Thank you Linda, and thanks to the Institute of International Economic Law at Georgetown Law for having me. I have to begin by reminding you that my views are my own as a Commissioner and not necessarily those of the Commission or my fellow Commissioners. Given that this workshop is part of the PETshop series, I feel I need to start with a twist on the Pet Shop Boys’ famous line: “You’ve got the brawn; You’ve got the brains; Go make good privacy tech.”
I signed on to be part of this conference very early on in the planning process, because privacy-enhancing technologies and the policy issues they raise are very important to me and should be to everyone in government. We regulators serve the American people, and privacy is integral to people’s safety in this digital world. Their need for privacy should be our concern. Too often, though, the discourse in this city about privacy casts anyone who demands it in a negative light. I have watched in troubled amazement as the goal of facilitating government surveillance drives regulatory decisions and expectations about how products and services should be built. The legitimate needs of people for products that protect their privacy take a backseat.
Empowering government to be able to identify, pursue, and punish the bad guys is important to the security of the nation and its people, but so too is empowering people to protect information about their lives, including their financial lives. Helping people to keep financial transactions private obstructs criminals who seek to steal and terrorize. We cannot let a legitimate desire for security from reprobate nation states and criminal organizations steal the freedom that defines this nation and its people.
I urge us as a society to view technologies as an opportunity to increase people’s ability to protect themselves from bad actors, not as an opportunity for the government to watch more of what its citizens do. These new technologies should be an opportunity for us to refocus government surveillance on bad actors and activities that are most likely to be nefarious and away from the everyday actions of innocent people.
So often in a discussion about privacy, we talk about how we can balance the need to keep personal information private with the need to defend our nation. But little focus is often given to the fact that these interests are not diametric opposites. In fact, privacy can help enhance investor protection.
We think about this fact in the context of the Crypto Task Force’s work. Current regulations require transfer agents to record the name and physical address of security holders. Permissionless crypto networks allow for the movement of funds through pseudonymous public wallet addresses. On many crypto networks, these addresses allow anyone to verify exactly where a certain asset resides. The address also allows for a degree of privacy; my public address is just a code of alphanumeric characters with no personally identifiable information. If transfer agents were given the flexibility to record that securities reside on the blockchain at a public address, we could save investors the risk of having to hand over information about where they live to people they have never met and rarely interact with. Another honeypot of data would be spared.
I understand skepticism and fear about technology. Over the weekend, I listened to a Lone Ranger episode on an old-time radio show. I identified with the curmudgeon who tried to block the telegraph lines from crossing his land. He changed his tune when the same telegraph he condemned enabled his daughter to get the lifesaving medicine she needed. That old radio show is a good reminder for all of us that first impressions of technology are often incomplete.
In an environment full of curmudgeons, this group is a breath of fresh air. I appreciate your efforts to show us how we can use new technology to preserve privacy while allowing regulatory agencies to pursue their legitimate responsibilities. You recognize the legitimate concerns about the technology but are optimistic enough to think you can build solutions that address them without compromising fundamental rights. If you have technologies that you think could accomplish the goals of Know Your Customer (KYC) and anti-money laundering regulations while limiting the collection and storage of personally identifiable information, please reach out and talk with the Crypto Task Force. Thank you for your time. I’m happy to take questions and make this more of a dialogue.
