Self-Sovereign Identity Principle #8: Consent
The eighth guiding principle of Christopher Allen’s Top Ten Self-Sovereign Identity (SSI) Principles is consent. Consent means that users must agree to the use of their identity by third parties.
SSI systems demand that sharing of personal data must only occur with the consent of the user. When building a decentralized self-sovereign identity, consent must continually be kept in mind and incorporated into the system. This ensures whether identity data will remain private or not (up to the discretion of the user).
With the rapidly increasing volume of data and unbalanced power in information exchange between individuals and organizations, an SSI model (combined with advances in blockchain technology) will help achieve greater and more meaningful consent.
Why is consent so important to SSI?
When an employer requests identity data on a prospective employee (to conduct a pre-employment background check), an SSI system would facilitate fair practices from both the employer and prospective employee. Through the principle of consent, the potential employee must agree to validate this identity data transaction, otherwise nothing pertaining to their identity may be shared. Although this consent might not be interactive, it must be deliberate and well-understood in an identity system.
Through deliberately-designed consent, each transaction of identity data will only be executed with the user’s consent. This innovation of mutual authentication means that both sides will be signing their respective requests, allowing them each to create a record of the data interaction. This creates full user autonomy–in which they will have full control of where their identity data is shared or exchanged.
As identity data is collected and grows in size, consent will be an integral factor in protecting an individual’s identity and ensuring that users maintain a preferred level of privacy. Identity systems are built around sharing identity and its claims– since an interoperable system increases the volume of sharing information, we must ensure that consent is a prioritized feature in building a system utilizing SSI.
This article is the eighth in a Self-Sovereign Identity Principles series the Metadium team is putting together for you. If you want to learn more please follow us on Facebook, Twitter, Instagram, and LinkedIn! Keepin App is available on the App Store and Google Play.