The Internal Revenue Service has filed a "John Doe" summons seeking to require U.S. Bitcoin exchange Coinbase to turn over records about every transaction of every user from 2013 to 2015. That demand is shocking in sweep, and it includes: "complete user profile, history of changes to user profile from account inception, complete user preferences, complete user security settings and history (including confirmed devices and account activity), complete user payment methods, and any other information related to the funding sources for the account/wallet/vault, regardless of date." And every single transaction:
All records of account/wallet/vault activity including transaction logs or other records identifying the date, amount, and type of transaction (purchase/sale/exchange), the post transaction balance, the names or other identifiers of counterparties to the transaction; requests or instructions to send or receive bitcoin; and, where counterparties transact through their own Coinbase accounts/wallets/vaults, all available information identifying the users of such accounts and their contact information.
The demand is not limited to owners of large amounts of Bitcoin or to those who have transacted in large amounts. Everything about everyone.
Equally shocking is the weak foundation for making this demand. In a declaration submitted to the court, an IRS agent recounts having learned of tax evasion on the part of one Bitcoin user and two companies. On this basis, he and the IRS claim "a reasonable basis for believing" that all U.S. Coinbase users "may fail or may have failed to comply" with the internal revenue laws.
If that evidence is enough to create a reasonable basis to believe that all Bitcoin users evade taxes, the IRS is entitled to access the records of everyone who uses paper money.
Anecdotes and online bragodaccio about tax avoidance are not a reasonable basis to believe that all Coinbase users are tax cheats whose financial lives should be opened to IRS investigators and the hackers looking over their shoulders. There must be some specific information about particular users, or else the IRS is seeking a general warrant, which the Fourth Amendment denies it the power to do.
Speaking of the Fourth Amendment, that rock-bottom "reasonable basis" standard is probably insufficient. Americans should and probably do have Fourth Amendment rights in information they entrust to financial services providers required by contract to keep it confidential. Observers of Fourth Amendment law know full-well that the "third-party doctrine," which cancels Fourth Amendment interests in shared information, is in retreat.
The IRS's effort to strip away the privacy of all Coinbase users is more broad than the government's effort in recent cases dealing with cell site location information. In the CSLI cases, the government has sought data about particular suspects, using a standard below the probable cause standard required by the Fourth Amendment ("specific and articulable facts showing that there are reasonable grounds to believe").
In United States v. Benbow, we argued to the D.C. Circuit that people retain a property right in information they share with service providers under contractual privacy obligations. This information is a "paper or effect" for purposes of the Fourth Amendment. Accordingly, a probable cause standard should apply to accessing that data.
Again, the government in the CSLI cases sought information about the cell phone use of particular suspects, and that is controversial enough given the low standard of the Stored Communications Act. Here, the IRS is seeking data about every user of Bitcoin, using a standard that's even lower.
The Peace of Westphalia in the mid-17th Century established the idea of state sovereignty. Under Westphalian principles, each state has exclusive authority over its territory and domestic affairs. That's been pretty good for kings, ruling elites, and the lucky few who live in top-class democracies or benevolent dictatorships.
But Westphalia is on the way out. Individual sovereignty is coming in.
Territorial state sovereignty is just one way to organize human affairs. It was probably an improvement on constant tribal war, but it's not the last step in political evolution. It's exciting to see how the boundaries of Westphalia can be surpassed in favor of individual empowerment. People are increasingly able to conduct their intellectual affairs---speaking, transacting, and so on---without reference to nation-states.
I'm reminded of this far-sighted (or far-out) notion by a relatively practical observation from identity expert and former Utah CIO Phil Windley. In "Self-Sovereign Identity and Legal Identity" Phil says:
We've finally gotten to a place where self-sovereign identities are technically possible. This is a huge milestone. The next hurdle is getting organizations, including governments to allow the use of self-sovereign identities as the basis for their administrative identities.
Over the last few centuries, it has become the state's acknowledgement of one's identity that provides entree to the accoutrements of human society. Want to go to school? Check out a library book? Open a bank account? Buy a home? Drive a car? Get Internet access? Ride in a plane? Have a beer? You'll probably need to show or have shown government-issued ID.
The dominance of government identification probably emerged because states have generally had the better administrative capability to fix identities to people. Has it strengthened the power of the state as a byproduct? Oh, yes. Identity is a linchpin.
But the administrative environment has changed. Government systems wil become less and less important. Anyone can create a secure digital identity, and systems will emerge to attach biography and reputations to such identities that are as good or better than what attaches to our government-sanctioned identities in the highly regulated credit reporting system.
That opens up new vistas for people to act without respect to the constraints of governments and government-approved systems---to speak, assemble, interact, transact. We've enjoyed felicitious and generally well-enforced rules that protect free speech in the United States (and not that many other places).That's only one important dimension of freedom. Now not only identity but money and digital goods and services are ripe for a break from government (and corporate) control. Using Bitcoin as its payment rail, for example, the OpenBazaar software system allows people to buy and sell on their own terms.
Territoriality still matters. The Westphalian norm rules in situations where government agents can lay hands on you and your stuff. But in the intellectual realm, as distinguished from the physical, a new sovereignty of individuals is fit to emerge. The clear benefits of Westphalian ordering to political leaders and rulers may soon begin to fall away as individuals conduct their lives without respect to political authority, including politicians' demands for control or a cut of the action.
Phil's post is inspired by the ID2020 summit being held today at the UN's headquarters in New York. The Westphalian system has failed to deliver usable identity to some 20% of the world's people, it turns out, and that conference aims to get them some. The risk in a top-down identity enterprise, if that's what results, is that such systems could nail humanity irreversibly onto government machinery rather than fostering freedom in all its facets. I'm heartened to see some participants there who I know from the Bitcoin world to be liberty-minded, among many who are at best indifferent.
"Descartes didn't say 'I have a birth certificate, therefore, I am.'" That's Phil Windley again. Brilliant. I don't know that he shares the vision unreservedly, but here's hoping that technology can fulfill the promise that men and women will exist and live more fully on their own terms, and less on terms dictated by the state.
Many in the Bitcoin community seek increased financial privacy. As I wrote in a 2014 study of the Bitcoin ecosystem, "Bitcoin can facilitate more private transactions, which, when legal in the jurisdictions where they occur, are the business of nobody but the parties to them." That study identified "algorithmic monitoring of Bitcoin transactions" as a rather likely and somewhat consequential threat to the goal of financial privacy (pg. 18). It was part of a cluster of similar threats.
Good news: The Bitcoin community is doing something about it.
The Open Bitcoin Privacy Project recently issued the second edition of its Bitcoin Wallet Privacy Rating Report. It's a systematic, comparative study of the privacy qualities of Bitcoin wallets. The report is based on a detailed threat model and published criteria for measuring the "privacy strength" of wallets. (I've not studied either in detail, but the look of them is well-thought-out.)
Reports like this are an essential, ecosystem-building market function. The OBPP is at once informing Bitcoin users about the quality of various wallets out there, and at the same time challenging wallet providers to up their privacy game. It's notable that the wallet with the highest number of users, Blockchain, is 17th in the rankings, and one of the most prominent U.S. providers of exchange, payment processing, and wallet services, Coinbase, is 20th. Those kinds of numbers should be a welcome spur to improvement and change. Blockchain is updating its wallet apps. Coinbase, which has offended some users with intensive scrutiny of their financial behavior, appears wisely to be turning away from wallet services.
Bitcoin guru Andreas Antonopolis rightly advises transferring bitcoins to a wallet you control so that you don't have to trust a Bitcoin company not to lose it. The folks at the Open Bitcoin Privacy Project are working to make wallets more privacy protective. Kudos, OBPP.
There's more to do, of course, and if there is a recommendation I'd offer for the next OBPP report, it's to explain in a more newbie-friendly way what the privacy threats are and how to perceive and weigh them. Another threat to the financial privacy outcome goal---ranked slightly more likely and somewhat more consequential than algorithmic monitoring---was: "Users don’t understand how Bitcoin transactions affect privacy."
A few weeks ago, in a post entitled, "The Politics of Non-Political Money," I talked about the Bitcoin blocksize debate as surfacing "politics" in the Bitcoin ecosystem. Important protocol and software development projects require people of disparate views and plans to come together over common standards and code. My thesis in that post was simply that good behavior is good politics because it builds credibility. Some differ, and many---it should be no surprise---aren't taking my advice. But the precedents set in the blocksize debate are important for the future of Bitcoin, for other cryptocurrencies, and for similar projects that may offer alternatives to governmental monetary and administrative systems.
The politics are intense, there are ways that Bitcoin governance is like government, and proposals to fork the software are kind of like constitutional amendments. But I'm increasingly comfortable thinking of Bitcoin governance as a market phenomenon. Specifically, groups with differing visions are competing to win the favor of Bitcoin miners and nodes, so that their vision, if it prevails, can carry the Bitcoin project forward.
Brian Armstrong, CEO of Coinbase, has stepped forward recently as a strong advocate for Bitcoin Classic and a 2MB blocksize. He cites four competitors to the current dominant coding team in this slide deck. Miners and nodes will choose one software version or another. It makes no difference whether we characterize their decisions as "voting" or "buying."
Bitcoin may have some of the strongest network effects possible because incompatible versions of the software won't recognize each others' blocks, transactions, or mined coins. A miner on the "minority" side of a hard fork will mine bitcoins that are incompatible with the majority side, so those coins will be less useful and naturally worth less. And as more move to the majority side, "minority" coins will rapidly approach zero value, making switching a rational imperative, to be executed quickly.
These dynamics make for a "winner take all" Bitcoin software market, and they make it very unlikely that Bitcoin will "split." (The Verge isn't the only news outlet to get things precisely wrong.) If a split were to happen, it would be because the cryptocurrency market was big and diverse enough for two coins, fairly seamless exchange among the two coins existed, or both of those things. That would be a little more complicated, and it's a little ways off, but it would be the opposite of fatal.
Rancor aside, all of the things in the Bitcoin world are as they should be. The virtuous incentives that are in place are part of Bitcoin's genius.
In saying all this, I don't think I'm breaking any new ground, and I may be stating the technical details imperfectly, but using a "market" frame of reference is different from the norm in open source development. Open source typically draws everyone together to work on a cooperative basis. Many of the big, important open source projects happen in standards bodies, or sometimes they operate under a benevolent dictator who makes the hard calls. And forks matter less.
A watchword in traditional open source development is "consensus," but that word does not offer a way to administer decisionmaking when there are substantial, deep-running disagreements. It simply gives every participant a veto---and there are lots of vetoes out there right now.
Rather than hewing to a "consensus" norm and fretting about its violation, the competitors in the blocksize debate might think of themselves as competitors, like Coke and Pepsi. In product meetings and the boardroom, they might mutter oaths about the competition---"Vile peddlers of swill they are!" But publicly, they should be the cryptocurrency that refreshes or the Bitcoin generation. Their job is to code a great product and sell it. Probably with more merits arguments than slogans, of course. And some of the difficulty of this debate exists because customers---particularly many miners, but not only them---lack the technical and economic sophistication to know decisively what protocol and code they most want to run.
Cooperative open source development has produced many incredible products, but the spur of competition is well known to wring the very best work from people. Platform competition and a winner-take-all market is no exception. There are good arguments why Bitcoin development should happen in the same way as most other open source projects, I'm sure, but I'm inclined to prefer a level of antagonism and distrust among coding teams, because they will be the best watchdogs for the errors of each other. Competition works. Markets are more decentralized than standards bodies.
The choice is not one product or the other, of course, but among features such as blocksize limits. Here the "politics" frame seems to serve well again. The dominant Bitcoin software provider, Core, could easily use a technique that U.S. political parties use to undercut third parties: cooption. When a third party appears to be gaining a foothold, stealing the lesser party's ideas is a perfectly legitimate method of dissipating its support. Failing to do so risks splitting the dominant party's constituency, losing it votes and elections.
Bitcoin Core could pretty much kill off Bitcoin Classic by adopting the 2MB blocksize, and it could ensure its continued dominance. But that means withdrawing from what appears to be a rock-solid, imovable principle held by the Core team. Indeed, at times, certain writings have sounded like Core might conduct their own "whiny ragequit" if the Bitcoin blocksize changes.
Since I wrote about Bitcoin's "politics," Core and its members have taken steps to be more communicative, which is great. One of the most recent communications is a conciliatory post from Matt Corallo characterizing the community as agreed upon a capacity increase in Bitcoin. His post equivocates between a blocksize increase and the capacity increase available through Segregated Witness, a technique that debuted at the Hong Kong Scaling Bitcoin conference for sharply reducing the content blocks must include. But, by all appearances, this is a group working through the difficulties of compromise under growing pressure from a competitor.
Markets. Politics. Who knows? A little of both. But I've recently been reviewing the history of the U.S. Constitution and thinking in terms of parallels. When the Framers met in Philadelphia in 1787, they placed themselves under a strict rule of secrecy so that their deliberations could be orderly and frank. They debated through the hot summer, and there was lots of give and take, even on principles of the highest order, such as the rights of certain classes of humans to life, liberty, and property. Imperfect though it was, what emerged from the constitutional convention was, I think, the greatest charter for government yet devised.
The Bitcoin blocksize debate is a little like that. While creating an incredibly valuable, fully decentralized monetary system, Bitcoin and the blockchain may allow fully equal self-government across large swaths of human activity---a vast improvement on political democracy (credit: Samuel Patterson). So it's a debate of constitutional significance, and greater-than-constitutional proportion. The difference is that this debate is being held online in 2016. It's radically transparent, and authority to build this system of self-government is not reserved to the wealthy, well-educated, or well-connected. It's decentralized and available to all. So the Bitcoin blocksize debate is just like the U.S. Constitutional Convention of 1787, except it's market-based---with trolls!
An early trope about Bitcoin was that it was 'non-political' money. That's a tantalizing notion, given the ugliness of politics. But a monetary system is a social system, technology is people, and open source software development requires intensive collaboration---particularly around a protocol with strong network effects. When the group is large enough and the subject matter important enough, human relations become politics. I think that is true even when it's not governmental (read: coercive) power at stake.
Bitcoin's politics burst into public consciousness last week with the "whiny ragequit" of developer Mike Hearn. In a Medium post published ahead of a New York Times article on his disillusionment and departure from the Bitcon scene, Mike said Bitcoin has "failed," and he discussed some of the reasons he thinks that.
As do most people responding to the news, I like Mike and I think he's right to be frustrated. But he's not right on the merits of Bitcoin, and his exit says more about one smart, impatient man than it does about this fascinating protocol.
But there is much to discover about how governance of a project like Bitcoin will proceed so that politics (in the derogatory sense) can be minimized. Stable governance will help Bitcoin compete with governmental monetary and record-keeping systems. Chaotic governance will retard it. We just need to figure out what "stable governance" is.
If you're just tuning in, usage of Bitcoin has been steadily rising, to over 150,000 transactions per day. That is arguably putting pressure on the capacity of the network to process transactions. (And it undercuts thin, opportunistic arguments that Bitcoin is dead.)
Anticipating that growth, last May developer Gavin Andresen began pushing for an expansion of the network's capacity through an increase in the size of "blocks," or pages on the Bitcoin global public ledger. The current limit, 1 MB about every 10 minutes, supports about three transactions per second.
Eleven months earlier, Gavin had stepped down as Bitcoin's lead developer to focus on broader issues. He handed the reins of "Bitcoin Core" to a group that---it later became clear---doesn't share his vision. And over the summer and fall last year, the arguments in the blocksize debate grew stronger and more intense.
In August, Gavin and Mike introduced a competing version of the Bitcoin software called Bitcoin XT, which, among other things, would increase the blocksize to 8 MB. Their fork of the software included a built-in 75 percent super-majority vote for adoption, which made it fun to discuss as "A Bitcoin Constitutional Amendment."
This move catalyzed discussion, to be sure, but also deepened animosity in some quarters. Notably, the controller(s) of various fora for discussing Bitcoin on the web began censoring discussion of XT on the premise that this alternative was no longer Bitcoin. Nodes running XT were DDOSed (that is, attacked by floods of data coming from compromised computers), assumedly by defenders of Core.
A pair of conferences entitled "Scaling Bitcoin" brought developers together to address the issues, and the conferences did a lot of good things, but they did not resolve the blocksize debate. The Bitcoin community is in full politics mode and the worst of politics are on display.
Well, actually, not the worst. Politics is at its worst when the winners can force all others to use their protocol or ban open discussion of competing ideas entirely.
Competing ideas. Competing software. To my mind, these seem to be the formative solution to Bitcoin's current governance challenge. The relatively small Bitcoin community had fallen into the habit of using a small number of web sites to interact. Those sites betrayed the open ethos of the community, which prompted competing alternatives to spring up.
The community has likewise fallen into the habit of relying on a small number of developers--of necessity, in part, because Bitcoin coding talent is so rare. Now, though set back by the censorship and DDOS attacks, Bitcoin XT is joined by Bitcoin Unlimited and Bitcoin Classic as competitors to Bitcoin Core.
The developers of each version of the Bitcoin software must convince the community that their version is the best. That's hard to do. And it's supposed to be hard. Competition is great for everybody but the competitors.
The coin of the realm in these competitions--as in all debates--is credibility. Each software team must share the full sweep of their vision, and how their software advances the vision. They must convince the community of users that they have thought through the many technical threats to Bitcoin's success.
I'll confess that the Core team's vision remains relatively opaque to me. I gather that they weight mining centralization as a greater concern than others do and thus resist the centralizing influence of a larger block size. As a technical layman, the best articulation for Core I've found is a response to Mike Hearn from BitFury's Valery Vavilov. In it, one can at least see the reflection of the vision. Core's recent statement and a December discussion of capacity increases don't overcome the need for more sense of where they see Bitcoin going and why it's good. I'm certain that they intend the best, and I'm pretty sure they feel that they've already explained their plans until they're blue in the face. (Or, at least, blue in the hair...) But the community might benefit from more, and Peter R's presentation in Montreal--though needlessly peppery at the end--is the clearest and thus most plausible explanation of blocksize economics I've found. (Much in this paragraph may be evidence of my ignorance.)
The reason Mike Hearn could ragequit is because he no longer wants a place in the Bitcoin community. He set a match to all his political capital. Everyone else in the Bitcoin community, and especially the developers, must do everything they can to build their political capital. They must explain the merits of their ideas and--in the fairest possible terms--the demerits of others. They should back up their ideas with supportive evidence, which--happily--an open technical system allows. And they should turn away "allies" who censor dsicussion forums or sponsor DDOS attacks. They should avoid impugning the motives of others, and, when they lose, lose gracefully.
All these behaviors cultivate credibility and the ability to persuade over the long haul. They offer the prospect of long-term success in the Bitcoin world and success for the Bitcoin ecosystem. Good behavior is good "politics," which is something this non-political money needs.
Ben Lawsky is resigning as superintendent of financial services in New York. The New York Times says he plans to open his own firm and lecture at Stanford University. The Post reports that he will consult on digital currencies such as Bitcoin.
The move West suggests that Lawsky may want a piece of the action in Silicon Valley. If he does, it's worth noting that the action is not in New York.
Lawsky was a leading Bitcoin antagonist. Bitcoin has not particularly flourished in New York, and Lawsky's work makes it unlikely that New York will be a Bitcoin-friendly jurisdiction.
Ben Lawsky welcomed Bitcoin in August 2013 by sending out subpoenas to everyone in the Bitcoin world. He went on television talking about the "real dangers" of Bitcoin, including use by "narco-terrorists." (Asked for evidence of Bitcoin misuse, he cited a centralized digital currency called Liberty Reserve, which is not Bitcoin.)
Around the same time, Lawsky precipitously announced a plan for a special “BitLicense." Shortly after producing it, his office violated New York's Freedom of Information Law by refusing to release the research and analysis that it claimed to have done to validate the regulation. The NYDFS found that the BitLicense would have no impact on employment in the state, after which investors poured hundreds of millions of dollars into Bitcoin companies outside of New York. (See my comments to the NYDFS for more.)
Though widely panned, Lawsky's "BitLicense" framed the regulatory discussion in a way that other regulators have felt obliged to copy. Rather than examining how Bitcoin could be integrated into existing regulation (trimmed, perhaps, so that financial innovation can flourish), the Conference of State Bank Supervisors issued its own, more careful proposal for a Bitcoin-specific regulatory framework. The Uniform Law Commission seems to be getting pulled along in the same draft. Coin Center, a conspicuously moderate Bitcoin research and advocacy group, put out a framework for regulators that appears designed to help others avoid doing what New York did.
But if history is any guide, Ben Lawsky will be able to use the name he made attacking Bitcoin to wend his way into the Bitcoin business world. Because of the contacts he made as a regulator, he can hire himself out to Bitcoin companies wanting to signal to other regulators that they have the approval of the regulatory establishment. (Bitcoin companies didn't hire former SEC chairman Arthur Levitt because of his crypto chops!) In all likelihood---if this is indeed what he plans---Ben Lawsky will be able to profit from thwarting financial innovation. He'll skirt New York state's post-employment restrictions in doing so, no doubt.
History does not have to guide developments in the revolutionary Bitcoin world, of course. The Bitcoin community may find the hypocrisy of an anti-Bitcoin regulator profiting from Bitcoin too great. They would express this by refusing to do business with firms that hire Lawsky as a consultant or advisor.
If dogged watchers in the Bitcoin community report faithfully to the Bitcoin subreddit, for example, Bitcoin companies may recognize that hiring an anti-Bitcoin former regulator is a business liability. To the extent that this kind of consumer action diminishes Lawsky's profile in the Bitcoin consulting world, this would send virtuous signals to today's regulators: Do not lash out against Bitcoin expecting to make a name for yourself that you can cash in on later.
How much much profit is available to regulators who thwart financial innovation? That depends on how aggressively the Bitcoin community holds regulators to account even after they've left office.
When New York's Superintendent of Financial Services first encountered Bitcoin, he evidently thought it was a way to build his reputation as a hangin' superintendent of financial services. (Doesn't quite roll off the tongue like "hangin' judge," does it...) He sent subpoenas to everyone in the Bitcoin world and went on TV talking about "narcoterrorists." That was foolishness.
Unfortunately, he also hatched the idea of creating a thing called a "BitLicense" for firms wanting to provide Bitcoin-based financial services in New York. That program is now hanging like an albatross around his neck.
I know nothing of the details, but a couple of decades in public policy make the probable outlines of what happened pretty clear. The press seized on the "BitLicense" idea. Lobbyists and business people came around to fawn over the "BitLicense" idea with Superintendent Lawsky, each hoping not to get cut too deeply by its inartful sharp edges. And Lawsky, having come around to favoring Bitcoin (it's fairly evident from his speeches) found himself committed to coming up with this "BitLicense" thing.
When the first draft came out in July of last year, it was pretty universally panned. The Bitcoin community savaged it. Bitcoin businesses said they would not do business in New York. The idea of a second round of proposal and comment was quickly on offer.
But the second draft isn't that much better. When comments close at the end of this week (how to comment), the "BitLicense" will again have received strong criticism. There's always that contingent whose stock in trade is always---always---to play ball. And to others the "BitLicense" saga has gotten boring...
But the outcome is very probably set. In order to avoid backtracking, which would look foolish, the Department of Financial Services will probably continue forward on the errant path of creating a peculiar special license for Bitcoin-based financial services providers in New York.
Today I filed comments with the New York Deparment of Financial Services (NYDFS) focusing mostly on the procedural failures of the rule-writing process. The department claimed that the "BitLicense" is backed by "[e]xtensive research and analysis," but has for six months declined to release that research.
New York's regulatory process requires an assessment of impacts on employment in the state. The NYDFS found there would be none. Since then more than $200 million has been invested in Bitcoin companies outside of New York.
On the merits, the "BitLicense" fails because it is a technology-specific regulation rather than function-based. Two firms supplying identical services from the consumer's perspective will be regulated differently. If finalized, the "BitLicense" would Balkanize New York's financial services marketplace, suppressing head-to-head competition between new entrants and existing financial services providers. That's the typical role of regulation---raising barriers to entry and protecting incumbent firms---and it's almost certainly not what Superintendent Lawsky wants.
The "BitLicense" requires intolerable financial surveillance, forcing firms to collect detailed information on every last transaction in which their customers engage. This is at odds with the responsibility of consumer protection agencies to protect privacy, and it's out of step with the direction of Fourth Amendment jurisprudence, which will soon revitalize the idea that people maintain a Fourth Amendment interest in data they share with service providers such as ISPs, phone companies, and Bitcoin companies.
I would delight to be proven wrong in my assumption that New York's financial regulator will push through a bad regulation in order to avoid the negative impression that woud be created by backtracking. Suspending this proceeding would be the better course, though, than carrying on with this "BitLicense" foolishness.