Digital Identity Convenience

I had two different but related things happen with my 18-year-old daughter. They made me think of the future and Digital Identity Convenience.

I took her to the DriveTest Centre this week to get her G1 (driving license). Since she’s 18, I left it up to her to ensure she had all the necessary documentation. She brought her Ontario Health Card and Canadian Passport. When it was her turn, she went to the counter and presented her documents. The representative looked over the papers and let us know the passport was expired, and thus she could not accept it. She asked if she had another piece of identification, like a birth certificate. Of course, she did not have this with her.

Frustrations

As we left the DriveTest Centre, I mentioned that we wouldn’t have had this problem if she had a digital wallet that could store her identity documents. As a result, she would have had all her credentials on her phone to prove who she was. She told me, in short, that it wasn’t a better alternative because she had just watched a movie on digital identity. She said we would all turn into tracked and controlled robots of Big Brother if we let that happen.  

My daughter opened a new bank account online but still has to present herself in person to finalize things. She could have completed that step online with a digital wallet holding credentials and verification via biometrics. She would have access to the new account immediately. Why does the bank offer the option to open an account online? 

You’re Already at Risk.

Lately, I’ve seen many conspiracy theories on social media about Self-Sovereign Identity (SSI). People criticize how it’s being implemented and warn about the negative consequences. It’s almost as if people don’t realize that organizations are already monitoring and influencing us. Google and social media algorithms have been instrumental in this.

Right now, Facebook owns your identity and essentially decides what you see in your feed; and Google tracks your every move. These companies claim our data as their asset and make money off it.

“Many acts of ‘digital misdirection’ are happening before our eyes every day, and we are becoming more aware of them. Every online action has become a piece of data used to coerce and constrain our digital experiences. We see it in the ads across all our devices following an Internet search, in the ever-narrower set of content we’re shown on our social media sites, and in the increasingly compelling, sometimes spooky, product recommendations we receive. This digital misdirection goes on to the point that we begin to wonder whether we can still exercise any free will online at all.” – The Rise of Surveillance Capitalism

Monetize Your Identity

What if you could monetize your identity? What if you could share extra preference data with Facebook and allow them to share that data with a third party for a fee? You could charge $0.50 for every additional set of preference data you share. Self-Sovereign identity can give you control over your data and generate passive income. Why wouldn’t you pick this option?

Honest Stewards of Our Data?

A lawsuit against Google stems from investigations dating back to 2018 by Princeton University and the Associated Press. The lawsuit alleges that Google falsely led consumers to believe that changing their account and device settings would allow customers to protect their privacy and control what personal data the company could access. Contrary to Google’s representations, it continues to surveil customers and profit from customer data systematically.

What else are these media giants doing that we haven’t figured out yet? How Bad is the Global Data Privacy Crisis? And you want them holding your information? I’m confused.

Big Tech

Platforms like Facebook and Google aren’t fond of losing access to people’s data; having less control over the user data makes it far less valuable for monetization. I’m not sure why people aren’t more concerned with this aspect.  I can’t help but come up with my own conspiracy theory: the Facebook algorithm suppresses positive news and advancement in SSI while pushing misinformation.  With digital identity, you (the holder) can control your identity and decide which credentials to share with whom.  That’s a significant loss for big tech.

SSI Architects Care About Privacy and Security.

I saw a Facebook post with a photo of a copy of The World Economic Forum – Advancing Digital Agency report with the quote, “Digital ID, it isn’t just a rumour, people. WEF wants to control everyone’s life. SHARE“. The WEF report is more about protecting users, the challenges of broken trust, and data intermediaries instead of controlling everyone’s life.  Digital Identity has many benefits, particularly for vulnerable and marginalized groups (refugees). 

We care about privacy and security; we have the same concerns. Organizations like Evernym/Avast want to embed eIDAS in their products, but only if it addresses these four problems and maximizes opportunities. 

We Can Help Mitigate

Something crucial for laymen to remember is that governments cannot build and implement these frameworks without help from the private sector. That includes SSI consultants like us here at Continuum Loop. We’re regular members of society; we have friends, family and children that we care about and want to protect: now and in the future. We are involved because we care and are aware of the negative implications and aspects; we can help mitigate these factors, build these frameworks, and make them beneficial for all.

Hold, Own, and Control your Identity.

Digital ID is nothing new; it’s been around for a while in one form or another. However, the COVID pandemic has caused a “digital acceleration” event where our reliance on technology has catapulted us forward. The pandemic has accelerated the adoption in many ways, like the increased use of QR codes and contactless payment to mitigate exposure to the virus. In particular, it has helped raise awareness of the need for such a system and its benefits.

You will take back control of your identity and hold it. Not Facebook, not Google, and you will decide what credentials to share on a need-to-know basis. We don’t have to be scared of the shift; we must ensure the architecture is built ethically for all.

The Privilege of Hesitation.

We are privileged to be able to be so critical of these emerging technologies. We take for granted that the college or university we graduated from will always be there or that our government institutions will always be in place and functioning to provide us with the services we need. I can’t help but wonder how a current refugee, who had no time to take paper documents, would feel to have the ability to easily prove their identity while starting over in a new county. All we have to do is look to Ukraine and see why centralized Identity systems can cause a problem.

Ukraine

Many Ukrainians have been displaced and need to apply for new documents to be able to travel and access services in other countries. The centralized identity system can make it difficult for people to get their records. As different groups seek refuge, they face unique challenges. For example, many Ukrainians of Roma origin suffer discrimination in Ukraine and may not have any documentation indicating their identity or citizenship. Being undocumented as you flee conflict and navigate foreign countries can lead to many dangers like human trafficking. Desperation can lead to refugees bribing government officials to get their documents. 

Estonia

In contrast, Estonia has a practical but highly-centralized digital identity system that makes it easier for people to access the various services they need. While it is centralized and questionable from a privacy and surveillance perspective, this system allows for secure and transparent transactions that make citizens’ and e-residents’ lives more convenient and secure. The Estonian government has been using this technology since 2001, and it has helped them become one of the most digitally advanced countries in the world. 

While this implementation of digital identity is not ideal for many reasons, it’s a step in the right direction, and we can build from it. We can handle the flaws within the system (e.g. privacy, centralization).

Rebuilding Trust.

These technologies cannot move forward without the general public’s adoption. Organizations must rebuild trust for this to happen. Those building the framework architecture are fully aware of this challenge; the general public has lost confidence in how organizations hold and use their online information.

There are many possible ways to rebuild trust. One way is to give people more control over their information. With Self-Sovereign Identity, they can choose what information they share and with whom, and they can also see how their data is being used and change their settings accordingly. 

Another way to rebuild trust is to ensure that the technology is secure. People need to know that their information is safe when shared online. Organizations need to ensure that they use the latest security technologies, Blockchain Technology, to protect people’s information.

Finally, people need to know that the organizations they trust with their information are reputable and honest. Organizations need to be transparent about using people’s information and their steps to protect it, and Verifiable Credentials will facilitate this.

Embrace the Shift

In a world where corporations and governments are constantly harvesting our data, it is vital to regain control of our identities. Self-sovereign identity is a new way of thinking about identity that puts individuals in charge of their information. We should embrace and use it to create a more equitable society. 

Visit our blog, follow us on social media, and subscribe to our newsletter to stay up to date and learn more about decentralized identity.