Last night's Bitcoin heist of $250,000 (or so) worth of the virtual currency shows that this world isn't quite ready for an online alternative to dollar bills because the promises of deregulation aren't worth the safety hazards. What happened at BitFloor was the equivalent of an online bank robbery, but without the FDIC protection that regular banks with regular money have. Specifically, BitFloor had 24,000 BTC -- an equivalent of $250,000 at the time, according to this site -- taken from a compromised server, as BitFloor founder Roman Shtylman abashedly admits on this Bitcoin forum. The incident has forced him to suspend the site. But more concerning than all of that is that Shtylman might not have the funds to pay back those stolen coins. "As a last resort, I will be forced to fully shut BitFloor down and initiate account repayment using current available funds," Shtylman wrote, saying he would consider looking to investor funds to get all the money back if those "current available funds" didn't cover it -- something that would never happen to a customer if this same thing happened at a regular regulated real-world bank.
Bitcoin's biggest draw is that it operates outside of government institutions, completely deregulated and self-monitored, but that autonomy also removes some of the safety nets the government provides. Let's compare this to a standard bank robbery, which still happen frequently enough to show up on Google News. (For a comparison with more parity, online thievery has happened, too. Just not as often as the IRL stick-ups.) In either case, the bank is held responsible for the lost funds, but as these FDIC regulations show, the customer is not.
Stolen funds may be covered by what's called a banker's blanket bond, which is a multi-purpose insurance policy a bank purchases to protect itself from fire, flood, earthquake, robbery, defalcation, embezzlement and other causes of disappearing funds. In any event, an occurrence such as a fire or bank robbery may result in a loss to the bank but should not result in a loss to the bank's customers.
None of that exists in this BitFloor situation. Out of good faith Shtylman says he will do his best to pay people back. But because there are no rules in Bitcoin world, he doesn't have to. And if he can't, he won't. There's an inherent lack of consumer protection built into a currency that insists on no laws and in situations like these that stinks.
This situation, like Bitcoin hacks before it, also illuminates the apparent safety issues which have also kept Bitcoin from mainstream success. These keys are supposed to prevent theft because of encryption, yet in the BitFloor situation, as Shtylman admits, he had unencrypted ones stored on the server that got hacked. Bitcoin's draw isn't safety, however, and this isn't the first theft of the virtual currency. Earlier this year, Bitcoinica was hacked twice. That exchanged promised to try to refund the stolen funds as well. But when the full money wasn't returned, without any other recourse, four former members filed a law suit against the exchange asking for $460,457.70 in damages. The people who once eschewed the law have now found it as their only avenue to get their money back. (How incredibly ironic.)
Though, there is one seemingly positive aspect of this robbery for Bitcoin: The currency is valuable enough to be worth stealing. That same amount would have been worth much less when the currency crashed to pennies last year. Then again, as it gains monetary legitimacy, Bitcoin requires more protection. And considering that is the antithesis of Bitcoin, we don't see that happening. So, consumers beware: Deregulation puts the liability on you.
This article is from the archive of our partner The Wire.