Identities of the future run on iden3


Decentralized identity: a natural check on government and corporate power

Posted by Sacha Saint-Leger on August 29, 2019

Identity is a uniquely human concept. It is that ineffable “I” of self-consciousness, something that is understood worldwide by every person living in every culture. As René Descartes said, Cogito ergo sum — I think, therefore I am.

-Christopher Allen, The Path to Self-Sovereign Identity

What constitutes your identity? What makes you who you are? What is it about you that distinguishes you from others? Philosophers have argued over these questions since the beginning of civilization. Suffice to say there are no simple answers. Identity is a difficult concept to pin down.

Nevertheless, we don’t need a precise definition to see that there are problems with how modern society thinks about identity.

In the words of Christopher Allen:

Today, nations and corporations conflate driver’s licenses, social security cards, and other state-issued credentials with identity; this is problematic because it suggests a person can lose his very identity if a state revokes his credentials or even if he just crosses state borders. I think, but I am not.

Our existing systems are failing us

In recent times, identities have been verified by credentials such as a passport or social network account issued by a central authority (usually a state or corporation).

However, as noted in Verifying Identity as a Social Intersection, such identity systems have several interrelated flaws:

  1. They are insecure. Crucial data such as an ID number constantly has to be given out. This is enough to impersonate an individual. On top of this, since all data is stored in a single repository managed by the state or a corporation, it becomes particularly vulnerable to hacking or internal corruption.

  2. They narrow you down to one thing (in system or out, criminal or not, a credit score, etc.). The central database has little use for more information than this. This limits the functionality of the system and results in great injustices (for example convicted individuals find it hard to re-enter society as this is the only information about themselves they can reliably convey).

  3. They are artificial, in the sense that the information stored about you usually bears little relation to what you or your friends think of as your identity.

To quote directly from the paper:

Recently, new identity paradigms have tried to get around some of these elements. One approach, adopted by “big data” platforms like Facebook and Google, is to overcome thinness [narrowness] by storing enormous amounts of detailed information about each individual. we might call this “panoptic identity”. However, such solutions have greatly exacerbated the other two problems, as they require extremely artificial compromises to intimacy through the global sharing of data with platforms that would not otherwise store it, creating exceptional potential security risks.

Getting closer to Descartes

It’s clear we’re at an inflection point with respect to how the digital world interacts with the physical world.

The legacy systems of the physical world have not kept up with the digital world’s rising importance to it. As both worlds continue merging, this will have to change.

This gives us an opportunity to create systems — from the ground up — that bridge the two. Systems that operate with a different conception of identity.

If we design them well, they will allow us to redefine how modern society thinks about identity. Perhaps getting us closer to that ineffable “I” of self-consciousness.

Decentralization is the key

The key is decentralization.

There are no longer any good reasons why identity systems should be controlled by a few gatekeepers.

Decentralized identity systems running on top of public blockchains give you the power to create, own and control your identity, while retaining your right to privacy.

They allow you to prove things about yourself without revealing any surplus information.

Concretely, they allow you to do things like:

  • Prove you are eligible to vote, without revealing who you are.
  • Pay your taxes, without revealing how much you earn.
  • Prove to someone that you are a member of a political party, while preventing that someone from sharing that proof with others.

In other words, decentralized identity systems give you back control over your identity and information, without leakage.

These systems make it impossible for governments and corporations to access and share information about you without your consent.

Why we need this vision now

Given the rising political polarization and the increasing amount of information — about us — collected, shared, and cross-correlated by governments and corporations, there’s a real risk our information will be used against us in ways we cannot imagine.

If history has taught us anything, it’s that power belongs to those who control the information.

Right now that power belongs to the gatekeepers of our identities: governments and corporations.

In an increasingly uncertain world, there’s a real risk that general fear, discontent and polarization will result in that power being abused.

In such a world, a check on government and corporate power that goes beyond formal legal protections is essential.

By putting the control of information back in our hands, decentralized identity systems provide a natural technological check on the ability of governments and corporations to abuse their power.