Identity and Digital Self-Sovereignty

A New Paradigm for Sovereignty on the High Seas

In the year 1603, the Netherlands were at war with Spain and Portugal. Unlike most wars conducted between European powers until that time, however, one of its theaters of battle was not anywhere on the European continent but rather in East Asia, off the coast of Singapore. It was there that Captain Jacob van Heemskerk, an employee of the Dutch East India Company acting from what appeared to be his own volition, captured a Portuguese merchant vessel and returned its riches to Company shareholders. The DEIC was the world’s first multinational corporation and had just been given its royal charter the year before — its structure and activity in the world were new and without precedent. The capture of the vessel engendered a protracted legal battle as Portugal sued for the return of its contents; a religious faction of Dutch East India Company shareholders rejected the plunder on the basis of how it had been obtained; and Dutch law had no provisions for such an event.

In response, officials of the Dutch East India Company turned to the 20-year-old political theorist Hugo Grotius to draft a justification of the ship’s seizure. Grotius realized that there was no legal precedent he could draw on to legitimize this event, which had taken place under the new reality of a globalized world of multinational corporations, naval power, and European colonialism. Instead, he would have to turn to philosophical first principles and reason from these foundations. Accordingly, he developed a theory of the grounds of legitimate warfare by elaborating a natural concept of justice. In other words, he argued that any particular law could only be legitimized insofar as it emerged from the conditions of justice that preceded the formulation of law. This argument became the underpinning of his theory of International Law, with its attendant “Free Sea” doctrine that postulated the independence of the seas from sovereign power.

During the following centuries, states competed with one another to establish as much control as they could over their adjacent bodies of water, resulting in today’s system of gradated sovereignty: internal waters, territorial waters, and exclusive economic zones. Beyond that, however, lies Grotius’s Mare Liberum, or Free Sea (also called the High Seas). Here jurisdiction belongs to both no state and all states, depending on the activities that occur and which state’s vessels are involved.

Sovereignty on Today’s High Seas: The Internet

The reality we are living today is, in some ways, parallel to that of the Early Modern Period: our cartography of the world and configurations of power are transforming with new technologies of mobility and navigation that are rapidly shrinking the globe. Today’s new sea, however, is manmade: the internet, an infrastructure facilitating the movement of information, goods, and people across the world. Like the sea, the internet is an infrastructure that flows between widely differing and often contested jurisdictional spaces. And like the sea, it has demanded unprecedented legal formulations that rely on first principles-based accounts of justice and the grounds of legitimacy.

While most of the public controversies around internet law have centered on intellectual property rights, the business practices of internet service providers, online harassment, and the censorship practices of states, a quieter problem has been working itself out in the background: that of individual sovereignty with regard to digital identity. This problem has been recognized by those who want to break the monopoly of the vessel — that is, the internet-based application — on the control of the identity of its passengers/users. This movement has elaborated the notion of “self-sovereign” identity, meaning that any individual identity has administrative autonomy regardless of its location in digital space.

In other words, some digital thinkers are trying, in a technological idiom, to move beyond the classic political problem posed by nation-state citizenship and which is recapitulated in international law: the nation-state as the only sovereign actor. Under this model, it is nation-states who confer and enforce the rights of individuals. The political philosopher Hannah Arendt described this problem in The Origins of Totalitarianism: if “human rights” can only be legally enforced by nation-states for their own citizens, then they cannot meaningfully be called human or inherent. They are, rather, contingent on conferral and protection by some larger authority, in this case the nation-state.

It has been remarked by philosophers, most recently Benjamin Bratton, that web-based applications like Google, Facebook, and others are very similar to nation-states in this regard, only with the added sovereign power of completely constituting the identities of users, presetting their capabilities within the application, and even erasing their existence without recourse if they choose. For example, Facebook occasionally suspends accounts of users who don’t use their real names in their profiles; when this happens, users have little recourse. Internet applications are not democratic political systems. They are accountable to their users insofar as without them their own existence is precarious, so they seek to please them; however, the legal terms of service agreements users agree to, and which are enforceable by the nation-state, grant users very few rights. Christopher Allen, a technologist at the forefront of the movement for digital self-sovereignty, has remarked:

It’s central authorities all over again. Worse, it’s like state-controlled authentication of identity, except with a self-elected “rogue” state.

Web-based applications increasingly form the infrastructure of modern life. They are the seas, roads, buildings, schools, and libraries within which we travel, socialize, learn, and express ourselves. They store data that is integral to our social and legal identities. Without them, a person is consigned to something like social death — not too different from the situation of a passenger of a ship on the High Seas. According to the international law that obtains on the High Seas, the flag flown by a vessel determines the jurisdiction it practices. Individuals on flagless vessels tend to be either pirates or humanitarian cases — and those on flagged vessels whose citizenship is revoked are likewise at the mercy of whatever jurisdictional regime they fall under.

Identity: A Precondition for Sovereignty

How does an individual recuperate sovereignty under the conditions of centralized authoritative institutions? To answer this question, we must begin with an account of identity itself. What do we mean when we speak of identity? The social usage of the word is often fraught with ambiguity. I argue here that identity carries two primary meanings which are often conflated:

• Continuity of self-sameness over time (predictable addressability)
• Particular characteristics (some of which can be represented as objects with transactional value)

Continuity over Time

What the first definition of identity means is that when you address something to someone — be it words, a letter, an action, a gift, a relationship — that individual continues to be the same one to whom such objects, intentions, and relationships have been addressed in the past, regardless of how much else has changed about them. Accordingly, an individual may remember being “a very different person” way back when, but their identity as the same person who had those earlier experiences persists. This is what allows people to develop over time without “ceasing to be themselves” every time they change.

Of course, many of these changes are major indeed, and sometimes they entail profound ruptures in the felt sense of who one is (i.e. graduating from college; getting married; experiencing a trauma; etc.). But even ruptures in sense of self don’t disrupt identity as continuous self-sameness. The former is an experience; the latter refers to the structure underlying that experience which may or may not be perceived. When a person no longer feels continuous over time, when they cannot form memories or do not recognize previous states of who they have been as themselves, we are in the realm of either neurological disorders or psychological illness.

Particular Characteristics

The second definition of identity is often conflated with the first. In other words, we often equate characteristics — what a person looks like; their likes and dislikes; what they are good at; what groups they belong to; what their social roles are; what others say, write, or record about them — with who or what they are. This is because the representational content of identity carries social value and is used all the time in processes of social exchange. In hierarchical social arrangements, certain identity representations can be accorded higher value than others because they are assigned by authoritative bodies like governments, schools, and places of employment. If the US government, for example, loses all record of your Social Security number, the benefits of citizenship may be denied to you, and you may suddenly feel like a foreigner in “your own” country. However, despite this rupture, you don’t cease to have a continuous sense of yourself as the same person who previously had a Social Security number, although figuratively you may refer to that past self as “dead” or “gone.” You can still be addressed, although others may have to use different means to do so.

Implications for Governance

This dual definition of identity has several implications for any structure of governance that privileges individual self-sovereignty. In what follows, I enumerate the basic characteristics such a structure must possess:

Identity as Continuous Addressability: Continuity of self-sameness over time is the most fundamental presupposition about identity which must be enshrined in a self-sovereign system of governance. Characteristics may change, including aliases; nationalities; accounts; visible markers; social classifications; predilections; habits; and capabilities; but the persistence of continuous selfhood will continue to be the foundation for all other forms of identity. Fragmented identities qua characteristics— for example, multiple aliases; disguises; self-concepts; and personalities — can be an important strategy of self-exploration, fun, and/or self-protection, but they all are constituted by the continuously-existing self. It is this self which is described by characteristics, has inalienable rights, and is the locus of sovereignty.

Mutability of Particular Characteristics: However, this continuous self also transforms over time. In other words, the principle of continuity of addressability underlies flexible architectures that presume human mutability. Mutability characterizes any healthy human life and must be presupposed by structures of governance which do not seek to overdetermine characteristic-based individual identity.

Privacy as a Condition for Healthy Mutability: Mutability flourishes optimally under the conditions of privacy. Privacy, in turn, can be understood as self-directed disclosure. Under healthy social conditions, the process by which people get to know other people unfolds over time through practices of proximity, intimacy, and co-implication. Transparency, on the other hand, is socially pornographic and facilitates violence; this is why proponents of digital self-sovereignty have stressed that the individual must have administrative autonomy with regards to how he constitutes himself in digital space, deciding when and how to grant deeper access to the continuities of his life.

Social Reciprocity qua Verifiability of Investment-Based Claims: Continuity of self-sameness over time, mutability, and tiered privacy presume a community or network of social actors who may address the individual and to whom different aspects of an individual’s identity may be revealed. Human collectives function from practices of reciprocity and exchange which may be codified into policies, rules, or laws. While many of these forms of reciprocity congeal around parochial norms, the verifiability of socially-significant claims is a fundamental form of reciprocity because it underpins the integrity of a social network. Thus, while in the realm of individual privacy any kinds of claims about the self can be made, the point at which a claim about the self results in trust-based social investment— for example, “I am a doctor qualified to treat your sick child” — is the point at which verifiability becomes a reciprocal right. If truthfulness and good faith in self-presentation are not honored as part of these high-stakes engagements, trust in the entire social system may collapse, leading to potentially even more dangerous second-order effects.

Collectivity as the Condition for Self-Sovereignty: Because the habituated logic of a wider social network overrides the agency of any individual, and because even isolationist individualism manifests in social context, it is crucial to build a first-principles account of individual rights into communal policies and institutional frameworks. In other words, if digital self-sovereignty is to be real, it must be architected and encoded in a system that distributes authority so that it cannot be overdetermined by powerful social actors at the expense of individuals. Collectivities do not automatically accomplish this, and that is why forms of sociality that create the conditions for individual self-sovereignty must be intentional. In other words, a mere sea is an infrastructure, but it is not sufficient to nurture individual self-sovereignty. Any habituated practice of the latter must also be social, pertaining to the human exercise of governmentality and jurisdiction across vast and unknown waters.

Blockchain-Encoded Credentials: A Step Toward Digital Self-Sovereignty

This is where the blockchain makes its fundamental intervention as a social and technological infrastructure. As a cryptographically-administered, distributed ledger beyond the control of any individual or group of individuals, the blockchain creates a jurisdictional space that cannot be gamed by powerful actors — something which is continually happening with law. Moreover, its pseudonymous key structure ensures that individual privacy is maintained through discretionary gating while preserving quasi-traceability in cases of illegal activity. This sets the precedent for digital self-sovereignty in a context of the collective right to verify investment-based social claims.

The blockchain has countless uses, but one instantiation of its capabilities is the ability to encode and verify credentials on the blockchain. Any developer may make use of this capability by employing the open-source software developed by Learning Machine and the MIT Media Lab. This code is a part of the Blockchain Certificates Project, or “Blockcerts Project,” which has set out to establish an open working standard for issuing certificates on the public blockchain. Blockchain credentials empower learners with decentralized, cryptographically-secured proof of their achievements that they control and that they can share directly with employers, graduate schools, or governments without needing to request official copies from the Registrar.

This technology is based on the principle of identity as continuous addressability through time. In other words, for a credential to be socially meaningful, the person presenting the credential must be the same person who was issued the credential — and the same person who qualified to earn it. This does not mean, however, that that person must be describable by the same characteristics that applied to them when the credential was issued. Since that time, they may have changed their name; moved to another country; undergone gender reassignment surgery; and completely overhauled their personality. However, their credential still holds.

In keeping with the principle of mutability and the verifiability of investment-based claims, however, institutions do have the power to issue, revoke, and modify credentials over time. And that mutability is co-determined by the credential recipient. Medical malpractice, illegal behavior, and gross negligence already often result in the revocation of credentials; it is possible to encode this revocation on the blockchain as well.

Following the principle of privacy, neither the granting nor the revocation of credentials is a public matter simply by virtue of the blockchain infrastructure. Rather, the pseudonymity of blockchain addresses ensures that the credential recipient is able to share, request, and preserve official records at her own discretion. These records would otherwise have been locked up behind a bureaucratic paywall, making the learner, in effect, the sole record keeper of all of her formally-issued credentials.

Accordingly, although blockchain-based ledger technology describes a stable, addressable individual, it doesn’t define that individual’s identity on the terms of any institution. Rather, it de-centers institutions from an authorial position in the life of the learner: they contribute to the mutability of an individual over time, but do not overdetermine this identity. Accordingly, Allen has suggested that the Blockcerts Project meets the ten criteria he has proposed for digital self-sovereignty:

Learning Machine is currently developing a commercial version of the Blockcerts Project that can be used by institutions without the need for the developer work that is currently a prerequisite for using the open source code. We hope other vendors will join us in taking the first step toward the widespread adoption of the new social technology represented by the blockchain’s distributed ledger. This technology represents a fundamental innovation in human governance which honors the integrity of both individuals and institutions over time while laying the groundwork for digital self-sovereignty.