Your robot needs a passport

 David Birch

Building a digital identity based on who you know will underpin your online life – and your devices

Way back in the 60s, long before the web, media theorist Marshall McLuhan said that in the always-on interconnected world that he foresaw (where as he put it “everybody is involved with everybody”), "identity cards, the old means of finding out who am I, will not work”.

He was absolutely correct, of course, which is why our efforts since to take those old notions of identity and try to create online analogues have left us with an identity crisis of data breaches, hacking and lost passwords that is a friction holding back the evolution of the online world. Twenty-five years ago, on the internet nobody knew you were a dog. Now they don’t know if you’re a fridge pretending to be a dog. Pretty soon they won’t know if you’re a North Korean bot pretending to be a Japanese fridge pretending to be an American dog.

In 2019 we will understand that trying to digitise identity hasn’t worked and we will start creating digital identities instead. And these will be based on notions of identity forged by relationships.

Over time, the data that accrues around relationships forms into a reputation, something that will become the cornerstone of online life and the basis for interaction between digital identities (and something that is much harder to counterfeit than an identity).

In my Twitter feed, for example, I will only want to see items posted by real people with a reputation above 100. In my house, I will want the alarm system to recognise only members of my family and their cars. Online, I will only share my data with organisations that I have a relationship with. I will give my financial-services bot permission to talk to registered financial institutions on my behalf, but only those with a reputation among my friends.

We will need this digital identity to be universal. We don’t want one identity system for people that doesn’t interoperate with the identity system for things, and we certainly don’t want an identity system for bots that can’t talk to people. We will want an identity system that all of them can use, so that I can safely delegate the ability to open my garage door to my brother’s car in a way that I simply cannot at the moment.

How will this work? In the real world, we use documents such as passports to recognise who people are. The same will be true in the digital world. When a bot comes up to my house’s border control, it will have to present a passport, just as a delivery driver who wants access to my shed will.

These passports will not be built from paper and pictures, of course, but from cryptography – maths that can deliver some interestingly counterintuitive functionality, such as proving something about you without disclosing who you are. (Try that with a paper driving licence). Digital identities will deliver both privacy as well as security. They do not need to tell anyone who you are in order to tell them what you are: an employee of this company (IS_WIRED), for example, old enough to drink (IS_OVER_18), in possession of a valid permit to drive this car (HAS_VALID_LICENCE).

So, yes, robots and everything else will have passports because they will have identities. What robots won’t have is the one crucial stamp in their passports that we will have in ours: IS_A_PERSON. To advertisers, to journalists, to voters, to shopkeepers and to others, that credential will be an essential prerequisite for the important transactions. In time, IS_A_PERSON will be the most valuable credential of all./wired