Great ResignationClimate ChangeLeadershipInflationUkraine Invasion

The recent crackdown on Tornado Cash sets a dangerous precedent. Here’s why it could be the beginning of an all-out ‘war on code’

August 19, 2022, 12:46 PM UTC
There is evidence suggesting Tornado Cash was used by North Korea for money laundering. The U.S. Treasury has estimated that $7 billion were laundered using the open-source tool.
Luke MacGregor - Bloomberg - Getty Images

Last week, the U.S. Treasury Department announced sanctions on Tornado Cash, a popular open-source privacy tool and “mixer” that enables private and anonymous crypto transactions.

Specifically, the Tornado Cash website and associated Ethereum addresses were added to the OFAC (Office of Foreign Assets Control) blacklist, typically reserved for “persons involved in terrorism, enemy states, or other state-sanctioned activities and ensure that these individuals cannot get the benefit of the US financial system.” All Americans are now forbidden from interacting with Tornado Cash.

The U.S. Government alleges that $7 billion has been laundered through Tornado Cash. Elliptic, a blockchain analytics firm, puts the figure closer to $1.5 billion.

We can all agree that government should crack down on criminals–and it’s not unusual for the government to sanction specific wallet addresses belonging to individuals suspected of supporting terrorist activity and other sanctionable behavior.

What makes this situation different is that Tornado Cash is not a “legal person”–as in an individual or corporation–but rather a technology tool that is used by many different kinds of people. Not only is the unprecedented crackdown irregular but it may also infringe on Americans’ constitutional rights.

“It appears to be the sanctioning of a tool that is neutral in character and that can be put to good or bad uses like any other technology. It is not any specific bad actor who is being sanctioned, but instead it is all Americans who may wish to use this automated tool in order to protect their own privacy while transacting online who are having their liberty curtailed without the benefit of any due process, Coin Center’s Jerry Brito and Peter van Valkenburgh said about the action in a recent article.

Privacy is foundational to a free society–and there are plenty of good reasons to remain private in transactions. Perhaps you want to donate to a Ukrainian humanitarian group without exposing yourself to potential Russian recriminations, as Ethereum founder Vitalik Buterin did. He revealed this fact on Twitter, “doxxing himself” in solidarity with Tornado Cash.

Privacy has always been a feature of transactions in the “real economy”. After all, when you pay for your groceries in cash, the cashier doesn’t ask for your driver’s license.

“Anonymity is not a crime, and there are many legitimate reasons to seek anonymity in financial transactions. Privacy tools are important to, for example, activists in authoritarian states where revealing financial information could get someone jailed or executed,” the NGO Fight for the Future said in a statement.

Of course, not every transaction in Tornado Cash is used to fund bad actors. This notion is supported by Elliptic’s estimates, which concluded that $5.5 billion of $7 billion processed were legal transactions.

Despite all these valid arguments, you can hardly envy the government’s position. Even if Elliptic is correct and $1.5 billion has been laundered through Tornado Cash, that’s a big number. And there’s evidence suggesting Tornado Cash is used by the North Koreans.

However, a blanket sanction on a credibly neutral technology tool feels like an overstep, or perhaps a move that was not properly thought out, with potentially unintended consequences. Any software that ultimately gets used by a criminal could be subject to the same crackdown, even if it’s open source. This feels out of step with past practices: After all, we don’t sanction the Internet when terrorists use email and Linux contributors are not sanctioned when an Android smartphone running Linux is used to plan a crime.

Readers may be familiar with the case of Silk Road, the dark web marketplace that was shut down in 2013 with its founder Ross Ulbricht arrested and convicted on several counts. Silk Road was different in that it was a centralized entity controlled by one person and used almost exclusively for illicit activities. But even companies are generally exempt when their products are used in crimes: This is why gun manufacturers don’t get sanctioned when a gun they make is used in a murder.

For now, many companies are saying “better safe than sorry” and purging Tornado Cash. Circle, the founder of the popular “USDC” stablecoin, added 38 Ethereum addresses to its blacklist that have interacted with Tornado Cash. OpenSea, Discord, GitHub, and others have taken similar steps. In the short term, this is inevitable–and probably sensible–for these companies: they don’t want to be labeled a criminal entity too. However, in the medium-long term, key stakeholders must ensure that the delicate balance between freedom of expression and the managing of undesirable actions is carefully managed. It is critical to all of us that developers continue to freely build neutral technology tools.

Alex Tapscott is the managing director of the Ninepoint Digital Asset Group. His new book, Digital Asset Revolution, was released on July 12th. This article is for information purposes only and should not be relied upon as investment advice.

The opinions expressed in commentary pieces are solely the views of their authors and do not reflect the opinions and beliefs of Fortune.

More must-read commentary published by Fortune:

Sign up for the Fortune Features email list so you don’t miss our biggest features, exclusive interviews, and investigations.