The Meta-Crises and Digital Identity
An inflection point
For the past month or so, we have all been quite focused on the unfolding events in Israel, Palestine and the surrounding area. In some sense, this is obvious and necessary. The situation is monstrous and presents a real and present danger to escalate uncontrollably. In another sense, however, this is another episode of a dangerous addiction: after all, what can this attention actually do? The world is a broad and complex place and there are many, many dangers. If we insist on hopping from one crisis to the next, myopically squinting at wicked problems with no solutions, nor even any capacity to produce solutions, we will simply be emotionally exhausted observers as the meta-crisis plays its way into the abyss.
Taking my own medicine, I forced my attention away from the middle-east and looked around for timely, high leverage issues where we might be able to establish some kind of steering. The issue I landed on might at first seem rather esoteric and uninteresting. And yet, I believe that we are nearing an inflection point in our navigation of the “meta-crisis” and would like to raise an alarm. From where I sit, it appears that we have perhaps as little as a year to organize and act to secure what is, in fact, a crucial piece of strategic territory: Digital Identity.
Given the urgency, the implications and the nuance of the subject, I would like to take a solid fifteen minutes of your time to lay out why I think digital identity is important, why I have come to the conclusion that the time for action is now and what I propose might be a valid strategy in the present moment.
What is digital identity and why is it important?
For the purpose of simplification, I want to make a distinction between “self” and “identity”. Your self is who you are in a fundamental sense. Your soul. It is both the subject and object of your real, human, intimate, relationships.
Your “identity” is who you are in a social, formal, institutional sense. It is an abstraction by which you come into relationship with societal institutions: social, cultural, political, economic, legal. Your bank can’t come into intimate relationships with your self. It can’t get to know you and befriend you. Nor can your school or hospital or election office. The *people* at the bank and the school can, but not the institutions themselves. Instead, they “connect” with your identity by means of some set of processes and statuses or rights. Your school might locate you by means of your name and address and then load that identity with your “permanent record”. The DMV might combine your name and address with a biometric like a photograph and then associate that identity with your rights to operate motor vehicles. Your bank might use some other identity artifacts like your social security number and your drivers license and then attach that to your money and your rights to access and use that money.
Establishing a strong (i.e., hard to fake) process for uniquely identifying a person, for establishing that they are who they say they are through time and for distinguishing them from all other people, has become a foundational technology for our social/institutional relationships. The more complex your society and the farther away its central institutions are from real relationships, the more important identity becomes. Ours is a very complex and very inhuman society.
Those of us who have studied the digital have known more or less from the beginning that a day would come when the many different forms of identity that emerged in the analog social environment (e.g., SSN, birth certificate, credit card, drivers license, etc.) would ultimately be converged toward a foundational digital identity. For exactly the same reason that Netflix, Craigslist, Amazon and TD Ameritrade replaced Blockbuster, classifieds, brick and mortar and your stock broker, the grab bag of our analog identities has been destined to be replaced by as few as a single, efficient, so very efficient, digital identity.
The major tech companies have long struggled to “capture” you by means of the efficiencies and services that can be brought to bear with a single digital identity. Apple, Microsoft, Google, Facebook — all have recognized the power of being able to use a “single sign in” identity to give access to myriad services and then to load that identity with as much ‘value’ as possible so that you will continue to attach your attention and money to it. Notice how in this dynamic the relationship between self and identity has been reversed? That your self is increasingly subordinated and addicted to the ‘value’ attached to your identity? This is more than mere happenstance.
For a long time, the tech kingdoms have been squabbling among themselves and for relatively minor aspects of identity. But as software has continued to eat the world, the power associated with digital identity has continued to escalate. Its one thing to control access to your email account or your Xbox. It’s another thing to control access to your money or your ability to vote.
Obviously, when we get to these stakes, the State and its fiedoms very much enter the game. The State will not easily give up its position in identity, and may very well retain that position in the transition to digital. Thus far, the asymmetries of power (e.g,. tech is much more competent in this arena and generally owns new functions; the state has the police power and owns crucial legacy elements) and the complexity of the landscape have left the spot of “king of the hill” unoccupied. As I’ll explain below, we are at long last getting to the end game. But first, a bit more on why it is so important.
Simply put, identity is the commanding heights of social power. Your identity is the means by which you access the resources of the institutional world. Have your identity stolen, and you’ll understand exactly what I’m talking about. As that identity goes digital, more and more of your life will flow through it and all of this will become data for “the algorithm”. In just the same fashion that digital advertising is orders of magnitude more powerful (and insidious) than old fashioned newspaper or TV ads, the powers of digital identity (including digital money and digital politics) are of a different order. As the CCP knows very well, control over these flows is the most powerful form of social power that has yet been devised.
I want to emphasize that none of this requires bad intent. No conspiracies needed. Simply the observation: if we have a tool, we will use it. Digital identity is powerful. And power will be used. It is not a question, for example, of whether our social future will be influenced by some kind of social credit system. This is as inevitable a consequence of digital identity as spam is a consequence of email or political parties are a consequence of democratic process. The question is the governance and architecture of that power. There are some futures of digital identity that are technofascist dystopias. But there are others that present quite a different, better, possibility. Ones where that same power leads to increasingly free and sovereign selves. In the last section of this piece, I’ll lay out a design and a process for the better future.
But first we have to come to terms with timing. For the moment, both futures are available. But the window is closing quickly.
Why is this inflection point coming now?
Watch minutes 2:58 to roughy 6:00 of this discussion with my friend John Vervaeke.
With AI we have crossed an important Rubicon. Among many other things, AI presents a catastrophic threat to our current capacity to make sense of the world together.
Soon, perhaps as early as months from now and likely within single digit years, we will be in a world where AI can:
Pretend to be you. Either in static format like a recorded video of you saying or doing something that you didn’t do; or in a dynamic format like a phone call to you friends or family. This can and will be used for both profit (scams and cons) and power (psyops).
Fabricate reality. We are already beginning to see our ability to rely on image and video “proof” of events soften. As AI proceeds, we run a real risk of not being able to believe anything in the media.
Pretend to be human. A flood of bots that can speak and write as well as any human and soon thereafter will be able to engage in realtime interactive video. Scientific papers written by AI with layers deep citations also written by AI. News stories written by AI pointing to deep fake videos. You get the picture.
Combine the above with a superhuman capacity to access and use all of the information currently anywhere on the internet (including the many many hacked databases floating around the “darknet”) to produce a level of “social hacking technology” far beyond what we have thus far seen.
Our existing sensemaking systems, built almost entirely in and for an analog environment, simply aren’t up to this threat. Moreover, in the context of our local culture wars and the larger geopolitical unipolar/multipolar struggle, there is already a tremendous amount of effort put towards controlling the frame, shaping the narrative and winning memetic / network wars. All in, as John says, we may find ourselves in downward spiral, losing access to any grasp of “what is real” beyond the reach of our physical environment.
Modern society simply cannot function in this context.
The rise of AI presents a swiftly emerging crisis and as we know all too well, the powerful understand crisis as ripe opportunity.
The solution to to the AI problem grounds out in three specific capabilities:
We must be able to reliably distinguish between an authentic human and a bot.
We must be able to reliably trace each and every piece of content to a specific point of origin (this is called “provenance”). For example, we must be able to be certain that a given video was created by some particular creator (human or otherwise) and has not been modified.
We must be able to durably attach trust and permissions to virtual/digital identities that provably are tied to the same real identity over time. For example, if I trust you, I have to be certain that the next time I interact with the identity that I associate with you, that it really is still you (i.e., it hasn’t been stolen or sold).
In other words, the solution to the problem of AI deep fakes is digital identity.
And so, with AI providing the emergency necessary to force everyone’s hand, the question of who owns the design and governance of digital identity is now quite present. The game is afoot.
In the video, John defaults to the expectation that the government will succeed in taking this position. This is a perfectly reasonable expectation. Governments, who have been building digital identity systems for decades and have recently been alluding to tying them to their central bank digital currency initiatives will, of course, have both reason and motivation to accelerate their efforts. In fact, just a few days ago, the EU announced a significant move in this direction. However, I do want to point out that this end isn’t perfectly assured. There are three kinds of groups that are currently in a position to make a run at this.
The State
A handful of tech Oligarchs.
A decentralized grass roots movement grounded in the blockchain.
Obviously, the State will want to own and control digital identity. And it has some important advantages — most notably the fact that it currently controls very important pieces of existing identity and that it can force people to do stuff. However, don’t count out our Oligarchs! The State is vastly less competent in this arena and suffers historically low confidence and legitimacy from the public. Moreover, this new power (determining what is *real*) is simultaneously more important than anything currently controlled by the State; is novel, unclaimed territory; and first mover has already been ceded to the Oligarchs (fact checkers, anyone?). Though it has thus far been a Madisonian battle of checks and balances, every aspiring Napoleon among our Oligarchy can see a real opportunity to seize the crown.
Regardless of whether the die is cast in favor of the State, some Oligarch or a techno-fascist combination, I would like to propose that none of these scenarios is good. Even if you’d like to believe that the Government is broadly well intentioned (!) or that old Sam or Elon is an enlightened Prince in the waiting (!!), the end result of their efforts will take us to a dark place because they have neither the incentive nor the intuition to create this technology using the right architecture.
And, in a very deep sense, architecture really is destiny.
A centralized system intrinsically concentrates power. Centralized points of control and/or governance are like a lake at the bottom of a mountain valley: regardless of where the rain falls, the water all ultimately flows downhill. This is what happened with Web 2.0, and we all know how that turned out. If digital identity follows in the footsteps of Web 2.0, this is a path towards the dystopian future.
By contrast, a properly designed decentralized system intrinsically distributes the power of digital identity to the people and provides a path to a much more optimistic future. This is the spirit of the early Internet. It’s not impossible, but it does require a different sense and source of agency than we have grown used to over the past two decades.
To be sure, the dystopian future is our default path, but neither in principle nor in practice is it the right or inevitable one. In principle, we must insist that your identity belongs to you. Not to the State and definitely not to the Oligarchs.
This is directly connected to the notion from the Declaration of Independence:
“That to secure these rights, Governments are instituted among Men, deriving their just powers from the consent of the governed.”
The State might like to pretend that it owns the right to establish your identity, but it doesn’t. It has (temporarily) borrowed these powers from you and you have every right to take them back and deploy them yourself.
In practice, we need a third horse in this race. One that is using the right architecture and one that has at least a colorable chance to compete with the State and the Oligarchs. Ideally, of course, this horse will win and I will argue below that this is entirely possible. Less ideally, but still far better than our current trajectory, the threat of the dark horse will force the values of decentralized and user-controlled identity into the designs of whoever happens to win the race.
The technologies and approaches developed and tested in the crypto community are our best dark horse. They have been hammering away at a big chunk of the set of problems that need to be solved and are as yet controlled by neither the state nor the oligarchs.
If you have a high degree of skepticism around crypto and the “crypto bros”, I don’t blame you. But let us not forget that every tool is subject to abuse. More, let us not forget the extraordinary degeneracy of every one of our social institutions. If we understand the rampant greed and grift that suffuses every aspect of our current culture, it is not surprising to see a new approach to money abused by greed and grift.
Nonetheless, when we look at the problem of decentralized digital identity, the solutions that have been *battle tested* in the crypto space are by far our best possibility. Remember, the original genius of Bitcoin was precisely how to produce reliable provenance in the state of a database in spite of an otherwise low to zero trust environment.
Satoshi’s solution has turned out to be extraordinarily robust. In essence the market cap of Bitcoin has been an open bounty available to anyone who could find a way to hack or crack that trust mechanism. Nearly 15 years later and with trillions of dollars at stake, Bitcoin has been able to reliably ground the provenance of each and every transaction on its blockchain.
If you’d like more on this, Eric Schmidt and Sergey Nazarov (co-founder of Chainlink) discuss the issue along more or less the same lines as I am here in this conversation.
Let’s use that possibility. Let’s tap into this community and task them with restoring our sovereignty over our own identity.
Below, I will lay out a sense of the design requirements for a proper solution. This design spec is a first cut gesture. If we want to do this right and quickly, we are going to need to collaborate. So then a strategy on how we might tap into enough critical energy to get to the end goal in time.
Design Requirements
Complete ownership and control of both data and permissions must be held by individuals themselves. In particular, it must be impossible, in principle, for the “governance mechanism” of the system to give your data to anyone without your permission. Neither greed nor coercion can force the system to divulge information.
Highly compartmentalized and decentralized data storage so that no attack can access any meaningful data.
It should be a hyperstructure, not an application. An open service that many/any application can use but not tied to any specific application or any single blockchain.
Transparent and open. All of the above must be auditable by anyone who cares to do so.
Strategy
Here is the good news: the State and the Oligarchs have not been alone working away on their visions for digital identity. While “team freedom” has definitely been an underdog tooling away in the proverbial garage, it has not been idle. We currently have a minimal viable architecture that is within striking distance of satisfying the design requirements above in a fashion that is scalable and usable across a wide variety of use cases right now. All it lacks is scale, resources and some polishing.
Fortunately, in a digital age, *this* is a problem that is relatively easy to solve. In principle if the notion of decentralized digital identity “goes viral,” we could have a billion people from hundreds of different nations in a decentralized digital identity platform in days. Even if only those folks who have watched Rich Men North of Richmond decided to stick it to the “Rich Men” by taking back their digital sovereignty, the dark horse would leap from the shadows into first place and *we* could begin to dictate terms to the bureaucrats and the oligarchs. Consider that: possibly the most important piece of strategic territory in the world today could be seized from the jaws of defeat simply by doing little more than watching a YouTube video.
If we can’t manage to do that, perhaps we really don’t deserve sovereignty.
So, what does this look like?
I’m most familiar with the approach taken by my friends at the THE Foundation Network (https://foundationnetwork.org/). I know the key people on the project and have personal comfort with their integrity and intent. Bob was recently interviewed on the Jim Rutt show here. They discuss the architecture and governance of the system. It appears that they have designed a system that meets the above criteria, you can listen in and draw your own conclusions.
The simplest step: if you feel comfortable, you can create an identity with THE Foundation and share the good news with your friends and followers. A good approach would be to link your Twitter handle with your identity and show Elon how it should be done. See my version here (https://twitter.com/jgreenhall).
Warning, the UX is clunky and the the details of their technical approach and implementation are above my pay-grade. So —
If you have the technical capacity and understand the domain, contribute your discernment and perspective. Look at their approach, identify any meaningful flaws and if you can, propose solutions. You can do so as a comment here or on their discord.
If you really want to step-up — volunteer to help. This is an all-hands-on-deck effort and they (we!) can use all the help we can get (go to the discord for that).
If you have intimate understanding of the space and feel that an alternative solution is decisively superior, make your case here or on the above discord. I’m dead serious — the decentralized world doesn’t have time to squabble over which solution gets to be the best one to lose. If there is a better solution, bring it.
The key here is that simple adoption of a solution that has the right design primitives changes the shape of the race. We are just entering the next “crypto spring” — if a properly architected crypto digital identity solution is able to muster small digit millions of users in the run up to that spring, this will be like a “gravity slingshot”. Those absurd resources that have been tied up in crypto will be oriented towards something useful and, with digital identity secured, we can begin the slow process of building the new institutions that we so badly need to do more than simply watch the meta-crisis burn.
Hello Jordan,
I've been following your work for awhile. For me, this article (call to action) points to a practical application/expression of the concepts you've been sharing for many years now. Thank you.
This is how I see it currently...
The hyperstructure should be able to push all self-interested parties (the state, big tech, ...) to the edge, where they are all on the client side of any such identity system.
The decision to collaborate or transact with a certain person or organization (as proven by the digital identity) should be done dynamically on the edge (the client side).
You are free to disclose a certain part of your digital identity to a certain party (person or organization), when you decide to.
You can make parts of your identity visible to anyone, when you decide to.
Most services (those who are not government regulated like finance) should not require any institutionally provided proof of identity, as people should self-regulate (on the client side) their "valid identity filters".
If you wish to delete one of the proofs associated with your identity, do it, but you might not be able to access some service, which is dependent on this specific proof.
The government is just another trusted identity (categorically an organization) - if the government proves your identity, fine, that is just one more proof of your identity. That could also be done by a company - KYC (also categorically an organization) or some person.
How you personally value these proofs, that is up to you.
What I would not like to happen is that *any* one organization (the government, some company) statically embeds their permission checks or their own "special status" into this hyperstructure.
These should be done at the edge by persons and organizations (companies and institutions).
These digital identities also should not get in the way of P2P communication.