Privacy isn’t just for criminals, we all need privacy in financial matters. We don’t want to receive advertising based on yesterday’s shopping, we don’t want to become a victim of a crime just because we’re wealthy. We don’t want to explain ourselves because we bought something in particular. We don’t want competitors and the rest of the world to know our income, turnover and profit. We don’t want the complete history stored because it could be misused in case of current or future totalitarian regimes. We don’t want to justify ourselves or be banned as payee, because fortuitously there is a link to criminals (e.g. a criminal buys from us a car). Or we could lose money because our crypto coins are, not by our own efforts, contaminated to a certain degree. They may have been mixed in the past with blacklisted coins.
Nowadays, one gets the impression that all unhacked data is at high risk of being hacked at some point. This data can then be bought and abused by companies (e.g.: Did you buy cigarettes for a friend? Your new health insurance company hesitates to sign a contract with you). More than 8,000 data breaches have been made public since 2005, more than 10 billion records were stolen. The number of unreported cases is likely to be much higher, as companies have not always an interest in reporting such problems or they may not even notice them. Misuse of data is now even suspected of influencing elections and thus harming our democracies. The prospect of extensive and enduring data storage that can be made public or misused has the effect of silencing those who have nothing to hide. Thus influencing or reducing in a practical way freedom of speech and freedom of action. Only a fifth of the UK public trusts companies and organisations to store their personal data. One can assume that the level of confidence is not significantly higher in other countries. Member states of the European Union are committed to applying the principle of data minimisation, Art. 5, (1) c) of the data protection rules (GDPR): “ adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’); ” There is a good reason for this.
This is all the more important when using public pseudo-anonymous blockchains like Bitcoin. What is the difference with traditional financial transfers of national currencies? Only few have access to your data (selected bank employees, if necessary state authorities or sometimes a hacker). Bitcoin, however is an open ledger. Everybody has access to it, anyone with Internet access and some expertise or anyone who is able to use database analysis software or an online explorer. Thousands will scan and analyse your footprint in the new decentralised public financial world. Although the sender and recipient of bitcoin transactions are protected by nameless use of numbered accounts (bitcoin addresses), if there is only a single link, a bridge to the outside (now or sometime in the future), then clustering techniques de-anonymize an avalanche of crypto financial transactions: The house of cards collapses. The financial actor’s identity becomes like an open book. This does not change completely if you use a new bitcoin address for each transaction. In almost all cryptocurrency transactions there is some amount of change (the amount of Bitcoin used is larger than the transaction amount), such small amounts (we call ‘change’) are later mixed together and finally unite many Bitcoin addresses into an interrelated unit.
According to Freedom House Reports about a quarter of all people live in non-free countries. However everyone else should also be aware of this problem. Seemingly harmless data collected today (in a democracy) can be used tomorrow by another (perhaps repressive) regime. History gives us the example of the democratic Weimar Republic, where homosexuals were largely tolerated for some time. Only harmless ‘pink lists’ with their names were kept. Later these list of names were used by subsequent dictatorship to arrest 100,000 men, many of whom ultimately perished in concentration camps.
For the protection of privacy at Bitcoin, coin mixers (if you trust the provider), coinjoin transactions or the conversion and swap back on a decentralized exchange with a privacy focused currency like Monero are used. Alternatively, it serves privacy if you don’t leave the crypto world. This means when you do not buy Bitcoins but earn them, when you pay in Bitcoins and so on.