top of page

A Bright Future for the Decentralised Identity Business

  • Writer: Spherity
    Spherity
  • Sep 23, 2019
  • 6 min read

The committee meeting heard around the world

The World-Wide Web Consortium is a standards body that aligns industry players on the specifics of base-layer design for internet technologies like HTML, CSS, and the DOM. Through the public-facing and open forum of the CCG (Credentials Community Group), the “W3C” has for years housed the most important open community discussions leading to the decentralised identity standards enabling companies like Spherity to innovate in the identity space. Last week, the W3C officially recognised a “Decentralised Identifier Working Group”, a crucial administrative step towards formalising the standards work accomplished to date.


This administrative development was announced jubilantly into the microphone in Prague at the Rebooting the Web of Trust conference, a major decentralised identity meeting attended by many members of the working group and the various years-old community groups that contribute less officially. The crowd went wild, to the bewilderment of many first-time attendees. One turned to me: “What is so exciting about a W3C ‘community group’ officially becoming a ‘working group’?”


Firstly, it signals a recognition by a very influential group that this community has been working on something with global reach and massive potential for impact. This potential clearly justifies deeper and more sustained scrutiny towards stabilising designs to allow infrastructural investments. Secondly, it recognises of maturity of the standards and the process by which they have been elaborated. One could say that the base layer of the decentralised identity world has been agreed upon and cemented through an open deliberative process. Thirdly, this stability milestone is a business event, in that larger investments, more ambitious developments, and wider collaborations can now be embarked upon. It seems uncontroversial to assume that more companies, academic researchers, auditors, governments, and open-source independents will build decentralised identity software in 2020 than did so in 2019. 🍾


In most kinds of software, a standards body finalising the core specifications for a next-generation data protocol would usually not be champagne-worthy, much less news-worthy. I maintain that decentralised identity is not a technology sector in the traditional sense, but rather a movement to forge new data models, business models, and information architectures at the base layer of software itself. As the name of the Rebooting conference implies, our current internet is poor in trust and data control. The identity of the people, companies, machines, and software that create and in many cases legitimately own a given set of data is not encoded into the data itself. On the contrary, those identities that are so essential to all data are easily stripped, forged, or falsified, making data simultaneously the most valuable and least secure asset of our times. This situation cannot be fixed by a mere trade union, or consortium, or by agreements between data barons; it requires a movement, which follows a different logic and a different roadmap than those we are used to in software.


Business as unusual

I choose the word “movement” carefully, because the radically open process of establishing these standards until now cannot be viewed merely as a business trend, an industry-wide reform, or an ideological sea change. I contend that decentralised identity is more than the sum of all three. No two of those three changes would be enough to upend decades of software history driven by extractive access to data and exclusive control of infrastructure. By contrast, the goals and drivers of this movement are more open and cooperative on the level of infrastructure, leading to unique strategies and unusual timelines. Allow me to explain.


Traditional software and technology businesses are organised primarily around companies that hold patentable intellectual property (“IP”). In recent decades, it has become almost universally recognised that if patentable IP can produce scalable software products, there will be many champagne bottles to uncork. In this kind of timeline, there are generally three categories of major events:


  • Mergers, acquisitions, and spin-offs are the weddings and baby showers of an industry structured around companies that exist to hold and monetise patents;

  • Product launches are like debuts or graduations, particularly when a given company’s success is measured by the number of end-users generating value and/or valuable data. Champagne bottles might pop when patents are approved, or external auditors confirm efficacy of a new security paradigm or manufacturing process; and

  • initial public offerings (“IPOs”) or elaborate tokenised coin sales are where the products debuted just a few short years ago get married to the market, for companies whose impact and value is measured in public-traded equity.


While many key players in the decentralised identity world operate in closed-source, patent-holding, and publicly-traded ways, there is still a crucial difference in their relationship to shared infrastructure. The standard reaching maturity means the launch not of one company, one set of products, one ecosystem, or even one whole new market, but rather the invocation of a coming economy.


In this new economy for which we are helping to lay foundations, it will not only be harder to exploit, breach, or sell the data of others on a technical level, but it will also cease to be a profitable business strategy, since low-quality, stolen data will be outcompeted by higher-quality, consensual data with rich provenance and new forms of utility built in. This less coercive, antagonistic relation of data at the base layer of information architecture will have ripple effects on the way companies and markets interact. Let a thousand new companies, non-profits, purpose-corporations, and government agencies bloom!


Spherity and the open future

A key aspect of the success of the standard so far has been its broad source of inputs, including from the least profit-driven corners of a diverse worldwide community of identity thinkers. Among these are many people we could call engineers of overlapping futures for the internet. This makes for a maximally open standard upon which many different kinds, sises, and speeds of software can coexist without sabotaging or excluding each other.


This also creates a lot of new potential, and staying active in the standards community keeps us abreast of many otherwise unforeseeable possibilities in this powerful new technology. Just as the fourth industrial revolution will be built on complex, agile, and largely non-human data flows, so too will the so-called “Web 3.0” be built on this decentralised addressing, which will change the terms of all internet business. Empowering user control of their own data is a paradigm shift economically and culturally, which will create new kinds of commerce at every level of the data economy. We hope that the frictions and zero-sum games around personal or proprietary data will give way to more cooperative, less antagonistic marketplaces and user-controller relations.


Spherity is well-positioned to continue to bridge these spheres: between what is possible today and what is coming; between the nuances of today’s economy and the machine economy on the horizon; between the governments and corporates of today and ever-more decentralised and decentralising forms of business. This particular milestone marks the dawn of a truly mature space for so-called “coopetition,” design-by-consortium, and open standards driving the next iteration of the World Wide Web. Spherity welcomes these developments, since younger imitators cannot replace or compete with our experience and our proven savvy, any more than larger players cannot compete with our agility and our specialization. Spherity is proud to have participated in the standards work thus far, and looks forward to growing and continuing to pioneer new paradigms in software for the data-rich, fluid, decentralised economy of the future.


Next Steps

Work continues on many other specifications for components of the decentralised identity software stack, in many of the same channels that nourished this standard. The Verifiable Credentials specification matures to a “global standard” next month, barring major last-minute objections. Exciting debates continue in the Rebooting and IIW communities about different models for agents and how the roles (and fiduciary duties) of such components could be defined and enforced. Carsten is working on a specification for backwards compatibility with PKI systems commonly used in European governments with Discipl (NL), as well as a whitepaper with Sam Smith and Michael Shea on new economic models unlocked by decentralised identity. Juan is working on a collaborative paper that grew out of Rebooting Prague to tentatively and non-normatively sketch out best practices that could initiate the foundations for a cross-platform credential verification standard, including the verification of traditional digital credentials. Spherity has joined the Decentralised Identity Foundation, now operated under the auspices of the Linux Foundation, to participate actively in interoperability testing workshops and documentation alignment groups to accelerate adaptation and experimentation with decentralised identity APIs. The concrete trucks are coming, work on the highways is about to begin in earnest.


Written by Juan Caballero

bottom of page