Facebook's Libra Cryptocurrency Prompts Privacy BacklashEcosystem Questions: US, European Officials Demand Answers
With Facebook now officially preparing to launch its own cryptocurrency, Libra, in 2020, the social media giant is facing a privacy and security backlash both in the U.S. and Europe. Lawmakers and regulators are raising concerns about the offering based on the company’s poor history of protecting user data.
See Also: Top 50 Security Threats
The goal, Facebook says, is to bring a new type of digital payment system to anyone with access to a smartphone, with Calibra collecting a fee for the transaction. Tuesday's announcement includes a number of promises to use the same types of anti-fraud and verification technologies that banks use, along with protections for user and data privacy.
Additionally, Facebook is creating a Libra Association, based in Geneva - with partners including establishment players such as Visa, MasterCard and PayPal - to assist in governing the new cryptocurrency. This new organization, however, does not include any banks among the founding members, according to the Wall Street Journal.
Privacy, Security Concerns
With Facebook looking to take a giant leap into the global digital payment market, a backlash began to build almost immediately as a result of the company’s poor track record on user privacy (see: Facebook Smackdown: UK Seeks 'Digital Gangster' Regulation).
A few hours after Facebook’s announcement on Tuesday, Rep. Maxine Waters, D-Calif., the chairwoman of the powerful U.S. House Financial Services Committee, issued a statement demanding that Facebook and its subsidiary halt any development of its cryptocurrency until lawmakers and regulators review the project.
"With the announcement that it plans to create a cryptocurrency, Facebook is continuing its unchecked expansion and extending its reach into the lives of its users," Waters says in a statement provided to Reuters.
Facebook's cryptocurrency plans have raised bipartisan concerns, with Rep. Patrick McHenry, R-N.C., telling The Verge: "It is incumbent upon us as policymakers to understand Project Libra. We need to go beyond the rumors and speculations and provide a forum to assess this project and its potential unprecedented impact on the global financial system."
On Wednesday, the U.S. Senate Banking Committee announced it would hold a hearing about the company's cryptocurrency plans on July 16. So far, the committee has not released a list of witnesses it intends to call, according to Reuters.
A Facebook spokesman tells Information Security Media Group: "We look forward to responding to lawmakers' questions as this process moves forward."
Besides new concerns over its cryptocurrency plans, Facebook is already facing scrutiny from the U.S. Federal Trade Commission regarding its data-sharing practices, with the company preparing to pay as much as $3 billion fine.
Facebook has been bound by an agreement with the FTC since 2011 that stems from previous privacy missteps, including sharing data without consent. But the social media firm now faces additional regulatory scrutiny for its 2017 association with Cambridge Analytica, the U.K.-based, now-defunct political consulting firm that obtained as many as 87 million Facebook profiles from a Cambridge University lecturer in violation of Facebook's policies and without those users' consent (see: Facebook Takes $3 Billion Hit, Anticipating FTC Fine).
Is Blockchain Enough?
As part of its Libra rollout, Facebook released a whitepaper that includes some technical details about the cryptocurrency, including its use of blockchain - the digital ledger that supports other types of cryptocurrency, including bitcoin - to protect transactions and user data.
The paper includes details about Move, a new programming language that Facebook developed to create customized "smart contracts" within the blockchain to protect transactions and to ensure that assets aren't cloned to cut down on fraud and abuse.
But some security experts contend the details contained in the whitepaper aren’t enough to ensure that Facebook can keep all these transactions private. Matthew Daniel Green, an associate professor of computer science at Johns Hopkins University who's a cryptography expert, took to Twitter to express concerns.
The best way I can understand this is: the Libra “privacy” story is going to be that you can deposit your money into Facebook. At which point you’ll enjoy their world-leading privacy protections.— Matthew Green (@matthew_d_green) June 18, 2019
Europe Has Concerns, Too
While Facebook is facing questions about its digital currency plans in the U.S., European regulators and other government officials also raised immediate concerns about Libra and the company's plans for digital payments.
French Finance Minister Bruno Le Maire told a local radio station that Libra should not become a replacement for local currency and that any new payment system should "be subject to the highest standards of regulation," according to Bloomberg.
Le Maire also told local media that he's planning to ask the Group of Seven central bank governors, which includes representatives from Canada, France, Germany, Italy, Japan, the U.K. and the U.S., to prepare a report about Facebook and Libra for a July meeting that will touch on topics that include money laundering, privacy and terrorism financing, Bloomberg reports.
The European Union already is scrutinizing Facebook’s privacy practices, including how the company responds to complaints about user privacy and personal data (see: 15 GDPR Probes in Ireland Target Facebook, Twitter, Others).