Every day we use multiple platforms and services online and we have become accustomed to logging on to services by using our email addresses or social media profiles. However, a critical problem on the internet is knowing with whom one is interacting and how our data is being safe kept and protected from data leaks. In our previous article, we discussed the subject of Soulbound tokens or non-transferrable NFTs and that according to the founder Vitalik Buterin, these are “the future” of Ethereum. In this article, we will expand on how digital identities are changing the way we interact on the internet and how NFTs can play a vital role in it.
But let us start with some definitions to provide a bit more context.
A digital identity is a facet of a person’s social identity and is also referred to as online identity. It is a set of attributes related to an entity, adopted, or claimed in cyberspace by an individual, organization, or electronic device. The information contained in a digital identity allows for examination and authentication of a user interacting with a business system on the web, without involving human operators. Digital identities allow automated access to computers and services and enable computers to mediate relationships.
Online identity verification is still one of the greatest challenges for businesses and individuals who want to provide value over the internet. The problem lies in the fact that any digital asset placed on the internet may be instantly copied and anonymously distributed across the world. Content creators are aware of the threat of having their content pirated and have been forced to adopt inadequate streaming models to compensate for it. Can NFTs be a way to fight back against online piracy?
Most blockchains, such as Bitcoin and Ethereum are pseudo-anonymous. Wallet addresses on the blockchain do not reveal any information about the identity that controls them unless the user selectively reveals his/her identity to the world. Anyone could take a screenshot from an NFT creator’s website and mint an NFT of the artwork. Unfortunately, there is no reliable way for the potential buyer of an NFT to verify the origin and the legitimacy of the NFT creator. A buyer would need to visit the creator’s website and even reach out to verify whether the NFT is legitimate (i.e., don’t trust, verify!).
So, the lack of a verifiable identity at the origin of an NFT can be problematic. The lack of NFT verifiability also leads to intellectual property & copyright infringements. Of course, it is possible to trace back the blockchain and check and see if similar artwork from the same artist is created using that wallet address. However, not all people still know how to do that. An instant and fool-proof manner to verify the legitimacy of an NFTs creator is lacking. Without such verification built into the NFT, an NFT proves ownership only over that NFT itself, and nothing more. Minting a digital file does not make it a fresh new piece of intellectual property or provide provenance. Minting simply turns a digital file into something that you can store on blockchain, and scammers use NFT minting to trick people into believing they are buying a unique NFT. Once they have their fake NFT copied from someone else’s artwork, they can create an account on a decentralized marketplace and sell it to the highest bidder. Unfortunately, the NFT will become worthless once people realize it is a fake.
However, platforms do usually provide a way to distinguish verified accounts through social media such as Discord and Twitter, to confirm the seller’s credibility. But, then again using static identifiers such as passwords and email addresses, means that there is no way to accurately identify a person online as this information may be compromised or used by many individuals acting as one. The internet as we came to know it in the 2000s has provided us with new forms of connections on social media platforms, through which different forms of identity could be explored, even in a pseudonymous way. Today, instead, we see social platform monopolies like Facebook enforcing a real-name policy, which insists individual users register with their legal identities.
People’s digital identities are often linked to their civil or national identities, and many countries have instituted national digital identity systems that provide digital identities for their citizens. For example, The European Union is creating an eIDAS-compatible European Self-Sovereign Identity Framework (ESSIF). The ESSIF makes use of decentralized identifiers (DIDs) and the European Blockchain Services Infrastructure (EBSI). With self-sovereign identity, the user has a means of generating and controlling unique identifiers as well as storing identity data.
In today’s digital landscape, governments and companies are sharing an unprecedented amount of data, cross-correlating everything from viewing habits to purchases, to where people are located during the day, to where they sleep at night, and with whom they associate. Today, nations and corporations bring together driving licenses, social security cards, and other state-issued credentials with identity. Again, this is problematic because it suggests a person can lose his very identity if a state revokes his credentials or even if he just posts content that is not in agreement with the “truth” of that state or its “fact checkers”.
Despite the evolution of digital identities, with various iterations as part of Web 1.0 and Web 2.0 and the many advancements in both technology and regulations, there are three fundamental issues today:
Identity is more than Government issued identity documentation. You are much more than what your passport or your driving license says you are.
Privacy. You share your identity data and documentation with 3rd party providers, and you must entrust them to maintain privacy and security. This trust is often compromised, and your identity data is breached.
Digital identity is still platform-centric. Your identity is connected to the platform on which you create the content, resulting in a fragmented identity across multiple platforms with compartmentalized and dismantled data.
As content creators, where can we have a single view of our own data, content, and identity, if not as an NFT stored in web3 digital wallets? Why can we not log onto the internet and simply transact as ourselves through our digital identity? Surely, these web3 wallets will be as imperative as emails are today for accessing almost everything.
An NFT identity has the potential to enable people to interact directly with each other in a safe space without having to work through an intermediary. This NFT Identity would:
Facilitate easy and convenient log-in
Create a frictionless payment ecosystem
Verify and attest the identity
Provide flexibility and extensibility
Cater for a multitude of privacy options
Minimize data stored on-chain
Enhance personal security
Give control of identity back to the user
Now imagine using this technology to leverage online ID cards, like a digital driver’s license. Through smart contracts, we would be able to control who we share our data with and even receive compensation each time your data is transferred from one business to another. Moreover, stakeholders will be finally able to enforce Data Subject Rights for GDPR (General Data Protection Regulation) and data privacy regulations. From a privacy standpoint, NFTs could spell the end to online anonymity, but, on the other hand, a fair number of benefits exist in having a completely verified network, like reducing fraud, crime, and maybe even hate speech.
There are some other options on Ethereum that are being explored beyond ERC-721 (the NFT standard). ERC-725 for example is a proposed standard that allows for self-sovereign identity. As mentioned by the ERC725 alliance, this standard describes proxy smart contracts that can be controlled by multiple keys as well as by other smart contracts. Moreover, SSIDs go beyond Ethereum, with notable examples on Bitcoin such as Sovrin and RSK.
With proper smart contracts in place on your NFT-verified online identity, the blockchain would grant you full visibility into who has access to your data, where the data is transferred, and even allow micropayments for the data transfers! This would finally allow countries and citizens to enforce Data Subject Rights in data privacy laws and regulations (e.g., GDPR, CCPA) that have been unsuccessful in controlling the full breadth of personal data collection and transfer. It would mean that “software has achieved what regulation has failed to achieve,” in the words of Andreas Antonopoulos.
True ownership or provenance of digital content is necessary to free one’s digital ID from the control of dominant online platforms. The true value of NFTs lies in enabling unequivocal, decentralized ownership of non-physical assets such as virtual property, in-game items, artwork, and eventually identity itself. NFTs will enable people to maintain identity across platforms that they will clearly own and leverage on different ecosystems. For example, one of the most important implications of enabling identity in the metaverse is allowing people to migrate freely as the same person or identity, between different virtual worlds that maintain distinctive characteristics.
Additionally, there is another exciting dimension of identity in the metaverse. In the real world, we tend to want to see identity as stable and uniform, yet NFTs provide intriguing possibilities of subverting identity in ways that nonetheless remain safe and secure. Would NFTs allow for the minting of multiple identities, or allow for the trading of identity characteristics? Could we rent the identity NFT card of a celebrity to visit a celebrity-only venue? NFTs and the underlying technology hold that promise. Identity NFTs may be the gateway that enables safe online interactions, without giving away critical personal data, unlocking limitless opportunities for individuals, empowered by full autonomy over their biggest asset — their identity.
Social media has always been a major catalyst in our lives ever since birth. But what if all the hours invested in diligently building our online presence would vanish, purely on the whim of a few individuals? What if we could safeguard that content produced for each separate platform, and what if we could bridge that content to other platforms and have it seamlessly interoperable across the online space? In that case, perhaps these mediums would appear a lot less like walled gardens, and more like open and interoperable platforms promoting a seamless and enjoyable user experience with services built on top for monetization.
However, for that to happen, we need to claim ownership of our digital content and of our digital identity. Since our world is becoming increasingly digital, the need for trustless digital ownership will come about and NFTs would present the solution. NFTs would allow us to place our online identity back under our control. NFTs for our tweets, NFTs for our in-game purchases and NFTs for our credentials. From bank account credentials to music and video-on-demand streaming services and Airbnb host accounts, the unique pieces that form our digital identity will eventually become tokenized as NFTs and will be maintained in digital wallets. In the same way that we sign in with Google or Facebook today, our identity NFTs will allow a unified and secure identity across every service online.