Table of Contents
- Introduction
- Why We Wrote This Report
- Section 1: SSI, Registries, and Land Use Cases
- The Case for Self-Sovereign Identity
- Registries and Self-Sovereign Identity
- Digital Identity and Land Use Cases
- Section 2: Three Solutions Through Ten Principles
- The Principles of Self-Sovereign Identity
- Three Self-Sovereign Identity Platforms to Watch
- Exploring Three Platforms Through the Principles
The Principles of Self-Sovereign Identity
There is no universally recognized definition of SSI, although we agree with Christopher Allen that in the absence of a common description, the best course of action is to evaluate each solution by its overall adherence to the principles of self-sovereign identity, which “actually provide a better, more comprehensive, definition of what self-sovereign identity is.”1 A sizable and growing body of literature surrounding the “principles of identity” seems to be harmonizing on to a consistent set.
Key members of the international development community have developed separate, yet overlapping principles for identification. Prominent sets are introduced in:
- The National Digital Identity Programmes: What’s Next? report by Access Now
- The Known Traveller report by the World Economic Forum
- The Principles on Identification for Sustainable Development report by the World Bank
- The ID2020 Alliance Concept Note
Several thought leaders2 within the digital identity space have developed their own principles or laws:
- Kim Cameron of Microsoft introduced seven laws of identity in 2005.
- Christopher Allen presented ten principles of self-sovereign identity in 2016.
These various sets are relatively consistent. The table below shows that principles prevalent throughout this recent literature broadly include universal coverage and accessibility, protection, data minimization, and users’ rights to control and transport their identities.
Table 3: Various “Principles of Identity”
| Kim Cameron{{125}}(2005) | Chris Allen{{126}}(2016) | World Bank{{127}}(2017) | ID 2020{{128}}(2017) | WEF{{129}}(2018) | Access Now{{130}}(2018) |
|---|---|---|---|---|---|
| Existence | Universal Coverage | Universal Coverage | Existence | ||
| User Control and Consent | Control | User Privacy and Control | Control | Control | Control |
| Human Integration | Access | Remove Barriers to Access and Usage | Access | Access | Access |
| Transparency | Open Standards | Open Standards | Transparency | Transparency | |
| Persistence | Sustainability | Persistence | Persistence | Persistence | |
| Consistent Experience Across Contexts | Portability | Independent Oversight | Portable | Transportable | |
| Pluralism of Operators and Technology | Interoperability | Interoperable and User-Responsive | Interoperability | Interoperability | |
| Justifiable Parties | Consent | Legal and Regulatory Framework | Permissioned | Consent | Consent / Accountability |
| Minimal Disclosure for a Constrained Use | Minimalization | Mandates and Accountability | Private | Minimization | Minimization |
| Directed Identity | Protection | Unique, Secure, Accurate Identity | Secure{{131}} | Protection | Protection{{132}} |
We have synthesized and recast these principles. The major differences being the addition of the principle of “Inclusion” and the removal of “Existence.” The former is critical for adoption in developing countries and the latter is implicit in other principles, including “Consent.” We believe that these principles incorporate all key principles in the space.
1) Inclusion: Identity should be available to all
Every individual should be provided with an identity from birth to death. Enrollment processes cannot discriminate against an individual due to ethnicity, gender, socioeconomic status, illiteracy, language, a lack of resources, or lack of technological literacy. An identity platform should ensure minimum cost to the end user in order to maximize inclusion.
2) Control: Users must control their own identities
Individuals must have ultimate authority over their identities and all related personal data. Storage should be decentralized to the greatest extent possible. It is the user’s prerogative to update, share, and hide any information. Solution administrators and/or stewards must be incapable of revoking a user’s identity.
3) Access: Users must have access to their own data
Users should be able to easily and directly access their identities and all related data. Access must not depend entirely on the technological or infrastructural capacity of the user, especially on the possession of a smartphone. Gatekeepers cannot restrict access.
4) Transparency: Systems and governance must be transparent
The manner in which an identity system functions, is managed, and is updated must be publicly available and reasonably comprehensible. Solution design should be based on open protocol standards and open source software, in part to prevent vendor lock-in. The governance model of the solution should limit the power of administrators to access, revoke, or otherwise interfere with the user’s identity and personal data.
5) Persistence: Identities must be long-lived
Identity systems must be long-lasting; user identities should last from birth to death. Solution developers should implement sufficient foundational infrastructure, and design sustainable commercial and operational models. As a caveat, the persistence of digital identities should not contradict the “right to be forgotten.”3
6) Portability: Identity information and services must be transportable
A digital identity cannot be restricted to a single platform. Users must be able to transport their identities – as well as credentials and attestations—from one platform to another. The transfer of data should be uncomplicated from the user perspective. All firms, governments, and third parties should strive for simple and consistent user experiences.
7) Interoperability: Identities should be as widely usable as possible
There are numerous contexts in which an identity is required. Through open standards and scalability, digital identity firms should allow myriad stakeholders to leverage the benefits of a solution. Different organizations, databases, or registries must be able to quickly and efficiently communicate with each other globally through an identity system.
8) Consent: Users must agree to the use of their identity or data
Users must give explicit permission for another entity to access and/or utilize their data. The process of expressing consent should be interactive, deliberate, and well-understood by the user. Shared information must only be used for a specific function. Users must restate consent for personal data to be used in a different manner and/or to be used another time.
9) Minimization: Disclosure of identity information must be minimized
Any identity solution should mitigate against extensive disclosure of personally identifiable information. A platform must minimize the type and quantity of information collected by entities that verify individuals. A user should share only the least possible amount of data necessary to accomplish the task at hand. Minimization can help to ensure user privacy.
10) Protection: Users’ right to privacy must be protected
Any solution must be embedded with “privacy-by-design.”4 Safeguards should exist against tampering, data traffic should be encrypted end-to-end, and restrictions should be placed on the monitoring of information. Affected parties must also be notified of a data breach. Users’ right to privacy must always come first.
Citations
- Allen, “The Path to Self-Sovereign Identity.”
- We do not claim that our list is comprehensive. Other valuable contributions within the identity space include: Carly Nyst, Steve Pannifer, Edgar Whitley, and Paul Makin, Digital Identity: Issue Analysis, Consult Hyperion, June 8, 2016, source, accessed August 6, 2018; Kaliya Young, “Vision & Principles for the Personal Data Ecosystem,” Identity Woman (blog), September 13, 2010, identitywoman.net/vision-principles-for-the-personal-data-ecosystem/, accessed August 6, 2018; and Phillip Windley, “PDX Principles,” Phil Windley’s Technometria (blog), September 10, 2010, source, accessed August 6, 2018.
- The “right to be forgotten” is the concept that individuals have the civil right to request that third parties remove their personal information from the internet. In particular, the removal of old, inaccurate, or irrelevant data is viewed as a legitimate request. While the “right to be forgotten” aims to support personal privacy, we feel that it is necessary to mention the concern that it conflicts with the open nature of the web and the free flow of information (Margaret Rouse and Laura Aberle, “Definition: right to be forgotten,” WhatIs.com, TechTarget, last updated June 2014, searchcontentmanagement.techtarget.com/definition/The-right-to-be-forgotten, accessed August 22, 2018; Dave Lee, “What is the ‘right to be forgotten’?,” BBC, May 13, 2014, source, accessed August 22, 2018).
- “Privacy-by-design” is a framework based on proactively embedding privacy into the design and operation of IT systems, networked infrastructure, and business practices (Sylvia Kingsmill and Ann Cavoukian, Privacy by Design: Setting a new standard for privacy certification, Deloitte, accessed July 18, 2018, www2.deloitte.com/content/dam/Deloitte/ca/Documents/risk/ca-en-ers-privacy-by-design-brochure.PDF).