I'd do it using Bitcoin. And I know how to use Bitcoin ~anonymously. Or some other cryptocurrency that's actually anonymous.

It's true that getting assets from cryptocurrencies is hard. I don't do it. I just spend my ~anonymous income on ~anonymous servers to play with.

But if you're moving enough assets, you can pay people, who know what they're doing, to move it. As we've seen in real estate markets in many cities.

Meanwhile, back in the real world, companies that were quite happy to pay for robocalls and social media bots to promote their product are not interested in paying anonymous people anonymously in Bitcoins for campaigns that might get them into trouble, no matter how proficient the bot developers might be at laundering their crypto earnings. That'll be the law working as intended

True. But there's lots more deniability for political campaigns. Free speech and all.

Bitcoin might work for small-scale crime, but as demonstrated by things from Ross Ulbright to the recent arrest of people for the Bitfinex hack [1], we see it doesn't work reliably for large-scale crime. And it especially won't work for businesses trying to be legitimate, which is the main target of this law.

[1] https://cointelegraph.com/news/bitfinex-hack-new-twist-two-a...

People get busted because they're sloppy. DPR, for example. From what I've read, he made at least five major OPSEC errors.

- Back when SR1 was starting, he got a visit from the FBI about fake ID that he had ordered, shipped to his actual address in SF. And he basically admitted that he bought them from SR1.

- He posted to at least two sites about SR1, using accounts linked to his real name.

- Logs in a SR1 server pointed to an IPv4 address that he used in SF.

- Apache in a SR1 server was misconfigured, such that errors were accessible via clearnet, instead of via Tor onion.

- He worked in public with a FDE laptop, which contained everything about SR1. Including IDs for all staff. And he didn't take steps to enable emergency shutdown.

And about Bitcoin. One of my favorite mixing services, Bitcoin Fog, has handled huge amounts of Bitcoin, from various thefts. And nothing has ever been traced, to my knowledge.

Finally, where do you get "businesses trying to be legitimate"? Maybe their customers are legitimate, but why would you say that about the bot providers? They could just have a credible cover operation.

Sure. If your theory is that you can do crime perfectly, feel free to test it. That's a fantasy a lot of people have, but empirical evidence suggests that most of those people were wrong. And regardless, the ability to do anything perfectly gets harder as scale and scope increase, so I'm still comfortable saying that Bitcoin is best suited for small-scale crime.

As to the other bit: Bot providers need to be hired by somebody. If those people are legitimate businesses selling products or services, they will be traceable in the usual ways. It's those legitimate businesses that are of primary concern to lawmakers in this legislation and in most business regulation.

Telemarketering volume dropped? I guess you still aren't getting 10 spam calls on some days.

The Do Not Call list made a huge difference in telemarketing calls for many years. Robocalls have of course gotten worse lately, but those are all fly-by-night businesses and outright scams. The overall pattern is good evidence that non-criminal businesses will in fact respect laws like this.

I wasn't thinking it through. With the law, investigators can devote resources to the issue. And still, I'm dubious about the prospects for nontrivial prosecutions.