In the Bitcoin Economy, Anonymity and Privacy are Not the Same Thing

Photo of Dr Greg Mulhauser
Photo by Soggydan - http://flic.kr/p/6DfmeU

One of the most frequently cited benefits of cryptocurrencies such as Bitcoin is the enhanced level of privacy which such currencies can provide. It’s easy to conflate privacy and anonymity, however, and ironically enough, preoccupation with anonymity risks both undermining privacy and impeding the wider acceptance of Bitcoins as a currency for conducting business.

The warning has been repeated many times, not least in the official Bitcoin wiki: in real use, Bitcoin transactions are not as anonymous as one might think. (See the paper by Reid and Harrigan to understand why Bitcoin is arguably not anonymous at all.) There are good reasons why the perception of anonymity lingers, however, and during its incredibly brief history, the Bitcoin community has identified many of the risks inherent in coupling a degree of anonymity with the irreversibility of Bitcoin transactions. Unfortunately, the partial solutions which have emerged to address those risks — solutions which predominantly boil down to crowd-sourced assessments of the trustworthiness of pseudonymous user accounts by other pseudonymous user accounts — do little to address what is, for many users, a significantly higher priority.

That higher priority is privacy. Unfortunately, privacy often winds up either being conflated with anonymity or being set aside in the implicit belief that if you take care of the anonymity, the privacy will take care of itself. Ironically, however, preoccupation with anonymity, and especially the makeshift solutions designed to address problems which anonymity creates, risk making privacy in the Bitcoin economy worse, rather than better. For ordinary consumers and businesses who simply want to get on with buying, selling, and investing using Bitcoins as currency, the best protections for privacy come from dealing not with anonymous entities but with real people and real businesses with real reputations and real laws to follow.

Don’t get me wrong: I am making no suggestion one way or the other about the role of anonymous transactions per se, or about the preference of some users to retain anonymity. There’s a whole galaxy of legitimate reasons for wanting to counduct a transaction anonmyously, and I accept that completely. Nor am I making any suggestion whatsoever that Bitcoin itself should be regulated or overseen by governments — far from it. Rather, I am saying that many ordinary consumers and businesses would rather deal with known real world entities with real world reputations, entities with whom they have some legal recourse should anything go wrong or should their privacy be compromised.

Advocating for privacy does not and should not require advocating that Bitcoin users hide their identities. Nor do the many, many advantages of Bitcoin as a currency have to come wrapped up with any assumptions about doing so.

(Should anyone have any doubts, I have been an avid privacy advocate for a couple of decades. Personally, I’ve been routinely encrypting local files since the days of DES, and if you feel the urge you can even go to the MIT PGP key server and look up the 1990s-vintage PGP key for my old address when I worked at BT.)

Here’s a closer look at why I believe shifting focus from anonymity to privacy could promote the broader acceptance of Bitcoin as a currency for real business.

How Bitcoin Supports Privacy

In the context of business and finance, I take privacy to refer to a person’s choice over the disclosure of information about balances and transactions — what money a person has, how they came to have it, how they choose to spend it, and so on. In the context of Bitcoin in particular, the cryptocurrency can in principle provide very strong privacy.

Unlike bank accounts or credit cards, which are designed from the start to be associated with real world entities with well defined legal standing, Bitcoin receiving addresses have no baked-in association with any particular real world entity; nor do transactions or individual Bitcoins themselves. In addition, Bitcoin transactions have no equivalent of a return address. In this very limited sense, then, Bitcoin can provide not just privacy, but a limited degree of anonymity: as with the flow of real physical banknotes, nothing inherent to the Bitcoin framework reveals personally identitifying information solely from a Bitcoin address or the transactions in which it is involved. Of course, unlike the movement of physical banknotes, all Bitcoin transactions are themselves a matter of public record, and network analysis tools can trace the ongoing flow of specific units of currency through transactions involving new addresses. While information about the raw mechanics of a transaction is included directly in the public record, however, information about whose transaction it was is not.

The absence of explicit personally identifying information from the public blockchain, however, does not imply blanket anonymity, and for many transactions the counterparties specifically require that some type of identity information be exchanged, at least between themselves. Buying a physical product, for example, generally requires revealing enough information about yourself that the merchant can deliver it to you. Likewise, buyers generally appreciate evidence that a merchant really is who they say they are, can deliver the product, and won’t simply abscond with their coins. Either way, reducing or entirely eliminating anonymity with the merchant does not imply loss of the buyer’s privacy. Failing to reduce or eliminate the anonymity of the merchant, on the other hand, could be a great recipe for risking the buyer’s privacy.

How Bitcoin Risks Privacy

In such transactions, safeguarding privacy rests upon the same principles of data protection and respect for individuals’ ultimate authority over their own information that we have come to expect — and legislate for — in the case of ordinary real world exchanges. It does not rest, in any way, on anonymity. In fact, it has nothing to do with Bitcoin per se, except perhaps in this way: Bitcoin’s public record of transactions makes violations of privacy even more of a potential liability than in most other methods of transacting monetary value. Once the buyer provides personally identifying information to the merchant, the status of that person’s privacy, including the link between them and the publicly visible transaction, becomes dependent upon the subsequent actions of the merchant. That person’s privacy also potentially affects the privacy of all the other individuals using that specific Bitcoin, by providing what amounts to an identifiable anchor point for analysis of the Bitcoin network flow.

To put it another way, regardless of what you might believe about the degree of privacy or anonymity built into the protocol as it stands at the moment, wherever there are touch points between the protocol and the real world, potential compromises of privacy can be huge. Relying on the degree of anonymity provided by the protocol itself offers an entirely false sense of security when it comes to your privacy: once information leakage occurs, it leaks big time. And the question of whether information leakage occurs is up to people, not the protocol.

What Bitcoin giveth, Bitcoin can taketh away: the very same underlying mechanism which can be used to promote privacy can also represent significant liability for the privacy of individuals using it. As things stand at the moment, barring changes to the core Bitcoin code (a few proposals for which have been put up for discussion, such as the Zerocoin add-on), Bitcoin itself makes no difference one way or the other — the difference is made by real people and real businesses, their actions and their consequences.

Addressing Problems of Conducting Business Anonymously — While Undermining Bitcoin’s Potential?

The Bitcoin community’s response to all of this has historically been to promote the Bitcoin-OTC web of trust and to encourage users of the Bitcoin Forum to build their reputations via posting on the forum. But here again, this general approach really has nothing to do with Bitcoin: it makes sense for anyone wanting to participate in transactions with other people who choose to remain anonymous. I.e., the underlying challenge which the WOT and coaxing people into posting hundreds of times to the forums addresses, with a distinctly limited degree of success, is the individual choice to conduct business anonymously. (And to be clear, relatively few forum users directly reveal their real identities via their posts or via their usernames. As for the WOT, it’s notable that only around 4375 users are registered there, compared with over 130,000 registered forum users.)

And therein lies the problem: what about ordinary businesses and ordinary consumers who simply want to buy, sell, and invest using Bitcoins? Many of those people emphatically do not want to deal with a pseudonym, regardless of that pseudonym’s WOT rating or number of posts on a de facto central authority called bitcointalk.org: they want to deal with real people, using real names, and real businesses with real operating histories. Not only do they not care to operate anonymously, but they recognise that their privacy may be more at risk when they attempt to do so; after all, unlike a real business, there is rarely any recourse against a pseudonym in the event of a problem or dispute, regardless of how highly rated that pseudonym might be.

Would you rather conduct a transaction with the pseudonym ‘EddieTheEnforcer1999’ whose main claim to fame is 500 forum posts, or with your local Wal-Mart? (Apologies if you happen to be EddieTheEnforcer1999 — it’s intended to be a fictitious example.) Remember that the greatest scams in Bitcoin’s brief history have usually been perpetrated by users with great forum records and positive ratings in the community; there is no better fodder for scammers than forum-fed groupthink.

Finally, from a practical standpoint, creating a batch of forum posts primarily to build up trust in a pseudonym, or even an autonym for that matter, represents very significant cost in terms of labor — a cost which very few people interested in conducting non-anonymous business will be thrilled to incur purely for the purpose of gaining entry into a trusted circle populated primarily by other pseudonyms. A large number of Bitcoin users, both consumers and businesses, have little or no interest in even registering for a forum pseudonym or WOT account, let alone building up their anonymous reputation.

Broader adoption of Bitcoin by the millions of other people waiting on the promise of this potentially revolutionary, decentralized, personally empowering currency will benefit from leaving behind some of the ironically stifling, centralized, personally disempowering dogma sometimes encountered within the Bitcoin community that the WOT and forums are the ultimate judges of authenticity, trustworthiness, or competence in all things Bitcoin. To the extent that real world reputations of real businesses and real people are deemed to play second fiddle to pseudonymous forum or WOT accounts, growth of the Bitcoin economy to welcome more of those who value their privacy over anonymity will be constrained, and that will benefit none of us.

All material on this site is carefully reviewed, but its accuracy cannot be guaranteed; please do your own checking and verifying. This specific article was last reviewed or updated by Dr Greg Mulhauser on .

PsychologicalInvestor.com provides market analysis and commentary, not investment advice. No warranty or representation, either expressed or implied, is given with respect to the accuracy, completeness, or suitability for purpose of any view or statement expressed on this site. Information on this site is not an offer, nor a solicitation, to buy or sell any securities mentioned on the site.

Copyright © 2013-2019. All Rights Reserved.