The article seems to miss out a very key point: How do they seize them?
Do you knock on your door and demand your private keys? How can they do that if you've broken no laws? How do they even know you have them in the first place?
Such a requirement may not be limited to US exchanges. AML provisions require that any exchange (not just those in the US) that support the conversion of Bitcoin to/from USD register with FinCEN. If they were to refuse to cooperate with US LE agencies' efforts to confiscate bitcoins that were the proceeds of crime, they could be judged to have assisted in criminal money laundering.
Many international exchanges don't really care about US AML provisions and/or about transacting in US dollars. And as long as they don't maintain US bank accounts they probably also don't care about being sued in the United States.
Why not? Many European countries don't extradite their own citizens [1]. So you only need to comply with the local laws, which are often much less strict in terms of AML provisions. Of course you wouldn't want to do any international travel as an exchange operator who violates US law, but otherwise you're safe.
[1] Instead, they can sue you locally, even if they crime happened in another country. However, this lawsuit will be according to local laws. So if the crime is only illegal in the other country they can't sue you.
From what I see there has been a great, successful push to "harmonize" AML provisions, so I believe they are at their core pretty much the same throughout the 'civilized world' and the semi-dictatorships have much stronger controls than that - so all the big economies and major currencies are affected in the same way as USA/USD.
Can you elaborate on which countries do you have in mind for "comply with the local laws, which are often much less strict in terms of AML provisions" ?
For extradition you mention Europe, but the EU AML directive is already comprehensive enough to make illegal most suggested bitcoin-for-laundering use cases; and it can be expected that if there are major loopholes found, then (continuing with their existing AML policy) EU legislation will be quickly adapted to close them.
Given the United States' track record when it comes to pushing out the boundaries of its extraterritorial jurisdiction, it would not surprise me if such exchanges were to encounter difficulties in finding a bank that was willing to provide them with banking facilities.
If you don't find a bank account you could always operate a P2P-style exchange like bitmarket used to: The exchange acts as an escrow for the Bitcoins, but the fiat transaction happens directly between market participants. Once the fiat arrives at the receiver the coins are released. In case there are any disagreements the exchange can ask both sides for proofs. This won't prevent 100% of fraud, but seems to have worked well for bitmarket.
The reason why those P2P-style exchanges aren't common in the United States is because it's hard to directly transfer money between two people. With SEPA transactions in Europe you can directly transfer money to any recipient, usually for free (or at a very low cost).
And at that point you have perfectly traceable transactions, since the 'fiat transaction' part has personally identifiable information of both participants.
AML laws are not US-specific - as soon as the current regulation catches up, any international exhange will either comply with their local AML laws doing the same thing, or will have trouble handling the 'real currency' part of their transactions.
This is the biggest joke since the HSBC scandal broke. Feds dont care about real criminals laundering money. They just like it as a convenient scapegoat when it involves an enemy of the state.
Also the US is not the world power anymore. They have no authority to 'flag' any currency.
To use their example: You own a lawn care company and do lawn maintenance for a client in Deleware for Dr. Olivia Bolles[1]. Unbeknownst to you Dr. Bolles is a drug dealer on Silk Road. She pays you for your services in bitcoin. The bitcoin wallet that her payment is posted to is publicly linked to you or your company through your website or perhaps your payment page.
It is reasonable to assume that you are the benefactor of funds that go to this address otherwise you would be exchanging a service for naught!
The government raids Dr. Bolles, seizes her wallets and while going over the transactions associated with these wallets discovers your wallet.
They could then order you to surrender the funds based on the "nemo dat quod non habet" that they mentioned.
Someone else will have to chime in with court cases that support/contradict my reasoning because that's beyond me.
[1]http://thedailyrecord.com/2013/12/13/judge-silk-road-doctor-...
You don't have to seize them. You can just declare that funds will not be accepted from any wallets that receive Bitcoin from the flagged wallet. If an entity with enough market power started flagging wallets, services would quickly build in functionality to reject funds from flagged wallets.
And how would this work in practice. Let's assume you have one "clean" Bitcoin and I have one stolen/flagged Bitcoin. I'm now sending you 0.1 Bitcoins and you don't know that those are flagged.
So how would this influence your remaining Bitcoins? If you send 0.1 Bitcoins to someone else: Would you sell the stolen Bitcoins first? Would you sell the clean Bitcoins first? Are all of your coins tainted by a given percentage?
(Yes, I know that just receiving those coins would create a separate input that you can ignore in order to avoid tainting your coins. But at some point clean and flagged input will be merged together into a single one.)
You sell the clean first. You are assumed to always be holding 0.1 dirty coins, so you must keep a balance > 0.1 at all times to avoid spending the dirty coins.
So now let's assume I'm selling something on an auction site and someone pays me with coins where I assume it's likely that they are stolen (but I don't have any definite knowledge about that).
For some reason I now need to refund the buyer. Do I now first need to transfer all but 0.1 coins to somewhere else, so that I can send the remaining 0.1 coins back?
Why are you dealing with money that you're assuming that is likely stolen? If they turn out blacklisted then you're out of pocket. Because bitcoin does not support refunds or chargebacks you must transfer clean money to refund them. Bitcoin has weaknesses, the way it deals with "change" and indeed the need for change is one of them. Bitcoin should have dealt with the change issue by instead of the splitting happening at the receiver end and sending back change, the splitting should have happened at the sender end so only the correct amounts were ever sent.
That's not really how it works. The sender does the splitting, but he has to send the change somewhere, and customarily it's sent to a new address. The receiver doesn't even have to be online, you don't get your change from them, so the only way you'd get blacklisted coins in change is if you already had some blacklisted coins in the inputs you were using to begin with.
>Do I now first need to transfer all but 0.1 coins to somewhere else, so that I can send the remaining 0.1 coins back?
You make it sound like this is a burden. It seems easy to me, as long as you track taint per-output rather than per address. Just pretend people followed best practices and used a unique address for every output.
So let's take eterm's suggestion that clean coins always come out first. So all we need to do is build a transaction with at least .1 tainted coins, put the non-refund coins as the first output, and put the .1 tainted coins as the second output. First output is an address we control, second output goes back to the person we're refunding.
That's assuming you already mixed up your coins and can't just send back the exact same transaction they sent you in the first place.
Every wallet that receives funds from the flagged wallet is tainted until they send it back to that wallet. All of the funds, not just the tainted amount.
This doesn't work in practice. Transactions using Bitcoin "addresses" are just one (out of many) transaction types. As far as I understand the protocol it's possible that you receive those coins via a transaction type that doesn't have an associated Bitcoin sender address.
"Every wallet that receives funds from a tainted wallet becomes tainted" doesn't (in any way I see) conflict with the notion that there are transactions without a sender.
I meant the "until you send it back part". If "every wallet becomes tainted" and "you can't send it back" this would make it trivial for an attacker to taint a large number of wallets in the Bitcoin network.
It doesn't have to be, in principle. It depends what organization is doing the tainting. In practice, it is comparatively likely to be the case because tainting of this sort is likely to relate to the criminal justice system, and I don't expect the relevant portions to be privatized anytime soon. If you mean the US rather than other governments, mostly because we seem comparatively eager to enforce our laws abroad, though I expect other governments would get in on the game.
I'm not suggesting that it'd be in the protocol. It'd be in wallets. If you send Bitcoin to my wallet from a tainted address, my client would automatically send it back to you.
Not every client or wallet supports ownership of addresses. You could be sending coins back to a hot wallet, where they're indistinguishable from coins that I don't own and they don't even come back to my wallet balance. You could say "not my problem" but that's adding a lot of overhead to the brain of my wallet's mixing service that we didn't have to deal with before :)
That would be a disaster. People would immediately dump all the worthless "flagged" coins on markets and services that haven't had time to respond to the new protocol. Those people would go bankrupt overnight, possibly before they even have time to realize it's happening and shut down.
I can't find who stole my mobile phone, it doesn't necessarily mean the FBI couldn't (if they wanted to). Obviously this is not relevant to the technical specifications of Bitcoin, but my point is that this comparison isn't really relevant.
> Do you knock on your door and demand your private keys?
Pretty much. If you're storing your bitcoin with something like Coinbase, they could also knock on Coinbase's door.
> How can they do that if you've broken no laws?
Buying stolen artwork is not a crime if you don't know it's stolen. But the government can still seize the stolen artwork and return it to its original rightful owner. The only recourse you have is to go after the person who sold you the stolen artwork -- which may not be very feasible for you to do in the case of semi-anonymous bitcoin transactions.
> How do they even know you have them in the first place?
If you use a third-party service like Coinbase, they could just ask them. If you're using your own wallet, they'd have to rely on good-old fashioned deduction -- e.g. if the previous holder of the coins has an accounting log showing payment to you in bitcoins, that's probably enough to infer that you have or did have possession. It might be enough to shift the burden of proof so that you have to show that you don't have possession of the bitcoins.
This isn't really any more of an issue with bitcoin than with Caymans accounts. It already leads to some messiness, but it doesn't stop them from throwing people in jail.
More accurately, you have to refute the evidence that's already been produced that you do possess something.
For example, if someone says "I paid tlrobinson 2 bitcoins for mowing my lawn on Sunday," you could produce evidence that you were on a business trip on Sunday and therefore couldn't be the same tlrobinson referenced in the previous statement. Or argue that the person making that statement is a liar. Or point out that 2 bitcoins is an absurd amount to pay for mowing a lawn. Etc.
If individual A steals artwork, sells it to individual B, and then uses the cash to buy a car from individual C, and individual C uses the cash to buy a house, is the only person who loses anything individual B? (Assuming individual C didn't break any money laundering regulations)
If the stolen property is BTC rather than art, there would be no reason you couldn't follow a perpetual chain of transactions after it.
Curiously, that could be viewed as a very big strength for BTC rather than a weakness. I think a lot of trouble is saved by calling BTC a programmable currency rather than an anonymous one.
If you buy something at Overstock.com or cash out at Coinbase or an exchange they can find you.
Related: I've met several people who are planning to use bitcoins to avoid paying taxes. I'll leave it as an exercise for the reader why that could be a very bad idea.
> The FBI already owns 5 to 10 percent of [bitcoins], which are now out of circulation.
Given that money laundering and drug transactions have become major parts of bitcoin's current use case, law enforcement's tendency to seize bitcoins puts yet another deflationary pressure on the system. The biggest obstacle to bitcoin becoming a currency rather than a speculator's darling is the stability of its value. Meanwhile, the system's incentives seem to promote hoarding in hopes of a price spike.
Not that this is problem in and of itself. Bitcoin's decent anonymity creates very real value, and it looks poised to be a medium of exchange. It just puts a damper on the hopes that future transactions will be denominated in bitcoin rather than dollars.
Not the case, actually. It's safe to assume that the FBI is very big on backups, probably paper backups, to prevent people doing just that. But stealing the bitcoin from the FBI wouldn't require deleting anything, just access to the private key.
Now admittedly, the FBI also has a lot of experience keeping short bits of data secret (for instance, the real identities of moles and protected witnesses). But they don't exactly have a perfect record on that count.
That is only if the FBI holds onto them forever. However, unless something has changed, I was under the impression that they plan on auctioning them off just like any other seized asset
You raise an important point, but I think you state it too strongly. If the FBI shows a tendency to hold an increasing number of bitcoins (on average, over time) it's a deflationary pressure even if they're not "the same bitcoins". It's similar to other demand by people who want to hold, I guess, except that the FBI doesn't need to pay for theirs at market rate.
I have US dollar bill B03542754F in my pocket right now. I wonder about its "blockchain" and how it has flowed into and through our economy. I wonder if it at anytime in its life has been a part of illegal activity.
Dear Sir, your $100 dollar bill was used in an illegal money transaction in 1972. It is your personal duty as a good citizen to destroy this element of crime immediately !
So bitcoin is or is not money ? cause the US gov seems to want to gives the bitcoin the disadvantages of being considered a currency, without the advantages.
That calls bitcoin a 'virtual currency' and treats the crime as securities and mail fraud. I wouldn't call it a shining example of the government attacking bitcoin.
The post is not an attempt to smear bitcoin based on how it is used, it is expressly to point out that bitcoin does not share the special status that cash enjoys under U.S. law.
"Sting money" used in extortion/bribery/hostage situations can be and is repossessed based on those serial numbers.
Not when it's too far removed, but if it's a few steps down, i.e., cash given to a friend/relative, cash dug underground in a secret location and the loot found by someone else, etc - I believe it would be successfully siezed also in those cases.
Law enforcement in general only works effectively when a small portion of the population is a target for enforcement. If mixing exchanges represented a significant fraction of bitcoin activity, a "tainting" law would be practically unenforceable.
Or law-abiding users who simply want financial privacy will be afraid to use mixing for fear of (literally) being mixed up in illegal activity, just as most people won't run Tor exit nodes.
(b) if 'tainted' money enters a pool, then the operator and/or the participants become jointly liable for returning back all of the money;
(c) seize money from whomever is easiest to reach.
(d) observe casual people never ever participating in such mixing after the first publicized case.
All of the above is within powers of legislators+lawenforcement, and there are precedents of them doing different-but-similar things for other ways of money laundering.
Just letting you know, trustless mixing means no central operator.
Technically they could do this down the line. But it'll be very difficult to enforce as bitcoin is a global currency. Your laws may not apply to my country, and everyone else will be using them.
If no one gives what he does not have, then no one takes what he cannot hold.
The Feds cannot seize your Bitcoins unless they have your cooperation or can obtain your private keys by other means. In order to search your property and make a seizure, the police must at least have a reasonable suspicion that you, yourself, have committed a crime, and that the property to be seized is either evidence of or proceeds from that crime.
That's the legality. In reality, police will illegally search your computers, transfer your coins while you are cuffed, and then you will have no practical recourse.
Begin protecting yourself with encryption and strong passwords now, and help your non-technical acquaintances learn how to use it. It is only a matter of time before you or someone that you know ends up on the wrong end of an injustice.
Even if they do have your private keys, they have no assurance that they have the only copy of them.
If you're forced to hand over private keys to a wallet that more than one person has keys for, there's nothing that prevents the other person from (with bad intent or otherwise) moving those funds to another wallet.
Absurd. No one demands that you give cash back if it turns out to have been used in a crime. Imagine if your employer was accused of a crime, or sold something to a criminal, etc.
I read your comment and thought, yes it would be absurd to apply this to cash and therefore it seems also absurd to apply it to bitcoin. However, there are people who would like bitcoin to fail, perhaps because they are part of the established financial system and so, it's possible that a court might rule that because an individual bitcoin amount can be traced back to a crime it should be confiscated.
The thing is, that potentially that causes problems for cash. As soon as technology is capable of tracking cash in the same way the same legal argument could be used. This is already relatively easy for electronic balances, but technology that tracks bank notes is quite easily imaginable.
I wonder what the case law for electronic cash balances is.
Sometimes they do - for instance money used in stings and busts by law enforcement might have its serial numbers recorded. If you're subsequently searched and found to have money used in a drug bust, there are gonna be some tough questions and the money might get confiscated.
If someone uses a fraudulent credit card to buy something from you online, you're not going to be able to keep that money when the fraud's reversed.
If you (unknowingly) buy stolen property you can be forced to give it back, and then it's up to you to go after the guy who sold it to you. If you knowingly buy stolen property you're in trouble.
Given that BTC serial numbers are in plain view as opposed to stolen goods or dollar bills where you need a warrant, it's a lot easier to demand the BTC back.
>The FBI already owns 5 to 10 percent of them, which are now out of circulation
The FBI has seized around half a billion dollars worth of bitcoin, and they've just "taken it out of circulation"? I realize that half a billion isn't that much in the grand scheme of things, but still, this hardly seems like ideal management of seized assets.
Hypothetical: Suppose you owned a car, and this was stolen. If the car were sold intact, then presumably you could reclaim the car from the buyer because of the nemo dat rule.
But now suppose the thief sold the car to a salvage yard. The salvage yard breaks the car down into scrap metal, which is melted down and recycled for use in other products.
I'm not very familiar with this area of law, but presumably you would no longer have a claim to the car or the scrap because the original piece of property to which you had title, the car, was destroyed. You might have a claim against the scrap yard for not checking title on the car and could recover the fair market value of the vehicle.
Same with bitcoin -- once someone comingles the stolen coins with other coins, the original balance of coins has been destroyed. There is no action against parties further down the blockchain. Your only remedy should be to recover the fair market value of the coins from the party that "destroyed" the coins.
<standard "this is not legal advice" disclaimer goes here>
100 comments
[ 3.0 ms ] story [ 160 ms ] threadAnyone have a link to said study? Seems impossible if enough are being tumbled.
Do you knock on your door and demand your private keys? How can they do that if you've broken no laws? How do they even know you have them in the first place?
[1] Instead, they can sue you locally, even if they crime happened in another country. However, this lawsuit will be according to local laws. So if the crime is only illegal in the other country they can't sue you.
Can you elaborate on which countries do you have in mind for "comply with the local laws, which are often much less strict in terms of AML provisions" ?
For extradition you mention Europe, but the EU AML directive is already comprehensive enough to make illegal most suggested bitcoin-for-laundering use cases; and it can be expected that if there are major loopholes found, then (continuing with their existing AML policy) EU legislation will be quickly adapted to close them.
Also, it would be inadvisable for the staff of such exchanges to travel to (or transit through) the United States. http://en.wikipedia.org/wiki/David_Carruthers#Arrest_during_...
The reason why those P2P-style exchanges aren't common in the United States is because it's hard to directly transfer money between two people. With SEPA transactions in Europe you can directly transfer money to any recipient, usually for free (or at a very low cost).
Also the US is not the world power anymore. They have no authority to 'flag' any currency.
So how would this influence your remaining Bitcoins? If you send 0.1 Bitcoins to someone else: Would you sell the stolen Bitcoins first? Would you sell the clean Bitcoins first? Are all of your coins tainted by a given percentage?
(Yes, I know that just receiving those coins would create a separate input that you can ignore in order to avoid tainting your coins. But at some point clean and flagged input will be merged together into a single one.)
For some reason I now need to refund the buyer. Do I now first need to transfer all but 0.1 coins to somewhere else, so that I can send the remaining 0.1 coins back?
You make it sound like this is a burden. It seems easy to me, as long as you track taint per-output rather than per address. Just pretend people followed best practices and used a unique address for every output.
So let's take eterm's suggestion that clean coins always come out first. So all we need to do is build a transaction with at least .1 tainted coins, put the non-refund coins as the first output, and put the .1 tainted coins as the second output. First output is an address we control, second output goes back to the person we're refunding.
That's assuming you already mixed up your coins and can't just send back the exact same transaction they sent you in the first place.
Or forfeit it to the feds, at which point they can mark them untainted before they auction them off.
Pretty much. If you're storing your bitcoin with something like Coinbase, they could also knock on Coinbase's door.
> How can they do that if you've broken no laws?
Buying stolen artwork is not a crime if you don't know it's stolen. But the government can still seize the stolen artwork and return it to its original rightful owner. The only recourse you have is to go after the person who sold you the stolen artwork -- which may not be very feasible for you to do in the case of semi-anonymous bitcoin transactions.
> How do they even know you have them in the first place?
If you use a third-party service like Coinbase, they could just ask them. If you're using your own wallet, they'd have to rely on good-old fashioned deduction -- e.g. if the previous holder of the coins has an accounting log showing payment to you in bitcoins, that's probably enough to infer that you have or did have possession. It might be enough to shift the burden of proof so that you have to show that you don't have possession of the bitcoins.
How exactly do you prove you don't possess something?
For example, if someone says "I paid tlrobinson 2 bitcoins for mowing my lawn on Sunday," you could produce evidence that you were on a business trip on Sunday and therefore couldn't be the same tlrobinson referenced in the previous statement. Or argue that the person making that statement is a liar. Or point out that 2 bitcoins is an absurd amount to pay for mowing a lawn. Etc.
If the stolen property is BTC rather than art, there would be no reason you couldn't follow a perpetual chain of transactions after it.
Curiously, that could be viewed as a very big strength for BTC rather than a weakness. I think a lot of trouble is saved by calling BTC a programmable currency rather than an anonymous one.
Related: I've met several people who are planning to use bitcoins to avoid paying taxes. I'll leave it as an exercise for the reader why that could be a very bad idea.
Given that money laundering and drug transactions have become major parts of bitcoin's current use case, law enforcement's tendency to seize bitcoins puts yet another deflationary pressure on the system. The biggest obstacle to bitcoin becoming a currency rather than a speculator's darling is the stability of its value. Meanwhile, the system's incentives seem to promote hoarding in hopes of a price spike.
Not that this is problem in and of itself. Bitcoin's decent anonymity creates very real value, and it looks poised to be a medium of exchange. It just puts a damper on the hopes that future transactions will be denominated in bitcoin rather than dollars.
Now admittedly, the FBI also has a lot of experience keeping short bits of data secret (for instance, the real identities of moles and protected witnesses). But they don't exactly have a perfect record on that count.
http://www.forbes.com/sites/kashmirhill/2014/01/16/the-feds-...
There are ~12M Bitcoin out there right now. There was a total of ~30k seized through Silk Road. That's 0.25%
Source: http://rjcesq.com/?p=15
(Serious question; most of the regulatory activity I've seen has been pointing out to people accepting dollars that they are money transmitters)
This would correspond to abandoning a blockchain and moving to a new one in response to a big enough fraud.
Not when it's too far removed, but if it's a few steps down, i.e., cash given to a friend/relative, cash dug underground in a secret location and the loot found by someone else, etc - I believe it would be successfully siezed also in those cases.
(a) Forbid offering and using it;
(b) if 'tainted' money enters a pool, then the operator and/or the participants become jointly liable for returning back all of the money;
(c) seize money from whomever is easiest to reach.
(d) observe casual people never ever participating in such mixing after the first publicized case.
All of the above is within powers of legislators+lawenforcement, and there are precedents of them doing different-but-similar things for other ways of money laundering.
Technically they could do this down the line. But it'll be very difficult to enforce as bitcoin is a global currency. Your laws may not apply to my country, and everyone else will be using them.
The Feds cannot seize your Bitcoins unless they have your cooperation or can obtain your private keys by other means. In order to search your property and make a seizure, the police must at least have a reasonable suspicion that you, yourself, have committed a crime, and that the property to be seized is either evidence of or proceeds from that crime.
That's the legality. In reality, police will illegally search your computers, transfer your coins while you are cuffed, and then you will have no practical recourse.
Begin protecting yourself with encryption and strong passwords now, and help your non-technical acquaintances learn how to use it. It is only a matter of time before you or someone that you know ends up on the wrong end of an injustice.
If you're forced to hand over private keys to a wallet that more than one person has keys for, there's nothing that prevents the other person from (with bad intent or otherwise) moving those funds to another wallet.
Multi-sig transactions can prevent any one person from running off with the funds, and will likely become common in the next year or so.
They'll only get better at this.
(I would speculate that they could easily get subpenas to support that type of investigation, without any new law)
The thing is, that potentially that causes problems for cash. As soon as technology is capable of tracking cash in the same way the same legal argument could be used. This is already relatively easy for electronic balances, but technology that tracks bank notes is quite easily imaginable.
I wonder what the case law for electronic cash balances is.
If someone uses a fraudulent credit card to buy something from you online, you're not going to be able to keep that money when the fraud's reversed.
If you (unknowingly) buy stolen property you can be forced to give it back, and then it's up to you to go after the guy who sold it to you. If you knowingly buy stolen property you're in trouble.
Given that BTC serial numbers are in plain view as opposed to stolen goods or dollar bills where you need a warrant, it's a lot easier to demand the BTC back.
The FBI has seized around half a billion dollars worth of bitcoin, and they've just "taken it out of circulation"? I realize that half a billion isn't that much in the grand scheme of things, but still, this hardly seems like ideal management of seized assets.
But now suppose the thief sold the car to a salvage yard. The salvage yard breaks the car down into scrap metal, which is melted down and recycled for use in other products.
I'm not very familiar with this area of law, but presumably you would no longer have a claim to the car or the scrap because the original piece of property to which you had title, the car, was destroyed. You might have a claim against the scrap yard for not checking title on the car and could recover the fair market value of the vehicle.
Same with bitcoin -- once someone comingles the stolen coins with other coins, the original balance of coins has been destroyed. There is no action against parties further down the blockchain. Your only remedy should be to recover the fair market value of the coins from the party that "destroyed" the coins.
<standard "this is not legal advice" disclaimer goes here>