The past year has not been a happy one for Russian-American relations, deteriorating over military action in Syria and questions over alleged interference in the US election.
In a rare show of unity, though, they have both vying to extradite the same man. Alexander Vinnik, a 38-year-old Russian, is accused of multiple fraud offences in both jurisdictions, conducted through online marketplaces for cryptocurrencies – especially bitcoin.
A Greek court last month cleared the way for him to be extradited to either jurisdiction, although a Supreme Court case is pending and the final decision will rest with the Greek justice minister.
If the extradition goes through, it will be another prosecution where cryptocurrencies feature prominently in the list of indictments. Hailed by advocates as true fiat currencies free of state control, cryptocurrencies typically work through the ‘blockchain’, a distributed network of ‘wallets’.
All of these wallets – which need not have a name attached – keep track of transactions, using advanced cryptographic mathematics to ensure that these records are unalterable by malefactors in the process, while also permitting anonymity for the holders of the wallets.
The above is a hugely simplified version of the principle, which uses a great deal of specialised language only comprehensible to mathematicians and computer science graduates.
Small wonder then that the cryptocurrency boom has, like almost all historic booms, been subject to rampant fraud of gullible people who do not understand the technology.
An article in The Atlantic suggests that some purported cryptocurrencies are nothing of the sort, and simply represented an old-fashioned boiler-room scam – or worse, a Ponzi scheme.
A few days before Vinnik’s arrest, Switzerland’s Financial Markets Authority launched an investigation into a several fake cryptocurrencies, and warned consumers of the growing trend.
Worse still are the exchanges for genuine cryptocurrency whose operations suddenly cease and whose operators disappear, as happened to the famous Mt. Gox exchange in 2014.
As soon as the private key to someone’s ‘wallet’ is stolen, the thief has complete access to their currency – and can spirit them away without trace, as happened at Mt. Gox.
Thousands of bitcoins, the first and most famous cryptocurrency, worth up to half a billion US dollars were stolen from Mt. Gox. Their whereabouts form part of the indictment against Vinnik; US authorities allege he laundered them.
Inherently untraceable, impervious to fraud: it is no wonder cryptocurrencies have made online crime dramatically more feasible and regular. Since every user of a blockchain network is known only by their public key, rather than a name, the technology flies in the face of standard AML/KYC regulation.
As a result, bitcoin is instrumental to payment for mass illicit activity such as drug sales on the ‘Silk Road’ marketplace, as well as worldwide ransomware attacks such as the WannaCry attack in May.
The main part of Vinnik’s indictment relates to his alleged running of the BTC-e exchange, which (according to Google research) hosted 95% of ransomware payouts before it closed following his arrest.
The Vinnik indictment indicates some novel ways in which authorities might deal with the problem. Among the American charges levied against him is ‘conducting an unlicensed and unregulated money transmitter service’.
This is a charge which was initially formulated to deal with unlicensed wire transfer services but which has seen greater application against cryptocurrencies in the last few years after a series of court decisions confirmed the principle could be so applied. Looking back at the collapse of Mt. Gox, Professor Emin Gun Sirer of Cornell University told
The Verge that the increased prosecutorial interest in cryptocurrency and crimes adjacent to it will cause exchanges to go one of two ways.
“Either they will clean their act, by first shopping for the most lenient jurisdictions and complying with relevant KYC/AML laws, or they’ll go ‘fully underground,’ and operate with no rules,” he said. In other words, the industry is likely to divide between licensed, regulated, open-access exchanges registered with national financial regulators on the one hand and illicit Dark Web outlets on the other.
It is this latter possibility that most worries law enforcement.
The ‘Dark Web’ offers a shield to illicit activity, such as the sales on the Silk Road, by relaying internet activity through thousands of relays and encrypting it along the way.
It is possible, though difficult, for investigators to breach this system – the largest Dark Web marketplace, AlphaBay, was taken down earlier this year, as once a user is compromised by surveillance their details unravel naturally.
The same is true of bitcoin: once a user is tied to their wallet address, the very mathematical processes that make the currency immune to fraud also make it a perfect source of evidence.
The trouble is matching the wallet with the owner: famously, the identity of ‘Satoshi Nakamoto’, the person (or group) who invented the blockchain, remains a mystery almost a decade after the technology first surfaced in 2008.
Besides direct police surveillance, some authorities have suggested other ways of adapting to the knock-on problems presented by the advent of cryptocurrencies. For example, in March, the UK-based Royal United Services Institute recommended an adaptive regulatory system which could use some of the capabilities produced by cryptocurrency technology to keep regulation at pace with these developments – and notes that banning cryptocurrencies is unlikely to be effective, as Chinese authorities have discovered.
More prosaic is a recommendation from the N8 Policing Research Partnership that forfeiture law be altered to ensure that cryptocurrencies can be confiscated like other proceeds of crime; asked for comment, the Home Office told KYC360 only that they will “consider the case for legislation in relation to virtual currencies if the operational need arises.”
However the issue is resolved, authorities are not going to be able to avoid the question for very long.
The prominence of cryptocurrencies as both a means and an object of crime is only growing with every passing year.
Hope lies in government and private bodies adopting their own versions of the technology, both to safeguard users and to train their personnel in the particular sensitivities posed by widespread cryptography.
If they fail, the internet will be a place of impunity, even more than it is today, and governments’ ability to restrain the financing of crime and terrorism will dwindle.
If the US and Russia can agree over the criminality of one bitcoin magnate, it might not be too much to hope for international co-operation to establish a common response to this unprecedented challenge.
Richard Nicholl (@rtrnicholl) is a Master’s student at the University of St Andrews, specialising in legal history. He also works as a freelance journalist and legal researcher.