Decentralized Digital Identities: What it means for people, big tech, and the public sector
Irene Adamski, Blockchain Expert at German Blockchain Association and Bundesblock, on Self-Sovereign Identity
In the eleventh episode of Voices of the Data Economy, we had a conversation with Irene Adamski, General Secretary, German Blockchain Association, Bundesblock. Irene is responsible for Partnership Development & Regulatory Affairs at JOLOCOM, a Berlin-based company that focuses on developing Self-Sovereign Identity solutions. During this discussion, she explains the relationship between digital identities and self-sovereign identity, how it can help citizens across the globe, and the role of big tech in creating digital identity solutions. Here are edited excerpts from the podcast.
What is a Digital Identity, and how can it be decentralized?
A 2019 report by McKinsey states that Digital identification, or “digital ID,” can be authenticated unambiguously through a digital channel, unlocking access to banking, government benefits, education, and many other critical services. The risks and potential for misuse of digital ID are real and deserve careful attention. When well-designed, digital ID enables civic and social empowerment and makes possible real and inclusive economic gains — a less well-understood aspect of the technology.
Irene mentions that Identity is something that can go into a vast context. As a digital concept, it is a lot more about actual specificity. Everyone knows the idea: one person, one vote, and which is one of the central tenets about how we have started to arrange society and to live together with each other. But with the digital sphere, we are now in an age where you cannot be 100% certain that the person or the entities you are interacting with right now is actually:
- A) a person
- B) a person distinct from the other one
The question is, what do you want to trust? So, in the digital sphere, how can we be sure that we identify the correct person and an actual human being as a person?
“How do we make sure that we can stay true to this idea of one person, one voice in the internet age? Can this be decentralized? Yes, it can. And I believe it must because otherwise, it’s tough to get back to this one person, one voice, one vote, kind of idea we are striving for,” probes Irene.
“Digital identity is something we all have with online banking, with logging into different accounts, whether social media or via the service platform. How to decentralize is the question at the moment. We are seeing many platforms holding our account information and ensuring that data stays private and that there is no leak and that they are handling it appropriately and just be working so far, but we see more and more problems.”
The idea is to have a decentralized autonomous identity where we can have our data’s power, while the data we are generating online is to basically go into something that we are also slightly familiar with from the physical world. And that is a division of power. This is where the idea of Self-Sovereign Identity comes into as a concept.
Do Digital Identities solve socio-economic problems?
Digital identities are already helping in certain areas but are not fully decentralized. “ For example, the app I have for the train service in Germany, the Deutsche Bahn — I can get updated information about my tickets, I can make the reservation, and I can switch reservations. I am doing that because I have a digital identity account with them. In mobility sharing services such as rental bikes, I’m also using my digital identity to use their services. I have a digital ID with the tax authorities, which lets me handle my taxes from my computer’s comfort at home. All of that is already a digital identity.”
But the path to a decentralized digital identity is still far-fetched. Irene says that what has just been described as decentralized digital identities is just starting across the world. And Germany is currently beginning a pilot project in which Jolocom is taking part. “In the larger scheme, for three years, different companies and consortiums, and groups are working on providing this kind of decentralized, secure, SSI identity to citizens to help with municipal services and other things. That is something that’s going to start later this year and then go for two or three years, depending on the different projects.”
Are GDPR and digital identity friends?
GDPR was about privacy preservation, ensuring that control over our private personal data doesn’t go to unauthorized entities and be as beneficial or benevolent as they want to be. And there are certain data sets to which they shouldn’t have access. Because if they have access to it, it’s always possible that less than benevolent entities get access to it. GDPR is about the principle of privacy and data autonomy. And here definitely, this is in alignment with the principles of Self-sovereign identity. So one of them is autonomy, and another one is privacy. These aspects are going hand in hand.
The role of big tech in creating decentralized digital identities
We have millions and billions of digital identities already in place and probably multiply exponentially in the next couple of years. To handle this kind of influx of data and identity actors and entities, that is something where we need big tech, definitely just to be able to handle all of these things. They have the infrastructure in place to scale on these kinds of numbers. Understandably, big tech is going there, only because the market will be almost the same as the world’s population, if not larger because we have one person who has more devices than just one. This explains why it’s good that they are in this field and why it’s natural and understandable that they want to move into this field.
On the other hand, where do we need big tech? The cause for concern is, of course, the idea that if you have central authorities able to access specific data, it can quickly lead to the question of whether I want other people to have access to this data or these devices. And in some cases, we might not care, and in some cases, we might want to care very much because you always have to think about these things, especially from the regulatory point of view, from the worst-case scenario.
The user experience to use Digital Identities
Digital identity is something a lot of us already have. If we are talking about, for example, using an SSI wallet, it’s quite similar. And, of course, you need to get yourself comfortable with the entire concept. Setting up the account in your Jolocom wallet, for example, is slightly a few more steps than usual. It does not just generate a password — you are being issued a private key that you need to write down if your phone gets stolen or lost or is broken. Once you are set up after a while and have walked through the eight to 10 steps — it’s as simple as scanning and using and showing QR codes.
Here is a list of the selected time stamps on the different topics discussed during the podcast:
1: 50–7.05: What is a digital identity, and how it be decentralized?
7.05–10.10: How many digital identities can one person have?
10.10–12.50: How can decentralized digital identities help citizens in solving socio-economic problems?
12.50–15.30: Are Digital Identities and GDPR friends?
15.30–20.35: The role of big tech in managing decentralized digital identities
20:35–23.20: Role of Jolocom in creating decentralized digital identities
23.20–25.00: Public sectors role in creating decentralized digital identities
25:00 onwards: The user experience of using a decentralized digital identity
