Digital Identity in The Absence of Authorities: A New Socio-Technical Approach

Abstract: On the Internet large service providers tend to control the digital identities of users. These defacto identity authorities wield significant power over users, compelling them to comply with non-negotiable terms, before access to services is granted. In doing so, users expose themselves to privacy risks, manipulation and exploitation via direct marketing. Against this backdrop, the emerging areas of Digital Ecosystems and user-centric identity emphasise decentralised environments with independent self-determining entities that control their own data and identity. We show that recent advances in user-centric identity, federated identity and trust have prepared the ground for decentralised identity provisioning. We show how social trust, rather than blind deference to authorities, can provide a basis for identity, where risks can be weighed and compared rather than merely accepted. Fundamentally, we are considering the move from authority-centric centralised identity provisioning to user-centric distributed identity provisioning. Finally, we highlight the potential impacts of distributed identity provisioning in the Information Society and give a brief roadmap for its general implementation and adoption.