Privacy By Design: The Promise of Decentralized Social Identities
A Paradigm Shift From Centralized Control to Digital Self-Sovereignty
Social media giants have long held too much power over our digital identities. Today, no one is immune to web2's vicious cycle of companies that collect personal data, use it to sell advertising, and continually manipulate users with their own data to increase profits. By making people feel like products, this exploitative digital environment produces a justified attitude of distrust in relation to data privacy amongst social media users. There are numerous incidents to cite; tech behemoths have time and again proven their inability to securely handle their users’ digital identities and data.
In recent years, Meta (previously known as Facebook) has repeatedly been fined for violating users’ privacy. In 2019, the company was ordered to pay a record-breaking $5 billion penalty by the Federal Trade Commission for violating consumers’ privacy rights — the largest fine ever imposed on a social media company for privacy violations. Last month, again, Meta was penalized for more than €1.2 billion (~$1.3 billion) and ordered by an Irish regulator to suspend data transfers to the U.S. for its handling of user information. This hefty penalty set a record for a breach of the EU’s General Data Protection Regulation.
But these incidents aren’t limited to only mega conglomerates like Facebook. Even newer social networking sites like Clubhouse have allegedly had trouble protecting the data of millions of users.
Given the poor track record web2 social media companies have at protecting user data, there’s a pressing need for more comprehensive solutions which address the challenges of user control, privacy, and data security. The solution to this challenge? Decentralized identities.
Unleashing the Power of Decentralized Identities
Decentralized identities can help solve the hard problem of data ownership and security. With a decentralized identity, a user can create a social media profile that is not reliant on a centralized platform for continued existence.
The technology which underpins decentralized identities is similar to the blockchain. A user connects their decentralized identity to an encrypted, decentralized file system to store their personal data. The data storage is then distributed across multiple nodes as opposed to being stored in a central database. This direct shift from a centralized to a decentralized system has several unique and necessary advantages:
- Decentralization enables individuals to take complete control of their data. Users can choose where their personal information should be used and have the authority to revoke that access at any time.
- Decentralization adds two critical layers of security, making it comparatively tricky for hackers to steal:
- To gain access to decentralized end-to-end encrypted data, a hacker must compromise multiple nodes on the storage network.
- Hackers must also compromise the user’s mobile device to access their seed phrase, or perform some other type of sophisticated social engineering hack to obtain the seed phrase directly from the user. These steps are incredibly resource-intensive and extremely difficult.
This difficulty radically changes the “economics” of hacking, significantly reducing the incentives to steal user data. A hacker must go through the time and effort to hack multiple systems and devices to obtain the secret data of one person, rather than compromising a single, centralized system to obtain the data of millions of users.
With decentralized social media, there’s also no big-tech bro moderating, censoring, or profiting from your personal data.
Decentralization drastically improves the user experience. For example, consider the tedious tasks of creating and managing usernames and passwords across all the web2 social media platforms. This requirement often tempts users to reuse their credentials, which can increase the chance of having their data stolen. Decentralized identity enables users to use the same credentials to sign in across multiple platforms, providing a better user experience. Future enhancements to decentralized identity will provide cryptographic proofs which relate to the connecting application, eliminating many phishing attacks.
Decentralized identity systems are built on open standards, such as the DID-Core standard, so they are interoperable rather than proprietary and closed. These open standards promote cross-functionality between diverse systems and platforms, meaning a person can use their decentralized identity to access a wide range of applications without going through the trouble of creating a new account for each service. Suffice to say, decentralized social identities may be destined to reshape the social media landscape.
The Role of Decentralized Identities in Social Media
By prioritizing user ownership, privacy, and interoperability, decentralized social identities change the way we interact online. A decentralized, self-owned, cryptographically-protected online identity puts the control back in the user’s hands, as opposed to being controlled by a centralized entity like Facebook or Twitter, enabling them to take their social media identity to any platform they choose to interact with. Imagine a system where your social media and email accounts are certified by a blockchain-based, decentralized-social-identity service for secure identity verification for enhanced trust and reputation.
The technology optimizes for self-sovereignty and interoperability, unlike today’s fractured social media landscape. Users of decentralized identities have a single, trusted source of digital identity, which changes how they build trust and cultivate their reputation on social media.
There are several user-centric social media platforms emerging which leverage these technologies. Nostr is a protocol which uses Bitcoin private keys to create a decentralized messaging service, while also enabling Bitcoin Lightning payments between users. Bluesky, built on the AT protocol (backed by Twitter’s Jack Dorsey) uses decentralized identity standards to create a decentralized alternative to Twitter. This privacy-by-design approach fundamentally changes the power dynamics we are accustomed to with traditional social media platforms.
The good news is, these efforts are not just limited to decentralized social identities for social media; they work as a part of a broader vision of web3-enabled applications, striving to make messaging, personal data storage, and single sign-in the standards upon which the future of the internet is built.
The Verida network is building a generalized layer zero identity and data infrastructure that can be used to build any type of decentralized, user-centric application. Verida One is a social application enabling users to connect their web2 and web3 social accounts, bringing these together into a single profile. The same decentralized infrastructure can also be used for many other use cases where users are in control of their data, such as credentials, zero-knowledge proofs, and much more.
From Web2 to Web3
Web2 and web3 are fundamentally different. While web2 is associated with turning people into products to monetize, web3 flips the narrative by giving users ownership over their content and data and a share of revenue they generate.
In the current iteration, web2 users have tools (not data-privacy compliant) allowing them to display where they are sharing their activities and identity, but web3 is yet to provide a robust solution to simply aggregate, share, and prove these existing social identities.
Solutions like Verida One allow users to import, verify, and link their web2 identities and metadata to web3 dApps. Other applications that provide decentralized alternatives to Twitter and Reddit include Farcaster, Bluesky, and gm.xyz.
With the bitter experiences of history and promising technology of the future, changing the current social media landscape is a critical step to enhancing the trust and security of our online interactions. However, this goal can only be achieved if we start reclaiming control over our data and demanding better from companies that profit from this private information.
The time has come to reject the status quo and push for a future where privacy is considered an online right. With alternative technologies making their way to market, users should feel more empowered than ever to build a life online, on their own terms.
Author Bio
Chris Were is a CEO of Verida, empowering individuals to control their digital identity and personal data. Chris is an Australian-based technology entrepreneur who has spent more than 20 years devoted to developing innovative software solutions and lately Verida, a decentralised, self-sovereign data network. Chris has so far disrupted finance, media and healthcare industries with his application of latest technologies.
Editor Bios
Hiro Kennelly is a writer, editor, and coordinator at BanklessDAO, an Associate at Bankless Consulting, and is still a DAOpunk.
Trewkat is a writer, editor, and designer at BanklessDAO. She’s interested in learning about crypto and NFTs, with a particular focus on how best to communicate this knowledge to others.
Designer Bio
Tonytad is a graphic designer who has worked locally and internationally with organisations and firms on over 200 projects, which include branding, logos, flyers, cards, and covers.
BanklessDAO is an education and media engine dedicated to helping individuals achieve financial independence.
Bankless Publishing is always accepting submissions for publication. We’d love to read your work, so please submit your article here!
This post does not contain financial advice, only educational information. By reading this article, you agree and affirm the above, as well as that you are not being solicited to make a financial decision, and that you in no way are receiving any fiduciary projection, promise, or tacit inference of your ability to achieve financial gains.
More Like This
Web3 Privacy Begins With Your RPC by Hiro Kennelly
Your Web3 Wayfinder by Trewkat
Web3 Enables Coordination Without Hierarchy by Ben Turtel
