Individuals Should Control Their Identity — The Windhover Principles
When it comes to building a robust, portable and future-proof digital identity, one of the key challenges is getting the fundamental framework right. Luckily for us, there have been plenty of smart people and organizations that have been thinking about this very problem.
Back in 2014, the Institute for Data Driven Design, a research and educational nonprofit, teamed up with MIT and a slew of industry leaders to produce the Windhover Principles for Digital Identity and Trust, a set of principles and a framework for approaching new solutions for addressing digital identity, trust, and access to shared, open data. (Karen Gifford, a special advisor to global iD, was an active participant in the development of the Windhover Principles.)
As the Windhover Principles state:
Individuals, not social networks, governments, or corporations, should control their identity credentials and personal data. Control of one’s identity credential and personal data means that a person should have unfettered access to their persona data, and the ability to prevent unauthorized private access, and to verify attributes of their personal identity profile.
Ultimately, this ideal framework is comprised of three primary tenets:
● Transparent Enforcement and Effective Lite Governance
● Insuring Trust and Privacy
● Open Source Collaboration
In a sense, the development of global iD is a practical implementation of this idealized concept. So how does global iD compare to the Windhover Principles?
Transparent Enforcement and Effective Lite Governance
From the beginning we wanted to design what we describe as a stakeholder driven organization. In other words, we wanted global iD users to govern the system in the most transparent way possible. This to us, is fundamental toward maintaining the system’s neutrality.
As such, global iD’s federated governance structure means that, unlike typical frameworks, it isn’t controlled by any single corporate or government authority. And unlike traditional corporate or venture backed entities, because we deliberately segregate voting and economic rights. When it comes to global iD equity, the identity system operates independently of the control of any investor or group of investors.
These measures mean that, in essence, global iD’s identity platform serves as a public good.
Insuring Trust and Privacy
Another key question we had to answer in designing global iD was — how do we reconcile the need for privacy with the need for utility and convenience?
In today’s world, every time we need to prove our trustworthiness in a digital setting, we have to give up personal identifying information. But what if we only gave up that information on an as-needed basis? This is achieved through global iD’s system of attestations, authentication and authorization.
Under this system, users only need to provide their personal information to credible vouchers in exchange for public attestations. Users can then use these attestations to prove their trustworthiness to other users or services.
This way, global iD users control their identity and decide who they would like to share their data with.
Open Source Collaboration
While global iD isn’t technically an open source project, the platform itself is inherently open and collaborative. Anyone can use the platform as they see fit, and it enables users to share any identity validation standards for which they agree. Someone creating a validation standard for phone sales in East Africa may have appropriately need different identity validation criteria from someone working on a card product in Western Europe, but both can use the global iD platform to manage identity details. Similarly, how users build the necessary tools for interacting with global iD is up to them, and the fact that global iD enables data portability and interoperability means they have lots of options. Ultimately, the users choose.
Read more about the Windhover Principles
Read the global iD white paper
Z�c �Yw�/�
