Group items tagged

"In this study, while we offer a solution to the privacy conflict between the user and the regulatory agencies, we also provide a solution to the privacy conflict between the user and the banks. Our solution, KAIME has also a modular structure. The privacy of the sender and receiver can be hidden if desired. Compared to previous related research, security analysis and implementation of KAIME is substantially simpler because simple and well-known cryptographic methods are used."

"When designing privacy protection regulation, regulators face a challenging trade-off. On one hand, individuals are reluctant to share their personal data due to concerns about potential abuse or misuse. To protect consumers' privacy, regulators may consider limiting or even prohibiting the collection of personal data. On the other hand, data play a vital role for data-intensive firms like fintechs, which rely heavily on personal information to screen and price borrowers. Privacy regulation could thus potentially hinder the growth of fintechs and weaken competition in the financial sector."

The Bank of Canada published a paper that proposes a pseudonymous credential scheme for use in payment systems to protect users from fraud and abuse while retaining privacy in individual transactions. The scheme is privacy-preserving, efficient for practical applications, and hardened against quantum computing attacks. A practical and interactive credential mechanism was constructed, in which users are issued pseudonymous credentials against their personally identifiable information that can be used to register with financial service providers without revealing personal information. The protocol is shown to be secure and free of information leakage, preserving the user's privacy regardless of the number of registrations. Comparison reveals that the scheme is more efficient than equivalent, state-of-the-art post-quantum schemes.

While some regulations (e.g., GDPR, FCRA, and CCPA) help to prevent institutions from freely sharing clients' sensitive information, some regulations (e.g., BSA 1970) require FIs to share certain financial data with government agencies to combat financial crime. This creates an inherent tension between the privacy and the integrity of financial transactions. In the past decade, significant progress has been made in building efficient privacy-enhancing technologies that allow computer systems and networks to validate encrypted data automatically. In this paper, we investigate some of these technologies to identify the benefits and limitations of each, in particular, for use in data sharing among FIs. As a case study, we look into the emerging area of Central Bank Digital Currencies (CBDCs) and how privacy-enhancing technologies can be integrated into the CBDC architecture. Our study, however, is not limited to CBDCs and can be applied to other financial scenarios with tokenized bank deposits such as cross-border payments, real-time settlements, and card payments.

"This paper explores the feasibility of a fiat stablecoin that provides similar privacy guarantees to cash. We show how individuals in a stablecoin privacy pool can exchange small amounts of value within pre-assigned limits outside the view of third parties, such as banks, central banks, crypto exchanges, regulators, or other parties, in a regulatorily compliant way. High privacy guarantees and compliance with limits are ensured in a trustless way via the use of cryptographic zero-knowledge proofs. "

Quantitative Finance and Economics (QFE) published a paper that, based on a quantitative questionnaire among 682 Chinese citizens, explored the impact of privacy concerns on e-CNY central bank digital currency (CBDC) adoption. It found that several antecedents significantly influenced privacy concerns that negatively influenced e-CNY usage, particulary perceived vulnerability and self-efficacy concerns. Perceived vulnerability may arise from concerns related to the security of the technology, the potential misuse of personal information, and the risk of financial losses. Self-efficacy realtes to potential e-CNY user confidence that they can securely and manage associated privacy risks.

Canada's Centre for International Governance Innovation (CIGI) Digital Policy Hub published a paper by Ori Freiman on central bank digital currency (CBDC) governance, focusing particularly on programmability and privacy/surveillance. Although programmable money and payments can support social policies, they also raise questions about the authorities' influence and control, and how to ensure there is no abuse of power. Privacy is a significant CBDC design challenge because meeting financial integrity (e.g., AML/CFT) requirements while offering cash-like anonymity seems incompatible. Authorities' access to citizens' data could lead to state-level surveillance, threatening civil liberties and human rights. Even if safeguards are put in place, CBDC infrastructure could be changed and initial safeguards overridden, rendering this risk a time-consistency problem. Eleven policy recommendations are suggested on privacy and data rights, accessibility, public participation and oversight, prohibiting programmable money, legislation protecting cash and more.

The BIS Innovation Hub and the Hong Kong Monetary Authority have launched the second phase of Project Aurum. Phase 1.0 tested the feasibility of a technological stack that integrates a wholesale interbank system and a retail e-wallet. Phase 2.0 will now focus on how to enhance privacy for retail central bank digital currencies (CBDC). It will explore several privacy-enhancing technologies, including pseudonymization and zero knowledge proofs, and test how increasing privacy affects the performance and compliance of a system.

Questions about privacy are becoming increasingly important, especially as we learn more about the degree of involvement governments and large technology companies have in gathering and sorting through our data. In this context, the work of Kahn and his colleagues Roberds and McAndrews on financial privacy is becoming ever more relevant.

This NY Fed blog post discusses the implications of introducing a central bank digital currency (CBDC) that offers consumers a low-cost, privacy-preserving electronic means of payment-essentially, digital cash. Central banks are better positioned, relative to private intermediaries, to commit to safeguarding data from outside vendors, because a central bank has no profit motive to exploit payments data. By helping consumers to monetize privacy, central banks would not be proposing a radical transformation to the payments landscape. Rather, they would be preserving aspects of payments that existed prior to the digital revolution. However, this would require regulators and lawmakers to rethink how to adapt current anti-money laundering practices.

Bank of Canada Deputy Governor Tim Lane said that CBDC should have limits on how much anonymity it gives users, there would need to be a trade-off in terms of privacy were a CBDC to act as a replacement or complement to cash. A central bank should not issue CBDC that would increase the scope for illicit transactions to take place. The Bank of Canada has been exploring different CBDC infrastructure models to find an optimal balance between regulation and privacy, but CBDC would not be able to offer the same cash-like degree of anonymity on an unlimited scale.

If governments do decide to develop a publicly-run digital alternative to existing bank-mediated payments and physical cash, then technologies pioneered in the cryptocurrency space should deliver scale and accountability while preserving much of the privacy and freedom inherent in cash transactions, privacy and freedom that are essential to a free and democratic society.

"Physical cash should be the standard for evaluating how to strike a balance between ensuring privacy and adhering to anti-money laundering (AML) and countering the financing of terrorism (CTF) rules. At a minimum, this implies allowing real anonymity and transaction privacy for daily life transactions up to limits that are similar to the current limits for cash. In addition to full anonymity for low-value transactions, a high level of pseudo-anonymity should be provided for all larger transactions to ensure a high level of identity protection."

On June 28, the European Commission published a regulatory proposal for the digital euro, on which the it suggested a way to design a digital euro and how to integrate it into EU laws. Jonas Gross reviewed the proposal with a focus on its privacy aspects, including how it can be ensured that major design elements, such as related to privacy, will not be changed over time. It will need clear rules on governance and democratic political procedures for changes in the design. Further, it should be seriously considered to make (part of) the code open source, e.g., around the exact data that is recorded.

"With an increasing focus on anti-money laundering and counter-terrorist financing, it is extremely unlikely that the opportunity will not be taken here to reduce the level of anonymity that currently exists. That said, privacy is a closely intertwined matter, and the adoption of a risk-based approach can help address privacy concerns whilst supporting regulatory objectives around prevention and detection of financial crime. "

A paper by European Central Bank (ECB) staff studies how the choice of payment instruments affects privacy and welfare in the digital economy. Cash allows merchants to preserve their anonymity but cannot be used for online transactions that generate higher sales from more efficient distribution. By contrast, bank deposits can be used online but do not preserve anonymity: the merchant's bank learns from payment flows and exploits the underlying information to extract rents. Payment tokens issued by digital platforms allow merchants to hide from the bank but also enable platforms to stifle competition (e.g. by limiting the entry of more efficient competitors by creating a walled garden). An independent digital payment instrument that allows agents to share their payment data with selected parties-a privacy-enhancing CBDC-can overcome all frictions and achieves the efficient allocation.

The Atlantic Council published an article illustrating how various technical design choices can affect the privacy and transparency of cross-border central bank digital currencies (CBDCs). Many of the cross-border CBDC pilot studies to date have adopted the technical designs provided by enterprise distributed ledger (DLT) platforms. However, some of these designs make tradeoffs regarding privacy, efficiency, and/or security. Whether these tradeoffs are acceptable is a matter of policy, and requires coordination between different regulators and central banks.

This St. Louis Fed article explores non-custodial crypto asset mixers such as Tornado Cash. We analyze what types of mixers exist and how they work. We discuss opportunities and risks and offer an approach, based on voluntary disclosure, that would allow financial market regulators to combat money laundering and illicit activities, while allowing honest users to interact with privacy-enhancing protocols. We explain how crypto asset mixers play an important role on public blockchains and that privacy may be difficult to attain without them.

"Differential privacy is a definition used to describe various methods and techniques for analyzing data sets and extrapolating aggregated results, without directly affecting the privacy of any specific individuals contained within the original data sets."

"Differential privacy makes it possible for tech companies to collect and share aggregate information about user habits, while maintaining the privacy of individual users. "