Original title: Privacy, human rights, and Tornado Cash
Original author: Molly White
Original source: Citation Needed
Compiled by: Mars Finance, MK
Alexey Pertsev, one of the developers and operators of the Tornado Cash cryptocurrency mixing service, has been sentenced to 64 months (over 5 years) in prison in the Netherlands. The service he helped develop enabled criminals to launder billions of dollars in illicit funds linked to large-scale hacks, corporate ransomware operations, and pig slaughtering schemes perpetrated by sophisticated cybercrime gangs. As someone who has condemned abuses in the cryptocurrency industry, why am I so concerned about his conviction and the parallel case against two Tornado Cash co-founders in the United States?
Some of you who know me as a cryptocurrency critic may be surprised by these views of mine. However, if you are surprised, it is my failure. I think it is necessary because I am sure some of you will have similar views.
Tornado Cash and other cryptocurrency mixers typically work by allowing people to send blocks of cryptocurrency of preset sizes to large pools of assets. In exchange, that person receives a âprivate note,â which is like an IOU, allowing them to withdraw the same amount of cryptocurrency from the pool as they put in. Later, they do this using a newly created wallet that is not yet linked to the wallet they used to deposit. Over time, by pooling cryptocurrency from enough other transactions, the links between deposit and withdrawal wallets can be obfuscated, adding a level of privacy that is largely nonexistent on public blockchains like Ethereum.
(Using Tornado Cash as an example, people can deposit 0.1 ETH, 1 ETH, 10 ETH, or 100 ETH pools. If someone wants to anonymously transfer 143.2 ETH, they can deposit one amount to the 100 ETH pool, four amounts to the 10 ETH pool, three amounts to the 1 ETH pool, and two amounts to the 0.1 ETH pool. This is to prevent people from being able to link two different deposit and withdrawal amounts. At today's prices, 0.1 ETH is about $375 and 100 ETH is about $375,000.)
The process of making transactions private is somewhat similar to money laundering, in that funds are mixed with a large number of transactions (illegal and legal) to obscure which transactions were which. But this does not mean that these services are only used for money laundering. In the cryptocurrency space, even people who conduct completely legal transactions may want to use these services to reclaim a degree of privacy that would otherwise not be supported by a ledger that publicly records your every action. These services are also widely (some would say mainly) used for the type of illegal activity commonly associated with money laundering, namely concealing the proceeds of crime. Many of the cryptocurrency heists and scams I have tracked in Web3 ended up being "smooth" because the assets were laundered through Tornado Cash or similar mixing services.
(A 2022 report from Chainalysis estimated that about 30% of funds sent to Tornado Cash came from addresses known to be involved in illicit activity.)
Pertsev was one of several developers who wrote code and operated the Tornado Cash service. He was arrested and charged in the Netherlands in August 2022, and prosecutors requested a 64-month prison sentence for money laundering charges, and he just received his sentence. When he was first arrested, I wrote:
Itâs not clear from the Dutch prosecutorâs statement whether the activity leading to the arrests involved only contributions to the Tornado Cash codebase, but if so, thatâs very worrying. Tornado Cash is a fairly decentralized software project, and the complexity of its sanctions raises concerns about the criminalization of code. For many, this is reminiscent of the âcrypto warsâ (where âcryptoâ refers to cryptography rather than cryptocurrency).
It ultimately became clear that his money laundering charges were at least partially related to his activities operating a cryptocurrency mixing service, not just writing code for it, which is particularly important in the US because lower courts have found that the act of writing code is protected speech. While Dutch prosecutors appear to have tried to avoid having Pertsev chastised for simply writing code, the judgeâs statements in the Pertsev ruling appear to blur that line. (To my (limited) knowledge, there is no similar âcode is speechâ precedent in Dutch law.):
Tornado Cash operated in the same way that the defendant and his co-founder developed Tornado Cash, so the operation was entirely their responsibility. If the defendant wanted to have the possibility of action against abuse, he should have included it. But he did not.
Knowledge of the tool's illegal uses did not stop the defendant from developing Tornado Cash and making it available to the public without restriction (e.g., by taking steps). On the contrary, he had been developing Tornado Cash until his arrest. Each step enhanced the user's hiding effect and anonymity. The defendant accepted the risk of easy, unlimited, foreseeable, and obvious use by criminals.
Tornado Cash combines maximum anonymity with optimal concealment technology, but seriously lacks features that would make identification, control, or investigation possible. As the defendants argue, Tornado Cash is not a legitimate tool that criminals can inadvertently abuse; Tornado Cash is fit for criminal use.
It is extremely concerning to find that someone who writes privacy-preserving software can be held liable simply because they wrote that code because it is later used by criminals.
Now, it makes more sense to me that operators of money transfer services should be responsible for ensuring that their operations comply with relevant anti-money laundering laws, which require knowing your customer, reporting suspicious activity and implementing other relevant measures. This roughly follows the logic applied in other computer crime cases, for example, law enforcement will prosecute someone who releases a computer virus, but not someone who wrote the virus code. This has been a legal requirement for financial services businesses for quite some time.
Yet even this makes me hesitate.
Privacy is a human right
Using the crypto wars as an analogy, I strongly believe that people should have the right to write strong encryption code so they can send encrypted messages to their friends. Furthermore, I believe that organizations that operate and use services such as Signal and its end-to-end encrypted messaging should be allowed to do so without being held accountable for the criminal activity that occurs on their platforms. As with most things, encryption algorithms exist with both advantages and disadvantages: while they allow me to protect my legitimate communications from outside prying eyes, they also include some potential for abuse, such as their use for criminal acts such as sending child sexual abuse material (CSAM).
Some may find this absurd. If someone snooping on the memes I send to my friends can prevent a terrible crime, shouldnât I accept it? However, we must recognize the breadth of activity, covering both legal and illegal, moral and immoral behavior.
(Or someone posed a similar argument: "If you have nothing to hide, why would you care about people snooping around in you?")
However, it is important to note that what is legal in one jurisdiction or at a particular point in time may be considered illegal in another jurisdiction or at another point in time. Certain actions that are considered morally correct may not be acceptable to others. And some illegal actions may be considered morally correct, and vice versa.
Some have argued that companies that provide encryption software (whether it be an encrypted messaging app or software stored on an encrypted smartphone or laptop) should implement backdoors into such encryption so that law enforcement can compel the company to decrypt material as part of an investigation. However, some activists and companies (notably Apple) have strongly opposed this proposition, correctly pointing out that any encryption algorithm with a backdoor is inherently insecure and unreliable. So far, the encryption side has largely prevailed, but the fight continues around the world. I am a staunch supporter of strong encryption - even though the same encryption algorithms that protect human rights can also be used for bad purposes.
(For example, a recent bill passed in the UK gives Ofcom broad powers to require tech companies, including those using end-to-end encryption, to scan their services for material like terrorist content or CSAM, even though the government has acknowledged that it has no privacy-preserving way to implement such a requirement.)
However, once money is involved, the legal attitude is different. In the United States, while the right to financial privacy exists, it is much weaker. Unless you use cash extensively, your bank or other financial institution will know your detailed financial activities. The government can also obtain fairly extensive access to your financial activities through search warrants or by requiring financial institutions to voluntarily report suspicious activity.
If you choose to use cash to maintain some privacy, you will also be limited in what you can do. Large cash transactions (over $10,000) must be reported. Attempting to "circumvent" reporting requirements in some way (such as withdrawing $9,999 at a time) is also considered suspicious behavior and must be reported. Even if you carefully store large amounts of cash in stages, society will generally view this behavior with suspicion. For example, you will have a hard time convincing another party to accept cash for a large transaction. Attempting to carry large amounts of cash to purchase a property will also be viewed with suspicion. However, it is important to note that the police often seize large amounts of cash under civil forfeiture procedures simply because they believe that the person carrying large amounts of cash must be involved in illegal activity.
However, as with information transmission, it is easy for people to come up with all kinds of reasons, legal and illegal, moral and immoral, for why they donât want the government or other entities snooping into their finances.
The legality and morality of the transaction type can present a variety of situations. "Buying snacks" in the legal/ethical quadrant covers situations in all four quadrants. Legal but unethical includes "Buying goods from exploitative companies", "Tax avoidance", and "Predatory lending". Illegal but ethical includes "Providing humanitarian aid to people in sanctioned regions". The illegal/immoral quadrant includes "Illegal campaign contributions", "Performing a Ponzi scheme", and "Hiring a hit man".
Unlike encrypted messaging, money-related behavior generally shows the opposite dynamic. Under the law, itâs generally accepted that the benefits of letting law-abiding citizens move money privately donât outweigh the potential costs of terrorism financing, organized crime, and the many other nasty things people do with money. So while law enforcement may need to get a warrant before a financial institution hands over financial data, thereâs still a strong requirement to collect that data. This is very different from encryption: Companies can use end-to-end encryption on their user data, even though that means they canât reveal the underlying data even if law enforcement tried to force them to.
(It is important to note, however, that financial institutions are required to report all transactions over $10,000 per day, as well as any other transactions they deem suspicious.)
This is a question that Iâve been trying to wrap my head around for a while now, because all of this seems so arbitrary and lacks logic. I think people should have a general right to privacy, and I do think people should have more financial privacy, certainly more than they have now. Thatâs not to say I donât see the potential harms of allowing large amounts of money to move around without oversight, but the ability for governments and law enforcement to spy on ordinary citizens is also extremely harmful. I think the amount of money that constitutes âsuspicious activityâ is arbitrary and too low, and in a digital world, itâs very challenging to re-enforce.
In a perfect world, morality and law would be perfectly aligned. The government would always have the best interests of its citizens in mind. Law enforcement would just go after the bad guys and let the rest of us do our thing.
However, we do not live in a perfect world, and at least in the United States, we seem to be getting further and further away from it. We are seeing increasing attacks on human rights, especially against marginalized groups, including the recriminalization of abortion and related threats to reproductive health care, attacks on access to gender-affirming health care and those who provide such care, and threats against immigrants and refugees.
Strong privacy protections are therefore essential to human rights.
Cryptocurrency again
Many of you know me because I highlight scams and fraud in the cryptocurrency industry and work to educate people about the risks associated with this extremely predatory industry. I have been pushing for reasonable regulation of the industry, primarily through enforcement of existing securities laws, which should require companies in the cryptocurrency industry to be audited and provide transparency and accountability to consumers.
However, I have long reiterated that I share many of the same ideals as some in the cryptocurrency world, especially those that are more ideological than commercially motivated.
Some of my earliest articles on cryptocurrency focused on the extreme privacy threats posed by many public blockchains. For example, my January 2022 article âAbuse and Harassment on the Blockchainâ and another article the following month, âAnonymous Cryptocurrency Wallets Are Not That Simple,â focused on the huge privacy threats posed by public blockchains that publicly expose financial information that most of us are accustomed to only knowing about banks and governments. My concern was that while these blockchains promised financial privacy, they achieved the opposite effect.
In an April 2022 article, I wrote: âSome ideologues who advocate for cryptocurrencies and blockchain-based technologies ask a lot of the right questions⊠For example: How do we create reasonable privacy in our financial system?â
While my fundamental views havenât changed much since I wrote those articles, the environment around them has. There are now more crypto skeptics, both in the general public writing the news and on Capitol Hill. While we were once generally viewed as having independent views, now I think weâre viewed more as a group with a party line, perhaps led by Gary Gensler or Elizabeth Warren or some other prominent public crypto skeptic.
Iâm finding more and more people assume I share those views, and are surprised when I say, âNo, I donât actually think crypto should be banned.â This is despite the fact that I told the Financial Stability Oversight Council two years ago that âno time should be wasted arguing about whether we should try to âban cryptoâ as a whole, or regulate the software people can write or execute â a ridiculous idea.â This misunderstanding sometimes comes from people who see me as an enemy, who have constructed some kind of centralized straw man version of me in their minds to argue with. But I think part of it is because I donât keep reiterating what I think is most important, especially as an âanti-cryptoâ movement has formed that is far larger than mine.
My criticism of cryptocurrency focuses on two main areas: one is what I believe is the failure of the technology to achieve its original goals, and two is the incredibly shabby industry that has formed around it. In terms of regulation, I focus primarily on the latter, and my biggest concerns are transparency and other consumer protections for those who choose to participate in cryptocurrency, as well as the financial impacts on those of us who don't. While the failure of cryptocurrency to achieve some of its more utopian financial goals may be disappointing, it is not the core of the regulatory issue.
(For example, as traditional financial institutions become more involved in crypto assets, I am very concerned about financial contagion effects and how, during another crypto crash, this could have adverse effects on people who didnât even realize they were exposed to crypto risk.)
(Unless a cryptocurrency company claims to have achieved these utopian goals, I think this could amount to a false advertising problem.)
As for financial privacy, I am very concerned about the lack of financial privacy in cryptocurrencies and the industry surrounding them, even though they are widely advertised as offering more privacy than alternatives. Every day, we see examples of cryptocurrency tracking software (available to the public and law enforcement) becoming increasingly powerful. By choosing to use cryptocurrency, many people are unknowingly providing a public, unauthorized window into their financial activities. Furthermore, people are quickly learning that the cryptocurrency services they use are more susceptible to surveillance than traditional financial institutions. As I explain in my Binance video:
The extent to which the U.S. government has access to data as a result of [the Binance plea agreement] is actually arguably overbroad, as they can now access user data without requiring that the transaction raise suspicion or requiring law enforcement to prove that the user has engaged in illegal activity. Regardless of your views on the prevalence of crime in the crypto world or the likelihood that a particular crypto user has engaged in criminal activity, unauthorized access to private data should be a cause for concern.
However, I am increasingly concerned that while attempts to crack down on the cryptocurrency industry may be well-intentioned, this could lead to an overall erosion of financial privacy and harm the most vulnerable. As they say, âbad cases make bad law.â
Tornado Cash
According to U.S. prosecutors, Tornado Cash has been used to launder billions of dollars in cryptocurrency related to cryptocurrency hacks, including hundreds of millions of dollars laundered by North Koreaâs Lazarus Group. Prior to the criminal charges being filed, the mixer was sanctioned by the Office of Foreign Assets Control (OFAC) in August 2022. There is no doubt that criminals use the mixer extensively to try to evade law enforcement and cryptocurrency companies to track or attack and freeze the stolen funds.
U.S. prosecutors will argue that Tornado Cash founders Roman Storm and Roman Semenov not only wrote the software to help anonymize cryptocurrency transactions, but more importantly, they operated the business and profited from it. Prosecutors say that as operators of money service businesses, they had a duty to know who their customers were and where their funds were coming from in order to check whether they were on sanctions lists or had transferred stolen assets.
Although Storm and Semenov have tried harder than some other cryptocurrency mixers to decentralize their operations so that they can later claim they only wrote code and did not run a business, their actions may be too late. A government document highlights the duoâs operation of the website through which the vast majority of Tornado Cash transactions passed, as well as their close control over the relay network. If these arguments hold up in court, they are likely to be convicted under existing anti-money laundering laws.
In doing so, the government will score another point against the use of cryptocurrencies and crypto-mixing services by bad actors and those seeking to achieve financial privacy under more legitimate grounds. Lazarus groups around the world will face a greater challenge in obtaining ill-gotten gains, as will abortion funds and private transactions by dissident groups and activists.
(Not that challenging, though. As mixing services come and go, cybercrime gangs have had no apparent problem adapting.)
To be clear, I donât think cryptocurrency is a good solution for anyone trying to achieve financial privacy, and there are huge risks for those who use it for that purpose. But in a world where financial privacy is increasingly hard to come by, a bad solution may be better than no solution at all. People who need financial privacy shouldnât be forced to enter a digital casino and hope they donât lose their money on the next FTX. Instead, we need to work and fight for truly good, privacy-preserving digital trading solutions, and stronger legislation that recognizes the importance of financial privacy.
(There have been proposals for non-blockchain-based digital currencies that would have similar privacy features to cash, such as E-Cash.)
But at the same time, Iâm not going to celebrate Tornado Cashâs prosecution.
