Skip to content

Commit

Permalink
Merge pull request #538 from paula-berman/patch-1
Browse files Browse the repository at this point in the history
typos fix 04-01-identity-and-personhood.md
  • Loading branch information
GlenWeyl authored Mar 13, 2024
2 parents cfa838a + dffb2d2 commit eb6f7ab
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions contents/english/04-01-identity-and-personhood.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

In the swiftly moving line, a sense of hope melded with palpable anxiety. The big screen above reiterated the criticality of the evacuation credentials. Mulu, a well-respected figure in her crumbling community, was on the cusp of a pivotal moment. Climate change had left her homeland in tatters, and she aspired to find solace and clear skies for her daughters in a new land.

As Mulu stepped forward, her past-rich and vibrant-flashed before her. She feared an uncertain future, mainly for her daughters, who faced potential stagnation. The government official, welcoming and friendly, asked her to scan the code for the Common European Asylum System procedure.
As Mulu stepped forward, her pastrich and vibrantflashed before her. She feared an uncertain future, mainly for her daughters, who faced potential stagnation. The government official, welcoming and friendly, asked her to scan the code for the Common European Asylum System procedure.

Her nearly defunct phone loaded a page with a few straightforward questions.

Expand Down Expand Up @@ -30,19 +30,19 @@ The same acceptance embraced her daughters, welcoming them to a new beginning. W

Just as the most fundamental rights are those to life, personhood and citizenship, the most fundamental protocols for a network society are those that establish and protect participant identities. It is impossible to secure any right or provide any service without a definition of who or what is entitled to these. Without a reasonably secure identity foundation, any voting system, for example, will be captured by whoever can produce the most false credentials, degenerating into a plutocracy. There is a famous New Yorker Cartoon from 1993 "On the Internet, nobody knows you're a dog", so famous it has its own [wikipedia page](https://en.wikipedia.org/wiki/On_the_Internet,_nobody_knows_you%27re_a_dog); to the extent this is true, we should expect attempts at online democracy to, quite literally, go to the dogs. This is dramatized in many "Web3" communities that have relied heavily on pseudonymity or even anonymity and have thus often been captured by the interests of those with access to physical and financial resources.

Thus, identity systems are central to digital life and gate access to most online activities: social media accounts, electronic commerce, government services, employment and subscriptions. What each of these systems can offer depends intimately on *how richly* it can establish user identity. Systems that can only determine that a user is a person will not, for example, be able to offer free benefits without ensuring that person has not already signed up for this offer. Systems that can determine a user is unique but nothing else can only offer services that can legally and practical be made available to every person on the planet. Given the ease of attacks online, only what can be established about a person can securely exist online.
Thus, identity systems are central to digital life and gate access to most online activities: social media accounts, electronic commerce, government services, employment and subscriptions. What each of these systems can offer depends intimately on *how richly* it can establish user identity. Systems that can only determine that a user is a person will not, for example, be able to offer free benefits without ensuring that person has not already signed up for this offer. Systems that can determine a user is unique but nothing else can only offer services that can legally and practically be made available to every person on the planet. Given the ease of attacks online, only what can be established about a person can securely exist online.

At the same time, many of the simplest ways to establish undermine it, especially online. A password is often used to establish an identity, but unless such authentication is conducted with great care it can reveal the password, making it useless for authentication in the future as attackers will be able to impersonate them. "Privacy" is often dismissed as "nice to have" and especially useful for those who "have something to hide". But in identity systems, the protection of private information is the very core of utility. Any useful identity system has to be judged on its ability to simultaneously establish and protect identities.



To see how this challenge plays out, it is important to keep in mind the several interlocking elements of identity systems:
- Creation: Enrolling in an identity system involves establishing an account and getting assigned an identifier. Differnet types of systems have different requirements and requirements for enrollment related to how confident the system owner has in the identifying information presented by an individual (called [Levels of Assurance](https://id4d.worldbank.org/guide/levels-assurance-loas)) ICAO have developed a Guide to [Evidence of Identity](https://www.icao.int/Security/FAL/TRIP/Documents/ICAO%20Guidance%20on%20Evidence%20of%20Identity.pdf).
- Creation: Enrolling in an identity system involves establishing an account and getting assigned an identifier. Different types of systems have different requirements for enrollment related to how confident the system owner is in the identifying information presented by an individual (called [Levels of Assurance](https://id4d.worldbank.org/guide/levels-assurance-loas)) ICAO have developed a Guide to [Evidence of Identity](https://www.icao.int/Security/FAL/TRIP/Documents/ICAO%20Guidance%20on%20Evidence%20of%20Identity.pdf).
- Access: To access the account on an on-going basis, the participant uses a simpler process, such as presenting a password, a key or a multi-factor authentication.
- Linkage: As the participant engages with the systems that their account gives them access to, many of their interactions are recorded by the system and form part of the record of who the system understand them to be, information that can later be used for other account functions.
- Graph: Among these data that accumulate about a user, many are interactive with other accounts. For example, two users may harness the system to exchange messages or participate together in events. These create data that belong to multiple accounts and thus a "social graph" of connections.
- Recovery: Passwords and keys get lost and two-factor authentication systems break down. Most identity systems have a way to recover lost or stolen credentials, using secret information, access to external identity tokens or social relationships.
- Federation: Just as a participants creating an account draw on (often verified) information about them that came from external sources, so too do most accounts allow the information contained in them to be at least partially used to create accounts in other systems.
- Federation: Just as a participants creating an account draw on (often verified) information about them that came from external sources, so too do most accounts—allowing the information contained in them to be at least partially used to create accounts in other systems.

In this chapter, we discuss the operation of existing digital identity systems and the limits to how they navigate the dual imperatives of establishment and protection. We then discuss a number of important, but limited, on-going initiatives around the world to address these problems. Next we illustrate how to build on and extend this important work more ambitiously to empower a more ⿻ future. Finally, we highlight how, because of the fundamental role of identity, it connects to and entangles with other fundamental protocols and rights, especially rights of association that we focus on in the next chapter.

Expand Down

0 comments on commit eb6f7ab

Please sign in to comment.