When Facebook unveiled Libra a few days ago, the company also announced the Libra Association, a not-for-profit that will oversee all things Libra. Facebook wants to make sure that everyone is aware that Libra was created by Facebook but isn’t controlled by Facebook.
And yet, given Facebook’s reputation, it seems useful to evaluate the project and the company’s promises — should we trust Facebook?
Regulation
Before going into technical details, let’s start with Facebook’s promises when it comes to privacy. Facebook launched a subsidiary called Calibra that is responsible for its cryptocurrency projects. It’s a separate company with a separate team.
In addition to contributing to the development of the project at the protocol level, Calibra will release a wallet and build an integration with WhatsApp and Messenger. In other words, you’ll be able to tap on a button to launch a Calibra menu. You’ll then be able to send and receive money through the Calibra wallet.
While a clear separation is always an encouraging sign, it could be seen as a way to deal more effectively with regulation more than anything else.
Calibra was built for regulation purposes
If you compare Calibra with other peer-to-peer payment services, PayPal is regulated as a money transfer service in the U.S. Venmo, a PayPal subsidiary, relies on PayPal’s license to operate. Square Cash also complies with a long list of money transmission regulation.
In the U.S. in particular, each state has its own set of regulation when it comes to financial services. And Calibra also has to deal with cryptocurrency regulation, which is another source of troubles. That’s why it took a while to access Coinbase from all 50 states.
Creating a subsidiary makes this process easier for Facebook. The subsidiary has to comply with cryptocurrency and financial regulation, but not Facebook at large.
This isn’t the first time Facebook is creating a subsidiary to handle peer-to-peer payments. Facebook created a subsidiary called Facebook Payments Inc. It has money transmitter licenses in all 50 states.
That’s why it’s misleading to say Calibra was created to “ensure separation between social and financial data and to build and operate services on its behalf on top of the Libra network.” Calibra was built for regulation purposes.
A snippet of Facebook Payments Inc.’s licenses in the U.S.
Calibra is a member of the Libra Association with 27 other founding members, such as Vodafone, Mastercard, Visa, Stripe, Uber and Spotify. It is a not-for-profit organization headquartered in Geneva, Switzerland.
But the Libra Association is just a governing entity. It doesn’t operate a wallet and it doesn’t run a node on the Libra blockchain. So it doesn’t have to comply with money service regulation itself.
However, the Libra Association manages the reserve of real-world assets. Every time a Libra is issued, the Libra Association buys and store the equivalent in fiat currencies and securities in a custody bank account. Similarly, every time someone converts Libra into, say, USD, the Libra Association has to issue a selling order on the equivalent in fiat currencies and securities.
“Switzerland has a history of global neutrality and openness to blockchain technology, and the association strives to be a neutral, international institution, hence the choice to be registered there,” Facebook says in the Libra white paper. This sounds like storytelling to me — it was most likely easier to set up the association in Switzerland compared to the U.S.
This is different from USDC’s implementation — another stablecoin run by the CENTRE organization. In that case, Coinbase, Circle and all members who issue USDC manage their own custody accounts and accounting reports.
Data
Facebook has managed to greatly increase its average revenue per user by building comprehensive profiles of their users — behind every feature, Facebook is collecting data. The company is leveraging data from multiple services (Facebook, Instagram, Messenger and even WhatsApp except for some users in Europe who disagreed to changes in terms of service) to learn more about your habits, relationships and buying preferences.
This way, advertisers can target their ads to a hyper-specific audience, which leads to a higher conversion rate and more revenue for Facebook. (Once again, Facebook doesn’t sell user data, it lets advertisers pick specific criteria for their ad campaigns based on user data.)
But Facebook also bought a ton of data from third-party companies until recently. Facebook worked with data brokers to learn more about offline behaviors, from mortgages to favorite stores.
The company stopped working with third-party data providers in April 2018. There are three possibilities: Facebook wanted to do the right thing, Facebook had no choice but to stop working with those companies after multiple scandals, or Facebook already has enough data points about you that it doesn’t need this data.
But let’s go back to cryptocurrencies. Could Libra generate valuable data for Facebook’s advertising business? And more importantly, as Facebook targets the unbanked, could Facebook access payment and financial information from people who relied heavily on cash?
The Libra Association wants to be reassuring in its white paper:
“The Libra Blockchain is pseudonymous and allows users to hold one or more addresses that are not linked to their real-world identity. This approach is familiar to many users, developers, and regulators. The Libra Association will oversee the evolution of the Libra Blockchain protocol and network, and it will continue to evaluate new techniques that enhance privacy in the blockchain while considering concerns of practicality, scalability, and regulatory impact.”
Like Bitcoin, each user is identified by a wallet address and a user can control multiple wallet addresses. You can even hand out your private key to a different person to transfer ownership. So a wallet address isn’t directly attached to a name and address.
An entity that runs a node can look at all transactions from one address to another. But without external data to reconcile wallet addresses with individuals, there’s no way to make connections with real-life identities.
The service will ask you to upload a government-issued ID and give personal information so that Calibra can conduct due diligence
And yet, when you use Calibra in Messenger or WhatsApp, Calibra will have to comply with financial regulation when it comes to Anti-Money Laundering and Countering the Financing of Terrorism (AML and CFT).
When you first set up your Calibra account, the service will ask you to upload a government-issued ID and give personal information so that Calibra can conduct due diligence. This is a standard practice for financial services called KYC (Know Your Customer).
Mockups of Calibra’s standalone app
You will be able to use Libra with other cryptocurrency wallets at some point, but it’s clear that Calibra wallets and transactions won’t be pseudonymous.
So that answers the first question. Now, when it comes to data sharing between Calibra and Facebook, Calibra strongly states in its commitments that Facebook won’t be able to see your financial data:
“Aside from limited cases, Calibra will not share account information or financial data with Facebook, Inc. or any third party without customer consent. For example, Calibra customers’ account information and financial data will not be used to improve ad targeting on the Facebook, Inc. family of products.”
That paragraph is followed with a lengthy list of exceptions. Some of them are perfectly legitimate and talk about fraud and government inquiries. But one paragraph in particular stands out:
“We also share Calibra customer data with managed vendors and service providers — including Facebook, Inc. — that support our business (e.g., to provide technical infrastructure or direct payment processing). In both cases, we share only the Calibra customer data that is necessary for completing the defined activity or service.”
While Calibra wants to limit data sharing as much as possible, there’s still a big question mark about what Facebook plans on doing with that data — and metadata in particular.
For instance, Messenger isn’t end-to-end encrypted unless you start a secret conversation. Facebook can see the content of the vast majority of your conversations. Facebook could scan for Calibra payments in your conversations to understand who you’re sharing money with. Even though payments are managed by Calibra, there will be a notification in the conversation thread with at least some metadata. In addition to social relationships, the company could discover some patterns and learn more about your financial relationships.
Nobody should take for granted that Facebook won’t know anything about your Calibra transactions
Facebook already leverages your WhatsApp metadata to learn more about you. While all WhatsApp conversations are end-to-end encrypted, the company knows who you’re talking with, the frequency of your conversations and more. Tracking Calibra payments wouldn’t be a first.
It’s hard to know whether Facebook will do anything with Calibra data now that is under so much scrutiny. But nobody should take for granted that Facebook won’t know anything about your Calibra transactions.
Similarly, it’ll be important to examine the consent flow when it comes to sharing data from Calibra to Facebook, and from Facebook to Calibra. Facebook still buries the most important privacy consent settings in misleading pop-ups. That wouldn’t be a first either.
Governance
The Libra blockchain has borrowed a few ideas from other cryptocurrency blockchains, with a Byzantine Fault Tolerance approach, the use of Merkle trees to guarantee the integrity and a network of nodes.
But in its current implementation, the Libra blockchain is not truly open and not truly decentralized. Each member of the Libra Association operates a node. Only those members can access the ledger of transactions unless Facebook or another founding member builds a public-facing API of some sort.
Anybody working for a cryptocurrency company will tell you the same thing: If you can’t run a node in your backyard, it’s not really a blockchain. Facebook already says that it plans to open up the Libra network to external nodes, but it’s going to take… five years:
“To ensure that Libra is truly open and always operates in the best interest of its users, our ambition is for the Libra network to become permissionless. The challenge is that as of today we do not believe that there is a proven solution that can deliver the scale, stability, and security needed to support billions of people and transactions across the globe through a permissionless network. One of the association’s directives will be to work with the community to research and implement this transition, which will begin within five years of the public launch of the Libra Blockchain and ecosystem.”
Members of the Libra Association are still very much in control of the service, including Facebook. Every member of the Libra Association council has the same voting power. There are currently 28 founding members, so Facebook holds 1/28th of the votes — roughly 3.6%.
David Marcus, currently the Head of Calibra, previously worked on Messenger and PayPal (Photo by Steve Jennings / Getty Images for TechCrunch)
Moreover, the Libra Blockchain is an open source project. And open source communities aren’t completely flat organizations. There are maintainers who approve or reject commits from contributors.
In its current implementation, the Libra blockchain is not truly open and not truly decentralized
Let’s take the Linux Kernel as an example of an open source community — and it’s more centralized than expected. If you look at the Linux Kernel development report, Intel employees have contributed to 13.1% of the changes in the Linux Kernel from version 4.8 to 4.13.
David S. Miller alone has signed off 11.6 percent of changes that he didn’t write himself. He works for Red Hat, a company that was recently acquired by IBM. Hiring key people in important open source communities has become essential for many companies.
Being a member of the Libra Association isn’t enough if you want to have a long-term impact on the development of the Libra blockchain. Members will have to bet on Libra and put together development teams to control their destiny. Otherwise, all the Libra open-source gatekeepers will work for Facebook/Calibra.
Finally, the Libra Association will work with a list of authorized resellers. Given that Libra is tied to a basket of fiat currencies and securities, you won’t be able to hand out $200 to your tiny currency exchange business next door.
In many developing countries, people often use two currencies already, USD and their local currency. People rely on USD for big transactions in order to avoid volatility. That’s why many exchange businesses are thriving.
But those local companies will have to partner with an authorized reseller to convert Libra. Those authorized resellers will charge fees and create a barrier to entry to newcomers.
Once again, this works against decentralization as only trustworthy partners will get a license to operate as an authorized reseller. All the founding members become a sort of Visa, Mastercard or Western Union for the 21st century.
Many questions
The Libra Association will launch the Libra blockchain in 2020. It’s a huge project and it involves many different companies. That’s why Facebook announced the project many months before the public release.
Facebook and Calibra want to be reassuring. They have already thought about all the touchy questions when it comes to privacy, regulation and decentralization.
All bets are off for privacy. Maybe Facebook will respect your privacy for once. But pay attention to Calibra’s features, consent flow and privacy policies.
As for regulation, the Group of Seven (G7) is already putting together a task force to study Libra. But I’m not worried about rich countries with strong currencies.
In many countries that suffer from a high inflation rate, such as Venezuela, Argentina, Turkey or South Africa, Libra could give power to the people. Citizens could avoid predatory monetary policies and keep the value of their savings intact. But that would be a disaster for governments, with public services facing bankruptcy for instance.
Finally, there’s one thing for sure — it’s hard to say that Libra is a decentralized project. It still feels like a Facebook project with a single company in charge. Let’s hope that other Libra Association members get involved in the development process.
But that wouldn’t change the overall philosophy behind Libra. It is a quasi-fiat currency more than a cryptocurrency in its current implementation. It is controlled by private entities that don’t care about monetary policies. And many entities will have issues with that already.