Document Type


Publication Date



One hundred five countries, representing over 95 percent of global GDP, are exploring central bank digital currencies (CBDCs), a new form of digital money that is different from privately issued cryptocurrencies and stablecoins. As central banks worldwide grapple with CBDC design options, privacy has become a critical feature and concern. Many central banks, government agencies, NGOs, think tanks, and even the general public have already addressed the importance of privacy and called for privacy in CBDC systems. Some economists, computer scientists, engineers, and legal scholars have already moved forward to design a privacy-preserving CBDC.

However, when addressing the importance and preservation of privacy, all parties seem to overlook two very important issues: (1) What does privacy mean here? and (2) What privacy problems do CBDCs create? Before proposing solutions, one must understand which problems must be solved. In this article, I explore these two critical issues. I first adopt Daniel Solove’s pragmatic approach and Helen Nissenbaum’s contextual integrity theory to conceptualize privacy in the context of CBDCs. Next, I investigate the dataflow of four structural and foundational CBDC designs and conclude that each design will result in various potential privacy issues, including mass surveillance, misuse and abuse of CBDC data by central banks and intermediaries, and more. In the end, I propose three legal and technical principles as a reference framework for designing a privacy-preserving CBDC.

This article makes four contributions. First, it fills the gap in the privacy and CBDC literature (which lacks a thorough analysis of the concept of privacy in the CBDC context) and lays the foundation for future work on solutions to protect privacy by first identifying privacy problems that could occur in various CBDC designs. Second, this article helps central banks rethink their roles in the digital age, especially in a situation where the use of central bank money (i.e., cash) is shrinking dramatically and central banks’ authority is constantly challenged by the privately issued digital currencies such as cryptocurrencies and stablecoins. Third, this article benefits commercial banks and payment service providers and helps them seize the opportunity to work with central banks to provide a CBDC that meets users’ needs and strengthen their roles in the financial and payment markets. Fourth, this article particularly benefits individuals, both everyday mobile-payment users and the unbanked and underbanked populations. It not only educates individuals about the privacy problems that could occur if one decides to use CBDCs but also equips potential users with the knowledge necessary to demand privacy protection in CBDC systems.

Included in

Law Commons