One of the most frustrating things for those of us that have been working in the decentralized identity space for years is the level of confusion that surrounds it. We can’t even agree on what to call it. Is it self-sovereign identity, decentralized identity, identity 3.0, or (how I think of it) self-sovereign data exchange? So, in this blog post I wanted to quickly correct three misconceptions that I frequently run into when talking with non-natives.
1) Decentralized identity is not a technology
And specifically, it’s not blockchain. This seems to be a common misunderstanding. Decentralized identity is a concept, or an architecture, or maybe even a philosophy. What it is not, is a technology. A decentralized identity solution can be built on a wide variety of technologies that are vastly different. It is becoming a set of open standards, underpinned by open-source implementations, which is helping to speed up adoption. The w3c DID specification allows for a variety of endpoints from distributed ledger technology to traditional public key directories, and even websites.
2) Decentralized identity does not mean everything is decentralized.
In fact, I would argue that not much changes for the data or identity provider, the only difference being their ability to credentialize (or tokenize) the data in such a way that it is fully portable, can be stored in a digital wallet, and verifiably exchanged-with and trusted-by a relying party. It’s the consumption of the data that is decentralized, the issuing is pretty much business-as-usual; with the upside that the issuer (data provider) no longer needs to worry about relying parties bothering them with verification requests.
3) Decentralized identity is about more than just identity.
I got attracted to self-sovereign identity not because of “identity” but because of “self-sovereign”. This interest stemmed from 20+ years working on AI, specifically on personalization and recommendation systems, and recognizing that we had significant challenges with how we source personal data and the ethics of what we do with it. Self-sovereign identity and verifiable credentials flipped the power dynamic on its head, and also proposed some really interesting new ways of building safe and ethical data exchange networks. Now I am not suggesting that verifiable and trusted identity is not critically important, just that it’s the basic table stakes. What is really exciting about self-sovereign data exchange is the transformative potential of giving people agency over their own data and allowing them to selectively share with third parties in a way that is safe, privacy-preserving, data-minimizing, verifiable, machine readable, trusted, and peer-to-peer at the edge of the network. This type of data exchange untaps huge value for individuals, organizations, and governments, while protecting individual rights and privacy.
Marie's Ramblings & Ruminations 