Editorial: The Value of Privacy
Privacy is a virtue, especially when you can turn it on or off at will.
If you utter the word "privacy" regarding Internet (and thus, cryptocurrencies), most people will immediately think "drugs" or even "pedo-pornography". And you will hear the famous "I have nothing to hide". Let’s debunk this.
First, whether or not we have something to hide, we almost certainly have something to protect. Second, not only is privacy nice, but privacy is actually necessary for society. And third, privacy is a right and like any right, you can turn it off if you want - and this is exactly what Monero offers, optional transparency.
Something to protect
Let me show some perfectly legitimate reasons for privacy.
As an individual, you may not want to be targeted based on your spending habits or your location. Perhaps you don't want your family (or ex-family!) to know with whom or at what you are spending your money, especially some sensitive things. There are many reasons, (not comfortable with it, spoiling relationships, blackmailing/kidnapping-magnets…), you may prefer people to ignore how much you earn. You'd rather avoid "neighbours gossipping that you don't give enough to your church or that you spend too much on porn" (Gregory Maxwell). Your landlord should not be able to scan the blockchain to discover you got a raise and so decide to increase the rent, nor should your employer know which NGO you support.
As a company, you don't want competition to know that you signed a contract or to be able to discover trade secrets just by analysing the block chain (customers, supplies purchases, payroll, margins…).
For anyone, there is the risk of accidentally stumbling on tainted money (like what happened to this Coinbase user and this one). Go explain to a judge that "you didn't know". After all, if anyone can trace the money, this means that you should have traced it too, right?
And finally, for the cryptocurrency itself, lack of privacy means giving more power to miners than they are supposed to have. If they can identify via the chain, they may "start to impose blacklists, whitelists, redlists, and other intrusive requirements on transactions. […] Too much mixing? No "SafeChain approved" tag? Etc. Sorry, your transaction never gets into a block." (smooth, who also explains there why we have a tail emission). Similarly, a cartel of miner could decide, for economical, ideological, etc. reason to make any transaction going to one address particularly difficult (prevent Wikileaks to get Bitcoin donations, for instance).
Remember: evil bit doesn’t exist.
Countless studies have proved that people behave differently when they know they might be watched. Sure, it means they will think twice before committing heinous acts, but it also means they will think twice before acting freely.
The value of privacy
Privacy is not just comfort. Despite all of our rambling about its deliquescence, most of us live in a wealthy First World nation. War-torn countries and totalitarian regimes are places where freedom of press is punishable, sometimes by death, for the journalists but also (and we tend to forget it), for the local informants. When we say we want Monero to be scalable, this also means that those people can use it.
We put so much care into making the blockchain technology resilient from technical failures, but make no effort to make it resilient to political and social failures.
Optional transparency
That being said, privacy is not black and white. There are some cases when you do want transparency. Your company may need to be audited, and a charity or government may wish to, or even be required to, make its accounts publicly visible. In these case, a transparent blockchain would be acceptable.
But what if you don't want anyone to find out, just a restricted set of persons, like the tax office, the auditors, the shareholders or the charity members? Or, for individuals, what if, as a parent, you would like to monitor what you kids are spending the money you gave them on? You would certainly not want other persons to know (this would avoid the drama of children comparing their spendings in the playground, too). In all of these cases, a mandatory transparent blockchain is not a solution.
Fortunately, Monero has a mechanism to address these two situations - the viewkey. A viewkey is a simple strong of characters that allows someone in his possession a read-only access to the wallet (you need to have a complete copy of the blockchain, too, so having a copy of the blockchain in a USB key is helpful). This will tell you the balance, the deposits and the withdrawal, but still won't give you the origin and the destination of the transaction, so that the rest of the network is not compromised. If you want to audit a transaction, you can ask the viewkey of both parties and you're set. And if complete access to both wallets is too much (if you only need to verify a given transaction), details of a transaction can be revealed via a similar mechanism on a per-transaction basis. So, you can decide the level of access: everyone, someone, no one.
What does it mean, on top of additional freedom? This means that since Monero plays fair with everyone, governments wouldn't need to outlaw it, as law enforcement could still be given the tools to investigate illicit transactions (although they'd need to ask for the person's viewkey first, but that's no different than asking for someone's password to reveal incriminating evidence on their computer). It is of particularly importance considering attacking a major crypto is surprisingly easy and within a State's reach (and even more so in the case of a coalition).
This is what real privacy is about. Caring for all parties involved.
Oh, one more thing: in our blockchain-powered internet of things future (IBM, Szabo), opaque blockchains would help avoiding the pervasive monitoring Snowden revealed to us. You would certainly not want every burglar to know when you are home just by scannng the blockchain, right? Just give the viewkey to selected devices and you’re fine.