Self-Sovereign Identity Principle #10: Protection

The final guiding principle of Christopher Allen’s Ten Principles is protection. What Allen essentially means is that the rights of users must be protected. It is inevitable that conflict will arise between the needs of the identity network and the rights of users themselves. Networks should veer towards protecting the freedom and rights of the users rather than the needs of the network.

Christopher Allen states that to ensure the protection of users, there must be a censorship-resistant independent algorithm that can authenticate user identities. Allen points out that a self-sovereign identity system should find a balance between transparency, fairness, and support users within the network while also guaranteeing protection. It could be a double-edged sword if it’s off balanced and that’s why it needs to be run in a decentralized manner.

How do we find the balance?

Instead of trying to reinvent the wheel, we should use existing frameworks to guide new data protection regulations. One of the most promising regulations addressing digital rights would be the European General Data Protection Regulation (GDPR) that came in effect in May 2018. It requires organizations to comply with personal data regulation and would be fined heavily for non-compliance. It’s the first major step in privacy by requiring organizations to obtain consent to data collection, the right to access personal data, as well as a 72-hour notice in case of a data breach incident.

Implementing blockchain technology will offer security and privacy while reducing the cost of identity assurance. On one side, government and corporations are failing to execute the protection of individual information from cyber attack. On the other side, Internet users are realizing that nothing online comes free. When users aren’t paying for a service online, they are instead paying corporations with data. Corporations are monetizing our data without giving anything back to its users and it’s going to help these corporations use it to their advantage.

Closing Thoughts

Self-Sovereign Identity would address most issues of the current digital identity infrastructure. Data breaches have become prevalent in the new Digital Age but many corporations aren’t taking actions to protect personal data. With self-sovereign identity, users will now have the choice to decide what and how data would be shared while being compensated fairly for it. Developing a self-sovereign identity system that allows control of one’s data and protects users privacy is something we can all support.

This article is the tenth in a Self-Sovereign Identity Principles series the Metadium team is putting together for you. If you want to learn more please follow us on Facebook, Twitter, Instagram, and LinkedIn! Keepin App is available on the App Store and Google Play.