Some thoughts on the proposal floating around to require all electronic transactions be identified and have IRS-endorse tags. I believe this runs smack up against the First Amendment (and possibly the Fourth), and that private transactions, contracts, IOUs, and such are essentially untaxable and nonvisible to the government (practically speaking, a la the situation today and at all times in the past). Encrypted financial speech is indistinguishable from encrypted political or religious or romantic speech, for example, so any requirement that economic speech be visible to the government for taxation or regulatory purposes would have an unconstitutional effect on speech in general. (Not all speech is free of government regulation, obviously. Many examples of regulated speech: medical claims, speech to minors, obscenity, and so on. But the regulation of this speech is done "ex post facto," not by prior restraint or official censorship (where a censor has to approve material), and not by the government opening letters to determine if they comply with regulations. Bear this in mind when reading the stuff below.) At 5:21 AM -0700 11/21/97, John Young wrote:

Network World, November 15, 1997:

Welcome To Cyberspace. Your Papers Please?

Under active consideration is a plan to require taxpayers to obtain digital IDs for all electronic transactions, keeping records that could be examined on audit. The IDs would be issued by IRS certified agencies, subject to government developed standards to ensure that proper identity checks are performed before anyone is allowed to shop online. The IRS would enforce this by issuing its own digital certificates to issuers of digital IDs so that they can electronically prove that they have received IRS certification. The technology they need to make this happen is available. All that's missing are the regulations forcing compliance. So, stay tuned. If you enjoyed the encryption key escrow debate, you'll love this one.

I doubt this would pass court challenges. Yes, I now about "the power to regulate commerce," but consider these points: 1. There are no specified transaction forms in commerce. (With only a few exceptions, such as firearms purchases and some "big ticket" items like houses, which have complicated sets of contract agreements, waivers, title checks, etc.) 2. There is generally no requirement whatsoever for identification of a purchaser, or a seller, for that matter. When Alice buys a disk drive, or a box of cereal, or a carton of cigarettes, there is no governmental requirement that she provide a True Name, or any kind of name at all. (Caveats: It will be tiresome to repeat these caveats, so I will list them once. Note that they do not mean there is either a requirement for identity in transactions, or for specific forms of paperwork to be completed. Some caveats: age credentials may be needed for some purchases (alcohol, tobacco, firearms, R- or X-rated material, etc.). Firearms generally now have required paperwork, restrictions, and waiting periods. Pharmaceuticals have various ID requirements. Courtesy of the "War on Terrorism," airlines now require ID. Etc.) 3. Many businesses have started asking for ID for more purchases (perhaps because they think it will lessen liability problems, perhaps because they just think that all customer-units should be tracked). An example: hotel rooms. (Used to be one could just pay cash...now ID is demanded at some hotels.) Some businesses are even demanding Social Security numbers. (And I don't mean banks or other businesses with IRS reporting requirements...a local gun range demanded my SS number for their range ID card.) However, these ID requirements are not the norm, and most merchants will happily take cash money for any and all purchases. 4. "Receipts" are not even required by law for transactions. Alice and Bob can complete a transaction without any paperwork. Or with handwritten notes. Or a Xeroxed receipt form. Or with their Palm Pilots or Newtons, or whatever. (Something Ian Goldberg has demonstrated with a Pilot linking to an e-cash server in Finland, for example.) 5. Transactions may be undertaken over telephone or computer lines, perhaps to sites in other countries. A variety of receipts, ID systems, etc. 6. True Names may be required for certain transactions so as to ensure collection of promised monies. Especially in time-lapse payment arrrangements. Cf. the usual debate about on-line vs. off-line clearing, and the role of escrow agents. 7. "Money is Speech." An encrypted message making arrangements for some transaction may be indistinguishable from other encrypted messages. A law requiring that all encrypted transmissions be compliant with reporting requirements would impinge on speech. (It is not possible to distinguish "money speech" from "political speech," or "other speech" in general. This is a point both Michael Froomkin and I emphasized in our panel discussion and papers for CFP '97.) Also, certain forms of political and private speech would be chilled if identification of all electronic transactions were to be required. Think of someone buying information on birth control methods, or books from the John Birch Society, etc. (Buyer anonymity is obviously a good thing in many cases. Seller anonymity is also a good thing in many cases. I constructed for Chaum, who has not been supporting full, two-way anonymity of late, a plausible scenario where seller anonymity is required to prevent government sting operations. Purchasing porn electronically is a current example. One can imagine Islamic countries using seller traceability in all sorts of bad ways. Only true "Chaumian" e-cash, not the "new Chaumian" semi-traceable form, meets goals we are interested in.) 8. Tax collection issues are generally separate from the details of the transaction. Sales taxes (and VATs) are generally the responsibility of the seller to collect at the time of the transaction, and to report. The seller need not know the identity of the buyer to collect a sales tax. (Of course, part of the reason for the "electronic ID" mentioned in the article John Young quotes is the difficulty of collecting sales taxes across national and state boundaries.) 9. In the U.S. at least, there is essentially no attempt to collect sales taxes on private, two-party transactions. This is not enforceable at flea markets, garage sales, and other such markets, let alone in private transactions between Alice and Bob. 10. To enforce tax collection in such areas, the state would have to become intrusive at an Orwellian level. (And Alice and Bob could _still_ perform "unmonitored transactions" in the time-honored ways.) 11. To enforce tax collection when Alice is using computer communications to contact Bob in Holland, or in Japan, or in cypherspace, the state would have to become intrusive in all computer communications. 12. The expression "to utter a check" dates back before Eric Hughes' usage a few years ago (so I was told by M. Froomkin). A check is a kind of promise to pay. So is an IOU. So is a promissory (sp?) note. So are many kinds of contracts. The state cannot inject itself into all of these private negotiations, contracts, IOUs, etc., at least not before they are litigated because of some agreement. (There's a big difference between the state getting involved because parties to a contract disagree on enforcement, and the state becoming a third party even in early stages, or when no disagreement about enforcement exists.) In summary, much as the government and various advisory panels might wish for some role in "regulating cyberspace commerce," or in taxing it, any attempt to mandate the forms of such commerce or to require that certain identification be used, will directly impinge on the rights of individuals to communicate as they wish with others. Practically speaking, the idea is a non-starter. There are so many ways to skirt the proposed ID systems, using cut-outs, off-shore accounts, pseudonyms, etc., that enforcement would be a nightmare. And the system could probably be monkey-wrenched by staging some major court challenges, where Alice and Bob "break the law" about using digital IDs...and it turns out in court that they were discussing some clearly protected subject, like religious beliefs, personal matters, etc. Once again, the First Amendment provides core protections. --Tim May The Feds have shown their hand: they want a ban on domestic cryptography ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^2,976,221 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."

-----BEGIN PGP SIGNED MESSAGE----- At 09:08 AM 11/24/97 -0700, Tim May wrote:

Some thoughts on the proposal floating around to require all electronic transactions be identified and have IRS-endorse tags. I believe this runs smack up against the First Amendment (and possibly the Fourth), and that private transactions, contracts, IOUs, and such are essentially untaxable and nonvisible to the government (practically speaking, a la the situation today and at all times in the past).

Not to mention GATT and the WTO. I don't think the US can unilaterally mandate a particular electronic commerce scheme and force it on electronic merchants in Mongolia (the freest trading country on earth these days). That's why when Pat said GATT would destroy U.S. soveriegnty, I said "I sure hope so."

3. Many businesses have started asking for ID for more purchases (perhaps because they think it will lessen liability problems, perhaps because they just think that all customer-units should be tracked). An example: hotel rooms. (Used to be one could just pay cash...now ID is demanded at some hotels.)

Though most hotels actually want credit cards and believe that credit cards are a form of ID even though they most certainly are not. I was asked for a picture ID before being shown an apartment. Real Estate agent concern about crime directed at them?

Some businesses are even demanding Social Security numbers. (And I don't mean banks or other businesses with IRS reporting requirements...a local gun range demanded my SS number for their range ID card.)

"I'm Canadian. I don't have an SS#." Works for everything that can be purchased or joined by Canadians in the US.

However, these ID requirements are not the norm, and most merchants will happily take cash money for any and all purchases.

Very true.

4. "Receipts" are not even required by law for transactions. Alice and Bob can complete a transaction without any paperwork. Or with handwritten notes. Or a Xeroxed receipt form. Or with their Palm Pilots or Newtons, or whatever.

The Finanzia Guardia (pardon my Italian spelling) (Financial Police) in Italy enforce the Italian requirement for receipts by fining customers who can't produce them. Designed to back up VAT collection. I noticed that most receipts there were generated by PCs under control of shopkeepers. Good opportunities for keeping double books. I wonder if Italy mandates POS and accounting software?

9. In the U.S. at least, there is essentially no attempt to collect sales taxes on private, two-party transactions. This is not enforceable at flea markets, garage sales, and other such markets, let alone in private transactions between Alice and Bob.

Though the New Jersey Gestapo *have* been attending computer, collector, etc. shows and demanding resale certificates, estimating revenue based on displayed stock, and seizing stock if not paid. (Not recommended at gun shows -- which have been driven out of NJ in any case). Hard work for the revenooers, though.

12. The expression "to utter a check" dates back before Eric Hughes' usage a few years ago (so I was told by M. Froomkin). A check is a kind of promise to pay. So is an IOU. So is a promissory (sp?) note. So are many kinds of contracts.

Uttering checks is from the dawn of commercial paper under common law. I'm sure Eric read it in one of the banking books he likes to read.

Practically speaking, the idea is a non-starter. There are so many ways to skirt the proposed ID systems, using cut-outs, off-shore accounts, pseudonyms, etc., that enforcement would be a nightmare.

No kidding. DCF -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQCVAwUBNHnnQYVO4r4sgSPhAQEeBwQApVihguCs7pl49vKS4MEOyFJQAtPAPa8Z LlvtSES9XkNogf+ko61Am4/KTiBxz6cs11fJJo+g0SP33n852GkUGw0wmgyXYhS7 z9TCfJXnFJFauS/NE1FBF/6An1KFenHCq3qbRGs3rld+mAYwCouiWAR/1QeGMOFf 7MEDFhIxNGk= =utSo -----END PGP SIGNATURE-----