Digital currency: Have our pockets turned transparent?

This article was adjudicated as the second best entry to the First NLUJ CSBF Essay Writing Competition, 2019-20. The article was submitted by Aneesha Sondhi & Salil Kumar Tripathy. The authors, at the time, were students at University School of Law and Legal Studies, Guru Gobind Singh Indraprastha University.

Abstract

A rapidly emerging, though relatively new currency that has fascinated many intellectual minds and, at the same time, led to many raised eyebrows is ‘digital currency.’ As is clear by the very nomenclature, it is a form of currency which is available in digital or electronic form. This currency being intangible, can only be transacted through comp-devices and e-wallets. It has taken the world by the storm by changing the very nature of transactions.
Digital currency being the genus, there are further two species under it viz. centralised and decentralised digital currency. This paper, essentially dealing with the centralised digital currency and the right to privacy, will also explore the facets of decentralised digital currency and suggest ways to recognise and appreciate it in the Indian context. It will attempt to identify the cyber-threats involved with these Digi-transactions and examine the potential solutions to these challenges.
Across India, concern is mounting over an ever-growing list of privacy issues emerging out of financial digitalization. There is no dearth of rules on cyber security, but their enforcement has been far from satisfactory. Lack of proper legislations and enforcement mechanisms, not so widespread usage of blockchain technology, lack of customer awareness and not-so-proactive role played by the government contributes to all of it. These problems involved with the usage of digital currency in a transparent monetary system need to be addressed on a war footing. When we talk of world of Digital currency, we are basically talking of a new financial order, with its challenges and pitfalls. This research paper would be dealing with different challenges of safety, privacy, liability and freedom involved with the use of digital currency. The paper will also focus on whether cryptocurrency can pave its way into the Indian Digi-Market. In order to attain an ever-growing and prosperous economy, it’s imperative that we deal with these issues on an urgent basis.

Introduction

“If banks can’t offer something more valuable than Amazon Prime, then we’re probably in the wrong business”– Bradly Leimer, Co-founder of Unconventional Ventures.

In digital era, every service or good under the sky is available online. There’s e-commerce more pervasive than ever before and hence, a dire need felt for financial institutions like banks to go for digital and data orientated ways to transform existing practices. However, what surrounds the change is concerns and reservations for what if the boon of digitisation becomes a threat to the entire system disguised in banking transactions. So many reservations are so profoundly based upon its ambiguous nature and concerns abound as if it is a monstrous idea of economic doom amidst the anonymity of web. Nevertheless, provided the progress that we have already witnessed, it would be terrible to turn a blind eye towards digitisation in every facet of banking system.

Henceforth, it becomes even more pertinent to assess the present progress of Digital Sector in Indian economy and keep a check on the future predictions to get an awareness of the possible modifications that may have to be taken care of in the banking policies for India to carve a mark on the global map. It’s imperative to note that currently the core Digital Sector like (IT-BPM), digital communications and electronic manufacturing contributed 7% to India’s Gross Domestic Product which is a whopping 170 billion dollars and a recent report from McKinsey Global Institute predicts it to soar to 8 to 10% in 2025.[i]

The report named ‘Digital India: Technology to transform a connected nation’, after integrating all the factors like industry revenue, cost structures and trends further estimates that by the year 2025 the digital sector in its entirety would end up contributing a mind-boggling 355 to 435 billion US dollars. Still, the intricacies of the report need to be profoundly studied as among 17 emerging economies it was discovered that India is only digitising faster than one country, that’s Indonesia, when critically compared across 30 dimensions.

The report, however, keeps India above the pedestal in key dimensions of digital adoption and highlights the fact that India is second at the global stage across digital attributes like app downloads with 12.3 billion in 2018. One surely can never take a country lightly with 1.17 billion wireless phone subscribers, 560 million internet users, 354 million smartphone users and 294 million social media users in 2018, and only China outdoing us.[ii] However, even as the  report formulates quintessential conclusions on Digital agriculture, Digital healthcare, Digital retail, it  fails to emphasise upon Digital currency in the present banking system. Hence, it, like many other reports, misses out on a vital attribute which can help shape the India economy and help rescue itself from any slowdown.

We see that in this and many such studies, while enough hints are thrown about the wide potential of digitisation and its substantial impact on India for years to come, the potential of digital currency in current banking system is majorly neglected or wilfully left out from serious deliberations. This paper would try to reflect on the overshadowed aspects of digital currency in present banking system in the stated backdrop of digital boom in India with its immense potential.

Centralised Currency- The new territory 

Currency in simple terms is defined as something (such as coin, treasury notes and bank notes) that’s in circulation as a medium of exchange.[iii]

They, in conventional mode of transactions, are only of two types. One, the fiat money that has no value of its raw material but gets its value from issuing authority in terms of what it represents like the paper currency and coins that are minted. The others are asset backed currencies which derive their worth from being valuable commodity like Gold or silver but rarely used these days in market.[iv] Lastly, the newbie in this world of the currencies is the digital currency. Growing at a pace faster than ever, due to tsunami of ever-increasing smartphones, internet banking methods, various cards and e-wallets, it has become the most prominent currency in the market.

Further, digital currencies can be categorised into two. One is decentralised digital currency like cryptocurrency which uses cryptography that is tough to breach in order to counterfeit, and hence, considered highly secured. The security is rendered from a distributed ledger in a discreet network of operators or computers. The other category being the centrally issued digital currencies also known as Central Bank Digital Currency (CBDC). This also more or less uses the same technology of cryptography but the only distinguishing feature is that it is issued by a central bank which renders it security and credibility but also snatches away the extra feature of being exempted from governmental scrutiny or manipulation.

The only country that outperforms India on various parameters of digitisation is China, owing to excess population and technological progress. It can soon add another feather to its cap by transcending other developed countries to bring its own digital currency resembling Facebook’s Libra coin, which can be utilised on popular platforms such as Alibaba and WeChat, even without internet connections.[v] Even with the widespread success of wallets or e-payment methods, the Chinese bankers still propose a digital currency to protect monetary sovereignty and are keen to cope up with the changing dynamics of digital revolution.

Several economists and scholars are of the belief that technological reasons and somewhat political beliefs may be attributed to end of use of cash. These beliefs are generally based upon three contentions. First, the use of cash is simply more expensive than electronic payments. Secondly, it can directly catalyse crimes like tax evasion and money laundering. Cash, moreover, creates an hindrance to the use of a policy alternatives like negative nominal interest rates.[vi] Technologically, we are now well equipped with cryptocurrency like bitcoin or some other type but the reluctancy by states to accept it as an alternative is due to its drawbacks such as payment fees, poor adoption, scaling issues coupled with privacy apprehensions due to its anonymity.

As Arif Naseem, founder Alfalah Coin LLC puts it, ‘Cryptocurrency is freedom, banking is slavery.’


So, it seems, we may eventually take a mid-way between decentralised cryptocurrency like Bitcoins and physical cash, and this midway will be a centralised or central bank issued cryptocurrency. The key advantages with such a system of cryptocurrency is that it is more secure and its disciplining effect will apply on commercial banks. If in case, there’s no confidence left in the cryptocurrency, the customers money could be immediately transferred to central bank electronic money depositories. A separate plan can also be provided where the customers are rewarded with higher interest rates for deposits in such currency as a reward for the risks they take by investing in them. Eventually it would mandate no transfer of funds on market volatility for individuals opting for this plan.

However, there needs to be robust planning required with additional measures to make it possible. If that happens, then in the course of time it could help banks gain liquidity and improve their services with credibility when costs are reduced. Smartphones becoming mostly prevalent among Indians, there must be a call sooner to transform from bank accounts to wallets & money to centralised cryptocurrency. This would eventually help revive our already degrading banking system, but only if a cautious and well-thought-out plan is rolled out and implemented.

The 3-S:  Speed, Security and Safety of Digital Currency

Gone are the days when criminals used to run after cash. And mugging in the streets near banks used to be their favorite pastime. Now thefts have become high-tech, in sync with the changing times. Today, the money-stealers seek passwords, CVV and OTPs. The rapid growth of internet and mobile phones, availability of low-cost data plans such as by Jio and a shift from the culture of offline to online has led to a technological revolution, while at the same time bringing a change in criminality.

The currency turning digital being one of the most celebrated changes, has had many positive but certain negative effects as well. Booking movie tickets, ordering food online and availing of cab-services is just a click away. E-wallets such as Paytm and Google Pay facilitate the transactions and that takes only seconds. The number of digital transactions is expected to increase more than four times from 2069 crore in December 2018 to 8707 crores in December 2021.[vii] With 3459 million e-Money transactions, India trailed only Japan and USA in 2017 with respect to volume of such transactions.[viii] Demonetization, especially, has been a game-changer for digital currency as more and more people are increasingly switching towards electronic modes of payments.

Talking about the positives, digitalization has replaced the need for maintaining a diary for one’s daily purchases and expenses. Everything is now stored and recorded in the e-wallets and bank statements. Storage is easy, accessible, anytime and anywhere. This is considered boon as it allows one to manage his/her expenses via just few clicks. The banking sector has reaped rich dividends, with banks becoming leaner and faster. They are now able to turn all their focus on lending and deposits rather than spending their energies on cash withdrawals. Valuable time counting money and other cash transactions that was earlier wasted is now being saved considerably. This saved energy is now being channelized into different functions of the banks, which finds reflection in their massive growth in last few years.

Of course, boon for the customers and the users is there. One doesn’t need to carry a large amount of cash before a big purchase or for paying the tuition fees. We have got mobile wallets and pocket size cards for that purpose. But all good things have some dark linings as well. While digitalization has proved to be so efficient at lubricating the economy, it has, at the same time, also led to an increase in cyber hacking and other cyber-crimes, while leading to a compromised financial privacy at the same time.

Transparent monetary system- Digi Danger!

Whenever an account is hacked, the first thing that gets stolen is privacy of the individual. For instance, upon withdrawal of cash from the ATM, one gets a message on his or her device. Upon hacking of this device, the hacker can easily track the transaction habits of the victim. This ‘real-time tracking’ blatantly violates the right to privacy. Not only our pockets but our lives are becoming transparent inevitably. Neither the technologically-literates nor the illiterates are safe, the latter being more prone to cyber frauds in a developing country like ours. Any individual can become a victim of phishing on the internet, brute force attack, wallet-hacking, identity theft and other kinds of banking frauds. The fact that the wife of a Chief Minister was duped of twenty-three lakhs recently in 2019, shows how vulnerable e-money systems can make us all.

The example of a German Software, TeamViewer, should be an eye-opener. TeamViewer is a remote-access software system that is used to remote-control the desktops. It empowers one to not only access the computers of others, but also control the mouse and keyboard from any part of the world.  The benign purpose of this software is to facilitate online meetings, computer repairs and other such tasks. However, in 2016, this software became a target of cyber-attack. TeamViewer denied any cyber breach, but  user reports claimed that their systems were hijacked, and their PayPal and other banking accounts were emptied. TeamViewer blamed it on the users for reusing their passwords and not enabling two-factor authentication.[ix] Be it an incident of cyber-hacking or one of user ignorance, the privacy of the user is wholly compromised in such a scenario. Such an unauthorized access by third parties can turn a man into a pauper.

In a transparent economy via digitalization, sometimes a person is afraid of spending too much especially on lavish lifestyle and luxury goods as all his actions could be open to scrutiny not only by potential hackers, but also the authorities. Lack of spending activity, or rather, reduced spending activity, may depress the economy for some time. This is especially true for economies like India where lots of activity traditionally takes place via cash. Since all the transactions will be open to scrutiny, one would be scared even if the spending is honest. Economy is boosted by the amount of sales and purchases and such transparency can prove to be fatal to the economy in the long run.

The new Digital India faces an ever-growing hurdle of privacy issues and challenges. Despite the presence of plethora of rules on cyber security in India, their enforcement has been very unsatisfactory. The extent of fraud on individuals has been massive. It is not restricted to a few thousand rupees. Just one click of a mouse can lead to erosion in wealth worth millions in one go. There is a dire need for the legal system to be equipped to deal with the challenge, especially in a country where millions are still legally and technologically challenged.

Data:  The new oil must not soil privacy

Right to privacy in India most recently has been adopted as a subject of discussion. Earlier, this wasn’t even considered to be an essential right in a developing nation like India. However, after some constructive and progressive judicial pronouncements as in KS Puttaswamy case[x], Right to privacy has been recognised as a fundamental right overturning previous precedents which gave a narrow and myopic interpretation to privacy. At a time when we are still struggling to bring a robust Data protection bill which is under deliberations in our parliament,[xi] what has been achieved on the other side of the world is GDPR. 

The General Data Protection Regulation (GDPR) is a progressive enactment of EU that deals with stringent data protection laws with heavy fines for their contravention. The far-reaching impact of its regulations is that it mandates compliance from organisations which could be placed anywhere around the globe but store the data of its residents.[xii] This created lot of hue & cry as it has the potential to impact banks even in India, since the residents of EU might use their services here and henceforth the data must be stored as per EU guidelines. However, in the hindsight, it has created a positive impact and countries like ours are in the process of enacting such laws to safeguard privacy.

If enacted, an uncompromising law on privacy will decrease the reliance of people for anonymity through decentralised cryptocurrency and they could switch to CBDC instead. The foremost issue is that with banking transactions, consumers leave data footprints which can be later used by fraudsters in cyberattacks by analysing these footprints to decode the consumers identity and his worth. How to protect Data and Identity of customers is a big challenge hence, GDPR is inclusive of concepts like Consent[xiii], Data retention[xiv] and Erasure[xv], Privacy by Design. These are meant to counter such critical cyber threats for which cryptocurrency was arguably used as a substitute.

The other issue that emerges out of privacy concerns is data localisation. Even if the data of EU residents is secured via GDPR for transactions within India, then what about our own citizens’ privacy who use the service of foreign financial companies like VISA, Mastercard or Amex. Why should we give them the right to store our data abroad when we are also at the risk of similar threats, or even bigger cyberattacks?

Hence, the concept of data localisation emerged wherein the data is mandated to be stored in the same country where it has originated in order to negate any such data breach apprehensions or worries. In this regard, an RBIs directive was released in 2018 which instructed the payment system operators to store data within India[xvi] or asked for data to be deleted from systems placed abroad and be brought back within 24 hours, if processed abroad. This position was re-emphasised by  the RBI  in its FAQs on June 26th, 2019.[xvii] While many individuals and companies have been opposing this data localisation step and there has been much hue and cry on the issue, it’s a welcome step in the absence of any such provision in our IT act to safeguard the data and privacy of customers.

As Mukesh Ambani rightly says ‘The new oil in world is Data’. So, it becomes important not to allow private entities abroad to hoard it. Data localisation is a welcome step to address our privacy concerns, as long as our government too steers clear of accessing localised data. They must not peep into locally protected data.

Streamlining Safeguards – Securing System

Security, authenticity, confidentiality and privacy are the pillars of a safe transaction system where the digital currencies are being circulated. Violation of any of these pillars of digitalization paves the way for the birth of a legal issue. Any system dealing in digital currencies should essentially begin its operations only after ensuring basic cybersecurity and consumer protection. This is reflected in the vision statement of the RBI for payment and settlement system in India, which aims to empower every Indian with access to a bouquet of e-payment options which are safe, secure, convenient, quick and affordable.[xviii]

To capture the spirit of digitalization, there is an urgent need to strengthen the liability of intermediaries in case of privacy violations. It should not matter whether the intermediary has actual knowledge about such violations or not. Intermediaries represent technological innovations, which can be used in a lawful or unlawful manner.[xix] They are the ones creating an interactive network service and should owe a responsibility and non-delegable duty of care towards their users. Hefty fines need to be imposed for their inability to ensure security of the system from breach, and failure to empower the users to ensure their safety online. 

It is stipulated in Information Technology (Intermediaries guidelines) Rules, 2011 that the intermediary has to publish the rules and regulations, privacy policy and user agreement for access or usage of the intermediary’s computer resource by any person.[xx] But it fails to provide a procedure whereby it can be ensured that such rules are being read and understood by the users or not. Users of such networks and applications tend to skip the safety guidelines and T&Cs. Mere looking is not equivalent to reading and understanding.  Just like the need to obtain a driver’s license before driving a car, there should be a stringent user-test or mandatory software to ensure that the guidelines are read and understood. How the companies design ‘I AGREE’ buttons makes the problem even worse. They tempt the user into clicking it quickly. The defense of caveat emptor cannot be taken everywhere, especially in the tech-field where one slight mistake has the potential to wreck the security and privacy of an individual completely.

As a ‘single-breach-shutdown’ can play havoc with the system, the problem necessitates the increasing usage of blockchain technology. A few banks in India have proposed to form a block chain consortium along with other global banks such as SBI, Citi, Deutsche, JP Morgan, HSBC, etc.[xxi] Blockchain being decentralized, the data is created and stored on any number of nodes instead of a single place. It will address the data security concerns as a ‘private key’ is required to access the data from these nodes. In case the private key is lost, the data still cannot be tampered with as only the data that is consistent across majority of the nodes is accepted on blockchain.[xxii]

This will eliminate the role played by the intermediaries, a potential source of info-leakage. In blockchain, either the Digi-currency would be sent to the receiver or would remain in the account of the sender. The transactions would be instant and the problem of reversal of faulty transactions, which usually takes days, would be tackled too. The right to private communications and transactions must be respected, placing certain reasonable restrictions if need be. For instance, the users can be verified but the transactions between them must be secured.

Finally, the requirement of increasing the levels of awareness of users must be dealt with on an urgent basis. A stitch in time saves nine. Government should take more initiatives to ensure that the individuals become aware on how to become cyber-safe.  Further, if a breach occurs, a 24×7 general helpline to provide solution to tackle all kinds of cyber security issues involving digital transactions would be optimal.

Digital currency: DANGEROUS OR DIVINE- The Conclusion

A hot topic of debate amongst Indians is whether decentralised digi-currency can ever pave its way into the Indian Economy? Presently, there are a lot of hurdles for cryptocurrency per se to penetrate the Indian system. Though there are no systematic risks associated with it, there are serious concerns for consumer and investor protection, and market integrity.[xxiii] Threat of money laundering, funding of criminal and terrorist activities also acts as a barrier to the birth of a crypto-market. Weighing the scale in favour of larger public and national security, a draft law[xxiv] makes holding of cryptocurrency a non-bailable offence.

However, many passionately disagree with this draft proposal. NASSCOM, in its report, has also suggested that the government should work towards developing regulatory mechanisms and banning cryptocurrencies is not the right approach. A sound regulatory mechanism and a proper complaint redressal forum could actively work towards monitoring and preventing illegal activities from taking place. Lots of experts believe that India should not be handicapped but empowered to participate in new use cases of cryptocurrencies. They feel it is important as it will not only help in promoting a lot of Tech Start-ups but also generate tremendous employment opportunities for the young coders and computer enthusiasts. An acceptance and legitimisation of cryptocurrency in a regulatory framework will not only help in boosting the economy, but also ensure that the privacy of transactions is not compromised. So, Banning is not the solution, regulating is. Digital currency is here to stay…it’s the future. Discuss, deliberate, but not discard. That should be our mantra.


[i] Mckinsey Global Institute, Digital India: Technology to transform a connected nation, (Mar. 2019)
ttps://www.mckinsey.com/~/media/McKinsey/Business%20Functions/McKinsey%20Digital/Our%20Insights/Digital%20India%20Technology%20to%20transform%20a%20connected%20nation/Digital-India-technology-to-transform-a-connected-nation-Full-report.ashx  
[ii] Ibid.
[iii] Currency, Merriam-Webster Dictionary, https://www.merriam-webster.com/dictionary/currency.
[iv] Currency, Investopedia, https://www.investopedia.com/terms/c/currency.asp.
[v] Sam Holmes, China says new cryptocurrency will be similar to Facebook’s Libra,Reuters (Sept. 6, 2019, 12:22 PM) https://www.reuters.com/article/us-china-cryptocurrency-cenbank/china-says-new-digital-currency-will-be-similar-to-facebooks-libra-idUSKCN1VR0NM.
[vi] Berentsen, Aleksander and Fabian Schär, The fallacy of a cashless society, Vol. I, Cash on Trial, SUERF Conference Proceedings, 14-19 (2016).
[vii] Payment & Settlement Systems in India Vision-2021 (2019), RBI REPORT (Sept. 16, 2019), https://www.rbi.org.in/scripts/PublicationReportDetails.aspx?ID=921.
[viii] Benchmarking India’s Payment System (2019), RBI REPORT (Sept. 12, 2019) https://www.rbi.org.in/scripts/PublicationReportDetails.aspx?ID=923
[ix] Graham Culey, TeamViewer denies hack, as users claim computer remotely hijacked, Tripwire, (June. 2. 2016)    https://www.tripwire.com/state-of-security/featured/teamviewer-hack-pc-hijack/.
[x] K. S. Puttaswamy and Anr. v. Union of India, (2017) 10 SCC 1.
[xi] The Personal Data Protection Bill, 2018.
[xii] The General Data Protection Regulation, 2018.
[xiii] The General Data Protection Regulation 2018, Art 7.
[xiv] The General Data Protection Regulation 2018, Art 6.
[xv] The General Data Protection Regulation 2018, Art 17.
[xvi] RBI, Storage of Payment System Data, RBI (Sept. 14, 2019), https://www.rbi.org.in/Scripts/NotificationUser.aspx?Id=11244&Mode=0.
[xvii] Frequently Asked Questions on Storage of Payment System Data, RBI (Sept. 15, 2019) https://www.rbi.org.in/Scripts/FAQView.aspx?Id=130.
[xviii] Supra, note 7.
[xix] VAKUL SHARMA, INFORMATION TECHONOLOGY LAW & PRACTICE 284 (Universal 3rd Ed. 2012).
[xx] Information Technology (Intermediaries guidelines) Rules, 2011 § 3.
[xxi] Report of the Working Group on FinTech and Digital Banking (2018), RBI (Sept 16, 2019) https://m.rbi.org.in/Scripts/PublicationReportDetails.aspx?UrlPage=&ID=892
[xxii] Anjali Venugopalan, High Street Indian Banks are riding the blockchain wave for efficiency, The Economic Times (Aug.  8, 2018, 1:57 PM) https://economictimes.indiatimes.com/industry/banking/finance/banking/high-street-indian-banks-are-riding-the-blockchain-wave-for-efficiency/articleshow/65316055.cms.
[xxiii] Annual Report 2018-19, RESERVE BANK OF INDIA, 99 (Sept. 17, 2019).
[xxiv] Banning of Cryptocurrency and Regulation of Official Digital Currency Bill, 2019.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s