Groundhog Day for the Crypto Wars: The DOJ on Bitcoin Prowl

On April 24, the Department of Justice continued its assault on open source developers, arresting Keonne Rodriguez and William Lonergan Hill on allegations of money laundering. Rodriguez and Hill, operating the well-known bitcoin application Samourai Wallet, committed the grand offense of writing code.

Under the auspices of money laundering, the DOJ seized servers located abroad, pulled the Samourai website from its domain, and had Google remove the app from its Play Store.

It’s a stunning flashback to the 1990s “crypto wars,” when the feds last went after cryptographers and others writing code.

At that time, government officials alleged that producing and sharing encryption technology amounted to exporting weapons. Politicians worried that these privacy technologies would fall into the “wrong” hands, so much so that President Bill Clinton declared a national emergency and then-Sen. Joe Biden (D–Del.) introduced a bill to allow the government to spy on text and voice communications. 

Philip Zimmermann, a programmer, wrote an encryption software called Pretty Good Privacy (PGP) that would thwart the government’s snooping efforts. As Paul Detrick explained for Reason, the software was so good that the DOJ launched a criminal investigation in 1993 “on the grounds that by publishing his software he had violated the Arms Export Control Act. To demonstrate that PGP was protected under the First Amendment, Zimmerman[n] got MIT Press to print out its source code in a book and sell it abroad.”

The DOJ dropped the case.

Around the same time, Berkeley Ph.D. student Daniel Bernstein developed an encryption method called Snuffle based on a one-way hash function. After publishing an analysis and instructions on how to use his code, he reached out to the State Department to present it. Bad move. The State Department required Bernstein to “register as an arms dealer, and apply for a[n] export license merely to publish his work online.” Berstein, represented by the Electronic Frontier Foundation, took the government to court, and ever since the landmark ruling in Bernstein v. U.S. Department of Justice, code has been considered speech.

Thirty years later, politicians are now worried less about technical data leaking to foreigners and more about those foreigners’ money flows. In a supposed attempt to prevent terrorism, the government is cracking down on money laundering. 

But the main impetus hasn’t changed: Behavior not subject to the oversight of the U.S. government must be suspicious—and is probably illegal. 

With roots in the cypherpunk ethos to which both Zimmermann and Bernstein belonged, bitcoin encompasses the “code is speech” verdict from the ’90s. Bitcoin is a digital currency based on an elaborate system of cryptographically protected numbers, signed and validated by other numbers, all in the open. Bitcoin is math. Software that runs bitcoin wallets are strings of 1s and 0s; they are speech, and at no point do bitcoin transactions cease to be speech. 

The main service for which Rodriguez and Hill’s Samourai Wallet has run afoul with law enforcement is Whirlpool, a privacy-enhancing feature on a blockchain that’s otherwise open and available for anyone to inspect. In the fiat system, my employer can’t spy into my bank account or I into theirs (though the bank can, and anyone who successfully hacks the bank’s record). A grocery store, car dealership, or insurance provider can’t see how much funds I have, where they came from, or who might have spent them a few hops before they came to me. With bitcoin, that’s all in the open—hence why services like Whirlpool are so important.

Whirlpool constructs a five-input, five-output transaction between an unknown number of people. Five units of similar-sized bitcoin go in and five come out to new addresses. This obfuscates the individual coins’ history, and anybody observing flows on the publicly available blockchain can no longer know which of the five outputs belonged to which input.

In the DOJ’s enlightened view, that now constitutes money laundering and a failure to register as a money transmitter, even though Samourai is a noncustodial wallet, where the “operators do not take custody of user funds and therefore are technically incapable to ‘accept’ deposits or ‘execute’ the transmission of funds,” according to Bitcoin Magazine

I sometimes get paid in bitcoin from various international clients and employers. I’ve used Whirlpool many times—and it’s about as nefarious and shady as any good old cash transaction. I don’t exactly want my employer to be able to find out where I spent my funds. I definitely don’t want someone I send bitcoin to to know how much I carry in the specific wallet from which I was spending. This is all standard hygiene in a modern digital world; we leak wealth and spending information like crazy, and protecting some of that privacy is just prudent behavior.

Have there been terrorists or otherwise certified Bad People using Samourai’s services? Probably, but that’s too low of a bar to throw a legal fuss. It’s a bad-faith argument, as Reason‘s Zach Weismuller writes: “They will point to bad people using these tools, just as they pointed out that Hamas raised some funds in various cryptocurrencies, without noting that a vast amount of money laundering happens with government-issued currency.” 

Terrorists and criminals use these services, officials say. OK, but they also, to a much larger extent, use the U.S. dollar. Maybe the DOJ should arrest Jerome Powell and confiscate the Federal Reserve’s servers while they’re at it. We don’t go after high-end leather wallet manufacturers because some of their customers carry notes that may have once been involved in crimes. We don’t inspect cash registers at gas stations for illicit dollars—and then go after the manufacturer of the cash register themselves.

That’s what Rodriguez and Hill are: manufacturers. Using code, they created a program that others operate on their own phones and computers. At no point in the process did they take custody of users’ funds—which is why all the DOJ acquired when arresting Rodriguez and Hill were servers and domains. No stash of laundered and illicit bitcoin sat in the basement of the alleged culprits.

Government protagonists always have seemingly good reasons—terrorism, trafficking, drugs, Bad People doing normal things—to intervene and sidestep people’s rights.

Those of us who worry about government overreach always feared that the crypto wars of the 1990s might one day return. Last week, the DOJ revived that battle.

About the author

Leave a Reply

Your email address will not be published. Required fields are marked *