The sanctions imposed by the United States government on Tornado Cash have reignited a public debate on privacy. For many in the relatively young crypto community, such an intervention by the federal government seems groundbreaking. However, tussles between the private sector and the state on the issue of privacy are far from new and can provide compelling insights on what we might expect next for privacy in the crypto industry.
In the 1990s, Phil Zimmermann released Pretty Good Privacy (PGP), one of the first openly available public-key cryptography applications that featured end-to-end (E2E) encryption. Zimmerman’s creation prompted a criminal investigation that was eventually dropped, resulting in federal court decisions that protect encryption under the U.S. Constitution’s First Amendment. This clash on personal privacy became dubbed the “encryption wars.”
The encryption wars rage on today, with officials from the U.S. and other countries urging major tech companies to forgo strong E2E encryption in their products. This would permit law enforcement to access an enormous spectrum of sensitive personal data.
The crypto wars
The next chapter in the encryption wars comes from the Office of Foreign Assets Control (OFAC) sanction of Tornado Cash. The OFAC sanction represents the first outright ban on an application itself, doing away with the line between “providers of anonymizing services” and “anonymizing software providers;” a distinction drawn by another department of the Treasury, the Financial Crimes Enforcement Network (FinCEN).
I sent a letter to Treasury Secretary Yellen regarding the unprecedented sanctioning of Tornado Cash. The growing adoption of decentralized technology will certainly raise new challenges for OFAC. Nonetheless, technology is neutral and the expectation of privacy is normal.⬇️ pic.twitter.com/0aN4a4A6tb
— Tom Emmer (@RepTomEmmer) August 23, 2022
Identifying that software can be detached from an entity controlled by a group or an individual, Congressman Tom Emmer sent a letter to Treasury Secretary Janet Yellen last month requesting clarification on the sanctions. This decision marks one of the most significant clashes on privacy since Snowden exposed the National Security Agency’s mass surveillance practices.
Does history repeat or rhyme?
The sanctions bear hallmarks of when PGP was used as a vehicle to justify an outright ban on encrypting data. Fortunately, the ultimate failure of the ban led to innovation on the web like internet commerce, personal communication and secure logins. Similarly, upholding the sanctions on Tornado Cash creates a dangerous precedent that would bury technological breakthroughs and any associated economic prosperity under a ball of red tape.
To put it another way, criminals have leveraged technological developments throughout history for illicit activity, and banning the technology would be more detrimental than constructive. Should the Tornado Cash sanctions go unchallenged, so many things we take for granted could be jeopardized while inhibiting future advancements and breakthroughs we can’t even imagine today.
Society is well aware of how big tech exploits our personal data en masse under a “surveillance capitalism” paradigm. The reality is that many citizens are willing to consensually forfeit data privacy in exchange for free tech products. However, invasions of privacy mandated by law are another step entirely. For example, newly proposed legislation in the European Union would effectively outlaw E2E encryption.
While the goals behind these policies are usually well-intentioned, legislation forcing the development of “backdoors” for E2E encryption will do more harm than good and inevitably be exploited by malevolent actors.
The future of privacy
E2E encryption infused with Web3 identity standards is the solution, not the problem. Big Tech companies have come to function as centralized identity providers, representing a massive bullseye for cybercriminals of every kind. Advances in decentralized infrastructure and cryptography illustrate that this does not have to be the case. Self-sovereign identity tools that strike a balance between privacy, accountability and regulation are being built on Web3.
Humanity has a habit of resisting technological development. As described by Calestous Juma, early Motorola cell phones were written off as toys for rich people. Now, mobile devices have developed beyond what anyone imagined. Juma posits that people tend to display reluctance to technological advancements when the perceived benefit accrues to a small minority. Similarly, the prospects of E2E encryption are being cast aside because privacy is for criminals.
The multichain future of the web will see users managing their identifying data without sacrificing personal privacy or security. In this way, communities could participate in ethical self-regulation rather than relying on digital service providers and authorities. Moral behavior could be easily incentivized, allowing ethical coding and the wisdom of the majority to police ecosystems.
After all, programming is just another form of speech. Some people use their words for good and others for bad. Unsavory or hateful use of the English language should not preclude anyone else from writing. As such, the OFAC sanctions are unconstitutional and should not go unchallenged. Humanity deserves better.
Chad Barraford is the technical lead at THORChain, a noncustodial decentralized liquidity protocol that enables decentralized exchanges (DEXs) and users to transfer their digital assets across blockchains seamlessly.
This article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts, and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.