[MUSIC PLAYING] Yeah, we're going to talk about digital identities, the good, the bad, and the ugly. So what are we talking about? Well, to start this question off, I got a question for you. The question is, who are you? I mean, who are you? If somebody asks you that question, well, how do you answer it? How do you respond to it?
Well, the reality is, it really depends on who's asking. Because we all have a ton of identities. And the way we respond depends on who's asking. We got social security numbers, credit cards, cell phones, online accounts, social media, your enterprise accounts. I mean, you have dozens, if not hundreds, of identities to show who you are depending on who's asking.
Digital identities are part of the fabric of society and it's not going away any time soon. It's only getting worse at this point. But the reality is that all these identities we have, only a few, maybe government and credit cards, are widely accepted by more than one entity, more than one person. And so that's a challenge that technology is trying to solve, is how do we solve this problem of too many identities?
Well, this is where they get the idea of a decentralized digital Identity. If you haven't heard this already, you will hear more of it in the coming months and years. The goal of a decentralized digital Identity is, number one, is to make something that's portable and verifiable everywhere, that you don't have to constantly have something different to give everybody, but you got one thing that you can use everywhere.
It can be used across multiple applications without requiring a single centralized Identity store. We won't have to worry about some hackers gaining access to some central database and gathering hundreds of millions of Identity information records. That could be done away with.
And most importantly, that our Identity is something that we control. We determine where it's shared, where it's not shared, and when we have shared it, but want to be forgotten. That's the goal. And this is a worldwide thing that's being dealt with.
The United Nations and their ID 2020 Initiative recently basically established that a digital Identity is a human right for every person on the planet. So this is getting global view. But now this concept of digital identities is nothing new. For long, we recognized it as part of science fiction.
And this is?
Leeloo Dallas multipass.
Leeloo-- multipass. She knows it's a multipass. Leeloo Dallas, this is my wife. We're newlyweds, just met. You know how it is. Bump into each other, sparks happen. Yeah, she knows, it's a multipass. Yeah, anyway, we're in love.
Yeah, so that's something we've seen before. It's from The Fifth Element. Remember that the multipass, this concept of having one thing that I use everywhere, of course, it's science fiction, it's always a dystopian society, this mystery pass that I gotta get and it's hard to use, and I gotta find some secret guy in a lab to get me one and things like that.
But the reality of it is, governments are looking at creating a multipass, something that can be used universally. You'll see lots of initiatives. These are a couple of samples here. Gartner recognized by next year, they're estimating that by then, we will have a truly global portable Identity standard that will emerge and be able to be used across these different initiatives throughout there.
The World Economic Forum is pushing for digital identities from a financial perspective and a global perspective. I mentioned the United Nations had their ID 2020 project where they're viewing it from a human rights perspective.
The EU, the Once Only eID is creating a centralized data that can be used across all the EU. And then even China is rolling out and creating a digital Identity for all of their citizens and to be able to have it something that could be used globally as well. So this is just a few, but virtually every government, every large entity is looking at tying in this concept of a decentralized digital Identity to be able to be used.
But now we talk about it, we've got to go back to some of the concepts. So how does it work? I mean, how is it different than the digital identities already have and use, username and password, that kind of thing? What's different about it? Well, there's several concepts to understand, what drives this technology.
One of them is-- where it starts is, where does it sit? Where am I going to have it? Well, you gotta understand a digital wallet. So a digital wallet is the place where you secure-- you put your digital identities, and you own your digital wallet. The digital wallet isn't tied to-- like it only works with Microsoft or it's only an Okta thing or it's only a special thing over here the US government has.
It's meant to be a technology, an application. There could be different ones, but it's a place where you store your digital identities. But it's not tied to any one specific organization. And like a physical wallet, the stuff you put in it, you don't actually own what you put in it.
They are loaned to you. Like in your wallet now, you have a driver's license or credit cards or whatever else. You don't own those. They're given to you, they're issued to you, but they can also be revoked from you. Trust me, I know personally, they can be revoked from you.
And so that's the one thing about it. That's what you put in there, things that are loaned to you, as it were. But you get to decide what it is you want to keep in your digital wallet, what you don't want to put in there, and then who you share it with and when. So that's the card.
Now you've already probably seen or use these things. Apple Wallet is probably the largest one out there now, but not the only technology was used, but Apple Wallet's great. If you've got an iPhone, you've got the Apple Digital Wallet.
Now what can you put in there? Well, I can put my credit cards. I love paying now with Apple Pay. You click on it and boom, you can pay for things without having to pull out a physical card. State of Maryland was one of the first two states that began issuing digital driver's license that I could store in my Apple Wallet. So now when I go through the airport, I actually don't have to pull out-- I can use my phone and to provide my driver's license for use there.
But there's all kinds of things. Maybe an airplane. I love using my boarding pass. It's right in there. Scan it, come in there. So everything gets put in there, and you figure out, what do you want to keep in your Apple Wallet? I use mine a lot. Some people probably don't put anything in it. But you can decide what you want to use and how you want to use it, where you want to share it.
So that's the concept. I mean, that is the basic framework we're talking about to begin to make this larger project of a decentralized global Identity is starting with the concept of an Apple Wallet type of a concept or a digital wallet in general.
Now there's other terms. Issuers, holders, verifiers. They're really straightforward terms. An issuer is someone who provides a digital credential. It could be in the case a passport filed by your national government or a state provides your driver's license through an issuer.
The holder is you. You're the ones that hold these digital credentials that are issued to you, and verifiers are the third parties that you would share them with depending on the context, why they need it. So these are the three terms you'll hear often, are the issuer, the holder, and the verifier.
Now the interesting part is this idea of blockchain. Now we could do a whole hour-long thing on blockchain. In fact, my friend Rudy a few years ago did a whole thing about blockchain. We're not going to talk all about blockchain, but the basics of it is interesting because that's what makes it decentralized.
So how is blockchain using this? Well, blockchain, in a sense, it's like the database. It's where we store the information that we need to make all the transaction works. Now blockchain's unique, it's cool to do this-- technology to do this, is it's an ever-growing, easily maintained list of records. It just grows-- you keep adding more and more to it, blocks to it, and they're all interlinked, which makes it tamper-proof.
And it's also readily available. So you can have millions of copies of the blockchain everywhere that's readily available. Anyone can grab it and keep it stored locally if they need to. And anytime we look at the blockchain, we can verify right away, has it been tampered with? Has anybody tried to mess with it? If they had, you can identify it right away because of the nature of how it works.
So it's something that's easily given to everybody's, stores all the information you could ever want, and you can tell if it's tampered with. It's a perfect place to store the basic digital information needed to make this work.
Now what do we store on this blockchain in this world of digital identities? Well, they're often referred to as the public DID. You'll hear from the public Decentralized Identifier. In short, what we're putting on there is the issuers or the holders and the verifier's right all the three parties that work in the transactions, they have stored on the blockchain their Identity, like ID number, in a sense, your Identity is in there, and your public key that's associated with it.
So really, that's all you put on it. What you're not putting on the blockchain is actually credentials or that kind of information, and none of that stored on there. We're just storing on one big giant blockchain the ability to figure out and prove who each other are. That's what it's used for. That's why it works so well in this environment.
Now how does it work? Let's go through a simple scenario of how we could use a digital Identity with a blockchain to do a simple transaction. Something that you may run into-- I run into all the time is I'm out to eat and I order a drink and they always think I'm under 21 and I always have to prove my age-- who's laughing? Larry. I always have to prove that I'm over 21. So you go through the process. So what happens? So I'll have to go and show who I am.
Well, in a digital world, how would it happen? Well, first of all, it starts with the issuer. So the Maryland Department of Transportation issues me a driver's license digitally, and they're going to assign that credential to me and I put it in my wallet, and that information is brought to me by my wallet and is signed by them and that's the credential they issue me.
So I, the holder, goes to the restaurant I order my bourbon and they say, can you provide me an ID? And so I pull out my digital wallet and provide that to the verifier. In this case, it could be the waiter wanting to verify who I am. Now what does the verifier, then, have to verify in a digital world?
Well, the verifying in the digital world goes to that blockchain and it verifies two things. One, on the blockchain, can I prove that Bruce is Bruce? So I can see that yeah, this information based on the Identity and public key he provides me, this is him. And the information-- the credential is from the Department of Transportation from the State of Maryland.
So they validate that the information I'm giving them is truly Bruce and the information was signed by the Maryland. And those two things together provide the information they need to then go, yeah, he is-- he is older than 21, and then they let me get my drink.
So that's the process. The same thing you do now with a physical driver's license, you're doing digitally. And the blockchain is what's used to verify that the information being presented is accurate. It's just very simple as saying, yeah, you say you are you are, I can verify that in the blockchain, and then the thing you're giving me said it was signed by Maryland, yep, I can verify that, too. And that's a real simple transaction the way it works.
Now there's some other things beyond the simple stuff that you'll hear talked about, too, that makes us all usable. Zero-knowledge proof and things like self-sovereign Identity. Self-sovereign Identity, this is important. It basically says you own your Identity information.
I mean, who owns it now? Let's be honest. It's one of the three credit bureaus. It's the government. These are the ones that kind of own who you are. You don't really own-- the information is sold all the time, and things like GDPR are trying to address some of that. But the reality of it is, we don't have a lot of control over Identity information. We've given it up and people use it and sell it to their advantage all the time.
Well, self-sovereign Identity is we get away from that. That you, the Identity holder, control when that information is given out, who gets to look at it, and when do-- they have to give it back, not look at it anymore. You control the information. You self-sovereign over your own Identity.
Contextual integrity is important as well. Contextual integrity says, I only have to give out the information I need based on the context. So if I go to a bank to get a loan, I shouldn't have to share personal health care information, and if I go to a doctor, I shouldn't have to share financial information most of the time. So It all depends on the context. What information I'm sharing should fit with whoever is asking. Basic premise.
Zero-knowledge proof is a way to take it one step further, which says, I'm only going to share exactly what that person needs and no more. Now that's the point-- let's go back to that I'm sitting at the restaurant ordering a drink scenario today. Well, what am I sharing today? Well, I'm sharing a physical driver's license with a waiter who then gets to see what?
My full name, make fun of my middle name, look at my address, my height, my weight, my date of birth, am I an organ donor? Whatever else. I don't really want to share all this information with the waiter, but that's what I'm giving them. I'm showing them all the information. When all they really need to know is what? Am I over 21?
So in the world of a digital Identity, I wouldn't share everything. What would I share? I wouldn't even share my date of birth. With that zero-knowledge proof, all I'm going to share with them is a token or a credential from the State of Maryland that just validates them over 21. If they can evaluate I'm over 21, they don't need to know anything else about me. That's all they need to know.
So in the digital Identity world, it's better. It's more private, it's more efficient, it's safer, it's more controlled. I only share exactly what I need reliably with the person needing that information. So that's why this is really a great idea. It's way better than the way we use physical identities today moving to this concept.
But now this is the concept, it's all there, but in order to talk about this, as it begins to emerge, there are three things that we have to talk about.
The good. The bad. The ugly.
So Yes, we've got to talk about the good, the bad, and the ugly of this concept of decentralized digital identities because it's becoming apparent that all these exist. So let's start with the positive. Let's talk about the good, the good we're already seeing with this concept and this type of technology.
A great example of how this is being used well is the United Nations World Food Program called Building Blocks. In short, they use digital identities, the largest scale for providing humanitarian aid to individuals to get access to whatever the service they provide-- food, clothing, shelter, health care, all that kind of thing. And they're using digital identities to do that. So it's a great program that actually works really well for them. They're one of the early adopters of using this type of environment.
An example of how it works is with refugee camps. Now you can imagine, one of the challenges of a refugee camp is you have an area that's under some sort of conflict and all the refugees are fleeing to another area. So the United Nations sets up these large camps to provide basic services to do that.
Well, the first challenge is you have hundreds of thousands-- hundreds of thousands of people coming into an area with often no identities. All they got is the clothes on their back. They have no passports, no birth certificates. There's no way that they can come in here to identify who they are. So how the world they begin to organize, provides services to people who have no identities?
So the first thing they have to do is they establish an Identity for each person there in the camp. And they do digitally. They use the reliable thing, regardless of what name they want to give, and it doesn't make a difference. They're going to use biometrics.
They use often a fingerprint or a retinal scanner, that that's used to identify who they are, and then they tie-in whatever personal record information that's provided that they need to know right. And they tie-- they create a digital Identity within the system within the refugee camp.
Now they provide a services that associated with this digital Identity. So for example, they provide them funds. They give them funds so that they can go and get basic necessities. They're giving them money on a regular basis to do this. And so when the person-- the refugee goes to one of the camp stores, they don't have to physically have any money with them.
They can go and shop, get whatever resources they need. When they check out, they scan in with their biometric scan, it validates who they are, it shows what the money they have on the account, and they're able to spend the money on the account as they need to in the camp with easy transactions.
This is huge for them. Because one of the biggest problems they had, not only was establishing identities, was providing services. They would give physical money out on the camps, they had problems with people extorting money, stealing money, crime within the camps, that's all eliminated by doing this.
And they're able to see what who has what, who's gotten health care, who may need to get health care we need to check up on. So all this provides a great mechanism for people to easily get access to resources in a controlled manner and in an efficient way. So that's a great example of how this digital Identity type of process works in a good environment.
Now, the bad. Now we all know probably better than most people is technology doesn't always work. It fails. And this idea of a decentralized digital Identity relies heavily, completely on technology. So what happens when we're an early adopter and the technology doesn't always work the way it's supposed to? Well, it can be tragic.
Two separate governments have initiated a similar type of digital Identity for their citizens to kind of initial concepts. This one government created a digital Identity card. It was a combination of a physical card with a microchip and digital information on it. And that information was basically used in this country to access any type of service. So to be able to vote, to access any sort of government service, public schools, health care. Even to open a bank account or apply for a job, you had to have this.
The challenge was, when they rolled it out, was the requirement to establish your Identity to get this digital Identity. They required you basically had to establish your father's Identity, which would then establish your own Identity. That was the requirement. The problem is, in this country, there are millions who were unable to establish their father's Identity. Maybe they never knew who their father was.
So when they rolled this out, there were millions of people who weren't able to get this card and all of a sudden we're blocked out of all these essential services, even the ability to get a bank account or a job because they had no way to get the digital Identity card. That was a problem that had to be worked out.
And a worse scenario it was another government, did a similar project. And this was the largest case of the single largest digital Identity application of over 1.3 billion identities. Similar-type of environment, they rolled out a digital Identity to all citizens. The problem was in the use. They tied it to biometrics, it was in the use of it.
And there were several outstanding cases where it began to fail. One was a man basically starved to death because his family had gone to get rations for food that were needed and they were unable to verify who they were with the biometrics, who couldn't get the food rations, and eventually the man died.
Another similar case was an 11-year-old girl who starved to death because in this case, it was bureaucracy. She wasn't able to get her ration card tied in and link to her digital Identity. And so they didn't get tied in through all the red tape in time, so therefore, the ration card expired, she couldn't get her rations, and eventually she starved to death.
And the worst case was the example of a woman with 11-month-old infant that needed health care, and they went to multiple hospitals and each time were refused because they could only accept them if they had a digital Identity, she was not able to produce one for her and her daughter, so she received no health care.
So those are horrible examples, but they show the bad. They show, hey, we can become overly reliant on this great concept of digital Identity, but the underlying system fails, and in this case, it could life-threatening.
And then there's the ugly. So we have the good-- we see when it works, it works great. The bad, it can be really bad when it doesn't work. But what the ugly is is the potential for misuse. And a couple examples have creeped up. This one is small-scale. This was a municipality, a city.
Now this city has cameras everywhere. They use it for protection in the city, security. So they have cameras everywhere. Now the city also has tied in-- all their citizens in the city have digital identities that they maintain. So they know who everybody is. And they use facial recognition with AI to be able to not only have cameras, but they can identify everybody out there in the camera in the city.
The problem was is they had a problem of uncivilized behavior. I guess some of their citizens would go out in public in pajamas-- how dare they do that? And if they were seen that way, they would identify who they were and they would publicly post a picture of them in their pajamas in public with all their Identity information to shame them.
So again, they had the idea they thought it would help improve things, but you can imagine the invasion of privacy in that particular case and this particular case, look at the picture there. I was like, those guys' pajamas are pretty nice. I said, my pajamas are just an old T-shirt and some sweats and I go out in public in that sometimes, so I think they're way off. If that's their worst-case scenario, they're doing pretty good.
But that's where it was misused. They invaded people's privacy to try to implement some sort of uncivilized behavior policy within their environment.
This other one is something that is going to affect, if it hasn't already, every person here, and you probably don't know much about it. It's called the Central Bank Digital Currency, CBDC. You can look it up afterwards because the odds are, your government is involved in it one way or another.
Now, the concept is pretty cool. It's a government-backed digital currency linked to a digital ID via blockchain. So the reality of it is, regardless of where you bank or where you have your money, all that goes through a centralized banking system through the government.
So the concept is why don't we simplify that whole process, you can still have banks or whatever, but the reality of it is is we're going to have a digital ID, use the blockchain technology we talked about tied to you, and we're to use that for financial transactions.
It's obvious why it's going to be better. It'll be faster, cheaper, safer. You won't have to have necessarily a checkbook or credit cards or anything like that. It can all be done very digitally, transparently involved. You don't have to worry about currency transactions or things like that because you automatically would be able to handle different currencies, through different countries that are involved.
Governments love it. They'll always make sure they get that tax on you whenever you're doing a transaction. They can help prevent money laundering because it's more transparent how the transactions are done. So there's a lot of advantages to doing this, to securing it.
Today, there are nine countries that have implemented this type of CBDC currency, and there are 80 others that have initiatives to roll this out. This is designed to be intercountries, a global type of initiative for handling financial transactions. The United States is one of the AD who has initiatives to roll out something within our banking system to support the CBDC.
So on the surface, it's pretty interesting. It's obviously the way finances are going to go. The challenge is something interesting. The CBDC defines this area called programmability that several people have raised some red flags about.
Now they define programmability as allowing a party in a transaction, such as the state or an employer, to control how the money is spent by the recipient. Now think about that for a minute. Are you comfortable with your employer or your state or federal government controlling how you spend your money? Give you an example how it might be done.
Maybe your employer is concerned about employees with good health. Helps with health care, good employees with good health work better. And they've noticed that you've been eating out at fast food a little too much this month. And maybe that time you want to go to McDonald's and get one more fast meal there, they decide, it's too much this month, we're going to block your ability to eat any more fast food this month in the interest of your public health.
Or maybe you had an eye on that new boat. Man, it's a bigger, better-- boy, that boat would be nice out here off of Miami, wouldn't it? You Decide to go out and buy that boat, don't you? At least you want to go buy the boat. And when you go to do the transaction, it's blocked by the government. Because why?
Well, the government has initiatives dealing with climate change. They're very concerned about everybody's carbon footprint. And they've already determined that you already have so much in your house. You've got a boat, you've got other cars, and you've got motors-- you got so much stuff that's creating such a large carbon footprint, that the last thing is you need is another boat to add to that carbon footprint that puts you above where we think everybody should be at in order to protect the environment.
Now both those are altruistic concepts, they're good ideas, but are we willing to give up that control and that privacy to support that concept to allow somebody else to determine how you can spend your money in certain cases?
Well, that's the whole idea behind this thing right now, is programmability provides a mechanism in where authorities can be able to create policies or laws to control that. And obviously that's a big concern.
So as we go along here when we think about this, as we go along, the reality we think of as-- this is coming. It's not a matter of if this will happen, it's when, how soon? And how is it going to affect you and I? Ultimately, what does the future hold for us?
Well, if you like classic movie, the best we can hope for is that the good and the bad take out the ugly and the good is able to mitigate how much bad there is. If you've ever seen that movie, it's one of my favorite movies, needless to say. It's a great movie. So Clint Eastwood, the good, holds out the high at the end.
And that's what we want to see. There is good. We see this idea of a decentralized digital Identity is portable, verifiable everywhere. It allows control of when your information is shared, when you can withhold it, and when you can make sure your Identity information is forgotten by people you don't want to share it with anymore.
The bad? Digital systems can and will fail. We need to make sure that we take address that into account to build in safeguards. And the ugly is technology can be used to limit privacy and freedoms. So what does this mean for us today to now?
Well, now's the time to begin thinking about how our own identities are going to be used. We need to resist the idea that we have to give all information to anybody who requests it from us. We need to push for changes within the systems that will protect our identities and our privacy. And we need to go back to the basics of freedom when before civilization had all the technology we had, we had one basic concept about our Identity. Is I own who I am, I own my own Identity. Thank you.
[MUSIC PLAYING]