The European Union vs Privacy in Crypto

In their 2008 Bitcoin whitepaper, Satoshi Nakamoto does not point out directly that achieving pure financial privacy is the goal of their creation; the goal is to allow individuals to own their wealth and send digital payments without going through a middleman, such as a financial institution. However, due to the nature of decentralization and the world’s future looking more digital than ever, privacy in the digital context has become a focal point of many cryptocurrencies and the debates surrounding them.

On Thursday, March 31, certain European Union lawmakers voted in favor of a proposal that has the potential to change the landscape of privacy within the world of decentralized payments and operations. A press release from the European Parliament regarding the proposal states:

“Under the new requirements agreed by MEPs, all transfers of crypto-assets will have to include information on the source of the asset and its beneficiary, information that is to be made available to the competent authorities. The rules would also cover transactions from so-called unhosted wallets (a crypto-asset wallet address that is in the custody of a private user). Technological solutions should ensure that these asset transfers can be individually identified … The rules would not apply to person-to-person transfers conducted without a provider.”

The proposal is one part of the legislative package that the European Commission  presented in July, 2021 to “strengthen the EU’s anti-money laundering and countering the financing of terrorism (AML/CFT) rules”.

Symbol of European Union

Symbol of European Union (Karolina Grabowska / Pexels)

The European Parliament hopes with this proposal to add further protective measures to ascertain that cryptocurrency transfers are not used towards these goals. The new legislation would add these requirements to all types of cryptocurrency wallets that are hosted by a service provider, such as a wallet on Binance, or any wallet that interacts with these service providers. In their official proposal document, the European Commission states the following: 

“The anonymity of crypto-assets exposes them to risks of misuse for criminal purposes. Anonymous crypto-asset wallets do not allow the traceability of crypto-asset transfers, whilst also making it difficult to identify linked transactions that may raise suspicion or to apply to adequate level of customer due diligence. In order to ensure effective application of AML/CFT requirements to crypto-assets, it is necessary to prohibit the provision and the custody of anonymous crypto-asset wallets by crypto-asset service providers.”

There is often a disconnection in communication between traditional governments and crypto-native communities, and as such, it is not fully certain to which providers the European Commission is referring when they state “crypto-asset service providers”. However, the exact definition can be found in another proposal from 2020, in Article 3, Point 8:

Article 3, Point 8 of European Commission Proposal

Article 3, Point 8 of European Commission Proposal

According to the definition above, the new legislation would not affect private individuals who manage their own crypto-asset wallets choosing to initiate transfers on their own, unless the transfer is to a crypto-asset service provider as defined above. The legislation would affect only service providers, such as centralized exchanges, trading platforms, etc. 

These platforms would need to add sender and receiver information to their interface for crypto-transfers, which would mirror the process of a digital bank transfer and see the companies behind these providers forward the supplied information to European Union member states. Any platform that were to allow crypto-asset transfers without this information would not legally be able to operate in the European Union.

Ledger Crypto-Asset Wallet

Ledger Crypto-Asset Wallet (olieman.eth / Unsplash)

An interesting question arises from the proposals by the European Commission: are DeFi services, such as Aave, required to request and record the information of their depositors? From the European Commission’s definition of a crypto-asset service provider, Aave does administrate the crypto-assets deposited by their users, and as such, they fall under the requirements set forth in the new legislation.

Yet, the technically-minded know that it is a smart contract that governs the assets deposited by users, and the team behind Aave has no direct access nor control over these assets. Whether this scenario does fall under the requirements in the legislation remains to be seen as the gap in communication further narrows as we approach the actual introduction and final votes on the legislation.

Crypto-native communities mostly are against the introduction of the new legislation as it adds yet another measure that could infringe on their privacy; no longer will it be possible to deposit or withdraw crypto-assets on popular platforms, such as Binance, without providing identifying information regarding each wallet involved in the process. It will allow the European Union slowly to build a database of identity information that can connect self-hosted wallets to real individuals, which is a horror in the eyes of many cryptocurrency believers and enthusiasts.

The legislation vote is expected to complete fully this April, which will be followed by the slow introduction of the actual measures set forth in the legislation. The future of privacy in regards to cryptocurrencies seems to have lost its place within the European Union, and only the future can show the actual reach of the new legislation once it is in place.