News
The Latest Crypto Privacy Battle: TradingView News
At the end of May the new mass surveillance tool of the US Security and Exchange Commission (SEC): the Consolidated Audit Trail CCAT – has become “fully operational”. SEC-registered broker-dealers, exchanges and alternative trading systems now must collect and report trading information relating to every U.S. trade, as well as personal information from every U.S. retail brokerage client.
While this obviously impacts customers of traditional financial institutions, the personal privacy of participants in the digital asset economy could also be seriously compromised.
Marisa Coppel is the legal director of the Blockchain Association. Amanda Tuminelli serves as Chief Legal Officer of the DeFi Education Fund, where she leads the organization’s impact litigation and policy efforts.
Note: The opinions expressed in this column are those of the author and do not necessarily reflect those of CoinDesk, Inc. or its owners and affiliates.
Designed to collect and store detailed data on customers in U.S. financial markets, the CAT will be the largest securities transaction database ever built. Although built under the guise of “allowing regulators to efficiently and accurately monitor all activity in US markets,” the CAT threatens to make massive, unchecked government surveillance a reality.
Under the SEC’s CAT requirements, regulated entities will be forced to collect a multitude of data on operations, merchants and retail customers, including customer names, addresses and account details. As for digital asset market participants, this information could end up including transaction identifiers and wallet addresses, giving those with access to the database insights into users’ future and retrospective transactions at any point in time.
The implications for the digital asset industry are troubling, especially given the recent finalization of Dealer Regulation, which the Blockchain Association and others are challenging in federal court, and even more so if the SEC finalizes the proposed rule that would significantly expand the definition of what constitutes an “exchange”.
If these new rules are maintained, the new “dealers” and “exchanges” will be required to report digital asset user information to the CAT.
This means that unprecedented amounts of cryptocurrency trading data and customer personal information will remain caught in the SEC’s surveillance net. To make matters worse, CAT data is not available only to the SEC and its thousands of employees. Individually identifiable data in CAT is accessible to a network of related government agencies and self-regulating private organizations, without a warrant or reasonable suspicion of wrongdoing. This greatly expands the universe of who could potentially gain access to Americans’ personal financial lives and business activities, all in the name of making the SEC’s job a little easier.
Former Attorney General William Barr recently expressed concern about potential violations of constitutional rights that could occur due to CAT: “The Constitution prohibits mass surveillance of private activities based merely on the possibility that someone might commit a crime… Even when the government seeks information about a citizen… it normally must demonstrate that it is investigating specific alleged wrongdoings.”
However, one searches in vain for a statement from the SEC on how it will respect individual constitutional rights.
Indeed, SEC Commissioner Hester Peirce has been sounding the alarm about the state implications of CAT’s unchecked surveillance for years, explaining that the cost “to freedom and privacy is not worth the purported benefit. After all, monitoring our business behavior it won’t prevent bad events from happening, it will just make it a little easier to understand what happened after the fact.”
In addition to privacy concerns, this database represents the ultimate “honeypot” of information, making it particularly attractive to hackers. Although the SEC recognized this dramatic security risk in a 2020 proposal to improve database security, it has yet to implement changes to CAT that would increase cybersecurity, even though organizations like the Securities Industry and Financial Markets Association (SIFMA) have launched the alarm.
See also: SEC’s Gensler defies solo mission to stop US regulation of cryptocurrencies | Opinion
It is therefore not surprising that the SEC has already been sued twice over its implementation of the CAT database. The American Securities Association and Citadel filed a joint petition with the 11th Circuit in October 2023, and the New Civil Liberties Alliance filed a complaint in the Western District of Texas in April 2024 challenging CAT’s release. While these two lawsuits are perfect examples of why the judiciary is so important in curbing gross government interference, the cryptocurrency world must recognize how antithetical the CAT is to its core ethics and the assumed privacy expectations of all Americans .
Remember, privacy is normal. We should not regress to a social norm in which privacy equals wrongdoing, especially in personal financial matters, lest we move closer to Washington DC, described in the Minority Report. One should not feel as if the government is looking over their shoulder as they complete every personal financial transaction, especially when those transactions may include the disclosure of sensitive information, such as through donations to political causes or payment for medical procedures.
In addition to taking the opportunity to help educate the court as friends in the ongoing lawsuits mentioned above, the crypto community should make our opposition to this latest regulatory overreach known by expressing concerns to elected representatives regarding the CAT. Overly broad financial surveillance regimes like the CAT pose a significant threat to Americans’ constitutional rights and cannot be allowed to pass into law quietly.