Teuro! Frequently Questioned Answers

Questioning the Digital Euro FAQ

FQAs about the digital euro, edited by Mikolaï Gütschow and Özgür Kesim.

Questioning the Digital Euro FAQ

The ECB provides answers to 25 questions on the digital euro in its official FAQ, last updated on July 15th 2025. We question the answers based on our research and analysis of the publicly available information about the digital euro. Some answers are oversimplifying the reality, some pass over unpleasant facts, and most of them reveal design problems with the digital euro. For each question, we first quote the ECB’s answer before then discussing it.

Table of contents

Q1. Why woulddoes1 Europe need the digital euro?

Digitalisation is changing the way we pay. The use of cash to make payments is declining and the shift towards online shopping and digital payments is accelerating. The digital euro would be an electronic form of cash for the digitalised world. It would give consumers the option to use central bank money in a digital format, complementing banknotes and coins.

The digital euro would make people’s lives easier by providing something that does not currently exist: a digital means of payment universally accepted throughout the euro area, for payments in shops, online or from person to person. Like cash, the digital euro would be risk-free, widely accessible, user-friendly and free for basic use.

Moreover, the digital euro would strengthen the strategic autonomy and monetary sovereignty of the euro area by boosting the efficiency of the European payments ecosystem as a whole, fostering innovation and increasing its resilience to potential cyberattacks or technical disruptions, such as power outages.

In its general comparison of the digital euro to cash, the ECB makes two mistakes:

  1. essential properties of cash are ignored, such as anonymity and independence of complex technologies. And the properties highlighted by the ECB do not reflect the current design of the digital euro. First, the general term “risk-free” might be misleading. While the digital euro as a digital currency backed by a central bank can indeed be considered a risk-free store of value for citizens, the underlying payment system — same as any payment scheme — is still exposed to a broad range of risks. These include operational risks, fraud and security risks, liquidity risks, credit risks, settlement risks, technology risks, payment system arbitrage risks, third-party risks, and privacy breach risks [@bis1993]. The ECB, as the responsible public operator of the digital euro, and ultimately the general public, must take these risks into consideration.

  2. The digital euro is not as widely accessible and user-friendly as cash, as discussed further in Q8 and Q10. Third, the notion that the digital euro would be “free for basic use” oversimplifies the reality. As discussed further in Q20, the costs associated with the implementation and maintenance of a digital currency are significant and in the end will be covered by the citizens of the euro area.

The claim that the digital euro would “increase resilience to potential cyberattacks or technical disruptions” lacks support in any public documents [@ecDE2023; @ecbFinalInv2023] as no concrete design choices or technological measures are provided. On the contrary, while a CBDC managed by central banks may improve security, it could also become a prime target for cyberattacks. Moreover, a digital currency system which depends on electronic infrastructure would in any case face significant challenges during power or Internet outages, particularly since converting online digital euros to offline versions requires Internet connectivity. Unlike physical cash, which remains usable in such scenarios, a fully digital system may fail if the infrastructure goes down.

Q2. How could the digital euro contribute to Europe’s strategic autonomy?

The digital euro would offer a pan-European payment solution, available throughout the euro area, under European governance.

Digital payments in the euro area remain fragmented, differing by country and by use case. Current European digital payment solutions mainly cater to national markets and specific use cases. To pay across European countries, consumers have to rely on a few non-European providers, which now dominate most of these transactions.

Therefore, the digital euro could also help reduce Europe’s dependence on private, non-European payment providers, while acting as a counterweight to their market dominance.

In turn, the digital euro would make the European payments landscape more competitive and innovative by offering a platform that makes it easier for payment service providers to offer pan-European solutions of their own.

Overall, a successful digital euro could turn Europe into a global frontrunner in digital finance and central bank digital currencies.

While the digital euro could indeed reduce the dependence on non-European payment systems and technologies, it is worth noting that its offline functionality still relies on proprietary hard- and software from mostly non-European phone and hardware manufacturers.

The European payment market is already dominated by two major companies, WorldLine and G+D, both of which are also key commercial players for the digital euro [@worldlineDE2023; @gdOffline2024]. It is thus questionable to which extent the digital euro would foster competition instead of consolidating the market dominance of few global stakeholders. To enable true competition without gatekeepers in the payment market, the digital euro should be based on fully free/libre and open-source software instead of a proprietary design, as further elaborated on in Opportunities of an open distribution model.

On the contrary, the mere existence of the digital euro as government project with presumably low fees is expected to discourage investment in payment technologies by private actors [@effects2023 p. 12]. Competing with a government-subsidized service is rarely viable in the commercial sector. As a result, the digital euro project may actually stifle competition and innovation. On the other hand, the published documents on the digital euro [@ecDE2023; @ecbFinalInv2023] do not contain evidence of innovative technology to improve efficiency, resilience or fraud protection.

Q3. Why would people want to use the digital euro?

The digital euro would be a payment solution for every occasion, for use anytime and anywhere in the euro area. It would be a universally accepted digital means of payment that consumers could use free of charge in shops, online or from person to person. It would give people the option to pay digitally, while still using a public means of payment. And it would be available both online and offline.

The digital euro would be designed to provide the highest level of security and privacy, in compliance with the rigorous standards of the European Union regulations, the strongest security and privacy laws in the world.

The Eurosystem would not identify people based on their payments. Moreover, personal transaction details from offline digital euro payments would be known only to the payer and the payee.

The digital euro would be safe and easy to use and would also seek to promote digital financial inclusion by ensuring that no one is left behind. The digital euro would accommodate the needs of people with disabilities and those with no access to a bank account or lacking digital or financial skills.

To ensure the digital euro would be usable and accessible throughout the euro area, the draft legislative proposal presented by the European Commission foresees mandatory acceptance by merchants and mandatory distribution by supervised intermediaries to their clients.

In its current design, it is unclear what benefits the digital euro would bring to people in practice. Contemporary cash and debit card payments already are generally free of charge for consumers — with merchants covering the fees — and debit cards can work online and offline [@offlinedebit2020kagan], in the latter case posing a financial risk for merchants as the transaction may fail at a later time. Given that bank deposits are generally insured up to €100,000 there is no effective difference between debit cards and central bank money for the vast majority of Europeans, as long as we assume the deposit insurance can withstand a crisis. And for rich Europeans with savings larger than €100,000, the €3,000 cap on digital euro holdings [@ecbHoldingLimit2023] has a negligible effect of 3% in added securities, compared to simply opening another retail bank account.

The ECB answer claims that the digital euro will “provide a higher level of privacy than digital payment methods typically offer”, but the current design proves this statement wrong: Fully anonymous transactions are only part of the offline version, which will likely not be able to hold up to this promise, as further detailed in Q7. On the other hand, the online version of the digital euro will offer even less consumer privacy compared to contemporary payment methods, as further discussed in Q9.

The security of the offline version relies on secret proprietary technology, against well-established consensus among cryptographers (cf. Q7). This approach leaves the claim of a “safe” digital euro questionable and undermines the potential benefits of a “public” service, as users would remain dependent on proprietary digital payment technology, limiting transparency and fostering reliance on closed systems.

The current plans for the digital euro largely involve users opening a digital euro account and additionally linking it to a commercial bank account for the “waterfall” [@ecbProgInv2023]. Thus, using the digital euro will require in practice both an existing commercial bank account and a second digital euro account, contradicting both easiness and inclusiveness. We are also not aware of the ECB engaging with experts on innumerate users lacking key financial skills.

The ECB’s tender only requires the reference consumer software to be developed for iOS and Android smartphones [@ecbTender009488], which are in its vast majority designed and produced outside Europe. Given that the digital euro will be based on proprietary technology, it would only be possible to use the digital euro on European mobile phone alternatives such as /e/OS and Murena phones or Ubuntu Touch from the German UBports Foundation, if the ECB actively provided support for it. At the same time, the digital euro as a proprietary system will prevent its users from studying the implementation and challenge its security. Instead, people will have to trust the provider and the auditors of the ECB without possibility to verify their claims. Embracing open standards and free software [@floss] instead of relying on proprietary technology would help to establish trust in the system (cf. #sec:appendix:floss) and allow for easier integration with alternative end-user devices (cf. #tab:platforms table below).

Table 1. (Envisioned) platform support of different digital payment systems

Despite its two different versions, the digital euro gives less consumer choice. The proprietary nature of its design will prevent subsequent expansion of platform support.
Digital payment systems Digital euro
Credit card Paypal Wero Bitcoin GNU Taler Online Offline
Android
iOS
Browser
Smartcard
Terminal
Open?

Q4. Would the digital euro replace cash?

No. The digital euro would complement cash, not replace it. The digital euro would exist alongside cash in response to people’s growing preference to pay digitally, in a fast and secure way. Cash would continue to be available in the euro area, as would the other private electronic means of payment currently being used.

While the ECB may not intend to replace cash with the digital euro, the extent to which people and businesses will continue to use physical cash once the digital euro is available is not within the ECB’s control. There are several reasons why the digital euro might replace cash at least in practice: First, since the advent of digital payments, every new method introduced has eroded the use of physical cash. Second, all European businesses will be forced to accept the digital euro. Third, the costs of operating the system are partially government-subsidized and thus likely lower than other digital payment methods. Fourth, the digital euro (like cash) is backed directly by the central bank. It seems logical that the digital euro would accelerate the migration away from cash more than the introduction of comparable other digital payment methods has done in the past.

The answer by the ECB is downplaying replacement risks, although they are clearly acknowledged by the European Commission given that the legislation for the digital euro is being paired with legislation to strengthen the continued acceptance of cash [@ecCash2023].

Q5. What value would the digital euro offer merchants?

The digital euro would be a truly pan-European solution, accepted throughout the euro area. It could provide an easier and cheaper alternative to the currently fragmented payments landscape in which merchants work. The digital euro would put merchants in a stronger position to negotiate conditions with payment solution providers and thus reduce their own costs.

The digital euro could also contribute to higher conversion rates for merchants. This is particularly relevant for online shopping, as customers are less likely to turn down a purchase if they are familiar with the payment instrument. Moreover, the digital euro would also allow merchants to receive payments instantly without any additional costs.

Merchants will have to bear the likely substantial cost of integrating support for the digital euro with their business systems. The legal requirement to accept the digital euro at virtually all points of sale across Europe will create extremely high demand for qualified IT integrators, which can in turn charge a high premium over typical integration costs. This will put business owners at a disadvantage when negotiating conditions as they will be required to roll out support in a market with already short supply. While the digital euro is planned to be offered free of charge for consumers, the current design explicitly includes fees to be paid by merchants to payment service providers for access to the digital euro infrastructure.

The proprietary nature of the digital euro technology contributes to a challenging integration, as integrators will have to work against a “black box” with limited technical details available to them. Integration is also rarely a one-time expense, as the integration needs to be continuously tested and maintained as IT systems evolve.

Q6. What value would the digital euro offer intermediaries?

Supervised intermediaries, such as banks, would play a key role in distributing the digital euro. They would act as the main point of contact for individuals, merchants and businesses for all digital euro-related issues and would perform all end-user services.

The digital euro could also provide additional business opportunities for intermediaries.

It would allow intermediaries to have immediate reach throughout the entire euro area, unlike most private innovations, which tend to focus on specific domestic markets. Thus, the digital euro could serve as a platform for intermediaries to increase their customer base and develop value-added services within their offer (e.g. conditional payments or loyalty programmes), fostering innovation and competition in the digital payment markets across the euro area.

Moreover, the digital euro compensation model, as currently foreseen in the European Commission’s draft legislative proposal, provides intermediaries with economic incentives comparable to other digital means of payment.

The burden of onboarding and support of customer and merchants is placed onto intermediaries, with no existing cost model. Economic incentives for intermediaries similar to those of other digital means of payments beg the question of where cost benefits for the digital euro will come from.

The reasons for intermediaries to focus on domestic markets have probably not much to do with payment systems fragmenting the common European market. They can already use the euro electronically and as cash since at least 2002 in the whole area — introduced for exactly that purpose. If anything is holding intermediaries back from reaching further than the domestic market, it is most likely regulatory requirements and legal differences within the euro area, e.g., when it comes to Know-Your-Business (KYB), which will not automatically change with the introduction of the digital euro.

The laudable intention to foster competition between intermediaries is neither reflected in the current design draft for the digital euro, which does not require open standards as the foundation to allow for maximum competition, nor in the high thresholds for potential contributors (cf. Q15).

Q7. How would the digital euro work?

The digital euro would allow people to make secure instant payments in physical and online stores and between individuals, irrespective of the euro area country they are in or their payment service provider. The ECB is currently exploring how this could work in practice.

The first step would be to set up your digital euro wallet through your bank or a post office.

Once your digital euro wallet is set up, you could put money into it via a linked bank account or by depositing cash. You could then start making payments using the digital euro in your wallet.

Whenever you receive money in digital euro, you would keep it in your digital euro wallet, up to a certain limit, or deposit it in your bank account. You could either do this manually or set it up automatically.

Digital euro payments would always be safe and instant – whether in physical stores, online shops or between people.

The digital euro would offer both online and offline functionalities, meaning you could use it even when you have poor or no network reception. Moreover, personal transaction details of offline digital euro payments would only be known to the payer and the payee, providing a cash-like level of privacy.

Ruling out double-spending risks for transactions in offline scenarios, i.e., without connection to the rest of the payment system, is impossible according to the mathematically proven CAP theorem [@cap]. An ECB official at a forum in Vienna in 2024 publicly declared this to not be a problem since “secret proprietary technology solves it” [@markpersonal]. This approach to security through obscurity contradicts Kerckhoffs’ principle — a fundamental concept in cryptography which asserts that the security of a system should not depend on the secrecy of its algorithm [@kerckhoffs1883]. An actual solution would require finding a flaw in the proof of the CAP theorem, which must be considered highly unlikely at this point. In fact, the publicly available documents on the current state of the design of the offline functionality [@ecbDEoffline2024] are still very vague about the actual technical design. But they do mention the need for “forgery check during defunding”, i.e., a delayed check for double-spending, contradicting the claim of offline payments being “safe and instant”, and putting the promised anonymity of offline transactions into question.

The ECB thus acknowledges the inevitable risk of double-spending in offline payments, hoping to mitigate it with “tamper-resistant features” to “protect the information stored on the device and allow mutual device authenticity checks”. While such “secure hardware” can be an effective measure against software-level attacks, hardware security history (cf. Figure 2) has taught us that they eventually cannot withstand physical attacks [@onlinefirst2021]. Offline digital euro wallet holders as potential attackers, however, by definition have full physical control of their hardware, and in consequence may be able to double spend during offline payments. But even without malicious intent of a user, the hardware and software may simply just have defects that manifest themselves as double-spending or look like fraud. If those defects are widespread, e.g., across many users with the same hardware or software version, they would result in many failing attempts of settlement, after “successful” offline payments. It is worth noting that the damages in these cases scale linearly with the number of transactions in the system, not only with the amount of money in it. The ECB has not addressed the question of liability, i.e., how merchants and users who fall victim to fraud of the offline digital euro will be compensated. It barely states that “either the PSP, the merchant or, in some cases, the consumer would be liable”, never the ECB itself [@ecbFinalInv2023].

Linking a digital euro account to a commercial bank account for automatic defunding and funding, in particular, opens up a significant security risk: A compromised digital euro account could be used as an entry point to the ordinary bank account, by moving money without further user confirmation to the digital euro account using the reverse waterfall mechanism.

The holding limit alluded to in the answer is partially motivated by the compliance with contemporary anti-money-laundering (AML) and counter-financing-of-terrorism legislation including globally adopted Financial Action Task Force rules. Without altering those, the digital euro will need to impose even more serious restrictions on payments. As an example, Germany currently requires knowledge about the involved parties (KYC) for digital transactions that exceed €50, while non-rechargeable digital anonymous payment instruments are limited to €150 [@gerKWG]. To prevent structuring, i.e., splitting up larger payments into smaller payments below the threshold, transaction frequencies would also need to be limited. Enforcement of these restrictions will primarily affect honest citizens, as criminals might find ways to tamper with the digital euro software or the time measurement.

Q8. Who would be able to use the digital euro?

As stated in the legislative proposal presented by the European Commission, the digital euro would be made available to people, businesses and public entities that reside or are established in a euro area Member State on a temporary or permanent basis.

People who travel to the euro area for personal or professional purposes, or who used to reside or be established in a euro area country, may also have access to the digital euro.

Moreover, people, businesses and public entities residing or established outside the euro area may access the digital euro by opening digital euro accounts with payment service providers established or operating in a country which is a Member of the European Economic Area or in a third country, subject to a prior agreement concluded between the EU and third countries, and/or arrangements concluded between the European Central Bank and national central banks in non-euro area Member States and in third countries.

The digital euro is far from being as widely accessible as existing central bank money: The online version is inherently tied to accounts at European PSPs and onboarding for the offline version entails user identification, too — e.g., to ensure individual holding limits. This limits access for a significant portion of the European population, such as children, undocumented persons, homeless individuals, and others in vulnerable situations. Physical cash, on the other hand, does not require user identification and is independent of complex technologies and costly onboarding. While it seems likely that no digital payment can ever be as accessible as cash, key design choices made by the ECB for the digital euro, in particular the digital euro accounts with holding limits per person, make the digital euro less accessible than it could be (for example, using digital payment tokens).

Furthermore, the current proposals for the digital euro are unclear on how tourists would be onboarded without effectively enabling the digital euro to be used globally and potentially becoming a viable alternative to cash for organized crime, especially given the transitive anonymous offline function.

Q9. How private would the digital euro be?

Privacy is one of the most important design features of the digital euro.

The digital euro is designed to be able to function offline in a way that would offer users a cash-like level of privacy, both for sending money to other people and for paying in shops. When paying offline, only the payer and the payee would know the personal transaction details of the payments made.

For online digital euro payments, privacy would be implemented so that the Eurosystem itself – the issuer and payment infrastructure provider – would not be able to directly connect transactions to specific individuals.

In addition, we would ensure that our service providers comply with high standards. We would enforce the same privacy and data protection rules that apply to the Eurosystem and impose our robust IT and cyber security rules.

The digital euro would be governed by EU regulations designed to balance privacy with security. This approach maintains robust protections against illicit activities while safeguarding individual privacy.

Recent surveys commissioned by the ECB show a clear consumer preference for payment privacy: In the public consultation on the digital euro from 2021, more than a third of the respondants ranked payment privacy as the most important feature of the digital euro [@ecb2021survey]. In a recent study about consumer payment habits from December 2024, 42% of the respondants affirmed that privacy is one of the top advantages of physical cash [@paymenthabits2024]. But if privacy really was “one of the most important design features” of the digital euro, the current design clearly would have failed this promise: Privacy is only promised for the offline version, which is unlikely to work out in practice (cf. Q7), while the online version has no privacy advantage over existing digital payment systems.

The ECB’s recent progress report and other publications [@ecbBlog2024; @ecbProgPrepFirst2024] only reference data pseudonymity when handled by the ECB and compliance with data protection regulations for PSPs, but no provable, strong consumer privacy for online transactions. In fact, the online digital euro offers even less privacy to consumers than contemporary digital payment methods as it centralizes and standardizes the collection of all of its payment data for the settlement service at the ECB. No effective protections are in place to prevent the ECB or PSPs from creating “patterns of life” providing detailed insights into citizen’s private lives. This will enable an unprecedented level of easy mass surveillance as payment data is no longer siloed across thousands of organizations, databases and incompatible formats [@suerf2022aligny].

Given the convenience functions of the online version such as automatic deposit and withdrawal, and given that Internet is available in many situations, people are likely to stick to the online form of the digital euro, probably in the illusion that their transaction data is private there, too.

The extensive need to identify each individual using the digital euro wallet hardly compares to the privacy of cash, as today we can easily buy wallets for physical cash with physical cash without disclosing any personal information.

Q10. How would the ECB ensure that the digital euro is inclusive?

The digital euro would be a public good, like banknotes and coins are today – but in a digital form.

The digital euro would be free for basic use, via a mobile app or a physical card, by people who want to use it. The digital euro would also work offline if users have limited connectivity.

The draft legislation presented by the European Commission establishes that credit institutions distributing the digital euro would be required to provide basic digital euro payment services for free when requested by their customers.

Moreover, to ensure that everyone – including people with disabilities, those with functional limitations or limited digital skills, and elderly people – can pay using digital euro, public entities, such as post offices, will be identified in each euro area country. These entities would provide people vulnerable to digital financial exclusion with free support and access to digital euro services, such as face-to-face support and dedicated assistance when opening the digital euro account and using all basic digital euro services. Free access to the basic services of the digital euro would also be offered to people without a bank account.

Moreover, a particular focus will be placed on the inclusion of vulnerable groups, such as individuals with no fixed address, asylum seekers or beneficiaries of international protection.

The digital euro would be designed to accommodate the needs of everyone, leaving no one behind.

Physical cash is the most inclusive form of payment, and the digital euro will likely be detrimental to cash use (cf. Q4). Holding and paying with digital euros will require ownership of supported hardware, and the skills to use it. Today, many citizens struggle with modern banking applications requiring multifactor authentication, and we cannot find any answers for this challenge in the published designs for the digital euro. In 2024, 7% and 8% of citizens in the euro area, across all age groups, had no access to an account or a card for digital payments, respectively [@paymenthabits2024]. Moreover, the ECB has given no concrete indications as to how it plans to work on solutions for illiterate or innumerate users. It is also left unclear who will pay for the additional workload and costs connected to face-to-face services by public entities or participating PSPs so that “no one is left behind”. Overall, the central bank underestimates the causes of the digital divide and the digital euro will likely deepen the rift between those with access to modern technology and those living without.

Q11.How would the ECB ensure that digital euro payments work in the same way throughout the euro area?

Supervised intermediaries (like euro area banks) would be responsible for distributing the digital euro. To ensure the digital euro scheme is implemented in the same way across the entire euro area, the Eurosystem is designing the digital euro rulebook that consists of a single set of rules, standards and procedures for the standardisation of digital euro payments, ensuring pan-European reach.

Setting narrow rules, standards and procedures stands in direct contrast to the claim of the digital euro fostering innovation, and real customer choice. It also promotes a financial monoculture where failures are more likely to result in wide-spread outages, similar to the recent CrowdStike outage in the Western world standardized on Microsoft technology [@crowdstrike].

Q12. Would the digital euro be an alternative currency within the Eurosystem?

No. The digital euro would be another way to pay using the euro, our single currency, in Europe. It would be convertible one-to-one with banknotes. The digital euro would respond to people’s and firms’ growing preference to pay digitally.

Actually, the digital euro is not just “another way to pay”, but two distinct new methods of payment with very different properties. Relating it to banknotes instead of bank accounts may create the illusion that both the online and the offline version are comparable to cash, which is only the case insofar that both are issued by the ECB. Crucial differences with respect to privacy are further discussed in Q9.

While there is a general trend towards digital payments both online and in shops, reading that as a “preference” may be oversimplifying, especially as digital payment methods come with associated costs that are often not transparent to the buyer as they are included in the price independent of the specific cost structure of the payment method. There are also instances of firms being coerced into offering and using digital payment methods, which should not be mistaken for a natural preference: For example, Italy was mandated by the European Union to require shops to accept credit cards payments, even for small transactions [@italy2022cardforce]. At the same time, some shops — possibly illegally — refuse to accept cash, forcing customers to pay with cards [@letemps2020refusDeCash]. Mastercard has exploited the COVID-19 pandemic to run campaigns about “unhealthy cash” to promote its business interests [@mastercard]. As an ECB study on the payments attitudes of consumers rightfully mentions, the decline in cash usage in shops from 72% (2019) to 59% (2022) was heavily influenced by the pandemic, and “may prove temporary” [@paymenthabits2022].

Today, when consumers make cashless payments in shops, merchants don’t receive their money immediately. The digital euro would change that – all digital euro payments would be instant.

The single set of rules, standards and procedures developed and, if approved, implemented for the digital euro would mean that instant payment solutions could be further developed to reach all euro area countries. This would reduce the dependence on private non-European companies that are currently dominating the payments sector.

While today money spent at shops is indeed most of the time not immediately transferred to the merchant’s account, there do already exist more modern instant settlement methods for payments in shops (such as Twint in Switzerland, Swish in Sweden, or Vipps in Norway, by the way all operated by European companies) and — more prominently — Instant SEPA transfers within the euro area. The digital euro in its account-based online version has no technical advantage over these other options for citizens residing in a single country.

A key objective of the digital euro seems to be to limit market access for non-European instant payment service providers, limiting consumer choices. This objective seems incompatible with Article 119 of the Treaty for the Functioning of the European Union (TFEU) establishing the principle of an open market economy with free competition.

On the other hand, payments with the offline version of the digital euro need Internet connectivity to be cleared, i.e., are not instant. In case of failures, it is unclear who bears the liability, or when the failure would even be detected.

Q14. Would the digital euro be based on a distributed ledger technology such as blockchain?

The Eurosystem is experimenting with different technologies – both centralised and decentralised – in the development of the digital euro, including distributed ledger technologies. However, a decision has not yet been taken.

The ECB has hired blockchain experts [@ezb2024duve] and is subject to lobbying from cryptocurrency businesses [@dea2024members]. It thus is politically difficult to simply announce that technology created to decentralize payments is not the best fit for a central bank.

Q15. Where does the digital euro project currently stand?

After a two-year investigation phase, the ECB’s Governing Council decided to proceed to a preparation phase, which started on 1 November 2023.

The preparation phase is focused on further developing and testing the digital euro, in line with the design choices and technical requirements defined during the investigation phase.

In this context, the Eurosystem is carrying out extensive analysis, testing, experimentation and stakeholder engagement, to ensure the digital euro meets the highest standards of quality, security and usability.

The current phase runs for two years, finishing at the end of 2025, at which point the Governing Council will decide whether to move to the next phase of preparations and, if so, define its scope and duration.

A decision on whether to issue the digital euro will only be considered by the ECB’s Governing Council once the relevant legislation has been adopted.

It is questionable to which extent the ECB was open to external suggestions during the investigation phase, given that most key aspects of the current design — such as the separation of the online and offline version, the waterfall approach of linking commercial bank accounts to digital euro accounts, the two-tiered architecture involving private PSPs, or the usage of “secure hardware” for the offline version — were already proposed by the ECB before the start of the public consultation phase [@digitaleuro2020].

On the contrary, the ECB has repeatedly ignored expert advice on how to design for privacy, security and usability [@suerf2022aligny; @suerf2021moser; @platypus; @uhlig2023privacy]. Its likely favorite candidate solution for the offline digital euro by G+D [@gdOffline2024] was ranked as “low” both for “Platform Security” and “Maintenance and Communication” in a recent survey [@chavanette2024]. The problem here is not the specific solution, but that secrecy is the main line of defense against double-spending attacks on digital offline payment systems, which results in the low ranking in terms of security and transparency for any such platform.

Q16. Who is involved in the digital euro project?

The Eurosystem – the ECB and the national central banks of the euro area – must ensure that the digital euro meets users’ needs. For this reason, the Eurosystem engages regularly with policymakers, legislators, market participants, civil society organisations and people who would ultimately use the digital euro.

This engagement takes place in different contexts, such as the Euro Retail Payments Board, a forum chaired by the ECB, which brings together payments market stakeholders; and the Rulebook Development Group, which includes representatives from the Eurosystem central banks and the European retail payments market (see Q18).

The ECB also regularly engages with:

  • private companies, which provide feedback on the technical aspects of the digital euro, based on their market knowledge and expertise;

  • European civil society organisations via seminars, to listen to their views and foster an open dialogue;

  • potential end users through surveys, interviews and focus groups, to understand their needs and preferences.

The ECB regularly participates in Eurogroup meetings with the finance ministers of euro area countries and presents the latest digital euro project updates to the European Parliament.

In the past, feedback was also gathered via the Market Advisory Group, comprising experts who provided input on the product design and distribution of the digital euro during the investigation phase.

The public consumer consultation [@ecb2021survey] showed a clear preference for payment privacy and, with less importance, the wish for payments without internet connectivity. While practical proposals for a privacy-preserving CBDC design do exist [@suerf2021moser; @suerf2022aligny], the digital euro does not offer any privacy advantages in its online version (cf. Q9). Preventing double spending without Internet connectivity, on the other hand, which is promised for the offline version of the digital euro, contradicts mathematical evidence as further detailed in Q7.

The ECB engagement with private companies has excluded small and medium enterprises by setting high thresholds for potential participants already during the investigation phase: “Candidates must meet the following minimum requirements: a) the average annual total net turnover of the Candidate must be at least EUR 100,000,000 for the last three financial years; and b) the average annual net turnover of the similar services covered by the contract must be at least EUR 10,000,000 for the last three financial years.” [@ecbTender0078480] Requirements for tender application in the preparation phase are similar [@ecbTender009488].

Organizing seminars to “listen” to the European civil society after making key design decisions is a public relations exercise. An earlier open dialog with stakeholders and experts with the objective of identifying a feasible design for the digital euro that would have social benefits beyond establishing “absolute control” [@bis2021absolute] over the population by the central bank would have been preferable.

Q17. How are European legislators involved in the process?

On 28 June 2023, the European Commission presented a draft legislative proposal for a possible digital euro. The purpose of the legislation is to ensure that any future digital euro would give people and businesses an additional choice to pay digitally using a widely accepted, cheap, secure and resilient form of public money anywhere in the euro area.

The two processes – legislation and digital euro design – are being carried out in parallel so that the Eurosystem can be in a position to promptly issue the digital euro, if and when the decision is warranted once the legislative framework has been adopted.

The ECB provides support and technical input during the legislative process, as required. The Eurosystem will consider any necessary adjustments to the design of the digital euro that may emerge from legislative deliberations.

The ECB’s Governing Council will decide on whether to issue the digital euro only after the legislative act has been adopted.

While the purpose of the legislation should indeed be to provide a cheap, secure and resilient form of public money, the digital euro project conducted by the ECB fails to meet these expectations:

First, the amount of €1.3 billion spent on the project [@ecDeFunding2023] contradicts the notion of a “cheap” form of public money, given that other modern payment systems have been created with budgets of less than 1% of that amount [@tsys]. Also note that this amount is only the budget for developing and operating the digital euro at the ECB and excludes the much higher cost of actually introducing the system across the euro area. Second, the design proposed by the ECB suffers from several inherent security flaws, such as the “reverse waterfall” exposing money in associated commercial bank accounts to risks from compromised digital euro accounts, or the offline functionality contradicting Kerckhoffs’ principle as discussed further in Q7. Third, given the additional complexity on top of existing payment infrastructure for the online version, the proclaimed improved resilience can only be achieved with the offline functionality and is commented on in more detail in Q1.

Running (legislative) design and implementation processes in parallel is a recipe for cost explosions, likely pushing the cost beyond the budgeted €1.3 billion. The ECB is spending a large sum on the project prior to having a legal mandate for it, thus creating a fait accompli bypassing the democratic process and exceeding its mandate.

Q18. How is the digital euro rulebook being developed?

The Eurosystem has established a Rulebook Development Group to draft the digital euro rulebook with input from various stakeholders.

The group, which consists of representatives from the Eurosystem central banks and the European retail payments market, including consumers, retailers and intermediary associations, is working on the basis of the digital euro design choices that have already been approved by the ECB’s Governing Council.

Dedicated workstreams have been created within the Rulebook Development Group to work on sections of the rulebook that require particular expertise.

Instead of engaging in public discussion with the information security community, the rulebooks are developed behind closed doors. The digital euro design choices cannot be questioned by the experts working on the rulebooks, regardless on the privacy, security or usability issues they may create.

The digital euro rulebook should be seen as an attempt to use red tape to paper over the inherent design problems of the digital euro by prescribing complex processes and imposing costly business process requirements on participants. Instead of developing innovative technical standards, it will likely primarily refer to established norms and procedures.

Q19. Would the digital euro be programmable money?

The digital euro would never be programmable money.

Programmable money is a digital form of money used for a predefined purpose, like a voucher, with limitations on where, when or with whom people can use it.

As also envisaged in the digital euro legislative proposal presented by the European Commission, the digital euro would not be programmable money but could facilitate automated payments, if users want to use this function. For example, a user could decide to set up an automatic monthly payment to instantaneously transfer digital euro to family members or friends.

It is strange that the ECB would use such an absolute term as “never” in the context of a technology that can easily be modified or extended based on sociopolitical demands, especially given that the ECB is allegedly still under public consultation with stakeholders. The answer also does not clarify why the ECB has a different view on programmable money than other central banks such as the Monetary Authority of Singapore [@masProgrammable2023], although there are valid use cases for such technology, some of which are politically demanded and arguably socially beneficial, like privacy-preserving mechanisms for age restriction [@kesim2022zero]. Such features should therefore probably be considered on a case-by-case basis.

Q20. Would people have to pay to use the digital euro?

The digital euro would be a public good. It would therefore be free for basic use by individual users.

Banks or payment providers could offer their customers additional, paid digital euro services. These added services would make the digital euro even more appealing for users, offering features such as the ability to split bills among friends or make recurring payments.

Even the absence of direct costs for end users cannot hide the fact that there are significant underlying expenses associated with the implementation of a digital currency. These include the costs of initial integration and onboarding, system maintenance, operational expenses, end-user devices for offline payments, and compliance with legal requirements such as Know-Your-Customer (KYC). The current design envisions (taxpayer-funded) public entities to provide end-user onboarding, mandatory acceptance at European merchants for a fee (passed on to consumers via higher prices), and maintenance and operational expenses borne by the ECB. Reduced profits for the ECB in turn reduce the profits of the national central banks and thereby the dividends paid by central banks to the national budgets, which finally leads to higher taxes. Ultimately, all costs for the digital euro will be borne by the citizens of the euro area, who get no practical advantage from using an online central-bank-backed account rather than a commercial bank account secured by existing deposit insurance schemes.

Q21. Would intermediaries be compensated for distributing the digital euro?

Pending the final legislation, the Eurosystem proposes a compensation model that would create fair economic incentives for payment service providers, like banks, to address the operational costs of distributing the digital euro.

As is currently the case with other payment systems, payment service providers distributing the digital euro would be able to charge merchants for these services. Price setting for merchants and payment service providers would be subject to a cap, as proposed by the European Commission in their digital euro legislative proposal.

As with the production and issuance of banknotes, the Eurosystem would bear the costs of the establishment of the digital euro scheme and infrastructure. Moreover, the Eurosystem would aim to minimise additional investment costs for intermediaries by reusing existing infrastructures as much as possible.

Existing large payment service providers with extensive KYC data will likely be able to monetize their existing customer relationships to profitably offer services related to the digital euro, while new and smaller businesses with higher costs may be effectively excluded by the fee cap and the uniformity of the service offering.

Given that the digital euro will be a liability of the central bank, payment service providers will not only mostly compete on costs; they will be able to do so at the expense of security if the ultimate liability rests with the central bank. Thus, we predict that running systems cheaply with minimal regard for security — or even committing outright fraud at the expense of the central bank — will be the competitive drivers among private digital euro payment service providers.

Q22. Would the digital euro pose a threat to financial stability by disintermediating banks?

Our financial system – with the banking system at its centre – functions well, and the Eurosystem wants to preserve the key role banks play in ensuring the efficient provision of credit to the real economy.

The ECB has made the following design choices to minimise any potential risks the digital euro may pose to the financial system.

  • Users would only be able to hold a limited amount of digital euro in their account. This would ensure that the digital euro would be a safe store of value, similar to cash, thereby preserving the stability of our financial system and preventing outflows of bank deposits, even in times of crisis.

  • Linking their digital euro wallet to a bank account would allow users to make payments over the holding limit and cover any shortfall instantly, without having to prefund their digital euro wallet (assuming sufficient funds are available in the linked account).

As with cash, no interest would be paid on digital euro holdings.

At the currently discussed limit of €3,000 per citizen [@ecbHoldingLimit2023] especially highly impacted small banks would still experience significant threats to the financial stability 2 should citizens be allowed to move a maximum of €3,000 to a central bank account. While customers could withdraw similar amounts in physical cash today, the digital euro will allow them to do so faster and from anywhere in the world, limiting the timeframe the banking system has to react to a bank run.

Many banks are only profitable because of revenue from account and payment fees [@deyoung2004banks]. If gratis digital euro accounts and transactions were to deprive them of this revenue, they will be forced to adjust their business models to make up for this loss of profits. One such business model might be that banks could earn interest from the central bank on the digital euros under their management via the ECB’s deposit facility, costing the ECB significant interest on all digital euros in circulation.

Apart from that, the offline functionality of the digital euro poses another threat to the financial stability of the euro: As soon as someone finds a way to overcome the double-spending restrictions (cf. Q7) they will effectively be able to create digital euros at an unlimited scale. To prevent devaluation of the (digital) euro in such a case, the offline functionality would need to be completely disabled (if that would be even possible without Internet connection) until the cause is fixed, and all affected hardware is replaced.

Q23. Would the introduction of the digital euro make payments in Europe more vulnerable to cyberattacks?

As with other digital infrastructures, the digital euro could be a target for cyberattacks. To mitigate this risk, the design of the digital euro would rely on state-of-the-art technologies that would create a cyber-resilient and future-proof environment.

Clearly, “could be” is an understatement, we can be sure that it “will be”. The formulation of “state-of-the-art technologies” is particularly misleading, as it does not imply the application of the most modern or secure solution available, but merely “what everybody else does”. For example, Windows with CrowdStrike in the Cloud was considered state of the art for the Western airline industry as of summer 2024, rendering it severely vulnerable exactly because of the usage of CrowdStrike software which is designed to infiltrate all important parts of a system [@crowdstrike]. The current state of the art is everything, but not cyber-resilient or future-proof.

Furthermore, the state of the art is unclear in the context of offline payments. To our knowledge, there are no other large-scale payment solutions that currently support offline payments, making the claim questionable.

Q24. How would the digital euro be different from stablecoins and crypto-assets?

The digital euro would be central bank money. This means that it would be backed by a central bank and designed to meet the needs of the people using it. As such it would be risk-free. Moreover, it would respect privacy and data protection. Central banks have a mandate to maintain the value of money, whether it be in physical or digital form.

The stability and reliability of stablecoins ultimately depend on the entity that issues them and the credibility and enforceability of their pledge to maintain the money’s value over time. Private issuers may also use personal data for commercial purposes.

There is no identifiable entity that is liable for crypto-assets, which means that claims cannot be enforced.

No asset is ever completely risk-free, as assets in self-custody may be lost and assets held by a third party may be stolen, for example by illicit access to the account. The stability and reliability of the euro ultimately depends on the ECB and its credibility. The Swiss central bank and the U.S. Federal Reserve have so far chosen not to issue a retail central bank digital currency, likely in part due to the perceived risks to their reputation [@snbCBDC2024; @fedCBDC2024]. It is also not true that every central bank has price stability as its only goal: For example, the U.S. Federal Reserve has a dual mandate which also aims for maximum employment. The ECB, on the other hand, aims at an inflation rate of 2% p.a., which is not exactly the same as “maintaining the value of money”. Moreover, its current mandate is a political decision and might be changed in the future.

Presumably to ensure transaction privacy and data protection, the digital euro is designed as a two-tiered system, i.e., with a separation between the core transaction system and the customer identification system, following precisely the Libra/Diem design [@libra2021] by Meta (formerly Facebook). However, unlike Meta, the government is effectively immune to fines imposed for privacy breaches, as it would merely pay the fine to itself.

Even worse, enforcing claims against the ECB will be harder than enforcing claims against commercial banks. The ECB has political independence and an effectively unlimited legal budget, and can claim sovereign immunity. Thus, enforcing claims against the ECB is likely only to succeed in cases which the bank chooses not to actually fight. In summary, citizens have no effective remedy against breaches of the ECB’s mandates on data protection. In contrast, fraudulent cryptocurrency businesses have been successfully prosecuted and victims have received compensation [@eurojustCrypto2024].

Finally, there is a large difference between the private and the public sector with respect to what personal data enables them to do. Public authorities can change the rules and allow later something that is prohibited at a given time. They could for instance legalize the use of data for criminal and political persecution.

Q25. How much would the digital euro project cost the Eurosystem?

Investing in the digital euro is key to ensure our currency and payments sector remains fit-for-purpose in the digital age.

The cost of the digital euro will depend on its final design and the components and related services that would need to be developed. Some of these components, such as payment settlement, would be developed internally within the Eurosystem. For others, like the offline services component, we are currently undergoing a procurement process to establish framework agreements with external providers.

The Eurosystem would bear the costs of establishing the digital euro scheme and infrastructure, as it does for euro banknotes. And just like for banknotes, it is expected that these costs would be more than compensated by the generated seigniorage3, although this would ultimately depend on the actual amount of digital euro held by users. The ECB is committed to keeping costs low by reusing existing infrastructure as much as possible, while still delivering a digital euro that brings value to consumers and merchants.

In line with its nature as a public good, the digital euro would be free for basic use for consumers and cost efficient for European merchants. The Eurosystem would not charge or benefit from any digital euro transaction fees.

related to the issuance of banknotes, which is disclosed on the ECB balance sheet. It is the difference between the interest earned on securities acquired in exchange for banknotes issued and the cost of printing and distributing the notes.

The published calls for application sum up to €1.3 billion (cf. Q17), still excluding the in-house development and ongoing operational costs [@ecDeFunding2023]. Contrary to its proclaimed goal of keeping costs low by re-using existing infrastructure, the ECB has not considered modern and already developed digital payment systems, such as GNU Taler — which is free software and has been created with less than 1% of the public tenders’ amount [@tsys].

The answer largely passes over the high cost of initial integration and continuous support faced by merchants throughout the whole euro area to comply with the legally mandated acceptance of the digital euro (cf. Q5). It also forgets to mention costs to remedy anticipated fraud in the offline version (cf. Q7), (the PSPs’) typical operational losses due to illicit access to digital euro accounts in the online version, or compensation for data breaches from the ECB’s central database of all digital euro transactions. Finally, it ignores the costs of changing design requirements from the legislation process that is still ongoing in parallel to the implementation (cf. Q17), and the possibility of a complete project failure where all invested money would be a loss.

According to the proposed regulation, “the digital euro should be issued […] by converting payment service providers’ central bank reserves into digital euro holdings” [@ecDE2023 Rec. 9]. Hence, no seignorage income will be generated since the central bank will not acquire any new assets by issuing digital euros.

Means of payment in context — a privacy perspective

The privacy dimension of means of payment is nothing new. Neither are the tensions between anonymity in financial transactions and the implications of such anonymity on security, crime (especially tax evasion) and money laundering when using instruments such as bearer accounts, bearer shares, stocks and bonds. Financial instruments such as bearer accounts in banks as well as bearer stocks and bonds, which had largely come into existence during the late nineteenth and early twentieth centuries, had originally been popular ways to obtain anonymity for cash holdings and to disguise the ultimate beneficial ownership of commercial corporations. Their vulnerability to theft or loss as well as intentional use by criminals for purposes such as money laundering and tax evasion saw their decline and disappearance in the USA by the mid-1980s. More than fifty years of experience in “following the money” including that in cases as notorious as the 1931 conviction for tax evasion of Al Capone had, by 1982, seen the fall into disuse of stocks and bonds in bearer form which by then were no longer issued by corporations or the Government in the USA. Across the Atlantic meanwhile, the last four decades of progressive tightening of laws has meant that while the concept of “bearer” has not been explicitly outlawed under European law, EU legislation such as the 4$^{\texttt{th}}$ Anti-Money Laundering (AML) Directive has imposed so many restrictions on their use that they are not generally considered to be viable instruments any longer.

It is perhaps at least slightly paradoxical that thirty five years ago, we witnessed two developments which went in quite opposite directions. In 1989, the G7 and the European Commission established the Financial Action Task Force or FATF whose recommendations have lain at the basis for, or were conversely influenced by, the EU’s multiple Anti-Money laundering Directives (AMLs), in essence constantly whittling away at the privacy of financial transactions. In Strasbourg, however, in the same year 1989, the Committee of Experts on Data Protection finalised the drafting of a legal instrument adopted the following year by the Council of Europe’s Committee of Ministers: On the 13th September 1990, the 443rd meeting of the Ministers’ Deputies, formally adopted “Recommendation No. R(90) 19 of the Committee of Ministers to Member States to member States on the Protection of Personal Data used for Payment and other related operations”. The key provisions include the following:

3.4.

Personal data may only be collected and stored by the beneficiary for the purposes of verifying the identity of the holder of the means of payment and for the determination of the validity and lawful nature of the payment or other related operation.

3.5.

When an operation is carried out with a means of payment, the personal data relating to this operation should only be collected and stored by bodies providing means of payment to the extent necessary for validation and proof of the operation as well as for carrying out the services and fulfilment of any obligation laid down by domestic law associated with its use.

3.6.

Payment systems should be designed in such a way as to avoid, in the course of a payment or other related operation, personal data which are not necessary for the accomplishment of the purposes set out in principles 3.1 and 3.5 respectively being communicated to the body providing the means of payment and personal data which are not necessary for the accomplishment of the purposes set out in principle 3.4 being retained by the beneficiary.”

These are the provisions of the first sectoral piece of international data protection law which can conceptually be applied to the introduction of the digital euro and enable us to reflect better on its implications for privacy. Admittedly a piece of “soft law” since, like all other Council of Europe Recommendations, this R(90)19 is not binding upon the CoE’s member states but with the same moral authority as other Recommendations including those on data protection and the police —R(87)15— and Medical Data —R(97)5— which had huge impact in shaping the EU’ Law Enforcement Directive of 2016 and the GDPR.

While seemingly protective at first glance, the provisions of R(90)19 were also in line with the derogations permitted in Article 9 of the world’s only binding multilateral treaty on Data Protection, Convention 108 of 1981 which lays out that:

  1. No exception to the provisions of Articles 5, 6 and 8 of this Convention shall be allowed except within the limits defined in this article.

  2. Derogation from the provisions of Articles 5, 6 and 8 of this Convention shall be allowed when such derogation is provided for by the law of the Party and constitutes a necessary measure in a democratic society in the interests of:

    1. protecting State security, public safety, the monetary interests of the State or the suppression of criminal offences

    2. protecting the data subject or the rights and freedoms of others

These provisions of Article 9 of Convention 108 are in turn inspired by Article 8 of the European Convention on Human Rights which has, since 1950, provided the basis for the understanding that while privacy is a fundamental human right and a very important one at that, it is NOT an absolute right but one which is subject to derogations.

  1. Everyone has the right to respect for his private and family life, his home and his correspondence.

  2. There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others.

Therefore, in order for the derogations to apply, any privacy-intrusive measures must pass a number of tests derived from the wording and subsequent interpretation of Article 8:

Firstly, a privacy-intrusive measure cannot be opaque to the public or arbitrarily determined by the Government of the day but instead it MUST be provided for by law thus establishing a clear legal basis for the measure;

Secondly, the same law which establishes the legal basis or a complementary one must also establish clear safeguards for privacy when the state has recourse to such privacy-intrusive measures;

Thirdly the law must also establish clear remedies for breach of privacy;

Fourthly, the privacy-intrusive measure must be both necessary and proportionate in a democratic society.

While the test of necessity is one which is explicit in the text of Article 8, that of proportionality is one which has emerged from the Jurisprudence of the European Court of Human Rights and which is now also rendered explicit in Article 11 of the modernized version of Convention 108, currently awaiting adoption by enough states to enable it to formally come into force.

The foregoing therefore provide the benchmarks for privacy and data protection that any means of payment, in this case the digital euro, would need to meet in order to be legitimately introduced.

It does not appear to be problematic for the digital euro to meet some, indeed many, of the tests outlined above, but it does seem probable that, as currently proposed, it will not meet all the tests.

As explained in more detail in the preceding parts of this paper, the offline version is prima facie too risky a proposition on a number of counts, not least technological, while the online version of the digital euro as currently proposed incorporates mechanisms which can be exploited to ultimately reveal the identity of the holder of the digital currency. The purpose for such privacy-intrusive mechanisms include but are not restricted to the prevention, investigation and prosecution of crimes such as money laundering and tax evasion. Since money laundering and tax evasion fall fairly and squarely into the purposes of “the monetary interests of the State or the suppression of criminal offences” as provided for explicitly by Article 9 of Convention 108, and are provisions which in turn reflects the purposes of “the economic well being of the country” and “the prevention of crime” explicitly provided for in Article 8 ECHR, it is difficult to argue that Art. 3.4 of recommendation R(90)19 does not provide quite a comprehensive derogation to the right to privacy when establishing as a purpose for processing the “lawful nature of the payment or other related operation”.

These then are the first parts of the legal metric against which any law regulating electronic means of payment must be measured. Those rules envisaged in the draft regulation [@ecDE2023; @ecDE2023] which permit the digital euro to maintain traceability of “who made which payment to whom” as established in Anti-Money Laundering (AML) law prima facie do meet the requirements of a derogation made with the purpose of establishing “the lawful nature of the payment or other related operation”. In the case of the digital euro, the data protection compliant legal basis is purported to be provided by the new draft legal framework published in June 2023 as previously cited.

If one were to accept that the two tests of legal basis and necessity have been met by the draft regulation [@ecDE2023; @ecDE2023], it would seem that it is the test of proportionality which the digital euro as currently proposed would fail. For it is submitted that the risk to privacy in creating such a gigantic centralised data base is significantly disproportionate to the functionality or any other advantage gained for the citizen. Pseudonymisation is not enough. The fact that the Central Banks of European Union member states will not have sight of the identities of persons carrying out transactions does not mean that the gigantic central database would not be accessible to the Intelligence Services and Police Forces of the same member states4. For both Article 9 of Convention 108 as well as Article 11 of Convention 108+ could conceivably be used to justify derogations at law for the access of intelligence services of any member state to the contents of such a database5. Even if all the intelligence services of all EU member states were to be considered to be trustworthy in 2024, times change and in another year or three one or more EU member states may not be as trustworthy and may have intelligence services which could use legal access to such a huge centralised database for nefarious purposes. This is one of the main reasons why it could be argued that the privacy-intrusive measure is not proportionate in terms of risks posed and benefit gained. If it is not proportionate then, like the DNA database created by the UK police and condemned by the European Court of Human Rights [@maper2008vsuk], it should not be brought into being in the first place.

Indeed, in line with other reservations expressed earlier in this paper, one is compelled to ask again, “What’s in it for the citizen?” when faced with the proposal for the digital euro as currently framed. EU Citizens already have electronic means of payment in the form of debit cards and credit cards so is a new form of electronic means of payment such as the digital euro really needed? Looking at it from another perspective, would the European Central Bank have proposed such an expensive and risky stratagem such as the digital euro in its currently proposed form had it owned Visa and Mastercard? Possibly not, since the income generated by those two forms of payment would have stayed in Europe and indeed been garnered by the ECB itself. The functionality provided by the digital euro is not one which is a quantum leap over existing electronic means of payment including those provided by Visa and Mastercard. Indeed, in most cases it would be scarcely discernible. Cash would continue to exist so what motivation would the citizen have to use the Digital Euro instead of using Visa or Mastercard or Revolut? Indeed, in a market as competitive as the one for digital payments, offering more privacy could possibly be one of the Unique Selling Points (USPs) that the digital euro could offer, yet that is the one main point on which the current technological design would seem to condemn it to fail. As currently proposed, the online version of the digital euro will be marginally more private than using one’s credit card or debit card but ultimately the user of the online digital euro can be traced, albeit with significantly more effort and possibly by a smaller group of people than at present.

That privacy could be a USP for the digital euro is well recognised. The Chair of the German Central Bank in June stated that “A recent representative survey for the Bundesbank showed that […] for the German population […] the most important feature for respondents is the protection of privacy. Three out of four respondents said it was important or very important for the digital euro to protect their privacy better than existing digital payment options.” [@nagel2024]

Elsewhere, the ECB’s Data Protection Officer has blatantly stated that “The digital euro online offers more privacy than commercial solutions” [@daman2024] and has summarised the Digital Euro’s current USP in the privacy dimension thus:

“Today most payment methods allow the provider to collect a significant amount of information on who is making a payment and for what. Many people feel uncomfortable about the use of their payment data for commercial purposes. That is why the Eurosystem is implementing strong data protection into the digital euro design. We are doing so in several ways:

  • Technology: Your digital euro identity will be separated from your payment data so that the Eurosystem will process a very limited amount of data. Your bank will pseudonymise your data, which means that your name is not visible to the Eurosystem and is replaced by a random identification number.

  • Rules: The Eurosystem will hold only very limited data. In addition, we will ensure that our service providers comply with high standards. We will enforce the same privacy and data protection rules that apply to the Eurosystem, impose our robust IT security and cyber rules, and include strong contractual safeguards such as audit rights and penalties for contract breaches.

  • Organisational measures: The digital euro will benefit from the same organisational measures that apply to all our staff, such as security clearances (i.e. background checks) and segregation between business areas. These measures will help prevent issues like conflicts of interest.”

Is van Damaan right? Well, Yes and No. He is right in that using the digital euro will grant more immediate privacy than, say, using your Visa or Mastercard, but he is wrong in that, in the long term, it would detract from overall privacy, by introducing significant risk through the creation of a huge central database to which national security, financial intelligence and law security agencies could conceivably have some form of access. So the technology section of his analysis reproduced above does not deliver on its promise since, as already identified in the previous sections of this paper, whoever has the key to the pseudonym can then “follow the money”. The “immediate privacy advantage” would not prima facie outweigh the “overall privacy disadvantage” posed by the creation of a huge centralised database and thus “the technology argument” falls flat in its face.

The European Central Bank is already subject to the European Data Protection Supervisor (EDPS) and the European Data Protection Board (EDPB) when it comes to matters of Data Protection. The latter issued a joint opinion on 17th October 2023 where they outlined the following concerns:

If the EDPS-EDPB list of concerns reproduced above is used as a benchmark then it should be clear that the FAQs published to September 2024 do not reassure us that all metrics for data protection compliance have been met. The necessity and proportionality of the single access point, pseudonymisation and the general inherent weaknesses in the design of the offline digital euro remain with us today as some of the digital Euro’s most important inherent flaws. Instead of “privacy by design”, at this moment in time, the digital euro is promising “less privacy through flawed design”. As emphasised elsewhere, it is the flaws in the current design rather than the concept of the digital euro itself which are the matters of grave concern to the group of scientists who have researched and co-authored this paper.

Opportunities of an open distribution model

The distribution models of the software/hardware co-design of a CBDC project, as for any other (digital) solution, can be broadly categorized into four types. Ordered from most restrictive to most freedom respecting, these are:

  1. Proprietary, where the design and implementation is kept as a secret, and users or other third-parties are legally forbidden to inspect the internals;

  2. Source-available, where part of the design and/or implementation is available to allow for high-level analysis and restricted integration with third-party services, potentially only to certain actors;

  3. Open-core solutions which build on a free/libre open-source weak non-copyleft core system where the implementation is publicly available for anyone to view, modify and redistribute, but where key features are kept proprietary; and

  4. Fully free/libre open-source software, which emphasizes the user’s human right to have full control over the software run on their devices and thus excludes proprietary extensions or other forms of digital shackles such as hardware locks. In particular, “free” in this context refers to “freedom”, and not to the price [@floss].

Table 2. Respect of user rights according to distribution models

Legend

means no freedom at all
(✓)
means conditional freedom
means user right is respected

†: Informational self-determination requires control over the software you use.
Distribution model
User RightProprietarySource-availableOpen-coreFree software
Execute
Analyze/integrate(✓)
Modify/improve(✓)
Fully self-determine †

The option for third-parties to analyze, re-use and improve a certain design and implementation allows for broader acceptance (e.g., in other parts of the world) and joint innovation [@raymond1999cathedral]. It also stimulates competition and improves user choice by enabling the provision of end-user services and devices by a larger number of providers. On the other hand, it is wide consensus among cryptographers that the security of a system should never rely on the fact that its internals are kept secret (Kerckhoffs’ principle [@kerckhoffs1883]).

However, the design of the offline digital euro is expected to rely on its proprietary nature for security [@markpersonal]. The ECB has not communicated any clear licensing model for the online version yet, but reserves all the rights on the implementation for themselves in the public tenders [@ecbTender009488].

Bibliography

See bibliography.

  1. The formulation changed from an invitation (‘would’) to an emphasis (‘does’) in the 2025-07-16 update. 

  2. Loosing up to 20% of the deposit base or 9% of total bank liabilities according to [@effects2023 p. 10], or 15% of total bank liabilities according to [@knowlimits2023 p. 18]. 

  3. Banknote seigniorage is the income earned by the ECB 

  4. “Austria, Germany, France and the Netherlands […] think it’s necessary to collect data for specific purposes and, if necessary, to hand it over to criminal authorities. These include combatting fraud, money laundering, terrorism, and tax evasion. Whoever offers a digital euro account will have to follow certain requirements in those areas, the member states agree.” [@henning2024netzpolitik] 

  5. “Germany is skeptical about the single access point in general. A single access point with all user identifiers could be a significant risk to privacy,” says one of its remarks and asks for further explanation on “who will have access to this data and why central storage is necessary in the first place.” [@henning2024netzpolitik]