This article was written by Azure and AI MVP Stefano Tempesta as part of the Humans of IT Guest Blogger series. Stefano shares about the critical work in helping humans around the world regain and own their own digital identities in the modern, digital world.
Did you know?
Over 1 billion people worldwide are unable to prove their identity through any recognized means. As such, they are without the protection of law, are unable to access basic services, education, employment, participate as a citizen, or transact in the modern economy. Most of those affected are children, and many are refugees, forcibly displaced, or stateless persons. Today, Microsoft is actively involved in building a digital ID network to help provide legal identification to billions of people worldwide with no official documents, as part of the ID 2020 Alliance initiative.
Identity is vital
Identity is vital for political, economic, and social opportunity. But systems of identification are archaic, insecure, lack adequate privacy protection, and for over a billion people, inaccessible. Not only does the lack of legal documentation strip one in seven people from having global access to critical services, it also puts those trapped in the “identity gap” at risk for larger issues including displacement and child trafficking.
The ability to prove one’s identity is a fundamental and universal human right.
To close this gap, as individuals, we must have control over our own identity, including how personal data is collected, used, and shared. For a start, you should restrict how others see your profile and network information. Most social network platforms, including LinkedIn in the screenshot below, have proper settings for that.
But the problem goes beyond access to personal information. Where the data resides, who retains your data, what use third parties do with it, with whom do they share it - these are all current challenges that centralized identity, i.e identity accounts owned by an identity provider grapples with today, yet there is no simple solution for this.
In today’s world, many of the transactions that require identification are being conducted digitally. From e-passports to digital wallets, online banking to social media accounts, these new forms of digital ID allow us to travel, conduct business, access financial and health records, stay connected, and much more.
Digital ID offers access to vital social services and would enable everybody to exercise their rights as citizens and participate in the modern economy.
Digital identity, as mentioned, carries significant risk, if not thoughtfully designed and carefully implemented. Large-scale data breaches affecting millions of people have been the consequence of the use of archaic and insecure tools, along with the lack of appropriate privacy protection.
Proper technical design can mitigate some of these risks, and cryptographically secure, decentralized systems could provide greater privacy protection for users, while also allowing for portability and verifiability. However, widespread agreement on principles, design patterns, and interoperabilitystandards is needed for decentralized digital identities to be trusted and recognized.
One thing is clear - Doing digital ID right means protecting civil liberties and putting control over personal data back where it belongs: in the hands of the individual.
A new form of identity is needed, one that weaves together technologies and standards to deliver key identity attributes, such as self-ownership and censorship resistance, that are difficult to achieve with existing systems. To deliver on these promises, we need to understand how self-sovereign identity compares to current identity systems. Email addresses and social network IDs were created as human-friendly aliases for collaboration but are now overloaded to serve as the control points for data access across many scenarios beyond collaboration. This poses a potential problem, given that access to these IDs can be revoked at any time by the email provider, social network provider, or other external parties, like governments.
Decentralized Identifiers (DIDs) are different. DIDs are user-generated, self-owned, globally unique identifiers rooted in decentralized systems. They possess unique characteristics, like greater assurance of immutability, censorship resistance, and tamper evasiveness. These are critical attributes for any ID system that is intended to provide self-ownership and user control.
Real-life Application of Leveraging Tech: Helping Empower Others to Reclaim Their Digital Identities
Over the last few months, I’ve invested in developing a set of ideas and concepts for using blockchain and other distributed technologies to create new types of digital identities - identities designed from the ground up to enhance personal privacy, security and control. With specific application to the Education space, students would now be able to own their digital identity and studies across multiple educational institutes, creating a single, immutable, and verifiable curriculum. Certificates of attendance, completion of exams, and diplomas can be issued and be digitally signed. No more fake certifications, no more degree mills, no more “photoshopped” papers. For example, students applying for further education, a job, or immigration to another country often have to prove their level of study or fluency in languages. Recruiters, employers, governments and universities can now easily verify the student’s credentials in just minutes, without unnecessary intermediaries and can now avoid having to rely on central authorities that may take weeks or even months to respond due to backlogs.
Locally, this is the work that I’m conducting at the Department of Industry in Australia as part of the definition of the National Blockchain Roadmap. This definition of a self-owned identity for students essentially enables everyone the opportunity to access education as a basic right anywhere you go in the world because their identities are now easily and securely verifiable:
Volunteer + Get involved
We've made progress, but we can do so much more than this. This is why I’m volunteering my time at the Decentralized Identity Foundation (DIF) to help define and build a digital ID network that can help provide legal identification to billions of people worldwide with no official documents.
The DIF initiative is part of a larger set of activities that sees Microsoft actively involved, including the ID 2020 Alliance, and the W3C Credentials Community Group. The purpose of these working groups is to establish a unified, interoperable ecosystem that developers and businesses can rely on to build a new wave of products, applications, and services that put users in control. As an open platform, you can also get involved as an active member and contribute by helping define the technology for billions of people to have access to reliable ID, empowering them to finally realize their dream for better education, services, business and overall quality of life.
Here are some key resources for you to get involved:
Follow Microsoft Identity Division at @AzureAD on Twitter
Microsoft is developing the foundational components of an open, standards-based, decentralized identity ecosystem for people, organizations, apps, and devices.
Closing the identity gap is an enormous challenge. It will take tremendous work of many committed tech professionals, volunteers and organizations coming together across different geographies, sectors and technologies. That said, it’s exciting to imagine a world where safe and secure digital identities are possible, providing everyone with an essential building block to every right and opportunity they deserve.
YOU can help make this future possible - volunteer your skills and get involved today!