Privacy and CBDCs - DEA Working Group Paper

Privacy is regarded as a crucial factor in the investigation and development of Central Bank Digital Currencies (CBDC) and is therefore thoroughly researched by monetary authorities, academia, and the private sector. Academic research indicates that CBDC transactions may involve processing significant amounts of identity and transaction-related information (Lee et al., 2021), raising privacy concerns for future users. While there exist countless definitions for privacy, such as “the right to be left alone” (Warren and Brandeis, 1890), in this document, the definition of Nissenbaum (2010) - “the appropriate flow of information” - will be followed.

There is preliminary evidence that suggests that the level of privacy associated with CBDC use will be a key determinant of CBDC adoption and usage. In 2021, the European Central Bank (ECB) issued a report on the public consultation on a digital euro that included 8221 respondents. The report revealed that privacy was the most important feature required by individuals although results varied depending on the country analysed. Nonetheless - on average - privacy was ranked higher than all other features such as security or usability (ECB, 2021). Other central banks have also actively discussed privacy in the development of CBDCs, with a myriad of potential solutions being proposed. For example, the Bank of Canada notes that a decision on the level of privacy that a CBDC might possess is a crucial public policy issue. It adds that a CBDC could be designed to implement a form of privacy rather than cash-like anonymity, allowing it to satisfy anti-money laundering (AML), combating the financing of terrorism (CFT), and other regulations that require disclosure of certain levels of private information (Bank of Canada, 2020). Even the digital yuan - the Chinese CBDC - has included levels of privacy in its pilot and has tiered privacy to balance, transfer and activity limits. It presents five levels, two of which do not require a user's identity, but rather just a phone number or email address. Therefore, there isn't a one-size-fits-all privacy design for CBDCs and there are factors affecting privacy (such as regulation) that extend beyond the central bank’s remit or control.

Academic research has also confirmed the importance of privacy for individuals on a hypothetical digital euro in qualitative research with experts and non-experts from Europe (Tronnier and Biker, 2022). The results of the research indicate the crucial role of trust in central banks and the significant negative effect that privacy concerns may have on the intention to adopt and use a CBDC. To mitigate these concerns, technological solutions are currently being discussed and piloted to ensure privacy protection in CBDC payments (Gross et al., 2021; Chaum and Moser, 2022).

In this document, we aim to follow the call of the European Data Protection Board (EDPB, 2022) to shape the public debate on the topic of privacy by providing an overview of privacy in CBDC development and use. To this end, we discuss the possible degrees of privacy in CBDC payments, the relevant actors, technologies, and concerns regarding regulation. The paper concludes with a set of well-considered, actionable recommendations for ensuring privacy in CBDCs.

Download the full paper here (pdf, 10 pages, 3mb).