Banks actually do have to ask for permission for "new lines of business", aka new products. The theory going around is that he asked for a best case scenario for the regulator and the goal of the comment period is to see what the industry cares enough about to push back hard. His goal is to have a regulation come out of the comment period that all of the "Big Bitcoin" startups and VC's like enough to apply instead of sue. He'll probably get what he wants.

It certainly is an "ask for the moon" type proposal, which is how regulators often like to start. Part of the problem, though, is that it's so far skewed to one side that getting it back to even somewhat reasonable is going to take a lot of work.

Lawsky did what makes sense from his perspective: he applied the money transmission framework to Bitcoin.

The authors of this post are both biased in favor of Bitcoin, and not particularly careful examiners of the real consumer protection issues at hand.

The Money Transmission Framework is a combination of two types of rules:

1. Capital Requirements, licensing and Bonding for people who hold money for consumers who are not banks. These rules are consumer protection laws and make sense for businesses that offer custodial accounts denominated in bitcoin or dollars. These rules could have been applied to Instawallet, Coinbase, Mt. Gox, etc.

2. AML + KYC rules. These require people who help move money into and out of the banking system to find out who their customers are and report them to law enforcement when they do the unexpected. These rules could be applied normally to people doing exchange services, like Expresscoin, BitInstant (RIP), CoInvoice, etc.

I've spent years and hundreds of thousands of investor dollars examining the issues here, like you have. Stay tuned for a policy piece describing when these rules make sense and when they don't. Hint: If you are just posting software to github, these rules do not make sense to apply to you.

"These rules could have been applied to"

Actually, these rules ARE applied to Coinbase at the very least. Coinbase--and YC, and many YC startups--deliberately choose to ignore them.

I've read your lawsuit against coinbase. No comment.

Sounds like he cannot comment for legal reasons.

On the other hand, assuming that you have filed a lawsuit against Coinbase, it sounds like you can no longer pass neutral comment on the matter. Something you seem to have conveniently not mentioned.

I've written about the lawsuit often enough on HN that I'm routinely criticized for writing too much. Of course, if I don't bring it up, I must be trying to hide it.

In any event, there's no legal reason why he couldn't comment. He's not involved, except to the extent that his own company might also be ignoring the law and thereby breaking it--which I have no idea if it's the case or not. But plenty of startups do.

The bulk of readers are not going to know your history. I didn't.

It doesn't take a lot to add "[full disclosure: I'm suing Coinbase]" when you opine on Coinbase. Having somebody else bring it up first definitely reduces your credibility.

Indeed he's attempting to apply an existing regulatory framework to new technology, which rarely works well.

The point of the article was not to focus on the consumer protection issues, but instead to point out how it could kill startups in the name of consumer protection. We are both in favor of avoiding another Mt. Gox, and the numerous other cases where user funds were lost, which includes escrow of the funds held for users. I'd be curious to get your thoughts as to what you consider the most pressing consumer protection issues, as we're working on another piece that will focus more on these.

Given the way that some Bitcoin startups have crashed and burned with people's money, I don't think that it's unreasonable to raise the bar significantly in the name of consumer protection.

If that eliminates small startups in the space from directly offering services to consumers, so be it.

Part of the problem is that the regulations aren't just seeking to cover companies that hold peoples' funds (aka private keys), but instead any technology touching the ecosystem. New York doesn't have to and shouldn't conflate the two.

It makes sense to regulate and, for example, require escrow for companies that are holding user funds in order to avoid the exact situation you point out. It doesn't make sense for a web wallet where the user is storing her own keys client-side.

> Indeed he's attempting to apply an existing regulatory framework to new technology, which rarely works well.

I think this sounds more true than it actually is. "Works" is a fairly ambiguous word, but new technology is released into existing regulatory frameworks every day.