Disposable Identities in Global Forum Thematic Webinar IV September 22nd, 2021
Rob van Kranenburg, Founder Council IoT, Jury Member IOT Solutions World Congress, The Netherlands, discussed the topic of disposable identities in the age of digital identity management.
We are seeing the trend towards self-sovereign identity, especially in Europe. However, self- sovereign identity (SSI) is going to be very complex and problematic because citizens have to be educated to handle their own public-private keys.
One particular model of self-sovereign identity are disposable identities. The idea is to create separate identities, i.e., separate smart contracts for every specific service. We are moving into an ontological shift towards the digital twining of the world—and in this moment, all those having agency on the data produced by individuals need a kind of a timeout, because if it goes unchecked and unbalanced into this digital twin, there are risks for the users. This is also very much about IoT and devices, because people are producing a lot of data, but machines and robots are producing a lot more.
We will face dynamic pricing on anything if digital identity management is not fought for. Dynamic pricing means that prices are no longer fixed, they are fluctuating in real time. For instance, if a group of persons would book a flight to Paris at the same moment, they would all pay a different price. The price proposed relies on a number of indicators. And this will go offline: Within 3 to 5 years, there will be no more fixed prices—people just scan a code to get their individual price. This is problematic in terms of societal impacts, as it means that there is no more room for state actors to be involved.
The community around disposable identity is growing quickly. The website disposableidentities.eu, a European initiative, provides a specific view on disposable identities. The TWINDS foundation in Belgium is building a mobile SDK, a kit to build Apps on these disposable identities. The request for information is out by the Internet of Things Consortium, and the crypto-currency IOTA is going to write a reply on the impacts of disposable identities and IoT devices. There are several projects around this topic, notably the Greek SBchain project sponsored by Siemens, which has interesting and important business implications. A lot of companies are holding data that, according to GDPR, they should not have. With this notion of disposable identities, we remove the GDPR liability. This is a heavy business indicator, because GDPR is real and will become even more real with the update of the GDPR touching the area of SSI.
The Covid-19 crisis showed the global unpreparedness towards pandemics. The FII Institute, a global new generation non-profit foundation, will launch an Infectious Disease Index, which aims to identify gaps in preparedness ahead of other pandemics. In such Infectious Disease Index, disposable IDs really fill this gap in preparedness. If we want the citizens to have agency and a notion of democracy, we should think about creative solutions like disposable IDs in terms of identity. It would be problematic to simply enter a cycle in which people are just showing their Covid-19 passes and credentials to be scanned, without having a clue what is scanned and where all the data end up. In addition, this will not lead to acceptance of the digital transition and industry 4.0. by the broader public.
Global Forum Thematic Webinar IV p5 Health for All – Addressing Preventative Measures and Medical Interventions Adopting New Technologies & Education and Learning – Exploring Novel Ways in Making Use of Digital Solutions September 22th, 2021
Sylvie Albert wanted to know the impact of disposable identifies on flexible pricing. And what about the impact of disposable identifies on Facebook’s (and other social media companies’) business model?
Rob van Kranenburg emphasised that disposable identities need to be disruptive. The virtualization of the world means that all objects are connected to others. If this means that only specific actors are able to see the relations between all these data points, this would lead to too powerful actors—powerful not just in terms of having agency, but also having proactive agency, as those actors would be able to predict very easily, with very simple algorithms, what is going to happen. And we are seeing this already!
We are currently facing the combination of three flux: The TCP-IP, which was never intended to become the basis of a new world due to its lack of security, it is just “pass on a packet”; the Web, which corresponds to “pass on a link”; and the IoT, which corresponds to “pass on the data in large ecosystems”.
In Europe, Angela Merkel strongly pushed for self-sovereign identity. She wanted self- sovereign identity as a basis for a European e-ID, as she understood that if identity is not being handled well, there won’t be European digital sovereignty. There is no sovereignty without having agency on the core issue of identity. All over the planet, governments are privatizing identity management, which is the end of the states—it’s the end of their own business model. The question of ownership of the identity management system is really a matter of a particular way of decision making. This concept of disposable identities (or tiny IDs, contextualized IDs, or attribute-based IDs) is all about disposing and disclosing only what is necessary There is no necessity to disclose your full identity or location when buying in a supermarket—which is happening now when identity management is becoming privatized. Several private actors know where you are, what you are doing and what your intentions are, and based on those elements the companies set the price you have to pay.
Rob van Kranenburg shared [via chat]: https://www.disposableidentities.eu and https://www.disposableidentities.eu/disposable-identities-why-digital-i…- blockchain-disintermediation-and-society
Alan Shark added that the key is how to balance what is called “disposable” (or what others call “anonymous”). It is a very complex issue which requires some more debate on how to draw that line between being anonymous or not. Referring to the example of manipulating people and their identities within the framework of elections, there is a need for government and anyone to know, that if I am who I say I am that should be verified. Maybe there is a way to do both.
Sherif Aziz commented that as the developed world, e.g., the EU, finds new ways to address all the privacy and identity issues in a digital world, we would have new forms of digital divide for the developing world. Therefore, the whole digitalization looks like a moving goal post!