In May, Nicholas Weaver suggested in Lawfare that the U.S. Treasury should “creatively” sanction Tornado Cash. In August, the Office of Foreign Assets Control (OFAC) followed Weaver’s advice. The results were pretty disastrous for civil liberties, beginning with OFAC’s listing of 21 instances of autonomous code published to a blockchain as sanctioned entities with little clarity on the intent or scope of that action. This first-ever OFAC sanctioning of autonomous code controlled by no legal person ran headlong into the established precedent that code is speech and protected by the First Amendment.
Additionally, several contributors to the open source code behind Tornado Cash were suspended from GitHub. These suspensions stoked fears among contributors to privacy-preserving code that if a bad actor uses a tool built with their code, the U.S. government will not only shut down the tool—it will also punish contributors who generally have no say in how their open source contributions are used. “The implications of [the Treasury Department] adding the Tornado Cash protocol to the sanction list was actually greater for the world beyond crypto than for crypto itself,” Omid Malekan, an adjunct professor at Columbia Business School told Grid.
Similar fears around the right to privacy online were echoed by both industry and digital rights groups. Coin Center’s Jerry Brito perhaps summed up these concerns best when speaking to The Block: “If your right as an American to privacy is only if North Koreans never use that tool, then you don’t have a right to privacy.”
Now, OFAC has tried to clarify the effect of its sanctions on free speech. But digital human rights advocates are justified in maintaining their concerns over the suit-worthy chilling effects OFAC’s sanctions are having on free speech rights and the creation of privacy-preserving technologies.
Weaver’s piece did provide a thorough explanation of how Tornado.cash works, using the popular cryptocurrency Ethereum as an example. At the highest level, as he said: “Tornado Cash operates by having a series of pools of Ethereum or other cryptocurrencies controlled by a smart contract, a program deployed on the underlying blockchain” that “allows someone to withdraw from the shared pool without linking it to their particular deposit.”
A less technical analogy of how the virtual currency anonymizer is run could be that Tornado.cash creates a private room full of safety deposit boxes. A person can enter the private room and leave an amount of Ethereum in exchange for a unique receipt. Anyone can then take that unique receipt back into the private room and withdraw from the corresponding safety deposit box. No one would know which box was used by either the depositor or the withdrawer, or even if they are the same person. Once a transaction is completed, the withdrawer can choose to publicly disclose the receipt and prove where the Ethereum came from. But they don’t have to, and this breaking of the chain of Ethereum’s public ledger is how Tornado Cash can improve privacy.
Notably, this all happens through autonomous code integrated into the Ethereum blockchain. No one owns or controls that code, and thus no creator takes a portion of proceeds from its function. Yet that code itself has been sanctioned. In the United States, writing code is protected under the First Amendment as a form of speech. Civil liberties organizations have repeatedly fought, and won, to enshrine the right to code as protected speech. Should OFAC’s sanctions not be further clarified, this right will take a huge hit because, again, OFAC did not sanction only individuals and entities at Tornado Cash, but Tornado Cash’s open source protocol—or, in other words, the code itself.
This has already led to a major chilling effect on that code and those who wrote it. The open source code used to run Tornado Cash was taken down from GitHub, the programmer responsible for the code was arrested in the Netherlands, and the Electronic Frontier Foundation is now suing on behalf of Matthew Green, a computer science professor at the Johns Hopkins Information Security Institute. Throughout the open source software community, many are protesting this apparent banning of code as speech, with one person even turning it into a song. Of these things, the only one that OFAC’s clarifications have spoken to is that the right to sing Tornado Cash’s code remains uninfringed.
To be clear: State-sanctioned criminal enterprises, as well as those that support them, are deplorable and should be stopped—but not in a way that compromises human rights and the First Amendment. In sanctioning the open source protocol Tornado.cash, OFAC has arguably overstepped its authority in addition to chilling speech. OFAC has the authority to sanction persons or property. But Tornado.cash is neither. It is code. This is a rough equivalent to sanctioning the email protocol in the early days of the internet, with the justification that email is often used to facilitate phishing attacks.
OFAC has not yet clarified what Tornado.cash has specifically done wrong, or what other projects need to do differently to avoid being the target of sanctions. Every open source and decentralized project runs the risk of becoming tainted by bad actors. This often happens when a developer gives up control of their code. This chilling effect could reverberate throughout the internet—that if a developer creates privacy-preserving code, the U.S. government could come after them. Without further clarification from OFAC, fewer privacy-forward projects might be built in the United States in the future, which would likely be a huge detriment to the human right to privacy online.
OFAC’s sanctions can also easily be interpreted as a warning shot at projects attempting to build anonymous digital assets. With ever-increasing concerns about harmful and exploitative surveillance of every aspect of Americans’ digital lives and few laws to protect Americans’ privacy online, the need for privacy-preserving technology only grows more urgent. Software projects should not be labeled as criminal for trying to replicate the same degree of anonymity and privacy in the digital space that cash-based systems of commerce have offered for thousands of years. Cash is a public good—and some amount of cash will always be used in crime. Yet there are no noteworthy calls for a ban on cash.
There are many legitimate reasons to seek anonymity in financial transactions. Privacy tools are important to, for example, activists in authoritarian states where revealing financial information could result in jail time or execution. Anonymity, particularly financial, may soon become essential for pregnant people seeking abortions in the United States, as well as for supporters in states that criminalize donations to abortion funds or Planned Parenthood. Simply not wanting personal financial history surveilled by governments, corporations, stalkers, or other bad actors is a legitimate reason to seek privacy-preserving technologies online.
OFAC is on firm ground when it sanctions people or property, including cryptocurrency, involved in criminal enterprises like the North Korean Lazarus Group. But OFAC went too far in sanctioning code, and there has been tremendous fallout in terms of speech and privacy. OFAC still needs to clarify what, exactly, it was trying to do and in doing so walk back this apparent sanctioning of code. Writing code is a basic human right, and so is privacy.