As we are all becoming aware, the Dfinity Foundation is requiring KYC on basically all tokens. I have some questions and concerns that I would like addressed.
What is Dfinity’s (or CoinList’s) purpose for collecting KYC information for basically all tokens? How will this information be used by Dfinity (or CoinList)? Will CoinList be sharing KYC information with Dfinity, or is their KYC information kept in a separate database? Under what circumstances will Dfinity (or CoinList) be sharing this information with third parties? Will Dfinity (or CoinList) be selling access to this information to third parties?
What security precautions will Dfinity (or CoinList) be taking when storing this information? Does Dfinity (or CoinList) understand the seriousness of what can happen if their KYC database leaks onto the internet?
We are now looking at a scenario where Dfinity (plus CoinList) literally knows the identities of potentially all of the neuron holders, and almost certainly the identities of all of the largest neuron holders. We’ve known since ancient Greece that democratic voting systems are undermined by (1) vote buying/selling and (2) threats and intimidation, and the solution to this has always been the secret ballot. How is this situation compatible with a functioning democracy where a large influential central party also knows the identities of all the voters? Does this create issues down the line for the liquid democracy envisioned by Dfinity when issues can become very contested? Are NNS votes encypted and invisible to all somehow, or are they transparent and analyzable?