The U.S. Court of Appeals for the 5th Circuit has ruled that all cryptocurrency exchanges should allow law enforcement agencies to access the stored private user data without requiring a warrant. That would include platforms like Coinbase, Kraken, Binance, CEX.io, LocalBitcoins, Bitstamp, etc.
The decision came after the review of the “U.S. v. Gratowski” case, where the defendant submitted a motion to suppress evidence obtained without a search warrant. FBI agents utilized an outside service to analyze Bitcoin blockchain data and identify a cluster of addresses that were controlled by a child pornography website. Richard Nikolai Gratowski was downloading content from that website and became the subject of a federal investigation.
So, the court ruled that the agents didn’t even have to secure a warrant against the defendant because cryptocurrency exchanges should be treated no differently than regular banking services. When people use these services, they voluntarily give up private information, which can also become accessible to law enforcement via subpoenas. This is an overly generic assumption, as people are using a large number of third party services today - and this shouldn’t mean that they automatically waive their privacy rights.
Moreover, the decision creates a dangerous precedent for cryptocurrency exchanges, as the law enforcement may now use large numbers of subpoenas to go after private transactions of all kinds. The thing with cryptocurrencies is that they are supposed to cherish privacy and keep the notion at their very core. Otherwise, they’re just like a new type of e-banking platform.
These platforms keep information like Bitcoin blockchain ledgers, pseudonymous addresses, wallet data, email addresses, and maybe also the users’ IP addresses. In some cases, knowing even a part of a Bitcoin address could be enough to track someone down and find out their real identity.
A key element to consider here is that cryptocurrency holders who want real privacy will avoid exchanges entirely, and have been doing so for quite a while now. These platforms are the choice of those who want reliability rather than privacy, so everyone else is forced outside.
This is another example of how a court decision can further push illegal activities into the dark and away from law enforcement’s reach. Crypto exchanges are just intermediaries, and they shouldn’t be forced to deal with a large number of user data requests. With this decision, though, it’s time for these platforms to update their data retention policies, reduce the PII they collect, and become more anonymous in general.