Vanishing Acts: How Personal Privacy is Disappearing Before Our Eyes
Last week there was some commotion in bitcoin world, this time not because of price or halving, but because the two founders of Samurai wallet were arrested for operating illegal money transmitting services and possible money laundering. You can read the indictment here or find more details in this Forbes article. It goes without saying that not all users of the wallet are criminals or had any criminal intentions when using the wallet. Samurai wallet founders have been released on bail for now, and it will take some time to see what the punishment will look like.
This week, former Binance CEO, Changpeng Zhao (CZ), was sentenced to 4 months jail time, after paying a $4.4B fine, no less.
Binance, a centralised cryptocurrency exchange that on June 2023 was charged by the SEC of operating unregistered exchanges, broker-dealers, and clearing agencies; misrepresenting trading controls and oversight on the Binance.US platform; and the unregistered offer and sale of securities.
Binance CEO, CZ, was sentenced yesterday at 4 months jail time and Binance paid a $4.4B fine. Let’s make a note that no Binance customer was fleeced of their money, nobody ran with Binance funds, and there were no money laundering charges. This was about not having the right regulatory clearance for US exchange operations.
I know what you’re thinking: what does any of this have to do with privacy? And shouldn’t illegal activity be punished? Absolutely, and I have no intention to make excuses for anyone, no matter who they are or in what industry. However, shouldn’t the law be applicable for everybody? Shouldn’t the punishment be the same if the crime is similar? Does it matter if the evidence shows clear crimes being committed versus “there is a possibility” for crimes to take place? I agree, sometimes there are circumstances to be considered, but up to what point?
I’m not implying that’s ok, I’m trying to set the scene, hoping you will see the trend.
These are not isolated incidents in cryptocurrency. There are other examples like Ross Ulbricht, the "Dread Pirate Roberts" of the internet, founded and operated the darknet marketplace Silk Road in 2011 until it was shut down by the U.S. government in 2013 (Investopedia, 2024). Does he deserve to be under the scrutiny of the law, absolutely. Does he deserve life in prison, I think not and if you keep reading maybe you will see why.
Now let’s have a look at a famous banking scandal that has been dragging on for over 10 years, HSBC! According to Reuters (Sept 2, 2022):
The U.S. Federal Reserve has terminated a decade-long enforcement action against HSBC Holdings PLC under which Europe's biggest bank by assets was ordered to improve practices after violating money laundering and sanction rules.
London-headquartered HSBC was accused in 2012 of degenerating into a "preferred financial institution" for Mexican and Colombian drug cartels and other wrongdoers through what the U.S. Department of Justice (DoJ) called "stunning failures of oversight".
The bank agreed to pay a then-record $1.92 billion in fines and abide by a business improvement order after acknowledging it failed to maintain an effective program against money laundering and conduct basic due diligence on some of its account holders.
"Over the last decade HSBC's employees have worked hard to transform the bank's financial crime risk management capabilities," the bank said in a statement.
HSBC got a slap on the wrist in the form of a minuscule fine, compared with their profits or even with the amount they laundered over the years, or the lives destroyed by the people conducting those illicit activities. No sentencing, no jail, just a fine!
Here’s a succinct overview of other major bank hacks in the last decade, listed from most recent to oldest, including details of the event and subsequent penalties:
Deutsche Bank (2020): A technical glitch caused a data leak of emails and sensitive documents; specific penalties for this incident were not reported. No jail.
Capital One (2019): Exposed personal data of 106 million customers; fined $80 million by U.S. regulators for inadequate risk management and cybersecurity controls. No jail.
Tesco Bank (2016): Hackers stole £2.5 million from customer accounts; fined £16.4 million by the UK Financial Conduct Authority for failing to prevent the attack. No jail.
Bangladesh Bank (2016): Cyber thieves transferred $81 million illegally; no direct fine, but the incident led to significant international banking security reforms. No jail.
JPMorgan Chase (2014): Breach affected 76 million households; no specific fine for this breach, but it triggered extensive government inquiries and increased cybersecurity investments by the bank. No jail.
Banks, state institutions and tech giants need to be accountable not only for how they use our data or for selling it without our consent, but also for allowing our identities, our information, our personal lives to be misused, our privacy invaded.
With such escalation in criminal activity happening within legal institutions, you would think lawmakers and regulators would do something to protect us and our (future) children. And yet, sadly that’s not the case. Instead we blame individuals, we tell users it’s their fault for not protecting themselves and for sharing too much on social media.
If using cryptocurrency and wanting privacy is severely punished, should we take all internet providers, founders of googles, CEOs of banks and any other operators and lock them up for life? Because drugs are sold over licensed internet operators, people trafficking and drug deals involves banking transactions, child pornography is hosted on legit licensed social media channels and so much more!
Why isn’t the law the same for them? Why aren’t they at least stopped from proliferating such activities with strict regulation and punishment? Could one of the reasons be that all these companies and institutions give free access to their user data to regulators, government institutions and anyone who want to make money from our data?
Cryptocurrencies like Bitcoin and the underlying blockchain technology tries to cure the disease of the internet era, and yet, lawmakers fail to understand it and don’t allow it to operate under the law. They make examples of those trying to build something new and deter others from even starting to build on blockchain or interact with cryptocurrencies, whilst being unable to cope or even properly regulate internet operators and companies that they have licensed blindly. All in the name of protecting us.
I ask myself every now and again, who are they protecting me from if the money in my bank are tainted by drugs and blood, or if I have to stop my child from using internet to make sure she’s not going to be prey for pedophiles, or become suicidal because some criminal gang is going to try to sextort her with some deepfake porn they made using an innocent selfie she may have uploaded on some “legal and reputable” social media platform?
Where is the protection of my privacy when my medical data is being sold or freely shared by organisations such as the NHS (UK National Health Services)? Is GDPR, a convoluted heavily loopholed policy, going to protect my personal information when platforms are allowed to stop me from using their services if I don’t agree to consent, or the actual GDPR terminology still allows the platform to use my data however they see fit?
Yes, crime needs to be punished, but we need to make sure that the law is actually blind and punishment is equal for the crime committed. Lawmakers and regulators need to be educated on what are the benefits of personal privacy and how emerging technologies like blockchain and cryptocurrency can be used to actually provide the much needed protections.
Privacy is not a crime, it’s a human right:
Universal Declaration of Human Rights (UDHR) - Article 12 of the UDHR, adopted in 1948 by the United Nations General Assembly, explicitly states that no one shall be subjected to arbitrary interference with their privacy, family, home, or correspondence, nor to attacks upon their honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.
European Convention on Human Rights (ECHR) - Article 8 of the ECHR guarantees the right to respect for private and family life, one's home, and correspondence. It asserts that public authority cannot interfere with the exercise of this right except in accordance with the law and is necessary in a democratic society for national security, public safety, or the economic well-being of the country, among others.
I should be allowed to monetise the use of my data with my consent, I should be allowed to transact without revealing every personal detail to the world because it sits on a bank server that is not secure enough. I should be allowed to control who sees my data, and ensure it's used in ways I agree with, all without making my information vulnerable to misuse. I should have the right to send messages and photos to my family over the internet or through social media without the fear someone is going to try steal my identity. I should be able to take my wealth (money) with me in case of natural disasters or political turmoil. I should have the right to freedom of speech without fearing my money and assets will be frozen. I have the right to a private life!
If so far we failed to provide the right protection to privacy, here are some everyday examples of how blockchain and cryptocurrency can help you protect and control your personal data:
Keeping your data safe:
Imagine blockchain as a secret diary that scrambles your written secrets into a code that only you can understand. This way, even if someone finds your diary, they can't read your secrets.
Storing your data in pieces all over town:
Instead of keeping all your important papers in one place, imagine if you could store pieces of them in several secure locations around town. Blockchain does this digitally, making it really hard for thieves to get your whole data set.
Setting rules for your data like a game:
Think of smart contracts as setting rules for a game. You can set rules on who can see your personal information, just like setting rules about who can play the game and what they can do in it.
Turning your data into special tickets and monetise it:
With blockchain, you can turn your data into digital "tickets." If someone wants to access your data, they must buy a ticket. You decide how many tickets are available and what holders can do with them, all without revealing who you are.
Keeping a log of who’s allowed in:
A consent ledger is like having a guest book at the entrance of a party. It keeps track of who you've given permission to come in (access your data), making sure everyone who enters is supposed to be there.
Proving your age without an ID:
Zero-knowledge proofs are like proving you’re old enough to see a movie without showing your ID. You can prove you meet the requirements without giving away any other information about yourself.
Sending secret notes:
Some blockchain systems let you send money like passing a secret note that only the recipient can read. This keeps your transaction private, just between you and the other person.
Following the rules without sharing more than needed:
Blockchain can make sure that your data is handled properly according to privacy laws, like making sure companies treat your information right without exposing it to others.
I would like to conclude stating that being safe shouldn’t come at the cost of our privacy. The old adage - “I have nothing to hide” is just that, old and irrelevant. We are entitled to privacy, to living a life where every move we make shouldn't be considered a possible intent to do something illegal or immoral. We have the right to be embarrassing without fear to be exposed or judged, we have the right to keep our money, our assets safe from anyone, governments included, in times of war and economic uncertainty. We shouldn't have to ask permission for withdrawing more than £300 from an ATM. We work hard and we try to achieve financial freedom to make our life easier, build wealth for our children. We want to invest and build generational wealth, not just save so that a bank can use our money for illicit activities whilst inflation devalues our savings. We want to experiment with new technologies without the fear of backdated legislation that will put us and our families at risk.
We want to work with lawmakers and regulators to educate them, experiment together, learn new ways and build new technological and financial systems because that’s the right thing for humanity, working for all of us, truly building inclusion and equity into the fabric of society, not be stamped on, punished before we even commit a crime, scared into submission because it serves monetary or political interests of the few!
When you read headlines, think of the bigger picture and ask questions, don’t rush to judge that an entire generation and industry is made of criminals and scammers. Look beyond the headlines and see how big banks buy crypto whilst telling us we’re too stupid to make decisions or educate ourself about money, and possibly we’re looking to just buy drugs and dodge taxes.
