Blockchain Could Help Us Reclaim Control of Our Personal Data

Curated on Posted on by Stefaan Verhulst

Michael Mainelli at Harvard Business Review: “…numerous smaller countries, such as Singapore, are exploring national identity systems that span government and the private sector. One of the more successful stories of governments instituting an identity system is Estonia, with its ID-kaarts. Reacting to cyber-attacks against the nation, the Estonian government decided that it needed to become more digital, and even more secure. They decided to use a distributed ledger to build their system, rather than a traditional central database. Distributed ledgers are used in situations where multiple parties need to share authoritative information with each other without a central third party, such as for data-logging clinical assessments or storing data from commercial deals. These are multi-organization databases with a super audit trail. As a result, the Estonian system provides its citizens with an all-digital government experience, significantly reduced bureaucracy, and significantly high citizen satisfaction with their government dealings.

Cryptocurrencies such as Bitcoin have increased the awareness of distributed ledgers with their use of a particular type of ledger — blockchain — to hold the details of coin accounts among millions of users. Cryptocurrencies have certainly had their own problems with their wallets and exchanges — even ID-kaarts are not without their technical problems — but the distributed ledger technology holds firm for Estonia and for cryptocurrencies. These technologies have been working in hostile environments now for nearly a decade.

The problem with a central database like the ones used to house social security numbers, or credit reports, is that once it’s compromised, a thief has the ability to copy all of the information stored there. Hence the huge numbers of people that can be affected — more than 140 million people in the Equifax breach, and more than 50 million at Home Depot — though perhaps Yahoo takes the cake with more than three billion alleged customer accounts hacked.  Of course, if you can find a distributed ledger online, you can copy it, too. However, a distributed ledger, while available to everyone, may be unreadable if its contents are encrypted. Bitcoin’s blockchain is readable to all, though you can encrypt things in comments. Most distributed ledgers outside cryptocurrencies are encrypted in whole or in part. The effect is that while you can have a copy of the database, you can’t actually read it.

This characteristic of encrypted distributed ledgers has big implications for identity systems.  You can keep certified copies of identity documents, biometric test results, health data, or academic and training certificates online, available at all times, yet safe unless you give away your key. At a whole system level, the database is very secure. Each single ledger entry among billions would need to be found and then individually “cracked” at great expense in time and computing, making the database as a whole very safe.

Distributed ledgers seem ideal for private distributed identity systems, and many organizations are working to provide such systems to help people manage the huge amount of paperwork modern society requires to open accounts, validate yourself, or make payments.  Taken a small step further, these systems can help you keep relevant health or qualification records at your fingertips.  Using “smart” ledgers, you can forward your documentation to people who need to see it, while keeping control of access, including whether another party can forward the information. You can even revoke someone’s access to the information in the future….(More)”.

Selected Readings on Blockchain and Identity

Curated on Posted on by Stefaan Verhulst

By Hannah Pierce and Stefaan Verhulst

The Living Library’s Selected Readings series seeks to build a knowledge base on innovative approaches for improving the effectiveness and legitimacy of governance. This curated and annotated collection of recommended works on the topic of blockchain and identity was originally published in 2017.

The potential of blockchain and other distributed ledger technologies to create positive social change has inspired enthusiasm, broad experimentation, and some skepticism. In this edition of the Selected Readings series, we explore and curate the literature on blockchain and how it impacts identity as a means to access services and rights. (In a previous edition we considered the Potential of Blockchain for Transforming Governance).

Introduction

In 2008, an unknown source calling itself Satoshi Nakamoto released a paper named Bitcoin: A Peer-to-Peer Electronic Cash System which introduced Blockchain. Blockchain is a novel technology that uses a distributed ledger to record transactions and ensure compliance. Blockchain and other Distributed Ledger technologies (DLTs) rely on an ability to act as a vast, transparent, and secure public database.

Distributed ledger technologies (DLTs) have disruptive potential beyond innovation in products, services, revenue streams and operating systems within industry. By providing transparency and accountability in new and distributed ways, DLTs have the potential to positively empower underserved populations in myriad ways, including providing a means for establishing a trusted digital identity.

Consider the potential of DLTs for 2.4 billion people worldwide, about 1.5 billion of whom are over the age of 14, who are unable to prove identity to the satisfaction of authorities and other organizations – often excluding them from property ownership, free movement, and social protection as a result. At the same time, transition to a DLT led system of ID management involves various risks, that if not understood and mitigated properly, could harm potential beneficiaries.

Annotated Selected Reading List

Governance

Cuomo, Jerry, Richard Nash, Veena Pureswaran, Alan Thurlow, Dave Zaharchuk. “Building trust in government: Exploring the potential of blockchains.” IBM Institute for Business Value. January 2017.

This paper from the IBM Institute for Business Value culls findings from surveys conducted with over 200 government leaders in 16 countries regarding their experiences and expectations for blockchain technology. The report also identifies “Trailblazers”, or governments that expect to have blockchain technology in place by the end of the year, and details the views and approaches that these early adopters are taking to ensure the success of blockchain in governance. These Trailblazers also believe that there will be high yields from utilizing blockchain in identity management and that citizen services, such as voting, tax collection and land registration, will become increasingly dependent upon decentralized and secure identity management systems. Additionally, some of the Trailblazers are exploring blockchain application in borderless services, like cross-province or state tax collection, because the technology removes the need for intermediaries like notaries or lawyers to verify identities and the authenticity of transactions.

Mattila, Juri. “The Blockchain Phenomenon: The Disruptive Potential of Distributed Consensus Architectures.” Berkeley Roundtable on the International Economy. May 2016.

This working paper gives a clear introduction to blockchain terminology, architecture, challenges, applications (including use cases), and implications for digital trust, disintermediation, democratizing the supply chain, an automated economy, and the reconfiguration of regulatory capacity. As far as identification management is concerned, Mattila argues that blockchain can remove the need to go through a trusted third party (such as a bank) to verify identity online. This could strengthen the security of personal data, as the move from a centralized intermediary to a decentralized network lowers the risk of a mass data security breach. In addition, using blockchain technology for identity verification allows for a more standardized documentation of identity which can be used across platforms and services. In light of these potential capabilities, Mattila addresses the disruptive power of blockchain technology on intermediary businesses and regulating bodies.

Identity Management Applications

Allen, Christopher.  “The Path to Self-Sovereign Identity.” Coindesk. April 27, 2016.

In this Coindesk article, author Christopher Allen lays out the history of digital identities, then explains a concept of a “self-sovereign” identity, where trust is enabled without compromising individual privacy. His ten principles for self-sovereign identity (Existence, Control, Access, Transparency, Persistence, Portability, Interoperability, Consent, Minimization, and Protection) lend themselves to blockchain technology for administration. Although there are actors making moves toward the establishment of self-sovereign identity, there are a few challenges that face the widespread implementation of these tenets, including legal risks, confidentiality issues, immature technology, and a reluctance to change established processes.

Jacobovitz, Ori. “Blockchain for Identity Management.” Department of Computer Science, Ben-Gurion University. December 11, 2016.

This technical report discusses advantages of blockchain technology in managing and authenticating identities online, such as the ability for individuals to create and manage their own online identities, which offers greater control over access to personal data. Using blockchain for identity verification can also afford the potential of “digital watermarks” that could be assigned to each of an individual’s transactions, as well as negating the creation of unique usernames and passwords online. After arguing that this decentralized model will allow individuals to manage data on their own terms, Jacobvitz provides a list of companies, projects, and movements that are using blockchain for identity management.

Mainelli, Michael. “Blockchain Will Help Us Prove Our Identities in a Digital World.” Harvard Business Review. March 16, 2017.

In this Harvard Business Review article, author Michael Mainelli highlights a solution to identity problems for rich and poor alike–mutual distributed ledgers (MDLs), or blockchain technology. These multi-organizational data bases with unalterable ledgers and a “super audit trail” have three parties that deal with digital document exchanges: subjects are individuals or assets, certifiers are are organizations that verify identity, and inquisitors are entities that conducts know-your-customer (KYC) checks on the subject. This system will allow for a low-cost, secure, and global method of proving identity. After outlining some of the other benefits that this technology may have in creating secure and easily auditable digital documents, such as greater tolerance that comes from viewing widely public ledgers, Mainelli questions if these capabilities will turn out to be a boon or a burden to bureaucracy and societal behavior.

Personal Data Security Applications

Banafa, Ahmed. “How to Secure the Internet of Things (IoT) with Blockchain.” Datafloq. August 15, 2016.

This article details the data security risks that are coming up as the Internet of Things continues to expand, and how using blockchain technology can protect the personal data and identity information that is exchanged between devices. Banafa argues that, as the creation and collection of data is central to the functions of Internet of Things devices, there is an increasing need to better secure data that largely confidential and often personally identifiable. Decentralizing IoT networks, then securing their communications with blockchain can allow to remain scalable, private, and reliable. Enabling blockchain’s peer-to-peer, trustless communication may also enable smart devices to initiate personal data exchanges like financial transactions, as centralized authorities or intermediaries will not be necessary.

Shrier, David, Weige Wu and Alex Pentland. “Blockchain & Infrastructure (Identity, Data Security).” Massachusetts Institute of Technology. May 17, 2016.

This paper, the third of a four-part series on potential blockchain applications, covers the potential of blockchains to change the status quo of identity authentication systems, privacy protection, transaction monitoring, ownership rights, and data security. The paper also posits that, as personal data becomes more and more valuable, that we should move towards a “New Deal on Data” which provides individuals data protection–through blockchain technology– and the option to contribute their data to aggregates that work towards the common good. In order to achieve this New Deal on Data, robust regulatory standards and financial incentives must be provided to entice individuals to share their data to benefit society.

Blockchain-like ID may mean end of paper birth certificates

Curated on Posted on by Stefaan Verhulst

Chris Baraniuk at New Scientist: “There’s a new way to prove you are who you say you are – inspired by the tech underpinning bitcoin. Usually, when you need to verify your identity, the process is archaic, insecure and time-consuming. You get a copy of your birth certificate in the post, put it in an envelope and hope it gets to whoever is asking for it. In the digital era, this should take seconds.

But putting something as sensitive as a birth certificate online risks identity theft in the era of hacks and leaks. Now, the US state of Illinois is experimenting with a secure way of putting control of that data into its citizens’ hands, with the help of distributed ledgers, similar to the blockchain used by bitcoin.

Just last month, Illinois announced a pilot project to create “secure ‘self-sovereign’ identity” for Illinois citizens wishing to access their birth certificate. The idea is to use a blockchain-like distributed ledger that allows online access only to the people owning the ID, and any third parties granted their permission.

Illinois is working with software firm Evernym of Herriman, Utah, to create a record of who should be able to access data from the state’s birth register. Once this is done, no central authority should be required, just your say-so.They’re not the only ones. According to a report by Garrick Hileman and Michael Rauchs at the Cambridge Centre for Alternative Finance, UK, governments are increasingly experimenting with it, including the UK and Brazil.

Activists have long called for people to have greater control of their data. Hacks and leaks are making it too risky for authorities to be the central repository of citizens’ most vital information.

With distributed ledgers, all participants within a network can have their own identical copy of data like access permissions – so no one can view cryptographically sealed birth certificate data unless they’re meant to. Blockchains are a type of distributed ledger that gets the whole network to observe and verify transactions – such as when someone sends a bitcoin to their friend….(More)”.

How Blockchain Is Kickstarting the Financial Lives of Refugees

Curated on Posted on by Stefaan Verhulst

Mike Orcutt at MIT Technology Review: “Finland’s digital money system for asylum seekers shows what blockchain technology can offer the unbanked….

For a refugee in a new country, identity—at least in the official sense—can be among the hardest things to recover. And without an official ID it is nearly impossible to advance in society.

Finland, which like many European nations has recently seen a large influx of asylum seekers, is using a cryptographic ledger called blockchain to help them get on their feet faster.

For two years the Finnish Immigration Service has been giving asylum seekers who don’t have bank accounts prepaid Mastercards instead of the traditional cash disbursements, and today the program has several thousand active cardholders. Developed by the Helsinki-based startup MONI, the card is also linked to a unique digital identity stored on a blockchain, the same technology that underpins the digital currency Bitcoin.

Bitcoin has demonstrated how blockchain technology can be used to transmit value between individuals without the need for corporate middlemen. Core to the technology is a software protocol that creates a permanent record of every single Bitcoin transaction. Anyone can access this record, called the blockchain, by downloading the Bitcoin software. Computers running the software all over the world maintain the blockchain, and use it to verify new transactions.

Blockchains are seen as a promising avenue for opening new financial opportunities to people who don’t have access to modern financial services. Besides eliminating the need for a traditional financial institution to mediate transactions, they provide a means for creating and securely storing a digital form of identification that can’t be corrupted and is easily accessible from anywhere….

In Finland, a MONI card can help address several challenges facing asylum seekers, says Jouko Salonen, director of the Finnish Immigration Service. Most importantly, a MONI account functions like a bank account, removing a major barrier to gaining employment. People can use their accounts to buy things, pay bills, and even receive direct deposits from employers. Meanwhile, every transaction is recorded in a public, virtually incorruptible database maintained by a decentralized global network of computers. That enables the Immigration Service to keep track of the cardholders and their spending….(More)”

Blockchain: Blueprint for a New Economy

Curated on Posted on by Stefaan Verhulst

Book by Melanie Swan: “Bitcoin is starting to come into its own as a digital currency, but the blockchain technology behind it could prove to be much more significant. This book takes you beyond the currency (“Blockchain 1.0”) and smart contracts (“Blockchain 2.0”) to demonstrate how the blockchain is in position to become the fifth disruptive computing paradigm after mainframes, PCs, the Internet, and mobile/social networking.

Author Melanie Swan, Founder of the Institute for Blockchain Studies, explains that the blockchain is essentially a public ledger with potential as a worldwide, decentralized record for the registration, inventory, and transfer of all assets—not just finances, but property and intangible assets such as votes, software, health data, and ideas.

Topics include:

  • Concepts, features, and functionality of Bitcoin and the blockchain
  • Using the blockchain for automated tracking of all digital endeavors
  • Enabling censorship?resistant organizational models
  • Creating a decentralized digital repository to verify identity
  • Possibility of cheaper, more efficient services traditionally provided by nations
  • Blockchain for science: making better use of the data-mining network
  • Personal health record storage, including access to one’s own genomic data
  • Open access academic publishing on the blockchain…(More)”.

These 16 companies want to make technology work for everyone

Curated on Posted on by Stefaan Verhulst

MIT Sloan School Press Release: “One company helps undocumented people create a digital identity. Another uses artificial intelligence to help students transition to college. Yet another provides free training to budding tech pros.

These organizations are just a few of the many that are using technology to solve problems and help people all over the world — and they are all finalists in the MIT Initiative on the Digital Economy’s second annual Inclusive Innovation Challenge. During a time of great technological innovation, many people are not benefiting from this progress. The challenge is recognizing companies that are using technology to improve opportunities for working people…..

Here are the finalists:

AdmitHub
Did you know that of the students who have been admitted to college each spring, 14 percent don’t actually attend come fall? Or that of those who do attend, 48 percent haven’t graduated six years later. Boston-based AdmitHub created a virtual assistant powered by artificial intelligence to help students navigate the financial, academic, and social situations that accompany going to college, and they do it all through text messaging, communicating with students on their terms and easing the transition to college.

African Renewable Energy Distributor Ltd.
This company has developed solar-powered, portable kiosks where people can charge their phones, access Wi-Fi, or access an intranet while offline. Using a micro franchise business model, the Rwanda-based company hopes to empower women and people with disabilities who can run the kiosks.

AID:Tech
More than two billion people worldwide have no legal identity, something that is necessary for accessing public and financial services. Aid:Tech aims to end that, by providing a platform for undocumented people to create a digital ID using blockchain so that every transaction is secure and traceable. Aid:Tech is based out of Dublin, with offices in New York and London….(More)”

Want to make your vote really count? Stick a blockchain on it

Curated on Posted on by Stefaan Verhulst

Niall Firth at New Scientist: “Bitcoin changed the way we think about money forever. Now a type of political cryptocurrency wants to do the same for votes, reinventing how we participate in democracy.

Sovereign is being unveiled this week by Democracy Earth, a not-for-profit organisation in Palo Alto, California. It combines liquid democracy – which gives individuals more flexibility in how they use their votes – with blockchains, digital ledgers of transactions that keep cryptocurrencies like bitcoin secure. Sovereign’s developers hope it could signal the beginning of a democratic system that transcends national borders.

“There’s an intrinsic incompatibility between the internet and nation states,” says Santiago Siri, one of Democracy Earth’s co-founders. “If we’re going to think about digital governance, we need to think in a borderless, global way.”

 The basic concept of liquid democracy is that voters can express their wishes on an issue directly or delegate their vote to someone else they think is better-placed to decide on their behalf. In turn, those delegates can also pass those votes upwards through the chain. Crucially, users can see how their delegate voted and reclaim their vote to use themselves.

It’s an attractive concept, but it hasn’t been without problems. One is that a seemingly unending series of votes saps the motivation of users, so fewer votes are cast over time. Additionally, a few “celebrities” can garner an unhealthy number of delegated votes and wield too much power – an issue Germany’s Pirate Party ran into when experimenting with liquid democracy.

Siri thinks Sovereign can solve both of these problems. It sits on existing blockchain software platforms, such as Ethereum, but instead of producing units of cryptocurrency, Sovereign creates a finite number of tokens called “votes”. These are assigned to registered users who can vote as part of organisations who set themselves up on the network, whether that is a political party, a municipality, a country or even a co-operatively run company.

No knowledge of blockchains is required – voters simply use an app. Votes are then “dripped” into their accounts over time like a universal basic income of votes. Users can debate with each other before deciding which way to vote. A single vote takes just a tap, while more votes can be assigned to a single issue using a slider bar….(More)”

E-residency and blockchain

Curated on Posted on by Stefaan Verhulst

Clare Sullivan and Eric Burger in Computer Law & Security Review: “In December 2014, Estonia became the first nation to open its digital borders to enable anyone, anywhere in the world to apply to become an e-Resident. Estonian e-Residency is essentially a commercial initiative. The e-ID issued to Estonian e-Residents enables commercial activities with the public and private sectors. It does not provide citizenship in its traditional sense, and the e-ID provided to e-Residents is not a travel document. However, in many ways it is an international ‘passport’ to the virtual world. E-Residency is a profound change and the recent announcement that the Estonian government is now partnering with Bitnation to offer a public notary service to Estonian e-Residents based on blockchain technology is of significance. The application of blockchain to e-Residency has the potential to fundamentally change the way identity information is controlled and authenticated. This paper examines the legal, policy, and technical implications of this development….(More)”.

 

How Can Blockchain Technology Help Government Drive Economic Activity?

Curated on Posted on by Stefaan Verhulst

Thomas Hardjono and Pete Teigen providing “A Blueprint Discussion on Identity“: Data breaches, identity theft, and trust erosion are all identity-related issues that citizens and government organizations face with increased frequency and magnitude. The rise of blockchain technology, and related distributed ledger technology, is generating significant interest in how a blockchain infrastructure can enable better identity management across a variety of industries.  Historically, governments have taken the primary role in issuing certain types of identities (e.g. social security numbers, driver licenses, and passports) based on strong authentication proofing of individuals using government-vetted documentation – a process often referred to as on-boarding. This identity proofing and on-boarding process presents a challenge to government because it is still heavily paper-based, making it cumbersome, time consuming and dependent on siloed, decades old, and inefficient systems.

Another aspect of the identity challenge is the risk of compromising an individual’s digital identifiers and government-issued credentials through identity theft. With so many vital services (e.g. banking, health services, transport, residency) dependent on trusted, government-vetted credentials, any compromise of that identity can result in a significant negative impact to the individual and be difficult to repair. Compounding the problem, many instances of identity theft go undetected and only discovered after damage is done.

Increasing the efficiency of the identity vetting process while also enhancing transparency would help mitigate those identity challenges.  Blockchain technology promises to do just that. Through the use of multiple computer systems (nodes) that are interconnected in a peer-to-peer (P2P) network, a shared common view of the information in the network ensures synchronicity of agreed data. A trusted ledger then exists in a distributed manner across the network that inherently is accountable to all network participants, thereby providing transparency and trustworthiness.

Using that trusted distributed ledger, identity-related data vetted by one Government entity and including that data’s location (producing a link in the chain) can be shared with other members of the network as needed — allowing members to instantaneously accept an identity without the need to duplicate the identity vetting process.  The more sophisticated blockchain systems possess this “record-link-fetch” feature that  is inherent in  the blockchain system’s building blocks.  Additional efficiency enhancing features allow downstream processes using that identity assertion as automated input to enable “smart contracts”, discussed below.

Thus, the combination of Government vetting of individual data, together with the embedded transparency and accountability capabilities of blockchain systems, allow relying parties (e.g. businesses, online merchants, individuals, etc.) to obtain higher degrees of assurance regarding the identity of other parties with whom they are conducting transactions…..

Identity and membership management solutions already exist and can be applied to private (permissioned) blockchain systems. Features within these solutions should be evaluated for their suitability for blockchain systems.  Specifically, these four steps can enable government to start in suing blockchain to address identity challenges:

  1. Evaluate existing identity and membership management solutions in order to identify features that apply to permissioned blockchain systems in the short term.
  2. Experiment with integrating these existing solutions with open source blockchain implementations.
  3. Create a roadmap (with a 2-3 year horizon) for identity and membership management for smart contracts within permissioned blockchains.
  4. Develop a long term plan (a 5 year horizon) for addressing identity and membership management for permissionless (public) blockchain systems. Here again, use open source blockchain implementations as the basis to understand the challenges in the identity space for permissionless blockchains….(More)”.

Government innovations and the hype cycle

Curated on Posted on by Stefaan Verhulst

Danny Buerkli at the Centre for Public Impact: “The Gartner hype cycle tracks how technologies develop from initial conception to productive use. There is much excitement around different methodologies and technologies in the “government innovation” space, but which of these is hyped and which of these is truly productive?

Last year we made some educated guesses and placed ten government innovations along the hype cycle. This year, however, we went for something bigger and better. We created an entirely non-scientific poll and asked respondents to tell us where they thought these same ten government innovations sat on the hype cycle.

The innovations we included were artificial intelligence, blockchain, design thinking, policy labs, behavioural insights, open data, e-government, agile, lean and New Public Management.

Here is what we learned.

  1. For the most part, we’re still in the early days

On average, our respondents don’t think that any of the methods have made it into truly productive use. In fact, for seven out of the ten innovations, the majority of respondents believed that these were indeed still in the “technology trigger” phase.

Assuming that these innovations will steadily make their way along the hype cycle, we should expect a lot more hype (as they enter the “peak of inflated expectations”) and a lot more disappointment (as they descend into the “trough of disillusionment)” going forward. Government innovation advocates should take heed.

  1. Policy Labs are believed to be in “peak of inflated expectations”

This innovation attracted the highest level of disagreement from respondents. While almost two out of five people believe that policy labs are in the “technology trigger” phase, one out of five see them as having already reached the “slope of enlightenment”. On average, however, respondents believe policy labs to be in the “peak of inflated expectations”….

  1. Blockchain is seen as the most nascent government innovation

Our survey respondents rather unanimously believe that blockchain is at the very early stage of the “technology trigger” phase. Given that blockchain is often characterized as a solution in search of a problem, this view may not be surprising. The survey results also indicates that blockchain will have a long way to go before it will be used productively in government, but there are several ways this can be done.

  1. Artificial intelligence inspires a lot of confidence (in some)
  1. New Public Management is – still – overhyped?… (More).