Why the state’s monopoly on identity is more dangerous than Google, Facebook and Microsoft
Contents
--
- Why the state’s monopoly on identity is more dangerous than Google, Facebook and Microsoft
- Roadblocks to obtaining government-issued ID
- The dangers of “decentralized” ID systems
Why the state’s monopoly on identity is more dangerous than Google, Facebook and Microsoft
This is a response to The Reboot’s article, which discusses the dangers of perpetual tracking by Google, Facebook and Microsoft: https://thereboot.com/why-we-should-end-the-data-economy/
While the tracking by Google, Facebook and Microsoft is definitely disturbing and can even put people in danger, the state’s data economy is even worse. Many people don’t talk about this, even though it affects millions of people’s daily lives.
The state has a monopoly on identity and an obsession with tracking people from birth certificate to death certificate. It creates disproportionate and harmful KYC regulations which actively exclude people without government-issued ID from necessary services, including work, finances, housing and healthcare and even small things like online shopping, receiving mail, buying a sim card or visiting the gym or library.
You can choose to not use Google, Facebook, Windows or stock Android, and use alternatives such as DuckDuckGo, Mastodon, Linux and custom ROMs. There are also ways to protect your privacy, such as leaving your phone at home, using a burner phone outside, using pseudonyms and not publicly posting photos of yourself online.
However, when the state forces the vast majority of employers, landlords and hospitals to ask for government ID, there are only a few gray market alternatives left (e.g. under the table work, informal rentals for cash, find doctors that accept cash payments or buy imported medicines).
For example: If you don’t use Facebook for privacy reasons, you can keep in contact with friends and local events in a different way. If you can’t rent most apartments because the landlord requires a passport or driver’s license, you are lucky if you can find a room in a shared apartment where your roommates deal with the contract for you and you pay rent to your roommates in cash. One thing can be an inconvenience, one thing can cause homelessness.
Millions of people don’t have access to government ID (the state refuses to print it for them) or can’t show ID for safety reasons (e.g. they are a victim of abuse and don’t want to be tracked by their abuser). These people are often already in vulnerable situations (for example: stateless, undocumented or homeless people, activists or victims of abuse) and exclusion from basic needs makes it worse.
The state’s monopoly on identity is a centralized single point of failure — if the state refuses to print an ID card for someone, this person can’t appeal, get help from NGOs or find an alternative way to get ID. Even Flag Theory requires an existing birth certificate or old passport. Even if you can get ID, the name that the state prints on your ID may not be the name you use in real life, and many countries restrict legal name changes, which is harmful for victims of abuse who want a safe new name.
Government ID requirements don’t contribute to security or trust. They only disproportionately and unfairly exclude people from services.
For a job, only your skills should be relevant. For housing, only your ability to pay rent should be relevant. For healthcare, only your medical condition should be relevant (in fact, it should be against the Hippocratic Oath to deny medical treatment to people without ID, especially if they are paying out-of-pocket in cash).
For authentication or trust purposes, it should be enough to say your name, use a password/PIN (e.g. SMS code to pickup mail), cryptographic keypair (such as in Bitcoin), pseudonymous reputation network (e.g. online reviews, vouches from friends) or cash deposit (e.g. for rentals). Even non-government IDs from Blockchain companies like Bitnation, micronations like Liberland or privacy organizations like Digitalcourage are more accessible than gatekept government ID systems.
NGOs have tried to convince the state to print IDs for millions of people, but the state still refuses. However, grassroots peer-to-peer markets and parallel economies could help people to access necessary services, even without state-issued ID. The gray market already offers work, housing, healthcare and more, although it can be difficult to find if you don’t know many people or live in a strictly regulated country.
There are many reasons to participate in gray markets. It can be easier and quicker to hire a remote freelancer for crypto, rent out your spare room for cash or pay a doctor out-of-pocket instead of dealing with public health insurance. Bureaucracy doesn’t just shut people out of the market, it also takes time and money to fill out forms, deal with months-long wait times, pay extortionate fees and apply for (unnecessary) permission (since the state is based on fraud, coercion and violence, its existence is illegitimate and its permission is unnecessary).
Private and uncensorable cryptocurrencies, such as Bitcoin and Monero, are helpful tools for local and global gray markets, and offer an accessible and safe way to send money globally, locally and online. Unlike banking, credit cards, Paypal and Western Union which require government ID, cryptocurrencies only require a secure cryptographic keypair which anyone can generate with easy-to-use wallet software. The benefits of cryptocurrencies include low fees (can be less than 1 cent), fast confirmation times (can be instant), accessibility and censorship-resistance (no ID or permission needed), privacy (especially if you use Monero), no risk of chargebacks or seizures, and no risk of theft (as long as you don’t disclose your private key to anyone).
For inclusive and safe access to daily needs such as jobs, housing and healthcare, we should build and use peer-to-peer markets that are immune to the state’s monopoly on identity, invisible to the state’s data economy, and free for everyone to use.
For more details about how to get started with peer-to-peer markets, visit:
— https://anarkio.codeberg.page/agorism/
— https://bitcoinmagazine.com/business/kyc-free-bitcoin-circular-economies
Roadblocks to obtaining government-issued ID
The state’s monopoly on identity and its KYC regulations exclude millions of people from daily life necessities, such as finances, jobs, apartment rentals, healthcare, mail, sim cards, contracts and more. If the state refuses to print ID for you, there is no way to appeal or get an ID via an alternative method. It is truly a monopolized single point-of-failure that leaves people (who e.g. weren’t registered at birth) no opportunity to enter the system and regularize their situation as an adult, regardless of their skills or efforts.
Standard application
If you weren’t registered at birth or the country of birth is dangerous to you, it’s impossible to get a passport or national ID card via a standard application. If you don’t already exist in the database, the state is very unlikely to add you as an adult.
Skilled work visa
Even a skilled work visa requires an existing passport, regardless of your specialized skills, an invitation from a company, character references, vouches or a highly-paid job offer.
Driver’s license
The state doesn’t only require a passed driving test, but also an existing national ID card or passport in order to get a driver’s license.
Stateless passports, non-citizen passports
Stateless passports technically exist, even with an “identity not verified” stamp for people who don’t have a birth certificate or old passport. However, the state mostly refuses to print stateless passports (legally recognized stateless status) and non-citizen passports (nationality unknown) and even prefers to imprison people indefinitely than to print an ID which would allow them to get a work or marriage visa.
IDs for undocumented people
Some US states offer ID cards for undocumented people, such as the Californian AB 60 driver’s license and a similar program in New York. However, these ID cards require an existing foreign passport, national ID card or birth certificate. While this could help people who have ID but no visa, it can’t help people who don’t have existing state-issued identity documents.
Digital IDs
The planned “Digital IDs” will likely require government ID as a base layer, and will continue to exclude people who don’t have an existing national ID card or birth certificate, even if they give their fingerprints or a biometric photo.
Asylum
Asylum is generally only available in cases of war. People who escape from a war-torn country fortunately may be able to get asylum by only providing fingerprints. For anyone else who is escaping from a dangerous situation (abuse, political persecution, cultural persecution e.g. against women, LGBT people, religion or ethnicity), the state often refuses to grant asylum applications and even forcibly returns the applicant against their will to the country that endangers their life.
Red Cross, United Nations
United Nations used to issue laissez-passer passports and Red Cross used to issue emergency travel documents, but it looks like these are not available anymore. Generally these were only valid for one trip, and not intended for daily life use, such as visas, jobs, apartment rentals or healthcare.
Flag Theory, second passports, jurisdictional arbitrage
All Flag Theory strategies (e.g. St Kitts passports, Estonian digital residency, Panamanian permanent residency, RNS.id) require an existing passport or birth certificate. There is no way to receive an initial proof of identity via investment or skilled work, so these strategies can’t help people who have no identity documents at all.
Shell companies
Many people recommend to make contracts under a business name rather than a personal name. However, even “anonymous off-shore companies” with nominee directors require government ID to open. Maybe this method could provide privacy for people with ID, but it isn’t possible without ID.
Secondary proof of ID, paper trail
In Common Law countries like the US and UK, it may be possible to access services via “secondary proof of ID” or “ID points”, such as letters, medical records, work ID cards, library cards, baptism certificates or other non-government documents, or ask someone who has ID to vouch for you (identity witness). However, in most other countries, only passports or national ID cards are accepted, which strictly require you to be entered in the state’s database at birth (government-issued birth certificate). This means that it isn’t possible to “build an identity” via a daily-life paper trail such as contracts, letters and school/work records.
Non-government ID cards
While Flag Theory offers government-issued ID cards in return for investments (but excludes people without an existing proof of identity), various organizations and companies print non-government ID cards for a fee, no previous ID required. Some examples are Digitalcourage, Bitnation, Liberland and World Passports. However, these non-government IDs are not accepted for KYC purposes (visas, banking, jobs) or even for layman situations like picking up mail, renting an apartment or joining a gym. While you can buy one without an existing government ID, it isn’t accepted in daily life situations.
Paper tripping
Paper tripping was an old strategy that used dead people’s documents or copied living people’s documents, e.g. by buying a birth certificate from one state and using it in another state, as databases weren’t shared. This doesn’t work anymore, at least in the EU, because data is shared between databases, departments and countries (e.g. from a cloned birth certificate, the state can easily find the real person’s photo, address, job and IDs, or if it’s a foreign birth certificate, they can ask the embassy, who will reply if it’s faked or cloned). If you try to apply for a national ID card using a cloned birth certificate, the state will see the real person’s existing ID card and their photo in the database, and will easily determine that you aren’t the same person.
Bribed ID
Bribed ID may work if you find a connection to a corrupt bureaucrat, although it may look suspicious to see that a birth e.g. from the 90s was only entered today. Plus there is a risk if the corrupt bureaucrat would be exposed and the fake ID records would be deleted.
Fake ID
In the US, it’s fairly easy for college students to buy a fake driver’s license for drinking. However in Europe, fake ID sellers are difficult to find. If you can find a fake ID seller, maybe it could work to pickup mail, visit a doctor or rent an apartment and open up more opportunities this way, but it is unlikely that the state would accept this ID to issue a visa or SSN and it may not work for situations that use scanners (e.g. opening a bank account).
Solutions
As you can see, it’s difficult to access government ID if you weren’t registered at birth, the country of birth is dangerous to you, or many other reasons. The state provides no way to regularize your situation as an adult, e.g. via a daily-life paper trail (school/work records, letters, contracts, medical records), qualifying for a skilled work visa or even providing fingerprints.
There is no way to convince the state to solve problems that it has intentionally created. Even human rights organizations like United Nations, Red Cross, Caritas and Privacy International have tried to persuade the state to print IDs for millions of stateless people, refugees and undocumented people. 1 billion people worldwide have no access to government-issued ID, but instead of printing ID for these people, the state prefers to ignore, blame, exclude or even imprison them.
Instead, the practical solution is to provide more services that don’t require ID, such as under-the-table jobs, informal apartment rentals, cash-in-hand healthcare, anonymous sim cards, and businesses who accept payments in cash or Bitcoin. Proxy merchants are also necessary: people who have ID make contracts or sign up for services on behalf of people who don’t have ID and are paid a fee for their help. This could help people without ID to access jobs, banking, apartment rentals, online shopping or even healthcare.
More information about KYC-free services can be found here: https://anarkio.codeberg.page/agorism/
The dangers of “decentralized” ID systems
Many decentralized identity protocols are being developed, which claim to increase users’ privacy, enable interoperability and convenient single sign-ons, protect against identity theft and allow self-sovereign ownership of data.
However, many of these protocols rely on government ID as a base layer (as proof of name, age or address, referred to as “Verifiable credentials”). In this system, users are required to upload a video with their passport or national ID card. After this, their name, age or address is marked as verified. Then platforms can query this API and ask is_over_18, full_name or country_of_residence, but have no access to the user’s ID scan or any additional information (e.g. is_over_18 only returns true or false, and doesn’t disclose the user’s name, home address or photo).
This reliance on government IDs means that DIDs cannot protect users against state surveillance. And just like the existing system, it continues to exclude millions of people who can’t get government ID: https://www.statelessness.eu/blog/each-person-left-living-streets-we-are-losing-society, https://www.opendemocracy.net/en/5050/still-stateless-still-suffering-its-time-for-european-leaders-to-take-action
Problem 1: Reliance on government ID as a base layer
If decentralized ID is just an extension of the existing government ID system, it provides neither privacy nor financial inclusion.
Via government ID KYC, the state already excludes regular people from jobs, banking, apartment rentals, healthcare, receiving mail, sim cards, contracts and more.
If the state refuses to print ID for someone (which affects millions of people today), there are no appeals, alternatives nor NGOs who can help. Flag Theory (such as St Kitts passports, Panamanian residency, Estonian e-Residency or RNS.id) requires an existing passport or birth certificate. Even IDs for undocumented people (such as Californian AB 60 driver’s licenses) require a foreign passport, national ID card or birth certificate, and can’t help people who have no state-issued identity documents at all. In addition, Red Cross, United Nations and other NGOs don’t issue identity documents.
This existing ID system is harmful, inaccessible and a single point of failure — and if decentralized protocols rely on this broken layer, they will continue to harm and exclude people.
Problem 2: The state won’t give up its monopoly on identity
Fortunately, some decentralized ID protocols aim to be inclusive, and instead of requiring government ID to verify a user’s name, age or location, they use social media, a web-of-trust or biometrics. This removes the ability for state censorship, and instead allows your friends to vouch for you, or allows you to gain access to services via fingerprints or an iris scan.
With a web-of-trust, friends and family could vouch for your name, age or location; landlords could vouch for your address; employers could vouch for your skills; customers could vouch for businesses; and so on. As it doesn’t rely on government databases, but rather the people you know, it is truly decentralized and accessible.
Biometrics also do not rely on state permission. If you have fingers or eyes, you can signup with a fingerprint or iris scan — no passport or national ID card required. As it is not dependent on state-issued documents, biometrics would be accessible for stateless people, undocumented people and people who weren’t registered at birth, who are often unfairly excluded from the mainstream economy. However, biometrics are dangerous for many reasons, including security (someone could force you against your will to give your fingerprint or decode your iris pattern from a photo), personal safety (e.g. escaping from domestic abuse or protesting against an authoritarian government), as well as privacy (such as the natural compartmentalization of work and home life and online personas).
However, it is unlikely that the state, who forces government ID regulations onto businesses, employers, landlords and healthcare providers, will accept web-of-trust vouches or biometrics as “proof of identity”. It will not be possible to apply for a job with a “Worldcoin” iris scan or rent an apartment via positive reviews on a web-of-trust rental platform. The state’s fatalistic monopoly on identity whitelists people at birth, and doesn’t allow people who weren’t registered at birth to later “earn the right to exist” as an adult. The state won’t allow people to bypass this whitelist simply by giving fingerprints or asking friends to vouch for them. If the state chooses to incorporate biometrics or web-of-trusts into its identity system, it will do so on its own terms, as an addition rather than alternative: a web-of-trust platform would require an existing government ID in order to signup, and any “Worldcoin” wallets would require government ID in order to receive or spend funds.
In summary, the state wants to uphold its monopoly on identity and its disproportionate ability to totally surveil and censor people from the mainstream economy. Even the United Nations (https://www.unhcr.org/ibelong/about-statelessness) and World Economic Forum (https://www.weforum.org/agenda/2020/11/legal-identity-id-app-aid-tech) are aware of the damage caused by the state’s monopoly on identity, but are unable to convince the state to print IDs for millions of stateless and undocumented people, nor issue their own recognized non-government IDs. Therefore, it’s unlikely that web-of-trust or social media-based ID protocols will be usable for mainstream jobs, banking or apartment rentals.
That isn’t to say that non-government DIDs can’t be used for commerce or daily life. The internet has made it easier to connect with people worldwide and cryptocurrencies have made it possible to send money to anyone around the globe without a bank account or government ID. Despite the war on cash, local markets still accept cash and informal cash-in-hand economies exist around the world. In addition, agorism (https://anarkio.codeberg.page/agorism) and Bitcoin and Monero circular economies (https://bitcoinmagazine.com/business/kyc-free-bitcoin-circular-economies, https://monerochan.news/article/4) focus on building truly free markets outside of the state and corporations, where you can work, rent and travel without government ID. In these non-government markets, a web-of-trust could help with business reviews and reputation, proving education and skills when applying for jobs, or establishing trust for invite-only markets.
Problem 3: Decentralized ID can be censored
Some decentralized ID protocols use cryptocurrency addresses as identifiers, such as Ethereum or Bitcoin Lightning. However, there have been cases where platforms have censored users based on transaction history (such as using a KYC-free exchange, cryptocurrency mixer or buying from specific online stores).
Connecting your identity and social life to your finances already creates privacy concerns (as anyone who you interact with could easily find out your wealth and surveil your earnings and purchases). Even worse, censorship via chain analysis or KYC means that users could be shut out of exchanges, marketplaces, social media websites and more. Imagine that you are permanently banned from Facebook or Twitter, because you recently sent money to a gambling website, bought a CBD product or didn’t want to disclose sensitive information such as government ID (or are one of the 1 billion people worldwide who can’t get government ID, through no fault of their own).
From a technical perspective, cryptographic identifiers may provide better security than passwords. It is much easier to crack an insecure password compared to a (much stronger) Bitcoin private key. Cryptography also enables you to sign messages, proving that the content (such as a social media post, order or contract) really came from you, and not an impersonator.
That being said, PGP already offers cryptographic identifiers, to which you can optionally add your name (or pseudonym) and participate in a web-of-trust. You can use this PGP key not only to login to websites (by decrypting a code that the website sends you), but also verify content via PGP signatures and securely encrypt messages, emails and files. As PGP keys aren’t connected to your finances via a transparent blockchain and you can easily make pseudonymous and throwaway PGP keys, they offer a private and accessible identity framework.
Problem 4: Surveillance and the dangers of linking all your activity to one identity
But why do you need to verify a name? Why not take someone at their word, and allow them to choose what name they want to use? Why do all actions need to be linked to a single persistent physical identity?
Under the state’s government ID system, the state tracks people from birth certificate to death certificate — compiling details of individuals’ jobs, savings, purchases, home addresses, cars, vacations, medical history, phone calls, internet history and more. This level of surveillance is disproportionate and unethical.
An individual’s life should be private. Information should only be shared voluntarily on a need-to-know basis. For example, only your employer, colleagues and customers need to know about your job; only your doctor, pharmacy and insurance (unless you pay out-of-pocket) need to know about your medical history; and many people only share their home address with close friends and family.
Online, in the existing “username and password” model, users are free to create self-chosen identities, pseudonyms and throwaway accounts. It’s natural to want to compartmentalize your activities, such as using separate work and home profiles, not sharing your real life name or location with online chat groups, using a pseudonym for activism, artwork, music or writing, or creating an anonymous account to join a support group (such as for health issues, addiction or domestic abuse). Tying everything to a single identity could cause self-censorship, discomfort (in the case of sensitive or health-related topics) or even serious safety concerns (in the case of activism, discrimination or escaping from abuse).
For commercial transactions, such as shopping, jobs or apartment rentals, there are many ways to establish trust without a persistent or state-assigned identity, such as:
- Anonymous transactions: Buying a loaf of bread or a bus ticket with cash or crypto doesn’t require a name. Just pay and the product is yours.
- PINs and passwords: Pickup mail with a PO box key or a PIN sent to your phone number. Access depends on possession of the key or the PIN, so no personal ID is required. Passwords and PINs can be combined, such as a password to login and a 2FA PIN sent by SMS or email to confirm an action.
- Cryptographic keypairs: Bitcoin uses pseudonymous cryptographic keypairs to send, receive and store money. PGP also uses pseudonymous keypairs, in order to encrypt messages, sign and verify data, and participate in a web-of-trust.
- Reviews and reputation: Examples include customer reviews for a business, a job applicant’s portfolio, or a user’s profile on a couchsurfing or apartment rental website.
- Cash deposits and escrows: Cash deposits can protect against theft or damages for rentals, and escrows can protect against scams when shopping online or working remotely.
- Non-government IDs: Organizations such as Digitalcourage, Bitnation and World Passport issue non-government IDs, which are more accessible than state-issued passports, but are unfortunately currently not accepted in mainstream businesses.
For many commercial transactions, a persistent or personal identity is not necessary. In cases where a name is required, simply saying your name should be enough (with optional verification via a PIN, PGP signature, web-of-trust or social media profile). In any case, neither a single persistent identity nor a state-assigned identity should be required for participation in the economy or social networks.
Conclusion
The surveillance and exclusion currently caused by gatekept government ID systems clearly shows the dangers of identity databases. If you are working on decentralized identity, allow users to participate without linking government ID, allow pseudonyms and throwaways, and keep a regular “username and password” login available for people who prefer it. Don’t create a clone of the existing broken system, but take this chance to create an alternative, inclusive and privacy-friendly ecosystem that everyone can participate in.
