Coinbase has released its first transparency report, and we’re encouraged to see the company take this first step and commit to issuing future reports that go even further to provide transparency for their customers.
Last month, we renewed a call for Coinbase—one of the largest cryptocurrency exchanges in the country—to start releasing regular transparency reports that provide insight into how many government requests for information it receives and how it deals with them. Financial data can be particularly sensitive, and decisions about turning over that data or shutting down accounts should not be made in the dark.
Coinbase’s first transparency report shares some important information. It offers an aggregate number of requests received from law enforcement agencies in more than thirty countries and a breakdown of what types of agencies have asked for information in the United States. Overall, Coinbase has received 1,914 requests—the vast majority of which it’s categorized as for “criminal” investigations.
Transparency reports are important tools for accountability for companies that make decisions about when to turn over financial information or shut down accounts, which can have a huge impact on individual privacy and speech online. Publishing information about law enforcement requests that providers receive—and their responses to them—enables users to make informed decisions about the services they use. Reports also help journalists, advocates, and the public get insight into the patterns and practices of law enforcement data collection.
Coinbase’s report is an important but modest step toward the transparency reports that people should expect from their financial institutions. We’re encouraged to see Coinbase acknowledge the limits of this report in its own announcement: “While we are restricted from disclosing some of the information requests we receive, over time we hope to update and improve our reports with additional information, resources, and observations to provide more granular insights into our government response process.”
We have some ideas on how Coinbase can improve its reports in the future. First, it would be helpful for consumers and advocates to know how many requests Coinbase may have challenged, or how many accounts were shut down as a result of these requests. Other companies routinely provide that level of detail.
For future reports from Coinbase and other financial institutions, EFF would also like to see transparency reports that outline informal government requests that don’t come from a subpoena, warrant, or other legal process, such as when law enforcement agencies have bullied companies to shut down accounts through coercion. We’d also like to see more information on how companies such as Coinbase handle government requests, which companies often make publicly available. It would also be useful for financial services such as Coinbase to start publishing how many Suspicious Activity Reports they file with the Financial Crimes Enforcement Network annually, and about how many accounts.
It’d also be valuable for payment processors to offer aggregate information about how many accounts are either frozen or terminated, broken down by the justification, such as for fraud or Terms of Service violations.
We also want to echo the call that Coinbase General Counsel Paul Grewal made asking others in the financial services industry to step up with their own reports. “[While] transparency reports have become more common in tech, they remain rare in financial services,” Grewal said, “We think it is important not just for cryptocurrency companies, but for fintechs and banks at large to shed light on financial data sharing practices and contribute to the understanding of industry trends in a meaningful way.”
We agree, and call on other payment intermediaries and custodial blockchain services to follow the lead of Kraken and Coinbase in providing this vital information to their users.