On Tuesday, the second round of negotiations for an international treaty on cybercrime was launched. The draft of the document includes language that, if adopted, would impose expansive surveillance rules on cryptocurrencies and potentially threaten financial privacy worldwide.

Article 93 of the draft treaty states that all signatories must adopt strict financial surveillance laws in order to monitor cryptocurrency. This covers entities “engaged in activities related to the circulation of digital financial assets and digital currency” – including software developers, custodial wallet providers, miners, validators, trading platforms, and users of non-fungible tokens (NFTs).

Organizations subject to these rules would have to implement intrusive mass surveillance systems and pass on users’ sensitive financial data to the government. They would need to collect the identity information of all persons involved in transactions, maintain records of “suspicious” activities, and report certain transactions to the authorities. Moreover, any individual suspected of committing a crime can be reported to the police, including the financial records of their “associates” and family members – an alarming overstep.

The draft also includes a provision that enables countries to designate other jurisdictions for “enhanced scrutiny”, raising concerns about its use by nations with questionable human rights records. Compliance with this law is particularly onerous for blockchain network participants, such as miners and developers, who have no knowledge of who their end-users are or who is facilitating the transactions.

The treaty also contains an attempt to eliminate “banks that have no physical presence and that are not affiliated with a regulated financial group”. While the definition of “bank” is not yet clear, this may be interpreted to encompass some decentralized finance projects, even if they are otherwise lawful. To prevent this, the treaty must be signed by nations to enable them to set up “banks” in their country.

Negotiations have been ongoing for more than a year, and the final language is anticipated to be released in the fall. Over 130 human rights organizations and academics from around the world have already voiced their worries about the adequacy of the treaty’s human rights safeguards, and tech policy experts have questioned its effectiveness in combating cybercrime. While it is admirable to protect against ransomware and malware, laws that increase police power in the name of crime prevention can often lead to civil liberties violations.

Leaders from civil society will be participating in the negotiations, and they will work to ensure that the treaty respects the human rights of all parties. We urge all participants to the negotiations to oppose Article 93’s sweeping financial surveillance requirements in order to defend financial privacy worldwide.