FinCEN’s Proposal of Special Measure Regarding Convertible Virtual Currency Mixing, as a Class of Transactions of Primary Money Laundering Concern would criminalize Bitcoin privacy tools under the suspicion of money laundering. The proposal cites Section 311 of the USA PATRIOT Act, which enables the bulk collection of data by intelligence agencies.
If FinCEN has its way, all regulated entities will have to provide customer data for funds suspected to have interacted with “mixing” tools and services to federal agencies, and could go as far as including the use of the Lightning Network as a reportable act. To understand the motivation for FinCEN’s proposal, we need to look at the relationship between blockchain surveillance firms, intelligence agencies, and the methods informing heuristics to track funds on-chain.
Blockchain surveillance firms use a range of heuristics to track funds on-chain. Some heuristics stem from publicly available, peer-reviewed research, such as the common input ownership or co-spend heuristic, in which it is assumed that all inputs to a transaction are owned by the same person. Other heuristics are less publicly known due to the proprietary nature of blockchain surveillance software. What we do know is that Chainalysis has “developed thousands of other heuristics based off [of] an understanding of idioms of usage in the bitcoin ecosystem”, according to a research paper.
There may be a thousand ways to skin a cat, but if “thousands” of heuristics are necessary to track funds in Bitcoin, we can assume that the processes applied are not necessarily very reliable. The lack of a scientific framework to complete blockchain surveillance tasks is highlighted by the aforementioned paper as well, citing the lack of a “ground-truth dataset for address clusters”. But a science that is not based on fact is fantasy.
The systematic inaccuracy of blockchain surveillance software is, too, reflected in the US government’s own procurement records, showing that departments such as the US Treasury contract not one, but at least two different blockchain surveillance firms for law enforcement purposes, namely Chainalysis Inc. and Elliptic Enterprises Limited. This is because, as illustrated in the case US vs. Sterlingov, different blockchain surveillance providers historically yield different results.
The unreliability of blockchain surveillance software becomes even clearer when investigating the reasoning brought forward to support FinCEN’s proposal, namely that terrorists, such as Gaza’s Hamas, allegedly turn to cryptocurrency for fundraising – a claim that’s been excellently debunked by former US Chamber speechwriter and director of public policy at Riot Platforms Sam Lyman, highlighting that Hamas’ previous crypto fundraisers were, in fact, an absolute disaster, leading to the covert funneling of funds toward the US Government.
But facts don’t stop former IRS investigator and current Elliptic strategic engagement lead Matthew Price from claiming that “using crypto is ‘much easier than smuggling cash over Egypt’s border’”. Chainalysis disagrees, in a statement issued to clarify the widespread misinformation that Hamas allegedly received millions in cryptocurrency leading up to the October 7th attacks: “Given blockchain technology’s inherent transparency and the often public nature of terrorism financing campaigns, cryptocurrency is not an effective solution to finance terrorism at scale”.
We now have three different blockchain surveillance providers all claiming three different things. In the original article, Tel-Aviv based BitOK claims for Hamas to have received over 41 Million USD, while Elliptic claims for the Palestinian Islamic Jihad to have received over 93 Million USD in crypto between 2021 and June this year – numbers which, Chainalysis claims, are “overstated”. Apparently, analysts falsely identified an exchange wallet as a personal wallet.
Since the majority of heuristics and clusters applied lack a scientific basis, there’s no way to know for certain whose numbers are correct. Instead, lawmakers must decide whose information to trust. Here, proximity to the intelligence apparatus comes in handy. In the past three years, Chainalysis has received at least 2 Million USD from InQTel, the venture capital arm of the CIA, while its competitor Elliptic was founded out of a GCHQ accelerator.
Because of the inherent inconsistencies of on-chain tracing, FinCEN’s proposal is, quite literally, necessary to survive for blockchain surveillance firms, by enabling the bulk feeding of the so-called intelligence heuristic. In the intelligence heuristic, blockchain surveillance firms pair on-chain data with real-world data that is either openly available – such as by sharing addresses via public communication channels – or obtained via federal agencies. But private information can, at this point, only be obtained via warrants or subpoenas, which require probable cause and constitute lengthy processes. This should currently make the intelligence heuristic a slow and costly one complicated to apply in bulk – a problem FinCEN’s proposal would solve by requiring alleged mixing transactions to be directly reported to the federal government, disregarding the people’s right to protection from arbitrary search and seizures in favor of anti-terrorism legislation. FinCEN’s proposal can therefore be understood as an admission that blockchain surveillance is inefficient to track funds via on-chain data alone.
“You can’t trace funds through a service, because the way that services store and manage funds deposited by users inherently makes further tracing inaccurate,” writes Chainalysis. Without the regulation of privacy tools under the PATRIOT Act and the consequential reporting of user data, a large part of its business would continue to be rooted in best guesses.
The only problem: according to Chainalysis’ own data, less than 1/3rd of funds received by mixers in 2022 were identified as illicit. The majority of funds remain perfectly lawful, while terrorist financing makes up less than a fraction of overall illicit funds identified: “[T]errorism financing is a very small portion of the already very small portion of cryptocurrency transaction volume that is illicit,” says Chainalysis.
Regulating privacy technologies under the PATRIOT Act therefore cannot, and should not, be justified, as its only purpose is the enabling of total surveillance of otherwise law-abiding citizens via intelligence services while furthering the overreach of blockchain surveillance firms.
This is a guest post by L0la L33tz. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc or Bitcoin Magazine.
Source: https://bitcoinmagazine.com/technical/why-blockchain-surveillance-needs-fincens-patriot-act-ploy