This is an opinion editorial by L0la L33tz, a privacy and security researcher and hacking advocate.
Yesterday, the U.S. Senate proposed the Digital Asset Anti-Money Laundering Act Of 2022 — a bill that is not only deeply concerning to international human rights, but unconstitutional and in direct opposition to current U.S. consumer privacy regulations. What’s In The Bill?
The Digital Asset Anti-Money Laundering Act Of 2022, proposed by Senator Elizabeth Warren, proposes the following regulations, among others:Section three, part a: The classification of custodial wallets and “unhosted wallet providers,” likely meaning developers of non-custodial wallets, as well as cryptocurrency miners, validators or other nodes that may act to validate or secure third-party transactions, independent network participants and other validators with control over network protocols as money service businesses.Section three, part d: Promulgation of a rule that prohibits financial institutions from handling, using or transacting with digital asset mixers, privacy coins and other anonymity-enhancing technologies, as specified by the secretary of the U.S. Treasury; and handling, using or transacting business with digital assets that have been anonymized.
Section three, part a of the Digital Asset Anti-Money Laundering Act Of 2022 would deem anyone developing non-custodial wallets as money transmitters, requiring them to obtain a license. The problem: “unhosted wallet providers” do not exist. “Unhosted wallets,” or non-custodial wallets, are simply software. Infringing On The First Amendment
The enactment of section three, part a would hence require anyone writing software which enabled the sending, receiving and signing of bitcoin transactions to obtain a money transmitter license. This attempt at restricting the writing of code is nothing new and a directly unconstitutional approach, as the U.S. constitution clearly states that “Congress shall make no law . . . abridging the freedom of speech.”
Under these circumstances, attempts at regulating the writing of software have been struck down by U.S. courts numerous times.
In Universal City Studios vs. Corley, 2001, for instance, the second circuit addressed the attempted restriction on computer code with the following arguments:Communication does not lose constitutional protection as “speech” simply because it is expressed in the language of computer code. If someone chose to write a novel entirely in computer object code by using strings of ones and zeroes for each letter of each word, the resulting work would be no different for constitutional purposes than if it had been written in English.Computer programs are not exempted from the category of First Amendment speech simply because their instructions require use of a computer. A recipe is no less “speech” because it calls for the use of an oven, and a musical score is no less “speech” because it specifies performance on an electric guitar. The fact that a program has the capacity to direct the functioning of a computer does not mean that it lacks the additional capacity to convey information, and it is the conveying of information that renders instructions as “speech” for purposes of the First Amendment.Limiting the First Amendment protections of programmers to descriptions of computer code (but not the code itself) would impede discourse among computer scholars, just as limiting protection for musicians to descriptions of musical scores (but not sequences of notes) would impede their exchange of ideas and expression. Instructions that communicate information comprehensible to a human qualify as speech whether the instructions are designed for execution by a computer or a human (or both).
The court further cited that the limiting of free speech under the U.S. constitution is permitted if, and only if, it serves a substantial governmental interest, the interest is unrelated to the suppression of free expression and the regulation is narrowly tailored, which, in this context, requires that the means chosen do not burden substantially more speech than is necessary to further the government’s legitimate interests.The Key Moving The House Around
That section three of the Digital Asset Anti-Money Laundering Act serves any other purpose but the direct restriction of free expression is yet to be proven by Senator Warren. And even so, the section appears much too broad in scope to be legally applied without directly violating constitutional rights, particularly as developers of non-custodial wallets serve no purpose in the transmission of money.
Non-custodial wallets transmit bitcoin the currency as much as the key to one’s door moves the house around. Non-custodial wallets function as signing devices, which transfer the access rights to bitcoin — while the asset itself never moves. The attempt at restricting the development of non-custodial wallets would therefore constitute a regulation of public-private key cryptography, which, too, has been attempted before and struck down due to violation of the first amendment of the U.S. constitution.
Similarly nonsensical as framing developers of non-custodial wallets as money transmitters is the idea that “nodes who may act to validate or secure third-party transactions” and “independent network participants” must be defined as money service businesses, consequently constituting that anyone who runs a Bitcoin node must obtain a license to do so.
By definition, Bitcoin nodes do not secure third-party transactions. Rather, Bitcoin nodes validate one’s own version of the blockchain against copies obtained through other nodes in the network. Nodes neither secure nor transmit third-party transactions. No other user’s funds are affected if a Bitcoin node goes down.
The attempt of ruling Bitcoin node operators as money transmitters can therefore be seen as the attempt at regulating which individuals are allowed to compare information. Again, the proposed bill is unable to sufficiently prove that section three is narrow enough in scope to sufficiently warrant the approval of such a bill without infringing on further aspects of free speech and the freedom of information.
Section three further attempts to regulate bitcoin miners as money service businesses. Here, too, the bill exhibits an embarrassing level of misunderstanding of the inherent technology it attempts to restrict.
A bitcoin miner is nothing more than a computer, meaning a machine which processes code as speech. In no scenario does a bitcoin miner transmit bitcoin from A to B. Rather, a bitcoin miner propagates blocks of information to the network. A regulation of bitcoin miners does not hold up from a technological point of view. In addition section three again fails to prove that the permissioned use of bitcoin miners would not constitute further violations on anyone using a computer, particularly to access and broadcasting speech as protected under the U.S. constitution. Violating Well-Established Human Rights
By attempting to restrict the handling, using or transacting of business with digital assets that have been anonymized as declared under section three, part d, the Digital Assets Anti-Money Laundering Act further infringes on aspects of the Fair Credit Reporting Act (FCRA), the California Privacy Act, the U.S. constitution’s Privileges and Immunities Clause, as well as Article 12 and Article 13 parts a and b of the Universal Declaration of Human Rights.
The FCRA of 1970 is a U.S. federal legislation which regulates the accuracy, fairness and privacy of consumer information as handled by credit reporting agencies in the scope of the collection, dissemination and use of consumer information, including consumer credit information. Under the act, credit reporting agencies are required to remove negative information seven years after the date of first delinquency, except for bankruptcies (10 years) and tax liens (seven years from the time they are paid).
Bitcoin transactions provide an immutable history of themselves. The restriction of privacy services and tools as defined under the Digital Asset Anti-Money Laundering Act as services “designed to conceal or obfuscate the origin, destination, and counterparties of digital asset transactions” directly violate FCRA regulations, as credit reporting agencies would be enabled to maintain indefinite records of any user’s financial information and transactions without the possibility of deletion.
The Gramm-Leach-Bliley Act is a U.S. constitutional act guiding the regulation of banking companies, insurance companies and securities companies. Under the Gramm-Leach-Bliley Act, companies are required to provide consumers with privacy notices at the time of the establishment of consumer relationships, documenting the scope of use of financial information. In accordance with the FCRA, users must be given the right to opt out of the sharing of information.
Because the blockchain is a public ledger, with the restriction of privacy protecting tools and services, users would be unable to opt out of the sharing of information, as financial information regarding bitcoin transactions is shared with everyone and anyone able to view the Bitcoin blockchain by default. The restriction of privacy tools and services therefore constitutes a direct violation of the Gramm-Leach-Bliley Act.
The California Privacy Act is a state-level privacy act which governs the handling of consumer information, including financial information. It is often seen as a more strict implementation of the Gramm-Leach-Bliley Act. The act herein constitutes that financial information must be maintained within one financial entity, restricting access to other financial entities based on affiliation.
In the case of bitcoin transactions, any financial business conducting transactions on the blockchain on behalf of customers unavoidably shares customer’s financial information with other financial entities — namely anyone able to view a block explorer — as, again, the blockchain is a public ledger. Restricting the use of privacy technologies such as blinded e-cash or CoinJoin for businesses herein directly violates the relevant sections of the California Privacy Act.
The Digital Asset Anti-Money Laundering Act further violates the California Privacy Rights Act of 2020 which constitutes that businesses must obtain permission through a parent or guardian to collect data on individuals below the age of 16; a regulation unenforceable with the restriction of privacy tools as the age of Bitcoin users cannot clearly be distinguished in the bulk collection of chain analysis data.
The Privileges and Immunity Clause is part of the U.S. constitution, governing the freedom of movement. In 1869’s Paul v. Virginia, the court ruled that U.S. persons must retain the “right of free ingress into other States, and egress from them,” leading to the creation of this clause. With the restriction of the obfuscation of the origin of funds, as well as restrictions regarding the obfuscation of senders and receivers, the Digital Asset Anti-Money Laundering Act directly opens individuals up to arbitrary restrictions on their freedom of movement, as no individual is able to cross state lines without purchasing the necessary means, such as gas or train tickets.
The ramifications of fully surveillable means of payment on individuals’ freedom of movement have been clear most recently through protests in Hong Kong, during which protestors were identified by the times and places where their train tickets were purchased with digital means of payment.
For these reasons, it can further be argued that the Digital Assets Anti-Money Laundering Act infringes on articles 18, 19 and 22 of the 1966 International Covenant on Civil and Political Rights, which govern individual’s right to protest and freely assemble, as well as Article 11, which governs the right to free association, and Article 9, which governs the freedom of religion, as neither of these rights are effectively enactable by the individual’s side without a private form of payment.
In addition, for the reasons above, the Digital Asset Anti-Money Laundering Act violates Article 13 of the Universal Declaration Of Human Rights, which constitutes the right to freedom of movement, stating that any human must retain the right to leave any country and return to their own countries, as well as Article 12, which states that no one should be made subject to arbitrary interference with their privacy.
Section three, part d of the Digital Asset Anti-Money Laundering Act proposes the enabling of total surveillance of anyone using bitcoin as a currency under the pretense of anti-money laundering regulations. Yet, the Chainalysis crypto crime report of 2021 found that illicit activity in cryptocurrency use had reached an all-time low as volumes reach all-time highs, clearly rendering the proposed prohibitions of privacy technologies in cryptocurrency as arbitrary, therefore constituting a clear violation of Article 12.
It additionally violates the Right to Financial Privacy Act (RFPA), a federal law under which governments must obtain consent of the customer to access financial information, another regulation which would become virtually non-enforceable with the restriction of privacy tools and services and the enabling of bulk surveillance of Bitcoin users. While the RFPA was amended by the Patriot Act in 2001 to include the compelling of disclosures of requested information to intelligence and counterintelligence agencies for any investigation related to terrorism, the bulk surveillance of all cryptocurrency users can hardly be argued under the Patriot Act, in light of a $15.8 trillion market cap at a rate of an associated illicit transaction volume of 0.15%.
As pointed out by the non-profit research and advocacy center Coincenter, the Digital Asset Anti-Money Laundering Act may additionally be in violation of the fourth amendment of the US constitution, as it orders the warrantless surveillance of cryptocurency users through developers and miners while serving no purpose towards their operations.
It can be suggested that Sen. Warren spends less time attempting to regulate technology that she clearly does not understand and more time learning about existing financial regulations. She would further be well advised in refraining from attempting to violate her constituents’ constitutional rights and instead put her effort toward protecting them. After all, that’s what we pay her for.
This is a guest post by L0la L33tz. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc or Bitcoin Magazine.