Bitcoin is many things to many people. To some anarchists, criminals, and their antagonists in law enforcement, it’s primarily seen as a way to conduct financial transactions in private. To others, it’s also a volatile commodity for brave-hearted speculators and an increasingly efficient method to send money back and forth. The Bitcoin Foundation, which went on Monday to meet with regulators in Washington, would like to focus on the last point. The regulators care about how they can smoke out criminals.
That may be easier than it seems. Academics have been working on techniques to track Bitcoin transactions and—like many ostensibly private activities on the Internet—the transfers are vulnerable to tricks. While Bitcoin is regularly described as anonymous, it is more accurate to describe it as pseudonymous. Every transaction is stored in a public record called a block chain, with information on the accounts involved and the number of Bitcoins exchanged. This is a necessary part of the structure; analyzing these transactions is how the system makes sure that people aren’t using the the same coins over and over. While Bitcoin is not as transparent to regulators as credit-card transactions, it is much more so than cash. “Policymakers would never seriously consider banning cash,” (PDF) argues Jerry Brito, director of the technology research program at Mercatus Center at George Mason University, who attended the meetings in Washington.
Still, people can set up as many accounts as they want, and nothing within Bitcoin connects real-life identities to the pseudonyms of Bitcoin users. This is why regulators are primarily focused on exchanges, wherein government-issued currencies are converted into Bitcoins, and vice-versa. But given enough data, even anonymous networks can be unraveled, as has been shown with user data from AOL (AOL) and Netflix (NFLX). DARPA is so worried that public data could be weaponized, using similar techniques, that it recently put out a call for research projects to explore the idea.
In one study, researchers in Germany and Switzerland were able to show that almost 40 percent of Bitcoin user identities could be recovered (PDF), even if they were using the recommended privacy protections. A paper to be presented later this year by researchers from the University of California, San Diego and George Mason University argues that the network’s increased reliance on a few large accounts (PDF) makes user identities less secure. The increasing ease with which large transactions can be tracked to people’s real-world identities “ultimately makes Bitcoin unattractive today for high-volume illicit use such as money laundering,” they wrote.
The block chain is available to whomever wants to look at it, without subpoena or probable cause. There is no reason why law enforcement officials couldn’t do their own metadata analysis. In fact, they seem to have quite an interest in doing so already.
Still, says Brito, the tension with regulators was on display Monday. In part this stemmed from the inability of Bitcoin Foundation to directly address many of the regulators’ concerns: It doesn’t control the technology. Skepticism ruled the day.
“I think that they expected the Bitcoin Foundation to have policy answers, and they didn’t because there aren’t easy ones,” he said. “These are guys who are paid to worry about money laundering, so that’s what they did. They worried.”