Firm Blog Postings
Blockchain and Our Privacy
Nine years ago, an individual, or group of individuals, known as Satoshi Nakamoto released a Whitepaper titled Bitcoin: A Peer-to-Peer Electronic Cash System. 1 Since its release, there has been a fascinating interest in the technology behind Bitcoin, blockchain technology. In the whitepaper, Nakamoto describes blockchain technology without actually mentioning it by name. Individuals from all over the globe have speculated, studied and published theories on how blockchain technology works, how it will impact our personal and professional lives in the future along with the seemingly limitless possibilities of hopeful grandeur. Blockchain enthusiasts have already begun to label it as being just as revolutionary as the internet was in the 1990’s. Many are predicting it to be a major disruption to financial institutions that will ultimately change accounting, finance and legal professions. Enthusiasts claim that it is the most secure form of transaction available these days. Just like the internet, or any new technology released to the masses, there will be a learning curve as to what exactly blockchain is, how it works and what its potential is. Because blockchain is still considered to be in its infancy, the consequences of using it, whether good or bad, remains unknown. Whether we like it or not, and whether we are ready or not, blockchain is here. Is blockchain technology something that we, as ordinary citizens, should accept and be excited about? Or is it yet another attack on our privacy?
What is Blockchain Technology?
Blockchain technology is a distributed peer to peer public ledger of transactions that is neither owned nor controlled by any one individual or entity. The information on the blockchain is not stored on a centralized database like those used by banks or large companies. 2 Instead, volunteers from around the world provide their own computers (“nodes”) that collectively creates a decentralized distributed database that encrypts the information stored on the blockchain. In fact, anyone who wants to volunteer their node to verify transactions on the blockchain may join the network and do so. 3
According to Nakamoto, when new transactions occur, they are broadcast to every node on the network. The nodes gather new transactions into a block to verify. When a node verifies a transaction, it broadcasts the block to every node. The nodes accept the block by working on creating the next block in the chain. The nodes each compete with one another to be the first to verify the first transaction in a new block. The first node to verify a transaction or create a new block is rewarded with new cryptocurrency coins or transaction fees. Nakamoto argues that this incentive is a way for nodes to support the network and encourage honesty. 4
Once verified, the blockchain permanently records every transfer of funds from one user account to another and stores that information into encrypted blocks. It is available to anyone who wants to access it.
Is the Blockchain Anonymous?
Linking an identity to a Bitcoin address may be done in a number of ways. It is a given that exchange services like Coinbase are able to make the connection between the two. In addition, there are new emerging companies like Elliptic that specialize in making this connection to combat illicit activity occurring on the Bitcoin blockchain. Another way this can be accomplished is explained by the following example. Suppose two friends agree to and execute a transaction on the Bitcoin blockchain. They both will see each other’s wallet address and be able to look at each other’s past and future transactions. They may see an unusual transaction, or one they don’t agree with morally and disclose that information to others. If the individuals are public figures would it be surprising to anyone if their activities were made known?
Conversely, if a criminal can make this link by hacking an exchange service, the hacker would know personal identifiable information which they could then use in conjunction with the blockchain to find information about the finances and spending patterns of their next target.
One of the reasons blockchain enthusiasts like the idea of a decentralized database is because it will hinder cybercriminals’ ability to steal personal identifiable information. While this may be true in the infancy stage of the blockchain, it will not always be the case. At the rate at which technology is developed, if decryption technology does not exist, it will most likely be developed and used to decrypt the blockchain, making all parties to all transactions known. 7 In January 2016, the Bitcoin Blockchain was 50 GB in size. By January 2017, the Bitcoin blockchain almost doubled to 98GB and growing. 8 The Bitcoin Blockchain’s size could very well be over 200GB at the time of this writing. There is a lot of information for a criminal with the right technology to work with.
The internet has given us a convenient means of conducting our entire lives digitally. For example, we give our information to companies to store on hand for recurring monthly payments so we don’t have to remember to pay them. We use credit and debit cards that have our information on them when we make purchases with them. The downsides to these conveniences are shown in the following illustration.
In 2012, Target was able to figure out that a teenage girl was pregnant before her father. Target had about 25 items that, when purchased in combinations, had a positive correlation to pregnancy. Target gathers information by assigning every shopper an ID number that records every interaction that shopper has with Target. Using the items she purchased, along with her name and address collected from her credit card or perhaps a Target card, she was sent advertisements for baby products in the mail. 9 It is fascinating that Target found a way to identify pregnant women with accuracy, but at what expense? How often do we read the privacy statement that comes with the card we use at the grocery store to see what we are exchanging for store discounts? How often do we scroll down the Terms and Conditions page looking for the check box to acknowledge that we’ve read and understand it?
In 2015, the personal information of 32 million people was published on the dark web after it was hacked from Ashley Madison, a popular dating service for married people. 11 The difference between personal information being stolen on merchant websites like Ashley Madison and Coinbase is the amount of financial information obtained. With Coinbase, our personal information along with our wallet ID will be disclosed. Using the wallet ID, our financial activities will also be disclosed. Whereas with Ashley Madison, or any other merchant website, our personal information along with only the Ashley Madison transactions will be made known. Bitcoin exchanges like Coinbase are only one hack away from world publication of their users’ information on the blockchain.
The blockchain is only a secure and private way of making payments if exchange services are trustworthy and proactive enough in properly preventing cybercriminals from stealing personal information and if no one had a desire to link personal information to wallet IDs. Because of the day and age in which we live, it is highly doubtful that cyberattacks will stop anytime soon along with the desire for merchants to analyze leaked data in order to better advertise their products to consumers.
Although technology has made, and continues to make our lives easier, it is important to remember the amount of privacy we trade when using it. Other than not using technological services, taking the time to develop the habit of reading over various privacy statements and having a full understanding of how our information can be used along with the risks we assume when using these types of services is more likely than not the most proactive way of protecting ourselves. However, at the rate at which technology grows it will be that much more important to protect our privacy moving forward. It is no different with the blockchain. The amount of personal information and spending patterns and habits that could end up being exposed to the world is just not worth the privacy given up.
1. Bitcoin: A Peer-to-Peer Electronic Cash System, Satoshi Nakamoto, pp. 1-9.
2. Blockchain Enhances Privacy, Security and Conveyance of Data, Mihaela Ulieru, June 23, 2016.
3. Blockchain: The Invisible Technology That’s Changing the World, Rob Marvin, August 29, 2017.
4. Bitcoin: A Peer-to-Peer Electronic Cash System, Satoshi Nakamoto, pp. 1-9.
5. Privacy on the Blockchain, Jordan Clifford, October 2017.
6. https://www.coinbase.com/legal/privacy , accessed November 6, 2017.
7. Privacy on the Blockchain, Jordan Clifford, October 2017.
8. Five Weak Points of the Blockchain Technology, Rob Blasetti, #4: The Growing Blockchain Size.
9. How Target Figured Out aTeen Girl Was Pregnant Before Her Father Did, Kashmir Hill, February 16, 2012.
10. Bitcoin Transactions Aren’t as Anonymous as Everyone Hoped, Emerging Technology from the arXiv, August 23, 2017.
11. The Ashley Madison Hack, Explained, Timothy B. Lee, 8/19/2015.
James Artl has been previously employed as a Forensic Accountant Consultant for McGovern & Greene, LLP. He has a Bachelor of Science degree in Accountancy from the College of Charleston and a Master’s degree in Forensic Accounting from Florida Atlantic University.
Expert Forensic Accounting Services
Chicago | Las Vegas