The United States Senate Banking Committee held a hearing on Cryptocurrency this week. It appeared to have an impact; at the very least, Chair Senator Brown concluded the proceedings, proclaiming it "one of the most illuminating hearings we have had." Press treatment has devoted the lion's share of attention to Senator Warren's five minutes, in which she assailed the industry's loftiest promises of decentralization. Professor Angela Walch acknowledged that 'there are pockets of power' in crypto 'particularly core software developers who can exploit their position of power,' following which the Senator from Massachusetts summoned imagery of what she characterized as a 'shadowy faceless group of a supergroup of coders and miners.' Nevertheless, a more decisive series of exchanges on ransomware occurred earlier in the hearing, which should quiet a rancorous debate on whether cryptocurrency's purported association with high-profile hacks is anything beyond tangential.
The Purpose of the Committee Hearing
Senate committee hearings are simply a method by which Senators gather information to inform legislation, oversight, or investigations. The Cryptocurrency Hearing featured a panel of people in the know explaining cutting-edge, fast-moving technologies to Senators who are well past dry behind the ears. The three experts offered a better understanding of a subject Senators intended to legislate. Of course, political kabuki lingers. Some Senators arrive at the hearing less curious or inquisitive and more combative and demonstrative than others. The experts were a professor, an advocacy group representative, and the chair for an altcoin's foundation: Professor Angela Walch, Professor of Law, St. Mary’s University School of Law, Research Associate, UCL Centre for Blockchain Technologies; Mr. Jerry Brito, Executive Director, Coin Center; and Ms. Marta Belcher, Chair, Filecoin Foundation.
Senator Menendez's Questioning on Ransomware
Midway through the hearing, Senator Menendez fretted that some ransom payments could also cause targeted businesses to violate US sanctions. Yes, this is the same Senator not only for whom a 2018 Senate Select Committee declared had 'knowingly and repeatedly accepted gifts of significant value … without obtaining required Committee approval' but who was indicted for corruption but for which no subsequent conviction could be obtained. Mr. Brito rejected the entire premise.
(Video @ ~1:09.00) He reminded that the FBI has advised businesses 'for years' not to pay ransoms, ever. So that would be the way for companies not to violate sanctions. He stressed how companies simply required sufficient cybersecurity and would need to backup files. Professor Walch was even stronger. She explained that widespread lax cybersecurity practices have resulted in too many vulnerabilities, which are exploited. And she pointed the finger back at Congress.
(Video @ ~1:10.00) She characterized an overall immunization of liability for software developers through clickwrap licenses and legal framework as "pretty much, there's no liability even if your software is terrible and has lots of bugs, and any obligation to make good software is disclaimed in the license." She concluded with a call for a revisit of the software development liability framework.
Senator Tester's Choleric Return to the Topic
Senator Tester returned to ransomware, perhaps not content with or persuaded by the answers provided to Senator Menendez's queries. He asked Filecoin's Marta Belcher what he should tell a constituent concerned about Bitcoin after an attack on critical infrastructure, such as the Colonial Pipeline, occurs. Marta did not flinch: Ransomware is not a crypto problem but a cybersecurity problem.
(Video @ ~1:28.00) Senator Tester did not appreciate that. He interrupted her to insist that it was indeed a cryptocurrency problem, but even as he did so, he acknowledged that maybe we did retrieve the Bitcoin in that Colonial Pipeline ransom. Marta Belcher replied simply that many crimes are committed through cash, too, but since cash has no association with a transparent public ledger, ransoms so paid may not be recovered. She also closed by reminding Senator Tester that law enforcement appreciates blockchain's public and traceable nature.
(Video @ ~1:29.00) Senator Tester also sputtered about the Chinese spy menace hidden in miners fleeing Bitcoin bans, later awkwardly thanking the committee following his display of antagonism.
Expert Consensus: Ransomware results from a series of cybersecurity failures
All three experts arrived at a rejection of the sloppy association of cryptocurrency development with ransomware. And Professor Walch, the member of the panel most skeptical of cryptocurrency, went so far as to blame Congress itself and its laws for spawning the vulnerabilities across America's critical code. The cryptocurrency industry now has a ready and informed expert answer to the FUD of ransomware: Congress should first lift immunity from software developers for their terrible code product. Only then should it blame cryptocurrency for recording transactions on a public ledger, allowing law enforcement to retrieve the proceeds criminals nabbed from targets with lax cybersecurity and slovenly backup procedures. Cryptocurrency will not be a scapegoat for the centralized middle-aged web's externalities.
