Moderator is @RobvanKranenburg.
Oskar van Deventer – Self-sovereign identities
Many organizations are administration factories. Every time you interact with them, they ask you for information, which then they process (name, email, phone number).
There is a different way to do it. People have an information wallet, and orgs ask the wallet for exactly the information they need, not more. People can comply, or decline, or even report excessive requests for information. This is a SSI.
This ecosystem consists of issuers, holders, and verifiers of identities. Oskar has a demo based on the story of a patient ordering drugs online. The eSSIF-Lab EU project provides funding for technology development and business applications based on this idea. The first open call is going out in early 2020.
Q: How would the data storage work? Some kind of citizen wallet, but how do you implement it?
A: The concept we are working on lives on issuer DBs, accessed through a phone app.
Q: What prevents service providers from asking for all of the individual’s data, and the person accepts because she needs the service?
A: This is my nightmare. You cross the Chinese or US border, and then some kind of data vacuum cleaner empties your wallet. This might require issuers policy, stating once and for all what can be done with those data. But I do not yet know how to solve it.
Gaëlle le Gars
I want to share with you how the Commission sees this issue now.
There are two major trends that have undesirable consequences. One is social credit scoring. In Europe we are likely to see a “consumer scoring” version of it. Companies share information on you as a consumer, determining whether you are an undesirable customer. Undesirables are ostracized, made to wait for help, unacknowledged. This is illegal, but the infrastructure is there (it is GAFA), so we suspect this is happening.
The other trend is the integration of identification databases across the EU on the grounds of police and justice administration. There is a regulation for interoperability of these DBs across the EU, including a lot of info (like: travel information).
However, there are also two opportunities. One is e-government applications; the other is that this is now a centerpiece of EU policy, so things can happen to defuse these risks.
Q: How does EIDAS play into these scenarios?
A: (Loretta) It is time that you people – not the Smart City crowd, not the IoT crowd – take control of this issue. There is something profoundly human about freedom from surveillance, and identity is political. Speak up, and apply for funding if you have ideas to implement in this space.
[Round of presentations follows]
Maria Rautavirta: Human centric data economy
- Re-using personal data creates new business opportunities
- But people should be included in the decisions about what is done with their data.
- Currently it’s mostly open data that are being exchanged. All other data does not travel much, in sits in data lakes with a big lock at the door.
Finland has come up with Data principles to enable more data exchange. They are human centric, thriving (efficiency gains from exchange) and balanced (divide fairly the benefits of the gains). There are six principles: Access, Share, Act, Innovate, Trust, Learn, all this by default. They are available at https://dataprinciples2019.fi .
Federico Bonelli: wrap up
The problem of identity is central, not only in policy but in philosophy and the arts. It is a complex problem, but there is a core simplicity. In logic, A=A: an entity coincides with itself. When I pass the border between Finland and Russia, a frontier guard looks at my passport, and validates that I am Federico. Data in the passport matter, but maybe it is the validation that matters most. Now we are discussing about other methods of validation, algorithmic. Loretta said that identity is political; and politics, as defined by Aristotle, is definitely not a science, more like a kind of art.
Loretta Anania’s suggestions for wrap up
- Where is the ecosystem?
- Oskar’s nightmare scenario: “wallet vacuum cleaners”.
- Gaëlle’s two risks and two opportunities.
- The opportunity to build offered by the NGI initiative.
Also ping @hugi!