SDNY vs. The Technological Facts Appendix
In a recent filing in the criminal trial against Tornado Cash developer Roman Storm, the US Government has informed the court that for something to be private, it doesn't have to give you privacy.
Two weeks ago, the Southern District of New York held a hearing on whether Tornado Cash developer Roman Storm may be acquitted, and if the remaining two charges may proceed to a retrial after the Government failed to secure a conviction last August.
The Government and the defense, once again, debated whether the Tornado Cash software transmitted user funds, as well as whether Roman Storm was able to control the code. At the time, the defense had informed the prosecution that it had provided the Government with a Technological Facts Appendix (TFA) on Tornado Cash: a glossary of basic terms, such as why Tornado Cash is deemed non-custodial, or why Tornado Cash could not block transactions.
The Government has now informed the court that it believes that the defense's TFA is wrong. While the letter does not address the issues in substance, it instead made a much broader claim: that for something to be private, it doesn't have to give you privacy.
L0la L33tz
Redefining Privacy
At trial, Government expert witness Philip Werlau had testified that Storm could have implemented a user registry in Tornado Cash, to internally track whose funds belonged to whom. This, of course, would destroy the privacy the protocol was built to protect, the defense argued – making reference to the First Amendment, under which the Government would have criminalized the writing of an entire type of software.
That Mr. Werlau's proposal would destroy privacy, SDNY now argues, "is not a fact—it is an argument. Nor is it undisputed—the evidence at trial easily supports the reasonable inference that Mr. Werlau’s testimony about the potential to collect limited user information was entirely consistent with preserving privacy interests," adding that Mr. Werlau had testified that a user registry could be implemented while maintaining privacy.
"There is a difference between protecting privacy and providing anonymity to facilitate money laundering," SDNY says. "The defendant at trial sought to conflate those matters and does so again in the proposed Appendix."
Further, SDNY argues, "there was ample evidence at trial supporting the commonsense view that they are quite distinct, and that privacy can be protected without providing anonymity that purposefully facilitates evasion of law," adding that "the Appendix is replete with statements that similarly reflect a clearly incomplete view of the trial evidence or fail to identify and credit inferences the jury may have drawn in the Government’s favor, and therefore should be disregarded."
To understand this claim, we must look at the very definition of privacy. According to the Oxford Dictionary, something is private when it is "not for people in general or for others to know about," adding as a secondary definition that information specifically is private "that you do not want other people to know about." A synonym of the term "private," according to the Oxford Dictionary, is for example the word "secret".
Those who have spent some time in the cryptocurrency space may now suggest that Eric Hughes, in the Cypherpunk Manifesto, did indeed make a distinction between privacy and secrecy – though this is arguably not one that would serve the Government's argumentation any better.
"Privacy is not secrecy," Hughes wrote in 1993, rather defining it as "the ability to selectively reveal oneself to the world." The emphasis here, of course, lies on the user's agency: for something to be private it must be protected from the view of others at a baseline, only to then be – potentially – volunteered.
A compliance registry sitting between you and "your privacy" thereby negates this basic premise, akin to claiming that your DMs on Facebook underlie any presumption of privacy just because they are not posted on your public timeline, while Facebook itself, advertisers, and even the Government, are free to keyword search your conversations without your immediate knowledge or explicit consent – which is given by using a platform which does not advertise itself to provide privacy at all, for the mere fact that it doesn't.
Independent journalism does not finance itself. If you enjoyed this article, please consider making a donation. If you would like to note a correction to this article, please email corrections@therage.co
