Someone writes:
My understanding is that the _bank account_ is FDIC insured, but not the ECash. I could be wrong -- their materials are extremely confusing and hard to follow.
I read the entire lengthy contract and found quite a few things which appear to be designed to cover the bank's posterior. 1. Both parties stipulate that their relationship is a business relationship and not a fiduciary relationship. 2. Your account is not FDIC insured. 3. The bank accepts no liability for anything going wrong, although it may, at its sole option, attempt to make ammends. 4. Parties agree to wave a jury trial. 5. Parties agree to binding arbitration. 6. General waffling to the effect that the tiny fees collected imply an equally tiny responsiblity and potential liability on the part of the bank. Now most of this language also appears in the fine print of the First Virtual agreement, so it is not like you have an option of trading on the Internet under the rules which govern your ordinary checking account. One wonders whether signing away all responsibilty on the part of the bank is going to be the standard for using digital money on the Internet, or whether consumers will demand protection when using these new services. One has to be careful that when new technology replaces old, the privacy protection which applied to the old also applies to the new. Good examples of this in the past are the ways in which the rights you have to the privacy of paper mail generally fail to be extended to Email, and of course "regulation E", which exempted bank accounts which were capable of Electronic Funds Transfer from a great deal of the protection which used to govern users of ordinary checking accounts. On the brighter side, Dr. Chaum's success in convincing someone to back DigiCash with actual US dollars certainly makes advances in breaking public key cryptography worth a great more than the tiny prizes currently offered by RSADSI. It will be interesting to see how this all works out in the next few months. Arjen Lenstra is planning on factoring RSA-130 on the Web for a high performance computing conference later this year. This should lead to some very robust estimates for the amount of computing power needed for GNFS to break 512 bit PGP keys. Does anyone know the details of the DigiCash protocol, or how much computing power it would take someone to make counterfeit coins? -- Mike Duvos $ PGP 2.6 Public Key available $ mpd@netcom.com $ via Finger. $