Embattled Administration Pushes Midnight Controls on Financial Tech

Well, that was quite a week, wasn't it? As I write, it's a little unclear who is running the country right now, as the putative executive does not seem to be doing much executing—let alone communicating—these days. What is clear is that the real engine of the state, the administrative apparatus, is still chugging along just fine. Unelected bureaucrats continue to roll out significant regulations not only during a lame duck period, but amidst an apparent regime crisis to boot.

Even during normal times, outgoing administrations push through last-minute rules while they still have power. These are called "midnight regulations," and they often include particularly sweeping and onerous rules that might not otherwise pass muster. You can view the midnight regulation phenomenon easily on a graph: like clockwork, rules will spike in the last year of an administration.

It's easy to see why midnight regulations occur. An administration will only be in power for so much longer. They want to be able to push whatever last effort controls they can before they are pushed out the door. Since they don't have much time, the rules will tend to be sloppy and receive less vetting than they otherwise would. And because the declining regime will really want to make things stick, they may reach farther than they did before they were racing against the clock. It's "one more good one for the road" thinking.

It's a bit remarkable to see midnight regulations still being promulgated during an apparent crisis of regime legitimacy, however. The chaos is not stopping government bodies from rolling out new controls on technology.

The most egregious is probably the Treasury Department's proposed expansion of financial surveillance on cryptocurrency. The rules would require warrantless data collection on the senders and recipients of cryptocurrency transactions over $3,000 when involving users that choose to host their own wallets.

Expanding government financial surveillance is obviously horrible for privacy. It also saddles cryptocurrency users with a massive security risk. Just a few weeks ago, we learned that the Treasury Department had succumbed to a major cyberattack. The government can't keep its systems secure, yet it wants to have access to even more of our data. Want to keep data safe? Don't collect it in the first place.

Not only is this proposal an inconsistent expansion of the already constitutionally-questionable Bank Secrecy Act, what I call "the PATRIOT Act for money," it afforded an insulting fifteen days over the Christmas break for the millions of affected cryptocurrency users to comment on the controls.

Even worse, the Treasury Department apparently miscalculated the comment deadline given the number of days they had afforded the public. Rather than openly admitting their mistake and advertising that the public would have three extra days to comment, the agency just quietly changed the due date on the Federal Register website.

The cherry on top: the Treasury Department may not even have the authority to issue these rules in the first place according to the very statutes it invokes in its own proposal. Peter Van Valkenburgh and Jerry Brito of Coin Center point out that the Treasury Department may be making up powers out of thin air that rightfully are vested in Congress. Not only is this a midnight regulation, it's a midnight power grab.

The administration has also pushed through midnight controls on foreign technology companies during its maimed duck period. There was the post-election order to de-list certain Chinese companies from the New York Stock Exchange that was a-go, then reversed, and then eventually reinstated over the holiday break. On the same week that the Capitol melted down, the White House banned Chinese payment apps like Alipay and WeChat Pay for the financial surveillance risk it posed to Americans.

The concerns that underlie these rules are not misguided. It is true that the Chinese Communist Party has close connections with some of its largest companies and that its influence can be wielded against Americans.

One problem is that these rules are shaped by midnight thinking. The China hawks in the Trump administration probably hope to head off the policies of the more China-friendly Biden administration. These last-minute rules might put up some temporary barriers, but because they are so rushed, they are almost surely not the best ways to achieve the intended aims.

Consider the Chinese financial app ban. It's ironic that the U.S. government would ban certain apps for financial surveillance risks at the same time that it proposes midnight controls on cryptocurrency technologies to expand financial surveillance. It's not even a question about whether it's better that the American or Chinese government has your financial data: the Chinese could (and maybe already have) hacked the financial datasets that American banks and agencies are required to store. In other words, the rule is more about geopolitical maneuvering than an earnest attempt to protect Americans from financial surveillance risks.

Not all of the last-minute rules from the waning Trump administration have been bad. Personnel, as they say, is policy. The Office of the Comptroller of the Currency has been a rare bright spot for forward-looking financial technology policy. Two days before the Capitol siege, acting director Brian Brooks issued a letter giving the green light to banks to use public blockchains and "stablecoins," or cryptocurrencies pegged to some external value like the dollar, to store or validate payments.

This is a great idea on its own merits. Public blockchains can provide cheap, efficient, and secure settlement for banks. But the timing of this ruling may have been motivated by the acting director's waning chances for re-appointment before January 20. Additionally, allies of the incoming administration have virtually declared war on stablecoins through such measures as the STABLE Act, which could make it illegal to run certain kinds of cryptocurrency nodes. This is the policy calculus of a power transition.

There is a deeper irony that has revealed itself in this crisis of regime legitimacy. The president and his supporters find themselves virtually locked out of the public sphere through a series of deplatformings by vendors and service providers. Even when an outer party member does manage to "build their own Twitter," they quickly discover that hosts, payment processors, and even domain services refuse to support their alternatives.

This deplatforming trend will continue and expand against more groups globally; others will seek to wield this power for their own advantage. Trusted third parties are security holes.

Bitcoin, and other distributed technologies that have been targeted by the Trump administration, were created specifically to provide a censorship resistant means to send data and money online. Trump and his supporters should hope that these cryptocurrency controls don't take hold: their continued operations online may soon depend on distributed tech like Bitcoin.