis since 2016.
Chainalysis offers Reactor for regulators and investigators, KYT (“know your transaction”) for automated compliance screening of addresses and transactions, Kryptos for high-level vetting, Market Intel for researchers and investors, Business Data for exchanges to track their customers’ activities for business development, and Crypto Incident Response for victims of ransomware and other threats. Blockchain surveillance data is being sold for compliance, research, investment and marketing purposes by the same company. And there are dozens of other companies that sell similar data for other purposes.
The ICE Fallout
Following a wave of negative press after the details of Coinbase’s contract with ICE were released, the exchange reiterated that it “does not sell proprietary customer data,” and that “Coinbase Tracer sources its information from public sources, and does not make use of Coinbase user data. Ever.”
I’ll accept Coinbase’s claims on the surface, but even if true, it is still sharing customer data with the U.S. government.
Your ‘Proprietary’ Data Is Probably Already Shared, Secretly
Coinbase is required by law to submit Suspicious Activity Reports (SARs) to the Financial Crimes Enforcement Network (FinCEN) if it believes certain activities are suspicious. These reports can include customer information such as names, physical addresses and even cryptocurrency transaction and address data, if applicable.
BitAML, a compliance consulting company focused on anti-money laundering (AML) regulation, has a guide for submitting cryptocurrency-related SARs on its website, which you can use to get a feel for the information that bitcoin exchanges commonly submit. SARs can be filed for all sorts of things, including situations where a customer refuses to comply with information requests.
Banks file Currency Transaction Reports (CTRs) for all daily cash deposits or withdrawals over $10,000. CTRs are not currently required for cryptocurrency transfers (e.g., withdrawals of $20,000 in BTC from an exchange platform), but FinCEN has pushed for these in the past. It’s likely that CTRs will be required for cryptocurrencies (as they allow users to hold their private keys and their ability to spend the coins, thus making them bearer instruments, like cash) in the near future. I can’t speak for Coinbase or whether it has submitted any CTRs, but Coinbase or other bitcoin exchanges may have already sent your information to FinCEN if you have deposited or withdrawn more than $10,000 in BTC via their platforms in a single day.
If Coinbase’s blockchain monitoring or compliance tools indicate that some bitcoin transaction on its platform is suspicious, it’s reasonable to expect that the exchange has submitted a SAR. ICE can easily use the blockchain analysis tool to find suspects of what it deems “financial crimes,” and then check to see if Coinbase or other exchanges have submitted SARs on those users.
Coinbase may not directly share customer data with ICE, but they share customer data where required with FinCEN, which can share it with ICE. So it stands to reason that ICE is very much using the Coinbase tracing tool to help track and learn the identity of certain Coinbase customers.
You will not get a notice that your information is shared in a SAR. SARs are explicitly required to be secret. Exchanges and banks are prohibited from notifying you. Depressingly, as mandatory filings, none of this mass data collection requires a warrant.
Your ‘Proprietary’ Data Is Public
People should understand that the only truly “proprietary” information to Coinbase is the information you share directly with it. When you deposit and withdraw cryptocurrencies, you create public records that are usually trivially traced. If you withdraw bitcoin from Coinbase to your noncustodial wallet, Coinbase’s tool will likely show that transaction leaving Coinbase.
IP address surveillance is a large industry on its own. Bitcoin nodes are ultimately public servers. When you send bitcoin, the transaction needs to make its way into a public database. Companies run Bitcoin nodes to collect the first IP address they can find associated with a transaction. In many cases, this gives these companies a good idea of your rough geographical location and sometimes even your home IP address.
That’s right: your home IP address, your wallet addresses and every transaction you ever make can be public information that is analyzed, packaged nicely and sold as tools to law enforcement. Per USAspending.gov, ICE alone has gotten access to these by issuing contracts currently valued at $6 million. The FBI and IRS have issued contracts to four analysis companies for $13.5 million and $17 million, respectively. The FBI contracts have a potential total value of over $40 million. Across all of these agencies and others, the cost to taxpayers could be as high as $79 million.
Anger Against Coinbase Isn’t The Solution
You may be angry with Coinbase at this point. Don’t be.
Well, at least don’t just be angry at it. Chainalysis has made a lot more money from ICE and other agencies over the years that Coinbase has, and if Coinbase didn’t sell ICE this tool, ICE could build it itself.
So you should really be angry at blockchains that enable the mass surveillance of all this transaction information, and be angry at the warrantless mass surveillance afforded with SARs and CTRs.
So, what do we do from here? It takes three things to enable better Bitcoin privacy:
- Set the record straight about the usefulness of these tools. They enable mass surveillance on nearly everything you do with your bitcoin. Stop beating around the bush and accept that a privacy problem exists for the 12 listed blockchains (including Bitcoin’s and Ethereum’s), as well as nearly all others.
- Incorporate meaningful and significant changes to break these tools. Hide the IP addresses being used to broadcast transactions better with tools like Dandelion++. Hide the amounts, addresses and transaction graphs. Bitcoin needs better default privacy protections to circumvent this mass surveillance. It’s almost impossible to kill these tools completely, but we can meaningfully reduce their surveillance scope by following Monero’s footsteps, for instance, of enabling sane privacy defaults across the board, not just for users of a niche tool.
- Stop using regulated entities that need to report SARs and CTRs. Using a noncustodial wallet to send more than $10,000 in bitcoin could prevent your information from being shared automatically.
Why Does This Matter?
Bitcoin proponents have championed the usefulness of BTC for remittances to El Salvador and other countries. Bitcoin is certainly useful in many of these circumstances. However, many migrant workers are going to be scared off by Bitcoin’s transparency and the millions of dollars being poured into tracing Bitcoin transactions annually. It’s harder for ICE to target individual users of the traditional, centralized remittance system than it is for ICE to observe every single bitcoin payment to find many going to El Salvador exchanges, IP addresses and services.
Migrant workers often escape dangerous situations back home. Regardless of your political views on immigration, one should understand how someone in this situation would take great caution in protecting their privacy for fear of being deported.
Sadly, Bitcoin doesn’t protect the privacy of the vast majority of its users very well. Suppose El Salvador was to take the extreme (though very unlikely) step of requiring remittances in itcoin. Would this be a net positive, breaking people away from centralized and regulated institutions that profit heavily off of the world’s poor? Or would this be a net negative, since one, most people will use regulated platforms to buy and sell bitcoin with fees anyways, and two, the vast majority of people will be surveilled by enemy actors (from the perspective of illegal immigrants) on the transparent blockchain?
The answer isn’t straightforward; there are positives and negatives, and Bitcoin will be the preferred option for some people. Still, I hope that loud voices in the Bitcoin community understand the challenges and risks associated with ICE watching every transaction, and that they loudly advocate for better default privacy protections on Bitcoin to protect the users they say Bitcoin was made for.
This is a guest post by Justin Ehrenhofer. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc or Bitcoin Magazine.