We discussed a ‘future-world’ concept about how digital entities could control how they choose to be identified, and what kinds of features this might have, and how it might behave. Each digital entity would be able to establish some ‘graph’ fragments that represent their relationships to other digital entities, or might represent data asserted by the entity itself. The digital entity could construct the specific graph fragments that it wanted to be recognized by. And online service providers would be capable of recognizing and processing these ‘identity molecules’ without necessarily needing a pre-established relationship with the original assertion source. The online service provider decides what claims or information they need in order to accept the digital entity. For example, they might want claims that the entity is a person not bot - so the entity would expose a fragment related to human gestures. The pivot in the concept is to imagine what might be possible if a very large number of assertion issuers are available to be used. The entity could choose from a very large set. The online service provider could not possibly have pre-established arrangements with all of the possible issuers. We discussed some of the mechanisms that would have to exist and some of the projects that are starting to explore it.
It’s a way of thinking about where current trends in identification might end up in 10 years.
…to be continued… we will see how close to reality this concept ends up being :-)
You might want to check https://privacybydesign.foundation/irma-en/ . IRMA stands for I Release My Attributes and is a Dutch University based initiative.