Current architectures to validate, certify, and manage identity are based on centralised, top-down approaches that rely on trusted authorities and third-party operators. We approach the problem of digital identity starting from a human rights perspective, with a primary focus on identity systems in the developed world. We assert that individual persons must be allowed to manage their personal information in a multitude of different ways in different contexts and that to do so, each individual must be able to create multiple unrelated identities. Therefore, we first define a set of fundamental constraints that digital identity systems must satisfy to preserve and promote privacy as required for individual autonomy. With these constraints in mind, we then propose a decentralised, standards-based approach, using a combination of distributed ledger technology and thoughtful regulation, to facilitate many-to-many relationships among providers of key services. Our proposal for digital identity differs from others in its approach to trust in that we do not seek to bind credentials to each other or to a mutually trusted authority to achieve strong non-transferability. Because the system does not implicitly encourage its users to maintain a single aggregated identity that can potentially be constrained or reconstructed against their interests, individuals and organisations are free to embrace the system and share in its benefits.
Citation
G Goodell and T Aste. "A Decentralised Digital Identity Architecture." Frontiers in Blockchain, November 2019.
Data harvesting and profiling have become a de facto business model for many businesses in the digital economy. The surveillance of individual persons through their use of private sector platforms has a well-understood effect on personal autonomy and democratic institutions. In this article, we explore the consequences of implementing data-rich services in the public sector and, specifically, the dangers inherent to undermining the universality of the reach of public services, the implicit endorsement of the platform operators by the government, and the inability of members of the public to avoid using the platforms in practice. We propose a set of good practices in the form of design principles that infrastructure services can adopt to mitigate the risks, and we specify a set of design primitives that can be used to support the development of infrastructure that follows the principles. We argue that providers of public infrastructure should adopt a practice of critical assessment of the consequences of their technology choices.
Citation
A Rychwalska, G Goodell, and M Roszczynska-Kurasinska. "Data management for platform-mediated public services: Challenges and best practices." Surveillance & Society, Vol. 19 No. 1 (2021).
Digitisation is often viewed as beneficial to a user. Whereas traditionally, people would physically have to identify to a service, pay for a ticket in cash, or go into a library to access a book, people can now achieve all of this through a click of a button. Such actions may seem functionally identical to their analogue counterparts, but in the digital case, a user's actions are automatically recorded. The recording of user's interactions presents a problem because once the information is collected, it is outside of the control of the person whom it concerns. This issue is only exacerbated by the centralisation of the authentication mechanisms underpinning the aforementioned services, permitting the aggregation and analysis of even more data. This work aims to motivate the need and establish the feasibility of the application of a privacy-enhancing digital token management service to public transit. A proof-of-concept implementation is developed, building upon a design proposed by Goodell and Aste. This implementation was optimised for the public transport use case. Its performance is tested in a local environment to better understand the technical challenges and assess the technical feasibility of the system in a production setting. It was observed that for loads between one and five requests per second the proof-of-concept performs comparably to other contactless payment systems, with a maximum median response time less than two seconds. Due to hardware bottlenecks, reliable throughput in our test environment was limited to five requests per second. The demonstrated throughput and latency indicate that the system can feasibly compete with solutions currently in use. Yet, further work is needed to demonstrate their performance characteristics in an environment similar to that experienced in production.
Citation
O King and G Goodell. "A Decentralised Digital Token Architecture for Public Transport." Working paper, 2024.