In September of this year, the European Union Agency for Network and Information Security (ENISA) published a paper on cryptocurrencies in the EU. The paper discusses the volatile cryptocurrency market. It includes suggested measures to adapt to cryptocurrency and emphasizes the need for a flexible regulatory approachtowards cryptocurrency. ENISA also includes some of the risks cryptocurrencies might bring. In this blog, we will discuss the main takeaways of the ENISA paper for you.
First, a short recap on the definition of cryptocurrencies is in order. Cryptocurrencies are decentralised virtual currencies using cryptography for safety. At the moment of writing this blog, there is an estimated 130 billion euros circulating the market. Most virtual coins operate on the blockchVia ain.
Now that cryptocurrencies are more accepted in society, it is time to regulate, according to ENISA. Taking into account ‘crypto-thefts’ and companies misusing Initial Coin Offerings (ICOs), this seems understandable. Several non-EU countries have already started with the regulatory process regarding cryptocurrency. ENISA gives the example of Japan legalizing Bitcoin and the Philippines granting cryptocurrency exchange licenses. ENISA now calls for regulation in the EU, as well as measures to improve safety on the crypto market. Some of the suggested measures are:
Furthermore, ENISA comments on the amendment to the Anti Money Laundering Directive (AMLD). It agrees with the European Commission that regulating the virtual currency market can improve legal certainty in this area, as well as boosting the confidence of cryptocurrency-users. However, it emphasizes the need for a flexible regulatory approach in order for the market to retain the advantages and flexibility cryptocurrencies offer at the moment.
ENISA also points out a privacy risk regarding the use of cryptocurrencies. Since all parties are able to download the ledger (the record of all transactions), which is kept permanent, this could lead to a clash with the GDPR. After all, the GDPR requires data to be deleted after becoming unnecessary, which goes directly against the permanent nature of cryptocurrency and blockchain. This might be a tough cookie for the European and national legislator. Our team of specialists is looking forward to providing you with advice regarding the use of cryptocurrency, blockchain or privacy in these challenging and dynamic times.