Our regular review of recent news from around the decentralized identity community. In this edition we look at a potential digital identity bill in Congress, a hackathon focused on spreading digital identity, and a conversation on regulation as we move closer to Web3.
By Tim Spring
Why We Need to Regulate Digital Identity in the Metaverse
Marcus Bonner shares his thoughts with the World Economic Forum on how online authentication and identification have been handled historically and why the process can be considered a failure. Bonner laments the lack of control users have when relying on third parties to hold their data, whether on e-commerce or social media sites. Looking to the emerging metaverse and Web3, he draws our attention to the critical questions we need to ask if we are to avoid the pitfalls of tying our our physical lives even closer to our virtual identities:
- Where do the boundaries lie between a digital history — such as proof of purchase — and the right to privacy?
- Would users have the ability or the right to be forgotten?
- What happens to your data when you die?
- Who can add to a user’s digital identity — and what can be added or deleted?
- Can you create multiple identities the way you can create multiple accounts today?
Concrete, commonly-agreed-upon answers to these questions don’t exist today; what you can do varies based on the system you choose to use and the regulations in place in your jurisdiction. But this article does a great job of highlighting what we need to think about before signing up for any system designed to share personal information with anyone.
At the recent Ingressive for Good’s HACKFEST — sponsored by Verified.Africa, a leading provider of ID verification and KYC in Africa — over 1,000 people signed up for a digital identity focused hackathon. Forty teams were shortlisted to participate in the 72-hour event from which three winners were selected:
3rd place — Internet ID: An auto-generated, secure lifetime ID that uses a secure single account access to prevent bots and fake accounts from being created.
2nd place — Team OneSecure: A one-click identity verification system for businesses and portal for individuals. The team were so engrossed in their project that they continued to work on the solution after the hackathon.
1st place — VeriVent: A platform that links investors to potential startups while using Verified.Africa’s API to verify the startup owners’ identity, reducing the likelihood of theft and fraud..
This article is a great reminder of the power of good community events. Some of the best projects can be started based on a real need that has been realized and — with just a few passionate people — continue to be developed, just like OneSecure’s.
TSA Wants to Automate ID Verification at Checkpoint Security
This article by Kristen Errick, Staff Reporter for Nextgov, takes a look at the recent decision by the TSA to add digital IDs to their pilot program for testing facial recognition. The TSA has begun using Credential Authentication Technology 2 (CAT-2) systems for identity verification at 16 airports. The system will view and compare the information from the digital identity with the passenger’s live photo and flight information — an approach previously tried with physical IDs — and now is in the testing phase to see if this is possible with digital IDs.
According to the article, the data from this pilot program will be held by the Department of Homeland Security For two years for analysis before being deleted.
While the system itself does not claim to be decentralized, personally identifying information that is part of this test is supposed to be almost immediately deleted, with the TSA claiming “passengers’ live photos and personally identifiable information from their digital ID will only last until the next passenger is scanned, when the system overwrites the old passenger’s information with the newest passenger’s information.” The solution is still in early stages, and those that do not wish to share any additional information with the TSA can opt for the standard checkpoint screening for the foreseeable future.
Natalie Alms, Staff Writer for FCW, reports on the status of the Improving Digital Identity Act, which was originally introduced in 2020 and then recently re-introduced by a joint effort from representatives of both parties. The bill seeks to push the federal government into a bigger role in the digital identity space by providing opt-in identity validation services and creating a task force to evaluate best practices for digital identity credentials. Backers point to a recent study highlighting a significant increase in identity theft and fraud as the renewed need for this bill. Unfortunately Alms concludes that the bill is unlikely to make it to a vote as Congress’s next session will be tied up in bigger items like the 2023 federal budget.