Distributing Digital Identity

Technology Jan 14, 2021
If I had an hour to solve a problem and my life depended on the solution, I would spend the first 55 minutes determining the proper question to ask, for once I know the proper question, I could solve the problem in less than five minutes,”
Albert Einstein.

This article is a process of my thoughts in motion in search of a question. If you just want the takeaways, they can be found in the conclusion. Now, onward!


Identity might be considered an intractable or wicked problem simply because the number of thoroughly entangled belief systems, and conflicting world views, are in a deep state of cognitive fusion. Simply summarised as:

“Trying to define yourself is like trying to bite your own teeth.”
Alan Watts

There’s a whole-part relationship. To untangle the messy whole we should first gather the overarching perspectives and differentiate the parts. Once these assumptions have been distinguished, we can begin to reassemble and integrate them into something meaningful.


Have you ever wondered why we all think and behave so differently? The question has bothered me for many years. It’s seems that there are two major principals drive this phenomena; structural coupling and inheritance.

Both are immediacy biases where our cultural and historical contexts shape our world view. Unconsciously we assume that our lived experience is actually representative of reality, and then extrapolate from there. But:

The map is not the terrain, and the menu is not the meal.

Let’s zoom out and make some sweeping generalisations about our cultural, and linguistic frames - for now we can group them as follows:

Natural Identity: Interior Bias

Eastern countries and Indigenous cultures often speak in the form of verbs where context is inferred. In Japanese, “Hungry” can either mean that the subject is hungry, or it can represent a question about another's state.

We might say this is a subjective form of identity; it’s interdependent, networked, ephemeral, and probabilistic. It’s an identity in motion like a stream flexing to the course of life. It’s provenance; an origin of recursive depth or the Tao which cannot be named. It’s an emerging whole.

Key words: Verbs, Subjects, Networks, Edges, Feminine.

Western countries generally tend to hold a more noun like paradigm. Typically, we have a more materialistic perspective where statements like “tell the truth” are made as if such an abstraction is real or objective. This is possibly because we tend to view the world through a reductionist lens of atomistic parts.

We might say this is an objective form of identity; it’s a concrete topology that's structured, deterministic and noun like. It’s an identifier; a barcode, passport number or record stored in a database. It’s a verified credential. Such data is excellent for administration and tracking for better or worse.*

Key words: Nouns, Objects, Structures, Vertices, Masculine.

Part-whole relationship

As previously mentioned, the part-whole relationship is also worth noting. Again, these are heuristics inherited from our cultural and historical context. Broadly generalised; western countries tend to hold a more individualistic frame, while eastern countries often have a more pluralistic view of things.

However, both polarities fail to account for scale and levels of abstraction — a human entity can be regarded as a consortia of bacteria, as a single person, or as part of a larger group. As such, when we discuss identity it would be wise to scope the context or we might easily end up confused.

It’s political

So, it should now be clear that identity is about how individuals and groups, interpret, anticipate and interact with the world. This is known as ontology, and for the most part our heuristics are skewed one way or another.

With 7.8 billion people on the planet — and infinitely more contexts to interact with — we are entering into the unpredictable territory of complexity and chaos. To be explicit; I’m suggesting that identity is inherently political. So, how can we moderate the middle?

As feedback loops are erratic and invisible, the regulation of such a system must embrace the law of unintended consequences. Risk mitigation and strategic intervention is the name of the game!

Currently SSI falls into the category of complexity, as we are not in a modality of disaster mitigation just yet. However given the potential for it to all set fire and become a 1984 dystopia, we should regulate for chaos.


Start by observing the current system and by defining the ‘steady state’ as a measurable output indicative of normal behavior. Relating this to e-ID systems that are already in place such as the Dutch DigiD card, we might measure the use of existing functionalities and proofs.

We can then hypothesise that this ‘steady state’ behavior should continue in both an experimental group and a control group. The experimental group in this case might take the form of an SSI sandbox to re-implement various functionalities or proofs that are already in use. One thing to note here is that due to the principals of computational irreducibility and variety matching, a sandbox can only disprove a given hypothesis and control the blast radius if it goes wrong.

Next, variables representative of real world events should be introduced to disrupt the intended behavior and try to disprove our original hypothesis. For identity solutions this might manifest in the form of social engineering, cyber attacks or deviations in functionality not present in the already existing infrastructure.

If the sandboxed hypothesis successfully holds up, then it can be released into production and tested in the wild. However, due to the asymmetric risk of implementing such technology, consumer reporting mechanisms should be put in place and monitored with exceptionally tight feedback loops.

As digital identity scales to reach mass adoption, not just nationally but internationally, we may very well need to deal with chaos. Top down monitoring and regulation will not be sufficient. When something goes wrong, local actors need to be empowered to take action:

What additional conclusions can be made from the recognition of human civilization as a complex organism? Given the complexity of its behavior, it is necessary to conclude self-consistently that as individuals we are unable to understand it, even though we comprise it as a collective. Therefore, one would be unwise to argue, on the basis of general considerations, matters of social policy. Social policy questions must be dealt with by the system, by the people involved, as direct challenges to the system. — “Complexity Rising”

Thus, regulation dealing with digital identity needs to evolve. People need to be able to directly challenge the system, with minimal friction to implementation. Luckily we’re entering into a world where open source infrastructure has the potential to remove a lot of existing barriers.

Granted most citizens are not developers, but a repo is vastly more accessible than parliament — and with the evolution of low/no code environments it wont be long before the average citizen can directly affect changes.

These trends take us into the realm of open source governance. How should such open infrastructure governed? One of the more interesting, successful, and explicit protocols is the Collective Code Construction Contract by written Peter Hintjens and the ZeroMQ community. His reasoning for various sections are also well documented here. If such a process was recognised and given flexibility to evolve locally, it would allow citizens to resolve their own problems locally - mitigating asymmetric risk.


The topic of Identity is incredibly complex and our ontologies are heuristically skewed. Framing the problem appropriately allows us to orient ourselves and avoid bias, but the real challenge is governance and risk management.

Governance around this kind of socio-technology must be bottom up as we need to be able to directly challenge the system, rather than relying on third party institutions. This is because representative democracy is too slow and detached to account for feedback loops at the local level. Thus the major question is how to implement effective governance protocols for open source projects?

*NB: The Dutch National Inspectorate of Population Registrars was responsible for the greatest percentage of deaths of any country under Nazi occupation.


Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.