This morning, the founder of the Foundation Human Rights in Finance.EU, Simon Lelieveldt, sent the following message to (the staff of) Minister Kaag of Finance.
“With gratitude for the granted additional time to respond, I hereby send my response to the consultation Implementation Act VO (2023/1113) on money transfers and transfers of crypto assets, along with related information.”
In this response, I point out the constitutional objections that fundamentally exist within this regulation, which, as I explain, strikes at the heart of all privacy-related regulations in Europe and related rulings of the European Court of Justice. These objections have both a simple substantive and a fundamental basis that I would like to remind you of once again.
I think that in the few months remaining until the elections, given her visible engagement with international political human rights and human rights in general, the Minister would do best as a member state to propose the cancellation of the mentioned regulation. According to the rules of Europe, there is still a 10-day window for this, and considering the urgency, I can only advise that the Ministry initiates this process immediately. It would be quite ironic if ‘the end of privacy as we know it’ were undermined by this very Minister.
Why would a government, whether national or international and bound by treaties and obligations regarding human rights, consider it proportional to breach the privacy and data protection of all innocent citizens by obligating the transmission of name/address and ID/birthdate/nationality information in all crypto/money transactions worldwide? Especially when removing these broadcasting obligations in articles 14-23 does not diminish the control obligations of parties and the actual management of risks. Moreover, under article 24, the option for justice would still exist to promptly obtain all the information they seek with a proper request, under the condition that there is a concrete suspicion against that individual involving money laundering and/or terrorist financing?
The Ministries referral to the fact that the Regulation is a done deal and cannot be revisited doesn’t seem appropriate to me. Under the Treaty on the Functioning of the European Union (TFEU), the national government always has the possibility to propose the annulment of a regulation, and this seems urgently needed and the only current meaningful action for the government to take, especially when considering the context of previous data protection rulings by the Court of Justice. The process in which this legislation was rushed into existence also renders it legally vulnerable. I elaborate on this further in the consultation response, but the technical EU formal requirements for the regulation to be established within the parliament haven’t been met either.
A small group of parliamentarians, under pressure from a political process in which even governments are being drawn into unconstitutional human rights violations, has fast tracked this Regulation, but the regulation has not been appropriately translated in accordance with EU rules/procedures and the applicable timelines for all parliamentarians. Anyone who investigates this, considering these and other formal errors, cannot come to any other conclusion than that it cannot be legally argued that a decision has been made here on behalf of the citizens.
A practical point is of importance here. With these non-technologically neutral definitions of crypto assets and wordings in the text (including design flaws by not addressing the data protection of citizens/companies whose data needs to be transmitted across the world without their knowledge), a malicious commercial network party could easily exploit this regulation to perpetually transport the key profile information of all customers worldwide to all existing jurisdictions under the guise of preventing EU money laundering. Facebook (or Palantir) will be overjoyed with this opportunity, and Max Schrems sees his legal victories disappear into thin air.
In my opinion, both the political and fundamental rights impacts have not received sufficient attention. This has been the case since 2019 when the initial thoughts arose, and I considered it my civic duty to point out the inappropriateness of continuing with ineffective monitoring/surveillance of banks, now also extended to crypto with even greater intensity. The challenge for regulators is not to persist on that dead-end path, but to do the opposite. The realm of administrative law needs to be cleared of the excessive overkill based on FATF recommendations/requirements that is clearly disproportionate. This regulation is a prime example of that, and its cancellation will make a significant difference in terms of not harming innocent citizens worldwide.
In the few months leading up to the new Dutch elections, the Minister has, in my view, the opportunity to demonstrate her genuine commitment to international human rights and score an important legal goal by canceling this regulation, based on a rethink/review and referring to newer insights and reflection. I consider this cancellation a matter of utmost urgency, and that is my strongly motivated core advice regarding this consultation.
In case the Minister does not pursue the cancellation, I do have a practical suggestion regarding where one of the provisions from the Regulation should be incorporated into the Dutch Anti-Money Laundering Act (Wwft). This suggestion is, to a certain extent, a partial solution, but considering the Dutch jurisprudence in the Bitonic case and the statements made by DNB since then, it is an important one. Proposed Rule 8.5 should be integrated into Wwft 3.2.g
Again, my apologies for the length of both the consultation response and this email. However, I hope it’s evident that this is a serious matter that compelled me to forgo my vacation. For those unfamiliar with the case, I would recommend taking a moment to read the consultation response from October 2019 that provided a clear foresight of what awaited us in the realm of crypto-Netherlands (the full text can be found here – in Dutch).
The history that unfolded previously at the national level seems to be repeating itself, but now at the European level. In a moment of political pressure, we’re implementing a rule that could be so easily abused that all rulings by the Court of Justice concerning travel data, telecom data, UBO registers, or anything similar could be considered irrelevant. I wouldn’t want that to be my legacy.
With passionate regards