Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Central Bank Digital Currencies: Where is the Privacy, Technology, and Anonymity?

Jeff Nijsse, Andrea Pinto

TL;DR

A comprehensive definition for privacy is proposed that is mapped to the cryptographic landscape for feature implementation and shows that comprehensive privacy can be designed in the proposal stage, but that privacy does not reach the launched version of the CBDC.

Abstract

In an age of financial system digitisation and the increasing adoption of digital currencies, Central Bank Digital Currencies (CBDCs) have emerged as a focal point for technological innovation. Privacy compliance has become a key factor in the successful design of CBDCs, extending beyond technical requirements to influence legal requirements, user trust, and security considerations. Implementing Privacy-Enhancing Technologies (PETs) in CBDCs requires an interdisciplinary approach, however, the lack of a common understanding of privacy and the essential technological characteristics restricts progress. This work investigates: (1) How privacy can be defined within the framework of CBDCs and what implications does this definition have for CBDCs design? and (2) Which PETs can be employed to enhance privacy in CBDC design? We propose a comprehensive definition for privacy that is mapped to the cryptographic landscape for feature implementation. The research is validated against case studies from 20 current CBDCs. The study shows that comprehensive privacy can be designed in the proposal stage, but that privacy does not reach the launched version of the CBDC.

Central Bank Digital Currencies: Where is the Privacy, Technology, and Anonymity?

TL;DR

A comprehensive definition for privacy is proposed that is mapped to the cryptographic landscape for feature implementation and shows that comprehensive privacy can be designed in the proposal stage, but that privacy does not reach the launched version of the CBDC.

Abstract

In an age of financial system digitisation and the increasing adoption of digital currencies, Central Bank Digital Currencies (CBDCs) have emerged as a focal point for technological innovation. Privacy compliance has become a key factor in the successful design of CBDCs, extending beyond technical requirements to influence legal requirements, user trust, and security considerations. Implementing Privacy-Enhancing Technologies (PETs) in CBDCs requires an interdisciplinary approach, however, the lack of a common understanding of privacy and the essential technological characteristics restricts progress. This work investigates: (1) How privacy can be defined within the framework of CBDCs and what implications does this definition have for CBDCs design? and (2) Which PETs can be employed to enhance privacy in CBDC design? We propose a comprehensive definition for privacy that is mapped to the cryptographic landscape for feature implementation. The research is validated against case studies from 20 current CBDCs. The study shows that comprehensive privacy can be designed in the proposal stage, but that privacy does not reach the launched version of the CBDC.
Paper Structure (31 sections, 7 figures, 1 table)

This paper contains 31 sections, 7 figures, 1 table.

Table of Contents

  1. Introduction
  2. Methodology
  3. Problem Identification
  4. Define objectives of the solution
  5. Design and development of the artefact
  6. Demonstration
  7. Evaluation and Communication
  8. Privacy
  9. An Absence of Privacy Definitions
  10. Essential Privacy Concepts
  11. Stakeholders in the design of CBDCs
  12. A Definition of Privacy in the Context of CBDCs
  13. Privacy Enhancing Technology
  14. Encryption
  15. Digital Signatures
  16. ...and 16 more sections

Figures (7)

  • Figure 1: Four main trends emerge in the literature defining privacy. The strongest trend is an absence of a privacy definition found in 33 of 67 papers, followed by a focus on three perspectives: the technological perspective, legal perspective, and transactional perspective.
  • Figure 2: Privacy related concepts in the context of CBDCs design. The concepts most frequently associated with privacy, listed in descending order, include: performance, regulatory compliance, anonymity, security/cybersecurity, and data management.
  • Figure 3: Histogram showing the stakeholders in CBDC privacy. The most important stakeholders are customers, followed by financial regulations or auditing institutions. The counts are not mutually exclusive.
  • Figure 4: Privacy defined in the context of a CBDC that integrates the three perspectives of the transactional, legal, and technological.
  • Figure 5: Histogram of Privacy-Enhancing Technology as applied to CBDCs derived from the literature involves applying traditional cryptographic methods but also suggests privacy can be met by applying blockchain technology. Digital identity and secure hardware form and a minority of applications. The counts are not mutually exclusive.
  • ...and 2 more figures