I am just going to link an article I found via Google Play Newsstand.
It shows that Bitcoin is pseudonymous at best:
Anytime you are using a change address it is detectable it is a change address due to the typical “loop” the change transaction does. That is already a proof that you have private keys from that change address although you didn’t send a payment from it.
Address reusing is the second step that will doxx you. This way a list of addresses that you own can be built. Of course this still doesn’t show your name - until somebody asks an exchange or other company that has public addresses (it has public addresses by default, by signing up and making some deposits you get an initial set of addresses that you know belong to the company. Blockchain analysis will take you further from there.)
Both change addresses and privacy can be set individually if you use Electrum BTC wallet - it still takes some management to care about from which particular address which coins go out.
For example, by depositing bitcoins into an account at the biggest Bitcoin exchange, Mt. Gox, we are able to tag one address as definitely belonging to that service, and by later withdrawing those bitcoins we are able to identify another. In theory, the use of pseudonyms within Bitcoin provides a property called unlinkability, which says that users’ transactions using one set of pseudonyms should not be linked to their transactions using a different set of pseudonyms. In practice, however, certain properties of Bitcoin usage erodes this anonymity.
Suppose you want to spend (send) some bitcoins – for example to make a purchase costing 10 BTC with a merchant. You have bitcoins spread across multiple addresses – one containing 6 BTC and another containing 4 BTC…
One potential way to pay the merchant would be to create a new address, send the 4 BTC and 6 BTC to this new address, and then send the 10 BTC now contained in this new address to the merchant. (In fact, this is the method that preserves the most anonymity). There’s a simpler and more efficient way though – transactions are allowed to have arbitrarily many inputs, so it’s possible to just use the 4 BTC and 6 BTC addresses as input to the same transaction.
This provides the first means by which we can cluster (link) addresses – if two addresses have been used as input to the same transaction, they are controlled by the same user. Since the sender must know the private keys corresponding to all input addresses, this assumption is strong.
Danish police even used BTC’s bad privacy to hund down real people. However, the Danes claim their methodology is different & superior & top secret.
Anyway, the article on blog.acolyer.org got a followup mainly dealing with ZScam’s enhanced privacy.
ZCash and Monero are the two really privacy focused coins - as shown here the privacy scheme of DASH is not so great. Incidentally, the Apple App Store had a thing with privacy-centric coins - they weren’t on the list of approved coins - but it seems to be a thing of the past. Anyway - the article 20 Feb 2017: A fistful of Bitcoins: Characterizing payments among men with no names in fact cites a study that because it is needed to use an exchange to cash out BTC to fiat it is a very naive and inconvenient way of money laundering. It’s an easy FUD to spread though…so that we can buy cheap coins for a wee bit longer.
Here’s something more worth pointing out though:
I don’t think exchanges are used for capital flight because of the banking paper trail. If you deposit fiat onto an exchange there is a permanent record of it at the banks used. I believe the real capital flight is happening on the mining side. Buy some hardware and pay for some electricity and magically you become the owner of untainted bitcoins which can be sent and used anywhere in the world anonymously. This is why mining has centralized in China. This is why it’s hard to compete against them. Even with cheap or free electricity it’s hard to compete and get a positive ROI. But Chinese miners are happy to even work at a slight loss because profit is not their goal and they are happy to pay a “laundering commission”.