Doc Searls on Decentralized Identity
Facebook X LinkedIn
Speaker Spotlight

Doc Searls on Decentralized Identity

Raj Hegde
Published on Jul 22, 2021

Doc Searls, Co-founder and board member of Customer Commons, and Director of ProjectVRM, is to deliver a keynote entitled Where Stands the Sovereign Self? at the European Identity and Cloud Conference 2021.

To give you sneak preview of what to expect, we asked Doc some questions about his planned presentation.

Why does decentralized identity matter to companies today?

You as an individual have sovereignty and agency when you put your shoes on in the morning, when you drive your car, when you ride your bicycle. [But] we don't have that much [agency] yet on the internet. We don't have our own bicycle. We don't have our own car. We have a different one for every website that we go to. We have no more privacy than what websites and services provide separately. We don't have any scale across all of them. We're always agreeing to terms that other parties are proffering to us and giving us very few choices about how we answer and no records of that. And that's because we're always thinking that whatever we have as an individual is up to a company. And there are so many companies that we're dealing with as individuals that we don't have scale. We don't have full agency. We have no more agency than what the company provide for us.

That's too much responsibility for companies, and it's not responsibility that they necessarily want. It's too much. Why should you have to keep records of all these preferences, all these different things. It doesn't make any sense. You should be able as an individual - because you have agency - to change your address, to change your last name, to have a shopping cart you could take from site to site for the good of the companies that you're dealing with. You know, that's something that works for people and it works for companies as well. And that's why we need agency. We haven't had it yet online. We created the online environment more or less on the old industrial model where we had to have scale.

Every company separately needed all the scale they could get across all the customers that they wanted, and to hold that scale exclusively, so customers had no way to move from company to company or site to site with their own tools where they could deal at scale. They have a browser, but the browser is all they got really. After that, it's up to the company to remember who was that? That's a cookie I put in your browser. The customer should have more independence than that, and that independence should pay off for the companies. And we don't have it yet. That's a big “to do”.

What is the business value of decentralized identity?

The business value of decentralized identity, which I think of as distributed identity, by the way, is independence for the customer. It's independence for the individual. It's that everybody has the capacity to obey all of Kim Cameron's original seven laws of identity: Minimum disclosure for a constrained use, justifiable parties, plurality of operators [and technologies etc].

Those things are all really good for business, and we don't have them yet. And we don't have the tools on our side. We need wallets of our own, or something is like a wallet, that is our instrument for making verifiable claims and presenting verifiable credentials that can be verified easily and minimally disclose. There's a lot of thought and a lot of development that's going into, how do we make this work on the corporate side? I haven't seen enough on my side, on the individual side, that I just have to have that wallet. That's a great wallet. I have that. What can I put in that wallet? Have I seen his company before? What's my relationship with them? Where did I get these credentials? What are those? I shouldn't have to think about any of that.

I think in the abstract, it all works, but we need to make it work in the concrete and it’s never going to work unless we have something that is an app on the front page of our phones; something that's a body function for us like our wallets are in our back pockets and our purses. And like apps are on our phones. We need those. There are some in the world now. There are some SSI wallets, but we need ones that are what I call “inventions” that mother necessity. You have to have them - take one look at it and say, I got to have that. I gotta have that. That's going to save me all kinds of trouble.

What can organizations do to kickstart decentralized initiatives?

I would suggest that companies go to their employees and say, don't think of yourself as an employee, think of yourselves as a customer or a user if you don't have customers, you just have consumers, they don't pay anything, but you have them. What would you want that works not only for this company, but for every company you deal with? What gives you scale? What can we do in cooperation with every other company out there, that's going to give you scale as a person, not just as an employee, but as a person? And especially think of how do we not trap customers? How do we not put them into a walled garden or into a silo? How do we liberate them so they can deal in a more efficient and useful way with all the companies they deal with? And look at what the fundamentals of SSI are, and how they would work with that.

But how do we put that to use in the world, for you as an individual, and get all of the input you possibly can, because I guarantee that the employees of your company know more about what they would want, as individuals operating in the world, than the company could begin to guess at.

What are the risks at play if organizations don't work on decentralized initiatives soon?

The main risk is getting left behind on something that will be universal, eventually. It's like 1991, and we don't have the browser yet, but the internet is already here. We are all going to be using the internet. Something like the browser is going to show up. Everybody's going to have one. Are you just going to put a brochure on the web, and say I'm going to hand it off to the marketing department? Or are you going to base the whole world – your entire company - on what the internet is going to do for you, that everybody can see through their browser?

That's the future we're going to have with SSI. We're going to have self-sovereign customers. They are going to present verifiable credentials to your company and other companies. And you're going to participate in that. How do you get involved with that? We don't have the browser yet. And I don't think we do. We don't have the equivalent of the browser for SSI. We're going to have the equivalent of a browser, probably a number of things that might be like a browser, but it'll play the role of a browser in the sense that it's something. I have a better example, of maybe an email client. You know, we all had - if you were fluent in basic computerese – Mutt and Pine, and things that worked in the command line. And then later say Eudora, that you could use as an email client. This is long before Google sort of normalized it with Gmail, but you could still take your mail off Gmail and put it on your own server.

And people are going to have their own instruments for expressing their self-sovereign identities and really identifiers. Again, I have verifiable credentials that I'm going to present. I go to the concert and all you need to know is I have a ticket. I just flash something on my phone. You've got a ticket, you get in. We have some of that right now with QR codes. I went to a game the other day and showed a QR code, got in no problem. That starts to get there. That’s a form of SSI, but that's one company's way of presenting. That’s one B2B solution that happens to work in a B2C way.

We need the C2B solutions. Browsers are C2B. They're not B2C. We don't have a different browser for every company we deal with. We have one browser we deal with, with every company, one email account we deal with, with every company. We have one SMS client that we use to deal with every company. We have one phone number that we give when a phone number is required as an identifier. Those are examples of scale. We should have many, many other kinds of scale, but you can't begin to see that if you're only looking at it at an individualized B2C way. You're going to have to imagine a future where every one of us has, self-sovereign ways to present verifiable credentials that work across the whole world in a normalized way. And where does your company play in that? And I think right now, the way to play in it, is jump in with a whole lot of other companies that are doing are doing base level work on common protocols, the standards, and ways to make this new industry scaffold itself up. Get together with other companies on that base level stuff.

The title of your keynote is 'Where stands the Sovereign Self?' What do you hope to achieve with your keynote at EIC 2021?

I hope to achieve, as I've tried to do I think with every keynote I've given there going back to the beginning, full respect for what can only be solved from the individual side. There are so many business problems that can only be solved from the customer side. And, I think with SSI especially, we finally have a lot of activity around that. But I'm still not seeing enough that starts with the individual, that says how do we get this person’s scale? How do we make this work across entire markets and across the entire world? How can we start equipping them - individuals – with ways to manage their lives? [We] have barely thought that out. Google and Apple provide calendars and contacts. And so does Microsoft, but they're not exactly compatible. They're very siloed.

That's our personal data. We're always talking about personal data [and things like] harvesting personal data. The personal data that matters are: my health, my finances, what I own, my contacts, my calendar - nobody has solved these yet. And [there are] standards laying around in a world. Phil Windley is here [at EIC]. He'll tell you about picos and other things. I suggest you talk to him. If I was 25 years old right now, I would start with picos. I would start with things that people own. How do we make owning things a lot easier? How do we make communicating with companies easier about what we own outside of companies’ separate siloes? That plays into SSI. That plays into I go to the store and I say, yeah, I'm a member of this. I already have this. I already bought this one. You know, I go, did I buy this? Did I buy this keyboard? I have a box over there that has three Apple keyboards. I didn't even know I had these. If I had known, my life would [have been] simpler. I wouldn't have bought another one the other day.

But I don't know those things because I don't have record of that. When I get the receipt, I should put it through something that remembers it. Nobody's thinking about these things, or if they are, they're not gaining any scale. Give people scale around controlling their lives. We have the internet now. We have digital technology now. We're all digital beings. Give us ways that we can manage our lives. Fire marketing, get them out of the room, because they're only thinking still like: how do we find out all about what the customer wants? For one company, a piece. Get rid of that. Just think about what the customer needs. You're a customer. Everybody here is a customer. Think about what you could use in your life that you don't have right now, that gives you scale across every company you deal with in ways that are useful to those companies, where going to appreciate getting just a verifiable credential that says: I bought this before. I belong to this. I have a warranty. Lots of things like that, but in a standard way across all the companies you're dealing with. That is the frontier.

Subscribe for updates
Please provide your email address