Anonymity in Bitcoin?

Anonymity in Bitcoin – The Users’ Perspective

Anonymity in Bitcoin – The Users’ Perspective Research-in-Progress

Benjamin Fabian Chair of Business Intelligence and Data Science, Hochschule für Telekommunikation Leipzig (HfTL) Gustav-Freytag-Str. 43–45 04277 Leipzig, Germany [email protected]

Tatiana Ermakova Chair of Business Informatics, esp. Social Media and Data Science University of Potsdam August-Bebel-Str. 89 14482 Potsdam, Germany [email protected]

Ulrike Sander Institute of Information Systems Humboldt-Universität zu Berlin Spandauer Str. 1 10178 Berlin, Germany [email protected] Abstract This article analyzes how users perceive the degree of anonymity provided by the Bitcoin network, to what extent they are concerned about anonymity when using Bitcoin, whether they are knowledgeable of and concerned about specific deanonymization attacks, and if they are aware of and adopt privacy-preserving countermeasures. A user survey with 125 active Bitcoin users reveals that 70% associate a medium or high level of anonymity with the Bitcoin network and rate their concerns as either low or medium. But almost every fifth user has already considered abandoning Bitcoin because of being concerned about anonymity. Though one third are aware of the risk of de-anonymizing the Blockchain but are not concerned, another almost 50% indeed feel concerned. Our findings have implications for users and developers, suggesting that actions should be undertaken to increase privacy awareness and the level of anonymity provided by the Blockchain and the Bitcoin network. Keywords: Bitcoin, Blockchain, Privacy, Anonymity, User Requirements

Introduction Bitcoin (BTC) is a convertible virtual currency based on a decentralized peer-to-peer network. In 2009, Bitcoin was launched by a person known as Satoshi Nakamoto (Nakamoto, 2008) and has gained a large amount of controversial media and government attention since its introduction. Due to Bitcoin’s decentralization, there are lower transaction costs and fees, no financial institute acting as an intermediary, and financial freedom as accounts cannot be frozen (Mullan, 2014).

Thirty Seventh International Conference on Information Systems, Dublin 2016

1


However, in contrast to popular belief that another benefit associated with Bitcoin is its full anonymity, Bitcoin is not per se anonymous. All confirmed transactions with the corresponding Bitcoin addresses as pseudonyms are publicly announced in the Blockchain (Meiklejohn et al., 2013). In our research project, we aim to investigate the privacy awareness and potential concerns of users of peer-to-peer applications based on the Blockchain technology, with Bitcoin as a starting point. By conducting a study among active Bitcoin users, the present research study analyzes how users assess the level of anonymity provided by the Bitcoin network and to what degree they are concerned about their anonymity when using Bitcoin. It further examines Bitcoin users’ awareness and concerns regarding the general risk of de-anonymizing the Blockchain in general and based on specific de-anonymization techniques. Finally, this study investigates Bitcoin users’ knowledge and adoption of various currently existing countermeasures. Our article is structured as follows. The next section provides background on privacy concerns and their impact on adoption and usage of online technologies. It further discusses the different methods of attacking Bitcoin users’ anonymity and their potential impact. Existing as well as potential improvement measures together with their benefits and drawbacks are contrasted as well. After that, we proceed with the main contribution of this paper, presenting the results of a survey of 125 active Bitcoin users about Bitcoin anonymity. Finally, limitations and future work directions are given, followed by concluding remarks including resulting implications.

Background Privacy Concerns In the management information systems (MIS) research, information privacy is subject of intense research (Smith et al., 2011; Bélanger and Crossler, 2011; Pavlou, 2011; Li, 2011, 2012). Scholars define information privacy concerns as the degree to which individuals are concerned about online companies’ practices with respect to the collection and use of their personal information (Smith et al., 1996). Especially due to companies tracking online users and sharing their personal information with third parties, online users feel increasingly concerned about their information privacy (TRUSTe, 2015). Empirical studies repeatedly confirmed the negative effect of information privacy concerns on individuals’ attitudes towards online services (Angst and Agarwal, 2009; Dinev et al., 2012), behavioral intention to use online services (Angst and Agarwal, 2009; Li, 2013; Dinev and Hart, 2006b), behavioral intention to reveal information for online transactions (Smith et al., 1996; Bansal et al., 2010; Korzaan and Boswell, 2008; Dinev and Hart, 2006a), and actual behavior (Son and Kim, 2008). Practice similarly shows that almost ninety percent of Internet users avoid companies that do not protect their privacy (TRUSTe, 2015). Based on this theoretical background, it is our hypothesis that privacy concerns could also constitute a major obstacle to the adoption of Bitcoin and other Blockchain applications. Anonymity in Bitcoin Although some MIS scholars do not differentiate between information privacy and information control (Smith et al., 1996; Malhotra et al., 2004; Hong and Thong 2013), others argue that information control rather plays a key role in the formation of information privacy (Dinev et al., 2012, 2013; Xu et al., 2011, 2012). A recent study by Dinev et al. (2013) further shows that, mediated through perceived information control, a critical aspect of perceived privacy is the ability to stay anonymous when using an online service. Based on a classical definition of anonymity (Pfitzmann and Hansen, 2010), the Bitcoin network should be regarded as anonymous for a payer or payee, if and only if an attacker is not able to sufficiently identify the payer or payee within the Bitcoin user community. The media’s popular belief that Bitcoin is fully anonymous stems from a misunderstanding of the currency (Brito and Castillo, 2013). In fact, anonymity was not a primary design goal of the Bitcoin system (Reid and Harrigan, 2011). All Bitcoin transactions are publicly visible in the Blockchain; however, instead of the user’s name, his or her public address occurs as a pseudonym. Therefore, all transactions are pseudonymous (Ober et al., 2013).


2


Androulaki et al. (2013) determine unlinkability as a measure to quantify privacy in Bitcoin. Privacy is stronger, the less personal data of the real identity can be linked to the pseudonym, and the less often the same pseudonyms are used and the less linkable different pseudonyms of one identity are. According to Nakamoto (2008), some linking is not avoidable in the Bitcoin network, because multi-input transactions reveal that their inputs were held by the same owner. The risk for anonymity emerges when the owner of one public key is revealed, as linking could result in exposing other transactions that belong to the same user as well. Among the first ones, Reid and Harrigan (2011) argued that the inherent limits of anonymity largely stem from the Blockchain technology. This publicly visible ledger of all confirmed transactions is necessary to avoid double spending since there is no central authority in the network. However, all addresses used as an input for a single transaction can be grouped to one identity, as a user needs to possess all of those addresses for such multi-input transactions. Then one can cluster all those addresses, which are considered to belong to the same person, into a user network. This heuristic is used as a foundation by many other scholars to de-anonymize the Bitcoin network (Ober et al., 2013; Androulaki et al., 2013; Meiklejohn et al., 2013, Ron and Shamir, 2013). Spagnuolo et al. (2014) developed BitIndoine, a modular, semi-automatic framework that clusters addresses, labels the classified addresses and visualizes them. Another approach to de-anonymize the Bitcoin network is the mapping of Bitcoin addresses to Internet Protocol (IP) addresses. This technique does not rely on the links between the transactions (Koshy et al., 2014). Its aim is rather to associate an IP address with a specific Bitcoin address, which is taken from the Blockchain. Possessing information about the device which a Bitcoin address originated from would be a major breach of anonymity. Inspired by Kaminsky (2011), Koshy et al. (2014) analyzed the possible risk of mapping Bitcoin addresses directly to IP data. They built a Bitcoin client, which they called CoinSeer, to actively collect the data of 5.6 million transactions. Lischke and Fabian (2016) used such mapping techniques to study the evolution of the Bitcoin economy. One can argue that IP addresses could remain untraceable when proxy or anonymity services such as Tor are used. However, Biryukov et al. (2014) showed that Tor users could be de-anonymized as well. Moreover, according to a more recent study by Biryukov and Pustogarov (2015), due to man-in-the-middle attacks, combing Tor and Bitcoins results in an even greater risk of being de-anonymized than by not using Tor. Summarizing the challenges for privacy, anonymity of Bitcoin users can be eroded. Most of the researchers conducted their analysis by not only using the Blockchain, but also availing themselves of external information from the Internet. While some measures for improving anonymity in Bitcoin are already partially adapted, others are still fiercely discussed, trading off advantages versus disadvantages. Concerning measures for increasing security and privacy, Bitcoin experts generally agree on advocating specific best practices regarding storage of Bitcoins. One major aspect involves the secure storage of private keys. In order to communicate with the network, the wallet is usually held by a device, which is connected to the Internet (Franco, 2015). This storage method is known either as an online, Web or hot wallet. Due to the fact that over the Internet connection many attacks can be conducted, it is recommended to store only small amounts of Bitcoins in a hot wallet (Franco, 2015; Barski and Wilmer, 2015). A Web wallet is less secure because an external provider manages the funds (Franco, 2015). Implications for privacy are on the one hand the increased anonymity, as for instance, Koshy et al. (2014) were not able to identify Bitcoin addresses controlled by a Web wallet with their method. On the other hand, the anonymity is decreased, since Web wallet providers have personal information and usually keep a record of all transactions (Franco, 2015). A safer but not so convenient way to store Bitcoins is the cold storage, a place that is not accessible via the Internet. That is recommended for large amounts of Bitcoins (Barski and Wilmer, 2015). Cold storage devices are, for example, USB flash drives, paper wallets and hardware wallets. Hardware wallets store private keys on an offline computer, but can also sign transactions by plugging it into an online computer, which actually makes them a secure and convenient storage method (Barski and Wilmer, 2015). Although hardware wallets have higher purchase costs, experts expect this type of storage will become the predominant method (Antonopoulos, 2015). Meiklejohn et al. (2013) and Barcelo (2014) further argue that reusing public addresses is not advisable. Nakamoto (2008) suggested using a new key pair for each transaction to limit linkability to some extent. Antonopoulos (2015) describes a convenient way to create a new key for each transaction: the hierarchical


3


deterministic (HD) wallets. This way keys are derived in a tree structure, such that a master key can derive a sequence of child keys, those can derive a sequence of grandchild keys, and so forth. The advantage is that public keys can be created without having access to the private key. Therefore, HD wallets can also be installed on an unsafe server. Todd (2014) developed a technique that makes it possible for payees to publish one single Bitcoin address, the so-called stealth address (SX), which payers can send funds to, while at the same time providing anonymity, as payers and other third parties cannot learn what other payment have been made to that stealth address. High anonymity within the Bitcoin network is also promised by (coin) mixing services. The concept behind mixers is that the Bitcoins pass a mixing service before entering into possession of the payee. The central mixing service draws profit in form of a 1-3% mixing fee for making the transactions unlinkable, and thus reaching a higher level of anonymity. Möser et al. (2013) used reverse-engineering to test the actual effectiveness of three money laundering tools. However, it must be differentiated between central and decentralized mixing services. Central mixing services, for instance, Bitcoin Fog, are trusted third parties, whereas Nakamoto (2008) actually intended to create a currency that does not rely on trust. The problem with trust is that service providers could steal funds, track coins or just become insolvent (Miers et al., 2013). A decentralized way of mixing is known as CoinJoin. In 2013, the Bitcoin developer Gregory Maxwell proposed a way for joint payments, meaning that at least two users make a multi-input and multiple output transaction (Maxwell, 2013). The probably most serious issue with CoinJoin as an anonymity improvement measure is that it only works impeccably if the payments are of similar amounts (Barcelo, 2014). In other words, with the aid of the transaction amounts, input and output addresses might still be linkable. Consequently, cluster analysis could work successfully if the payments do not differ in their amounts. On the other hand, CoinJoin has the crucial benefit, compared to central mixing services, of being independent of trusted third party services, meaning that the risk of theft is minimized. That is the reason for its implementation in, for example, SharedCoin.com, the currently implemented mixing service from Blockchain.info. In order to improve CoinJoin’s problem of linkability though the transaction amounts, Maxwell (2015) recently proposed confidential transactions based on homomorphic encryption. All these mixing services can be easily integrated into the current Bitcoin Blockchain and do not require any modifications of the core protocol. A different approach that would require changing the protocol is Zerocoin (Miers et al., 2013). Zerocoin is not a mixing service per se, but it also operates as a decentralized mixer (Franco, 2015). Like CoinJoin, Zerocoin aims to provide unlinkability without any trusted parties. The general idea behind the concept is to mint Zerocoins out of Bitcoins. These Zerocoins can be redeemed at a later point in time into Bitcoins, which cannot be linked with the previous Bitcoins. Thus, unlinkability in the transaction graph can be attained. Compared to CoinJoin, Zerocoin’s main disadvantages are the scaling limits leading to uncertainty if the theoretical approach would actually work in practice, as well as the required change of the Bitcoin protocol (Maxwell, 2013). Concluding, there are several approaches for improving anonymity in Bitcoin, which include various benefits and drawbacks. Our main research questions are: (i) To what degree do Bitcoin users perceive anonymity on Bitcoin? (ii) To what degree are Bitcoin users concerned of anonymity risks? (ii) Are Bitcoin users aware of and how do they regard usage of potential anonymity improvements?

User Survey on Bitcoin Anonymity Procedure The persons of primary interest for our user study are all Bitcoin users located in the United States of America and in Europe. Bohr and Bashir (2014) as well as Yelowitz and Wilson (2015) argue that surveying a random sample of Bitcoin users is nearly impossible. This limitation also applies to our survey. The participation was voluntary, and because no central authority is involved in the Bitcoin network, there is no complete overview of who is using Bitcoin. However, our questionnaire was made accessible to many active Bitcoin users through the distribution of the survey’s link on several international channels. It was shared in various Bitcoin groups on the social media networks Facebook, LinkedIn and Xing, as well as in the Bitcoin forums Bitcointalk.org and Reddit.com/r/Bitcoin.


4


This seems to be a very effective way to reach Bitcoin users, as Bohr and Bashir (2014) as well as Smyth (2013) found that Bitcointalk, Reddit and Facebook are the three most popular platforms to discuss Bitcoin with others. Furthermore, emails drawing attention to the survey and requesting participation were sent to all students of a major university in Germany, as well as to all 195 businesses listed on coinmap.org in Germany whose email addresses were accessible via their homepage, to 150 randomly selected businesses in the United States of America and to 150 randomly selected businesses in the United Kingdom. Therefore, it can be assumed that for an initial pilot study, a relatively comprehensive data set was delivered. That was confirmed when comparing the user demographics of this study to Smyth (2013) with one thousand responses, Bohr and Bashir (2014), and CoinDesk (2015) with four thousand responses. The respondents were first asked to rate how much anonymity Bitcoin provides in their opinion in general and in combination with third-party services. They were further expected to answer how high they rate their concerns about their anonymity when using Bitcoin in general and compared with cash, credit cards, and PayPal. Both questions could be responded with one of the following options: no, little, medium, a lot, no opinion. The next question focused on whether they have ever considered not using Bitcoin because of anonymity concerns, which could be answered with either yes or no. Then, they were asked to only fill-in if applicable whether they store their large and small Bitcoin amounts in an online-hosted wallet, online personal wallet, personal hot wallet, paper wallet, metal coins, and hardware storage. Next, we asked the participants to state the degree of concern associated with the risk of de-anonymizing the Blockchain in general and based on the de-anonymizing techniques such as cluster analysis and revealing the IP address via the Bitcoin address. Here, we were interested whether they are unaware of the risk, aware but not concerned, slightly concerned, moderately concerned, or highly concerned. After that, they had to respond whether they are aware of not reusing public addresses and using stealth addresses as anonymity improvement measures and adopt them, as well as whether they were aware of Zerocoins, Coin mixing services and CoinJoin and would use them for increased anonymity if they were implemented by the Bitcoin community. Finally, they were asked to provide information regarding their country, age and gender. The detailed text of the questionnaire and sources for data collection will be made publicly available in an online companion document. The 129 received completed questionnaires were reduced to a sample size of 125, as it became apparent that four respondents do not use Bitcoin and consequently are not of interest to this survey.

Demographics The most frequent respondent in this survey is a self-reported male (95%) German (54%) aged between 20 and 29 years (35%) or between 30 and 39 years (32%) (see Table 1). While Bohr and Bashir’s (2014) predominant recorded nationality was American (44%), most participants (54.1%) in our study are Germans, followed by EU citizens except Germans (19.67%), and Americans (14.75%). With slightly over half of all full respondents being of German nationality, our empirical study has a special focus on Germany. We argue that this limitation also has benefits for our research questions, since German-speaking countries are often considered very privacy-aware (Bellman et al., 2004). Furthermore, in our earlier work (Lischke & Fabian, 2016) that empirically analyzes the Bitcoin transaction graph and applies geolocation methods, we show that Europe (and in particular Germany) is one of the two hotspot areas of Bitcoin activity. Moreover, Germany is an important global economic power and market (Audretsch and Lehmann, 2016), which is very relevant for studying the acceptance of a cryptocurrency. Concerning the representativeness of gender, a similar, very high percentage of male respondents has also been discovered by Bohr and Bashir (2014) and Smyth (2013), who reported 95% of male participation. CoinDesk (2015) speak about over 90%. There are various attempted explanations for the apparent current dominance of men in the Bitcoin network. Scott‘s (2014) most reasonable suggestion might be an inherent masculinity of Bitcoin. In this regard, he means, on one hand, a certain biological propensity of men to enjoy technology rather more than women do. This view can be supported by some empirical studies. For instance, Venkatesh and Morris (2000) have already shown by reference to the technology acceptance model (TAM) that there are gender differences for accepting new technology, such as that the perceived ease of use influences behavioral intention to use a system more strongly for women than for


5


men. On the other hand, Scott (2014) alludes to women’s assumed higher risk aversion, since Bitcoin is highly volatile.

Table 1. Survey Demographics Category Nationality

Gender

Age

Subcategory American

Percentage

European (German)

54.10%

European (not German)

19.67%

Other

11.48%

Female

4.88%

Male

95.12%

< 20 years

6.45%

20-29 years

35.48%

30-39 years

32.26%

40-49 years

20.97%

≥ 50 years

4.84%

14.75%

Table 1. Survey Demographics It is noticeable that nearly three-quarters are aged 39 or younger. CoinDesk (2015) also found almost 60% under 35 years, with 39.4% people aged between 25 and 34 years and 22% aged between 35 and 44 years. Smyth (2013) further revealed the age groups between 25 and 29 years and 30 and 34 years as two peaks in the age distribution of the Bitcoin community. Therefore, the relatively young and mainly male respondents seem to be representative.

Results and Discussion Section 1: Anonymity Concerns Respondents were first asked about how much anonymity Bitcoin provides in their opinion (Figure 1, Left). The term anonymity was explained as the state of a person/group not being able to be identified. Overall, almost 40% associated a medium level of anonymity with the platform, followed by 30% who rated the level of anonymity as high. However, another one-quarter of the participants believed that Bitcoin provided little (14%) or no (12%) anonymity. Interestingly, when asked about anonymity on Bitcoin combined with third party services, the proportion of those who attributed either no (7%) or medium (25%) anonymity to the platform almost halved, whereas the proportion of those who rated the anonymity as little (26%) almost doubled. It seems that participants could have had different kind of third party services in mind, general services around Bitcoin or privacy-enhancing services. Therefore, in future work, we would like to investigate specifically if Bitcoin and Blockchain users would consider third-party anonymity services trustworthy.


6


Concerns About Anonymity When Using Bitcoin

Estimated Anonymity in Bitcoin 50%

Sample

30% 20%

In combination with third party services

10% 0% No

Little Medium A lot

Sample

In general

40%

40% 35% 30% 25% 20% 15% 10% 5% 0%

In general Compared with cash Compared with credit cards No

No opinion

Low Medium High

No opinion

Compared with PayPal

Figure 1. (Left:) Estimated Anonymity in Bitcoin. (Right:) Concerns About Anonymity When Using Bitcoin.

The survey showed that more than 1 out of 5 (22%) has already considered abandoning Bitcoin due to anonymity concerns. Therefore, respondents were next asked about their anonymity concerns on Bitcoin, and this in general, compared to cash, credit cards, and PayPal (Figure 1, Right). Most people rated their concerns as either low or medium (each 36%). Highly concerned ones were less present (15%). Only the remaining 8% had no concerns in general. Participants rated their concerns quite similarly when they compared Bitcoin with cash (no: 10%, low: 30%, medium: 26%, high: 23%): The proportion of highly concerned Bitcoin users increased and those with low or medium concerns got smaller. The picture completely changed when Bitcoin was compared with credit cards or PayPal (no: 28%, low: 25% and 26%, medium: 9% and 8%, high: 24% and 26%, respectively). The proportion of those who were not worried at all was over three times as high as in general, whereas the proportion of those who rated their anonymity concerns as medium was four times as low as in general. Credit cards’ potential lack of anonymity was recently analyzed by de Montjoye et al. (2015). They were able to re-identify uniquely 90% of users with only four pieces of external information, such as a tweet about a restaurant he/she was having lunch. Therefore, the users’ assessment seems to be reasonable.

Storage of Bitcoins De-anonymizing the blockchain Cluster Analysis

50% 40% Sample

Sample

De-Anonymization Techniques 40% 35% 30% 25% 20% 15% 10% 5% 0%

Large amounts

30% 20%

Small amounts

10% Unaware of Aware but Slightly Moderately Highly the risk not concerned concerned concerned concerned

Finding out the IP address via Bitcoin address

0% Online Online Personal Paper hosted personal hot wallet wallet wallet wallet

Metal Hardware coins storage

Figure 2. (Left:) De-Anonymizing Techniques. (Right:) Storage of Bitcoins

The next question asked participants to state the degree of their concerns associated with the risk of deanonymizing the Blockchain, cluster analysis, and finding out the IP address via the Bitcoin address (Figure 2, Left). 35% were aware of the risk of de-anonymizing the Blockchain, but were not concerned. Almost 50% were, however, concerned in some way: either slightly (21%), or moderately (17%), or highly (10%). But almost one fifth (18%) were not aware of the risk. Furthermore, to achieve a deeper understanding of what exactly worries users, the participants separately rated the concerns regarding cluster analysis and finding out the IP address via the Bitcoin address. Cluster analysis was explained as an attempt to group those public addresses in one cluster, which belong


7


to the same entity. The most frequent answer to cluster analysis was “unaware of the risk” (34%). For finding out the IP address via the Bitcoin address, “unaware” was also a relatively frequent answer (30%). Currently, mainly academic research papers address those possible attacks. This could be the reason why they are still relatively unknown. Whereas 32% state that they are aware but not concerned about mapping Bitcoin addresses to IP addresses, only 18% are aware but not concerned about the cluster analysis. Correspondingly, more participants are slightly concerned about the cluster analysis (29%) than about mapping IP addresses (22%) as well as moderately concerned (cluster analysis: 14%, mapping IP addresses: 9%). Therefore, the cluster analysis seems to be a more unknown and more concerning technique. However, only 5% are highly concerned about it, in contrary to 8% who find mapping IP addresses a highly concerning method. In addition, from the feedback on Bitcointalk.org, some participants could not imagine that it is possible to track the IP address by the aid of the Bitcoin address. All in all, approximately one-third of the participants are unaware of the specific de-anonymizing techniques, and those who are conscious of the fact are on average slightly concerned. Section 2: Improvement Measures Most participants store Bitcoins in less secure hot wallets. However, the results also indicate that most participants act according to the recommendations (Figure 2, Right). 44% store small amounts of Bitcoins in an online hosted wallet. Only 9% use this storage method for large amounts. Similarly, 26% store small amounts and only 7% large amounts in online personal wallets, and 37% store small amounts and 18% large amounts in personal hot wallets. Cold storage methods are not only less popular but also less known, most probably due to the inconvenience. However, at least 18% follow the recommendation to use paper wallets for large amounts of Bitcoins. Metal coins are in general quite unknown. 23% are not aware of this storage method. Although similarly 22% do not know hardware storage, 12% of the participants already use it for large amounts. This demonstrates the users’ potential to behave more consciously with respect to security and privacy.

Privacy-Improving Measures 70%

40%

60%

Not resusing public addresses Stealth addresses

30% 20% 10% 0%

50% Sample

Sample

Anonymity Best Practices 50%

Zerocoins

40% 30% 20%

Coin mixing services

10%

CoinJoin

0%

Unaware

Aware but Adopting not adopting

Yes

No

Unknown method

Figure 3. (Left:) Anonymity Best Practices. (Right:) Privacy-Improving Measures

Further previously discussed best practices include not reusing public addresses and implementing stealth addresses (Figure 3, Left). Nearly half of the participants (47%) do not know that they are able to use stealth addresses. Another 46% are aware but do not adopt them, and only 7% use stealth addresses. This concurs with the theoretical findings that this technique is particularly beneficial for businesses that wish to publish one single address on their website that payers can send their funds to, for these businesses are a minority group among Bitcoin users. The result was considerably different when it was asked about single use of public addresses. Only 18% are not aware that single use of public addresses is an anonymity improvement measure. 35% are aware but do not adopt it, and 47% adopt it. Therefore, it seems to be a well-established technique, which most users deliberately chose to take or not to take. Analyzing Figure 3 (Right) makes obvious that coin mixing services are better known and the participants are more willing to use them, compared to the other two measures. 38% of the participants would actually use coin mixing services. Another 38% would not use them, and 24% do not know the method. More than


8


half of the participants are not familiar with CoinJoin (52%) and Zerocoins (58%). Even of those aware of the measures in both cases, 29% would not use them if the community implemented them.

Limitations and Future Work Concerning limitations of our initial study, we would like to extend the audience of our questionnaire beyond its current (de facto) focus on Europe and Germany. This work has an explorative character and opens new avenues for conducting future studies. First, due to the absolute dominance of men in the Bitcoin network (Bohr and Bashir, 2014; Smyth, 2013; CoinDesk, 2015), which was also confirmed in our study, it would be interesting to explore the reasons why female online users avoid the Bitcoin platform and how they could be engaged into the Bitcoin community. Second, further insights can be gained through examining the dependencies between the aspects considered in this study. For example, our study demonstrates that a great majority of people has concerns when using Bitcoin (87%), and this in the presence of relatively large lack of awareness about potential anonymity-improvement measures such as not reusing public addresses (18%), using stealth addresses (47%), CoinJoin (52%) and Zerocoins (58%). In light of these findings, further research could examine the effect of awareness and adoption of these privacy-preserving countermeasures on reducing Bitcoin members’ anonymity concerns, as suggested by prior literature (Dinev and Hart, 2006b). Third, a comparison between perceived anonymity on Bitcoin in general and perceived anonymity combined with third party services provides rather non-conclusive results so far. We assume that participants could have thought of different third party services, which could be general services around Bitcoin or privacy-enhancing services. Another reason might be that Bitcoin and Blockchain users generally consider third party services as untrustworthy. None of these issues are explored in the present study and are thus definitely warrant future research. Finally, as previously reviewed, mitigating privacy concerns is essential for the success of online services. Improving privacy in the Bitcoin ecosystem can be regarded as a very important opportunity for future research. The role of user privacy and anonymity in the adoption of other cryptocurrencies and novel emerging Blockchain applications (Christidis and Devetsikiotis, 2016; Yue et al., 2016; Yuan and Wang, 2016; Ølnes, 2016; Ferrer, 2016; Weber et al., 2016; Kim and Laskowski, 2016) should be further part of future investigations.

Conclusion The present research examines how users perceive anonymity provided by the Bitcoin network, to what degree they are concerned about their anonymity there, whether they are aware of and concerned about de-anonymization risks, and whether they are aware of and adopt potential privacy-preserving measures. A user survey with 125 active Bitcoin users revealed that seven out of ten associate a medium or high level of anonymity with the Bitcoin network and rate their concerns as either low or medium. But almost every 5th user has already considered abandoning Bitcoin because of being concerned about her or his anonymity. 35% are aware of the risk of de-anonymizing the Blockchain, but are not concerned, and another almost 50% are, however, concerned in some way. Participants mostly act according to the recommendations when storing different amounts of Bitcoins in different types of wallets. Although cluster analyses and mapping Bitcoin addresses to IP addresses can effectively de-anonymize the Blockchain, approximately one-third of the participants are unaware of those specific de-anonymizing techniques. Nearly half of the participants (47%) do not know that they are able to use stealth addresses. Another 46% are aware but do not adopt them. Only 18% are not aware that single use of public addresses is an anonymity improvement measure, and 35% are aware but do not adopt it. Finally, coin mixing services are better known and the participants are more willing to use them, compared to measures CoinJoin and Zerocoins. The findings of this research have implications for both Bitcoin developers and Bitcoin users. Specifically, they show that Bitcoin developers need to undertake efforts to increase the level of anonymity provided by the Blockchain technology and the Bitcoin network. Among others, they should refine the existing improvement measures for privacy, since these have weaknesses in guaranteeing full anonymity. Furthermore, Bitcoin users’ privacy-awareness with respect to the Blockchain technology needs to be increased. Not least, Bitcoin users can take this article as a starting point to better inform themselves about options for more secure and anonymous transactions.


9


References Androulaki, E., Karame, G. O., Roeschlin, M., Scherer, T., and Capkun, S. 2013. “Evaluating User Privacy in Bitcoin,” in Proceedings of the 17th International Conference on Financial Cryptography and Data Security, LNCS 7859, Springer, Heidelberg, pp. 34–51. Angst, C. M., and Agarwal, R. 2009. “Adoption of Electronic Health Records in the Presence of Privacy Concerns: The Elaboration Likelihood Model and Individual Persuasion," MIS Quarterly (33:2), pp. 339-370. Antonopoulos, A. M. 2015. Mastering Bitcoin, O’Reilly Media, Sebastopol. Audretsch, D. B., and Lehmann, E. E. 2016. The Seven Secrets of Germany: Economic Resilience in an Era of Global Turbulence. Oxford University Press. Authers, J. 2014. “Bitcoin Has Burst, but Could Still Revolutionize Banking,” Financial Times, URL: http://www.ft.com/cms/s/0/4bba096c-4e37-11e4-bfda-00144feab7de.html#axzz3OoE0Uo5u (Accessed 09/05/2016). Back, A. 2013. “Bitcoins with Homomorphic Value (Validatable but Encrypted),” Bitcointalk, URL: http://bitcointalk.org/index.php?topic=305791.0 (Accessed 09/05/2016). Bansal, G., Zahedi, F., and Gefen, D. 2010. "The Impact of Personal Dispositions on Information Sensitivity, Privacy Concern and Trust in Disclosing Health Information Online," Decision Support Systems (49:2), pp. 138-150. Barcelo, J. 2014. “User Privacy in the Public Bitcoin Blockchain,” URL: http://www.dtic.upf.edu/~jbarcelo/papers/20140704_User_Privacy_in_the_Public_Bitcoin_Blockc hain/paper.pdf (Accessed 09/05/2016). Barski, C., and Wilmer, C. 2015. Bitcoin for the Befuddled, No Starch Press, San Francisco. Belanger, F., and Crossler, R. E. 2011. “Privacy in the Digital Age: A Review of Information Privacy Research in Information Systems,” MIS Quarterly (35:4), pp. 1017-1041. Bellman, S., Johnson, E. J., Kobrin, S. J., and Lohse, G. L. 2004. “International Differences in Information Privacy Concerns: A Global Survey of Consumers,” The Information Society 20(5), pp. 313-324. Biryukov, A., Khovratovich, D., and Pustogarov, I. 2014. “Deanonymisation of Clients in Bitcoin P2P Network,” arXiv:1405.7418v3, URL: http://arxiv.org/pdf/1405.7418v3 (Accessed 09/05/2016). Biryukov, A., and Pustogarov, I. 2015. “Bitcoin over Tor Isn’t a Good Idea,” arXiv:1410.6079v2, URL: http://arxiv.org/pdf/1410.6079v2.pdf (Accessed 09/05/2016). Bitcoin Project 2015. “How does Bitcoin work?” URL: https://bitcoin.org/en/how-it-works (Accessed 05/09/2016). Bohr, J., and Bashir, M. 2014. “Who Uses Bitcoin? An Exploration of the Bitcoin Community,” in Proceedings of the 12th Annual International Conference on Privacy, Security and Trust, pp. 94-101. Brito, J., and Castillo, A. 2013. Bitcoin: A Primer for Policymakers, Mercatus Center, Arlington. Christidis, K., and Devetsikiotis, M. 2016. “Blockchains and Smart Contracts for the Internet of Things,” IEEE Access (4), pp. 2292-2303. CoinDesk 2015. “New CoinDesk Report Reveals Who Really Uses Bitcoin,” URL: http://www.coindesk.com/new-coindesk-report-reveals-who-really-uses-bitcoin/ (Accessed 09/05/ 2016). Coinmarketcap 2015. “Crypto-Currency Market Capitalizations,” URL: http://coinmarketcap.com (Accessed 09/05/2016). Cvrček, D., Matyas, V., and Kumpošt, M. 2006. “A Privacy Classification Model Based on Linkability Valuation,” in: Security and Embedded Systems, D. N. Serpanos and R. Giladi (eds.), IOS Press, Amsterdam, pp. 91-98. De Montjoye, Y.-A., Radaelli, L., Singh, V. K., and Pentland, A. 2015. “Unique in the Shopping Mall: On the Reidentifiability of Credit Card Metadata,” Science (347:6221), pp. 536-539. Dinev, T., and Hart, P. 2006a. “An Extended Privacy Calculus Model for E-Commerce Transactions,” Information Systems Research (17:1), pp. 61–80. Dinev, T., and Hart, P. 2006b. “Internet Privacy Concerns and Social Awareness as Determinants of Intention to Transact,” International Journal of E-Commerce (10:2), pp. 7-29. Dinev, T., Albano, V., Xu, H., D’Atri, A., and Hart, P. 2012. “Individual’s Attitudes Towards Electronic Health Records – A Privacy Calculus Perspective,” Annals of Information Systems (19), pp 19-50.

Thirty Seventh International Conference on Information Systems, Dublin 2016 10


Dinev, T., Xu, H., Smith, H. J., and Hart, P. 2013. “Information Privacy and Correlates: An Empirical Attempt to Bridge and Distinguish Privacy-Related Concepts,” European Journal of Information Systems (22:3), pp. 295-316. Ferrer, E. C. 2016. “The Blockchain: A New Framework for Robotic Swarm Systems,” arXiv:1608.00695, URL: http://arxiv.org/pdf/1608.00695v3 (Accessed 09/05/2016). Franco, P. 2015. Understanding Bitcoin: Cryptography, Engineering and Economics. John Wiley & Sons, Chichester. Hong, W., and Thong, J. Y. L. 2013 “Internet Privacy Concerns: An Integrated Conceptualization and Four Empirical Studies,” MIS Quarterly (37:1), pp. 275-298. Kaminsky, D. 2011. “Black Ops of TCP/IP,” in Proceedings of Black Hat Technical Security Conference. URL: http://de.slideshare.net/dakami/black-ops-of-tcpip-2011-black-hat-usa-2011 (Accessed 09/05/ 2016). Kim, H. M., and Laskowski, M. 2016. “Towards an Ontology-Driven Blockchain Design for Supply Chain Provenance,” in Proceedings of Workshop on Information Technology and Systems. Korzaan, M. L., and Boswell, K. T. 2008. "The Influence of Personality Traits and Information Privacy Concerns on Behavioral Intentions, " Journal of Computer Information Systems (48:4), pp. 15–24. Koshy, P., Koshy, D., and McDaniel, P. 2014. “An Analysis of Anonymity in Bitcoin Using P2P Network Traffic,” in Proceedings of the 18th International Conference on Financial Cryptography and Data Security, LNCS 8437, Springer, Heidelberg, pp. 469-485. Li, Y. 2011. "Empirical Studies on Online Information Privacy Concerns: Literature Review and an Integrative Framework," Communications of the Association of Information Systems (28), pp. 453496. Li, Y. 2012. "Theories in Online Information Privacy Research: A Critical Review and an Integrated Framework," Decision Support Systems (54), pp. 471-481. Li, Y. 2013. "The Impact of Disposition to Privacy, Website Reputation and Website Familiarity on Information Privacy Concerns," Decision Support Systems (57), pp. 343-354. Lischke, M., and Fabian, B. 2016. “Analyzing the Bitcoin Network: The First Four Years,” Future Internet (8:1), Article 7. Malhotra, N., Kim, S., and Agarwal, J. 2004. “Internet Users’ Information Privacy Concerns (IUIPC): The Construct, the Scale, and a Causal Model,” Information Systems Research (15:4), pp. 336-355. Maxwell, G. 2013. “CoinJoin: Bitcoin Privacy for the Real World,” Bitcointalk, URL: https://bitcointalk.org/index.php?topic=279249 (Accessed 09/05/ 2016). Maxwell, G. 2015. “Confidential Transactions,” URL: https://people.xiph.org/~greg/confidential_values.txt (Accessed 09/05/2016). Meiklejohn, S., Pomarole, M., Jordan, G., Levchenko, K., McCoy, D., Voelker, G. M., and Savage, S. 2013. “A Fistful of Bitcoins: Characterizing Payments Among Men with No Names,” in Proceedings of the 2013 Conference on Internet Measurement (IMC '13), ACM, New York, pp. 127-140. Miers, I., Garman, C., Green, M., and Rubin, A. D. 2013. “Zerocoin: Anonymous Distributed E-Cash from Bitcoin,” in Proceedings of the IEEE Symposium on Security and Privacy, IEEE, pp. 397-411. Möser, M., Böhme, R., and Breuker, D. 2013. “An Inquiry into Money Laundering Tools in the Bitcoin Ecosystem,” in Proceedings of eCrime Researchers Summit, IEEE, pp. 1-14. Mullan, P. C. 2014. The Digital Currency Challenge: Shaping Online Payment Systems through US Financial Regulations. Palgrave Macmillan, New York. Nakamoto, S. 2008. “Bitcoin: A Peer-to-Peer Electronic Cash System,” URL: http://bitcoin.org/bitcoin.pdf (Accessed 09/05/2016). Ober, M., Katzenbeisser, S., and Hamacher, K. 2013. “Structure and Anonymity of the Bitcoin Transaction Graph,” Future Internet (5:2), pp. 237-250. Ølnes, S. 2016. “Beyond Bitcoin Enabling Smart Government Using Blockchain Technology,” in Proceedings of the 15th International Conference on Electronic Government, LNCS 9820, pp. 253264. Pavlou, P. A. 2011. “State of the Information Privacy Literature: Where Are We Now and Where Should We Go?” MIS Quarterly (35:4), pp. 977-988. Pfitzmann, A., and Hansen, M. 2010. A Terminology for Talking About Privacy by Data Minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management, URL: https://dud.inf.tu-dresden.de/literatur/Anon_Terminology_v0.34.pdf (Accessed 09/05/2016).


11


Reid, F., and Harrigan, M. 2011. “An Analysis of Anonymity in the Bitcoin System,” in Security and Privacy in Social Networks, Y. Altshuler, Y. Elovici, A.B. Cremers, N. Aharony and A Pentland (eds.), New York: Springer, pp. 197-273. Ron, D., and Shamir, A. 2013. “Quantitative Analysis of the Full Bitcoin Transaction Graph,” in: Proceedings of the 17th International Conference on Financial Cryptography and Data Security, LNCS 7859, Heidelberg: Springer, pp. 6-24. Scott, B. 2014. “Crypto-Patriarchy: The Problem of Bitcoin's Male Domination,” In: Suitpossum Blog, URL: http://suitpossum.blogspot.de/2014/01/crypto-patriarchy-problem-of-bitcoins.html (Accessed 09/05/2016). Smith, H. J., Milberg, J. S., and Burke, J. S. 1996. “Information Privacy: Measuring Individuals’ Concerns about Organizational Practices,” MIS Quarterly (20:2), pp. 167-196. Smith, H. J., Dinev, T., and Xu, H. 2011. “Information Privacy Research: An Interdisciplinary Review,” MIS Quarterly (35:4), pp. 989-1015. Smyth, L. (2013). “The Demographics of Bitcoin,” URL: http://simulacrum.cc/2013/03/04/thedemographics-of-bitcoin-part-1-updated/ (Accessed 09/05/2016). Son, J. Y., and Kim, S. S. 2008. “Internet Users’ Information Privacy-Protective Responses: A Taxonomy and a Nomological Model,” MIS Quarterly (32:3), pp. 503–529. Spagnuolo, M., Maggi, F., and Zanero, S. 2014. “BitIodine: Extracting Intelligence from the Bitcoin Network,” in Proceedings of the 18th International Conference on Financial Cryptography and Data Security, LNCS 8437, pp. 457-468. Todd, P. 2014. “[Bitcoin-development] Stealth Addresses,” Bitcoin Development Mailing List, URL: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2014-January/004020.html (Accessed 09/05/2016). TRUSTe 2015. “TRUSTe 2014 GB Consumer Confidence Privacy Report: Consumer Opinion and Business Impact,” Research Report. URL: https://www.truste.com/resources/privacy-research/uk-consumerconfidence-index-2014/ (Accessed 09/05/2016). Venkatesh, V., and Morris, M. G. (2000). “Why Don't Men Ever Stop to Ask for Directions? Gender, Social Influence, and Their Role in Technology Acceptance and Usage Behavior,” MIS Quarterly (24:1), pp. 115-139. Weber, I., Xu, X., Riveret, R., Governatori, G., Ponomarev, A., and Mendling, J. 2016. “Untrusted Business Process Monitoring and Execution Using Blockchain,” in Proceedings of Conference on Business Process Modelling. Xu, H., Dinev, T., Smith, H. J., and Hart, P. 2011. “Information Privacy Concerns: Linking Individual Perceptions with Institutional Privacy Assurances,” Journal of the Association for Information Systems (12:12), pp. 798-824. Xu, H., Teo, H. H., Tan, B. C. Y., and Agarwal, R. 2012. “Effects of Individual Self-Protection, Industry Self-Regulation, and Government Regulation on Privacy Concerns: A Study of Location-Based Services,” Information Systems Research (23:4), pp. 1342-1363. Yelowitz, A., and Wilson, M. 2015. “Characteristics of Bitcoin Users: An Analysis of Google Search Data,” Applied Economics Letters (22:13), pp. 1030-1036. Yuan, Y., and Wang, F.-Y. 2016. “Blockchain: The State of the Art and Future Trends,” Acta Automatica Sinica (42:4), pp. 481-494. Yue, X., Wang, H., Jin, D., Li, M., and Jiang, W. 2016. “Healthcare Data Gateways: Found Healthcare Intelligence on Blockchain with Novel Privacy Risk Control,” Journal of Medical Systems 40(10), pp. 218.

Thirty Seventh International Conference on Information Systems, Dublin 2016 12