Bitcoin

Bull Bitcoin Files Landmark Legal Challenge To Annul France’s DAC8 Crypto Data Surveillance Rules


Bull Bitcoin exchange, recently licensed under MiCA, is challenging the European directive in French courts that sets up a mass surveillance database, putting millions of crypto users at risk. 

Bull Bitcoin, the world’s oldest Bitcoin-only and non-custodial exchange, recently licensed under MiCA by France’s financial markets regulator AMF, has filed a legal challenge before the Conseil d’État, France’s supreme administrative court. The challenge seeks to annul Decree No. 2025-1276, the main measure transposing the European DAC8 directive into French law, on the grounds that it creates a massive surveillance grid and database that institutions can not secure from leaks and data hacks, ultimately putting civilians at risk of kidnapping and physical harm. 

Alongside the legal action, the company is making dac8.com public: “a complete, fully sourced resource for citizens, journalists and policymakers,” according to a press release shared with Bitcoin Magazine. 

In recent years, there has been an alarming rise in kidnappings and physical attacks on crypto users, most concentrated in Europe, with France being an epicenter. Organized crime seems to be exploiting poor data reporting laws of law-abiding crypto users who, by paying their taxes, expose their ownership of crypto assets. Given that Bitcoin and other cryptocurrencies are not reversible and can be transferred internationally with ease, criminals are hunting down crypto users. France has had the second most physical attacks on crypto users after the USA, which has a much larger population, according to Gart, a company dedicated to protecting users from this rising threat.

High-profile figures in the Bitcoin and broader crypto industry have been targeted in recent years, such as Binance France CEO David Prinçay and Ledger co-founder David Balland, who lost a finger during the incident, among many others. Jameson Lopp, co-founder of Casa, a high-security Bitcoin and Ethereum wallet company, has organized ‘wrench attack’ data for years in a database on GitHub showing an accelerating trend of attacks. 

Bull Bitcoin argues in its legal challenge to the DAC8 that further consolidation and sharing of crypto user data will only perpetuate this trend of physical attacks. However, they also argue that these personal security risks created by the DAC8 are also working against the stated intentions of the regulations. They argue that users will simply find legal alternatives to centralized, regulated exchanges, opting to purchase the assets off the grid via peer-to-peer exchanges, home mining or offshore unregulated alternatives, making tax collection even more difficult.

User Data Honey Pots

DAC8 turns the natural incentive a company has to protect its users’ data into a valuable multinational database with many entry points, which cybersecurity experts have for a long time called a honey pot. Bull Bitcoin points out that regulated crypto-asset service providers (CASPs) under MiCA, DORA and the GDPR are supervised, sanctionable professionals with financial incentives to protect their customers. DAC8, in turn, does the opposite: it moves data into administrative reporting networks where access is broader, and accountability is harder for users to assess. The security of the whole — Bull Bitcoin concludes — is then only as strong as its weakest link. 

The history of data security over the past decades shows that amassing user data and keeping it safe over time is very difficult. Just this year, the French National Agency for Secure Credentials (ANTS, also known as France Titres) suffered a major breach detected on April 15, 2026, exposing data from up to 11.7–19 million accounts. Compromised information included login IDs, full names, email addresses, dates of birth, account identifiers, and, in some cases, postal addresses, places of birth, and phone numbers. 

Months earlier, the French National Bank account registry also suffered a major hack, exposing data tied to approximately 1.2 million accounts. The compromised information included IBANs, account holder names, addresses, and, in some cases, tax identification numbers, though officials stated the attacker could not view balances or conduct transactions.

In the United States, the situation is not much better. The Equifax Data Breach in 2017 affected 147 million Americans, and the National Public Data Breach of 2024 affected over 200 million Americans, leading to leaks of social security numbers among other critical information. And back in 2015, the Office of Personal Management of the U.S. government was also breached, compromising a large number of U.S. Government officials. The data stolen included everything from social security numbers to medical records. 

The list of such breaches is long, and the only logical conclusion to draw from it is that the less user information that ends up in these honeypots, the better, as ultimately all of these hacks put civilians at risk either from physical attacks or from identity-theft related fraud. 

Families On the Front Lines

Of the many issues identified by Bull Bitcoin and documented on the DAC8 website, the most alarming one might be how even individuals who have not purchased crypto might end up harmed by this concentration of data, just by familial association with a Bitcoiner or crypto user.

Citing data by Certik, Bull Bitcoin highlights that more than half of the violent incidents recorded in 2026 against crypto owners targeted a family member — spouse, child, elderly parent — as a direct victim or as a pressure lever over the key holder. On the topic, Bull Bitcoin assets that  “DAC8 therefore exposes not only crypto-asset holders, but their entire close family circle: between 40 and 135 million Europeans fall into a physical-risk zone, without any of them ever having consented.”

Francis Pouliot, CEO of Bull Bitcoin considers this overreach into the privacy of Euroeans to be potentially catastrophic for the prosperity of the continent, he minced no words in the press release saying that “DAC8 has transformed the concept of Know Your Customer into Kill Your Customer.” He added, “We cannot let the very foundations of civilization be shattered by this attack on privacy rights. We must draw a line in the sand and refuse to cede any more territory before we have nothing left. Someone must take a stand. It appears that no one else is willing and able to do so. Therefore, it falls to BULL to lead this fight.”

The DAC8.com is rich with facts, figures, official sources (EUR-Lex, OECD, Legifrance) and analysis, in French, English and other European languages for those interested in reviewing it and freely using it.



Source link

What's your reaction?

Excited
0
Happy
0
In Love
0
Not Sure
0
Silly
0

You may also like

More in:Bitcoin

Leave a reply

Your email address will not be published. Required fields are marked *