Tag Archives: Privacy

“Frontiers of Digital Finance,” CEPR, 2025

CEPR eBook, 12 November 2025. PDF, HTML.

VoxEU column: Frontiers of Digital Finance: A Global Perspective. HTML.

VoxEU column: Frontiers of Digital Finance: Stablecoins, monetary ‘singleness’, tokenisation, and decentralised finance. HTML.

My introduction to/summary of the book:

The digitisation of payment, trading, and settlement systems is reshaping the financial architecture. New technologies are transforming how value is created, stored, transferred, and accounted for, altering the balance between public and private money, enabling the bundling of services, challenging traditional financial institutions, and prompting a wave of regulatory and institutional responses.

The global picture is uneven. Some regions are leapfrogging others, and conflicting ideologies about the proper role of the state in money give rise to fragmentation and concerns about monetary sovereignty.

This book offers an overview of major trends, as analysed by leading researchers and policymakers. It is structured in four parts. Part 1 presents regional perspectives, examining the approaches taken by India, Brazil, sub-Saharan Africa, the United States, and the euro area. For the euro area, the focus is on the digital euro and its implications for monetary sovereignty, privacy, and holding limits aimed at preserving financial stability.

Part 2 delves into stablecoins – the shooting stars in the digital financial ecosystem. Their evolution has spurred a flurry of policy debate, with the European Union’s Markets in Crypto-Assets Regulation (MiCAR) and the US GENIUS Act now offering greater regulatory clarity.

Part 3 turns to the concept of monetary ‘singleness’ – the principle that all forms of money in a currency area should be fully interchangeable and trade at par. As new digital forms of money proliferate, the cohesion of the monetary system may be called into question.

Part 4 brings together chapters on tokenisation, digital platforms, and decentralised finance (DeFi), and their broader impact on service bundling, credit allocation, financial inclusion, and consumer protection.

Regional perspectives

In the opening chapter of Part 1, Amiyatosh Purnanandam describes how India’s Unified Payments Interface (UPI), launched in 2016, has improved the efficiency of account-based payment systems by addressing the core frictions of information exchange, authentication, and final settlement. Developed under a public-private partnership, UPI enables real-time, low-cost, and interoperable digital payments between any two entities, regardless of their bank or payment service provider. India overcame challenges around identity verification and financial inclusion by implementing a nationwide system of digital, biometric-based identification and by expanding access to bank accounts for large segments of the unbanked population. These developments, alongside digital infrastructure investments and regulatory support for private sector participation, allowed UPI to lower transaction costs and provide small businesses with digital transaction histories that improved access to credit.

Purnanandam highlights how demonetisation and the COVID-19 pandemic accelerated the adoption of UPI. The system’s interoperable design allows users to choose among competing apps, reinforcing network effects and encouraging innovation. Early adoption by banks in some areas led to persistent increases in digital payment usage. Moreover, UPI has enabled streamlined welfare disbursements, with nearly 60% of subsidy payments being delivered directly into beneficiary accounts by 2024. According to Purnanandam, the UPI experience demonstrates the critical role of coordinated efforts across public and private sectors, along with a flexible and inclusive regulatory framework.

Fabio Araujo and Arnildo da Silva Correa describe the Central Bank of Brazil’s comprehensive innovation strategy, Agenda BC#, fostering tokenisation and integration to enable faster, more transparent, and programmable asset transfers. The agenda is built around four interlinked pillars: (1) Pix, an instant payment system launched in 2020, which also supports a ‘synthetic’ retail central bank digital currency (CBDC) model; (2) Open Finance, which promotes secure data sharing and competition; (3) Drex, Brazil’s central bank digital currency designed as a platform for a tokenised economy; and (4) the internationalisation of the Brazilian real, through regulatory modernisation and cross-border interoperability. Each component reinforces the others, creating a cohesive, digital financial ecosystem that enhances efficiency, security, innovation, and inclusivity.

Pix marked the foundational shift, offering a public infrastructure for instant, programmable payments that has been widely adopted across Brazil and credited with improving financial inclusion and spurring innovation. Open Finance expanded the ecosystem by allowing consumers to share financial data among institutions, unlocking more tailored services and competitive offerings. Drex builds on this by introducing distributed ledger technology, enabling advanced programmability, atomicity, and secure, tokenised deposits while incorporating privacy safeguards such as zero-knowledge proofs. Finally, internationalisation efforts are aligning domestic systems with global standards. Together, these initiatives aim to create a user-centric financial system where services are accessed through intelligent aggregators, enhanced by AI and driven by user-controlled data.

Luca Ricci and co-authors describe how digital innovations are reshaping the payment landscape across sub-Saharan Africa, facilitating financial inclusion, payment efficiency, lower remittance costs, and reduced informality. Private mobile money has been particularly impactful, with account ownership far outstripping the growth of traditional bank accounts. While central bank digital currencies, fast payment systems, and crypto assets are debated (with Nigeria having already launched the eNaira), their broader adoption is held back by weak digital infrastructure, limited institutional capacity, low levels of financial and digital literacy, and the high costs of system deployment. Cross-border payments remain slow and costly, and fragile governance frameworks heighten concerns about consumer protection, data privacy, and financial integrity.

To address these challenges, the authors outline four policy priorities: (1) investment in infrastructure and skills; (2) supporting private innovation within secure and competitive regulatory frameworks that enable interoperability and reinforce governance; (3) positioning public digital tools to complement – rather than compete with – private solutions, based on assessments of market gaps and resource needs; and (4) fostering regional and international coordination to ensure interoperability and resilience. Ultimately, digital payment reforms must be anchored in sound macroeconomic policies that preserve monetary sovereignty and financial stability.

Michael Lee argues that the 2025 Executive Order on digital financial technology and the GENIUS Act represent a strategic shift in the United States towards private sector-driven innovation in blockchain-based financial systems. The Executive Order rules out the development of a CBDC while endorsing a technology-neutral approach and regulatory clarity for stablecoins. The GENIUS Act establishes a federal framework for fiat-backed payment stablecoins, mandating at-par redemption, backing primarily by US dollar cash and cash equivalents, and regulatory oversight. Regarding the more than 340 stablecoins in circulation – 97% dollar-denominated and dominated by Tether and Circle – concerns remain over reserve transparency, and redemption practices vary widely.

Beyond stablecoins, Lee describes the increasing tokenisation of Treasury funds and commercial bank deposits. Tokenised US Treasury funds are largely held by long-term investors or used as on-chain reserves. Deposit tokens and tokenised deposits typically align with existing regulatory standards – including full know-your-customer (KYC)/anti-money laundering (AML) compliance and access via whitelisting – and can pay interest. In contrast, stablecoins circulate more freely (issuers functionally manage a whitelist only at the issuance stage) but are barred from offering interest directly under the GENIUS Act; however, issuers often partner with platforms to indirectly deliver yield. Together, these instruments form a spectrum, each balancing accessibility and return in different ways.

Ulrich Bindseil and Piero Cipollone argue that central bank electronic cash (CBEC) is essential to preserving monetary sovereignty, as private (often foreign) service providers increasingly dominate retail payments. This carries significant risks: rising payment costs due to oligopolistic market power, reduced financial and monetary stability, loss of seignorage income, and increased vulnerability to geopolitical risks. Bindseil and Cipollone present CBEC not as a disruption but as a necessary evolution to ensure the continued public provision of a neutral, secure, and sovereign monetary instrument that is designed to complement rather than replace commercial bank money.

The authors emphasise that monetary sovereignty faces new threats from globalisation, the advent of new technologies such as public blockchains, and a surge of nationalism that dismisses the merits of international co-operation. CBEC helps counter these threats across five dimensions: it protects macro-financial stability by preventing dollarisation; it ensures access to payment systems without abuse of market power; it preserves seigniorage income and the financial independence of central banks; it reduces strategic dependencies on foreign actors; and it protects informational sovereignty by avoiding overreliance on foreign-owned platforms.

Maarten van Oordt argues that the accelerating shift away from cash in the euro area is driving a significant erosion of privacy in payments. Unlike cash, electronic payments generate detailed records that are monitored by payment service providers and subjected to regulatory oversight. These data are not only used for compliance but also for commercial purposes, and they can be leveraged not just to monitor but also to censor or exclude individuals. The author emphasises that common justifications for payment surveillance – such as crime prevention and tax enforcement – do not automatically warrant broad monitoring powers in a democratic society.

Van Oordt does not expect the currently proposed digital euro design, which includes both online and offline payment options, to close the growing ‘privacy gap’ in retail payments. Online digital euro payments would be processed centrally, offering little improvement over existing systems, and, depending on the robustness of pseudonymisation techniques, could even exacerbate privacy risks. Offline payments, while potentially more private, face challenges such as usage limits and unresolved security concerns. Without critical amendments – such as enabling remote payments through offline balances or designing online payments to emulate the anonymity of cash – the author foresees the digital euro as heightening surveillance risks. He stresses that privacy in payments is a public good and warns that failing to safeguard it in the digital age would squander a crucial opportunity to redesign the financial system in such a way that upholds individual autonomy and democratic values.

Katrin Assenmacher and Oscar Soons explain that the European Commission’s June 2023 legislative proposal tasks the European Central Bank (ECB) with developing instruments to limit the use of the digital euro as a store of value, including the introduction of individual holding limits. These limits are intended to balance three objectives: enabling convenient payments; ensuring smooth monetary policy transmission; and safeguarding financial stability. The authors describe the ECB’s methodology for calibrating these limits so they are high enough for payment use but low enough to prevent significant bank deposit outflows that could destabilise funding structures.

To assess the appropriate holding limits, the ECB considers both a business-as-usual scenario – where the digital euro is mainly used for payments – and a flight-to-safety scenario, which involves mass withdrawals from banks during crises. Surveys and econometric analyses yield a broad range of estimates for digital euro demand. However, even under conservative assumptions, research indicates that large deposit outflows would likely only arise if individual holding limits exceeded €5,000, at which point banks would need to rely more heavily on central bank or market-based funding to manage liquidity pressures.

Stablecoins

In the first chapter of Part 2, Hugo van Buggenum, Hans Gersbach, and Sebastian Zelzner discuss how stablecoins – digital assets pegged to fiat currencies – have rapidly evolved from niche instruments into a major segment of digital finance. While fiat-backed stablecoins promise to combine the technological advantages of crypto with the stability of traditional money, depegging episodes underscore their vulnerability to run risks due to illiquid reserves, limited issuer commitment, and noisy market signals. Trading on active secondary markets can mitigate run incentives by giving holders alternative exit options when redemptions are restricted.

The authors discuss how the EU MiCA Regulation and the US GENIUS Act address systemic risks posed by stablecoins, focusing on reserve quality, redemption rights, and transparency. They suggest that well-designed redemption restrictions – such as gates or fees – should be permitted to prevent destabilising runs. They also caution against the remuneration of stablecoins, as interest payments could trigger destabilising competitive dynamics and coordination failures across issuers, and examine potential effects on banks, monetary policy transmission, and overall financial stability.

Rodney Garratt highlights the dramatic growth of the US dollar-denominated stablecoin market and the fundamental regulatory shift that now encourages institutional participation, including by commercial banks. The author expects the entry of traditional financial institutions to reshape the competitive landscape, with banks serving their regulated clients via public blockchain-based payment rails, while existing issuers continue to operate within the crypto ecosystem.

Garratt likens stablecoins to digital travellers’ cheques – clearing instruments redeemable at par but not tied to individual account holders. As banks enter the space, redemption frictions and interoperability challenges echo historical issues from the pre-clearinghouse era of cheque processing. He argues that a universal stablecoin clearing system will be crucial for broader adoption, ensuring fungibility and monetary singleness across issuers. While stablecoins may not offer clear advantages in many domestic use cases – given the rise of real-time payment systems – he sees potential in global, programmable transactions, particularly for corporate users needing low-cost, high-speed, cross-border payments. Garratt predicts bank-issued stablecoins will have short lifecycles, acting as temporary payment instruments rather than long-term stores of value.

Steve Cecchetti and Kermit Schoenholtz compare stablecoins and tokenised deposits within the context of the new US regulatory framework. They note that although the GENIUS Act prohibits interest payments to holders, limits eligible reserve assets, and enforces compliance with KYC, AML, and anti-terrorist financing (ATF) standards, it still contains significant regulatory gaps. Platforms can circumvent the interest ban by offering yield-like ‘rewards’; reserve requirements permit exposure to run-prone assets like prime money market funds and uninsured bank deposits; and enforcing illicit-use restrictions is particularly challenging for users of noncustodial wallets. Most notably, the absence of capital requirements raises doubts about the ability of stablecoins to serve as safe, information-insensitive assets under stress.

According to the authors, tokenised bank deposits offer a more stable and robust alternative, combining the legal protections of traditional bank deposits with features such as programmable settlement, real-time clearing, and blockchain interoperability. Because they are issued by regulated, FDIC-insured banks with central bank access, tokenised deposits are shielded from many of the structural vulnerabilities that afflict stablecoins. Moreover, they offer stronger privacy protections, reduce cross-border redemption risks, and more easily support multiple currencies – mitigating concerns around dollar dominance.

David Andolfatto explores the role of Tether (USDT) in the evolving landscape of private digital money, highlighting both its utility and its vulnerabilities. Pegged to the US dollar while operating outside the traditional banking system, Tether fills critical roles in blockchain-based asset trading, cross-border payments, and as a dollar substitute in emerging markets. While verified institutional users are entitled to par redemption, retail users depend on secondary market liquidity. This two-tier structure and the absence of regulatory oversight raise financial stability concerns.

Despite claims of full reserve backing, primarily in short-term US Treasuries, Tether’s transparency is limited to attestations, and it is legally structured to avoid US regulation. But Andolfatto argues that Tether’s reliance on Cantor Fitzgerald, a US-regulated primary dealer, presents a policy window for oversight and systemic risk mitigation. In particular, US policymakers could require Cantor to act as a fiduciary, using its Federal Reserve master account to tighten reserve management, and applying existing AML/KYC standards.

Richard Portes argues that the multi-issuer stablecoin model (MISC), where a stablecoin is issued jointly by EU-regulated institutions and third-country entities, presents serious financial stability risks and regulatory challenges. This arrangement, not explicitly foreseen under the MiCA regulation, creates loopholes for regulatory arbitrage, fragmented reserve management, and accountability confusion, particularly during redemption runs or crises. The fungibility of tokens across jurisdictions allows issuers and holders to treat them as interchangeable, even though only part of the system is subject to EU rules, reserves may be ringfenced abroad during stress, and redemptions could be unequally honoured.

Portes sees several policy options, including banning MISCs outright, amending MiCA to explicitly regulate cross-jurisdiction co-issuance, or developing global regulatory standards. He notes that some EU policymakers have voiced strong opposition to MISCs, and warns that regardless of the legislative path chosen, urgent supervisory and legal adaptations are needed to preserve financial stability, close regulatory gaps, and uphold MiCA’s credibility in a globalised crypto-financial system.

Harald Uhlig compares European plans for a CBDC and the US strategy to promote privately issued stablecoins. While the ECB sees CBDC as a way to modernise cash, preserve monetary sovereignty, and reduce dependence on foreign payment providers, the US approach possibly reflects stronger trust in markets and concerns about government overreach and privacy. Despite these different strategies, the author notes a fundamental convergence: both digital currencies must avoid paying interest and may ultimately rely on central bank backing to ensure safety and stability.

Uhlig is critical of the US regulatory framework that prevents stablecoins from becoming robust and competitive – particularly the denial of Federal Reserve master accounts and interest payments, which would allow them to operate like fully reserved narrow banks. He warns that this creates stablecoins that are ‘fragile by design’, as illustrated by recent depegging events. He also highlights the inconsistency of paying interest on bank reserves but not on digital cash held by the public, viewing it as a concession to the traditional banking sector. While stablecoins may offer innovative features like smart contracts and programmable payments, their growth could generate international tensions. Ultimately, Uhlig sees stablecoins and CBDCs as part of ongoing creative destruction in finance – technological progress that doesn’t eliminate but instead relocates deeper structural tensions like liquidity risk and maturity mismatches.

Monetary singleness

In the first chapter of Part 3, Rhys Bidder explores the principle of singleness of money – the idea that all forms of money within a currency area, including bank deposits and digital tokens, should trade at par with the central bank’s unit of account. In the traditional two-tier banking system, singleness is maintained through central bank infrastructure and liquidity support, ensuring trust and stability. In contrast, stablecoins and DeFi instruments operate outside these systems, making minor deviations from par common.

Bidder argues that these small fluctuations are not inherently problematic and may fade as technology, transparency, and market infrastructure improve. The real concern lies in large depegs during periods of stress, such as during the 2023 US banking crisis, which exposed the fragility of stablecoins under liquidity pressure. To address this, he proposes that stablecoins backed by high-quality assets be granted conditional access to emergency liquidity facilities. Rather than fixating on minor price noise, the policy debate should focus on preventing systemic instability during times of stress.

Jonathan Chiu and Cyril Monnet similarly examine the concept of monetary singleness. Their starting point is the common concern among central banks that programmable digital currencies – whose use can be restricted through embedded rules – could undermine singleness by creating distinctions among tokens of equal face value. This concern has led central banks to dismiss digital currencies incorporating programmability. In contrast, the authors argue that programmability can enhance economic efficiency and that the loss of singleness may be an acceptable – or even desirable – feature in certain contexts.

Chiu and Monnet observe that, under perfect information, token prices would adjust to reflect differences in restrictions, enabling efficient allocations despite the loss of singleness. In such cases, prohibiting programmability would reduce welfare. However, under imperfect information, adverse selection may arise, with unrestricted tokens effectively subsidising restricted ones. As these distortions grow, the welfare gains from programmability diminish. The authors challenge the conventional view – often informed by the US free banking era – that non-uniform money necessarily leads to inefficiency. Instead, they advocate for a nuanced regulatory approach, such as Pigouvian taxes on excessive programmability or incentives to enhance token transparency.

Tokenisation, platforms, credit, and decentralised finance

In the first chapter of Part 4, Jon Frost, Leonardo Gambacorta, Anneke Kosse, and Peter Wierts argue that tokenisation – the digital representation of assets on programmable platforms – has the potential to improve the efficiency and functionality of the financial system. The tokenisation of money, including central bank money and commercial bank deposits, could be a first step, while stablecoins fall short in the authors’ eyes on stability, liquidity, and regulatory compliance. They suggest building on the existing two-tier monetary system and integrating tokenisation with central bank money to ensure trust and safety.

The authors also see potential for tokenisation to enhance capital markets – particularly in bond issuance – by reducing costs and improving liquidity. However, they also point to risks stemming from legal uncertainty, operational vulnerabilities, and the concentration of multiple functions on single platforms. Governance challenges and poor interoperability with legacy systems further complicate adoption. In the authors’ view, both public and private sectors have roles to play in managing these risks and enabling tokenisation to contribute meaningfully to financial safety and efficiency.

Emre Ozdenoren and Kathy Yuan explore how tokenised money – digital currencies issued or guaranteed by central banks or private platforms – can transform financial systems by automating transactions, reducing information frictions, and enhancing liquidity. Unlike traditional digital payment instruments, tokenised money incorporates smart contracts, enabling automatic enforcement of contractual terms without intermediaries. It serves a dual function as both a payment method and a collateral asset for financial contracts, offering greater efficiency, security, and traceability. Its programmability reduces human error, minimises fraud, and lowers custodial and settlement costs, particularly in complex financial transactions involving future obligations.

Ozdenoren and Yuan describe how tokenised money acts as a collateral multiplier, expanding the supply of secure and transparent assets while reducing reliance on sovereign bonds – thereby mitigating systemic risks such as the ‘dash for cash’ or the sovereign-financial doom loop. Tokenisation also enables the creation of secondary markets, closely integrating funding and market liquidity. While it introduces new risks, including cybersecurity threats and novel financial vulnerabilities, its potential benefits – and seigniorage opportunities for issuers – position tokenised money as a foundational element of future financial infrastructure.

Markus Brunnermeier and Jonathan Payne similarly stress the role of digital payment ledgers in offering a powerful new mechanism to expand access to credit by embedding repayment directly into digital transaction systems. Turning future revenues into ‘digital collateral’, these systems promise to relax borrowing constraints, but their potential is shaped less by technology than by institutional design and confronts a trilemma: no arrangement can simultaneously ensure strong enforcement, limit private rent extraction, and preserve user privacy. According to the authors, this trilemma lies at the heart of the evolving financial architecture.

Brunnermeier and Payne compare three institutional approaches. The first is BigTech platforms, which can enforce repayment by controlling trade and payment flows, using proprietary tokens and internal ledgers, but create risks of monopoly power and privacy loss. The second is public options – from basic infrastructure like FedNow to full programmable CBDCs – that can serve as inclusive, transparent alternatives, but may weaken enforcement or require trade-offs on privacy. The third approach is regulatory ‘co-opetition’ between platforms, which encourages enforcement through shared data and coordinated default tracking, while using competition to suppress rents. All these models face technical and governance complexities, particularly in enforcing privacy and limiting systemic risk. The authors conclude that, ultimately, expanding access to credit through digital payment systems demands a nuanced balance across enforcement, rent extraction, and privacy.

Wenqian Huang describes how DeFi is transforming financial infrastructure by enabling trading and lending without traditional intermediaries. At the core of this system are decentralised exchanges and lending protocols that use smart contracts to automate market functions. Decentralised exchanges replace order books with pooled liquidity and algorithmic pricing, enabling large trades with minimal price dislocation for near-par instruments like stablecoins. DeFi lending protocols mimic collateralised finance by letting users borrow against tokenised assets, with automatic margin calls enforced by code. These innovations are now expanding into real-world asset markets, such as tokenised real estate.

Huang argues that the integration of DeFi mechanisms into tokenised real-world asset markets offers efficiency gains but also introduces risks. As DeFi becomes increasingly intertwined with fiat systems and real assets, the challenge for regulators is to craft oversight that acknowledges decentralisation while mitigating systemic risk. Ultimately, DeFi’s contribution may not lie in replacing existing institutions but in reshaping our understanding of resilient and efficient market design.

Claudio Tebaldi argues that digital adoption, rising incomes, and growing global interest have brought a younger, more diverse cohort of retail investors into financial markets. While these investors now access a broad range of complex financial products, their financial literacy is often low and their understanding of product risks inadequate. De facto, digital innovation brings with it a form of technology-driven deregulation, and finding the right balance between fostering innovation and protecting retail investors is difficult. While some regulatory environments, such as that of the European Union, emphasise consumer protection through rules and oversight, they often limit scalability and participation, raising concerns about accessibility and innovation. In some cases, platform design – rather than regulation – bears the burden of educating and guiding users.

Tebaldi proposes a regulatory framework that balances the goals of consumer protection, large-scale participation, and inclusive stakeholder governance. He argues that AI-powered robo-advisory tools offer promise in bridging the education gap at scale. To improve governance, token issuers should meet governance standards comparable to those common in traditional finance.

Banks and Privacy, U.S. vs Canada

JP Koning writes:

An interesting side point here is that Canadians don’t forfeit their privacy rights by giving up their personal information to third-parties, like banks. We have a reasonable expectation of privacy with respect to the information we give to our bank, and thus our bank account information is afforded a degree of protection under Section 8 of the Charter.

My American readers may find this latter feature odd, given that U.S. law stipulates the opposite, that Americans have no reasonable expectation of privacy in the information they provide to third parties, including banks, and thus one’s personal bank account information isn’t extended the U.S. Constitution’s search and seizure protections. This is known as the third-party doctrine, and it doesn’t extend north of the border.

Censorship Resistant Payment Technologies

On Coin Center’s blog, Matthew Green and Peter van Valkenburgh write:

Censorship resistance is the only way to guarantee that a digital asset truly is “bearer” and can be sent directly from one person to another without reliance on a third party. Cryptocurrencies achieve this property by making network participants (miners) compete for the power to add transactions to the ledger. Even if some miners wish to censor a transaction, we assume that others will not, particularly if it means they are forgoing fee revenue. A centralized digital dollar would not have competitive mining but if the role of the ledger-keeper was reduced to verifying zero-knowledge proofs then any refusal to perform that verification risks indiscriminately censoring users throughout the economy. If the Treasury became corrupt, it could degrade the performance of the network system-wide, but it would be difficult to selectively block certain individuals or surveil their activities.

None of these protections, however, are guaranteed, and new technologies always present unpredictable risks and unintended consequences. We must, therefore, preserve and defend physical cash and should never celebrate its demise. Cash, along with cryptocurrencies, is essential as a payment method of last resort that cannot be surveilled or controlled by corrupt governments or unscrupulous corporations.

Edward Snowden’s “Permanent Record”

An intriguing description of America’s intelligence community and the industry surrounding it; the slippery slopes; and Snowden’s motivation for following his conscience rather than the money. From the book, how we got here:

[After 9/11] [n]early a hundred thousand spies returned to work at the agencies with the knowledge that they’d failed at their primary job, which was protecting America. …

In retrospect, my country … could have used this rare moment of solidarity to reinforce democratic values and cultivate resilience in the now-connected global public. Instead, it went to war. The greatest regret of my life is my reflexive, unquestioning support for that decision. I was outraged, yes, but that was only the beginning of a process in which my heart completely defeated my rational judgment. I accepted all the claims retailed by the media as facts, and I repeated them as if I were being paid for it. … I embraced the truth constructed for the good of the state, which in my passion I confused with the good of the country.

And what to make of it:

Ultimately, saying that you don’t care about privacy because you have nothing to hide is no different from saying you don’t care about freedom of speech because you have nothing to say. Or that you don’t care about freedom of the press because you don’t like to read. … Just because this or that freedom might not have meaning to you today doesn’t mean that it doesn’t or won’t have meaning tomorrow, to you, or to your neighbor – or to the crowds of principled dissidents I was following on my phone who were protesting halfway across the planet, hoping to gain just a fraction of the freedom that my country was busily dismantling. …

Any elected government that relies on surveillance to maintain control of a citizenry that regards surveillance as anathema to democracy has effectively ceased to be a democracy.

Buy the book from a key contractor of the intelligence community. Reviews on goodreads. Youtube video of the 2013 presentation by CIA CTO Gus Hunt which Snowden discusses in the book.

“Digital Finance,” FuW, 2020

Finanz und Wirtschaft, January 4, 2020. PDF.

  • Finance has been digital for decades. And both technology and preferences are only changing gradually. So, what triggers the abrupt changes in business models that we currently observe?
  • The interaction between industry on the one hand and legislators and regulators on the other has changed. New entrants exploit synergies across areas that have so far been regulated by independent authorities, or not at all. While entrants think and act outside the box, regulators and legislators have not yet been able to catch up.
  • Digital finance poses new challenges, including for financial stability, national security, and consumer protection (digital literacy).

Spyware for Sale

NSO Group “creates technology that helps government agencies prevent and investigate terrorism and crime to save thousands of lives around the globe,” according to the technology group’s website.

But according to the FT (article, article, article), NSO has (also) helped governments around the world to target journalists and dissidents.

The University of Toronto’s Citizen Lab knows more—and offers advice on how to take precautions.

“Nicht-Wissen kann schützen (Knowing Less Protects),” FuW, 2018

Finanz und Wirtschaft, November 24, 2018. PDF. Ökonomenstimme, November 26, 2018. HTML.

  • European firms dealing with Iran face U.S. “secondary sanctions.”
  • European counter measures (including a blocking statute) prove toothless.
  • Even central banks in the European Union surrender to U.S. pressure, as does SWIFT.
  • Ignorance is bliss: For a sovereign, the best protection against foreign states pressuring to monitor domestic citizens and businesses may be to know as little as possible.

IMF’s Lagarde Open to CBDC

At a conference in Singapore, IMF Managing Director Christine Lagarde has argued that

[w]hile the case for digital currency is not universal, we should investigate it further, seriously, carefully and creatively.

In her speech she emphasizes potential benefits related to financial inclusion; security and consumer protection; and privacy. (Privacy would be limited however.) She sees risks as well, including to innovation. But she de-emphasizes the notion of increased run risk which commentators often stress.

What about the risk of bank runs? It exists. But consider that people run when they believe that cash withdraws are honored on a first-come-first-serve basis—the early bird gets the worm. Digital currency, instead, because it can be distributed much more easily than cash, could reassure even the person left lying on the couch!

In addition, if depositors are running to foreign assets, they will also shun the digital currency. And in many countries, there are already liquid and safe assets to run toward—think of mutual funds that only hold government bonds. So, the jury is still out on whether digital currencies would really upset financial stability.

She also refers to a recent IMF working paper on the subject.

The FT reports.

Almost all working papers on the subject of CBDC claim that the introduction of CBDC would change equilibrium outcomes. Very few papers carefully lay out the reasons; instead most papers make implicit assumptions that are not spelled out although they are crucial for the results. I have argued elsewhere (see this blog post) that the introduction of CBDC could leave equilibrium outcomes unchanged in a benchmark case, and with Markus Brunnermeier we have formally presented the argument.

Truata

In the FT, Mehreen Khan and Aliya Ram report that MasterCard and IBM plan to create a “data trust” to allow businesses with EU customers to meet the strict General Data Protection Regulation (GDPR) provisions that come into effect by the end of May. “Truata” will be based in Dublin.

The independent company, called Truata, will manage, anonymise and analyse vast amounts of personal information held by companies such as travel agents and insurers in a way that is compliant under the EU’s General Data Protection Regulation (GDPR). …

Truata will strip data sets of key details such as a person’s name, contact details or email address so they cannot be re-identified from the information. It will also offer analytical services to allow a business to extract valuable information from the data.

Oligopolistic Anonymity

On Alphaville, Kadhim Shubber reports that just a few marketplaces handle the vast majority of illicit drugs-vs.-bitcoin trades.

In short, the illicit bitcoin ecosystem is centered around a small number of services that could be subject to scrutiny, regulation and co-option by law enforcement.

It’s a wild west, but luckily for the police all the bad guys are hanging out at a single saloon.

The Cost of Identity Theft

The Economist reports that according to estimates,

undoing identity fraud can take an average of six months and 100 to 200 hours of a person’s time.

In addition there is the risk of substantial financial losses due to identity fraud.

Suppose a data breach exposes personal information of 1 million people. As a consequence, 0.1% of the affected persons suffer financial costs of $100 each, and all affected persons spend 100 hours to undo the damage. Suppose the average wage of the affected population is $15 per hour. The data breach then costs $100’000 + $1’500’000’000, of which the latter component is a pure social loss.

Why do we move in the direction of more and more centralized data storage? Why do customers accept this? Why do some institutions, including “virtual” companies and specific government authorities do not manage to provide the same security as traditional banks which have been doing relatively well in this respect? Is differential data security priced?

Krypto Currencies and Privacy

On Wired, Andy Greenberger discusses Monero, Dash, and Zcash, krypto currencies that provide more privacy than bitcoin and its derivatives.

Unlike commercial services like PayPal, Bitcoin allows anyone to spend money online without providing identifying details. But if someone’s Bitcoin address is linked with their real identity, any transaction from that address is entirely visible on the public blockchain … Hiding those transactions requires taking extra steps, like routing bitcoins through “tumblers” that mix up coins with those of strangers—and occasionally steal them—or using techniques like “coinjoin,” built into some bitcoin wallet programs, that mix payments to make them harder to trace. “If I pay my rent in Bitcoin, it wouldn’t be that hard for the landlord to figure out how much money I earned if I don’t take extra precautions” …

Monero … implements a few features that Bitcoin still can’t offer. It uses a technique called “stealth addresses” to generate addresses for receiving Monero that are essentially encrypted; the recipient can retrieve the funds, but no one can link that stealth address to the owner. It employs a technique called “ring signatures,” which means every Monero spent is grouped with as many as a hundred other transactions, so that the spender’s address is mixed in with a group of strangers, and every subsequent movement of that money makes it exponentially more difficult to trace back to the source. And it uses something called “ring confidential transactions,” which hides the amount of every transaction.

Monero isn’t the first cryptocurrency designed to offer a financial privacy panacea: Dash, formerly known as Darkcoin, integrates the “coinjoin” technique that allows bitcoin users to mix their transactions with a few other spenders in what Todd calls a weaker form of anonymity than Monero offers. More recently, Zcash debuted with the strongest anonymity promises yet—it uses cryptographic tricks designed to make tracing a transaction not only unlikely, but mathematically impossible. Zcash has yet to be integrated into dark web markets, though, and still requires wielding the command line to use.

How Does the Blockchain Transform Central Banking?

The blockchain technology opens up new possibilities for financial market participants. It allows to get rid of middle men and thus, to save cost, speed up clearing and settlement (possibly lowering capital requirements), protect privacy, avoid operational risks and improve the bargaining position of customers.

Internet based technologies have rendered it cheap to collect information and to network. This lies at the foundation of business models in the “sharing economy.” It also lets fintech companies seize intermediation business from banks and degrade them to utilities, now that the financial crisis has severely damaged banks’ reputation. But both fintech and sharing-economy companies continue to manage information centrally.

The blockchain technology undermines the middle-men business model. It renders cheating in transactions much harder and thereby reduces the value of credibility lent by middle men. The fact that counter parties do not know and trust each other becomes less of an impediment to trade.

The blockchain may lend credibility to a plethora of transactions, including payments denominated in traditional fiat monies like the US dollar or virtual krypto currencies like Bitcoin. An advantage of krypto currencies over traditional currencies concerns the commitment power lent by “smart contracts.” Unlike the money supply of fiat monies that hinges on discretionary decisions by monetary policy makers, the supply of krypto currencies can in principle be insulated against human interference ex post and at the same time conditioned on arbitrary verifiable outcomes (if done properly). This opens the way for resolving commitment problems in monetary economics. (Currently, however, most krypto currencies do not exploit this opportunity; they allow ex post interference by a “monetary policy committee.”) A disadvantage of krypto currencies concerns their limited liquidity and thus, exchange rate variability relative to traditional currencies if only few transactions are conducted using the krypto currency.

Whether blockchain payments are denominated in traditional fiat monies or krypto currencies, they are always of relevance for central banks. Transactions denominated in a krypto currency affect the central bank in similar ways as US dollar transactions, say, affect the monetary authority in a dollarized economy: The central bank looses control over the money supply, and its power to intervene as lender of last resort may be diminished as well. The underlying causes for the crowding out of the legal tender also are familiar from dollarization episodes: Loss of trust in the central bank and the stability of the legal tender, or a desire of the transacting parties to hide their identity if the central bank can monitor payments in the domestic currency but not otherwise.

Blockchain facilitated transactions denominated in domestic currency have the potential to affect central bank operations much more directly. To leverage the efficiency of domestic currency denominated blockchain transactions between financial institutions it is in the interest of banks to have the central bank on board: The domestic currency denominated krypto currency should ideally be base money or a perfect substitute to it, directly exchangeable against central bank reserves. For when perfect substitutability is not guaranteed then the payment associated with the transaction eventually requires clearing through the traditional central bank managed clearing mechanism and as a consequence, the gain in speed and efficiency is relinquished. Of course, building an interface between the blockchain and the central bank’s clearing system could constitute a first step towards completely dismantling the latter and shifting all central bank managed clearing to the former.

Why would central banks want to join forces? If they don’t, they risk being cut out from transactions denominated in domestic currency and to end up monitoring only a fraction of the clearing between market participants. Central banks are under pressure to keep “their” currencies attractive. For the same reason (as well as for others), I propose “Reserves for All”—letting the general public and not only banks access central bank reserves (here, here, here, and here).

Banking on the Blockchain

In the NZZ, Axel Lehmann offers his views on the prospects of blockchain technologies in banking. Lehmann is Group Chief Operating Officer of UBS Group AG.

New possibilities:

  • Higher efficiency; lower cost; more robustness and simpler processes; real-time clearing;
  • no need for intermediaries; information exchange without risk of interference
  • automated “smart contracts;” automated wealth management;
  • more control over transactions; better data protection;
  • improved possibilities for macro prudential monitoring.

Challenges:

  • Speed; scalability; security;
  • privacy;
  • smart contracts require new contract law;
  • interface between traditional payments system and blockchain payment system.

Lehmann favors common standards and he points out that this is what is happening (R3-consortium with UBS, Hyperledger project with Linux foundation).

Related, Martin Arnold reported in the FT in late August that UBS, Deutsche Bank, Santander, BNY Mellon as well as the broker ICAP pursue the project of a “utility settlement coin.” Here is my reading of what this is:

  • The aim seems to be to have central banks on board; so USCs might be a form of reserves (base money). The difference to traditional reserves would be that USCs facilitate transactions using distributed ledgers rather than traditional clearing and settlement mechanisms. (This leads to the question of the appropriate interface between the two systems posed by Lehmann.)

But what’s in for central banks? Would this be a test before the whole clearing and settlement system is revamped, based on new blockchain technology? Don’t central banks fear that transactions on distributed ledgers might foster anonymity?

Blockchains in Banking (Commercial and Central)

The Economist reports about initiatives by commercial and central banks that aim at adopting the blockchain technology.

For commercial banks, distributed ledgers promise various advantages—but they also cause problems:

Instead of having to keep track of their assets in separate databases, as financial firms do now, they can share just one. Trades can be settled almost instantly, without the need for lots of intermediaries. As a result, less capital is tied up during a transaction, reducing risk. Such ledgers also make it easier to comply with anti-money-laundering and other regulations, since they provide a record of all past transactions (which is why regulators are so keen on them).

… Yet … [o]ne stumbling block is what geeks call “scalability”: today’s distributed ledgers cannot handle huge numbers of transactions. Another is confidentiality: encryption techniques that allow distributed ledgers to work while keeping trading patterns, say, private are only now being developed. … Such technical hurdles can be overcome only with a high degree of co-operation …

Meanwhile, central banks plan digital currencies built around the same technology.

Like bitcoin, these would be built around a database listing who owns what. Unlike bitcoin’s, though, these “distributed ledgers” would … be tightly controlled by the issuers of the currency.

The plans involve letting individuals and firms open accounts at the central bank …

Central banks … could save on printing costs if people held more bits and fewer banknotes. Digital currency would be tougher to forge, though a successful cyber-attack would be catastrophic. Digital central-bank money could even, in theory, replace cash. …

Better yet, whereas bundles of banknotes can be moved without trace, electronic payments cannot. … The technology first developed to free money from the grip of central bankers may soon be used to tighten their control.

Microsoft Buys Credibility in Germany

In the FT, Murad Ahmed and Richard Waters report about Microsoft’s strategy to regain customer trust in cloud services in light of widespread US government surveillance. According to the report, Microsoft outsources data storage to a German company. The idea is that

T-Systems will act as a “trustee” of the facilities, with Microsoft insisting its employees will have no access to the data held at the facilities without the German company’s permission. The companies believe this arrangement means Microsoft will not have to respond to governmental demands for information held in these data centres, forcing official requests to go through German authorities instead.

“Reserves For Everyone—Towards a New Monetary Regime?,” VoxEU, 2015

VoxEU, January 21, 2015. HTML.

New proposals to phase out cash are set to revive an old debate. Contributions to this debate focus on two related but independent issues: granting the general public access to central bank reserves; and phasing out cash.

Abolishing cash is neither necessary nor sufficient. But allowing the public to hold reserves at the central bank could have substantial benefits. Technical questions need careful consideration.