A tale of our sudden unexpected Bitcoin wealth and the ensuing bureaucratic mess we had to resolve in order to sell it.
Our small bitcoin fortune turned out to be worth a bit more than what we paid for it
This post was born when we acquired a small quantity of Bitcoins for research purposes. Like most of the cryptocurrency market, the coins climbed in value in late 2017 (at one point our Bitcoins were actually worth 35 times what we originally paid for them). We got a bit nervous and decided to sell them. Then we realized:
We embarked on a long and arduous journey jumping through many regulatory hoops. Here are the insights we gained along the way.
Lesson 1: Lack of formal regulation leads to excessive self-regulation.
In order to buy our Bitcoins, we convinced the university and our funding agency to spend a small amount of grant money (under 2K USD) to buy bitcoins. We approached “Bits of Gold” – one of Israel’s Bitcoin sellers to make the buy.
As part of the authentication process required by Bits of Gold we had to upload a picture of Tamar holding her credit card. This in addition to a lot of online form filling.
Tamar holding a credit card (a recreation of the original picture)
Later when we sold our Bitcoins, we discovered that everyone was worried about explaining the source of the funds. We had to supply documents establishing the origins of the money. Some of these required a trip to the university’s archive to locate documents related to the original transfer.
A university official took a “short” trip to the archives to locate a bank statement related to the original transfer (this is truly the archive from “Raiders of the Lost Arc”, though we imagine that HUJI’s archive is very similar).
Since we asked Bits of Gold to send the money generated by the sale directly to the university’s account, we also had to provide KYC documentation showing that the university was a properly-established entity under Israeli law. Here are some of the documents we had to produce:
On the right: A cabinet decision allowing the Hebrew University to continue to operate after the establishment of the State of Israel (dated August 1948). On the left: A certificate signed by Yitzhak Ben-Zvi (then President of Israel) and Abba Eban (then Minister of Education) stating that the Hebrew University is an institution of higher learning (dated August 1962).
Gathering all the required documentation on the University’s side was also hard. We submitted around a dozen documents and involved around 20 people in order to acquire and properly sign them.
Once we managed to convince Bits of Gold to do the sale, they in turn, had to convince their own bank to allow them to send the proceeds to our account. The fact that they even have a bank account is not as obvious as you’d expect. Bits of Gold recently forced their bank to provide service with a temporary injunction (link in Hebrew).
In short, it seems that banks and currency traders are afraid of what regulators might say in the future, and this drives them to be extra careful.
When it comes to Bitcoin trading, banks and exchanges try to be holier than the pope
Lesson 2: A high level of understanding is required to trade bitcoins
In order to get the bank’s approval for the wire transfer back into the University’s account, we were asked to fill out a questionnaire detailing the origins of the funds, including a complete trace of all movements on the blockchain. Luckily, we had not moved the funds too much, and could provide a list of addresses from the initial buy through to the sale.
Some technical know-how is required when explaining to the bank where your Bitcoins came from
Here, it is important to note that Bitcoin wallets generate a new Bitcoin address after every small transfer. Even the transfer of a small sum to a research assistant who was learning how to use wallets had generated an additional address for the rest of the sum. Pulling all this data off the blockchain and making sense of it is definitely not within easy reach of every regular Joe.
Adding to the complexity of our report to the bank, Bitcoin underwent a major split: everyone holding Bitcoins on August 1st, 2017 found that they actually had both regular Bitcoins and another cryptocurrency called “Bitcoin cash.” We ended up converting our “Bitcoin cash” into Bitcoins, so we had to explain to the bank how it was that we ended up selling more Bitcoins in the final sale than we had originally bought.
Lesson 3: “The system” is not set up for Bitcoins. Everyone makes it up as they go along.
While Bits of Gold and their bank are already somewhat experienced working with cryptocurrencies, other organizations still have a hard time dealing with them. The Hebrew University for example, had never before had to face the question of how to buy, hold, and later sell cryptocurrencies.
At first, the university treated our request to purchase bitcoins like it would any other item: upon purchase, we just had to supply a receipt. In fact, when currency is acquired, the university should keep track of its use by researchers and not be content with the purchase itself. This behavior reflects the debate around the nature of cryptographic tokens: Are they assets? Are they currency? How should they be taxed, monitored, and regulated?
Israeli authorities are still working to define a regulatory regime. A recent report by the Israeli Securities Authority offers a set of recommendations (and requests comments) on how to discern between tokens that are considered “money” and those that are “assets”. Their report recommends that Bitcoins be considered a currency. In stark contrast, an older regulation (from 2015) by the Israeli Tax Authority clearly states that cryptocurrencies should not be considered as currency for tax purposes.
Where are we headed?
Clearly, we still have a way to go before regulations are consistently and uniformly applied across different branches of government. Perhaps the most important element required to improve regulation is better education for regulators and policy makers on the technological aspects of cryptocurrencies.
Such education is necessary not only for the current state of cryptocurrencies, but also to keep up with rapid developments. Regulation that will remain relevant and effective requires the consideration of new directions in which cryptocurrencies are headed. The use of technologies such as Zero-Knowledge Proofs (that strengthen anonymity) and off-chain transaction channels (which remove a considerable amount of accounting from the blockchain) will undoubtedly shift the technological landscape and should similarly impact regulation.
In November 2017 a bill was tabled before the Israeli Knesset proposing the updating of the legal rule enabling the court to ban the publication of names during a trial. The original rule determined that: “The court is allowed to ban on publishing any material regarding the discussions on court […] in order to protect the security of one of the litigants, the witness, or any other person whose name was mentioned during the trial…”. (emphasis added). The bill proposed updating this original rule, so that “after the term ‘security,’ it will be written ‘including his job security.’” The explanatory notes to the bill noted that employers can easily access past claims of candidates at the labor courts, since these are now openly accessible on the net. This impedes the ability of an employee who sued her previous employer to search for a new workplace, thereby impairing the employee’s basic right to access the court, as well as her right to job security.
This rule appears to be based on two premises. First, security issues may also refer to job security issues. Second, in the digital age, the threat to security is acquiring a new form. In light of the enormous interest in security matters in the internet age, it is worth considering whether cyber security matters should also refer to job security aspects that are specific to this new reality. In order to answer this question, we must firstly explore the initial notion of “security” and then apply this to the context of cyberspace or the internet age. 
As the Copenhagen School argued, “security” is linked to the nation or the state and is a matter of danger, urgency, and survival. However, the term “security” has also been applied to concerns such as theft or fraud that are not literally matters of life and death. During the years, the notion of security was expanded and read as a matter of basic safety, or as Nissenbaum explained: “freedom from the unwanted effects of another’s actions...the condition of being protected from danger, injury, […] and […] threats of all kinds.” Similarly, feminist scholars have extended the term to include an individual’s right to freedom from abuse or crisis.
The modern term “cyber security” appears to have undergone a similar evolution. Traditionally, this term concerned “unwanted disclosure, modification, or destruction of data in a system.” Cyber security was mainly a matter of computers and information systems, and accordingly was associated primarily with criminal law or the laws of armed conflict.
As early as 2002, however, Deilbert argued that cyber security is constituted in four distinct domains: national security, state security, private security and network security, each of which has its own threats and regulatory modalities. Nissenbaum later suggested that cyber security should be interpreted as including broader dangers, including racial websites or child pornography, attacks on “critical societal infrastructures,” and “threats to the networked information system itself.”
It is appropriate here to consider whether job security and the threat to labor rights in the internet age meet the concept of cyber security, even in its broader interpretation. After all, employers have long been able to control and manipulate employees’ job security, salary, and so forth in a way that may violate their rights, dignity, and basic safety. Nevertheless, the internet age and virtual technology do appear to have strengthened the employer’s ability to manipulate reality.
Scholars argue that employees’ basic rights are under constant threat in the internet age precisely because of the flexible and liquid nature of the internet world. The internet age has generated new forms of work, such as crowdsourcing or the sharing economy, that assert that there is no distinct “employer” or “employee,” thereby curtailing labor rights and job security. Similarly, while the internet age has encouraged the creation of jobs in third world countries, it has also facilitated the exploitation of cheap workforces in these countries, generating new risks and costs. Lastly, the internet age has led to the phenomenon of online shaming and mass supervision of the individual employee by society at large, and not only by the employer. An example of this is the dismissal of employees due to information published about them on social media sites.
These are just a few examples of the potential threats the internet age has created regarding employees’ job security and socioeconomic safety. We indeed appear to be facing a new social problem that has the potential to threaten the safety and security of workers and their families. Accordingly, it may be reasonable to include job security in the concept of cyber security.
At this stage, the reader may well be asking herself why is it important to read security, and in particular cyber security, in a broader way, as including also matters of job security and labor rights. Why can we not have two distinct, yet important, parallel definitions?
I believe that there are two key answers to this question. Firstly, the definition of an issue as a security matter ensures that it is prioritized within the legal and political systems, as evidenced by the current trend in academia and government to devote specific attention to cyber security issues.Secondly, and more importantly, the decision whether to define an issue as a security matter should be determined according to an assessment of the harms against which people have a right to be secured.
Extending the term “cyber security” to include aspects of job security that are unique to the cyber world highlights the fact that we are addressing a social problem that is unique to the internet age. This is presumably the basic premise behind the Israeli bill mentioned in the introduction to this article. The understanding of the importance of this problem prompts us to search for new solutions in order to ensure that workers around the world enjoy job security and basic rights. This concern must certainly be regarded as a public social matter and even as a national concern. Accordingly, it may also be beneficial to define it as a cyber security matter.
 Courts Bill (Amendment – Prohibition of Publication to Protect Employment Security), 5778-2017, P/20/4752.
 The internet age has been referred to by many other terms, many of which focus on the interconnected and fluid reality created by the World Wide Web and virtual technology. Examples include “cyber space” in Lawrence Lessig’s terms; the “software world” in Zygmunt Bauman’s terms; the “network society” in Manuel Castells’s terms, etc. While these terms are not synonymous, for the limited purpose of this article I shall regard them as essentially similar.
 Barry Buzan, Ole Wæver, and Jaap de Wilde, Security: A New Framework for Analysis (Boulder, CO: Lynne Rienner, 1998), pp. 21-41.
 Helen Nissenbaum, ‘Where computer security meets national security,’ 7 Ethics and Information Technology 61 (2005), p. 64.
 See for instance in: Lene Hansen, ‘The Little Mermaid’s Silent Security Dilemma and the Absence of Gender in the Copenhagen School,’ 29(2) Millennium 285 (2000), p. 289:
 CSTB (Computer Science and Telecommunications Board), Computers at Risk: Safe Computing in the Information Age (Washington, DC: National Academy Press, 1991) p. 2.
 Nathan Alexander Sales, ‘Regulating Cyber security,’ 107 Nw. U. L. Rev. 1503 (2013) 1503, 1507.
 Ronald J Deibert, Circuits of Power: Security in the Internet Environment, In Information Technologies and Global Politics: The Changing Scope of Power and Governance, edited by James N. Rosenau and J. P. Singh. (Albany: State University of New York, 2002).
 For further elaboration see Guy Davidov, a Purposive Approach to Labour Law (OUP 2016), in Chapter Three.
 Phobe V. Moore, Pav Akhtar and Martin Upchurch, Digitalization of Work and Resistance, in Humans and Machines at Work: Monitoring, Surveillance and Automation in Contemporary Capitalism, Phoebe V. Moore, Martin Upchurch, Xanthe Whittaker (eds.) (Palgrave Macmillan 2018) 17, 23; Katherine V.W Stone., From Widgets to Digits (2004).
 Kenneth G. Dau-Schmidt, ‘Labor Law 2.0: The Impact of the New Information Technology on the Employment Relationship and the Relevance of the NLRA’ 64 Emory Law Journal 1583 (2015), pp. 1594-1598.
 Orly Lobel, ‘The Law of the Platform,’ 101 Minnesota Law Review 87 (2016); Valerio De Stefano, ‘The Rise of the ‘Just-in-Time Workforce’: On-Demand Work, Crowd Work and Labour Protection in the ‘Gig-Economy,’ Comparative Labor Law & Policy Journal (Forthcoming).
 Miriam A. Cherry, ‘Beyond Misclassification: The Digital Transformation of Work,’ Comparative Labor Law & Policy Journal (Forthcoming) 19-20; Paul Davies & Mark Freedland, ‘The Complexities of the Employing Enterprise’ in Guy Davidov & Brian Langille (eds), Boundaries and Frontiers of Labour Law (Portland: Hart 2006) 273; Alan Hyde, Working in Silicon Valley Economic and Legal Analysis of a High-Velocity Labor Market (Armonk, NY: M.E. Sharpe 2003). Guy Davidov, ‘The Status of Uber Drivers’ (onlabour. 17 May 2016) https://onlabor.org/2016/05/17/guest-post-the-status-of-uber-drivers-part-1-some-preliminary-questions/
 Graham, M., Hjorth, I. and Lehdonvirta, V., ‘Digital Labour and Development: Impacts of Global Digital Labour Platforms and the Gig Economy on Worker Livelihoods’ 23(2) Transfer 135 (2017).
 Shlomit Yanisky-Ravid, ‘To Read Or Not to Read: Privacy within Social Networks, the Entitlement of Employees to a Virtual Private Zone, and the Balloon Theory,’ 64(1) AM. U. L. REV. 53 (2014). See also Jon Ronson, So You’ve Been Publicly Shamed (2015).