tangle-labs-1

eID and SSI technology: privacy risks and discrimination against citizens?

CCTV cameras on concrete wall
In addition to the enormous advantages offered by SSI, it is also important to bear in mind that there are dangers lurking for citizens with the digitization of identities. Critics present very valid arguments against the widespread introduction of this technology in society. At this point, I will address these points.

Share This Post

How they can be reduced with appropriate technical and legal measures

In the last two years of intensive study of Self-Sovereign Identity (SSI) I faced many critics despite to the advantages the technology offers over today’s familiar identification and certificate issuance options. They argue unexpectedly strongly with concerns about privacy and surveillance over citizens, ironically the very issues SSI seeks to resolve. Undoubtedly, the criticisms are valid and require closer examination to determine what measures should be derived from them. Since the eID is to be built on the basis of this technology, it is enormously important that consensus is created. How this is achieved I will deep dive in this blog.

In short: what is SSI?

With Self-Sovereign Identity, each individual manages their own third-party issued documents and certificates, called credentials. These can be a state identity (eID), a driver’s license, a settlement permit, a university degree, a tennis club membership, a purchase receipt, etc., stored in digital form on an app (wallet) on the smartphone or similar electronic device in the sole possession of the individual.

The credentials are issued for a globally unique identifier, for example a decentralized identifier (DID), which the wallet manages and which are stored with a unique verifiable digital signature by the issuer. The issued documents can thus be checked electronically for legitimacy. It is not possible to copy, forge or modify the contents, as the signature would expire and the fraud would be uncovered.

What can SSI achieve?

Basically, SSI wants to achieve the following:

  • Personal data is stored only on the electronic device of the applicable person. The person decides for himself with whom he wants to share data. A central entity that manages the identities (e.g. Google, Facebook, Apple, Samsung) is no longer necessary.
  • Verifiers can verify credentials with one hundred percent certainty because of the digital signature. Document forgery is no longer possible.
  • Since the credentials are only stored locally on the phone of the citizen, interaction with the credential issuer is not necessary for verification.
  • A wallet app can create any number of globally unique identifiers. Each credential can be linked to a different identifier, so that a profile of a specific person cannot be created on the basis of different verified data.
  • Within a few seconds, a credential can be created and transferred to the owner.
  • If the wallet is lost, the credentials can be revoked immediately, so that any previously issued documents lose their validity.

SSI thus aims to place the owner of an identity at the center of all activities and to ensure the highest possible level of data protection.

Additionally: Due to the globally unique identifier, SSI allows accounts to be created on the Internet for which neither an e-mail address nor a password are required. The uniqueness and thus assignability to an identity are regulated by the identifier. Remembering passwords and logging in using an e-mail account will be a thing of the past (see also FIDO2 technology or SIOPv2).

Valid arguments of the critics

In addition to the enormous advantages offered by SSI, it is also important to bear in mind that there are dangers lurking for citizens with the digitization of identities. Critics present very valid arguments against the widespread introduction of this technology in society. At this point, I will address these points.

Overidentification

Digitalization makes it possible to store and analyze data with much less effort than before. This is also the case with SSI. Service providers such as online stores, fitness centers or other everyday services have a great incentive to force holders to present the eID, since the verification effort will suddenly be very low, unlike with the physical identity card.

State-issued identities are extremely valuable

eID data is extremely valuable because it is authentic and state-verified. With the threat of identity coercion, third parties receive valuable data and thus become targets of attacks or can resell the data.

Facial images as part of the digital identity

How can you ensure that the holder of an eID is actually the person it claims to be? The facial image is an important component for unambiguous identification and is therefore part of the eID. In order to be able to make a clear match in a KYC process, the holder must release the contents of the eID together with the image. Verifiers will therefore possess the facial images in digital form in the future.

Account login mechanism with the eID

Many websites provide the option of logging in with Google, Facebook or similar (so-called identity providers) and appearing as a “federated identity”. While undoubtedly practical, they pose a major privacy problem, as activities on the web can be attributed to individuals. Such a practical and efficient login mechanism using the eID could become the standard. As mentioned above, digital service providers benefit from valuable government-verified information.

Law does not protect citizens enough

The introduction of the eID comes at the same time as a new law, in Switzerland the BGeID. While currently still in consultation, the first draft is still clearly not protective enough because the reference to the Data Protection Act is not sufficient. Specifically:

  • It refers to the need for private and public interests when requesting the eID, but does not specify when such an interest exists.
  • The citizen does not have the right to object (opt-out).
  • The linkage prohibition of further data (correlation) is not explained in detail.

Another problem arises for citizens when legislation is not coordinated across countries and data protection is not observed equally. Digitization is only weakly aware of geographical and legal boundaries, which is why citizens are exposed to risks in the digital space.

Discrimination and control efficiently implementable

With digital identity, discriminatory supply management of services or products can be implemented efficiently. Certain educational channels could be withheld from certain ethnic groups. There is currently a political debate in Switzerland about age verification for various content on the Internet.

Security gaps in the older generation of cell phones and negligent handling

With the eID, the identity is stored on the electronic devices. As with eBanking, security standards are prescribed for this to ensure the best possible protection for the user. Not all cell phones can comply with these standards.

Correlation issues by unique identifiers

Several global unique identifiers can be used to correlate activities of citizen. This may be an identifier of the software wallet, the decentralized identifier mentioned above, a specific index in the revocation registry or the signature of a specific credential, when used several times.

Status quo is not a solution

Despite the risks that an eID entails, the status quo is not a solution. The loss, inadequate protection of personal data occurs every day today and the verification in the KYC process is time-consuming and cost expensive for companies. Examples:

  • My bank lost the copy of my ID when I opened a new account. It can no longer be found. Who has this copy now? Where is it used?
  • The KYC processes to open a bank account or similar take several days. A lot of forms have to be submitted and signed.
  • Job references or training certificates can be easily falsified.

Today’s verification process is very error-prone, inefficient and not fraud-proof. Obtaining documents from third parties takes several days and costs money. It is very easy to obtain services using someone else’s identity. Personal information data of citizens are stored in many centralized systems, making it vulnerable for hacking and data breaches.

Even in the case of legal entities, a clear and verifiable identity such as the tax number is necessary, for example, to check the authenticity of invoices and account details before a payment is made. Very often, entrepreneurs fall victim to fraud schemes because the identities of business partners are not securely verified.

Additionally, in the international trading business a lot of certificates and import declarations must be shared and verified. This process takes a lot of time, which results in delayed shipments and increasing costs for companies.

Mitigate dangers

The dangers that have been pointed out are justified and must be taken seriously, and all precautions must be taken to minimize them in order to protect the citizen. At this point, I will show measures that help to ensure that SSI and the eID bring benefits for all. They consist of a mixture of legal and technical aspects. It is worth referring to the EU-wide eIDAS Regulation, which has already regulated a great deal on this topic.

Strict eID, data protection and anti-discrimination law

In Switzerland, the Federal eID Act (BGeID) is currently being drafted, which in principle allows a good balance between mandatory legal requirements and openness for the development of decentralized ecosystems. However, tightening is needed at the following points:

  • There is a lack of clear regulation under which circumstances an eID may be required. The “Schweizerische Anwaltsverband” demands that verifiers may only demand the eID “… if and insofar as this is necessary to fulfill a legal obligation”. This would prevent an unnecessary demand for the eID in everyday life. eIDAS addresses this issue by requiring verifiers to register and report all data they want to collect. I very much support this approach but in the interest of reducing bureaucracy it needs to be limited for all credential issued by government agencies.
  • It must also be added to the law that non-discriminatory access for people without an eID is guaranteed at all times.
  • For low Level of Assurance (LoA) cases (e.g., when only age needs to be confirmed), an ID using Zero Knowledge Proof (see below) must be sufficient.
  • Right of withdrawal at any time, as provided for by the GDPR law in the EU, must be prescribed by law.
  • BGeID refers to the Data Protection Act, which, however, requires adjustments for handling in the digital space.

Currently, there is no explicit anti-discrimination law in Switzerland, which is repeatedly demanded by various bodies after the publication of studies on the legal effectiveness of the existing provision. With the spread of SSI technology and the possibility of more efficient monitoring of individuals, a tightening of non-discriminatory treatment in the digital space should be discussed.

Non-repudiation approach and independent reporting office for violations

To strengthen the enforcement power of the law, the so-called non-repudiation approach is mandatory. It enables the retrieval of data from the verifiers themselves to be given a digital signature. This means that in the event of a dispute, a citizen can prove that a possible breach of data protection regulations has occurred. An independent ombudsman’s office that records provable violations enables legal prosecution. An open rating system can proactively alert citizens to privacy concerns with specific verifiers.

Extended use of technologies such as ZKP

Third, it must be determined which data may be verified and stored and how. Here, the so-called ZKP technology plays an essential role, with which evidence is shared without sharing the content, for example, that a person is over 18 years old without disclosing the date of birth. In this respect, only parts of documents can be shared selectively using ZKP without disclosing the entire document (Selective Disclosure). Even the unique identifier will be anonymized, so that in no case profiling will be possible using the shared data. By law, criteria must be determined with which ZKP represents sufficient proof.

Safety standards

It must be ensured that globally valid security standards are defined for the wallets. The European Commission released, based on the eIDAS regulation, an Architecture and Reference Framework for an European Identity Wallet on February 10 2023. I want to point out the most important measures and add others:

  • Each credential can be associated with multiple identifiers that are not yet in use. Each time the document is presented, one random linked identifier is used, making profiling almost impossible.
  • The identifier itself of the holder is never stored publicly (for example on a blockchain).
  • Regular exchange of security keys (public-private key pair) helps prevent identity theft. Additional advanced backup capabilities allow to restore access in case of loss or compromise.
  • The security keys are stored in so-called Secure Enclaves (SE) or similar according to the latest standards and are thus encrypted and not readable by third-party applications and the OS such as Apple and Android.
  • Biometric data such as Face ID or fingerprint, also stored in the Secure Enclave, must be queried repeatedly, for example, when the wallet is opened AND when data is transferred to verifiers. This prevents unauthorized persons from misusing data if the electronic device is lost.

Optional Custodial Wallets

Technically, managing wallets and complying with security rules is not a simple undertaking for any citizen. Therefore, third-party entities such as banks or insurance companies will provide so-called custodial wallets (either as a cloud service or as an app) and take over the wallet backup administration for the holders. This enables faster acceptance and adoption and helps prevent data loss.

Custodial wallets, to the extent that it goes beyond just a backup function, are fundamentally at odds with the goals SSI is trying to achieve, as the wallet provider theoretically has visibility into all of the citizen’s activities. Therefore, such types of wallets must be provided with the strictest privacy rules.

I am not yet aware of any solution to the danger of digital facial image transmission. I welcome suggestions on how to address this issue.

Pascal Gottret is a digital identity advocate working to contribute towards the discussion on citizen first identity that can preserve privacy and rights within Switzerland. You can follow more of Pascal’s writings on his medium blog here.

More To Explore

CCTV cameras on concrete wall

eID and SSI technology: privacy risks and discrimination against citizens?

In addition to the enormous advantages offered by SSI, it is also important to bear in mind that there are dangers lurking for citizens with the digitization of identities. Critics present very valid arguments against the widespread introduction of this technology in society. At this point, I will address these points.

March 13, 2023
Identity Manager Release

Identity Manager – Self Sovereign Identity made Simple

Self-Sovereign Identity development experts Tangle Labs have just released the latest version of their open-source Identity Manager libraries that provide accessible development tools for businesses and organisations to create anything with Identity.

September 26, 2022

Join a community of like-minded users and see how digital identity can change your world

Don’t get left behind, lead the way.

Discover the power of Digital Identity for your business and industry, today.

Linkedin-in Youtube Twitter Discord

Products

About Us

Our Contacts

Urbanstraße 71
10967 Berlin
Germany

team@tanglelabs.io

  • Terms
  • Privacy
  • Imprint

© 2022 Tangle Labs All Rights Reserved

Terms Of Use

Welcome to Tangle Labs Website!

These terms and conditions outline the rules and regulations for the use of Tangle Labs UG’s Website, located at tanglelabs.io.

By accessing this website we assume you accept these terms and conditions. Do not continue to use Tangle Labs Website if you do not agree to take all of the terms and conditions stated on this page.

The following terminology applies to these Terms and Conditions, Privacy Statement and Disclaimer Notice and all Agreements: “Client”, “You” and “Your” refers to you, the person log on this website and compliant to the Company’s terms and conditions. “The Company”, “Ourselves”, “We”, “Our” and “Us”, refers to our Company. “Party”, “Parties”, or “Us”, refers to both the Client and ourselves. All terms refer to the offer, acceptance and consideration of payment necessary to undertake the process of our assistance to the Client in the most appropriate manner for the express purpose of meeting the Client’s needs in respect of provision of the Company’s stated services, in accordance with and subject to, prevailing law of Switzerland. Any use of the above terminology or other words in the singular, plural, capitalization and/or he/she or they, are taken as interchangeable and therefore as referring to same.

Cookies

We employ the use of cookies. By accessing Tangle Labs Website, you agreed to use cookies in agreement with the Tangle Labs UG’s Privacy Policy.

Most interactive websites use cookies to let us retrieve the user’s details for each visit. Cookies are used by our website to enable the functionality of certain areas to make it easier for people visiting our website. Some of our affiliate/advertising partners may also use cookies.

License

Unless otherwise stated, Tangle Labs UG and/or its licensors own the intellectual property rights for all material on Tangle Labs Website. All intellectual property rights are reserved. You may access this from Tangle Labs Website for your own personal use subjected to restrictions set in these terms and conditions.

You must not:

  • Republish material from Tangle Labs Website
  • Sell, rent or sub-license material from Tangle Labs Website
  • Reproduce, duplicate or copy material from Tangle Labs Website
  • Redistribute content from Tangle Labs Website

 

Parts of this website offer an opportunity for users to post and exchange opinions and information in certain areas of the website. Tangle Labs UG does not filter, edit, publish or review Comments prior to their presence on the website. Comments do not reflect the views and opinions of Tangle Labs UG, its agents and/or affiliates. Comments reflect the views and opinions of the person who post their views and opinions. To the extent permitted by applicable laws, Tangle Labs UG shall not be liable for the Comments or for any liability, damages or expenses caused and/or suffered as a result of any use of and/or posting of and/or appearance of the Comments on this website.

Tangle Labs UG reserves the right to monitor all Comments and to remove any Comments which can be considered inappropriate, offensive or causes breach of these Terms and Conditions.

You warrant and represent that:

  • You are entitled to post the Comments on our website and have all necessary licenses and consents to do so;
  • The Comments do not invade any intellectual property right, including without limitation copyright, patent or trademark of any third party;
  • The Comments do not contain any defamatory, libellous, offensive, indecent or otherwise unlawful material which is an invasion of privacy
  • The Comments will not be used to solicit or promote business or custom or present commercial activities or unlawful activity.


You hereby grant Tangle Labs UG a non-exclusive license to use, reproduce, edit and authorize others to use, reproduce and edit any of your Comments in any and all forms, formats or media.

Hyperlinking to our Content

The following organizations may link to our Website without prior written approval:

  • Government agencies;
  • Search engines;
  • News organizations;
  • Online directory distributors may link to our Website in the same manner as they hyperlink to the Websites of other listed businesses; and
  • System wide Accredited Businesses except soliciting non-profit organizations, charity shopping malls, and charity fundraising groups which may not hyperlink to our Web site.


These organizations may link to our home page, to publications or to other Website information so long as the link: (a) is not in any way deceptive; (b) does not falsely imply sponsorship, endorsement or approval of the linking party and its products and/or services; and (c) fits within the context of the linking party’s site.

We may consider and approve other link requests from the following types of organizations:

  • commonly-known consumer and/or business information sources;
  • dot.com community sites;
  • associations or other groups representing charities;
  • online directory distributors;
  • internet portals;
  • accounting, law and consulting firms; and
  • educational institutions and trade associations.


We will approve link requests from these organizations if we decide that: (a) the link would not make us look unfavourably to ourselves or to our accredited businesses; (b) the organization does not have any negative records with us; (c) the benefit to us from the visibility of the hyperlink compensates the absence of Tangle Labs UG; and (d) the link is in the context of general resource information.

These organizations may link to our home page so long as the link: (a) is not in any way deceptive; (b) does not falsely imply sponsorship, endorsement or approval of the linking party and its products or services; and (c) fits within the context of the linking party’s site.

If you are one of the organizations listed in paragraph 2 above and are interested in linking to our website, you must inform us by sending an e-mail to Tangle Labs UG. Please include your name, your organization name, contact information as well as the URL of your site, a list of any URLs from which you intend to link to our Website, and a list of the URLs on our site to which you would like to link. Wait 2-3 weeks for a response.

Approved organizations may hyperlink to our Website as follows:

  • By use of our corporate name; or
  • By use of the uniform resource locator being linked to; or
  • By use of any other description of our Website being linked to that makes sense within the context and format of content on the linking party’s site.

No use of Tangle Labs UG’s logo or other artwork will be allowed for linking absent a trademark license agreement.

iFrames

Without prior approval and written permission, you may not create frames around our Webpages that alter in any way the visual presentation or appearance of our Website.

Content Liability

We shall not be hold responsible for any content that appears on your Website. You agree to protect and defend us against all claims that is rising on your Website. No link(s) should appear on any Website that may be interpreted as libellous, obscene or criminal, or which infringes, otherwise violates, or advocates the infringement or other violation of, any third party rights.

Your Privacy

Please read our Privacy Policy

Reservation of Rights

We reserve the right to request that you remove all links or any particular link to our Website. You approve to immediately remove all links to our Website upon request. We also reserve the right to amen these terms and conditions and it’s linking policy at any time. By continuously linking to our Website, you agree to be bound to and follow these linking terms and conditions.

Removal of links from our website

If you find any link on our Website that is offensive for any reason, you are free to contact and inform us any moment. We will consider requests to remove links but we are not obligated to or so or to respond to you directly.

We do not ensure that the information on this website is correct, we do not warrant its completeness or accuracy; nor do we promise to ensure that the website remains available or that the material on the website is kept up to date.

Disclaimer

To the maximum extent permitted by applicable law, we exclude all representations, warranties and conditions relating to our website and the use of this website. Nothing in this disclaimer will:

  • limit or exclude our or your liability for death or personal injury;
  • limit or exclude our or your liability for fraud or fraudulent misrepresentation;
  • limit any of our or your liabilities in any way that is not permitted under applicable law; or
  • exclude any of our or your liabilities that may not be excluded under applicable law.


The limitations and prohibitions of liability set in this Section and elsewhere in this disclaimer: (a) are subject to the preceding paragraph; and (b) govern all liabilities arising under the disclaimer, including liabilities arising in contract, in tort and for breach of statutory duty.

As long as the website and the information and services on the website are provided free of charge, we will not be liable for any loss or damage of any nature.

Privacy Policy

Here at the Tangle Labs Website, accessible from tanglelabs.io, one of our main priorities is the privacy of our visitors. This Privacy Policy document contains types of information that is collected and recorded by Tangle Labs Website and how we use it.

If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us.

This Privacy Policy applies only to our online activities and is valid for visitors to our website with regards to the information that they shared and/or collect in Tangle Labs Website. This policy is not applicable to any information collected offline or via channels other than this website. .

Consent

By using our website, you hereby consent to our Privacy Policy and agree to its terms.

Information we collect

The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information.

If you contact us directly, we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.

When you register for an Account, we may ask for your contact information, including items such as name, company name, address, email address, and telephone number.

How we use your information

We use the information we collect in various ways, including to:

  • Provide, operate, and maintain our website
  • Improve, personalize, and expand our website
  • Understand and analyse how you use our website
  • Develop new products, services, features, and functionality
  • Communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the website, and for marketing and promotional purposes
  • Send you emails
  • Find and prevent fraud

Log Files

Tangle Labs Website follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services’ analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analysing trends, administering the site, tracking users’ movement on the website, and gathering demographic information.

Cookies and Web Beacons

Like any other website, Tangle Labs Website uses ‘cookies’. These cookies are used to store information including visitors’ preferences, and the pages on the website that the visitor accessed or visited. The information is used to optimize the users’ experience by customizing our web page content based on visitors’ browser type and/or other information.

For more general information on cookies, please read the Cookies article on Generate Privacy Policy website.

Third Party Privacy Policies

Tangle Labs Website’s Privacy Policy does not apply to other advertisers or websites. Thus, we are advising you to consult the respective Privacy Policies of these third-party ad servers for more detailed information. It may include their practices and instructions about how to opt-out of certain options.

You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers’ respective websites.

CCPA Privacy Rights (Do Not Sell My Personal Information)

Under the CCPA, among other rights, California consumers have the right to:

Request that a business that collects a consumer’s personal data disclose the categories and specific pieces of personal data that a business has collected about consumers.

Request that a business delete any personal data about the consumer that a business has collected.

Request that a business that sells a consumer’s personal data, not sell the consumer’s personal data.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.

GDPR Data Protection Rights

We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access – You have the right to request copies of your personal data. We may charge you a small fee for this service.

The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.

The right to erasure – You have the right to request that we erase your personal data, under certain conditions.

The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.

The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.

The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.

Children’s Information

Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.

Tangle Labs Website does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.