Privacy, Security, and Technology in Contactless Government
In response to job losses and economic hardship, the City of Los Angeles distributed more than $37 million that was donated to the Mayor’s Fund of Los Angeles. This distribution occurred through the Angeleno Card, an immediate response card (IRC) that provided financial assistance to those in need. The rollout of the Angeleno Card is one piece of a larger city initiative called the Angeleno Program. The Angeleno Program consists of three aspects: (1) providing a single sign-in to most public-facing City services online; (2) enabling disbursements and payments to residents and businesses to take place electronically; and (3) bringing more City services online in an equitable and accessible way. I joined the project in August to research how best to protect the privacy and digital rights of residents, and design an experience that ensures Angeleno cardholders are comfortable with how their information is being used. In its final state, the Angeleno Program will enable anyone who lives in or visits L.A. to have a digital and physical card that will act as a single sign-on for City services with banking capabilities.
In my research, I looked into other cities’ digital service programs. Before joining as a Data Angel, I consulted for the City of Austin’s MyPass project and assisted the team as they built an app that allowed people experiencing homelessness to store their documents using blockchain. MyPass users could store their documents online without leaving themselves vulnerable to government or corporate abuses. My current research asks: how can someone who logs in with their Angeleno Account be sure their data is more secure and private than it would be if they logged in with another service? During my research, I prototyped that user experience and researched cryptographic tools that would make that experience possible. First, I drew wireframes for the prototype to demonstrate what it would mean for an Angeleno to log into their Angeleno Account, access all City services online, and selectively disclose their data to City departments.
Then, I researched alternatives to centralized identity providers, which raised two major concerns related to privacy and security: (1) the tracking of data and individuals could be perceived to result in increased surveillance; and (2) the centralized servers of identity providers are treasure-troves of data, so they’re economically valuable for hackers to attack. Almost all identity providers on the internet respond to these concerns through their business processes — the better the process, the more trustworthy the provider. To secure data by protocol, we need to push ownership of identity away from centralized services to the edges — to individuals — so that the identities themselves are in control. This is commonly referred to as self-sovereign identity. By decentralizing data and computation, self-sovereign identity guarantees privacy by giving individuals control of their identities and makes attacks less economically valuable to hackers because it requires a lot of effort to hack many individual identities one-by-one. This approach was originally proposed in the uPort whitepaper and has been adopted in many Decentralized Identity (DID) architectures, including the MyPass project in the City of Austin.
The goal for the final phase of the Angeleno Program is to enable residents to own and manage their data using the Angeleno Card across all City services. If Angeleno Account identities were self-sovereign, we could provide integrated online services ensuring the security and privacy to Angelenos. I am continuing this research in the Spring, and I am looking forward to designing integrated online services for Angelenos while protecting their security and privacy online.
