Who Run the World? Anonymity and Privacy in Emerging Web3 Spaces

Preface*: this essay was originally a final paper written for a Media Ethics class as part of my MS program. Therefore, it is written in a largely academic tone and makes references to certain legal theorists. Major gratitude to the people interviewed in this paper – it wouldn’t be what it is without you!*

If you’re interested in legal theory that inspires current ideas of privacy, I would highly recommend the scholars mentioned in this essay. Additionally, to supplement questions of anonymity and privacy, I would recommend looking into Soulbound NFTs and Verifiable Credentials & Decentralized Identifiers + listening to this debate.

Thank you for reading, and feel free to reach out to discuss more (& maybe inspire my MS capstone thesis)!

In Privacy and the Limits of Law, published in the Yale Law Journal in January 1980, Ruth Gavison argues that society's interest in privacy is "related to our concern over our accessibility to others: the extent to which others have physical access to us and the extent to which we are the subject of others' attention." Her argument is heavily constructed upon delineating "invasions of privacy" and thus working backward to establish what Helen Nissenbaum terms "norms of appropriateness" for her framework of contextual integrity in 2004. The rise of the transparent blockchain over the last decade and the creation of a new web3 landscape have changed the digital identity landscape: financial transactions are now completely public while anonymity and pseudonymity are rising. Considering previous legal theory, multiple interviews with active web3 participants, and prominent events over the last year, it can be argued that the ethical and legal framework of privacy needs to be updated with an understanding of consent.

To understand the complicated layers of identity and privacy that are now in play due to the new dimensionality of digital financial transactions and interactions, we must first lay out the web3 landscape. While the current landscape of digital interaction as we know it relies on data, accessibility, and monetization, web3 as a movement and umbrella term attempts to encompass a fourth perspective: decentralization and accountability. It brings in questions of ownership of data – something that isn't entirely possible in the current web2 landscape due to most data being housed and farmed by large digital corporations rather than owned by the people who generate it. This is primarily enabled by blockchain technology which forms a public record of transactions, transfers, and associations through digital "wallets" housed on different blockchains. In summary, web3 encompasses everything from cryptocurrency transactions and legislature to decentralized applications for data ownership, as well as decentralized autonomous organizations (DAOs) that democratize the enterprise monolith and distribute voting power amongst delegates. 

A defining factor of web3 is the widespread acceptance of anonymity and pseudonymity in the landscape. A large part of the acceptance stems from the creator of the Bitcoin white paper - Satoshi Nakamoto - who was anonymous. There's no certainty within the community whether they were a singular person or a team of people. This pervasive anonymity at a nascent stage for the cryptocurrency and web3 landscape made it tremendously easier for people to now be anonymous or pseudonymous; the question isn’t "who are you?" but "what do you have to offer?".

Xaia – an active anonymous NFT collector and investor with a background in the arts – agrees, saying "web3 is actually doing wonders for normalizing anon work and engagement." Their choice to be anonymous was a deliberate one to "engage people sincerely without the attachment of personal identity" – effectively giving them more freedom in their personal and professional interactions, both on-chain and off-chain (or real life). Therefore, the permissibility for anonymous and private interactions is widespread: from the beginning of cryptocurrency invention to the manifestation of online personas.

In this environment, it's crucial to create a framework to assess the manifestation of privacy: if identities can permissibly be private, and you can largely access people's financial holdings and transactions with the correct wallet address, what does a private web3 life look like? Gavison argues that privacy can only be determined "at the conclusion of discussion about what privacy is, and when–and why– losses of privacy are undesirable." Using this framework, I will attempt to establish what privacy becomes in a web3 environment, what losses of privacy look like, and the degree of their undesirability. 

An understanding of privacy currently operational in our financial system is that a person's financial matters are always private and visible only to people with the correct log-in information and verification. However, with the advent of mass social media adoption, most people's identities – full names, place of employment, current city or country, and potentially email addresses, phone numbers, and home addresses – can be found through a quick search via a search engine. Within web3, people aren't necessitated to provide a lot of identifiable information to create a wallet or purchase cryptocurrency (up to a certain amount as dictated by KYC laws), which allows for a large extent of anonymity – more massive than most people are used to when it comes to financial matters. At the same time, using blockchain scanners, anyone can see any transaction that occurs on most blockchains by any wallet. Through a logical reasoning exercise, one may identify financial transactions through interactions with smart contracts, friendly transfers to friends or other wallets, or redistribution of funds to keep wallets under the radar.

A lot of identification processes in web3 are possible through ENS names. ENS is an Ethereum-based counterpart of the widespread DNS technology, which is the domain naming service. By purchasing an ENS domain for your wallet address, one can allow people to identify who a wallet belongs to and thereby place an identity to the transactions. Having become exceptionally widespread amidst the relatively small web3 community, many participants have an ENS domain associated with their primary wallet, whether it be their real name, Twitter/Discord handle, or a pseudonym. 

One of the few people who don't have a public ENS yet is Bryn Edwards, who works for a banking start-up that automates budgets and generates interest for users on stable coins. She is also a part of The Symmetrical investment DAO - a group of GenZ investors in NFTs and tokens. "[ENS domains] are way more recognizable, right? If you're providing your address for an AirDrop or something, people are going to know exactly– like I use the same name on everything. So, if I were to claim that [as an ENS], people would immediately be able to see me and then [find me] on Twitter." Despite using her full name in web3 interactions, her resistance to getting an ENS domain reflects a privacy expectation of not wanting to be identifiable on-chain. One could scroll through millions of wallets and potentially find one that belongs to her, but the lack of an ENS domain would make it nearly impossible to confirm its ownership. Until she decides to reveal her wallet to the world, it will remain under the radar.

Before defining privacy in web3, we must also consider the definition of identity. If ENS domains can still be pseudonymous or completely anonymous – there is a large market for 4-digit ENS domains – and people have no idea who they're transacting with beyond the screen, does identity still revolve around names? An anonymous art collector, Centj, believes identity in web3 is more about "who your networks are, [and] what communities you interact with." 

However, when considering identity from an investment lens, the landscape changes. For Centj, "anybody that's asking for people to invest in them and to put money into a project has a little bit more of a higher obligation to the people they're beholden to." Alli, director of education at a crypto fund, echoes a similar sentiment, "I would lean towards interacting with projects with [known] founders," i.e., founders whose identities are established and verifiable. At the same time, in light of the growing anonymity in web3, she thinks that "if we can foster an environment of trust and collective accountability," it's not as large of a problem. "I also think that there's a lot of value in the fact that people don't necessarily need to doxx themselves to be a founder in the space. I think that can also be a protective measure, especially for women or other minorities or groups." All of this boils down to identity being defined less as someone's name or persona but more so their community, reputation, and work.

Having established a new concept of identity, the desire to maintain control over phenomena that can make a person identifiable can be boiled down to the idea of consent. Evin McMullen, CEO and Founder of Disco, believes consent is the key to all privacy ethics issues in web3. Disco is an identification mechanism through which a person can associate all their web3 and web2 data - wallet addresses, email addresses, social media handles, certifications, ENS domains, and other verifiable credentials in one "backpack" and use it as their virtual reputation card. The root of its functioning is that all those credentials are private and known only to the sender and receiver. It is then the owner's decision to make specific tokens public to certain people. Ultimately, rather than forcing exposure to build and maintain reputation or credibility, Disco would enable an anonymous web3 persona to maintain their anonymity while continuing to build their reputational identity. "I would encourage us to move away from the word privacy and towards the word consent," says Evin. "Privacy is kind of an abstract thing, but I think consent is really tangible. […] So, I think we are heading toward a high-consent environment.”

In opposition to establishing privacy as consent, Gavison, in her paper, believes privacy should not be "depend on choice" as one cannot criticize a person for choosing or not choosing privacy if it's defined as a "form of control." At the same time, she considers privacy to be made up of information, attention, and physical access. A loss of privacy is then defined as others "obtain information about an individual, pay attention to [them], or gain access to [them]." The dynamics of attention in a digital world are very different from the framework she used in 1980, as attention can be massive yet fleeting or minimal yet constant, and physical access is of no relevance to a web3 environment, which is purely online. As 2 out of 3 pillars of her definition fall short, the remaining pillar is information or secrecy. However, she raises a plethora of problems with considering information as a lone pillar: in comparing different "amounts of knowledge about the same individual," in the use of multiple pieces of general knowledge to uncover precise, individual knowledge, and, finally, "the importance of the truth of the information." Therefore, it is perhaps more appropriate in a high-consent, hyper-aware landscape to fall back on control and consent as the defining characteristics of privacy.

Having established a new interpretation of privacy as consent, the loss of privacy should largely amount to the loss of consent or control. However, the ethics of providing and withdrawing consent are still blurry, especially in the public arena. Most notable in the web3 world, in February 2022, the founders of the Bored Ape Yacht Club (BAYC) NFT collection were "doxxed" by Buzzfeed News. Buzzfeed's article came in light of the growing celebrity popularity of the collection – to the extent that it was named and mentioned on live late-night television – and thus became a subject of interest. In the article, reporter Katie Notopoulos reveals the identities of BAYC's two main founders: Greg Solano and Wylie Aronow. Their identities were revealed through public business records filed in the state of Delaware, where the company behind BAYC – Yuga Labs – was incorporated. In addition, Yuga Labs' CEO confirmed their identities prior to publishing. 

The BAYC incident caused a mass outcry in the web3 space, as many believed that the founders were wrongly "doxxed" and their identities should have remained a secret. Some considered it an invasion of privacy because their founders' names and backgrounds were released without explicit consent. There is one primary ethical consideration here: is a reporter revealing the identity of the subject of their news story through public government records considering "doxxing" or "reporting"? Within the framework of consent equaling privacy, it doesn't particularly matter, as the founders never gave the reporter their consent to reveal a part of their identity. The lack of consent would automatically equate to an invasion of privacy. On the other hand, this revelation was considered important due to the amount of capital and popularity the collection gained over a relatively fast timeline – reporters and other stakeholders wanted to know the identity of the people running the show. 

For Gavison, any form of voluntary disclosure can be a "loss of control because the person who discloses loses the power to prevent others from further disseminating the information." Having revealed their identities in public government records, it can be argued that the BAYC founders opened themselves up to be revealed at some point. Therefore, the only problem was that the public revelation was not in accordance with the timeline the founders would have preferred. At the same time, Nissenbaum's idea of contextual integrity questions whether "contextual norms of appropriateness or norms of flow have been breached" to consider this a privacy violation. 

Norms of appropriateness dictate "what information about persons is appropriate, or fitting, to reveal in a particular context." Considering the BAYC case, it can be argued by many investors that the founders' identities are appropriate to reveal in an article about the popularity of their work. At the same time, the founders or other web3 participants may believe that the information was not appropriate to reveal because their identities had nothing to do with the popularity and price of the collection. However, Nissenbaum also mentions that "appropriating information from one situation and inserting it in another can constitute a violation." With this caveat, norms of appropriateness have not been breached even if we were to put it in conversation with consent, as the founders' identities were revealed in a public government record directly relating to the incorporation of the company upon which the Buzzfeed article was based. 

Norms of flow dictate the "distribution of information–movement, or transfer of information from one party to another or others." This is based on Michael Walzer's pluralist theory of justice, wherein "societies [are] made up of numerous distributive spheres, each defined by a social good internal to them." Therefore, we must consider whether information has been distributed in a manner that respects contextual norms of information flow. In the case at hand, the information – the BAYC founders' identities – was distributed widely by a journalist who obtained it through public records. There was no expectation of confidentiality when this information was submitted for public records. At the same time, if this information were to be circulated widely, the founders would have done so themselves. Therefore, withholding their identities from the online public and having them revealed without their consent may constitute a violation of the norms of flow if put into conversation with consent. 

Having established that privacy in web3 can be considered a product of consent and having supposed losses of privacy to be violations of consent, the final thing to consider is the undesirability of a loss of privacy in web3. There are two perspectives from which to approach this: the first, those who undergo the loss, and the second, those who want the resulting information. While the BAYC situation is most recent, there is another incident of note that can assist with answering this consideration. 

In 2004, Omar Dhanani was convicted of credit card fraud and served 18 months in prison. He then founded QuadrigaCX – a Canadian crypto exchange – with partner Gerrald Cotton in 2014. However, the exchange collapsed in 2019 after Cotton disappeared with $169 million. In 2021, Daniele Sestagalli and 0xSifu forked the Olympus protocol on the Avalanche blockchain and created the Wonderland DeFi protocol. Sifu was the treasury manager of the DAO, managing (what is now) $215 million. In January 2022, ZachXBT revealed through a series of tweets tracking wallet activity that 0xSifu was, in fact, Omar Dhanani (or, as he later renamed himself, Michael Patryn). 

This incident showed two things: a violation of Sifu's privacy was valuable to the Wonderland community and web3 landscape due to his history of illegal behavior, and it was possible to uncover a person's identity through on-chain information. Even though nothing suspicious had taken place within Wonderland, knowing Sifu's track record was enough to break the trust he had been building within the community. The key difference between this incident and the BAYC revelation is that BAYC founders had nothing damning tied to their real identities and nothing suspicious relating to BAYC. Both used public information to obtain identities – one used government records, the other used on-chain transactions.

While the Sifu revelation slowly began a movement for doxxed founders, the BAYC incident saw its pushback. The ethics of doxxing are still grey: is it only ethical to doxx a person if they seem suspicious? Nevertheless, some people are beginning to want doxxed and reputable founders. Sarah Satoshi, a prominent woman in the Bitcoin community, wants to see integrity from influencers and traders in the space – "whether they're buying or selling something […] it should be in line with what's on their social media versus what's in their wallets. It's important to maintain that integrity, and that's how you build a following in the first place." Evin wants reputable founders: "Public financial behavior is insufficient for me to decide whether I want this person on my couch at my birthday party; is insufficient for me to decide whether I want to grab a slice of pizza with them; and it's certainly insufficient for me to decide if I want them to be the product owner of my new initiative." Modern Chaos, a crypto educator who works with brands, celebrities, and companies to develop their crypto strategy, thinks that "a public wallet address [...] proves experience more so than trust."

Therefore, while a loss of privacy may be undesirable for founders who want to build behind the scenes and want a fresh start, their community may desire their loss of privacy as it makes them more credible, reputable, and trustworthy. At the same time, the community can retain their privacy and interact as anonymous or pseudonymous personas so long as they aren't looking for investment.

In summation, thinking about privacy in close conjunction with consent and control rather than Gavison's neutral positioning makes it more deliberate in a largely digital world. Within web3, where anonymity is easy and privacy even easier, there are still situations and roles of power and responsibility where a loss of privacy is almost guaranteed the more you grow. Within the web3 and crypto landscape, an established ethical framework that contends with anonymity and privacy issues is yet to be finalized. Perhaps, due to the constant changes in communities and individual responsibilities, it may need to be more dynamic than what we currently apply, stretching across web3 & web2 and built upon not just data, but also reputation, credibility, and community.

Subscribe to esha
Receive the latest updates directly to your inbox.
Mint this entry as an NFT to add it to your collection.
This entry has been permanently stored onchain and signed by its creator.