One of the most intriguing uses of the blockchain may be the enhancement of identity solutions.
As we know, the blockchain offers enhancements over current mechanisms for creating and storing digital identities, such as security and resilience built in by design, a greater ability to control the uses of encrypted information, and the ability to provide standardization across a range of legacy IT systems. But what does this actually mean for identity applications in different industries?
A lot, actually. Identity validation for internet applications is a persistent problem. As the New Yorker cartoon famously says, “On the Internet, nobody knows you’re a dog.” Yet as we have seen, the use of fraudulent identity on the internet leads to mistrust in electronic transactions, a mistrust of the identity of individuals and organizations posting materials to social media, crowdsourced reviewing applications, and other sites, and an inability to take forward applications such as internet polling and voting.
The Obama Administration’s “National Strategy for Trusted Identities in Cyberspace” (April 2011) sets our four guiding principles for digital identity solutions. They must be:
- Privacy-enhancing and voluntary
- Secure and resilient
- Cost-effective and easy to use
Blockchain-based identity solutions meet all of these criteria. While being secure, resilient, and interoperable, because of the individual control over identity, they are also privacy-enhancing and voluntary; and blockchain companies are making them cost-effective and easy to use.
Beyond just internet applications, how would blockchain-based identity solutions approach harder challenges? One emerging challenge is the ability to authenticate devices on the Internet of Things. Blockchain-based identity applications are ideal for this application. Identity solutions that enable identity to be transacted securely and privately by individuals can do the same for machines, and given the “fat layer” of the blockchain (meaning that most of the computing power and programming needs are in the blockchain itself, not in the application) IoT devices can authenticate identity at low cost and low computing burden. Indeed, the U.S. Department of Homeland Security gave a research and development grant to a blockchain infrastructure and consulting company in early 2016 to explore exactly this application.
Private transactions are one thing, but how about interacting with the government? Blockchain-based identity applications offer advantages here as well. First and foremost, because individuals hold their own identity information, identity can be validated through blockchain applications without the government holding vast stores of identifying information. Instead, the government can specify through regulations or other requirements what identity information it needs to validate in order to permit certain uses, such as entering a government building or applying for a license or permit. The individual then enters into a voluntary identity transaction, agreeing to reveal the required identity information and/or have that information validated against other sources in exchange for the benefit or service (or not). The government receives the assurances it needs concerning an individual’s identity, while the individual keeps control of his or her information.
So what needs to change in order to enable this functionality? Arguably, it’s not wholesale changes to laws and regulations, but rather interpreting guidance concerning the applications of statutes such as the Privacy Act of 1974, the E-Government Act of 2002, and the Electronic Signatures in Global and National (ESIGN) Commerce Act of 2000. It’s also the construction of government systems for effectively interacting with blockchain-based identity solutions.