The Future of 'Good' Identity

Identity is one of those unique topics that matters to every human being on the planet. Being able to prove your identity and use it to access healthcare and education, to get a job, travel, or buy groceries, is what makes our society function.

November 28, 2018

Cash transfer is one of the services that 'good' identity unlocks. Cash is one of the quickest ways to help people get back on their feet and on their way to recovery when crises strike. (Photo courtesy Mercy Corps)

By Leila Toplic, No Lost Generation Tech Task Force Lead

Identity is one of those unique topics that matters to every human being on the planet. Being able to prove your identity and use it to access healthcare and education, to get a job, travel, or buy groceries, is what makes our society function. Identity is also central to all development problems. According to the International Telecommunication Union of the UN, 10 Sustainable Development Goals (SDG) need a coherent identity solution in order to be achieved.

While identity is an age-old issue, identification is entering a new phase of discussions and work due to three factors that are testing the boundaries of the old model:

Needs of the end-user. Over one billion people around the world lack an officially recognized ID. Among them are refugees, the stateless, and forcibly displaced persons. Those who do have ID are impacted by privacy breaches like the Equifax breach in 2017 and frustrated with the lack of convenience and control as their online and offline lives converge.
Regulations. The EU General Data Protection Regulation (GDPR) is demanding new levels of user-centricity focused on protection of personal data with individual rights including: Right to access, right to be forgotten, data portability, and privacy by design. Though regionally-specific, this regulation has sparked a global conversation.
Technology advances. With recent advancements in technology (e.g., blockchain, mobile), we have the means to create user-centric, secure identity solutions for all.

Earlier this month, I had the opportunity to host a conversation on the topic of future of identity at the NetHope Global Summit in Dublin. I was joined by the experts from across the sector – Rosa Akbari from Mercy Corps, Kim Cameron from Microsoft, Christine Leong from Accenture, and Paige Nicol from Omidyar Network.

Our panel set out to explore the future of good identity. We discussed what ‘good identity’ is and how do we know that we have it, and what it will take to make ‘good’ identity possible, including the role of the nonprofit sector. We talked about both barriers and opportunities, roles of organizations and individuals, and the necessary conditions for making identity accessible and usable by all, in the contexts in which they live.

Here are the key takeaways from the discussion.

What is ‘good’ identity, and how do we know that we have it?

Good ID must be trustworthy, private, secure, inclusive, and sustainable – for users, for issuers, and for relying parties. It needs to be:

User-centric. When we speak about Good ID, we must ask - “Good for whom?” A good ID is user-centric to the extent that it gives people control and awareness over what identifiers and personal information are released in any situation. For those who already have access to ID, the focus may be on providing protections against identity theft and the convenience to use anywhere and anytime with a digital wallet that is similar to what we have in the physical world.
Linked to services. Having an identity is insufficient. For ID to be ‘good’ for end-users, it needs to be tied to what users value in their contexts -- services like education, healthcare, or cash transfer.
Portable and inter-operable across services and across borders.

What are the necessary conditions for ‘good’ identity to be possible?

Stakeholder engagement and collaboration. All speakers agreed that without the active engagement and collaboration among governments, NGOs, healthcare providers, technology companies, financial institutions, and other key stakeholders - Good ID will not be viable. For example, Mercy Corps is engaging a wide range of stakeholders to put in place cash-transfer programs in Iraq, Jordan, and Colombia, including: end-user, small businesses (that operate at transactional level with IDs), other NGOs, international organizations including UN agencies and World Bank, governments, and banks. Omidyar Network asserted that “It is critical that the voices of civil society are engaged in this debate. Journalists, digital rights activists, and other advocates for individuals have an important role to play in shaping and strengthening laws that enable ‘good’ identity, as well as holding governments and other issuers accountable throughout implementation.”
Technology that supports development of Trust Frameworks and puts users in control of their identities. While technology is not a silver bullet, technology that is standards-based will ensure that Good ID is user-centric and durable beyond any single solution and vendor. Humanitarian organizations need standards-based, interoperable technology that makes it possible for them to “accept” and enhance existing identities as much as issue new ones while enabling end-user portability of identity from one supplier or context to another (e.g. from a health service to a financial service, and within service area like health to avoid issues like re-vaccination of children on the move). When asked about the pros and cons of blockchain for identity, Microsoft responded: “Let people have their identity information stored in wallets they control and let’s use blockchain to ensure that our wallets can communicate with each other, i.e. enable PII to be available only when it’s shared by the user.”
Data-sharing agreements. Technology is not a replacement for well-defined data exchange and governance agreements between organizations. While such agreements may take a long time to develop and adopt, such agreements are critical for enabling a service model that is designed for end-user data protection and privacy.
Ability to operate within the regulatory environment. Humanitarian agencies have to operate within the regulatory environment which means that decisions on technology and partners will be based on who has experience in navigating regulations or can at least be a good partner to the humanitarian agencies to understand how to operate within those regulations rather than prioritize piloting a certain technology. Humanitarian agencies have an obligation to ensure they address both local and international requirements around data usage and storage. They can benefit from the experiences of the technology sector and partners in this space and ensure they operate in a manner which protects the end user.

What should nonprofit sector do today?

Adopt a different mindset. Shift the mindset from “I’m running everybody’s identity” to “I am accepting everybody’s identity”; from thinking about end-users (e.g. refugees) as passive recipients to active participants — actively managing and controlling their identity. At the same time, build the foundation for the future including the knowledge of digital tools as we well as requirements for security, privacy, and ease of use for end-users.
Focus on the problems that need to be solved right now. It’s important for NGOs to focus on solving the identity-related problems that need to be solved today. Whether helping individuals meet Know-Your-Client (KYC) requirements for cash transfers, verifying vaccination records, or substantiating educational records for children on the move - some proof of identity is needed. In the discussion, Accenture emphasized the importance of shifting the work from broad access and coverage of identity to usage of identity and identity being accepted by a diverse set of stakeholders.
As you begin developing and implementing digital identity solutions in low resource settings, make sure to avoid vendor lock-in. Some of the most significant issues occur when NGOs or governments seeking ID solutions are contract with or “lock-in” to a specific technology or provider. This raises concerns around persistent data ownership and heightened costs when wanting to switch to new and better technologies later. These challenges don’t just affect organizations and governments; they ultimately hinder individuals’ ability to fully and freely access basic services. To help address these concerns, Omidyar Network recently invested in a modular, open-source, identity platform (MOSIP), read more below.
Collaborate to ensure that we don’t end up with a fractured world of NGOs that doesn’t benefit the end user. Mercy Corps urged NGO and UN agencies to focus less on technology and introducing identity products and more on working together to develop sector-wide solutions that serve the needs of end-users including health, education, livelihoods and more: “This isn’t a race to find the most innovative technology and be the first NGO or UN agency to employ it. It’s to improve an end-user’s access to services and ensure their benefit is the primary driving force.”

About the speakers and their organizations’ work in identity space:

Rosa Akbari helps Mercy Corps field teams leverage technology in sustainable and responsible ways. Practical focus on humanitarian cash transfer programs, which includes (digital) ID management in complex implementation environments. Mercy Corps’ work in identity space include: (1) raising awareness around how to access proof of identity documents (Jordan); (2) helping refugees meet KYC in order to receive digital payments in places like Uganda, DRC (3) Piloting Simprints open source biometric solution in Northeast Nigeria as part of *verification* process within CTPs. Mercy Corps is also beginning to explore partners that offer services to *create* interoperable digital IDs.
Kim Cameron wrote the seminal paper on “good identity” (the Laws of Identity) in 2005. Chief Architect of Identity at Microsoft, responsible for Azure Active Directory and consumer identity products since the early 2000’s. Microsoft focused in two areas: (1) Enterprise: Microsoft operates a cloud service for enterprises, organizations, and governments enabling them to interact with individuals in the way that supports good identity. It accepts identities from different sources and connects people into the organization’s existing infrastructure. (2) Personal: Microsoft has a project of turning people’s identities over to their owners (i.e. end-users). These identities can convey claims issued by governments and organizations, but overall identity belongs to the user and they control it. Microsoft intends to transition technology from the old model of organization managing your identity to you as the end-user controlling it in conjunction with claims you obtain from organizations.
Christine Leong leads Accenture’s Digital Identity Innovations group, led the ID2020 work on behalf of Accenture and is the project advisor and author for World Economic Forum’s recently published white paper on ‘Identity in the Digital World’. Accenture is At looking at the full range of identities in the digital world, from enterprise identity to identity of you and me, of things, natural resources and virtual entities. In the new model, Accenture is focusing on how consumers use identities and focus on how different entities would need to work together in order to better serve their end-users and enable users to use and re-use their identity.
Paige Nicol leads Strategy & Insights for Luminate, part of the Omidyar Group. Since 2016, she has worked closely with the team building Omidyar Network’s portfolio of work on Digital Identity. Omidyar Network provides a combination of grant making, partnerships, and investments, all in pursuit of the goal of expanding access to “Good ID” that is private, secure, and controlled by the individual. Some of Omidyar Network’s larger global partnerships have been with the World Bank ID4D program and the World Economic Forum. Omidyar Network has also worked to introduce user perspectives and more rigorous evidence into the debate, especially through initiatives like the State of Aadhaar report.

References and Resources:

Mercy Corps Cash Programming
Decentralized Identity Foundation (DIF) is an example of the establishment of open standards by the tech sector. Through such standards they seek to establish an open ecosystem for decentralized identity and ensure cross interoperability.
The Laws of Identity on the Blockchain, by Kim Cameron
MOSIP: MOSIP provides a secure, standard-compliant, vendor-neutral, affordable, scalable, and customizable platform to build a digital national ID system. It is being made available for free, as a public good, by the International Institute for Information Technology – Bangalore (IIIT-B) through GitHub and at www.mosip.io. Morocco is the first country to use MOSIP to implement its national population register for delivering social safety programs to its residents.
Omidyar Network’s POV about Digital ID and Privacy - suggesting several characteristics of empowering digital identity systems.

Cookie	Duration	Description
_GRECAPTCHA	5 months 27 days	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
na_id	1 year 24 days	The na_id is set by AddThis to enable sharing of links on social media platforms like Facebook and Twitter.
ouid	1 year 24 days	Associated with the AddThis widget, this cookie helps users to share content across various networking and sharing forums.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_ga_FTBJ3W940W	2 years	This cookie is installed by Google Analytics.
_gat_gtag_UA_*	1 minute	Google Analytics sets this cookie to store a unique user ID.
_gat_gtag_UA_50931308_1	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
iutk	5 months 27 days	This cookie is used by Issuu analytic system to gather information regarding visitor activity on Issuu products.
uid	1 year 24 days	This is a Google UserID cookie that tracks users across various website segments.

Cookie	Duration	Description
__qca	never	The __qca cookie is associated with Quantcast. This anonymous data helps us to better understand users' needs and customize the website accordingly.
__ss	1 day	This cookie is set by SharpSpring, a marketing automation platform. This is used for tracking visitors and form submissions.
__ss_referrer	1 hour	This cookie is set by SharpSpring, a marketing automation platform. This is used for tracking visitors and form submissions.
__ss_tk	25 years	This cookie is set by SharpSpring, a marketing automation platform. This is used for tracking visitors and form submissions.
anj	3 months	AppNexus sets the anj cookie that contains data stating whether a cookie ID is synced with partners.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
IDSYNC	1 year	This cookie is set by Yahoo to store information on how users behave on multiple websites so that relevant ads can be displayed to them.
koitk	10 years	This cookie is set by SharpSpring, a marketing automation platform. This is used for tracking visitors and form submissions.
mc	1 year 1 month	Quantserve sets the mc cookie to track user behaviour on the website anonymously.
pa_crosswise_ts	2 years	The pa_crosswise_ts cookie is set by Perfect Audience for advertising purposes based on user behavioural data.
pa_google_ts	2 years	The pa_google_ts cookie is set by Perfect Audience for advertising purposes based on user behavioural data.
pa_openx_ts	2 years	The pa_openx_ts cookie is set by Perfect Audience for advertising purposes based on user behavioural data.
pa_rubicon_ts	2 years	The pa_rubicon_ts cookie is set by Perfect Audience for advertising purposes based on user behavioural data.
pa_twitter_ts	2 years	The pa_twitter_ts cookie is set by Perfect Audience for advertising purposes based on user behavioural data.
pa_uid	2 years	This cookie is set by prfct.co. This cookie is used across the websites that use same ad network to display ads to the other advertisers in the network.
pa_yahoo_ts	2 years	The pa_yahoo_ts cookie is set by Perfect Audience for advertising purposes based on user behavioural data.
personalization_id	2 years	Twitter sets this cookie to integrate and share features for social media and also store information about how the user uses the website, for tracking and targeting.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
uuid2	3 months	The uuid2 cookie is set by AppNexus and records information that helps in differentiating between devices and browsers. This information is used to pick out ads delivered by the platform and assess the ad performance and its attribute payment.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
_bc_uuid	10 years 9 months 21 days 14 hours 26 minutes	No description available.
A3	1 year	No description
fundraiseup_cid	1 year 1 month 4 days	No description available.
fundraiseup_func	session	Description is currently not available.
fundraiseup_session	past	Description is currently not available.
fundraiseup_stat	session	Description is currently not available.
hid	session	No description available.
tableau_locale	session	No description available.
tableau_public_negotiated_locale	session	No description available.
VISITOR_PRIVACY_METADATA	5 months 27 days	Description is currently not available.
X-Qlik-Session-a	session	No description

Article

The Future of 'Good' Identity

Identity is one of those unique topics that matters to every human being on the planet. Being able to prove your identity and use it to access healthcare and education, to get a job, travel, or buy groceries, is what makes our society function.

Share this:

Program Areas

Related articles

Article

The Future of 'Good' Identity

Identity is one of those unique topics that matters to every human being on the planet. Being able to prove your identity and use it to access healthcare and education, to get a job, travel, or buy groceries, is what makes our society function.

Share this:

Program Areas

Related articles

Cookies