Pages:
Author

Topic: [2020-07-06] 4th Amendment Does Not Protect Bitcoin Data, 5th Circuit Court Rule (Read 421 times)

legendary
Activity: 2268
Merit: 18711
Quote
Participants would share addresses on the board and, if another member claims an address, the two entities could then share data P2P to keep personal information out of the reach of hackers.
I can't find any more details about this, but to me this sounds like Coinbase (for example) will list all the addresses used by all their customers, and if another exchange detects a match with an address used by one of their customers, then the two exchanges share all the details of said customer with each other? Surely this can't be right?

This is an incredible invasion of privacy and an incredible security risk, and I'm going to assume there will be no way to opt out of it.
legendary
Activity: 3010
Merit: 1460
@figmentofmyass. This might be a major issue. It appears that private information of all users might be downloaded in Coinbase's blockchain analytics project without being a Coinbase user and sell them to the government.
legendary
Activity: 1652
Merit: 1483
Does anyone have a Theblockcrypto subscription? Please share the whole article hehehe.

nope, but coindesk reported on this a week ago: https://www.coindesk.com/crypto-exchange-group-eyes-bulletin-board-system-for-fatf-compliance-coinbase-exec

some of the more notable tidbits:

Quote
BitGo and Coinbase are members of the working group.

Participants would share addresses on the board and, if another member claims an address, the two entities could then share data P2P to keep personal information out of the reach of hackers.

The Gemini, Kraken and Bittrex exchanges are said by The Block to also be participating in the Travel Rule working group.

when you dig into the requirements of the rule, the privacy implications seem rather alarming. it sounds like exchanges will be openly sharing customer AML/KYC data with each other without informing customers. maybe this isn't a major issue within the "working group" since they are all exchanges that mandate KYC anyway. if they were to share KYC data in this manner with services where customers haven't verified identity (bitmex, kucoin, binance etc) it would be rather disturbing.

unfortunately, the exchanges are just gonna roll out new privacy policies and no one is gonna bother reading them anyway.
legendary
Activity: 3010
Merit: 1460
Does anyone have a Theblockcrypto subscription? Please share the whole article hehehe.

It appears Coinbase is leading the development of a user information exchange for exchanges located in America. The regulators pets Brian Armstrong's head with satisfaction.



Coinbase and other crypto exchanges are designing a P2P system for sharing user info under FATF rules

A working group including U.S. crypto exchanges is working on a joint solution for complying with Financial Action Task Force rules on sharing customer information.

The effort is said to have been begun by Coinbase, resulting in a plan to exchange data via a peer-to-peer “bulletin board.”

A white paper on the proposed solution will be published in the coming weeks, according to Coinbase.


Source https://www.theblockcrypto.com/daily/72293/coinbase-exchanges-fatf-travel-rule-solution
legendary
Activity: 1652
Merit: 1483
What exchanges are operating under a jurisdiction with a legal framework that supports and protects a free and open exchange or with less strict policies? Exchanges licensed in Malta or Switzerland?

no way. malta is part of the EU and switzerland is part of the EEA, so both are subject to the AMLD5.

the seychelles seems to be popular for exchanges that allow unverified trading. i'm not sure how easy fiat banking is from a seychelles-based company though. singapore, the british virgin islands, and hong kong also come to mind.
legendary
Activity: 3010
Merit: 1460
What centralized exchanges act like the bitcoin police and what supports the free and open exchange of bitcoin?
I can't answer that since I don't have an intimate knowledge with all centralized exchanges, particularly since I don't use a single one. Although as figment points out above they are simply operating within a legal framework which has been imposed on them, I would still argue that any exchange which will lock your account for how you spend your own money is not an exchange we should be supporting.

At some point all centralized exchanges could be forced to comply with various laws and regulations, and police your deposits and withdrawals. The only way to avoid this altogether is to avoid centralized exchanges.

What exchanges are operating under a jurisdiction with a legal framework that supports and protects a free and open exchange or with less strict policies? Exchanges licensed in Malta or Switzerland?

legendary
Activity: 1652
Merit: 1483
I can't answer that since I don't have an intimate knowledge with all centralized exchanges, particularly since I don't use a single one. Although as figment points out above they are simply operating within a legal framework which has been imposed on them, I would still argue that any exchange which will lock your account for how you spend your own money is not an exchange we should be supporting.

At some point all centralized exchanges could be forced to comply with various laws and regulations, and police your deposits and withdrawals. The only way to avoid this altogether is to avoid centralized exchanges.

i really think that's the bottom line here. i don't think we should be presenting any centralized exchange as being safe from having funds frozen. while offshore exchanges like binance and poloniex are safer than coinbase or gemini in this respect, the regulatory atmosphere and site terms re any platform can change at the drop of a dime. and beyond that, any 3rd party trust is always a danger to your coins.

there is a tendency to single out this or that exchange for AML/KYC policies or whatever issue of the day, but i really think we should be emphasizing the danger of all centralized exchanges given the regulatory atmosphere. everyone should minimize the amount of funds they send to exchanges, withdraw ASAP after trading, and always approach with caution knowing these internal AML controls are always watching and waiting to flag your coins. always know where your outputs come from and act accordingly etc.
hero member
Activity: 1806
Merit: 672
like this---it's purely risk-based. something like this would never hold up as evidence in a court of law. it's just a company deciding a customer is risky and refusing to do business with them.
Yeah, fair point, and it kind of brings use to what we were discussing in this thread on privacy: https://bitcointalksearch.org/topic/m.54787543

As you say, this kind of probing that Coinbase does might not hold up in a court, and yet, Coinbase use it as evidence enough to deny people service, to lock accounts, and to freeze coins. It's also the exact same kind of probing that they are licensing out to the IRS, the DEA, and now the Secret Service.

Since they can't possible blacklist every coin which has ever been mixed, gambled, or is otherwise "unsavory" in their view, then their cut off for how far back they look is completely arbitrary and so easily bypassed as to make it meaningless.

I guess I'm just angry that Coinbase and other centralized exchanges are appointing themselves as bitcoin police and deciding how people are and are not allowed to use their coins. That's the opposite of what bitcoin was designed for.

What centralized exchanges act like the bitcoin police and what supports the free and open exchange of bitcoin? We should have this list available for the community in the exchanges subforum.

Having a list of these exchanges would be useless since even if we know they are in some kind of authority free operations at any point in time they may be required by the law to give out information against their own customers so it won't really matter if they don't have that kind of history or not. It always change and the authorities will always use the law to get every information they can from these businesses. The best way to avoid some kind of legal sanction from them is to not do anything illegal with these centralized services.
hero member
Activity: 2338
Merit: 953
Temporary forum vacation
What centralized exchanges act like the bitcoin police and what supports the free and open exchange of bitcoin? We should have this list available for the community in the exchanges subforum.

I do not think there are any at all,,, or at least none who will care. The centralized anonymous services like casinos and mixers are the only ones in my mind who do this but even so,,, until they are forced to comply they will only do so till their powers allow. At the end of the day no one will protect you if they have your identity and can give it up in exchange for freedom.
legendary
Activity: 2268
Merit: 18711
What centralized exchanges act like the bitcoin police and what supports the free and open exchange of bitcoin?
I can't answer that since I don't have an intimate knowledge with all centralized exchanges, particularly since I don't use a single one. Although as figment points out above they are simply operating within a legal framework which has been imposed on them, I would still argue that any exchange which will lock your account for how you spend your own money is not an exchange we should be supporting.

At some point all centralized exchanges could be forced to comply with various laws and regulations, and police your deposits and withdrawals. The only way to avoid this altogether is to avoid centralized exchanges.
legendary
Activity: 3010
Merit: 1460
like this---it's purely risk-based. something like this would never hold up as evidence in a court of law. it's just a company deciding a customer is risky and refusing to do business with them.
Yeah, fair point, and it kind of brings use to what we were discussing in this thread on privacy: https://bitcointalksearch.org/topic/m.54787543

As you say, this kind of probing that Coinbase does might not hold up in a court, and yet, Coinbase use it as evidence enough to deny people service, to lock accounts, and to freeze coins. It's also the exact same kind of probing that they are licensing out to the IRS, the DEA, and now the Secret Service.

Since they can't possible blacklist every coin which has ever been mixed, gambled, or is otherwise "unsavory" in their view, then their cut off for how far back they look is completely arbitrary and so easily bypassed as to make it meaningless.

I guess I'm just angry that Coinbase and other centralized exchanges are appointing themselves as bitcoin police and deciding how people are and are not allowed to use their coins. That's the opposite of what bitcoin was designed for.

What centralized exchanges act like the bitcoin police and what supports the free and open exchange of bitcoin? We should have this list available for the community in the exchanges subforum.
legendary
Activity: 1652
Merit: 1483
I guess I'm just angry that Coinbase and other centralized exchanges are appointing themselves as bitcoin police and deciding how people are and are not allowed to use their coins. That's the opposite of what bitcoin was designed for.

i understand. i just don't see this as a bitcoin issue per se, more so an issue of burdensome government regulations, especially re money transmitters. i really miss the old wild west days---BTC-E was my exchange of choice for many years---but it's just unrealistic to expect exchanges to uphold those ethics at this point.

it's FATF rules (and national legal reinforcement of them) that brought the risk-based approach to money transmission years ago. crypto exchanges have merely been brought into the fold of existing regulation. i don't see exchanges as appointing themselves anything---they are just unwillingly implementing an expensive and burdensome solution to overreaching laws. no company wants this. they just don't want to get shut down by the FBI or get 9 figure fines from FINCEN.

the same logic applies to coinbase re gambling transactions.

Quote
You must establish and implement written policies and procedures that are reasonably designed to identify and block or otherwise prevent or prohibit payments related to unlawful Internet gambling that are restricted by UIGEA and are processed through your facilities.
https://www.federalreserve.gov/supervisionreg/regggcg.htm

i mean, they can just ignore these laws of course, but they would also get massive fines from regulators. not a very profitable move. i assume shareholders would not like this approach......
legendary
Activity: 2268
Merit: 18711
like this---it's purely risk-based. something like this would never hold up as evidence in a court of law. it's just a company deciding a customer is risky and refusing to do business with them.
Yeah, fair point, and it kind of brings use to what we were discussing in this thread on privacy: https://bitcointalksearch.org/topic/m.54787543

As you say, this kind of probing that Coinbase does might not hold up in a court, and yet, Coinbase use it as evidence enough to deny people service, to lock accounts, and to freeze coins. It's also the exact same kind of probing that they are licensing out to the IRS, the DEA, and now the Secret Service.

Since they can't possible blacklist every coin which has ever been mixed, gambled, or is otherwise "unsavory" in their view, then their cut off for how far back they look is completely arbitrary and so easily bypassed as to make it meaningless.

I guess I'm just angry that Coinbase and other centralized exchanges are appointing themselves as bitcoin police and deciding how people are and are not allowed to use their coins. That's the opposite of what bitcoin was designed for.
legendary
Activity: 3010
Merit: 1460
I assume their blockchain analytics data analysis might begin on their own users' transactions. Where will they begin?

Well they did say they use it internally for regulatory compliance:

Quote
It added: "Coinbase Analytics data is fully sourced from online, publicly available data, and does not include any personally-identifiable information for anyone, regardless of whether or not they use Coinbase. Coinbase Analytics is a blockchain analytics product that we use internally for compliance and global investigations. It's an important tool to meet our regulatory requirements and protect our customers' funds. We developed Coinbase Analytics with technology from the Neutrino acquisition."

They  flag users here and there, so we at least know their methodology isn't as black and white as "this batch came from a mixer, so ban." That's probably still not a good thing for users though, since it means Coinbase probably knows more about them than they think. That being said, I'm sure all the other large exchanges use an analytic service of sorts -- they're just less likely to report their findings to authorities lol.

It is a conflict of interest between Coinbase and its users, I reckon. Brian Armstrong owns an exchange that sells the privacy of its users to government agencies through his own blockchain analytics company hehehe.
legendary
Activity: 1652
Merit: 1483
That's probably still not a good thing for users though, since it means Coinbase probably knows more about them than they think.
Absolutely they do. They probably know more about you than your average fiat bank.

If I withdraw cash from my bank, I can go and spend that on gambling, drugs, and prostitutes, and my bank have no idea. My bank know how much I have withdrawn, but they don't know how much I have in my wallet, they don't know when or where I spend it, they don't know where any new money is coming from. Their monitoring capabilities are limited to one transaction deep.

that's just with cash though. i would agree that cash is superior for black market transactions, particularly those that might warrant FBI or similar attention.

yet we live in an increasingly cashless world. with debit/credit cards, paypal, venmo and the like, financial institutions know exactly how/where your money was spent and what your balance is. the dots can be easily connected in a law enforcement investigation.

when coinbase tries to analyze blockchain activity, at best they are applying probabilistic/heuristic models. they don't know much of anything. for example, if i withdraw outputs from coinbase and 3 hops later they end up in an exchange or casino or DNM, it's impossible to know whether or not those outputs changed hands up to thrice before arriving there. and once swept by a centralized service, that's generally the end of the trail. they apply risk-based models to account for that re AML compliance, but that still doesn't provide the sort of insight into account holder activities that electronic banking does.

Coinbase, on the other hand, are known to probe several transactions prior to a deposits and several transactions after a withdrawal. The exact number seems to vary depending on how "suspicious" or otherwise they think you are, but there are reports of users having their Coinbase accounts banned for gambling with 4 or 5 transactions between withdrawing from Coinbase and depositing to a casino.

like this---it's purely risk-based. something like this would never hold up as evidence in a court of law. it's just a company deciding a customer is risky and refusing to do business with them.
legendary
Activity: 2268
Merit: 18711
That's probably still not a good thing for users though, since it means Coinbase probably knows more about them than they think.
Absolutely they do. They probably know more about you than your average fiat bank.

If I withdraw cash from my bank, I can go and spend that on gambling, drugs, and prostitutes, and my bank have no idea. My bank know how much I have withdrawn, but they don't know how much I have in my wallet, they don't know when or where I spend it, they don't know where any new money is coming from. Their monitoring capabilities are limited to one transaction deep.

Coinbase, on the other hand, are known to probe several transactions prior to a deposits and several transactions after a withdrawal. The exact number seems to vary depending on how "suspicious" or otherwise they think you are, but there are reports of users having their Coinbase accounts banned for gambling with 4 or 5 transactions between withdrawing from Coinbase and depositing to a casino. Once you make a withdrawal from Coinbase, they know how much you withdrew, how much you are holding in total, when you spend, where you send it to, when you bring in new money, where that new money is coming from, etc.
legendary
Activity: 2968
Merit: 3684
Join the world-leading crypto sportsbook NOW!
And they also can sell your data to other parties secretly, so even if the judge ruled otherwise, there would still be no good reason to trust exchanges and other centralized companies with your personal data.

Maybe someone views this as negative news, but it should really be something that we knew all along - there's no privacy where there's centralization.

I don't think they had my trust even 20 years ago, they'll never get my trust today or tomorrow. Was always just never keen to give away my details if I didn't have to (unfortunately I do have to for at least 1 place to reliably and legitimately trade my coin now), so imagine my lack of shock when things like these come to light =)

That people keep getting surprised by this shouldn't happen. Fool me once...
hero member
Activity: 1834
Merit: 759
I assume their blockchain analytics data analysis might begin on their own users' transactions. Where will they begin?

Well they did say they use it internally for regulatory compliance:

Quote
It added: "Coinbase Analytics data is fully sourced from online, publicly available data, and does not include any personally-identifiable information for anyone, regardless of whether or not they use Coinbase. Coinbase Analytics is a blockchain analytics product that we use internally for compliance and global investigations. It's an important tool to meet our regulatory requirements and protect our customers' funds. We developed Coinbase Analytics with technology from the Neutrino acquisition."

They  flag users here and there, so we at least know their methodology isn't as black and white as "this batch came from a mixer, so ban." That's probably still not a good thing for users though, since it means Coinbase probably knows more about them than they think. That being said, I'm sure all the other large exchanges use an analytic service of sorts -- they're just less likely to report their findings to authorities lol.
legendary
Activity: 3010
Merit: 1460
Also Coinbase hehe.

I assume their blockchain analytics data analysis might begin on their own users' transactions. Where will they begin?



Crypto exchange Coinbase is providing its blockchain analytics software to the U.S. Secret Service, according to a public record obtained by The Block.

The Secret Service, which is part of the U.S. Department of Homeland Security, is charged with conducting financial crime investigations in addition to protecting the nation's top leaders.

The record shows that the Secret Service awarded a four-year contract to Coinbase in May in order to use its blockchain analytics software, called Coinbase Analytics. The contract is worth $183,750 in total and ends on May 9, 2024.


Source https://www.theblockcrypto.com/post/71261/coinbase-is-selling-blockchain-analytics-software-to-the-us-secret-service
hero member
Activity: 1806
Merit: 672
-snip-

Note the difference. The news article suggests that Gratkowski was already a suspect, had searched his house and equipment, found a Coinbase account, and subpoenaed Coinbase for his account history. In reality, they had no idea who the suspects were, and used Coinbase to specifically identify people. While the implication is that the Coinbase records were simply another piece of evidence for them to use, in reality, Coinbase identified by name and address an otherwise unknown person to law enforcement.

Make of that what you will.

Technically you are right but the thing is Gratkowski is still wrong using that argument that transactions done with Coinbase is private since we all know that KYC and AML procedures apply in custodial wallets and these documents and information can be pulled out anytime by the authorities not only by the IRS for legal purposes such as this one where he bought child pornography. If bank records and transactions can be subpoenaed I don't know why he thought or even his lawyer made Bitcoin transactions through Coinbase be private since they aren't covered by some kind of secrecy privilege.
Pages:
Jump to: