First published to the AKASHA Foundation blog.
With thanks to those who commented on draft versions: Matthew Schutte, Jonathan Donner, Martin Etzrodt, Andrei Sambra, Mihai Alisie.
Hero image generated from the original image by Ryan Alexander.
I'm going to outline three ways to think about digital identity to help move the conversation forward in line with the AKASHA Foundation's purpose. I'm not claiming any neat taxonomy per se, just exploring very different degrees of nuance with radically distinct implications.
- Relating to how personal and group identity is manifest online, naively
- Relating to how personal and group identity is manifest online, expertly
- Relating to how we might employ digital technologies to transform society's accommodations of and approaches to identity, generatively.
It seems from observation alone that quite a few technologists work in this mode, excited to be bringing pre-digital bureaucratized identity into the digital age.
Telegram Passport is an exemplar of the naive unfortunately, a service allowing you to upload your "real-life ID" just the once so you may offer up such documentation more easily in the future as and when required by third-party services. Simple? Yes. Convenient? Undoubtedly. With dire emergent consequences? Quite possibly.
"Your papers, please" is a cultural metaphor for living in a police state, and Telegram technologists are diligently removing the systemic frictions of the pre-digital era to assist your compliance, misguidedly assuming that friction is something that should always be eliminated I suppose.
You may be tempted to dismiss such a concern … But I decide when to present my ID!
Well not quite. Consider the Barnes Paradox whereby individuals transgress their own privacy preferences just to get to the stuff a click away. We've all done it. Moreover, each of us is just one of very many agents in the constant emergent reformation of societal structures; in other words, many if not most of your fellow citizens would have to exercise similar discipline. Still confident?
The only way to feel positive when it comes to naive digital identity is by assuming lawmakers will step in to constrain the types of entities that may request ID in such a manner, and to constrain the corresponding purposes too. Such a license to operate would be cryptographically provable by the requesting party.
But please do not rely on this to ease your mind as you write more naive code. Under the influence of the false dichotomy of privacy .v. security, or guided by similarly naive understanding of identity, governments appear too frequently to be pulling in the wrong direction here. India's Aadhaar is a case in point. This alarmingly naive, government-funded invention was intended to be entirely voluntary, but to opt-out now is to effectively opt-out of living in the country; an example of the structuration I referenced above.
The thought put into Aadhaar's goals, design and consequences has been and remains woefully inadequate.
Naive innovation represents an inordinate and perilous transformation of the ilk explored in mid-twentieth century dystopian novels. In other words, people will die if its application is not controlled. But controlling it will also lead to exclusion, persecution, and deaths depending on the dogma of those in power at the time. (See India's hunt for "illegal immigrants" is aimed at Muslims.) As I note in my webinar for the Self-Sovereign Identity Meetup, engineering the facility for inclusion cannot but also enable exclusion.
Brevity is my only reason for limiting the examples here to Telegram and Aadhaar. They are not too unusual in their naivety, unfortunately. Just use your preferred search engine to look up "KYC-as-a-service" and "e-KYC" for example and challenge yourself to find a service that limits its application to legally necessitated situations, or one that doesn't use legal terms and conditions to curtail hackers' freedom to find flaws in its system.
If this has sparked your deeper interest, Dissent on Aadhaar1 is perhaps the definitive read on Aadhaar's architectural flaws, its erosion of civil liberties, undermining of democratic process, negative impact on welfare programmes, and pivotal role in the formation of a surveillance state. Separately, Kaliya Young explores how Aadhaar differs from the US Social Security System2 and concludes: "there tends to be insufficient consideration of the ways in which the proposed solutions that use Aadhaar might create risks for those individuals and institutions it intends to serve."
Identity experts are semantic pedantic — their professional focus is distinction after all. I adopt Jonathan Donner's recommendation3 to distinguish the terms "identity", "identification", and "ID". Identity "implies a kind of multidimensional social location of an individual relative to other people and institutions around him or her." Identification is a claims verification process, and ID is an artifact, traditionally tangible, that "supports a claim or signals that identification might be possible."
In other words, identity ≠ identification ≠ ID. Any and every conversation in which participants recognize this distinction is massively more productive. And there's another phrase …
Self-sovereign identity (SSI)
SSI is the current state of the art. The concept and term emerged in 2016 having morphed from "sovereign source authority" in 2012. Here is an extract from Devon Loffreto's argument for such sovereignty4:
Society is an Agreement. It is made by and between Individuals. Within any Society, Individuals have an established Right to an "identity", and to all of the benefits and responsibilities of some form of "Nationally Sovereign Structure" of governance and administration. Sovereign Source Authority (SSA) refers to the actual default design parameter of Human identity, prior to the "registration" process used to inaugurate participation in Society.
The motivation here is valid at least, evidenced in the analysis of the conditions by which totalitarianism took hold in Europe in the 1930s and early 40s5:
The stateless and the minorities … had no governments to represent and to protect them. … The very phrase ‘human rights' became for all concerned — victims, persecutors, and onlookers alike — the evidence of hopeless idealism or fumbling feeble-minded hypocrisy.
When only states are sovereign, the individual rendered stateless has no rights. This is unacceptable and led to the Universal Declaration of Human Rights in 1948 and more recently to the inclusion under the Sustainable Development Goals of the target to ensure everyone has a legal identity by 20306.
We are also moved by the motivations for such a target and recognise that there are choices to be made of how best to achieve it, and indeed to define precisely what it is. Is it to serve only in tightly specified legal or humanitarian contexts for example? If so, who gets to decide? And who gets to decide who gets to decide?7 We must remain cognizant that efficient identity related bureaucracy was also fatal in the 1940s8. It was easier to find people to murder in jurisdictions in which legal identity worked well. On which point, the minimum qualification of an expert in this field must be historical awareness and dedication to not repeating its tragedies.
I'm not going to offer an introduction to SSI nor the corresponding deliberations by various communities, not least Rebooting the Web of Trust, Internet Identity Workshop, Identity Foundation, ID2020, and Good ID. Rather, the following resources are excellent introductions if you need to jump off here.
- The Path to Self-Sovereign Identity (includes "Ten Principles of Self-Sovereign Identity"), Christopher Allen, April 2016
- What is self-sovereign Identity?, Sovrin, 2018
- Self-sovereign identity: Unraveling the terminology, IBM, 2018
- The Three Models of Digital Identity Relationships, Timothy Ruff, Evernym, 2018
Given that I will be taking aim at the founding principles, I will just tip my hat to The Laws of Identity9 from 2005. As Kim Cameron explained at the time10, the word "laws" was adopted in the scientific sense of hypotheses about the world — resulting from observation — which can be tested and are thus disprovable. The influence of these laws on the SSI principles is plain, not least user control.
The transition to SSI from the prior state of play (described succinctly by Christopher Allen in the first link in the list above) represents a substantial and most welcome breakthrough, but my focus here is its fatal flaws — some of its ‘laws' don't stand the test — and where we might go beyond SSI.
Not how the world works
The Rebooting Web of Trust community adopts what it describes as a functional approach to identity:
Identity is how we recognize, remember, and ultimately respond to specific people and things.
It's a multidimensional social location of an individual relative to others, and clearly contextual. We might recognise faces, voices, gaits, fingerprints, irises, handwriting, usernames, email addresses, PINs, cookies, cryptographic keys or the mathematical proofs of their application, etc. We might remember by close personal association, by faint to robust recollection, by paper record, by database and algorithm. And our responses will be influenced by our interpretation of the associated archived information and the current informational context.
The definition emphasises the observer rather than the observed, the recogniser rather than the recognised. Identity is in the eye of the beholder11. It's social.
On the other hand, the term SSI denotes that identity emanates from the individual in question under that individual's control — after all, to be sovereign means to possess the supreme or ultimate power, and control is both a formative law and founding principle here. SSI is then individualistic, atomistic, and definitely not reliant on anything social.
But how could this reflect reality? How could this be possible when I have minority influence over others' recognising me as best they might, remembering me as they so desire, and responding to me as they see fit? I may attempt to minimise information disclosure, and I may have some recourse under law to effectively reverse previous disclosures, but while that is all well and good in the name of privacy, identities still form in the eyes of the beholders beyond my control. Timothy Ruff puts it tentatively12:
… connections, relationships, and third-party issued credentials are not entirely self-sovereign, nor should they be. They represent (at least) two-sided relationships, and the other party to the relationship has some degree of control, too.
I'm more blunt, and perhaps the easiest explanation is one of reductio ad absurdum.
Imagine if you will that I am self-sovereign. Imagine that I exercise my self-sovereignty fully in the only direction afforded me — i.e. I refuse any facility that others might wield to recognise, remember and respond to me. (For the more technical reader here, I might take full advantage of pairwise pseudonymity with efficient zero-knowledge proofs and ‘tumblers' that obfuscate my true service endpoints13.)
I am now maxing my self-sovereignty.
Is this then the ultimate identity power play? Should you then consider me to be in full control of my identity? In short no, of course not, for who then is left to make the distinction? What is it I'm now supposedly controlling? I am left with no identity at all.
Identity cannot be self-sovereign by the functional definition.
This could be a straightforward case of poor word choice — I'm not the first to make that observation14 — but this goes deeper than the label. This contradiction, this impossibility, is set up from the underlying principles.
A quote from the anthropologist, social scientist, and cyberneticist Gregory Bateson springs to mind15:
The major problems in the world are the result of the difference between how nature works and the way people think.
Phil Windley has observed such a tension, up to a point16:
Many people hear sovereign and think "sovereign means the individual has complete control." Not really. As Scott David pointed out, "declaring yourself king of a deserted island isn't very useful.
Sovereignty is about relationships and boundaries. … Sovereignty defines a boundary, within which the sovereign has complete control and outside of which the sovereign relates to others within established rules and norms.
I argue from the perspectives of complexity science and sociology (not unrelated of course) that not only are many of the SSI principles false — they don't reflect how the world works — but even this attempt at reconciliation entails clean boundary lines that simply don't exist. But Windley concludes:
The beauty of sovereignty isn't complete and total control, but rather balance of power that leads to negotiations about the nature of the relationships between various entities in the system.
This isn't sovereignty, or the "beauty of sovereignty". By my reading, Windley suspects that identity isn't about sovereignty at all.
And last year, when learning to become a certified Warm Data Lab host, I found a kindred spirit in Matthew Schutte who had already critiqued the SSI principles17. I won't take on every principle here — just four should do the job, starting in each case with a quote from Matthew's critique and contributing my own notes.
SSI principle: Existence. Users must have an independent existence.
This is the first false assumption: The belief in an identity as an object. The perception of an "I" is a heuristic that simplifies information processing and decision making, but it is not an underlying reality that we should be anchoring Identity processes to — at least not in total.
I dislike the reference to "users" in this principle. Rather, let's talk about human beings i.e. recognise our full potential and dignity in ways not necessarily triggered let alone encouraged by the word "users".
Furthermore, and as I've written before, the I and the we are not really separable. Neither the individual nor the collectivity can be or become without the other, an assertion recognised by structuration theory in sociology. The theory, dominant in its field, moves away from treating the individual (agent) and society (structure) as separate, paired elements, to considering the two as interdependent, no longer separate or opposed18:
the structural properties of social systems are both medium and outcome of the practices they recursively organize.
Comprehending such complexity requires some shifts in thinking, including:
- Away from the reductionism of ‘parts and wholes' towards the simultaneity of a thing being both a part and a whole (holonic philosophy)
- Away from a focus on the agents (nodes, things, groups) towards a focus on the relationships (the edges, dynamics, liminality, interdependencies), per Actor-Network theory, and ultimately in my view to rhizomes19 and agencement20 — the continuous and unending flux of assembling and reassembling.
Unlike SSI, these appear to correspond to how identity works in the world. I acknowledge of course that the law has a concept of identity for narrowly-bounded legal applications, but that's the point — narrowly-bounded — and heuristic to boot, to quote Matthew Schutte. In the countries I'm most familiar with, in Western Europe and North America, there is no need to reference a legal identity to grab a cab, buy a bagel, meet-up with a mate, borrow a book, play in the park, or do a friend a favour. We act around group norms, simultaneously affecting their perceived loci and boundaries, telling and enacting different stories to ourselves and others, and playing different parts with different people in different contexts, all of which are identity related without our necessarily thinking or believing them as such, and all of which would be alien to the designer of a legal ID system. (I explore identity narratives later.)
Or to put it another way, designing for ‘proof of personhood' to engineer sybil resistance is critical in some contexts of course, but only a minority of identity contexts. It would be harmful in other contexts. (See Verifying identity as a social intersection.)
SSI principle: Control. Users must control their identity.
This assumes that 1) "identities" are a static referent, 2) identities are maintained at a system wide scale. These claims align with past attempts at identity administration architectures, but don't map to the actual functioning of identity in the real world.
I would argue that: 1) claims are all that exist, 2) these claims can be thought of as signals that are "published" (sent) by some actors and "received" (sensed) by others. After receipt, the recipient bears the burden of prioritizing and interpreting the signals that they have sensed. There are complex adaptive system dynamics in play here that lead to a differentiation in the sensitivities of various actors.
Control is wholly inappropriate in the context of identity because it is a logical impossibility. But that's not to advocate or resign ourselves to the binary opposite. Far from it. Anthony Giddens, the progenitor of structuration theory, has something to add here21:
Agency refers not to the intentions people have in doing things but to their capability of doing those things in the first place. ... To be able to 'act otherwise' means being able to intervene in the world, or to refrain from such intervention, with the effect of influencing a specific process or state of affairs.
As I've noted before, agency (in co-evolving structure) entails a negotiation in and with the world that the word "control" denies. Identities form and reform (and expire) in the course of individuals exercising or not exercising agency, all the while sending and receiving signals to use Matthew's words. We can strive to enhance agency, perhaps spread it around a bit more evenly, but to frame identity in terms of control is to promise something that cannot be delivered.
In a related email discussion, Elizabeth Renieris notes22:
The GDPR is a classic example of a law that is being misinterpreted by the SSI community as having to do with individual control. Notice how the core GDPR principles (lawfulness, fairness & transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity & confidentiality, and accountability) do NOT include control. In fact, the only notion of "control" in the GDPR stems from the concept of "controllership" which is a quasi-fiduciary obligation of data controllers to adhere to these core principles, to protect the personal data of data subjects, and to accept certain procedural requirements, etc. Yes, individual data subject rights provide a degree of control over data already shared but those rights are calibrated to exist within a meta-structure designed to remedy some of the asymmetries between individual data subjects & organizational controllers (where the emphasis is on controllers who are in a position to act responsibly and give effect to rights).
SSI principle: Access. Users must have access to their own data.
Again, though noble in intent, this does not map to reality. If I see you slap a child, that impression gets "written" on my brain. You don't have access to it. … These private channels of impression, interpretation and communication are critically important, and yet do not lend themselves to the type of "user centric" identity scheme being proposed here.
To have unimpeded access is to have control, which cannot work when one appreciates that so-called personal data and identity are reciprocally defining and co-constitutive (more on which later). The use of "their own" here invokes the idea that data be treated as property (if only perhaps for lack of imagination). I have written at some length on the impracticality and immorality of total access to / control over / ownership of personal data23 and I won't repeat that here. I will however invite you to use the expressions "data about me" and "data about us" rather than "my data" and "our data" to avoid any implication of ownership.
Matthew doesn't address the digitalisation of associated processes, but I do below.
SSI principle: Persistence. Identities must be long-lived.
… builds upon the same flawed framework of "an Identity is an object" and "Identity objects will be managed at system scale rather than by individual observers." These are fatal flaws that do not map to how signals, agents, interpretation and steering operate in complex adaptive systems.
We can choose not to willingly pull our previous interactions into the present relationship. However, we are incapable of preventing others from attempting to correlate our past with our present — or to prevent them entirely from taking steps to improve the likelihood that our present interaction will be discoverable by those who interact with us in the future
There are ways in which we can pressure others to reduce the level of such sharing that occurs, but these are primarily through the mechanism of social pressures, not technical limitations of the infrastructure we make use of.
Identity doesn't come with persistence as a defining characteristic. I have yet to find a similar ‘law' in the corpus of sociology, cultural studies, or psychology; the opposite in fact. Law is the only discipline that necessarily bureaucratizes birth and death with some urgency to connect the two, and has been narrowly-constrained in application as noted.
Of course, digital technologies have effectively given some observers superhuman powers of recognising, remembering, and responding. While developers of SSI related technologies might design to attenuate such powers, such intention doesn't justify the terminology of "self-sovereignty" or its founding principles. Fundamentally, superhuman technologies are established, around which societal norms have formed and will continue to form, as Marshall McLuhan famously observed. In the context here, this leaves only the law as the basis to trim those super powers in the name of enduring social norms, and in practice it is more the (corporate) observer that extends or accommodates technology in seeking legal compliance than it is any technology of purely self-sovereign origin having the desired effect.
I have discussed how personal and group identity is manifest online, both naively and expertly. Now I'm going to explore how we might employ digital technologies to transform society's accommodations of and approaches to identity, generatively.
I have never attempted to engineer self-sovereign identity. I am then no SSI expert. I invest my time working out how we might wield digital technologies to nurture the full potential of human beings, realising intelligences that would otherwise remain hidden, and creating regenerative cultures and systems24. In the context here, my focus can be called generative identity.
It's not an easy domain to communicate, so I welcome any interest you might have in conversation and collaboration.
My use of generative relates to a desired state beyond sustainability25:
- Sustainable — aiming not to leave anything in worse state (i.e. it's "less bad"26)
- Restorative — doing things to assist the evolution of natural sub-systems
- Regenerative — participating as nature; co-evolution of the whole system.
It also relates to Jonathan Zittrain's use in technological terms27:
Generativity denotes a technology's overall capacity to produce unprompted change driven by large, varied, and uncoordinated audiences… Generativity is a function of a technology's capacity for leverage across a range of tasks, adaptability to a range of different tasks, ease of mastery, and accessibility.
Generativity may be designed into a digital architecture "through loose couplings across layers whereby innovations can spring up independently at any layer, leading to cascading effects on other layers."28
The book Designing Regenerative Cultures29 opens with this Albert Einstein quote:
If I had an hour to solve a problem and my life depended on the solution, I would spend the first 55 minutes determining the proper question to ask, for once I know the proper question, I could solve the problem in less than five minutes.
Generative identity is most definitely in the "determining the proper question to ask" phase. Let's start with the question — what do we mean by "self"?
The narrative self
Marya Schechtman argues that we each maintain numerous narratives in multiple contexts that evolve reflexively with our interactions30:
the complexity of selves is to be found in the multiple perspectives on our lives that we negotiate in living them, a complexity best understood in narrative terms.
The title of an article by Daniel Dennett31 puts it succinctly: Why Everyone is a Novelist.
Richard Sorabji notes that Schechtman stresses the continuing and interacting nature of an individual's activities — "talking, listening, walking, acting, having beliefs, desires, goals, intentions, thinking, being inconsistent, and vacillating."32 The narratives are mostly accretive, but may also on occasion undergo sharp change.
Identities are formed through narrative. Narratives are informed by interactions with others. Interactions are modulated by identities. In other words, there are no absolutes here. Nothing is concrete. Everything is agencement. An individual is an agencement with her narratives. A group is an agencement of individuals and distinct and shared and conflicting narratives.
Michel Callon connects these arrangings and organizings to the very potential to act and interact33.
[Agency] can neither be contained in a human being nor localized in the institutions, norms, values, and discursive or symbolic systems assumed to produce effects on individuals. Action, including its reflexive dimension that produces meaning, takes place in hybrid collectives comprising human beings as well as material and technical devices, texts, etc.
The next two paragraphs and the following quote are perhaps the trickiest elements to follow here, but I do my best to offer an explanation immediately after.
All conceptualizations of identity and their corresponding perceived manifestations entail minds working with information. Gregory Bateson pointed out that the learning in both instances develops as a hierarchic series "constructed by successive use of the word 'about,' or 'meta.'" Moreover, on considering "phenomena marginal to communications theory, similar hierarchies may be constructed by the piling up of 'change' upon 'change'."34
On seeking to contrast these — orders of learning, and contexts, and contexts of contexts — Bateson concludes that they could only be considered separate should the first be located inside the individual and the second located outside.
But in the communicational world, this dichotomy is irrelevant and meaningless. The contexts have communicational reality only insofar as they are effective as messages, i.e., insofar as they are represented or reflected (correctly or with distortion) in multiple parts of the communication system which we are studying; and this system is not the physical individual but a wide network of pathways of messages.
This finding explains Bateson's adoption of the term "ecology of minds". In plain terms, your brain and your mind are not the same thing. The brain is what's in here [taps skull] whereas the mind is a distributed, social phenomenon. The brain is biological. The mind is informational and inseparable from informational contexts.
In seeking difference and therefore similarity, inclusion and therefore exclusion, varying conceptualizations of identity may draw boundaries and boundaries of boundaries, with ready potential for apparent contradiction. (It would be more surprising if there were none, and such apparent contradictions keep those working on digital identity entertained in debate for very many hours!) Nevertheless, "the characteristics of the system are in no way dependent upon any boundary lines which we may superpose upon the communicational map."
At some moments in time, in some contexts, in some epistemologies, perceptions of boundary lines may emerge for those seeking epistemological insight or those labouring under some desire for some expressed mode of societal governance or organization, but this doesn't change the system because the system Bateson describes encompasses such learnings, such actions, and such contexts. They are part of the ecology.
The idea, discussed earlier, that SSI might delimit a clear boundary within which the sovereign has control is a case in point here. This isn't how the world works but rather how this interpretation of SSI would have it work.
Towards mechanism design
Evolution hasn't left us with innate facility for systems thinking — it just hasn't been core to our adaptation. And yet we are now the first species, that we know of anyway, to confront the need to cooperate as a species on a system of global scale.
Bateson argued that there are some conditions under which our current civilization and our environment might co-exist in a state of ecological health. In classic cybernetic formulation, and following Ross Ashby, he identified that there are varying freedoms and constraints (flexibility) of variables in a complex adaptive system by which we may realise societally valued outcomes in terms of ecological sustainability. He contemplated the need for either a "high" civilization or well-educated planners.
A "high" civilization is defined in part by its facility to maintain the necessary wisdom in the human population to understand the requisite variables and corresponding flexibilities. While I would never dismiss such aspiration, far from it, it doesn't appear to be realistic within the short time we have to reset the trajectory here35. (Being ignorant of everything other than my own infinitesimal niche, how arrogant would it be to require everyone else to learn my expertise given I have insufficient bandwidth to learn theirs? Or is that proposition itself arrogant?)
While not offering similar doubts explicitly, Bateson leaned towards the well-educated planners route — a.k.a. mechanism design — approaching system design such that its operation by and corresponding incentives offered to those involved are such that the system trends towards a desired state. Mechanism design has traditionally assumed rational participation (homo economicus) but increasingly encompasses understanding of our irrationality assembled under the rubric of behavioural economics, becoming known as behavioural mechanism design.
Entertaining behavioural mechanism design here raises the question:
Are some conceptualizations of identity (boundary drawing and redrawing) more conducive than others to the recovery and maintenance of ecological health, to generativity?
In overly simplistic but perhaps more memorable terms, could people more readily self-identify as astronauts on Spaceship Earth36?
We have then arrived at the first principle for generative identity based on the imperative to support continuous ecological adaptation.
Generative identity principle: Change. Generative identity facilitates and maintains freedom of application, freedom of agencement, and freedom to revise generative identity.
As Buckminster Fuller anticipated in I Seem to be a Verb37 and as I've tried to explicate here, who I am encompasses a constant flux of informational diffusion and intermixing, interfacial constructions and experiences, continuously revised narratives, arrangings and organizings.
In my webinar for the SSI Meetup I distinguish between noun-like and verb-like conceptualisations of identity. The noun-like are unchanging by design — think of those developed for the legal bureaucratization of identity (e.g. birth certificate, passport, national ID card, social security number, Aadhaar identity number), those based on permanent physical features (e.g. fingerprint, face recognition), and those inventions vying to achieve similar permanence or based on such permanence (e.g. Facebook ID, Telegram passport).
The primary characteristic of verb-like conceptualisations is their accommodating and enabling change. They haven't been a focus of the digital identity community to date. Indeed, the verb-like conceptualizations, while in fact dominant in everyday life, appear to be so far removed from technologists' beliefs and understanding of how identity works in the world and from how digital technologies have developed to date that I find many have a hard time grasping that such conceptualizations even exist. Sociotechnologists on the other hand get it pretty quickly if not immediately given their interdisciplinary focus (see Web Science).
Noun-like identity conceptualizations lack adaptability by design. By deep existential contrast, generative identity is essential to psychological, societal, and ecological health.
Generative identity principle: Co-constitution. Identity and relationships and information are reciprocally defining and co-constitutive.
After Margaret Wheatley38, identity is the sense-making capacity of organizing. It is of the selves that organize and the self that gets organized. Narrative in nature, identities assemble in relationships involving and producing personally and socially material information.
Relationships are the pathways for organizing, required for the creation and transformation of information, the expansion of the organizational identity, and accumulation of wisdom. Relationships are formed with information exchange between identifying / identifiable entities in identifying / identifiable organizings.
Information is the medium of the organizing. Life uses information to organize itself, i.e. when a system assigns meaning to data. Information is contextual to identities in relationships.
But this doesn't appear from my experience to be how many computer scientists and software engineers think. The design principle of separation of concerns has served the discipline and profession well to date ‘lower in the stack', but its application ‘higher in the stack' where human identity is involved and complex adaptive systems reign must be subject to constant challenge. A presentation at this summer's DWeb Camp for example proposes that data and identity be considered orthogonal to / independent of each other39. To be fair, although an indictment of itself, the conceptualisation of identity adopted in the presentation remains completely undefined. This is also not unusual. The idea that identity might be anything other than noun-like, to use my terminology here, and anything much more advanced than the substitution of a cryptographic key for tangible ID appears not yet to have entered the mainstream conversation.
By corollary of the principle of co-constitution, we arrive at ...
Generative identity principle: Omni-directionality. There can be no distinction of input or output — any data flow may have reflexive consequence.
By way of a trivial example, there is a connection between the series of novels known as Harry Potter and the writer J. K. Rowling. Each 'contributes' information to the other.
There is also a connection between the book The Cuckoo's Calling and the writer Robert Galbraith. In this instance, the connection to the book was all that was known about the writer. It defined Galbraith.
Of course, authoring a book is a big undertaking, and I want to stress that the same goes for the smallest most fleeting actions and inactions.
Generative identity principle: Friction. Friction is an important system property in any system, including generative identity.
We learned subsequently of course that Rowling wrote under the Galbraith pen name. The identity Robert Galbraith still exists at the time of writing, but when operating with a noun-like conceptualisation of identity we might say that it is absorbed into Rowling's and Galbraith is demoted to a mere known pseudonym.
Such collapses occur naturally but the rate at which collapses may occur when subject to deliberate programmatic techniques (correlation) is a concern. In the SSI webinar, I note that friction is an important system property. Failure to re-engineer appropriate frictions in our sociotechnical system may lead to very poor social outcomes. Existing work done in the name of SSI may prove useful here (baby, bathwater), and I also believe this will likely require a blend of legal and technical codes and appropriate revisions of social norms.
Given the co-constitution here, it's not surprising that a concern for correlated identities applies equally to correlated relationships and information. Take this fairly recent assertion40:
Decentralized identity systems must allow us to present claims we make about ourselves (now called self-attested), but must allow us to present claims that express things others say about us too.
What's not to like about this additional feature?
Well, let's assume that we consider the idea of the Chinese "social credit" system — a state surveillance system seeking to standardise the assessment of citizens' economic and social reputation — an affront to individual freedoms many in the West hold dear. Now imagine that anyone in the West can present claims that express things others say about them. I suggest that you, just like almost everyone else, will see self-interest in, for example, porting your eBay seller rating to your Airbnb host profile. Instant reputation! And in fact it soon becomes a qualifying expectation (structuration). Everyone's rational self-interest works against our collective best interest, and an equivalent "social credit" system forms by emergence almost as quickly as the Chinese deliberate action and perhaps all the more efficiently.
SSI experts may clamour here to point out the ways in which the associated technology does not set up this up. I will if I may just reiterate the point that we're all working in a sociotechnological environment, not merely technological, and therefore with structuration not just atomistic individuals.
If we can procure omni-directionality with appropriate friction, we will be well on the way to living up to the final principle in this draft list ...
Generative identity principle: Non-universality. One can have generativity or universality but not both.
Or to put it another way, the only universal attribute of generative identity is that it does not trend toward universality. It must have a proclivity for mutation by design, which also requires it to be resistant to homogenising network effects. Generative identity is a set of principles that may be instantiated in different ways by different cultures, different collectivities, different societies, at different times.
I appreciate that this one is going to be difficult for some people to accept, especially those technologists working without the socio- prefix. If it helps any, you'll appreciate that mutual understanding crystallises as needed in a context and fades as and when attentions are directed elsewhere. This is perfectly natural. Now swap out "mutual understanding" for "interoperability".
Generative identity at the AKASHA Foundation
AKASHA's purpose demands systems thinking, especially systems ecology and the interdisciplinarity of web science, if not transdisciplinarity (emphasising holism and synthesizing new bodies of knowledge with which to address complex systems problems41).
In the spirit of our purpose, and from simple necessity, our purpose can only be pursued in cooperation with many others, and that clearly includes the identity ‘problem space'. We're excited to be playing a part, ready for conversations and collaborations.
As you might imagine, even if you're not familiar with the term, the concept of "identity provider" isn't exactly compatible with the generative identity principles. But perhaps we may provide for holonic provision. Do keep an eye on the AKASHA blog for updates.
I've noted that the conceptualisation of generative identity remains embryonic. We're only at the stage of determining the questions. Surely one of the biggest question marks must be the ease with which noun-like and verb-like conceptualisations might co-exist. Perhaps there's a future in which only the latter are necessary, but a co-existence will be required for some good time to get us that far.
It could be that the noun-like require entirely different protocols to the verb-like, and rigorous effort is made to design appropriate and enduring sociotechnological constraints to prevent the otherwise inevitable noun-like creep.
Or perhaps a particular quality of verb-like instantiations enables it to stabilise in similarly defined rare exception. I was presented with a word I didn't previously know in a recent conversation with Jonathan Donner — gerund — a verb form which functions as a noun. Who knew?!
Either way, at some point we have to answer the questions ... Who decides? And who decides who decides? These questions are usually invoked to note a weakness in the system. In this context however I also find some comfort in the presumption that it will be humans at least. Let me explain by way of finally bringing this post to a conclusion.
One way or the other
I'm guided by fragmented glimpses of historical events, and I take inspiration from the complexity of nature and our growing appreciation for the nature of complexity. I am then enthusiastic for the sociotechnological potential here, celebrating humanity, realising intelligences that would otherwise remain hidden, and creating regenerative cultures and systems.
Equally, I'm alarmed at the potential for psychological, societal, and ecological harm should these draft principles of generative identity not be developed and instantiated in abundant combinations of generative legal and technical code and societal norms. I cannot conceive of a neutral alternative … at least I cannot perceive any clues from nature for such. The alternative is degenerative — tending to decline and deterioration.
Psychologically, our freedom of narrative will be eroded leaving only enumerated subjects of network control42, or indeed "abjects" more than subjects or objects43. In some contexts, physical safety will be the individual's primary anxiety.
Societally, political doctrine is more likely to be rendered into technical form. "Politics does not circulate just through the flow of ideologies or rationalities of government, but through diagrams, instruments and practices."44 Foucauldian disciplining will be writ large, with a "normalizing gaze, a surveillance that makes it possible to qualify, to classify and to punish"45, at which point the design problem becomes "to design and redesign the User itself in the image of whatever program might enroll it."46
Ecologically, we won't be participating as nature, we won't be co-evolving with the whole system. Rather, we will have become locked rigid together or rigid apart. The structure, having subsumed agency, will crash into natural systems with ever greater force until they can no longer sustain us.
In welcoming all conversation and debate about SSI and generative identity, may I invite any ongoing champions of SSI to articulate how it might not contribute to such tragic outcomes let alone help avoid them. That is likely more than has been asked of SSI to date, but then this has got to be a good part of the question.
- Dissent on Aadhaar: Big Data Meets Big Brother, Reetika Khera, 2018
- Key Differences Between the U.S. Social Security System and India’s Aadhaar System, Kaliya Young, 2019
- The difference between digital identity, identification, and ID, Jonathan Donner, Caribou Digital, 2018
- Sovereign Source Authority, Devon Loffreto, 2012
- The Origins of Totalitarianism, Hannah Arendt, 1951
- Target 16.9, Sustainable Development Goals, 2015
- The Age of Surveillance Capitalism, Shoshana Zuboff, 2018
- Surviving the Holocaust: Socio-demographic Differences Among Amsterdam Jews, Peter Tammes, 2017
- Microsoft’s Vision for an Identity Metasystem, 2005
- The Laws of Identity, Kim Cameron, Microsoft, 2005
- Identity is in the eye of the beholder, Steve Wilson, 2013, at archive.org
- 7 Myths of Self-Sovereign Identity, Timothy Ruff, Evernym, 2018
- Project VRM Harvard Mailing List, Adrian Gropper, 2019
- Let’s find a more accurate term than ‘Self-Sovereign Identity’, Kim Cameron, 2018
- An Ecology Of Mind — A Daughter’s portrait of Gregory Bateson Directed by Nora Bateson, 2015
- On Sovereignty, Phil Windley, 2016
- Schutte’s Critique of the Self-Sovereign Identity Principles, Matthew Schutte, 2016
- The Constitution of Society: Outline of the Theory of Structuration, Anthony Giddens, 1986
- A Thousand Plateaus, Deleuze and Guattari, 1980
- Agencement/Assemblage, John Phillips, 2006
- Ibid 18
- Project VRM Harvard Mailing List, Elizabeth Renieris, 2019
- The interpersonal data at the heart of all human digital systems, including markets, Philip Sheldrake, 2019
- See the AKASHA Foundation’s purpose — https://akasha.org/about/
- Shifting from ‘sustainability’ to regeneration, Bill Reed, 2007
- Cradle-to-cradle design, Braungart, McDonough, Bollinger, 2006
- The Generative Internet, Jonathan Zittrain, 2005
- The New Organizing Logic of Digital Innovation, Yoo et al, 2010
- Designing Regenerative Systems, Daniel Wahl, 2016
- The Narrative Self, Marya Schechtman, 2011
- Why Everyone is a Novelist, The Times Literary Supplement, Daniel Dennett, 1988
- Self: Ancient and Modern Insights about Individuality, Life, and Death, Richard Sorabji, 2006
- Economic Sociology, Michel Callon, 2005
- Steps to an Ecology of Mind, Gregory Bateson, 1972
- Global Warming of 1.5°C, United Nations IPCC, 2018
- Operating Manual for Spaceship Earth, Buckminster Fuller, 1968
- I Seem to be a Verb, Buckminster Fuller et al, 1970
- A simpler way, Wheatley and Kellner-Rogers, 1998
- Rethinking decentralization, Peter Wang, 2019
- Ibid 14
- Defining Terms for Integrated (Multi-Inter-Trans-Disciplinary) Sustainability Research, Paul Stock and Rob Burton, 2011
- Networks of control, Wolfie Christl and Sarah Spiekermann, 2016
- (Why) Technology is Costing Us Agency, Umair Haque 2018
- Political machines: governing a technological society, Andrew Barry, 2001
- The Birth of the Prison, Michel Foucault, 1975
- The Stack, Benjamin Bratton, 2016