FB pixel

Sovrin highlights the risks of commingling data in digital identity guardianship

Categories Biometrics News  |  ID for All
Sovrin highlights the risks of commingling data in digital identity guardianship
 

Sovrin has outlined some of the risks involved at the intersection of Self Sovereign Identity (SSI) and guardianship, highlighting potential areas where issues could arise such as in the commingling of data.

The organization is well known in the digital ID community for its popular MainNet Hyperledger Indy identity ledger.

Guardianship, for the purposes of this whitepaper, is where one party has responsibility for another, for example, a baby or young child in the care of its mother, or a severely disabled person with a carer, incapable of making their own decisions

Though the paper argues that guardianship is “essential for SSI to be inclusive,” as dependents are inherently vulnerable, it argues certain steps may need to be taken to prevent some risks, saying things can “easily get messy” when it comes to guardianship.

It explored how issues around guardianship might manifest in fields as diverse as social work, humanitarian aid, finance, healthcare, law, government, and the Internet of Things (IoT).

Impersonation and commingling of identity data is a key risk outlined.

For example, a guardian may pretend to be the dependent without the dependent’s knowledge to qualify for a discount when making online purchases or when taking out a loan, or for other purposes related to their own benefit.

Potential mitigations suggested for this include having a “clear distinction” in the original Guardianship Arrangement outlining the scope of the guardian’s rights and duties and clearly outlining the limitations.

Other potential mitigations included using a trusted third party for authorization or making it a requirement that it always made clear which party is acting.

Another One of the risks outlined is “recentralization,” where power moves back to a guardian, which contrasts with how SSI is meant to “be inherently decentralized and moves power to the edge to eliminate single points of failure” according to Sovrin.

The paper suggested migrating this risk by outlawing “bulk load” processes, in which entire populations are pushed into guardianship without their consent.

Sovrin argues that there is a possibility that organizations or governments could “try to act as their customers’ or citizens’ guardians instead of as their peers and delegates.”

Another more technical set of challenges outlined by the report are risks at the moment of transition, for example when a change of caregiver is needed, which the paper argued would leave some “digitally stranded.”

Mitigations suggested by the report included the use of “biometrics, QR codes, embedded or supporting technologies, and low technology / no technology solutions to support the SSI user experience” as well as implementing an “SSI architecture with an end-to-end process framework that includes online and offline processes.”

Sovrin regularly publishes on the risks and opportunities within the digital identity space, in January 2022 was pointed out in an ENISA report looking at how different national ID systems have been implemented around the world, and looked at their applicability within the EU.

This post was updated at 9:06am Eastern on June 13, 2023 to clarify that ENISA, not Sovrin, published the report on national ID systems.

Article Topics

 |   |   |   | 

Latest Biometrics News

 

Karachi launches safe city project with live vehicle, facial recognition

Karachi has launched the first phase of its Safe City Project, with five poles equipped with 25 surveillance cameras. A…

 

Biometric payments project launched in Kazan, Russia

The authorities of the city of Kazan, a center of Russian petrochemical production, has officially launched biometric face payment via…

 

DPI is taking stage as India’s digital model is shaping global governance

Governments worldwide are increasingly prioritizing the development of robust Digital Public Infrastructure (DPI), in a shift that comes in response…

 

Comoros to implement digital govt program with $10M AfDB grant

The Union of the Comoros is set to execute a digital public infrastructure (DPI) project thanks to €9.51 million (US$10.4…

 

Malaysia pushes for stronger DPI governance

Malaysia has ambitions to become a digital hub for Southeast Asia but the country still has some way to go,…

 

Biometrics race for the borders

Biometrics to ease border crossings are a major theme of the week among Biometric Update’s most-read articles of the week….

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

DIGITAL ID for ALL NEWS

Featured Company

ID for ALL FEATURE REPORTS

BIOMETRICS WHITE PAPERS

BIOMETRICS EVENTS

EXPLAINING BIOMETRICS