Decentralized identity standards can solve Facebook’s problem
Facebook “owns” two billion people’s digital identities.
Facebook is plagued with problems and announced it had been keeping millions of user passwords in plain, readable text on an internal server that employees had access to. Recently several states’ attorneys general gathered in Washington D.C. to plan action against the tech giants — including Facebook — for privacy practices and massive collections of personal data that give them a huge advantage in online advertising.
{mosads}The social media platform lies between you and your “friends,” as well as news sources you rely on. By inviting you to “login with Facebook” they have situated themselves in the middle of a myriad of interactions between you and other web and mobile applications. This invitation to login with their service means they become your “identity provider.”
This is not innocuous.
You have an inherent identity as a human being with a name — likely a few names for different contexts — and you use those names to interact across dozens of different arenas in your life.
For instance, your Instagram account may reflect your passion for gardening while your Twitter handle is connected to your professional work and you use Facebook for personal friends in your neighborhood. Everyone does it differently.
For 15 years I have advocated for the rights and dignity of our digital selves by supporting the emergence of open standards. These standards empower individuals to own and control their own digital identities without application providers, telephone companies or governments acting as intermediaries.
Now under criminal investigation in New York for data deals, Facebook prompts our own additional questions about the power and control of Facebook’s algorithms and what they allow to be posted on the site.
This is at a time when Rep. Alexandra Ocasio Cortez (D-N.Y.) and Sen. Elizabeth Warren (D-Mass.) claim Facebook creates a democracy problem. When Sen. Warren posted videos questioning Facebook’s power, the videos were taken down. It made her point that they have too much power to censor discussion on social media.
This touches on the deeper question: Why have we allowed one private company to own and control so many people’s digital identities and to be intermediating so many transactions?
As WhatsApp and Instagram will be merged with Facebook messenger, this further consolidates the control these platforms have over each individual’s data. The move will enable Facebook to collect even more data about people across even more contexts, creating massive super profiles.
In 2012 President Barack Obama’s administration published a Consumer Privacy Bill of Rights. As a result, a range of legislative proposals are pending, including providing transparency in advertising. The Federal Trade Commission is being called on to enforce violations of its 2011 consent decree with Facebook.
None of these efforts address the root issue: that our digital identities in these architectures are owned and controlled by private companies. That means our right to exist in the digital realm is subject to their terms and conditions. Our digital selves can be terminated, and we have no-recourse.
This is true in the phone system as well; we rent our phone numbers from the phone company and if we don’t pay our phone bill for a certain deadline, we will lose our numbers. Until our digital identifiers (the way we connect to others digitally) are owned and controlled by us, we can’t be free people in cyberspace.
While many are engaged in hand-wringing about the over reach of Facebook, a solution to the problem of Facebook exists. The Internet Engineering Task Force founded in 1986 is a technical body that created and stewarded the open standards that serve as the basis of the Internet and its ongoing evolution.
Open standards for decentralized identifiers and verifiable credentials are needed to disrupt the stranglehold the big 10 Internet companies have as “identity providers” worldwide.
We use thousands of open standards everyday as we access the cyberspace. Most you may not have heard of, but some are obvious like HTML and CSS for the presentation and display of web pages (standardized in the World Wide Wide Consortium or W3C that defines web standards), or SMTP, the standard protocol for transmitting email from point to point.
The path forward involves mandating that Facebook and other social media services adopt these open standards giving people control of their own identities and identifiers online. This will open a new playing field of competition for social applications and services that are not Facebook, but ones built to meet the needs of unique communities of interest and local communities.
Organizations and individuals are working to formalize these open standards in the W3C. Decentralized Identifiers are a new form of identifier that the individual generates, owns and manages using software under the individual’s control, not a corporation’s or government’s.
This will happen via applications on your phone that help you manage your decentralized identifiers. You can have dozens or hundreds. The user experience will feel a lot like using a digital wallet with different cards in it for different contexts.
But what will be different is activity under the hood by rooting control with you via decentralized identifiers and the underlying public key cryptography. This gives you the ultimate control of your identifiers, rather than the way it works now — with control of your identifiers with commercial entities or governments.
These identifiers can serve as the basis for health-care institutions, educational institutions, governments, businesses and others to issue digital verifiable credentials that you can control. In the same way you manage the cards in your physical wallets, you can manage verifiable credentials in your digital wallets.
In November, the Department of Homeland Security, Science & Technology and the Silicon Valley Innovation Program announced requests for proposals to grant startups up to $800,000 for technologies that use these open standards and solve government use cases.
With broad adoption, these open standards for decentralized identifiers can provide a complementary alternative to conventional regulation to address the Facebook problem.
They will give individuals and communities the ability to connect to each other on their own terms without Facebook being a required intermediary because it owns their identities.
Render to Facebook what is Facebook’s, but to each person their own identity.
Kaliya Young is a New America India-U.S. Public Interest Technology fellow, author of A Comprehensive Guide to Self-Sovereign Identity and founder of IdentityWoman.net.
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.