Summary: I spent almost two weeks talking with people about self-sovereign identity in Switzerland and India. I'm more excouraged than ever that self-sovereign identity holds the key to real change in how we live our digital lives with security, privacy, and dignity.
I'm just finishing up my travel to Switzerland and India to talk about self-sovereign identity. The trip was amazing and full of interesting and important conversatons.
The TechCrunch event in Zug was very good. I was skeptical of a one-day conference with so much happening in a short time, but thanks to great preparation by those running the show and all the participants, it exceeded my expectations in every way. I spoke on a panel with Sam Cassatt of and Guy Zyskind from Enigma. Samantha Rosestein was the moderator.
But it was the conversations I had with people at the event that really made it interesting. Self-sovereign identity making noise. In his one-on-one at the event, Vitalik Buterin said “Ultimately, if self sovereign user authentication technology ends up totally failing, that means that it is very difficult for the blockchain space to achieve substantial mass adoption.” In other words, if we can't make SSI work, then blockchain in general is in trouble because the hacks will keep happening.
From Zug, I went to Bangalore for the IEEE inDITA event that the IIW organizers helped plan. It was fun to meet up with Heidi, Kaliya, Doc, and Joyce in India. Along with some site seeing, I also had a great SSI dinner that Joel John and Nitin Sharma organized. It was fun to meet with people who share my enthusiasm for identity.
As you'd expect from the composition of the planning team, the inDITA event was an unconference. There were about 70 people there and we had dozens of sessions. The first day, we ran out of space to hold them all! The venue at IIIT-B was excellent and the IEEE team, especially Munir Mohammed really did a great job organizing the event. I spoke about self-sovereign identity, using SSI for educational transcripts, and how identity intersects with the Internet of Things. I hope this event gains traction because not everyone can make it to IIW in Mountain View. Getting identity discussions happening around the world is important.
By coincidence, Omidyar and the Indian School of Business sponsored an event on Aadhaar, the Indian universal identity system, the same week. Doc, Joyce, and I went over to Hyderabad after the IEEE event and learned a little about Aadhaar from the many expert panelists. Aadhaar serves as a foundation for many other digital systems in India, including food ration distribution, healthcare, and finance. While many panelists brought up concerns and shortcomings, they also highlighted how Aadhaar had positively impacted the lives of the Indian people. Some of the concerns include privacy loss through account linking and exclusion because of system malfunctions or errors.
The highlight of the week, for me, was the Aadhaar field trip that Omidyar organized for Doc, Joyce, and myself to a village outside Vijayawada near India's east coast. We talked with fetilizer distribution agents, farmers, families receiving food distribution, people running the ditribution centers, an insurance office at a local hospital, and a bank officer. They all showed how Aadhaar was used in their respective areas. We saw challenges, but also heard positive stories from people in trenches.
I think there's plenty of opportunity for Aadhaar and SSI to co-exist. As I wrote in Multi-Source Identity:
Your digital identity is made from credentials from multiple sources. You might have a Sovrin-based relationship with your bank. They could provide a Sovrin credential stating you're a customer and maintain a certain balance. Similarly, you could have a relationship with your employer and an employer-issued credential stating you're an employee. And you likely have a relationship with the state, and credentials they issue representing your birth certificate or drivers license. The list goes on. You could have hundreds of relationships and associated credentials in your wallet. You can use any of these, in multiple configurations, to prove things about yourself (with minimal disclosure) to any other party who accepts them.
In a multi-source identity world, Aadhaar is just one more (important) credential that Indian citizens would hold in their wallets. The other government issued documents that are used, for example, in the food distrubtion system could also be in the wallet. Aadhaar doesn't have change how it works now, but simply issue a verifiable credential based on the Aadhaar identity. Once they're available as verifiable credentials, they could be used in any digital scenario where foundation identity information is needed. As a bonus, thanks to minimal disclosure, most of the time the Aadhaar number wouldn't even have to be disclosed.