Central Banks Struggle With Privacy-Related CBDC Headaches

Source: Adobe/iaremenko

 

As a number of countries across the globe are working on developing their respective central bank digital currencies (CBDCs), ensuring a separation between identity and transaction data could produce a better environment for privacy protection and could lead to public confidence and trust in using CBDCs, according to a recent paper released by the Bank for International Settlements (BIS).

The report is based on interviews that the BIS and the World Bank held with nine central banks exploring retail CBDCs and financial inclusion. These included the Central Bank of The Bahamas, Bank of Canada, People’s Bank of China (PBoC), Eastern Caribbean Central Bank, Bank of Ghana, Central Bank of Malaysia, The Philippines' Bangko Sentral ng Pilipinas, National Bank of Ukraine, and the Central Bank of Uruguay.

The paper points to the example of China and its CBDC project, saying that the country’s recent issuance of the personal data protection law puts more emphasis on data protection. The digital yuan, or e-CNY, is fitted with a tiered wallet design which allows the lowest category wallets to be anonymous with only phone numbers required, according to the report.

The PBoC "has noted that users’ personal information will not be shared with commercial banks or the central bank by the telecom operators," the bank said. 

It further claimed that "payments can be done with tokenized 'sub-wallets' pushed to e-commerce platforms and other online-to-offline platforms, while ensuring these platforms will have no access to the personal information."

In addition to this, the PBoC claims that it has set up an information firewall, and that it strictly enforces information security and privacy protocols. These are said to include: appointing responsible persons for the system’s maintenance, setting up internal barriers to data use, applying a tiered authorization system, establishing checks and balances, and performing internal audits. 

These measures are designed to ensure that arbitrary information requests and use are prevented, the BIS said.

At the same time, the BIS cautions that establishing very far-reaching data privacy and data protection could trigger risks related to money laundering and terrorist financing.

The interviewed representatives of central banks recognize “this risk and the importance of AML/CFT [Anti-Money Laundering/Combating the Financing of Terrorism] measures without sacrificing their financial inclusion objectives” and “are planning to put in place differentiated limits on CBDC balances or transactions, with the lowest limit (i.e. those intended for financial inclusion purposes) subject to” simplified due diligence (SDD) requirements, according to the bank.

With the above in mind, the interviewed central banks acknowledged that relevant thematic laws and regulations, including those related to data privacy, among others, may need to be re-examined to assess their continued relevance within the context of CBDCs, the paper states.

Headquartered in Basel, Switzerland, the BIS says it is jointly owned by the world’s 62 central banks, representing countries that together represent some 95% of the global gross domestic product (GDP).

____

Learn more:
- Work on a Multi-CBDC Platform Has Revealed ‘More Questions Than Answers’ – BIS
- The Prospects, Possibilities, and Dangers of CBDCs

- Russia Sanctions May Lead More Countries To Consider CBDCs, Ex-Central Banker Says
- Here's How You Can Help Shape Digital Euro

- DeFi Could Rely On CBDC, But More Bridges With Centralized Finance Are Needed - Expert Panel
- DeFi ‘Crucial’ for Financial Inclusion, CBDCs Still Welcome Despite Being Centralized

- WeChat Pay to Offer Digital Yuan Payment Options as China’s CBDC Pilot Expands
- UnionPay Launches Self-service Platform for Merchants to Add Digital Yuan Pay Options