Coinbase has been trending on crypto Twitter all week, but for all the wrong reasons. The #DeleteCoinbase hashtag has circulated on account of the dubious practices of Neutrino, the blockchain surveillance team it acquired. Now, the California-based exchange has bowed to public pressure and severed ties with key members of the Neutrino team.
Coinbase Bows to Public Pressure
Last week, an almighty brouhaha kicked off after it emerged that Coinbase’s latest acquisition, Neutrino, has an extremely shady past. The blockchain surveillance firm’s founders have been pilloried for their previous venture, Hacking Team, which sold software to regimes to spy on dissidents and journalists. On March 5, Coinbase broke its silence and promised to take action over the escalating crisis that has threatened to permanently dent its reputation. In a blog post titled “Living up to our values and the Neutrino acquisition,” Coinbase CEO Brian Armstrong conceded that “we had a gap in our diligence process,” when it came to vetting Neutrino. He added:
While we looked hard at the technology and security of the Neutrino product, we did not properly evaluate everything from the perspective of our mission and values as a crypto company. We took some time to dig further into this over the past week, and together with the Neutrino team have come to an agreement: those who previously worked at Hacking Team (despite the fact that they have no current affiliation with Hacking Team), will transition out of Coinbase.
Crypto Luminaries Weigh in Over Data-Sharing Furor
While Armstrong’s statement has quenched some of the fires that were threatening to engulf Coinbase HQ, one matter his blog post didn’t touch upon was data-sharing concerns pertaining to Neutrino’s predecessor. On that front, Coinbase has achieved a rare feat in uniting voices from across the cryptocurrency spectrum this week. Thought leaders, developers and commenters have universally condemned the San Francisco-headquartered exchange after it emerged that a former partner had shared customer data with third parties.
In seeking to justify its acquisition of Neutrino, Coinbase executive Christine Sandler caused further controversy by confessing: “It was important for us to migrate away from our current [compliance] providers. They were selling client data to outside sources and it was compelling for us to get control over that and have proprietary technology that we could leverage to keep the data safe and protect our clients.”
This admission sparked debate on crypto Twitter, with Jill Carlson asking Coinbase CEO Brian Armstrong for “clarity” over the matter. “I consented to Coinbase collecting my data for KYC/AML purposes,” she wrote. “I did not knowingly consent to Coinbase collecting my data to sell to other parties.” Nick Szabo seemed more resigned to the practice, pointing out that “Once they [Coinbase] have collected the legally required info it’s very useful for them, and extremely easy (indeed hard to avoid) to share it with their contractors, who share it in turn, etc., and it’s soon out of control, regardless of what money changed hands.”
KYC and AML Is an Accident Waiting to Happen
Until Coinbase expounds on the matter, it is impossible to determine precisely which data was resold by its former partner, and whether it included sensitive customer details. One reason why the story has resonated within the cryptosphere, however, is because it taps into growing resentment and distrust of enforced KYC. Customers are obliged to give up deeply personal information including payslips, bank statements, passport scans and selfies, and then to rely on the service provider not to lose or abuse it. Data from various cryptocurrency exchanges has been known to turn up on the darknet, where it’s been offered to the highest bidder. Meanwhile, Facebook continues digging itself deeper into a data-leaking hole.
“The story is not that one particular exchange continues to make deals with folks who are completely antithetical to permissionless value transfer,” tweeted Ciphrex CEO Eric Lombrozo, chiming in on the latest Coinbase revelations, “but that many people consider this to be normal and “just how business is done.”” He continued:
We must apply for permission to move our own money (by filling out forms with private, sensitive information). Yet the people to whom we give this information have no qualms about selling our personal information to others without our permission.
Meanwhile, Kraken CEO Jess Powell has shared his thoughts on Neutrino, Coinbase’s appointed successors to the unnamed firm that was leaking customer data. His verdict adds weight to the notion that the new bosses of Coinbase’s customer data are no better than the last.
I asked our Compliance team what they thought of Neutrino. Fortunately, they’d just completed an evaluation. Neutrino came in last place on product (out of the 5) but was disqualified anyway due to the risks. However, other factors are important in M&A: cost, culture fit. pic.twitter.com/kiYh11GEBc
— Jesse Powell (@jespow) March 3, 2019
What are your thoughts on the Coinbase data-sharing debate? Let us know in the comments section below.
Images courtesy of Shutterstock.
Need to calculate your bitcoin holdings? Check our tools section.