Governments and Decentralized Identity

Explainer

• It’s time for digital self-sovereign identity 2022-08 GCN

  But while digital IDs may offer residents convenience, they also open the flood gates for fraud and identity theft. That’s because to verify an individual’s information, agencies and businesses must collect, validate and store massive amounts of personal information. These large caches of personal information are prime targets for cyberattacks.

• Why Self-Sovereign Identity is a Game Changer for Government-Resident Interactions 2022-06-13 GComSoft

  As government organizations look to build and maintain trusted relationships with residents, agencies would do well to explore SSI as an option. With SSI, they can provide residents with secure, fast, and friction-free access to an array of government services while allowing them to maintain full control of their data and privacy. It’s not about trusting the government with their data; it’s about trusting the technology.

• Impacts from a new reality drive the need for an enhanced digital identity framework 2022-02-28 Bank Automation News

  While US-based entities are adhering to an enhanced regulatory framework, these mandates are particularly applicable in Europe, where there is necessary compliance with enacted standards (such as the General Data Protection Regulation—commonly known as GDPR—and the Payment Service Providers Directive 2—referred to as PSD2. A clear need for a true and persistent digital identity as a solution to the ancillary—and sometimes unforeseen—challenges that have arisen.

• [Video] Decentralized Identity & Government Evernym 2021-12-08

  The key differences between federated and decentralized identity systems - An analysis of a few notable government-led projects, such as Aadhaar (India), Verify (UK), eIDAS (EU), and the Ontario Digital Identity Program (Canada) - What decentralization means for portability, scalability, flexibility, and privacy - How governments and commercial organizations can enhance existing federated identity systems with verifiable credentials

• Self-Sovereign Identity (SSI) schemes and the public sector Impulse H20 2021-11-05

  While the structural difference between SSI approaches and conventional centralised or federated eID schemes is, on one level, profound (full control over data and identity with the user; no third-party intermediary between the user and the service provider), on another level, these differences may also appear highly abstract to ordinary users.

• Verifying documents & identity in the public services and beyond 2021-10-25 OpenAccessGovernment • David Chadwick

  A particularly useful aspect of the Verifiable Credentials standard is that the parties undertake the specific roles of Issuer, Holder or Verifier, but they are not constrained in how many roles, or when, they can employ them. Each party can be a device, a person or an institution, meaning that verifications can take place directly between automated systems, even verifying that each other is genuine before establishing a connection to share data

• Digital Identity Around the World: Why Some Countries are Embracing Self Sovereign Identity Quicker 2021-09-03 Hackernoon

  Each government moves at its own pace for as many reasons as there are countries, and digital identity/SSI will only become a reality once governments voice their support, regulations, and standards are adopted, infrastructure is created or upgraded, and interoperability, inclusion, and education are all addressed.

• Navigating Digital Identity in Political Economies RxC Panel 2021-08-25 IdentityWoman.net

  being in the world is fundamentally social and intersectional — we are all part of networks. So how might we formalize digital identity in a way that better reflects this complex reality? This panel with leading social technology and computer researchers explores more robust digital identity approaches and potential application areas in political economies.

• Self-Sovereign Identity and Government – Data Exchange 2021-03-23 Cybernetica

  This is often achieved with ID cards or passports that we have in our possession with a photo to prove that we are the person this card belongs to, and therefore the person that ID number refers to. In digital identity terms, PKI takes the place of ID cards and offers public and private key pairs.

• Do we really need (or want) the State to provide us with digital identification? 2020-07-20 Libertarianism

  Just as the State still manages our “analog” identities, the online giants have vast power to manage the online data and identity of their users. Internet users are now both consumer and product: by using free online services, users feed companies with data, which those companies in turn process and monetize.

• It’s time for governments to get serious about digital identities 2020-02-25 Deloitte

  While the tools may already exist to solve the government’s identity crisis, real progress will only be made if governments significantly evolve their legacy approaches to digital identity.

• The ‘Digital Identity Crisis’ and what it means for Governments and individuals 2019-11-18 ProCivis

  In my thesis, I explored the potential use of Blockchain technology and the features it offers within digital identity management to understand whether there is a case for using this technology based on an improvement in public sector efficiency and perceived trust. The thesis also aimed at understanding the key motivations for the public sector to build an ecosystem or infrastructure for blockchain based digital identity vs. their existing systems (or lack thereof). Thus, the viewpoint of state actors, along with a perception of citizens towards current systems and future acceptability of developing solutions was also considered.

• Decentralized Identity For Government 2019-07-01 Evernym

  Create trusted digital relationships between citizens and government services.
  With a surge of new regulations, including GDPR and KYC, governments have been the catalysts for redefining how organizations handle issues of trust and privacy. Over the last several years, we’ve seen pioneers emerge from local and federal governments alike, and we’ve created our Early-Access Packages as a way to help them leverage decentralized capabilities to unlock economic growth and enable new citizen relationships.

• [Video] Governments and Decentralized Identity – Presentation 2018-12-06 New America

  Shailee Adinolfi (Director, Government Blockchain Solutions, ConsenSys) argues that government adoption of self-sovereign identity is necessary for any widespread implementation of the technology. Through use of blockchain, SSI could provide oversight, transparency, and security while smart contracts could automate government processes, reducing costs and improving efficiency.

• Identity Validation as a Public Sector Digital Service? 2014-07

  I’ve written before about the role that the public sector currently has in identity establishment, but not in identity validation. This absence has led to an online ecosystem in the U.S. that depends on non-authoritative information for identity validation. These are some initial thoughts on what an attribute validation service, which provides validation of identity attributes using authoritative public sector sources, could look like.

Policy

• The Policymaker’s Guide to Respectful Technology in Legislation 2021-05-14 Me2BA

  What most people want but don’t have the terms to describe is respectful digital relationships. In the same way there is an unspoken code for respectful behavior in physical-realm relationships, this same type of behavior is just as essential when engaging with an online service or website.

• Verifiable Credentials: Mapping to a Generic Policy Terminology 2021-03-26

  Why is this useful? When writing policy, you need a succinct model which is clear enough for subsequent interpretation. To do this, you need conceptual buckets to drop things into. Yes, this model is likely to change, but it’s my best and latest crack at it to synthesize the complex world of digital credentials with an abstraction that might be useful to help us align existing solutions while adopting exciting new capabilities.

• SELF-SOVEREIGN IDENTITY: LEGAL COMPLIANCE AND THE INVOLVEMENT OF GOVERNMENTS 2021-02-16 SSI AMBASSADOR

  When it comes to identity management the involvement of the government can be a tricky topic. It needs to be involved to enable access to public services, adapt legislature and guarantee equal access for its citizens. However, it should not be able to control or monitor all aspects and activities of its citizens. Self-sovereign identity (SSI) might for some imply, that a citizen is suddenly able to issue his own ID-card, which isn’t the case. Governments are still the primary source of foundational identities.”

• Data: Governance and Geopolitics 2021-01-16 Tony Fish

  How data is governed can be thought of along several lines of activity: legislating privacy and data use, regulating content, using antitrust laws to dilute data monopolies, self-regulating by the tech giants, regulating digital trade, addressing intellectual property rights (IPR) infringement, assuring cybersecurity, and practicing cyber diplomacy. Of these, antitrust, regulation, and privacy are most immediately in the spotlight, and are the focus of this commentary, but it will also touch briefly on the connections with other issues.

• Self Sovereign Identity & Decentralized Identity: Control Your Data 2019-08-27 DragonChain
  • Health Insurance Portability and Accountability Act of 1996 (HIPAA)
  • The California Consumer Privacy Act (CCPA)
  • European Union (EU) General Data Protection Regulation (GDPR)
  • Singapore Personal Data Protection Act 2012 (PDPA)
  • Japan’s Act on Protection of Personal Information (APPI)
  • Data breach notification laws

Literature

• Self-sovereign identity 2021-04 Alexandra Giannopoulou Internet Policy Review

  The concept of self-sovereign identity (SSI) describes an identity management system created to operate independently of third-party public or private actors, based on decentralised technological architectures, and designed to prioritise user security, privacy, individual autonomy and self-empowerment.

• Blockchain for digital government 2019-04

  This report looks at the ongoing exploration of blockchain technology by governments. The analysis of a group of pioneering developments of public services shows that blockchain technology can reduce bureaucracy, increase the efficiency of administrative processes and increase the level of trust in public recordkeeping.

• Private-Sector Digital Identity in Emerging Markets 2019-01 Caribou Digital

  Digitization in the public sector is moving much more slowly, but the transition away from analog is well underway. Smart identity cards, NFC-enabled passports, and digitally stored biometrics are being used by states around the world as they upgrade legacy identity systems. The benefits of digitization for governments— increased efficiencies, lower costs, reduced fraud and corruption, easier surveillance, better data sharing within government—are clear and significant. And for those countries who haven’t yet been able to establish a highly successful analog identity program, the potential of leapfrogging to a fully digital infrastructure is very appealing. Most importantly, the advantages of digital systems have the potential to expand access to identity for otherwise marginalized and vulnerable populations.

• Digital Identity: Towards Shared Principles for Public and Private Sector Cooperation 2016-07 World Bank Group, GSMA, Secure Identity Alliance

  This discussion paper, divided into three parts, explores the connection between digital identity and sustainable development. Part I illustrates how the use of digital identity promotes efficiency gains, financial savings, social inclusion and access to basic services and rights, with examples from countries that have adopted digital identity systems. The paper then outlines some of the key risks and challenges that must be overcome, specifically in the areas of political commitment, data protection and privacy, cost, and sustainable business models. Part II of the paper lays out the digital identity lifecycle and the roles of public and private sector players, and suggests some key considerations in the design of business models. Finally, Part III of the paper suggests some common principles—including universal coverage, appropriate and effective design, and privacy and data protection—and enablers for maximizing the potential of digital identity to contribute to sustainable development.

Central Bank Digital Currency (CBDC)

• [Video] MetaMUI SSID 2022-04-25 Sovereign Wallet

  MetaMUI SSID is the world’s first true Self-Sovereign Identity Application that enables running Blockchain-Based E-Government System, and CBDC payments on top of MetaMUI Blockchain.

• [Video] Dividing the Movement w. Alison McDowell (Separating Signal from Noise) 2022-03-08 Doom&GloomHQ

  Something that i found on some of the research that we were doing on the international bank of settlements (BIS). I don’t like them, but I like the way that they present information sometimes. But CBDC 2.0 since we’re moving toward that direction um they kind of called it a like a money flower. It has like four different sections which is: your accessibility, what kind of money, who issues that money, and then the technology that it

• Why CBDCs will likely be ID-based 2021-05-05 Financial Times

  Central banks are realising CBDCs will have to be intimately linked to identity to deal with illicit finance and bank disintermediation risk

• A Brief Introduction to How SSI Infrastructure Can Integrate Digital Fiat Currency (DFC) 2018-07-18 Drummond Reed ITU

  Conclusion: SSI and DFC were made for each other—and the Sovrin Foundation’s mission is to help with this integration

Worldwide

Tokyo

• Beijing will regulate ‘digital humans’ in the metaverse and beyond 2022-09-01 Rest of World

  The plan also signals that Beijing will take a more active role in handling the personal data generated by these platforms. Some of the directives outlined in the plan require any user-facing aspect of the digital human industry to be subject to rules that protect information about and generated by platform users, while also treating user data as a resource to be traded on the country’s new data exchanges.

korea

• Can the Korean Mobile Driver’s License Unlock Blockchain’s Potential? 2021-08-12 Raonsecure

  The Ministry of Public Administration and Security (MOIS) is working on the implementation of a national mobile driver’s license in the form of a blockchain-based Decentralized Identifier-based (DID) System. LG CNS and RaonSecure are in charge of the project and are currently building it.

• South Korea’s brilliant decentralized approach to citizen identity management 2021-06-25 TechWire Asia

  Adopting blockchain technology is seen as a necessity by the Korean government and multiple institutions are backing its continuous research and development, including the Ministry of Science and Technology (ICT), The Korea Internet Security Agency (KISA), Defense Acquisition Program Administration (DAPA), National IT Industry Promotion Agency (NIPA), and Korea Post among others.

• LG CNS wins Korean government contract for decentralized identity for driver’s licenses 2021-06-24 Ledger Insights

  Adopting DID technology provides numerous benefits but two stand out. Firstly, it should make it far harder to forge a license because credentials can be verified. Additionally, OmniOne includes FIDO biometric security. The second key benefit is that an individual can choose how much data to share.

• RaonSecure builds a blockchain-based digital wallet service with a public institution 2021-06-16

  Selection of RaonSecure as the final operator of the ‘blockchain-based digital wallet project’ that is part of the ‘2021 Blockchain Pilot Project’ program promoted by the Korean government

Latin America \ Carribean

• Lacchain ID Framework 2021-11-02

  A Set of Recommendations for Blockchain-Based Interoperable, Privacy-Preserving, Regulatory Compliant, Secure and Standardized Digital Identifiers, Credentials, and Wallets.

China

• PIPL: A game changer for companies in China 2021-08 DataProtection

  China passed its Personal Information Protection Law (PIPL) on 20 August 2021. This is China’s first omnibus data protection law, and will take effect from 1 November 2021 allowing companies just over two months to prepare themselves.

Japan

• Ministry of Economy, Trade and Industry and OpenID Foundation in Liaison Agreement on eKYC & IDA for Legal Entities 2021-02-06

  The OpenID Foundation (OIDF), the international standards development organization which maintains the OpenID Connect for Identity Assurance (OIDC4IDA) standard, and the Japanese Government’s Ministry of Economy, Trade and Industry (METI) have signed a liaison agreement to work together.

  Under the agreement, METI will lead policy efforts to implement identity assurance frameworks for legal entities in Japanese Government and private sector while the OIDF’s eKYC & Identity Assurance (eKYC & IDA) Working Group continues to advance the technical standards that enable many digital identity solutions. The agreement:

  • Provides a mechanism to collaborate “about Authentication and Identity Assurance for Legal Entity”, mutually approved white papers, workshops, podcasts and other outreach activities;
  • Allows participation of each party’s staff and members in the other party’s meetings, as mutually agreed;
  • Provides for direct communications to communicate (without obligation and only to the extent each party chooses) about new work and upcoming meetings;
  • Supports common goals, including where appropriate and mutually agreed, to Specifications of Authentication and Identity Assurance for Legal Entity.

Africa

• Institutions and Governance in the digital realm of Africa 2020-12-12 Omidyar Network

  • seeking to better understand the existing laws and institutions
  • exploring ways to strengthen the capacity of institutions that uphold these laws
  • supporting digital rights organizations throughout Africa to act as checks on technological excesses of both governments and corporations

• Identity and Electronic/Digital Government Melanie Tjijenda 2019 Republic of Namibia

  The African Union provides the following as recommendations to help protect identity Privacy: § Develop a consistent approach to personal data protection Policy and Law § Review laws, procedures and practices, including those related to communications surveillance or interception. § Member states should establish an independent Data Protection Authorities (DPA) to ensure their national privacy and personal data protection laws are being observed. § Establish regulatory authorities that will enforcement measures