The U.S. Court of Appeals has ruled that there is no Fourth Amendment expectation of privacy in either the user information stored on exchanges like Coinbase, or the information stored on the blockchain.
The developments come in a judgment given in the United States of America v Gratkowski. Richard Gratkowski is accused of purchasing child pornography online using BTC.
The FBI identified a cluster of BTC addresses used by the dark web site and then subpoenaed exchange platform Coinbase for a list of Coinbase customers whose accounts had sent BTC to addresses in that cluster. The information obtained by the subpoena was then used to obtain a search warrant for Gratkowski’s house, where agents found a hard drive containing child pornography.
After his arrest and in the run-up to trial, Gratkowski argued that he had a reasonable expectation of privacy in both his Coinbase transactions and the data stored on the blockchain. Therefore, the search was in violation of the Fourth Amendment prohibiting unreasonable search and seizures.
The Fourth Amendment and the third-party doctrine
Generally, the Fourth Amendment protection from unreasonable searches will be found to be violated if the person had a reasonable expectation of privacy regarding the items at issue.
This is qualified further by what’s known as the third party doctrine, which was confirmed by the Supreme Court in United States v Miller and Smith v Maryland, and which holds that there will be no legitimate expectation of privacy in information voluntarily turned over to third parties.
The Miller case held that the doctrine applies to bank records. The Smith case concerned an individual’s privacy in a pen register—a device which records the telephone numbers dialed on a particular phone. The register was installed by the police. Because the numbers were being voluntarily provided to the phone company anyway, the majority of the Supreme Court found that there was no legitimate expectation of privacy.
Clearly, the world has moved on from landlines and is beginning to move away from traditional financial institutions, and so it has been long overdue to see the application of the Fourth Amendment and the third-party doctrine to a case involving more modern technology.
Carpenter v United States was heard by the Supreme Court in 2018, and there it was held that the third-party doctrine did not apply to cellphone location records on the basis of the information given: cellphone location records provide an ‘all-encompassing’ and ‘intimate window into a person’s life, not only [an individual’s] particular movements, but through them [their] familial, political, professional, religious and sexual associations.’
It is on this point that they distinguished the facts from those of Miller and Smith—simply call logs do not reveal much in the way of identifying information. The fact that owning a cellphone is an indispensable part of daily life and that the location data did not require any positive act on the part of the user was also influential.
Coinbase, blockchain and Gratkowski
So how does this apply to information held on the blockchain?
The Court in the Gratkowski case felt that records held on the BTC blockchain was closer to the bank records in Miller and call logs in Smith than it was to the location data in Carpenter. As with the call logs, the information provided on the blockchain is limited to the amount transferred and the sender and recipient—certainly not the ‘all encompassing’ nature of cellphone location records.
Further, transferring digital currency requires a positive act on the part of the user—not the ambient transmission of data as in Carpenter.
The Court found similarly on the Coinbase information. Like the banks in Miller, Coinbase is a financial institution—the difference between Coinbase and the banks at issue in Miller is the currency being transacted, according to the Court. They’re still dealing in the same information as a bank, falling far short of the ‘all-encompassing’ information being transmitted in Carpenter, and like in Miller, the transmission of the information to Coinbase was done voluntarily and via a positive action.
The Court did briefly address the unique characteristics of trading on the blockchain, acknowledging that BTC users do have more avenues of privacy available to them than a traditional transaction done through an intermediary might be. Ultimately, however, the Court felt that the use of Coinbase was a voluntary sacrifice in privacy and as such did not give rise to a reasonable expectation of privacy.
The nature of information transmitted to sites like Coinbase or shared on the blockchain isn’t changing any time soon, so for now, Gratkowski is the authority on the applicability of the Fourth Amendment to those circumstances.
However, the reasoning in Carpenter may still yet be applicable to cases similar to Gratkowski. In Carpenter, the ubiquity of cellphone use meant that the information that is necessarily collected and transmitted through cellphone use can’t be said to have been voluntarily handed over to a third party.
It’s worth noting that blockchain is public, while identity information on exchanges is third party information. Bitcoin allows all the use cases of physical cash and beats systems such as debit cards hands down, but it is designed to allow privacy not anonymity; only cash uses retain privacy but even these will allow law enforcement to act on child porn cases. Bitcoin—now only BSV but of which BTC has some similarities still in its tracing abilities—was never designed for anonymous criminal activity.
Digital assets are certainly nowhere near as ubiquitous as cellphones, but on their current trajectory, they will reach that point eventually. Whether they will become ubiquitous enough for the Court to place the likes of Gratkowski in the same box as Carpenter remains to be seen.
New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.