On Guardianship in Self-Sovereign Identity Using Blockchain
Over the last decade, digital identity has enabled the digital transformation of almost every aspect of our lives. New technical advances such as IoT, 5G, and AI promise more digitization for our data driven futures. New identity and access management technologies (IAM), such as multi-factor authentication, biometrics, and federation protocols have started to improve interoperability and simplify “login” for us all. At the same time, governments, social platforms, credit reference agencies, and enterprise vendors have collaborated to build new online identity verification ecosystems. Their motivation is simple: more trust = less risk = more money.
There is a risk that the more some of us benefit from digital transactions and our digital identities, the more we increase digital exclusion. Identity systems need a means of connecting with and representing those who cannot act for themselves (or wholly by themselves) in the digital world to mitigate exclusion.
Today, we use workarounds to solve this problem: You cannot log in to your computer to approve expenses, so you phone someone else and ask them to log in for you.
Your elderly neighbour now needs to book their doctor’s appointments online, so you sit alongside them and fill in all the forms for them or coach them through the process.
A homeless charity creates and manages digital identities for its clients so that it can claim benefits from the state on their behalf.
These workaround examples use offline paper credentials and human face-to-face verification; however, they are not secure, transparent, or auditable, and there are limits to the value of the transactions they can support.
Self-sovereign identity (SSI) systems, where control of a digital identity is asserted using digital credentials stored in a digital wallet, present a further challenge.
How can we enable everyone to control their digital identity? By definition, we experience life-stages (e.g., childhood) and conditions (e.g., dementia) where law and social norms dictate we cannot be self-sovereign.
This challenge cannot be solved with simple delegation because a child, a person living with dementia, or a refugee without an internet connection cannot delegate something they do not have. Nor is it a simple controller relationship with a thing (e.g., a drone) because unlike a drone, a child progressively gains rights and eventually becomes more self-sovereign.
Similarly, the person living with dementia will experience changing capacity over time.
What we need is a mechanism for people who cannot directly access or manage their own digital identity.
The mechanism needs to:
- Technically work alongside existing identity and credential management systems.
- Functionally support legal, social, and organizational processes that include those who cannot digitally transact for themselves.
- Support revocation so that each person can reclaim their self-sovereign identity as and when they are able.
Guardianship is this mechanism. Guardianship has always been an essential component of the Sovrin Governance Framework. Without a guardianship mechanism, how will we account for times in our lives when we cannot be fully self-sovereign?
