A roadmap for Identity creation for people and objects

30/10/2019 - 11:21

Registration of people in China started 278 BC with the first Emperor. In Europe Napoleon started this process in 1800 with the Code Civil. These two cultural trajectories are important to understand the current digital transition in which politics and technology are deeply intertwined.

In the old analogue days this hard relationship between a person and a number was defined in one reality (what actually happened, what one could actually see, what one actually did) and harnessed within a rule of law system.

As we move into a hybrid world, no longer analogue + data in digital devices, but every object digitally addressable and traceable (item level tagging), a world of #IoT, Big Data, and AI whoever owns this relationship of one person -one number – currently companies with shareholder obligations and national governments with selected self -interests – is given a large number of extra layers of capabilities that were not negotiated in the registration process, are un democratically non accountable (non-transparent algorithms) and acquire a pro-active capacity that is not shared (or only shared when beneficial to the country or company) with the person whose number is used.

Disposable identities

This group will work on defining the characteristics of Disposable Identities and the requirements for the Trustframework that certifies the disposability of the identity

Disposable identities are temporary attribute-based identities describing a smart contract between a receiver and a supplier of a service, ie. rent, leasing a car, energy for a home, paying taxes, basically any service.

Disposable identities can only function in a provable computing environment. That environment is currently not available. It then means that Disposable identities and the Trustframework are being subject of this ETSI group that is aiming to standardize and make interperoble something that is not yet there. That is probably a first in ETSI.

The provable computing environment is being developed alongside and as we speak in EU context in the DECODE project and the ongoing work of dyne.org on natural language smart contracts. Zenroom[3] provides the cryptography and the sensitive data manipulation for the whole Decode project, implementing the Coconut credential scheme developed by UCL in 2018.

Validation of the approach commercially is provided by the aqui-hire of Facebook of the UCL team to build LIBRA. "In the absence of any detail on what might comprise a decentralized identity standard from Libra’s perspective, some dots can be joined by examining the recent work of George Danezis and his co-founders at Chainspace, a startup acquired by Facebook in May."[4]Recently Microsoft announced their variation on a Coconut credential scheme.

The provable computing framework we envisage for Europe as a 500 million zone of people and 55 billion IoT devices by 2025 (worldwide)[5] is built on the assumption that data frameworks and identity management cannot be separated.

Hardcoding GDPR

The undeniable global push towards a single digital ID protocol is the fruit of converging objectives emanating from corporations and public authorities but not, critically, by broad public demand.  Furthermore, there is a broad consensus among the same parties that this single protocol should remain the responsibility of national authorities even as they are pushed to agree on a global standard. This means that whatever will materialise as the globally adopted solution both as law and as technology, a matter of critical societal and geopolitical importance for the EU which cannot be decided piecemeal by each member state without coordination or driven by the sole appeal of unproven and poorly defined “digital efficiency”

[1] The content in this working draft paper is edited by Rob van Kranenburg and Gaëlle Le Gars and co-created in the salons and meetings organized in WP3 of NGI Move and WP4 of NGI FORWARD, Strategy Team of Next Generation Internet. This not an official EC document.

[2] Main contributor to the  vision is dyne.org.  The term disposable identity was first coined by Franck de Boissière.

[3] https://decodeproject.eu/blog/smart-contracts-english-speaker

[4] https://www.coindesk.com/buried-in-facebooks-cryptocurrency-white-paper-...