Digital currency startups are trying to reframe the debate surrounding customer privacy, anti-money-laundering compliance and data security by backing a new set of guidelines for managing consumers' online identities.
The Windhover Principles, developed by the nonprofit Institute for Data Driven Design, reject the notion that these regulatory imperatives are inherently contradictory. The framework seeks to give users control of how their personal data is used and shared while ensuring that their identities are known to someone in case law enforcement comes knocking.
"The idea that privacy, security and transparency 'have to be balanced' if you deconstruct that sentence, it's saying that we have to give up some privacy so there's transparency, or give up transparency so there can be privacy," said Karen Gifford, chief compliance officer at Ripple Labs, one of nearly two dozen digital currency firms that endorsed the principles Monday. "A better solution would meet each goal without impinging on the others."
That would appear to be a hard needle to thread. Law enforcement and AML regulators want digital currency firms to identify and keep records on customers, particularly in light of Bitcoin's early notoriety as a black market currency. Yet the pseudonymity of cryptocurrency is part of its appeal to privacy-conscious users who despair of trusting third parties to safeguard their personal information amid regular news of data breaches.
Under the Windhover Principles, participating digital currency firms pledge to take the necessary steps to authenticate users' online identities while giving customers control over their personal data and allowing them to move it between organizations. This idea is also the driving force behind ID3's recently developed open source platform, Open Mustard Seed.
"We've essentially built a series of social stack protocols that allow companies to enable users to create their own secure identity in their own secure cloud," said Dan Harple, managing director at ID3, a spinoff of the interdisciplinary MIT Media Lab. Companies would use the platform to create cloud applications that form an impenetrable "digital shrink wrap" for customers' personal data.
Here's how it would work: A customer signs up with a digital currency exchange integrated with Open Mustard Seed. They create an account (called a "persona") and fill in the information necessary to vet their identity. Open Mustard Seed will then send the information to a trusted third party that independently verifies the information. The customer's data is then transferred to a cloud-based escrow service. Regulators can access the information via an access token as long as certain contractual obligations such as a valid warrant or subpoena are met.
"The customer maintains control of their data to the extent that the escrow service provides notifications whenever the data is accessed," Harple said. "The customer can then engage in financial transactions through their persona without having to expose personally identifiable information to untrusted third parties." Financial institutions, meanwhile, are able to comply with regulatory obligations without storing customers' personal information themselves.
This kind of personal cloud technology has the potential to shift authority over digital identities away from companies and back to consumers, said John Light, a Bitcoin consultant and chief operating officer at eSpend, which provides software for integrating with the Ripple protocol.
"It's a lot different from the way it is now, where digital currency companies themselves are storing all of this data so they can answer to regulators," Light said. "The personal cloud makes this easier across the board by making sure users just have to update their data once, and that the data is portable across range of different services."
It's unclear that the guidelines would satisfy regulators' AML and know your customer requirements. For example, the travel rule under the Bank Secrecy Act requires financial institutions transferring customer funds above $3,000 to obtain and pass on information about the sender and receiver, noted Patrick Murck, general counsel of the Bitcoin Foundation, a trade group.
"You can't just say, 'Hey, this guy is trustworthy,'" Murck said. "Requirements for financial institutions and surveillance would have to change in order for systems like this to work or make a difference on the regulatory side."
Light agreed that the Windhover Principles may be a bit ahead of current requirements but predicted that regulators would be receptive to them
"They all know digital identity is totally broken and there are better ways that we can do this," he said.
The guidelines also give digital currency firms an opportunity to improve their relationships with regulators by demonstrating that they are willing to play by the rules, according to Gifford.
"There was a sense among regulators that everyone in the [digital currency] space was entirely opposed to all government regulation and wanted to create a completely alternative financial system," Gifford said. "There are certainly some colorful characters in the industry, but that doesn't mean all people subscribe to view like that."
And Harple sees broader applications for the Windhover concept beyond digital currency startups for all sorts of businesses burdened with guarding sensitive data.
"This works for banks as well, and content providers like publishers," he said. "We're starting off with digital currencies, but this is a far better mechanism to protect security and privacy in all banking."