Bernstein v. United States: Code as Speech
By @0xLayerTwo
Defining The Issue: What is Tornado Cash
It has been approximately two weeks since the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned Tornado Cash, a cryptocurrency mixer that has been operational on the Ethereum blockchain for three years.
How It Works
Tornado Cash is a decentralized crypto-mixing service that allows users to send crypto into the protocol by depositing it into liquidity pools in set amounts, then later withdrawing it to a different address with no indication of where the crypto being withdrawn originally came from. Tornado Cash leverages smart contracts to facilitate deposits and multiple address withdrawals. Withdrawals are made from the Tornado Cash protocol liquidity pools, making it difficult to know the sender's identity.
Tornado Cash creates a secret hash any time a user deposits crypto into one of its liquidity pools. The protocol accepts the deposits and the hash in a process known as commitment. The commitment identifies the owner of the funds and confirms them during withdrawal. When withdrawing the funds, the user must input the secret hash to prove ownership while maintaining on-chain anonymity.
What makes this event so notable is that the OFAC has sanctioned the code running the Tornado Cash application itself, which was written as an open-source, decentralized tool for anyone to use for any purpose. While some use this for valid purposes, such as Vitalik Buterin sending money to Ukraine as aid during their time of need, and using privacy not for his benefit, per se, but for the recipients.
Others have suggested that, although Tornado Cash may be used by criminals to launder money, it's also widely used legally by crypto users who simply want to improve their blockchain privacy. The protocol's proponents strongly argue that Tornado is a computer code that can be used for good or bad intentions – similar to internet VPNs. Some have gone a mile and compared the Tornado ban to the email sanctions of the early internet days, explaining that email facilitates phishing attacks.
There are several genuine reasons why a person can use Tornado Cash. For instance, a software employee paid in cryptocurrency and is unwilling to let their employer know much about their financial transactions can use Tornado Cash for payment. Also, an NFT artist who has recently made a killing and is not ready to draw online attention can use Tornado Cash to improve their on-chain privacy.
To play devil’s advocate here, there is merit to the regulatory view that this is a project being used for illicit purposes that do harm. Based on its lifetime usage since 2019, Chainalysis estimates that 10.5% of crypto received through Tornado Cash has been stolen.
The Burning Question
This brings us to the burning question that the Tornado Cash Sanctions have sparked:
Is writing open source code illegal? Enter Bernstein v. US.
Facts of the Case
Daniel Bernstein developed encryption software that he called “Snuffle” when he was a doctoral student. He wanted to publish the source code and a research paper on it for peer review purposes. Cryptography, as related to encryption, had been of increasing concern to the U.S. government and they passed laws regulating its dissemination. Bernstein knew of this and inquired with the State Department on whether he needed a license to publish his work. The Export Administration Regulations (EAR) prevented him from freely publishing the source code, which led Bernstein to argue that the regulation infringed on his First Amendment rights.
The State Department’s official response was that Bernstein’s software was a munition under the International Traffic in Arms Regulations. Thus, Bernstein had to register as an arms dealer and apply for a license to publish or “export” his software’s source code and accompanying research paper.
Bernstein appealed on constitutional grounds, arguing that the regulations infringed on his First Amendment rights to free speech. The issues posed to the court was whether the EAR restrictions on Bernstein’s ability to publish the source code was a violation of the First Amendment.
Court’s Ruling
The court found that the EAR regulation gave the government substantial power to discriminate since it gave its administrators power to deny licenses for inconsistencies with U.S. national security and foreign policy interests, which the Court found to be an overly broad policy allowing for widespread censorship. The court also stressed that whether the administrators actually discriminated was a non-issue, rather, what mattered was that the rules allowed for this type of discernment.
On the topic of code as expression, the Court found that cryptographers, like Bernstein, used source code to communicate scientific ideas, which is considered expression for the First Amendment purposes, and is thus protected. The government argued that the source code is unique expression because it is related to functionality. The court dismissed that argument, stating that “[t]he fact that computers will soon be able to respond directly to spoken commands, for example, should not confer on the government the unfettered power to impose prior restraints on speech in an effort to control its ‘functional’ aspects.”
The court then analyzed the merits of EAR’s licensing restraints using a three part test: (1) restraint had to be for a specified brief period of time; (2) there had to be expeditious judicial reviews; and (3) the censor had to bear the burden of proof. The court found that the EAR regulation violated part 1 of the test as it had the potential of lasting indefinitely.
The Court ruled:
This court can find no meaningful difference between computer language, particularly high-level languages as defined above, and German or French….Like music and mathematical equations, computer language is just that, language, and it communicates information either to a computer or to those who can read it. In light of these considerations, we conclude that encryption software, in its source code form and as employed by those in the field of cryptography, must be viewed as expressive for First Amendment purposes, and thus is entitled to the protections of the prior restraint doctrine
Based on this analysis, the court ruled that Bernstein’s source code was expression protected under the First Amendment and that it was violated by the EAR regulation. However, the court stressed that not all software is expression.
Exceptions to Free Speech in the USA
The Following is a list of exceptions to free speech in the USA:
Obscenity
Fighting words
Defamation
True threats
Incitement
Crimes involving speech
Speech owned by others
Public employee speech
Commercial speech
I want to focus on two exceptions that the United States may rely on when crafting its arguments against Tornado Cash and any other code they may sanction in the future, Incitement and Crimes Involving Speech.
Incitement
Speech that pressures or encourages individuals to commit illegal and/or dangerous acts is NOT protected by the First Amendment. When the speech causes people to take unlawful actions, they are violating the right to Freedom of Speech.
Most recently, in the press, there was a case of two teenagers who formed a virtual relationship. Conrad Roy expressed to Michelle Carter that he was depressed, after urging him to get help, Carter began encouraging him to take his life. She was on the phone with him when he died by suicide and moments before she continued to urge him to do so. Carter was later found guilty of involuntary manslaughter. This case opened up the conversation about technology and the law. It shows the dangers of incitement and how Freedom of Speech does not protect from causing harm to others through speech.
While there is no central body to Tornado Cash that is pressuring users or encouraging users to commit illegal acts, its existence in and of itself and the fact that it cannot be stopped by regulators opens the argument that the code encourages users to act illicitly.
Crimes involving speech
Crimes that use speech to commit them, such as perjury, blackmail, and harassment are not protected by the First Amendment either. These are all crimes in and of themselves, but because they involve speech, they get a spot on this list.
Again, this opens the argument up that Tornado Cash code itself is used to commit crimes such as money laundering and tax evasion, and therefore its actually appropriate to censor the program at the code level as speech that is used to commit crimes.
The regulatory landscape is about to get interesting as regulators finally seem ready and willing to step up to attempt to seize control over these massive networks as much as they can, while users and the corporations (both centralized and decentralized) behind technology and progress are dug in and ready to fight for the new frontier and to fight for our networks and their neutrality.
Whether it is fair or not, the ball is now in the courts of privacy based dApp and chain developers to find a way to introduce some sort of KYC/AML measures so that the genuine users of their chain or application can continue to benefit from privacy. Privacy is a tool, and like any other tool, it can be used for things that are good, bad, and credibly neutral.
To that end, guns can be used to hurt people, and manufacturers are not being thrown in jail after each act of gun violence. A baseball bat can be used to play sports, or it can be used to hurt people. A car can be used to transport people, or it can be used to hurt people. As can an airplane. As can almost any other invention in the history of man kind. It is absurd that open source developers who contribute to neutral programs can be thrown in jail, whether in America, the Netherlands, or anywhere else in the world.
Not financial, legal or tax advice. This newsletter is strictly educational and is not investment advice or a solicitation to buy or sell any assets or to make any financial decisions. All opinions expressed are solely those of the individual author. This newsletter is not legal advice and does not create an attorney-client relationship. This newsletter does not constitute tax advice. Talk to your independent attorney and/or accountant for any questions specific to you. Always do your own research and use caution when interacting with smart contracts or the blockchain