CBDC privacy by design: reconciling protection with compliance

The paper challenges the conventional view that privacy and crime prevention are fundamentally incompatible in central bank digital currency (CBDC) design.

It argues that modern privacy-enhancing technologies (PETs) allow for both robust privacy protections and verifiable compliance.

By integrating a technical design framework with a strategic game-theoretic model, the research demonstrates that privacy and auditability can be engineered as distinct design dimensions.

This approach enables cryptographic shielding of routine, low-value payments while automatically triggering disclosure for transactions that breach policy-defined thresholds.

Embedding these capabilities directly into the CBDC's system architecture can make privacy a built-in feature, thereby strengthening institutional trust and legitimacy.

Architectural choices made during the current CBDC design phase will profoundly influence institutional credibility for decades.

Payment data can reveal not only consumption patterns but also individual vulnerabilities, underscoring the need for robust privacy safeguards.

Privacy-enhancing technologies (PETs) have evolved rapidly, offering a timely opportunity to integrate stronger protections before CBDC architectures become fixed.

Core PET building blocks, such as authenticated encryption and zero-knowledge proofs, are already employed in live systems.

The primary challenge is no longer scientific uncertainty but rather achieving engineering maturity, regulatory clarity, and a firm institutional commitment to prioritizing privacy in design.