Response to Bruce Schneier on trust, privacy, and bitcoin • Tony Klausing

Bruce Schneier has written a formidable screed arguing against the usefulness of blockchain technology and cryptocurrencies in Wired magazine, “There’s No Good Reason to Trust Blockchain Technology”. This is significant coming from Schneier, who has literally written the textbook on Applied Cryptography and has written more than a dozen books on data privacy and cybersecurity.

In this essay, I will respond to a few of his remarks on the subject and try to point out where I think he is mistaken. First, he is incorrect in assuming that only speculators will want to use bitcoin. Second, he is too uncritical of the implications, seen and unseen, of the government monopoly on the supply of money and the related close binding of finance to government. Third, he underappreciates censorship-resistant money to protect the general populace against tyrannical instrusions on privacy, or at minimum, preserve the maintenance of basic privacy in the realm of online financial transactions. Fourth and finally, he assumes that some of the problems bitcoin faces – such as the difficulty of safeguarding private keys – will continue to be as burdensome in the future as it is today.

Schneier does not mince words in his lambasting of the blockchain, especially with regard to enterprise applications: “Private blockchains are completely uninteresting,” he says, and are, essentially, “not anything new.” He goes on to say that “they’re distributed append-only data structures with a list of individuals authorized to add to it.” Having disregarded private blockchain implementations, Schneier then asks whether any hypothetical use-case actually for this complex and weird technology actually need a public blockchain, like on on Ethereum or bitcoin. He concludes:

The answer is almost certainly no. A blockchain probably doesn’t solve the security problems you think it solves. The security problems it solves are probably not the ones you have. (Manipulating audit data is probably not your major security risk.) A false trust in blockchain can itself be a security risk. The inefficiencies, especially in scaling, are probably not worth it. I have looked at many blockchain applications, and all of them could achieve the same security properties without using a blockchain.

Once the hype dies down, Schneier says, we will return to the more fundamental questions of how to maintain consensus among distributed participants, with or without a blockchain.

I agree with Schneier, on the whole. The essay is good and provocative; read it. But I did raise both eyebrows when he goes on to say that “Honestly, cryptocurrencies are useless,” and then proceeds to list a few great use-cases: “They’re only used by speculators looking for quick riches, people who don’t like government-backed currencies, and criminals who want a black-market way to exchange money.”

Schneier is a thourough thinker, but here he comes across as too dismissive. Could it be true that those three groups are the only users of bitcoin? There is no one amongst the millions of owners of bitcoin across the globe who are simply intellectually curious? And, by the way, what investor wouldn’t be pleased with quick riches? Schneier’s juvenile assertion that cryptocurrencies are “useless” reminds me of the old fogey who thought the internet was a fad in the 90s after the dot com stocks suffered an 80% drop. Indeed, the three user groups Schneier mentions above – those who want to invest in bitcoin, those who are skeptical about government-backed currencies, and those who use bitcoin for its censorship-resistant properties – seem to me to be three perfectly fine and reasonable user groups when properly appreciated. Why dismiss them? Let’s consider each group in turn.

The first group, those whom Schneier uncharitably calls “speculators,” are those who buy bitcoin for its store-of-value and for speculative purposes. This group reminds me of the fine art market. Picassos, for example, have proved to be good investments over the decades, butt in one sense Picassos are useless. I can’t cook eggs on them. They make for flimsy workbenches and provide minimal heat. Nonetheless, people across decades have decided to shell out tens of millions for them. Shame on them, some may say, to waste money on a jumble of paint. Bitcoin, like Picassos, has also proven on the whole to be a good investment, and seems to me to be more useful than fine art. Sure, a Picasso is a store of value and a status symbol, but I can program bitcoin and send it through the troposphere in milliseconds. Both bitcoin and Picassos could plummet in value; both may be worthless by the time you are reading this essay. But who besides an all-knowing king should get to say they are useless?

Likewise we should not immediately castigate the second user group, those who Schneir says “don’t like government-backed currencies.” Are these people such nutcases? History provides us with ample evidence to examine with healthy skepticism on the soundness of government-backed money. Shall I enumerate the cases of fiscal deficits, followed by monetary inflation? Look, most recently to the years following the financial crisis of 2008, when central banks across the world made trillions appear—like endless rabbits out of hats—on their balance sheets as a matter of national policy. Perhaps, as Ben Bernanke might claim in his memoir, The Courage to Act, this courage saved Western civilization. Many smart people think so, and it’s hard for me to doubt them. But perhaps it was also a symptom of the mutual back-scratching financial elite, where profits are personalized but losses nationalized. Either way, given that reasonable minds can disagree about the optimal way to pipe money across the financial system, is it so “useless” to try to experiment in the realm of money and payments, when experimentation has to-date been squelched, and where may even realize outsized benefits down the line?

Finally, there is this third group, those whom Schneier call “criminals,” who may wish to transact anonymously. Schneier has argued repeatedly for data privacy, and so he of all writers should know that it is not just criminals who may want financial privacy. There are many problems with the way we do privacy in the world of payments and finance. Is it right, for example, that when I buy an e-book, the seller should get my physical address? Or that when I buy a burrito and pay with my credit card, the merchant should know my full name? Or that when I buy something someone else may frown upon—-the something need not even be illegal—-that I might want some extra privacy in my transaction? Recall that behavior once punishable by jail time or worse can within a matter of years become socially acceptable and legal: encryption software, alcohol, cannabis, and homosexuality all come to mind. Another use-case of anonymous transactions is for donations and gifting.

Schneier righly suggests in the essay that ultimately trust “can’t be replaced by algorithms and protocols. It’s much more social than that.” This seems to be his chief criticism of the blockchain utopians. He is undoubtedly correct. “People still need to be in charge,” he writes, “and there is always a need for governance outside the system.” No doubt. Only humans can plug in computers, come up with new ideas, and give meaning and value to new things. Only humans can put other humans in jail. But no thoughtful person would think otherwise. Trust and track records and norms and reputation are all still important; what morons are arguing against this? “You still have to trust bitcoin—and everything about it,” Schneier writes. No doubt this too is correct, but with a 10-year track record of 99%+ uptime, the remarkable security of elliptic curve cryptography, and virtually no double-spends, what further level of technological trust must bitcoin overcome?

One area Schneier very rightly points out that is lacking good trust solutions is private key custody, a huge pain point for users. Billions of dollars have been lost because of lost private keys, sadly and irrevocably. In this respect, bitcoin is much worse than, say, gold: it’s easier to lose bitcoin forever. But on this point, especially, Schneier misses the underlying point. To have truly programmable money, not PayPal programmable money, which is in fact hardly programmable, at root the money must be binary: you either have it or you don’t. Otherwise, there is a back door a la PayPal chargebacks, for example, and the system is not scalable or secure or programmable or interesting. Bitcoin has no customer service phone number; this is intentional, a feature not a bug. If it has a customer service phone number, then it wouldn’t be bitcoin. Further, I think that the private key custody problems found in bitcoin can be solved over the long term. But without the binary, dumb, and absolute foundation, it cannot truly be peer-to-peer programmable e-cash.

Mr. Schneier has consistently and ardently defended of human privacy and civil rights through the decades. He most recently lambasted the obvious fraud and lack of clarity of thinking going on in the blockchain space. But he has also called, for example, for Congress to enact widespread regulations on the use of data by tech companies. I sense two competing visions at play here. Schneier, the conservative, sees progress in the area of data privacy coming primarily through reactionary responses to technology he sees as oppressive. He’s correct that if we do not preserve the notion of privacy, there may be some terrible social consequences. But he does not respect that culture and mores can change. Our great-grandchildren will think drastically different about privacy, just as we think drastically differnt about many things from our great-grandparents. Our great-grandchildren may also think drastically differently about money. Given the three potential use-cases above, perhaps Schneier ought to take more of a wait-and-see approach to both.