Yves here. While I think this idea has about zero odds of getting done unless the tough-minded EU regulators take it up, it does have the interesting effect of framing a digital solution in libertarian property rights terms that Silicon Valley types love, and using that to show that their level of exploitation is analogous to that of slave masters. This isn’t surprising to anyone that has been paying attention, that technology is being used to shrink our commons, but it is encouraging to see someone make that case and not be arguing it from the surveillance perspective, but from the mere “value of information” vantage.
By Dennis Snower, President of Kiel Institute for World Economics and CEPR Research Fellow. Originally published at VoxEU
Digital identity management is currently undertaken by central identity providers, with users providing their data free to digital networks that own their digital identities. If users leave their digital networks, they must leave all their digital possessions, including their digital identities, behind. This system is analogous to slavery. It is neither efficient nor equitable. Users have no assurance that the value of the free data they provide bears any relation to the value of the free services they receive. The digital networks have overwhelming market power relative to their users. This column argues for reform in the form of a Digital Freedom Pass, – the digital equivalent of a wallet containing verified pieces of an individual’s digital identity. The person can then choose which identification to share, with whom, and when, allowing emancipation from our current digital slavery.
Imagine a new form of slavery – call it slavery 2.0. Slaves provide free labour for their owners; in return, the owners give them free food, clothing and shelter. Furthermore – and this is the new twist – slaves are free to leave their owners whenever they wish, but when they do so, they must leave everything behind – their belongings, their friends and acquaintances, their reputation and all other external aspects of their identity. Would a labour market built on this system be considered efficient and equitable?
The obvious answer is: Silly question, of course not! But this silly question turns out to be supremely important for us nowadays, because in the digital world we are all slaves 2.0. We provide information about ourselves for free. This free labour enables digital networks – such as the ‘Big Five’ (Apple, Facebook, Amazon, Google, and Microsoft) – to amass vast fortunes. In return, we receive free apps and other internet services. We are free to leave any networks to which we belong, but when we do so, we must leave everything behind – the information about us, our contacts, our ratings, our digital identities on those networks. We have no property rights on the data we generate, and only by generating such data can we derive benefit from our digital networks. This relationship between the digital networks and their users is digital slavery 2.0.
An Inefficient and Inequitable System
This system is inefficient, since economic markets cannot generate efficiency when the commodities transacted – information about individuals in return for some free internet services – are free. It is analogous to old-style slaves providing their free labour in return for free food, clothing, and shelter. There is of course no guarantee that, for every individual, the marginal value of the free internet services is equal to the marginal value of the users’ information. On the contrary, we have every reason to believe that the value of the information supplied by users to the network owners far exceeds the value of the internet services that the users get for free – much like the marginal value of slave labour far exceeded the marginal value of the food, clothing, and shelter that the slaves received. People with high skills in generating valuable data have no incentive to employ their talents for this purpose if data are supplied for free. Costless data also gives people no incentive to develop skills that could improve internet services.1
These inefficiencies are tolerated by the digital network providers, since what they lose from these inefficiencies they make up handsomely through the market power gained through digital slavery 2.0. Hal Varian, the chief economist at Google, argues that data nowadays are plentiful and thus virtually worthless, whereas the designers of the networks are scarce and thus generate most of the value of the digital network services. This argument is self-serving. It is analogous to arguing that slave labour, in the heydays of slavery, was plentiful and that most of the value was generated by the designers of the slave plantations. It is impossible to assess the marginal contributions of data users and network designers when one of these groups works for free. Furthermore, as Posner and Weyl (2018) note, it is far from clear that the marginal value of the data generated by network users declines with the amount of data, given that the data are used to handle more and more complex problems (such as face and emotion recognition and predictable cognitive processes).
The system is also inequitable, since the owners of the digital networks wield overwhelming power. They own the access to the digital data on which their users rely, much as old-style slave-owners owned the access to their slaves’ basic necessities. The fact that the slave-owners provided something of value to their slaves did not make the exchange of slave labour for basic necessities equitable. The slave-owners were in a position to exploit their market power to their own material advantage, much like the digital networks nowadays are doing.
The Solution: Digital Emancipation
There is a straightforward solution to this monstrously unjust and wasteful system: digital emancipation. Just like the emancipation from old-style slavery gave the slaves property rights over their own services, so emancipation from digital slavery must give users property rights on the data they generate.
Since users currently don’t have property rights on their data, they generally don’t know how their information is used. They are subject to manipulative advertising that exploits their data. They are vulnerable to attack by hackers. They are largely powerless in the hands of global digital monopolies. They are vulnerable to digital automatisation, enabling machines to take over the routine work they perform, without giving them the opportunity to put new, user-generated work in its place. All these problems could be overcome by giving digital users property rights over their services.
A small but growing number of insightful policymakers are calling for this reform. Recently, at the Global Solutions Summit, Chancellor Merkel suggested that digital data be priced and users be able to sell their data. It is not worth being half-hearted about this reform – improving data protection, granting users more information about how their data is used, etc. – though doubtlessly there will loud voices from the digital special interest groups calling for half-heartedness. A comprehensive solution – offering true emancipation – is feasible. We have the knowledge and technology to implement it. All that is required now is political will.
The solution could be called the Digital Freedom Pass (DFP). It involves giving each person the digital equivalent of a wallet that contains verified pieces of his or her digital identity. Specifically, it gives each person a private key for an unlimited number of recipients, who can access the encrypted data only if they possess the corresponding public key. The person can then choose which identification to share, with whom and when. This makes the person ‘sovereign’ over his digital identity, commonly called ‘self-sovereign identity’ (for excellent summaries, see Der et al. 2017 and Tobin and Reed 2017).
In the tech world, a ‘digital identity’ is information about an entity (for example, an individual) that represents that entity. The digital identity arises from the use of personal information and the actions of individuals on the web. In the real world, you are the provider of your own identity, since you generate the characteristics that enable others to recognise you. On the Internet you have an ‘identity provider’, who provides you with an identifier (often a password) in a specific domain that proves that you are you. Currently, identity providers focus on those of your characteristics that are relevant to the organisation and its objectives, without independent regard to you and your objectives. These identifying characteristics belong to the organisation, not to you. Consequently, you wind up with a large number of online personas at a large number of different organisations. By contrast, a ‘self-sovereign identity’ puts your identity into your own hands.
Digital identities need to be ‘secure’, which means that they pass requirements of privacy and trustworthiness. ‘Privacy’ means that only authorised recipients can access your digital identity; ‘trustworthiness’ means that the information contained in your digital identity is correct. The Cambridge Analytica scandal and other misdeeds suggest serious problems concerning privacy. The absence of authoritative background checks for much of the information that users provide to the digital identity providers creates problems of trustworthiness.
Prerequisites for Achieving Digital Emancipation
Self-sovereign identities put the individual in control of his or her digital identity, giving her full access to her own data – something that is virtually unheard of under the current digital regime. An individual’s digital identity needs to be persistent, portable, interoperable, and secure (see Allen 2016 for a more detailed description of these requirements). These are all recognised to be important prerequisites for the achievement of freedom in the digital space.
Since individuals are in charge of their digital identities, they will need to take responsibility for satisfying these prerequisites themselves. In order for people to do so, they will need public support in managing their digital identities. For example, they will need to have access to convenient digital sources of evidence for the correctness of their information they provide and receive (through digital signatures of third parties to prove authenticity),2procedures ensuring transparent consensus concerning the content and conduct of transactions, and systems ensuring consistent usage rights for the individual’s data. The implementation of such systems can draw on decentralised ledger applications such as blockchain (which verifies the accuracy of one’s data decentrally, as it does for Bitcoin) and smart contracts (e.g. Jacobovitz 2016, Meitinger 2017). These applications permit us to look up decentralized identifiers without involving a centralised directory. They allow people to authenticate their data about themselves by using decentralised, verifiable credentials.
Since digital identities are meant to function across legal jurisdictions, it will be vital to specify an international legal framework relevant to each transaction. For this purpose, the EU General Data Protection Regulation (GDPR) uses the principle of Lex loci solutionis, in which transactions are associated with the citizenship of the individuals involved.
What I refer to as the Digital Freedom Pass covers the entire constellation of self-sovereign identities, along with supportive technologies and legal systems, and standardised interfaces. The DFP makes users central to the administration of their identities. It enables users to use their identity across multiple locations, but only with their consent. Since decentralised identities are difficult to access, they are also difficult to hack.
The prerequisites for the establishment of the DFP require public support, much as governments were required to build the internet and give people access to it. Meeting these prerequisites should be easier, cheaper, and much faster than the large public efforts of the past, such as building water, rail and road networks during the Industrial Revolutions. All that is required is the appropriate political will.
Such a scheme has already been conceived and is running in some limited domains. OpenID, an open standard and decentralised authentication protocol, allows users to control their personal data by enabling them to be authenticated by other users without the need for external identity providers. ID2020 is a public-private partnership aiming provide every person on earth with access to a personal, private, secure, persistent, and portable digital identity (ID2020 2017) in support of the UN Sustainable Development Goal, Target 16. The DFP could drive such initiatives. The Swiss municipality of Zug has introduced a distributed leger system to implement self-sovereign identities for its residents. Microsoft aims to support decentralised identification technology through Microsoft Authenticator.
The DFP provides a basis for the sale of user data to digital companies. The proceeds from such digital sales could be taxed and the revenue used to extend and upgrade internet access, as well as to reduce the cost of internet access for disadvantaged groups.
But the DFP will not happen by itself. There are too many digital companies with vested interests in maintaining control over their users’ data. Slavery also did not disappear by itself. For the DFP to be successful, it needs broad adoption. For broad adoption in the EU, it must be made a legal requirement for the EU. The DFP could play a central role in the creation of a European digital single market and is consistent with the DGPR. Progress on this front could put the EU at the vanguard of a movement to emancipate people worldwide from their current digital slavery.
The rise of powerful digital monopolies – linked to the rise of inequalities in major market economies, large-scale manipulation of digital users for political purposes, and the widespread inability of digital users to grasp the business purposes that their data serves – threatens to undermine market economies and democratic processes. The DFP would spearhead a reversal of these alarming trends, since it would give us property rights over our most important possession – information about ourselves – and thereby would give us our most valued freedom in the economic realm: the freedom to choose.
See orignal post for references
24 comments
Comments are closed.
To an extent, the GDPR is a pre-cursor for this, imperfect as it is..
Tasks pending accumulate:
Tax heavens
Rigth to repair
Climate change
Plastics & other contaminants
Digital mess
How to provide the incentives is the question
“heavens” for them; havens to us.
I always do the same mistake. This is because in Spanish we call them “fiscal paradises”
Evgeny morozov has already argued about this in much detail and has already written about the idea of having a digital identity which you could sell (which he is against).Apart from the wording of the framing, there is nothing new said in this article.
It’s new to me.
The march toward digital enslavement is not limited to identity management. I am deeply disturbed by the ramifications of the cloud model ,Software As A Service (SaaS) and the subscription model being adopted by virtually every commercial software house. Wall Street is also exerting great pressure in that direction under the cause of predictable future revenue (BTW monopoly is excellent for that objective).
The insidious side effect of clouds and SaaS is that you will no longer be able to own access to your own data. Eventually, every letter you write to a friend, every record you keep, every photo you take of your children will only be accessible to you as long as you continue to pay your subscription to the service that holds them and provides you access. Even if you pay, these same companies will reserve the right to deny service to anyone who interferes with their corporate agendas; this will be every bit as much enslavement.
Building an international legal framework for digital ownership and digital access easements is probably the ownly way to prevent a nightmare, but the headwinds are very strong and growing.
I also predict that automous vehicles will follow the same models. Once the tech is viable, car ownership will replaced by subscriptions. Legislators will be pressured to ban non-autonomous vehicles in the name of safety. Subscription plans will be based on the mile and possibly more for off road and other “high risk” or “substandard roads”. This would have the effect of prohibiting travel (even to buy groceries) without paying rent, and anyone may be denied as the provider’s discretion.
Let the conversation begin.
Excellent points and well stated. I’ve been stunned by the lack of concern in otherwise highly intelligent people in the direction the digital take over has been going in for the last decade plus. I’m talking about CFOs among other executives I’ve spoken with on the subject. All that was needed was to make third party servers and storage sound sexy, ‘the cloud,’ and presto, hard nosed executives magically lost any concern about putting all their data under the control of someone else rather than using off the shelf highly reliable back up and fail safe hardware/software for in-house use (and in-house control/ownership) already available at absurdly cheap prices. Only the very largest companies can get their own contracts on data use, ownership and sharing and even then our regulatory system is so broken that it’s more a question of whether there is enough profit in foul play to warrant it, rather than fear of some three volume contract.
And yes, absolutely, autonomous
missilesvehicles with their monopoly of the road (all roads), ostensibly ‘for safety’ and their maze of contractual rights to everything the individual does in the vehicle, where he/she goes and the route to get there, all rights to biometric data in which -during the ride- the vehicle becomes a veritable laboratory of sensors, will be one of the last nails in the coffin of human self ownership. Physical mobility is critical to survival but even as we speak, we are in the process of begging the “owners” to take complete absolute control of it all because of what looks to be some sort of innate hypnotic obedience to marketing.A few years ago, when I bought my first I-Pad, the salesperson at the Apple store urged me to sign up for their Cloud services.
When I politely but incredulously asked him why I would ever consider putting my files in The Apple Corporation’s cabinets (or, for cryin’ out loud, those of Jeff Bezos’!) he said, “Sometimes you have to trust people.”
“That’s a good one,” I responded, and left with my purchase.
If allowed to maintain the choice of staying off the Cloud (which seems increasingly unlikely), then my feeling is, “Never, ever…”
It just occurred to me when automatic driving vehicles take over the roadways, how much carnage such driverless vehicles could create on the road! Scary!
Bizarre. Given all the problems in our current world–AGW, chemical companies that poison, a corrupt finance sector–I’d say Silicon Valley is the least of our worries. But if the big internet companies are deemed to have a dangerous amount of power then there is the antitrust weapon not to mention potential laws regulating privacy. Plus it’s likely that companies like Google or Facebook derive a lot of their power from stock inflated by a bubble driven market rather than exploitation of all those digital “slaves.” The above article makes many assumptions with very little evidence, using the excuse that a free barter exchange between companies and individuals cannot be economically assessed. But it could be that not all behaviors fit within the economist box.
Huh? A surveillance is one of the biggest tools the authorities have for keeping people from taking on the status quo and forcing major changes.
i’m dubious about the effectiveness of antitrust in the u.s.
Oh my, what to say. There’s been local, national and worldwide ire about the abuses of many Silicon Valley Multinational Corporations — over decades — from Lockheed to Facebook, which are increasingly indistinguishable from an increasingly fascist Militarist US government.
That’s not even to mention Silicon Valley’s huge contribution in technologically enabling the corrupt finance sector in its nanosecondry swindles; the chemical toxicity of its required — made to obsolesce computers and gadgetry — and the third world children who mine for those rare earth, raw [gadgetry] materials; along with the Silicon Valley record of still having the most concentrated, as yet cleaned up, Superfund sites in the United State.
You’re presumably living in North or South Carolina (If you’ve been ‘successfully’ living in Silicon Valley, I think you need to come clean with that). I’ve lived ‘in’ Silicon Valley™ for decades, and am increasingly witnessing the destruction Silicon Valley™ has wrought locally (let alone nationally and worldwide) on a daily basis. Since I’m not a Carolinian, I would never presume to defend your particular Carolina against such deserved scorn, because I’d be utterly ignorant of the backdrop. I’m curious as to why you’ve taken to defending a place over 3,000 miles from where you reside, yet aren’t required to live under its horrid inhumanity.
In today’s links there’s the Gates “new economy” essay. IMO, he gets some things right – but, for reasons that are semi-obvious, leaves out the other side of the coin. The fact that the marginal cost of new Word SW is close to nil (cost of the carrier) is one thing – the other thing is that the SW Word will never get rusty, never gets dirty, never wears off. So, if there’s a suffient functionality, with not too many usability bugs, the SW can be used forever.
That is, unless you build in obsolescence in some way or another, forcing the users to update. The data slavery is only the last trend here, we have been slaves to the SW companies from the moment where the updates are unavoidable.
The digital age is an entirely new world and one that we haven’t quite figured out. It’s likely that these companies have switched to the advertising and behavioral data business because that’s the only way they can make money. And of course many of them don’t make money or barely return profits but their stock keeps going up anyway. I’d say one shouldn’t assume that these large SV companies are necessarily in the driver’s seat. It could be that the internet is something that nobody can control. Microsoft once made all their money from software licenses–probably still do for the most part–but any of their programs can be freely downloaded online. It was once said that practically every computer in China was running a bootleg copy of Windows. Cory Doctorow talks about this and the fact that one thing computers are very good at is making copies. In the new Gutenberg era everyone has their own printing press. So even if we are (voluntary–you don’t have to go on the internet at all) privacy slaves it could be that it is the IP owners who are really behind the eight ball. One can at least suspect that their interests are behind moves to regulate the internet. IMO better to go after monopolists with existing laws than to try to change the web itself–something that, given the nature of the beast, may not even be possible.
(voluntary–you don’t have to go on the internet at all)
(Picking on a point), you don’t have to go on public roads either, but it sure comes in handy if you want to eat, pay taxes, live under a roof, and so on. Try operating a business in MA without having access to the internet (and I imagine many other states are the same – or will be). Try being an employee without a Linkedin or similar account. And that dependence is not getting less over time but rather quite the opposite.
Maybe I read the article too quickly — it is sort of prolix and I felt urged to skip ahead — but I see two and a half different problems being conflated. One is identity, which is an interesting question with maybe even a philosophical side, and the others are possession of data generated (a) by and (b) about users. ‘Identity’, in the case of an online business, is a relationship between a (possibly imaginary) individual or group, and the business; devising a universal verifiable identifier for all entities with which another entity may come in contact is going to be a very interesting and difficult problem. (Anecdote on request.)
On the other hand, there is data in general. In most cases, data generated by users, for example Facebook posts or Gmail messages, can be retained on separate equipment by the users (I do this), so Facebook and Google do not really possess the data. Copyright may even be exerted against them. The same data can be sent to two or more different storage entities. If people don’t want to do this because a certain amount of trouble is involved, that is their choice and presages a lack of interest in laws to the same effect. In any case, while they may be cheated, they are not enslaved. They can leave.
Finally there is data generated about users and retained by businesses, governments, and other institutions which uses should certainly have a legal right to inspect and challenge. That is one area in which present laws are deficient. But that problem does not have a lot to do with identity or stored user data.
While the internet companies would like us all to live in the cloud with them there’s no reason why we have to and storage options these days are ridiculously cheap. A 1T portable hard drive can be had for less than $50. Some of us believe very much in maintaining an offline/online life and nothing should be connected to the internet–particularly continuously–that doesn’t need to be. And yes you should keep all copies of emails on your own machine if keeping is desired. I don’t Twitter but surely there are ways to keep those on your machine as well.
I have a great desire to not use the Internet ever again, but when I think about how convoluted life would become without it, I get panicky. I pine for the says when no one was shoving ads at me, when my information was for my eyes only, when I could undertake all my business without a machine, when only bank robbers wanted my money, when my information was not known as “data” except by government statistics, and so on. I’m glad I won’t be around for the next twenty years to see how things turn out. Of course, on second thought, climate change might make the whole new world we are creating, moot.
So once again the problems caused by too much technology will be solved by moar tech? I remain extremely skeptical.
People have pointed out the problems with using retinal scans, etc as definitive IDs – once those get hacked your really screwed. I would think the same problem would happen with the proposed Digital Freedom Pass – hack that and everything you are is compromised.
Also, this idea of a digital wallet that can confirm identity and be used across the internet has been put forth already in, among other places, Dave Eggers’ book The Circle . This is a dystopian satire on companies like Amazon, Google Facebook and let’s just say things don’t turn out well. As literature the book isn’t particularly good, but its skepticism about tech as a social panacea is right up the alley of many NC readers.
I’m so old I can remember when the internet started and companies put up websites but couldn’t figure out how to make any money from it. And then they decided to “innovate” by……. selling advertising which has been done for centuries.
Maybe it’s time to get back to those old internet days. Rather than trying to figure out how people can manage their own data, which will turn out to be a complicated process that few really understand to begin with, how about simply banning the collection of it all in the first place. I don’t remember anybody asking me or anyone else if was OK to begin with.
“property rights over our most important possession – information about ourselves – and .. our most valued freedom in the economic realm: the freedom to choose”
What are our choices? As important as winning the right to own your data and take it with you is the construction of free, open-source, decentralized and, above all, cooperative platforms. Lack of information about existing alternatives is the first barrier to their adoption (duh) so here are a few resources:
Internet of Ownership – https://ioo.coop/
Social.Coop
Switching.Social
We Collective https://www.weco.io/b/platformcoops/wall?sort=date&stat=global&time=all&type=all
I battled for the soul of a website & lost and am banned. I am proud that I was an early web warrior poet fighting for what has become real territory.
It is the mental landscape. I am a great commentator. When it was just the newspapers they published my letters but refused to hire me and pay me.
The magazines that did pay me didn’t pay me enough to eat more than one meal every now and then. I wrote for a website with administrators that gave me my own column space. I never made any money, but am banned in China.
Physically I represent hardware. How my mind works is unique to me within a range with Software that holds ideas that are my identity. I am a private idea and a public idea. My identity has been locked up and cannot participate in a struggle for territory in the mental landscape.
I am also barred from a bar in town. To be barred one is supposed to have beaten someone up, or stolen some things, or broken things. In this case my age and ideas were an influence on my being excluded from the conversations.
I perform alone.
The web world does allow one virtual mobility though one cannot win if you as hardware are effectively banned. Only the jet setters win.
Hiding in the open is all that the poor protester can do. There are people ruin things for you. Russians and Alex Jones. Trump. Ajat at the FCC.
Germans and Russians have not so far back experience with what happens in political climates where surveillance is constant and you may be denounced as a counter revolutionary so someone gets your apartment and your food while you either become slave labor for spies cutting down trees for other currency than your own, or exterminated and also made into slave labor.
“It is better to know it, than live it.” is a paraphrase of a line about William Faulkner in a biography I read.
Since I never make any money from using my computer it as a typewriter or machine to work like film in a camera or tape recorder with a memory that is like tape on the reel to reel or cassette, I have a content problem.
I have an idea problem as I exist as a banned and barred idea.
It is an interesting life.
Thanks,
I have argued that digital identity needs to be independent, but it also needs to be verifiable. There is some value in having pseudonymous identities, but far more in a verifiable one. This, presumably, explains part of the standardization around FB or Google as identity authorities.
However as pointed out here, these identities are monetized and not free. The answer to this is simple and obvious: just as municipalities provide non digital identity verification, via the DMV or postal service or birth registry, they should also issue digital certificates (a public/private key pair signed by the authority) which can be used for online identification, securely without too much risk of identity theft (It also provides a single point of failure for identity).
The use of this system could be encouraged by making it useful for government services. The IRS already does something like this with their PIN system. A non crummy version of this would go a long way.