The year, unlike any other year I spent most of my life on the Internet, has created a compelling case for digital identity. Talk about “immunity passes”, contact tracking apps that protect privacy, and even a potential switch to electronic voice systems underscore all the need for reliable digital IDs.
In July 2020, the World Economic Forum published a report to the Storting on the risks and opportunities associated with mobile internet. It is clear that our future digital identifiers, from portable technology to connected medical implants, may contain more data than we thought.
But the search for digital identity also meets with strong opposition. The idea that we need to hand over greater control of our data to authorities and companies is worrying for many.
About the topic: Users against governments: The “endless war” over blockchain privacy may end
Technology is the solution, not the problem
The answer to this problem is not to maintain the status quo. The events highlighted something that our current approach to identity is not on a par. As we move more and more online, the vulnerabilities in today’s system become more and more apparent.
Especially in cryptography, there is a desire for anonymity as a solution to the problem of data confidentiality. But that is not the answer either. It is simply impossible to exist in the real world and to be completely anonymous. Flying, paying for goods and services online, medical treatment or driver’s license are just a few of the daily activities related to our identity.
Technology is the answer. Cryptographic solutions as zero proof of knowledge solve the trade-off between anonymity and confidentiality on the one hand and the ability to verify our identity when there is a legitimate need for it, on the other hand.
A practical example is the much talked about idea of ”health care”. Let’s say you want to fly early in 2022. All the airlines you really need to know is that you do not pose any risk to other passengers. You can also enter a country that requires immunity to yellow fever. You will receive vaccines against COVID-19 and yellow fever, and the case will be added to your digital ID, encrypted without any known evidence.
You can now demonstrate that it is safe to fly without telling you where and when you received the vaccinations, and which clinic or doctor gave them to you. The airline can simply scan the QR code on your phone to confirm that you do not want to endanger anyone else.
While COVID-19 is a compelling example of immediate use, there are far-reaching applications. If you want to buy age-restricted items such as alcohol or tobacco, you can generate a QR code to verify your age without having to show a copy of your ID. Similarly, if you want to rent a car or get a loan, you can view your driver’s license or credit record without sharing a copy of your personal information.
Related: Blockchain can provide the privacy everyone deserves
Prevent and enforce abuse
This system should be based on a reliable mechanism that makes it possible to reveal the identity of a person if there is a legitimate legal need for it. This is necessary to ensure compliance with relevant jurisdictions and to prevent malicious users from abusing the system.
For example, if someone uses a rental car to loot a bank, or even gets a speeding ticket, the authorities will want to know who they are. In this case, the zero knowledge index can be decoded. However, decentralizing this responsibility across multiple parties will ensure that it is not subject to abuse or misuse, and will eliminate a single point of error.
In 2021, we are beginning to see the birth of a system where people can walk around with their digital identities in their pockets. This will be the beginning of the end of old document-based systems and the beginning of a new era of sovereignty over our data.