How do you determine which entity a transaction orginates from in the bitcoin network and relay that information to someone without given that somebody the IP associated with said tx?
Clustering of addresses from the blockchain - like walletexplorer. Wallet explorer keeps a list of entity <-> wallet mappings, you can build such a list from anyone you transact with, and it is only the financial institutions / big wallet services that are relevant here for compliance purposes.
Would it perhaps be possible for a financial company, ie. an exchange, to subscribe to your services, and then just get automated recommendations based on tx'id. So that exchange could then plug into your service, and if a customer sent funds to the exchange, and you service returns a "no good" to the exchange, the customer is denied service at the exchange? That would basically put you in the same category as a rating bureau, giving you voting power over which customers should be given service at an exchange or similar. But there could be many false-positives, and the data might not be accurate for its purposes. And if enough institutions use you service, then govt. entities could force you into blacklisting certain entities, just like the USG did with Mastercard and VISA when they put a wrench in the funding for Wikileaks, or how they pressurized VISA and Paypal to stop processing payments for Mega. In essence you could contribute to breaking bitcoin fungibilty. Worse, customers that are rejected at a service based on data from your analysis service might not even get to know why they're rejected by their service provider.
Before answering I think it is important to stress my view on bitcoin:
I believe that bitcoin is a great technology enabling online cash hereby including possible the entire 3rd world into our economy, it should hence be regulated and integrated into the existing financial system. - I do sympathize with some libertarian views, but I am Danish, I don't believe in revolutions - I believe in the little change every day, and I truly believe we get a little bit better world if you can buy and sell bitcoin in your normal bank.
Lets split your question above in the 3 important parts it contains:
1. Do financial services need to do customer due diligence in bitcoin land - and can they use Chainalysis for that ?
Yes, they do need to check their customers - the alternative is that they don't and take the entire risk them selves causing them to do time at some point by indirectly contributing to Money Laundering. Please don't ask and expect from financial services that promote bitcoin that they should take that risk.
2. Could you hereby risk becoming a persona non grata even if you did nothing wrong ?
In bitcoin there is no persona non grata - bitcoin is cash - further, there is no tainted money, they are fungible - but again as in cash - there sure is stories that you as a financial service inst need to react upon. Lets say you want to deposit $1m in cash in your bank - will the bank let you do so - most likely no, at least not w/o having a good idea that the funds are obtained in an ok way (that is their legal obligation). So, say you are the head of Red Cross and you just had a huge collection and you again show up with the $1m. Then yes the bank would accept them. The money are fungible, it is all about the story befind / the origin of the funds.
Another example could be the cryptolocker guy trying to turn the BTCs obtained through his virus into USD - of course it is ok for an exchange to screen for that, of course it is also OK to screen for other addresses that the exchange thinks contain other stolen funds. If you don't like that, you are basically expecting the exchange to take a huge extra risk.
3. Could govt force exclusion of certain players this way ?
We choose Switzerland as a country to incorporate in mainly for this reason. I guess govt can always enforce a lot of things, that kind of goes with govt. Are we by what we do building weapons for govt ? Or is bitcoin core building tools for money laundering, slavery etc ? Both arguments are in my book equally right or wrong (Personally, I think they are both wrong).
We have innocent customers today having their traditional fiat transfers being interrupted, sometimes only because there's a false-positive match on a "list" that banks keep to attempt to prevent funding to terrorist groups etc. Do we really want the same for bitcoin? I'm of course not advocating that terrorist groups should be funded with USD, EUR, BTC or anything else, but on that note, perhaps stopping the "bugsplatter" in remote countries by remote controlled drones would be an idea.. I don'ẗ know what creates more terrorists, having innocent families killed (read:
Drones and the rise of the high-tech assassins) in Afghanistan, or allowing people to freely use bitcoins..
I actually think that the measures against money laundry, terrorist financing etc are pretty reasonable as they are today, some parts are a bit too much, some are perhaps a bit too loose. As I stressed earlier, any customer is a possible liability for a financial institution, if they onboard the wrong ones they can end up pay fines or do time. Of course they are cautious, and yes it will result in false positives. Already today I think it would be awfully hard for someone from North Korea or Afghanistan to open an account on any bitcoin exchange. A pity if he or she was actually trying to promote a better world there, but the risk is to big and that causes casualties.
Bitcoin is meant to be a alternative to the status quo. In that regard, you're not contributing, despite your excuses.
Bitcoin is a technology - it is cash on the internet, and as such an alternative to a lot of things. It might end up being also an alternative to banking as we know it and even to government, but I believe that through coexistence bitcoin will succeed most as a technology.
You have stated that the nodes of yours were running to collect, analyze and prepare data for a blog post. That might be so, but as you also have a public website, see the quote above were your intentions are quite different.
My comment (no 1 from my first post) was re the legal accusations - anyone are free to believe what they want - we had no bad intend, which at the end of the day will be important when it comes to legal.
You're also trying to play down what you're doing by pointing to what google does, that somebody would do it anyway, what blockchain.info does etc, still you did shut down the nodes in question when attention was brought to this issue.
We shut down the nodes as we learned they interfered with breadwallet. And right now we are having an important discussion on what you (ethically) can and cannot do on the bitcoin-network and how you should do it. It would be arrogant to just keep them running now, even if patched for breadwallet.
I'm sure however on a financial level that providing such a "regulatory compliance"-service is not a bad idea, but for many involved in bitcoin, money is not their primary motivator. If you believe in bitcoin, and want to help the community, perhaps now would be a good time to shut down the Chainalysis-enterprise, and work with the core devs to prevent others from doing the same as you've been doing lately, perhaps even by showing some of them your code and tools to help speed up development for protecting the fungibility of bitcoins.
I don't see fungibility of bitcoin threatened - and I am strongly opposed to the creation of white/black/red/[choose color]-lists of bitcoins per se, it doesn't even make ses from a compliance viewpoint. Also, no one has a mandate to say what bitcoin is about from a political pov. Bitcoin is a technology enabling cash transaction on the internet - pretty d*mn cool. How it is used politically will always be segmented.
On a non-similar note, but to demonstrate an ethical point. A clever programmer could work on software used in a millitary weapons system, a system that was largely sold to third-world countries, and left lots of deaths in its trail. The programmer could shrug his shoulders and say: "I'm putting food on the table of my family, the fact that 100 families dies in Africa because of my code, is frankly none of my business, if I did not write it, somebody else would". Perhaps somebody else would do it, that does not mean that this particular programmer had to do it.
Of course there's no direct similarity to block chain analysis and millitary weapons systems, but the ethical points are the same. Every person matters, and the action of every single person combined becomes the actions of the whole population.
Of course it's possible to separate yourself from the collective whole, like many do, and only think about their own financial gains. In the end, I'm not sure if that's what brings the greatest satisfaction.
In summary, I'm not intending to bring on hate, just to convey my view on the matters. Solution to this issue must be built on a technical level, not on a human level.
I did already comment on the technology ethics side - there are casualties also just by doing bitcoin core dev. If you knew me personally you would know that I am against mass surveillance too - the last 15 years of terror attacks have shown that intelligence agencies don't lack data, they lack the ability to understand them (j'suis Charlie, Copenhagen, 9-11 etc - all done by people known by the intelligence agencies, so not a lack of data, they need to use better what they have - and not to start collecting data on the rest of us instead).
But proper customer due diligence is not surveillance, neither is statistical overview of pr country bitcoin transfers.
Final note - I agree that if you have a wish for using bitcoin in a super private / anonymous way it is a technological solution/skills you need, not policies. Sometimes you might want to stay anonymous, sometime you don't - for sending anonymous transactions - use Tor, and, I would also recommend you to not post a bitcoin donate address on your site, that is unless you regenerate a new pr session. (it is of little value to anonymize your transaction if the sending address can be linked to a site you control, just by googling it).
Cheers,
Michael