Kyle Olney returns to break down the truck-sized loophole in the BRCA safe harbor, why the Clarity Act in its current form may be worse than nothing, and how the government's AI export controls are the same fight, just running faster.
↓ Jump to the video and timestamps
Kyle Olney came back on the show under circumstances that are a lot more pressing than when we first spoke last November. The battle for freedom tech has always been happening in the background, but in the last two weeks it moved from background noise to front-page emergency. The U.S. government threw export controls on Anthropic's newest model class with no warning, no due process, and no clear appeal mechanism. Silicon Valley's heads are still spinning. And a lot of people who spent the last two years laughing at Bitcoiners for caring about this stuff are suddenly very interested in what open source actually means.
I've been describing AI as equally exhilarating and unnerving for a while now. Exhilarating because the tools are genuinely extraordinary (our six-person team at TFTC does things I couldn't have imagined possible a few years ago). Unnerving because we've been speed-running into making these tools an integral part of our workflows, and it's starting to look like a honey trap. We got addicted to proprietary models, costs exploded overnight when Anthropic changed their pricing, and then the government walked in and shut off access with zero warning.
I had a front-row seat to the pricing shock. The export control move last week was the second gut-punch in the same week. Kyle's read is that those of us in the Bitcoin and freedom tech community aren't surprised by any of this. We've seen the pattern before. We've been fighting it for years. And the through-line from the Bank Secrecy Act to the BRCA safe harbor carve-out to the AI export controls is the same line, drawn by the same hand, toward the same end.
The original BRCA was a clean piece of legislation. Its construction was simple: if you develop open source software and you never take custody of customer funds, you cannot be prosecuted as a money transmitter. Bright line. Easy to understand. Common sense anchored in law rather than left to regulatory interpretation. That's why it passed the House by better than two to one, bipartisan, across multiple sessions of Congress.
Then it hit the Senate Banking Committee.
The clause they added to Section 604 (the BRCA section of the Clarity Act) introduced an intent and knowledge standard. Under the new language, a developer can lose the safe harbor if prosecutors determine they were aware, or should have been aware, that their software was being used for nefarious purposes. Kyle called it "a loophole big enough to drive a truck through," and he's right. The stated reason the language exists, per his read on the political negotiation, is to preserve the ability to continue prosecuting developers like the Samourai Wallet devs and the Tornado Cash devs. The senators who added it didn't hide the ball on that.
The lawyers at Coin Center and the Bitcoin Policy Institute (Peter Van Valkenburgh and Zack Shapiro among them) have argued that the legal standard for proving intent is high, that you'd need a meaningful paper trail to actually charge someone under this language. I've heard that argument. I don't buy it. Roman Storm was convicted in 2025 on one count, with the jury deadlocking on two others, and part of the government's evidence against him was an email in his inbox that he never responded to. The government inferred knowledge from a non-response. That's it. That's the paper trail. It's complete bullshit, and if you think that language in Section 604 is going to stop a motivated prosecutor from doing the same thing to the next developer, I don't know what to tell you.
The Samourai developers went to regulators and asked for guidance. They followed the guidance they were given. The government charged them anyway. The intent loophole doesn't protect builders. It protects prosecutors.
Even setting aside whether the BRCA language is acceptable (and it isn't), the Clarity Act faces a stacked deck of structural problems that make passage in any form this year look unlikely.
First, the Coinbase and stablecoin yields fight with Wall Street is unresolved. Kyle flagged that Jamie Dimon publicly dropped a gauntlet on Brian Armstrong and what Coinbase is trying to do in the stablecoin space just two weeks before we recorded. Wall Street is not rolling over. That fight is ongoing and there's no deal that both sides can live with on the table.
Second, the BRCA language itself is still unacceptable to the freedom tech community. The trade groups have been clear: a bill without strong developer protections is a non-starter. And the senators pushing the bill know that if they weaken Section 604 further, which Democratic senators will demand, they lose what's left of the Bitcoin coalition's support.
Third, the ethics condition. The two Democratic senators who voted the Clarity Act out of the Finance Committee made their position explicit: they will not vote for a final bill without strong ethics provisions targeting Trump family crypto dealings. That is a structural dealbreaker. Trump is not signing a bill with those provisions in it. There are fewer than 30 legislative days before summer recess. The July 4th deadline the bill's proponents set for themselves is already a physical impossibility.
Kyle's honest read: the odds of this passing even in its current flawed language are low. And from a Bitcoin perspective, that may actually be the better outcome. Passing it means expanding BSA surveillance requirements across every company in America that touches a blockchain, and handing that infrastructure to the government with the developer protections neutered.
We talked about the Bank Secrecy Act when Kyle was on the first time, but he had a specific update from a dinner we had in Austin that I wanted to get into on tape.
The BSA was passed in 1970. The $10,000 reporting threshold that triggers a currency transaction report wasn't chosen arbitrarily. It was calibrated to what was then a high-dollar transaction, the inflation-adjusted equivalent of roughly $85,000 today by Kyle's reckoning. The justices who reviewed the early legal challenges to the BSA in the 1970s were deeply skeptical of it. Several of the most prominent voices on the court at the time thought the arguments for it were constitutionally weak. They tolerated it because the threshold was high enough that it barely touched everyday Americans.
The threshold was never inflation-indexed.
Kyle had a personal example that landed hard: he moved out of an apartment in San Francisco and the landlord wrote him a check for his security deposit. He couldn't deposit it at the bank without triggering a compliance review because it crossed the $10,000 threshold. A security deposit. That's what the BSA dragnet catches now. He described it as a "massive compliance overhead headache" for banks that produces almost nothing of investigative value. He said this as someone who was a bank regulator in a prior life.
The Epstein case closes the argument. More than a billion dollars moved through the pipes over roughly a decade, across thousands of transactions. The banks filed their suspicious activity reports only retroactively, after his arrest. Zero law enforcement action was taken on the basis of them while it was happening. Not even just as Bitcoiners, but as Americans, we should flip the table on this. The BSA's stated purpose is catching financial crime. The Epstein evidence proves it doesn't do that.
What it does do is build a surveillance dragnet over the daily financial life of every American, now extending toward $4 microtransactions on stablecoin rails and layer twos. Take it back to the Supreme Court. Show the justices who barely found the 1970s application tolerable what's being done with it today. Kyle thinks they'd flip the table. So do I.
I've been describing AI as a honey trap for a while. You get addicted to the tools, you integrate them into your workflows, you start depending on them, and then you realize you're a permissioned node at the mercy of whoever controls the model. The pricing shock two weeks ago, when Anthropic pulled back the veil on what inference actually costs, made that real for a lot of people. It made it real for me. Our costs at TFTC went up materially overnight. I talked about it on the podcast. Then the government came in a week later and shut off access to the newest model class entirely, no warning, no timeline, no appeal.
Kyle's analysis of whether this actually serves the government's stated objectives is sharp and worth laying out.
The two things the U.S. government would want from an action like this: keep American models as the global standard, and prevent dangerous capability leakage. On both counts, the export controls fail.
On the first: you cannot advance American strategic dominance in AI adoption by preventing people from accessing the leading American model. You push users onto competing platforms. Those platforms are likely non-American and outside U.S. jurisdiction. Kyle's estimate is that Chinese frontier models are running 30 to 90 days behind U.S. labs, and they've taken an open-source approach to distribution. Open-source models are already 10 to 20 times cheaper per token than proprietary alternatives, by his reckoning. For anyone in the Global South who can't afford a frontier model subscription, the open-source Chinese offering is becoming the default. The export controls just accelerated that.
On the second: you can't classify plain text. You can't classify probability. The physics of the internet don't allow a state to prevent information from moving around the world at the speed of light. Kyle made the point that winning against the Soviet Union was about drowning them in Levi's and rock and roll. Decentralized production and decentralized distribution can't be stopped by state authority. The same logic applies here. Competing models will eventually converge to the same capability level regardless of what the U.S. does to Anthropic's distribution.
My honest read on what happened: best case, this was a petty move specifically targeting Anthropic because Dario's posture toward the Department of Defense was confrontational, and the government wanted to shove him into a corner. Worst case, it's a shot across the bow. The opening move of a full licensing regime, with access to intelligence tools gated behind digital ID credentials, and an aggressive push to stamp out open-source development on the grounds of national security.
I believe the worst case is the more likely trajectory.
A lot of people were laughing last week. Haha, Anthropic wanted a licensing regime and now they're getting one, just not the one they wanted. Dario got what he asked for. But cheering the government's move because Dario was annoying about it is a catastrophic misread of what's actually happening.
The pattern is consistent. The BSA was sold as a tool for catching financial criminals. It became a surveillance dragnet over every American's financial life. The BRCA was supposed to give developers a bright-line safe harbor. The Senate Banking Committee inserted a carve-out that preserved the government's ability to prosecute the exact developers it was supposed to protect.
The AI export controls were framed as a national security measure. The actual effect is that a bureaucrat can now revoke access to a critical intelligence tool for millions of people, with no warning, no stated reason, and no appeal. Kyle's specific fear is that the government looked at Bitcoin and concluded it made a mistake by moving too slowly. It may now be trying to move early on AI and replicate a control structure it failed to build on Bitcoin. If that's the read in D.C., the Clarity Act's developer loophole and the Anthropic export controls are not separate stories. They're the same story.
The UK age verification law is the logical endpoint. The only way to enforce age verification on every screen interaction is a national identity system. Every web search, every inference request, every transaction, all associated to a government-issued identity. Kyle's right that this is the total surveillance direction we've been drifting toward since September 11th.
What Calle is doing with Cashu is the technical answer to all of this. The tokens are blinded, so a mint operator literally cannot see what's happening inside the mint. That's the technology worth protecting. And the fact that Calle remains pseudonymous is not a coincidence.
The game isn't over on BRCA and the Clarity Act. Uphill, yes. But not over.
Call your senators and representatives now. Not in a week. Now. Make developer protections and open-source software your stated primary voting issue. Make clear you will not support candidates who don't share that position. Kyle is direct about this on tape: it is an uphill battle, but it is not a fruitless one, and the urgency has never been higher.
Understand that the AI fight and the Bitcoin and open-source fight are the same fight. The government's consistent goal is a permissioned network where your access to money, speech, and intelligence exists at the discretion of a bureaucrat. The mechanism changes. The goal doesn't.
Get organized around open source. Kyle put it plainly: "If you don't have the ability to run your own model and control your own weights, then you are subject to the whims and fancies of whoever else that's not you controls that model." Whether that's Anthropic deciding only a chosen few get access to its most capable model, or the government shutting down access unilaterally with no due process, it's the same problem. You are a permissioned node.
His formulation on rights is worth quoting directly: "If your access to intelligence, if your access to free, kind of unsurveilled money exchange in the broad economy can be revoked by a bureaucrat you've never met for a reason that they don't have to disclose at the drop of a hat, I think that we have to ask whether you actually have rights."
He who controls the information is going to have the most power as we continue into this age. If licensing regimes and digital ID get thrust through, the ability for individuals to use these tools against stronger forces is severely hindered. That's not freedom. That's a managed permission system that looks like freedom until the bureaucrat decides you're done.
The fight is not over. It may just be beginning. Kyle and I will keep checking in as both these stories move.
The Blockchain Regulatory Certainty Act is a provision within the Clarity Act designed to create a safe harbor for open-source software developers who never take custody of customer funds. The idea is that if you build the tool but don't control the money, you shouldn't be treated as a money transmitter subject to FinCEN regulation. It matters because without that protection, developers building on Bitcoin and other open protocols face the same prosecution risk as the companies actually operating custody services.
Section 604 of the Clarity Act is the BRCA provision. The original language gave developers a bright-line safe harbor tied to custody. If you don't hold customer funds, you're protected. The amendment added in the Senate Banking Committee introduced an intent and knowledge standard: prosecutors can now pierce the safe harbor if they determine the developer knew, or should have known, their software would be used for illegal purposes. Kyle Olney's read is that this clause was inserted specifically to preserve the ability to prosecute developers like the Samourai Wallet devs and the Tornado Cash developers.
There were legal challenges to the BSA shortly after it was passed in 1970, and prominent Supreme Court justices at the time found the arguments in its favor constitutionally weak. They tolerated it because the $10,000 reporting threshold was high enough (the inflation-adjusted equivalent of roughly $85,000 today) that it barely touched everyday Americans. That threshold was never inflation-indexed. Today the same surveillance apparatus applies to routine transactions, and as Kyle argues, if you showed the original reviewing justices how it's being applied now, they would not find it tolerable. The case for taking it back to the Supreme Court has never been stronger.
The public framing was national security: preventing access to advanced AI capabilities by foreign nationals. The actual mechanism reportedly required Anthropic to restrict access in ways that were impossible to comply with even internally, since Anthropic employs foreign nationals who use the model daily. Kyle's analysis is that the controls fail on both of their stated objectives. They don't advance U.S. strategic dominance in AI adoption, and they can't actually prevent capability leakage because you cannot classify plain text or probability. Whether it was a targeted move against Anthropic specifically or the opening of a broader licensing regime is the question that matters most going forward.
With a proprietary closed-source model, you are a customer of whoever runs the model. They can change pricing overnight, restrict access, or have their access revoked by a government order, with no warning and no appeal available to you. With an open-source model where you control the weights, you can run your own inference, verify what the model is doing, and no third party can revoke your access. Kyle estimates open-source models are running 10 to 20 times cheaper per token than proprietary alternatives. The tradeoff has always existed; the Anthropic export controls made it viscerally real for a lot of people who hadn't been thinking about it.
The UK's age verification requirement for online content sounds like a child protection measure. The problem is the implementation: the only technically viable way to verify age at scale across every screen interaction is a national identity system. Every user has to authenticate with a government-issued identity before accessing content. That means every web search, every inference request, and every online transaction becomes permanently associated with your real-world government identity. It is total surveillance infrastructure dressed up as child safety policy.
For software that's already been published and is already out in the world, the practical answer is no. You can't un-ring that bell. The concern is preemptive action: blocking developers from publishing, or prosecuting them after the fact using an intent-and-knowledge standard similar to what's been inserted into the BRCA. The Samourai Wallet developers asked regulators for guidance, followed it, and were charged anyway. That precedent is exactly why the BRCA loophole language is dangerous, and why the AI export controls on Anthropic read as a warning shot rather than a one-off.
Kyle Olney is a freedom tech advocate, entrepreneur, and policy watcher focused on Bitcoin, open-source software, and the intersection of regulatory policy and emerging technology. He has a background in technology and financial services, including time as a bank regulator, and has been on the front lines of the legislative fights around the Clarity Act and BRCA. He is based in Silicon Valley and has been a recurring voice in the Bitcoin policy space. He joined TFTC for the first time last November.
