The ethical dilemma posed by Decentralized Identity

Go to https://blog.fimbault.com for new content

5 min readJan 30, 2021

And how to solve it, in theory and in practice

Identity systems have traditionally been hierarchical directories. In organizations, central administrators define the rights that each user (or group of users) has on the system. And so, they need to know who the user is.

One the internet, nobody knows you’re a dog

That’s a big problem to solve, famously cartooned by Steiner in 1993: “on the internet, nobody knows you’re a dog.”

Since 1993, the internet has taken the world. Identity and Access Management (IAM) systems know span a wide variety of uses, that include customers too. Privacy regulations define what is allowed and what isn’t, as far as individual data processing and storage is concerned.

Most of these systems are still very much centralized. Since passwords are creating large security gaps, protocols such as OAuth2 enabled the reuse of social accounts. People login through facebook/google/github/etc. The obvious downside is that those large networks get to know everything you authorize.

As a result, an internet of behaviors (IoB) is emerging, as many technologies capture and use the “digital dust” of peoples’ daily lives. The IoB combines existing technologies that focus on the individual directly — facial recognition, location tracking and big data for example — and connects the resulting data to associated behavioral events, such as cash purchases or device usage.

Gartner predicts that by year-end 2025, over half of the world’s population will be subject to at least one IoB program, whether it be commercial or governmental. As we already discussed in a previous article on surveillance capitalism, one can expect extensive ethical and societal debates about the different methods employed to affect behavior, and whether that’s even a legitimate approach in the first place.

Technologists should embed those new issues into their identity work. As an example, a new IETF protocol called GNAP, currently being specified, embeds a privacy by design approach to mitigate those issues (disclaimer, I’m one of the co-editors). End-user…

The ethical dilemma posed by Decentralized Identity

One the internet, nobody knows you’re a dog

Written by Go to https://blog.fimbault.com for new content

More from Go to https://blog.fimbault.com for new content

Consent is dead. Long live consent!

Most digital privacy advocates take user consent as the go to solution to avoid Big Brother. But does that stand the test of reality?

An introduction to programmer’s anarchy

Project management sucks. Period.

Whoami? I’m unique, dude (or why blockchain is useful for provenance tracking)

A review of the critiques made about using blockchain for proving provenance and authenticity

Open software needs a new manifesto

More than a licence, we need to commit to a sustainable digital infrastructure.

Recommended from Medium

Freatic emerges from stealth with a $3.6M seed round led by a16z crypto

Introducing Freatic, a new entity that embodies our belief in the power of decentralized technology to serve real-world needs.

10 Seconds That Ended My 20 Year Marriage

It’s August in Northern Virginia, hot and humid. I still haven’t showered from my morning trail run. I’m wearing my stay-at-home mom…

Lists

AI Regulation

The ChatGPT Hype Is Over — Now Watch How Google Will Kill ChatGPT.

It never happens instantly. The business game is longer than you know.

The Future of Digital Identity: Decentralised Identifiers and Verifiable Credentials Explained

Decentralised Identity has been gaining traction as the future of digital identity management, with terms like Decentralised Identifiers…

What is Portal?

Who only uses one month to have 60+ games boarded into the ecosystem? You can’t imagine there are 100+ games now onboarded and more awesome…

Why Japanese Websites Look So Different

& how to analyze design choices without jumping to conclusions