I am fortunate enough to own a car. I bought my first home about 20 years ago. I own my computer. I also own my identity.
Or do I?
Well, my identity is no longer just about my personality or physical identity, it now includes my digital identity.
I enjoy when Amazon recommends new books, movies, and products I might find useful. Netflix always gets me. Yup, “IP Man III”, that is a perfect movie for me with a 98% fit! I also enjoy when Google suggests a restaurant within a few minutes walk of my current location in the concrete jungle that is New York City. And, yes, I also enjoy product recommendations from my favorite shopping websites.
This enjoyment is all made possible by my digital identity. And, unfortunately, I don’t own it.
That’s because I am among the billions of people who participate in a global network of walled gardens that emphasize free entrance and an ever-growing understanding of what I want.
You know the gardens I mean, places like Google, Facebook, Amazon, Apple, LinkedIn (aka GAFA) and many more. But, I trade two extremely valuable things to get this experience — my personal data and privacy.
The danger of this arrangement is not news.
In fact, recently we’ve seen an increase in identity data being exposed in massive breaches. This has affected millions of people socially, financially and professionally. The most recent involves alleged weaponization of user data on Facebook to influence the 2016 US election.
But, what if we could enjoy this personalized experience while still maintaining complete control of our digital identity?
We’d be able to create a whole new class of privacy-oriented applications, new (safer) social networks, and return the Web to its original origins of being an open global network. And, more importantly, it would allow me (and you) to finally participate in the monetization of our data.
This is the goal of some exciting new blockchain projects.
I will take you through a tour of my favorites, but first I’d like to share a bit of history.
What was Web 1.0 and Web 2.0?
In circa 1990, Tim Berners Lee, a computer scientist working at CERN, published a white paper entitled “Information Management: A Proposal.” In the paper, he describes a new, elegant way to access the vast amounts of information on computers on the internet. He called it the “World Wide Web.”
Tim’s whitepaper would forever change the face of a technology that started out in the 1960s as a series of government-funded research projects. Researchers began developing and assembling a “network of networks” based on a protocol with an obscure name, TCP/IP (short for Transmission Control Protocol and Internet Protocol).
After 1990, this small research network transformed into a global information superhighway.
Today, by some estimates, this network of networks has over 50 billion nodes.
However, after nearly 30 years we rarely refer to the internet by name.
Instead, we talk about shopping on Amazon, or “Googling it” — to denote searching for something on the world’s largest search engine. We read our news on Facebook, the dominant social network platform, and listen to music via iTunes — a jukebox in the cloud developed by Apple.
This phenomenon is made possible by “Web 2.0.”
Web 2.0 refers to a transition from Tim’s original web community, sharing ideas through web pages, to a global “Web as a platform.” In 2004, entire software applications began being built on top of the Web. (For a tour of the Web 2.0 stack, go here.)
Facebook, Google, Amazon, Twitter are all Web 2.0 networks running on top of the original “Web 1.0.” This is the portfolio of protocols created by the original researchers behind the internet. Open protocols like TCP/IP, HTTP, SMTP, POP, IMAP, and others make up the foundation for what we experience today.
“The Web [2.0] had promised a new kind of egalitarian media, populated by small magazines, bloggers and self-organizing encyclopedias; the information titans that dominated mass culture in the 20th century would give way to a more decentralized system, defined by collaborative networks, not hierarchies and broadcast channels. The wider culture would come to mirror the peer-to-peer architecture of the internet itself,” explains Steve Johnson, New York Times writer in an article entitled beyond the bitcoin bubble, published last year.
But, there is a little known fact that is recently becoming apparent.
None of these open standards support the concept of a person’s data. In fact, the inventors of the internet failed to create standards for people and the information about them.
Essentially, by failing to make this part of the “base layer” of the infrastructure, it opened the door to a large network of closed systems (GAFA) to serve this purpose.
These quasi-monopolies (GAFA) have created a centralized world full of closed gardens powered by a digital asset “mined” from their users — their data.
Recently, this gap in Web 1.0 is now seen as a fatal flaw in the original Internet.
“…When you interact with a website. That website ends up storing all your data and you don’t really have good access to it,” says Tim Berners-Lee.
Solving this flaw has started a movement to create a new set of protocols to make identity an open standard based on the technology that powers Bitcoin, namely the blockchain.
It’s led by a new group of researchers and technologists who are coming together to create Web 3.0 — aka the decentralized internet.
Web 3.0: A User-Centric Web
Many believe the Blockchain, the brainchild of Satoshi Nakamoto, has the promise to solve the new challenges created by Web 2.0. Because it allows information to be shared on a peer-to-peer basis with no central-authority, many believe it holds the key to creating a safer, more private web.
The hope is that the technology that underlies the global Bitcoin network could allow users to regain control of their most important asset, their identity.
Below, is a tour of three projects that I believe have the most potential to make this a reality.
Blockstack’s vision is to leverage the power of the blockchain to enable digital property rights. It is both a decentralized computer network and an application development platform for building apps that natively protect your identity.
With Blockstack, developers can create apps that engage with decentralized identities (DID) owned by real people. Users can log in to these applications with their Blockstack ID, just like they would using their Google ID. The difference is, users, control what data can be shared with the application (for example, they might share their location data, but not their health data). They also control where their data is stored. It is not stored by any of the apps, but instead the cloud in specially designed “nodes” controlled by the user. And, Blockstack does not own the ID, it’s completely portable from one application to another.
Earlier this year, we had our friend Xan Ditkoff, Production Partner at Blockstack on our podcast series, The Kingdom to explain how it works.
In his own words, “[It] is the easiest platform to create applications which enable fundamental digital rights for individual users.”
Blockstack’s whitepaper can be found here.
Right smack in the middle of NY Blockchain Week last month, Microsoft announced they were throwing their hat in the race to help users own and control their own identities. It is the first time a major company announced the development of a decentralized infrastructure implementation. And, the exciting part is that it’s built on the Bitcoin blockchain. (More on that later.)
The new project, called Ion, will develop a reference implementation of new protocols that deal with how personal information is shared with other applications by social networks, among other things.
Microsoft is leading an open standards effort to foster contributions from the internet community on the creation of the next generation of Decentralized Identity-based experiences.
As they put it…
Microsoft is actively collaborating with members of the Decentralized Identity Foundation (DIF), the W3C Credentials Community Group, and the wider identity community. We’re working with these groups to identify and develop critical standards. We’re developing an open source DID implementation that runs atop existing public chains as a public Layer 2 network designed for world-scale use. The purpose of this implementation is to establish a unified, interoperable ecosystem that developers and businesses can rely on to build a new wave of products, applications, and services that put users in control.
One of the leads on this effort is Daniel Buchner, Microsoft Senior Product Manager, and he has become the face of the movement.
I came across a recent tweet from Daniel that expresses how foundational he feels this technology should be.
The list of contributors and organizations involved includes new blockchain startups like Blockstack, legendary security companies like RSA, and even insurance companies like Aetna.
Daniel was a guest on the popular What Bitcoin Did podcast. He explains why Microsoft is building DIDs on Bitcoin and much more. It’s a fascinating listen.
The Microsoft DID Whitepaper can be found here. It is very well written, in my opinion.
My friend John Bruce is co-founder and CEO of a new venture called Inrupt.
His 63-year-old co-founder was one of the 20th century’s most important figures named by Time magazine, received the Turing Award for achievements in computer sciences, and lit the torch at the 2012 Olympics.
It’s Tim Berners Lee, the father of the world wide web, of course.
Tim spends a great deal of time talking about his frustration with the internet. He believes the invention he introduced to the world 30-years ago has been completely distorted. When he hears reports like the Cambridge Analytica saga, or the insights unfolding about Facebook’s alleged secret experiments on 700,000 users it emboldens him to fix what has become his baby.
And, that is just what he is doing with Solid, Inrupt’s first product.
Solid is a technology, nearly 15-years in the making, that strives to give users control of their identity and data.
But to understand Solid you have to go back to the original prototype for the web browser, Mosaic. (I was tinkering with this new exciting tool in the CS undergraduate labs at Cornell. Uh-oh! I just dated myself.)
Tim’s original design of the Mosaic browser included the ability to not just read a webpage, but also write it too. This concept of a “read-write-web” was futuristic and involved solving many hard problems. One of them was identity. If you want to allow someone to edit a page, you’d be able to authenticate them. In other words, you’d better be sure they are who they say they are. This problem was left on the cutting table of the Internet. Tim feels it is the biggest mistake they ever made.
Because data on the web was always designed to be a space for data as well as documents, it was clear that identity would need to be a fundamental element.
Tim wants to go back in time and fix that error.
“[The data about me is really valuable.] My next challenge is to build a world where data about me is stored in places where I control. [It’s about] turning upside the Web 2.0 and making this new architecture where I control my own data,” He says.
Solid does not use a decentralized blockchain for its identity system. Solid uses what are called PODs. Similar to DIDs, PODs will store your photos, your health data captured by your fitness tracker, your documents, your address book, your calendar, and more. It will all be stored in your POD.
As explained on their “how it works?” page…
This Solid POD can be in your house or workplace, or with an online Solid POD provider of your choice. Since you own your data, you’re free to move it at any time, without interruption of service. You give people and your apps permission to read or write to parts of your Solid POD. So whenever you’re opening up a new app, you don’t have to fill out your details ever again: they are read from your POD with your permission. Things saved through one app are available in another: you never have to sync, because your data stays with you. This approach protects your privacy and is also great for developers: they can build cool apps without harvesting massive amounts of data first. Anyone can create an app that leverages what is already there. In order to prove ownership of your data, you need a way to identify yourself. Rather than relying on a third party, you can use your Solid POD to say who you are. So no more “Log in with X” or “Log in with Y” on the Web — just “Log in with your own Solid POD”.
Tim’s vision for Solid can be found here.
I also recommend this beautiful biographical review of Tim’s journey produced by the guardian.
Securing the Future of Identity
I believe the adoption of Bitcoin and the Blockchain will be driven by two things. First, Bitcoin’s utility in the world will be factor. As the digital asset has more uses beyond being a store of value, it will become more ubiquitous. Secondly, as applications running on the bitcoin network increase, it increases the value of the network making a more permanent component of the broader internet infrastructure. Decentralized Identity could be a catalyst for both.
At Soluna, we are developing a utility-scale infrastructure to support this future eventuality. As the Bitcoin network plays a more vital role in society, its security will be even more imperative.
We will be there to help.