This blog is written by guest author Wouter Welling, policy officer digital government at the Ministry of the Interior and Kingdom Relations. He writes this blog in a personal capacity.
When you ask a Dutch person to tell you something about his or her identity, only a few will start talking about data that is somewhere in databases. People start with their culture, their loves, their hobbies and where they come from.
Strangely enough, your digital identity may be more important in society than your other identities. Yet, when we talk about digital identity, we all focus on different aspects.
When we talk about our ‘digital identity’, we are not talking about the complete concept of ‘identity’. Different types of identity can be distinguished, such as genetic, cultural, national and, thus, digital identity as well. The core of the concept remains the same: In essence, identity is always a representation of a certain entity (usually a human being). This depiction is built from different elements. These elements can be filled in subjectively (actively)—think of how your religion, political preference and hobbies—or (passively), assigned to you and managed by third parties, such as your social security number, your income, your nationality, your Facebook data, and your professional credentials.
If you find the above text to be abstract, then you probably understand where I want to go with all of this. My point is that when we talk about our digital identity, we all understand that it is important, but at the same time we all understand it differently.
Your digital shadow
One person might talk about identity documents, such as passports and how there can be a digital equivalent. Another person talks about digital authentication processes that you increasingly use (think of your dozens of username-password combinations). Yet another thinks about all of the companies’ and governments’ registries that store the data that, together, forms your digital shadow.
The core of the discussion is that we like to do business with each other and we have to do that in a way that organizes trust and legitimacy. This is not possible in a traditional way because: ‘on the internet, nobody knows you’re a dog’.
We are therefore looking for a way to organize identities in a digital world, so that we can trust each other without immediately revealing information that is not necessary for that trust.
A big risk in this discussion is that we first look at the existing situation, and then look for a solution for what was a small inconvenience in the old world.
We are an organization that provides a service. We had an analog client process; now, let’s build a digital database with customer data. We have a database with customer data; let’s allow people to see that data so that they can improve its quality. People must have access to only their data; let us give them an authentication with a username-password. People have too many usernames and passwords; let’s let them log in with Google or Facebook.
This problem is called solutionism. Solutionism is the idea that there is a technological solution for every problem. This term is brilliantly posited by tech thinker Evgeny Morozov. The concept is very recognizable for people who have ever looked at a new gadget and wondered, ‘Gosh, what’s that good for?’ or ‘yes, nice, but what does that solve?’ Morozov warns of the danger that we are trying to solve social, human issues with technological solutions.
I also see this solutionism in the debate about our digital identity. We often get bogged down: we have to arrange whatever, so first we have to make sure there is a properly functioning digital identity. The question that then remains open is: Are we offering people a digital identity that they really benefit from in society, or are we solving a problem in based on a process that we do not want to change?
I hope the first, but fear too often for the latter.
It is a societal perspective: independence vs. duty of care
One of the most pressing discussions about our digital identity is about the concept of our own sovereign identity (self-sovereign identity). The idea is that a person must be in complete control and ownership of his or her digital identity and the attributes that make up it—a noble concept, and a good successor to the notion that large databases store elements of someone’s identity and every database holder has to worry about a key for each user to be able to use that element.
However, there are big social questions behind a concept that is popular among a large community of technology optimists (example).
Do we have to be self-sovereign ourselves? Can we all be strong? Do we find that degree of complete independence and possibly also susceptibility a sensible idea? Do we sometimes have to protect people against their own urge for convenience?
Every day, people get into trouble because they cannot meet the challenges the digitised society poses them. Do we solve something for those people by giving them a grip on their digital identity? Or can you give better personal care to this group if you allow the capable to fully arrange matters independently? Do people understand the implications of a centrally organized key to the attributes that build their digital identity?
Experiment and Learn
My proposal is to accept that the way in which we as a government sometimes organize matters is less and less in line with what the actual social need and expectation is. People expect fully personalized digital services while ensuring their privacy at any time that suits them in a way that they understand.
This is not easy, but possible.
It requires a well-considered form of digital identity, which requires answers to all kinds of social choices. To be able to make these choices well, you need to know what you want and do not want. You only know this when you experience and see it. So let’s experiment and learn what we really mean by digital identity.
Wouter Welling is a policy officer for digital government at the Ministry of the Interior and Kingdom Relations and writes this blog in a personal capacity.