Crypto’s Latest Privacy Battle

At the end of May, the U.S. Security and Exchange Commission’s (SEC) newest mass surveillance tool – the Consolidated Audit Trail (CAT) – became “fully operational.” SEC-registered broker-dealers, exchanges, and alternative trading systems are now required to collect and report trading information on each U.S. trade, as well as the personal information of each U.S. retail brokerage customer.

While this clearly affects customers of traditional financial institutions, the personal privacy of participants in the digital asset economy can also be seriously compromised.

Marisa Coppel is chief legal officer of the Blockchain Association. Amanda Tuminelli serves as chief legal officer of the DeFi Education Fund and leads the organization’s impact litigation and policy efforts.

Note: The opinions expressed in this column are those of the author and do not necessarily reflect the views of CoinDesk, Inc. or its owners and affiliates.

Designed to collect and store detailed customer data across U.S. financial markets, CAT will be the largest securities transaction database ever created. The CAT threatens to make massive, unchecked government surveillance a reality, even though it was built under the guise of “allowing regulators to efficiently and accurately monitor all activity in the U.S. market.”

Under the SEC’s CAT-related requirements, regulated entities will have to collect multiple data points about transactions, merchants, and retail customers, including customer names, addresses, and account details. As for digital asset market participants, this information may include transaction identifiers and wallet addresses and may provide those with access to the database with information about users’ forward and backward transaction information at any time.

The implications for the digital asset industry are concerning, especially given the recent completion of Dealer rulemaking that the Blockchain Association and others have challenged in federal court, and are even more concerning if the SEC finalizes the rule, which would greatly expand the proposed rule. Definition of what “change” is.

If these new rules are allowed to take effect, newly created “dealers” and “exchanges” will be required to report digital asset users’ information to the CAT.

This means an unprecedented amount of crypto trading data and personal customer information will be caught in the SEC’s surveillance network. To make matters worse, CAT data is not only available to the SEC and its thousands of staff. Individually identifiable data in the CAT can be accessed by a network of relevant government agencies and private self-regulatory organizations without any warrant or reasonable suspicion of wrongdoing. This greatly expands the universe of who can potentially access Americans’ personal financial lives and trading activities to make the SEC’s job a little easier.

The story continues

Former Attorney General William Barr recently expressed concern about possible constitutional rights violations due to the CAT: “The Constitution prohibits mass surveillance of private activities based solely on the possibility that someone may commit a crime… Even when the government commits that crime… About a citizen information… normally must show that it is investigating specific suspected misconduct.”

But any statement from the SEC on how it will respect individual constitutional rights is sought in vain.

In fact, SEC Commissioner Hester Peirce has been sounding the alarm about the CAT’s state of unchecked surveillance for years, declaring that “the cost of freedom and privacy is not worth the claimed benefit.” After all, monitoring our trading behavior will not stop bad things from happening. “What happens in the markets will make it a little easier to understand what happened after the fact.”

In addition to privacy concerns, this database represents the ultimate “honeypot” of information, making it particularly attractive to hackers. While the SEC acknowledged this dramatic security risk in its 2020 proposal to increase the security of the database, it has yet to implement CAT changes that would increase cybersecurity, despite sounding the alarm from organizations such as the Securities Industry and Financial Markets Association (SIFMA).

See also: SEC’s Gensler Frauds in Solo Mission to Stop U.S. Crypto Regulation | Idea

It’s no surprise, then, that the SEC has been sued twice over its implementation of the CAT database. The American Securities Association and Citadel jointly petitioned the 11th Circuit in October 2023, and the New Civil Liberties Alliance filed a complaint in the Western District of Texas in April 2024 to challenge the CAT release. Although these two cases are perfect examples of why the judiciary is so important in preventing government overreach, the crypto world must recognize how contrary the CAT is to its core values ​​and the expectations of privacy that all Americans assume.

Remember, privacy is normal. Lest we approach Minority Report’s Washington, D.C., we must not regress to a social norm where privacy means abuse, especially in matters of personal finances. One should not feel like their government is looking over their shoulders as they complete every personal financial transaction; especially if these transactions may involve the disclosure of sensitive information, such as donations to political causes or payment for medical procedures.

In addition to seizing opportunities to help educate the court as amicus curiae in the ongoing cases mentioned above, the crypto community should make our opposition to this latest regulatory overreach public by voicing concerns about the CAT to elected representatives. Overly broad financial oversight regimes like the CAT are a significant threat to Americans’ constitutional rights and cannot be allowed to be quietly enacted.

Leave a Reply

Your email address will not be published. Required fields are marked *