Sovereignty, privacy, and ethics in blockchain-based identity management systems
Tóm tắt
Self-sovereign identity (SSI) solutions implemented on the basis of blockchain technology are seen as alternatives to existing digital identification systems, or even as a foundation of standards for the new global infrastructures for identity management systems. It is argued that ‘self-sovereignty' in this context can be understood as the concept of individual control over identity relevant private data, capacity to choose where such data is stored, and the ability to provide it to those who need to validate it. It is also argued that while it might be appealing to operationalise the concept of ‘self-sovereignty’ in a narrow technical sense, depreciation of moral semantics obscures key challenges and long-term repercussions. Closer attention to the normative substance of the ‘sovereignty’ concept helps to highlight a range of ethical issues pertaining to the changing nature of human identity in the context of ubiquitous private data collection.
Tài liệu tham khảo
Acxiom Research. (2017). Blockchain in ad tech. Retrieved from https://www.acxiom.com/wp-content/uploads/2017/12/AC-1752-17-3-Point-of-View-Blockchain-in-Ad-Tech.pdf.
Adams, T. (2018). Facebook’s week of shame: The Cambridge Analytica fallout. The Guardian. Retrieved from https://www.theguardian.com/technology/2018/mar/24/facebook-week-of-shame-data-breach-observer-revelations-zuckerberg-silence.
Allen, C. (2017). The path to self-sovereign identity. Retrieved from https://github.com/WebOfTrustInfo/self-sovereign-identity/blob/master/ThePathToSelf-SovereignIdentity.md.
Allen, C., Brock, A., Buterin, V., Callas, J., & Dorje, D. (2015). Decentralized public key infrastructure. A white paper from rebooting the web of trust. Retrieved from https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust/blob/master/final-documents/dpki.pdf.
Banerjee, S., & Sharma, S. (2019). Privacy concerns with Aadhaar. Communications of the ACM, 62(11), 80. https://doi.org/10.1145/3353770.
Canon, G. (2018). “City of surveillance”: Privacy expert quits Toronto’s smart-city project. The Guardian. Retrieved from https://www.theguardian.com/world/2018/oct/23/toronto-smart-city-surveillance-ann-cavoukian-resigns-privacy.
Chaum, D. (1985). Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM, 28(10), 1030–1044.
Christin, A., Rosenblat, A., & Boyd, D. (2015). Courts and predictive algorithms. Data & CivilRight. Retrieved from http://www.law.nyu.edu/sites/default/files/upload_documents/Angele%20Christin.pdf.
Christl, W., & Spiekermann, S. (2016). Networks of control: A report on corporate surveillance, digital tracking, big data & privacy. Wien: Facultas.
Conway, S., Hughes, A., Ma, M., Poole, J., Riedel, M., Smith, S. M., & Stocker, C. (2019). A DID for everything attribution, verifcation and provenance for entities and data items a white paper from rebooting the web of trust VII. Retrieved from https://github.com/WebOfTrustInfo/rwot7-toronto/blob/master/final-documents/A_DID_for_everything.pdf.
Dixon, P. (2017). A failure to “Do No Harm”—India’s Aadhaar biometric ID program and its inability to protect privacy in relation to measures in Europe and the U.S. Health and Technology, 7(4), 539–567. https://doi.org/10.1007/s12553-017-0202-6.
Engelmann, S., Chen, M., Fischer, F., Kao, C., & Grossklags, J. (2019). Clear sanctions, vague rewards: How China’s social credit system currently defines “Good” and “Bad” behavior. In Proceedings of the conference on fairness, accountability, and transparency—FAT*’19 (pp. 69–78). Atlanta, GA: ACM Press. https://doi.org/10.1145/3287560.3287585.
Filippi, P. D., & Hassan, S. (2018). Blockchain technology as a regulatory technology: From code is law to law is code. CoRR, abs/1801.02507. Retrieved from http://arxiv.org/abs/1801.02507.
Floridi, L. (2006). Four challenges for a theory of informational privacy. Ethics and Information Technology, 8(3), 109–119. https://doi.org/10.1007/s10676-006-9121-3.
Harwell, D. (2018). Wanted: The ‘perfect babysitter.’ Must pass AI scan for respect and attitude. Washington Post. Retrieved from https://www.washingtonpost.com/technology/2018/11/16/wanted-perfect-babysitter-must-pass-ai-scan-respect-attitude/.
Holmes, A. (2020). Facebook knows what you’re doing on other sites and in real life. This tool lets you see what it knows about you. Business Insider. https://www.businessinsider.nl/facebook-clear-history-offline-activity-tracker-tool-how-to-use-2020-1?international=true&r=US.
Hon, W. K., Millard, C., Singh, J., Walden, I., & Crowcroft, J. (2016). Policy, legal and regulatory implications of a Europe-only cloud. International Journal of Law and Information Technology, 24(3), 251–278.
Hughes, E. (1993). A cypherpunk’s manifesto. Retrieved August 10, 2019, from http://www.activism.net/cypherpunk/manifesto.html.
Ishmaev, G. (2018). Rethinking trust in the Internet of things. In R. Leenes, R. van Brakel, S. Gutwirth, & P. de Hert (Eds.), Data protection and privacy: The age of intelligent machines (pp. 203–230). Oxford: Hart Publishing.
Ishmaev, G. (2019). The ethical limits of blockchain-enabled markets for private IoT data. Philosophy & Technology, 33(3), 411–432. https://doi.org/10.1007/s13347-019-00361-y.
Ishmaev, G., & Stokkink, Q. (2020). Identity management systems: Singular identities and multiple moral issues. Frontiers in Blockchain, 3, 15. https://doi.org/10.3389/fbloc.2020.00015.
Kalmo, H. (2010). A matter of fact? The many faces of sovereignty. In H. Kalmo & Q. Skinner (Eds.), Sovereignty in fragments. The past, present and future of a contested concept (pp. 114–131). Cambridge: Cambridge University Press.
Kalmo, H., & Skinner, Q. (2010). Introduction: A concept in fragments. In H. Kalmo & Q. Skinner (Eds.), Sovereignty in fragments. The past, present and future of a contested concept (pp. 1–25). Cambridge: Cambridge University Press.
Kirkpatrick, D. (2011). The Facebook effect: The inside story of the company that is connecting the world (1st Simon & Schuster trade pbk ed.). New York: Simon & Schuster Paperbacks.
Koskenniemi, M. (2010). Conclusion: Vocabularies of sovereignty—Powers of a paradox. In H. Kalmo & Q. Skinner (Eds.), Sovereignty in fragments. The past, present and future of a contested concept (pp. 222–242). Cambridge: Cambridge University Press.
Kussmaul, W., & Greening, D. (2018). SSI: A roadmap for adoption. Retrieved from https://github.com/WebOfTrustInfo/rwot6-santabarbara/blob/master/final-documents/a-roadmap-for-ssi.pdf.
Lecher, C. (2019). Automated background checks are deciding who’s fit for a home. The Verge. Retrieved from https://www.theverge.com/2019/2/1/18205174/automation-background-check-criminal-records-corelogic.
Lloyd, M. (2008). The passport: The history of man’s most travelled document. Canterbury: Queen Anne’s Fan.
Locke, J., Shapiro, I., & Locke, J. (2003). Two treatises of government: And a letter concerning toleration. New Haven, CT: Yale University Press.
Loffreto, D. (2012). What is ‘sovereign source authority’? The Moxy Tongue. https://www.moxytongue.com/2012/02/what-is-sovereign-source-authority.html.
Ma, M., Rumore, C., Gisolfi, D., Kussmaul, W., & Greening, D. (2018). SSI: A roadmap for adoption. Retrieved from https://github.com/WebOfTrustInfo/rwot6-santabarbara/blob/master/final-documents/a-roadmap-for-ssi.pdf.
Manders-Huits, N. (2010). Practical versus moral identities in identity management. Ethics and Information Technology, 12(1), 43–55. https://doi.org/10.1007/s10676-010-9216-8.
Manders-Huits, N., & van den Hoven, J. (2008). Moral identification in identity management systems. In S. Fischer-Hübner, P. Duquenoy, A. Zuccato, & L. Martucci (Eds.), The future of identity in the information society (pp. 77–91). New York: Springer.
Marlinspike, M. (2014). Root data sovereignty. The Moxy Tongue. Retrieved from https://www.moxytongue.com/2014/07/root-data-sovereignty.html.
Narayanan, A., Bonneau, J., & Felten, E. (2016). Bitcoin and cryptocurrency technologies: A comprehensive introduction. Princeton: Princeton University Press.
Ohlberg, M., Ahmed, S., & Lang, B. (2017). Central planning, local experiments. The complex implementation of China’s Social Credit System. MERICS. Mercator Instituite for China Studies. Retrieved from https://www.merics.org/sites/default/files/2017-12/171212_China_Monitor_43_Social_Credit_System_Implementation.pdf.
Rahman, K. S., & Thelen, K. (2019). The rise of the platform business model and the transformation of twenty-first-century capitalism. Politics & Society, 47(2), 177–204. https://doi.org/10.1177/0032329219838932.
Ramirez, E., Brill, J., Ohlhausen, M. K., Wright, J. D., & McSweeny, T. (2014). Data brokers. A call for transparency and accountability. US Federal Trade Commission. Retrieved from https://www.ftc.gov/system/files/documents/reports/data-brokers-call-transparency-accountability-report-federal-trade-commission-may-2014/140527databrokerreport.pdf.
Reijers, W., O’Brolcháin, F., & Haynes, P. (2016). Governance in blockchain technologies & social contract theories. Ledger. https://doi.org/10.5195/ledger.2016.62.
Riphagen, W. (1975). Some reflections on “Functional Sovereignty”. Netherlands Yearbook of International Law, 6, 121. https://doi.org/10.1017/S0167676800004906.
Schmidt, D. C. (2018). Google data collection (p. 53). Digital content next. Retrieved from https://digitalcontentnext.org/wp-content/uploads/2018/08/DCN-Google-Data-Collection-Paper.pdf.
Sen, A. (2007). Identity and violence: The illusion of destiny (1. paperback ed.). New York: Norton.
Shoemaker, D. W. (2010). Self-exposure and exposure of the self: Informational privacy and the presentation of identity. Ethics and Information Technology, 12(1), 3–15. https://doi.org/10.1007/s10676-009-9186-x.
Singer, N., & Mahshwari, S. (2018). Google is teaching children how to act online. Is it the best role model? The New York Times. Retrieved from https://www.nytimes.com/2018/10/23/business/google-kids-online-safety.html.
Smith, S. M., & Khovratovich, D. (2016). Identity system essentials. Retrieved from https://www.evernym.com/wp-content/uploads/2017/02/Identity-System-Essentials.pdf.
Sovrin. (2018). SovrinTM: A protocol and token for self-sovereign identity and decentralized trust. Sovrin foundation. Retrieved from https://sovrin.org/wp-content/uploads/Sovrin-Protocol-and-Token-White-Paper.pdf.
Stokkink, Q. and Pouwelse, J. (2018). Deployment of a blockchain-based self-sovereign identity. In 2018 IEEE international conference on Internet of Things (iThings) and IEEE green computing and communications (GreenCom) and IEEE cyber, physical and social computing (CPSCom) and IEEE smart data (SmartData) (pp. 1336–1342), Halifax, NS, Canada. https://doi.org/10.1109/cybermatics_2018.2018.00230.
Tobin, A., & Reed, D. (2016). The inevitable rise of self-sovereign identity. Provo: The Sovrin Foundation.
Wagner, K., Nemethi, B., Renieris, E., Lang, P., Brunet, E., & Holst, E. (2018). Self-sovereing identity. A position paper on blockchain enabled identity and the road ahead (p. 56). Berlin: Blockchain Bundesverband.
Werner, W. G., & De Wilde, J. H. (2001). The endurance of sovereignty. European Journal of International Relations, 7(3), 283–313. https://doi.org/10.1177/1354066101007003001.
Youyou, W., Kosinski, M., & Stillwell, D. (2015). Computer-based personality judgments are more accurate than those made by humans. Proceedings of the National Academy of Sciences, 112(4), 1036–1040.
Zetter, K. (2016). Apple’s FBI battle is complicated: Here’s what’s really going on. Wired. Retrieved from https://www.wired.com/2016/02/apples-fbi-battle-is-complicated-heres-whats-really-going-on/.