Privacy and Identity

Welcome back to my series of articles on the Marshallese sovereign (SOV), the new hybrid crypto-fiat-currency being issued by the Republic of the Marshall Islands, which I believe represents our best chance to connect the currently isolated “Blockchain Island” of the cryptosphere with the mainland of the real-economy.

Last time, I explained how a currency like SOV is needed to square the circle between two enormous and contradictory pressures currently building in the real economy: the impending Internet of Things, which foresees billions of smart devices communicating and performing microtransactions across borders and jurisdictions, and regulators’ unwillingness to even permit anonymous transactions between people, let alone the myriad autonomous devices of the Internet of Things.

As a hybrid crypto-fiat-currency, SOV has the necessary programmable features and cost structure to support the microtransactions. The Internet of Things needs to be viable – something which no fiat or central bank digital currency could do). Notably this same programmability allows the SOV to satisfy regulators’ requirements, with the added reassurance of being the legal tender of a sovereign nation.

All necessary compliance procedures relating to KYC, AML, CFT, OFAC filtering and any other relevant compliance requirements would be built into SOV’s protocols, with on-boarding overseen by a network of official verifiers, which could include banks and exchanges. 

There would thus be no way to use SOV which was NOT compliant. These functions would extend to transaction monitoring, both in real-time as well as post-facto. Only economic actors that are whitelisted can participate, even on a peer-to-peer basis, in transacting with SOV. It is hard to see what regulators could object do: as I explained last time, the Marshallese sovereign is better at being “fiat” than the US dollar.

However, all this raises genuine concerns that are at the heart of the cryptocurrency movement: undue interference by authorities in private transactions.

The Cypherpunk’s Manifesto starts:

Privacy is necessary for an open society in the electronic age. Privacy is not secrecy. A private matter is something one doesn’t want the whole world to know, but a secret matter is something one doesn’t want anybody to know. Privacy is the power to selectively reveal oneself to the world.

The manifesto then continues to argue that nothing short of full anonymity will support privacy, a position that’s clearly at odds with that of governments around the world. Does SOV give up too much of its crypto credentials in exchange for being better fiat? Is this too great a price to pay for legitimacy? 

I think this is a clear case where both sides should choose a safe balance or run the risk of their fears becoming reality. For the cypherpunks, holding out for full anonymity or bust could lead to a global government crackdown before cryptocurrencies gain enough traction to leverage network effects. For governments and regulators, continuing to head down the road of maximal surveillance could push more people towards cryptocurrencies, reaching a critical mass beyond which they would become literally unstoppable.

But there is a third way, a balance based on self-sovereign identity and self-sovereign data, both of which are supported by SOV. As with all good compromises, it involves all parties giving up the fruitless pursuit of full control in exchange for shared responsibility and accountability.

An Identity Crisis

Most of us have encountered the paradox inherent in modern digital identities. KYC/AML/CTF procedures are cumbersome, invasive and inefficient. It can take weeks to open a bank account. We’re photographed, fingerprinted and monitored with alarming regularity. Yet identity fraud is rife and data breaches are a weekly occurrence. We’re made to divulge more and more of our personal data in the name of security, yet our identities have never seemed more insecure.

The vast majority of people support a reasonable level of oversight in the name of security, but that’s clearly not what’s happening. The whole approach needs to change.

Self-Sovereign Identity/Data and Zero-Knowledge Proofs

Compliance is vital, but many of the questions asked during compliance checks are over-invasive proxies for the questions we actually need to answer. This is best illustrated when we need to check that someone is old enough to buy a product or service. The question we need to answer is something like “Are you over 21?”, but what we actually ask is “What is your full date of birth?” Thus a simple “Yes or No?” question is replaced by one requiring the subject to reveal a crucial piece of personal data, data which is then stored indefinitely and outside of their control.

These questions are remnants of an era when paper records were king and everything had to be checked manually. In the digital age, there’s no excuse for this continued lack of nuance.

With self-sovereign data, compliance can become minimally invasive. By using zero-knowledge proofs, it is now possible to prove the validity of a piece of data without ever revealing the data itself. In our example, you could use this system to prove you were older than 21 without revealing any part of your birth date, even the year.

This might seem like a niche example, but compliance is rife with these bad questions. Questions like: Where have you been? What have you done? What’s your business? What is the source of your money? Most of those questions are misplaced proxies. The real questions that need to be answered are more like: Are you a criminal? Can I trust you? Are you trustworthy?

Of course, these sorts of questions cannot be answered via conventional means, hence the use of illogical proxies. But they can be answered with a combination of a compliant crypto-fiat-currency, self-sovereign identity and zero-knowledge proofs.

By using the latest cryptographic developments, SOV allows us to answer the latter questions without needing to ask the former. This approach can similarly be applied, for instance, in establishing the source of funds, and even automatically. What we really need to know if any economic actor is handling funds legitimately or not. Where the funds originate from is irrelevant unless there is evidence of some crime.

With strict onboarding criteria and continuous monitoring, SOV infrastructure could support this. Likewise, approaches based on self-sovereign identity with attestations provided by third parties could entirely supersede and completely automate today’s inefficient and invasive KYC procedures.

The cypherpunks may complain that this is still not enough. In a self-sovereign identity system based on decentralized identifiers, like those suggested by the independent World Wide Web Consortium (W3C), users will still need to rely on external credentials and verification services. SOV’s network of third-party verifiers might still be seen as unacceptable oversight based on unearned trust. 

But here I think it’s important to pick your battles. Yes, SOV still relies on external verifiers and isn’t fully anonymous. But SOV gives its users an unprecedented amount of choice. You can choose which verifier to complete KYC with. You can even split your data across multiple verifiers. By using minimally invasive compliance procedures and not sharing data automatically, SOV users can have far greater privacy and choice than they do today, when increasingly the only option is to surrender your identity in full or opt out of the system entirely.

Just as SOV can act as a bridge to legitimize cryptocurrencies, SOV’s approach to compliance can be the first step on the road to a better balance between privacy and oversight, a step which will never be taken if the demand is full anonymity or else.

Addressing the Issue of Guaranteeing Civil Liberties by Governments

This discussion of privacy and identity as I’ve framed it so far might seem like the ultimate “first-world problem.” After all, you still get your bank account after the KYC delay. Dealing with identity theft is usually just a matter of telling your bank and having them reimburse you. Isn’t minor inconvenience a small price to pay for modern online and financial services?

We’ll circle back to that in the final part of this article series. But for now it’s important to note that identity is a major problem in the developing world too. Refugees and immigrants (both legal and illegal) often cannot prove who they are. Billions of unbanked people around the world cannot access affordable financial services because they have no identity documents. It’s no exaggeration to say that a lack of affordable identity and credentials fosters inequality and keeps billions of people in poverty. 

Digital identities offer a solution to these problems, but there’s also a threat: often citizens of third world countries find themselves in these difficulties because of their governments. Handing those governments full control of citizens’ personal information is likely to make the problem worse, not better.

Clearly any system like SOV needs even further checks and balances to ensure there is no abuse of power. The rebellious ideas of the cypher-punks that seizure and confiscation should be disallowed might be too extreme; but such acts should not be allowed arbitrarily.

Governments would gain more power and credibility if they empowered their own people.

We can employ technology so that law enforcement and/or other powers can proceed with confiscations only if there is an appropriate judiciary warrant permitting it, with appropriate checks and balances across institutional powers — where those checks and balances are built in to the core of the SOV protocol. For instance, permission to confiscate funds would take the form of unlocking keys in the hands of judiciary powers rather than law enforcement powers. 

Technology can be arranged to make abuse of power materially impossible. Governments supporting SOV technologies will be more trustworthy in the eyes of the people who elect them, because people will have the confidence that their basic human rights and civil liberties will be guaranteed. Wouldn’t this be a wonderful gift any political party could give to the citizens of their country?

Optimism vs Realism

This may seem impossibly naive to crypto supporters. Yes, a system like this might make sense, but how can we rely on governments not to abuse it? 

Here it’s worth taking a diversion into the practicalities of government in the Marshall Islands. If it was the US or China issuing SOV, then I think people would be right to be wary of a backdoor or other compromising feature. These countries have huge governments and intelligence services, employing millions of people and spending hundreds of billions of dollars a year. Systems like this can’t help themselves. They meddle and interfere.

The Marshallese legislature has 33 people, governing 70,000 people spread over 750,000 km2 of ocean. They don’t just want to be hands-off, they have to be. There aren’t the resources for anything else. And this is the fundamental benefit of SOV as a Marshallese project. The government is used to decentralized governance and will welcome automation and outsourcing. And by enshrining this in SOV at the protocol level, this approach can be made trustworthy for all parties, whether they’re the institutions of government or regulation, or just using SOV for transactions, services and business.

Constitutional/Human Rights as Code

We can envision a solution where the code at the protocol level of SOV not only caters for full compliance (KYC, AML, CTF, OFAC, etc.); not only prevents the abuse of power, illicit seizures and confiscations; but also intrinsically embeds principles of human rights.

SOV should not be a carte blanche for authorities of all sorts to indiscriminately control the transactions of citizens. This should only be possible when there are appropriate warrants, and only with appropriate checks and balances.

If we accept the idea that “Code is Law then, provided that such code is designed to faithfully represent the intent of the Law, we can take that notion one step further. SOV provides the unique opportunity of designing a currency that would not only prevent illicit and criminal use, but that could also prevent abuse of power, indiscriminate seizures and confiscation. It would not be a tool of oppression, but a tool of economic growth and mass prosperity. 

Failing to ensure the fundamental human rights will just drive more free thinkers into exile to the islands of the crypto-archipelago. SOV will have to include checks and balances on behalf of the people, and governance mechanisms through social consensus so as to counter abuse of power.

The potential of SOV is to create a new currency that is not only entirely compliant with regulatory requirements and prevents illicit usage, but is also entirely compliant with privacy standards, and equally prevents abuse of constitutional or human rights, while becoming the foundation of a new type of social contract between citizens and democratically elected governments, with full guarantees of basic freedoms/human rights and governed by social consensus.


Image by Jonny Lindner from Pixabay

About the Author Steve Tendon

Steve Tendon is the Managing Director of TameFlow Consulting/ChainStrategies (https://chainstrategies.com), a consulting firm that provides research, analysis and strategy development for businesses that need to adopt or transition to Blockchain technologies. A senior executive management consultant, adviser, speaker and author. Steve’s research and consulting work focuses on the use of emerging technologies — in particular Blockchain technologies — to improve business performance. In 2016 he was the strategic adviser for the Ministry of Economy, Investment and Small Business (MEIB) of the Maltese Government, developed the vision of the "Blockchain Island" and designed Malta’s National Blockchain Strategy (unanimously approved by the Cabinet of Ministers in April, 2017). Subsequently he was appointed as the Strategy Lead to Malta’s National Blockchain Task Force advising the Financial Services, Digital Economy and Innovation (FSDEI) Office of the Prime Minister on implementing the country's Blockchain strategy. In 2017 he founded and was the first Chairman of the Blockchain Malta Association. In 2018 he founded the "My Blockchain Island" business club (https://my.blockchainisland.club) In 2018 he was acclaimed in the "Lattice80 Blockchain 100" list of global Blockchain influencers (https://www.lattice80.com/lattice80-blockchain-100-report/). In 2018 he received the Malta Blockchain Award for "Outstanding Contribution to the Blockchain Island 2018." He holds a MSc in "Software Project Management" with the University of Aberdeen, a "MIT Fintech Innovation: Future Commerce" certificate with the Massachusetts Institute of Technology, and an "Oxford Blockchain Strategy Programme" certificate with the Saïd Business School at the University of Oxford.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: