Don't trust Facebook's Libra cryptocurrency, boffins warn: Zuck & Co know that hash is king
It's not about the money, it's about the identifiers
Analysis Facebook's proposed digital currency Libra, and its accompanying digital wallet Calibra, should be scrutinized not only by financial regulators – as lawmakers in the US and Europe have already started to do – but by national entities concerned with law, public safety and defense.
The reason for that, argue Valerie Khan, VP of the Digital Equity Association, and Geoffrey Goodell, senior research associate at University College London's Centre for Blockchain Technologies, is that Facebook is interested not in finance but identity.
Their opinion paper, "Libra: Is It Really About Money?", answers the question posed by its title with the assertion that Facebook's ulterior motive is to become the world's digital identity provider.
Pointing to the classic 1993 New Yorker cartoon captioned, "On the internet, no one knows you're a dog," the two authors contend that being able to accurately identity people online would have enormous financial consequences and would be particularly interesting to an advertising company like Facebook.
Facebook has positioned Libra as solely a financial endeavor, but the project has implications in every aspect of civil and social life where reputation matters, the academics argue. Digital identity currently tends to be fragmented, distributed across different websites and embodied by separate sets of login names, HTTP cookies, and tokens.
Advertising and data companies like Facebook strive to unite these identities to track people across websites by correlating different data, though such efforts can be undermined by technological countermeasures and actions taken in the pursuit of privacy. Libra, or more specifically Calibra – the wallet tied to the individual – represents a way for Facebook to dissolve public and private boundaries to create "transparent citizens."
"Allowing Facebook to become a crucial player in digital identity for the financial sector will enable it to tighten the knot on the ‘transparent citizen’ (Reidenberg, 2015) by accessing a strong bastion of meaningful data," they write. "It will also allow everyone else to purchase the means to manipulate Facebook users, perhaps in pursuit of their respective advertising ideas – some harmless, some of corrupting influence."
Such transparency – seeing everything – challenges democratic institutions and norms, argued Joel Reidenberg, a Fordham University law professor, in his 2015 paper, "The Transparent Citizen." China's social credit system and its role as a political control mechanism offers an example of how such transparency can be exploited.
Khan and Goodell note that there's no expectation Libra transactions would be private – blockchain transactions are public, after all – and to appease regulators and lawmakers, Facebook can be expected make its platform a robust surveillance system.
They point to Facebook's 2010 acquisition of a Friendster patent, which covers giving creditors access to social media profiles to assess loans, as a sign of where the company is headed.
Facebook's Libra is a terrorist's best friend, thunders US Treasury: Crypto-coins dubbed 'national security risk'READ MORE
Parallel efforts to define digital identity are underway. The authors point to the past initiatives of the founding members of the Libra consortium, like Mastercard, Visa and PayPal. They note that Microsoft is launching a decentralized identity infrastructure called ION (to say nothing of its failed Hailstorm project), in conjunction with a separate consortium called DIF, the Digital Identity Foundation. The W3C is exploring this too in its Decentralized Identifiers (DIDs) spec.
The authors worry that Facebook plans to assure Libra's success by relying on the distribution power it has to reach 2.5 billion users across its various social media and messaging properties. And they insist that if regulators allow a private advertising company to become the gatekeeper for most online services - using standards and policies it has written for its own benefit - the results will be disastrous.
"Handing this right over to a handful of selected private partners with a revenue-driven target could lead to biased decision-making and illegitimate gatekeepers for the sharing of information, a mechanism for using incentives, punishments, temptation, and fear to control the behaviours of populations, cheaply and at scale: a mix of Huxley’s Brave New World and Orwell’s 1984," they write.
An association of 100 or so members beholden to Facebook, a company with "a shady history of securing people's data," they say, "sounds like a charade." ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Federal government of the United States
- Government of the United Kingdom
- Identity Theft
- Kenna Security
- Max Schrems
- Palo Alto Networks
- Trusted Platform Module
- Zero trust