You are here
What the Russia hack indictments reveal about bitcoin
THE Russian operatives accused of hacking the Democratic National Committee in 2016 didn't use cash or credit cards. To pay for servers and domain names, they turned to bitcoin, a digital currency that allows for secure payments without banks, government authorisation or verified identities.
Yet, what makes bitcoin and other cryptocurrencies appealing to criminals also limits their usefulness to them. Bitcoin transaction records helped investigators find the Russian agents under indictment. To cover their tracks, the perpetrators of the hacking scheme would have been better off using briefcases full of cash.
The details of this case are an encouraging sign. Cryptocurrencies are part of a global experiment in making money - the secure exchange of value - as decentralised as information on the Internet. Just as anyone can put up a blog without going through traditional media, cryptocurrencies can remove control from financial intermediaries.
And like the Internet, cryptocurrencies are not inherently a force for lawlessness. Nor is their legitimacy guaranteed. Governments and the private sector must make existing gateways between cryptocurrency and the traditional financial world, such as bitcoin exchanges, more transparent. And they must adopt mechanisms to limit illegal activity, fraud and regulatory evasion, while preserving the freedom to innovate.
Ironically, bitcoin's success depends on the same critical factor as a state-issued "fiat" currency: the collective trust of its community of users. Their confidence in the accuracy of the ledger of all bitcoin transactions is what makes the currency viable. Law-abiding citizens want efficient, reliable payments. Bitcoin's mysterious creator, Satoshi Nakamoto, realised this. His 2008 White Paper said a great deal about cutting out banks; it said nothing about evading the rule of law.
Cryptocurrencies make transactions trustworthy without relying on private intermediaries or central banks. Banks know your public identity, but they keep transaction specifics secret. Bitcoin does the opposite. Identities are represented with private, seemingly arbitrary strings of letters and numbers known as cryptographic keys. Transactions, however, are public. Anyone can see how the money flows.
That's necessary for bitcoin's security model, which relies on a public network of computers collectively validating transactions.
The problem for criminals is that it's possible to reconstruct bitcoin identities from transaction patterns. The currency moves through gateways, exchanges and wallet systems, which makes it easier for people to acquire, store and use cryptocurrency in a world that still speaks dollars and euros. However, these systems are usually centralised, so they can be traced, and their administrators can be asked to cooperate with law enforcement. That is likely what happened in the Russian hacking case.
That is also what helped lead to the takedown in 2013 of Silk Road, a widely used online marketplace for drug transactions and other illegal purchases. BTC-E, a Russian cryptocurrency exchange, later became the platform of choice for criminals because it did not collect identification documents from its customers. BTC-E was shut down by US law enforcement agencies last year.
As these examples show, governments have more leverage over cryptocurrency markets than one might expect. In 2013, the Treasury Department issued guidelines requiring exchanges to verify customer identities. As a result, the volume of cryptocurrency obtained from illegal activity and laundered through Europe between 2013 and 2016 was five times as much as the amount that went through North America, according to a study published in January by the analytics firm Elliptic and the Center on Sanctions and Illicit Finance. Similar requirements will take effect in Europe next year.
There are ways to make cryptocurrency activity harder for law enforcement to track. But hiding transactions adds cost and complexity. More important, decentralised cryptocurrency networks still require trust in the software developers, transaction validators and other support organisations that work with them. These partners have to be responsible if they want to support large markets.
To be sure, there is still substantial illegal activity involving cryptocurrencies. Much of it, though, involves thefts and swindles from legitimate cryptocurrency users. Until law enforcement and regulation weed out these bad actors, cryptocurrencies will not become mainstream.
The miracle of bitcoin and other cryptocurrencies is that they can create trustworthy transactions in the absence of financial institutions and processes that the world has relied on for centuries. Bitcoin took hold, in part, because the 2008 financial crisis shook so many people's faith in the status quo. Trust, however, is a fickle thing. Both cryptocurrency proponents and governments must sustain it to create a viable environment for the money of the future. NYTIMES
- The writer is a professor at the University of Pennsylvania and author of the forthcoming book The Blockchain and the New Architecture of Trust.