IDwise blog

Paying cash is outdated. Within a couple of years all our payments will be handled electronically. Convenient, but also yet another blow to our privacy. That is the gist of a blog post (in Dutch) by Pieter Stuurman. But is he right? Well, yes and no…

Yes. For even though we leave our personal data with ever more shops, and there are ever more security camera’s surveilling the places where we pay, paying cash is still more or less anonymous. When in a while we pay with our debit and credit cards everywhere, we will have lost that anonymity. That does not necessarily have dramatic consequences for our privacy, though.

First of all, there is always still the chipknip (Dutch chipcard e-wallet, cf. Mondex). Sure, loading it can be traced by the bank, but paying with the chipknip is anonymous. There even exists a completely anonymous prepaid chipknip. Especially for smaller payments where privacy is important that is a fine solution. A condition for this is of course that banks do not – for instance under pressure of the government or of international standardization – cross anonymity out of the chipknip protocol.

Secondly, although it may be true that our data are recorded, that does not imply that they will automatically be accessible just anywhere to just anyone. The bank may obtain an overview of how much money we spend in which places, but which products or services we buy with it is in principle only known to the individual shop owners. There are legal restrictions on their disclosure of this data to others.

Finally, the assumption that electronic payments are by definition harmful to our privacy is incorrect. Also without using a chipknip electronic payments can in theory be performed on an anonymous basis just fine. The required techniques and protocols were developed by US mathematician David Chaum over a quarter century ago. Unfortunately he failed to successfully bring these techniques to market. Of course the infrastructure for electronic payments will not be spontaneously redesigned along these lines, but perhaps there are banks that spot a competitive edge here as consumer privacy worries are back on the rise. The most important question may be whether standards for handling electronic payments allow for the use of techniques for anonymous payments – which of course they should. Incidentally, Chaum’s techniques – as further developed by, above all, Stefan Brands – are witnessing a comeback as anonymous credentials.

So no, the predicted end of cash payments in theory need not be seriously detrimental to our privacy. But it is what may very well happen in practice just like that. And the way in which things move is not so much a matter of techical possibilities and inevitabilities, but much more of choices made by the companies, government bodies and other organizations involved. And therefore also of the influence you and I try to exert on them.

This entry was posted on Wednesday, January 6th, 2010 at 14:16 and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.