Data Security
Centralization or dissemination
Why concentrating sensitive crypto data creates a more dangerous target than separate databases held by accountable actors.
Updated
Short answer
Architecture matters. Sensitive information dispersed across several accountable providers does not have the same risk profile as information centralized into automatic reporting systems and exchanged between administrations. Today’s model spreads crypto data across providers that are directly accountable for protecting it. DAC8 adds systematic circulation toward tax authorities and between jurisdictions: data leaves its initial perimeter, multiplies, and becomes easier to search, copy, correlate and misuse. For crypto assets, which can link a person to a liquid asset that is transferable under duress, this move toward centralization is especially dangerous. Minimization and targeted access remain safer defaults than systematic centralization.
Key facts
- Architecture drives risk: dispersed data and centralized data do not have the same profile.
- Dispersed model: providers (CASPs) hold client data in their own systems and are subject to security obligations, sanctions, commercial risk and the risk of losing their license, which creates direct accountability and strong incentives to protect the data.
- DAC8 model: systematic circulation toward tax authorities and between jurisdictions; data leaves its initial commercial perimeter and multiplies across different environments.
- Simple rule: the more data circulates, the more points of failure there are.
- Effect of centralization: a single or semi-single target, more legible and more profitable to compromise, with data that is easier to search, copy, correlate and misuse, by attackers and insiders alike.
- Crypto specificity: the data can link a person to a liquid asset that is transferable under duress.
- Better default: minimization and targeted access rather than systematic centralization.
The dispersed model
In today’s model, crypto-asset service providers (CASPs) hold their clients’ data in their own systems. These actors are subject to security obligations, sanctions, commercial risk and the risk of losing their license.
This direct accountability creates strong incentives to protect the data. Each actor answers for its own failures, and the data stays confined to its original commercial perimeter.
The DAC8 model
DAC8 adds systematic circulation toward tax authorities and between jurisdictions. Data leaves its initial commercial perimeter and multiplies across different environments, each with its own rules, tools and levels of protection.
The more data circulates, the more points of failure there are. Every copy, every transfer and every additional environment is an opportunity for a leak, an error or misuse.
The security argument
Centralization is not neutral. It creates a single or semi-single target that is more legible for attackers and more profitable to compromise. Concentrated data also becomes easier to search, copy, correlate and misuse, whether the threat comes from external attackers or from insiders.
For crypto assets, this choice is especially dangerous: the data can link a person to a liquid asset that is transferable under duress. The risk is not only administrative or fiscal; it is also physical.
The better default
For sensitive crypto data, minimization and targeted access are safer defaults than systematic centralization. Collecting less, restricting access and avoiding the build-up of a centralized database shrink the attack surface instead of expanding it.