Decentralizing how personal data is controlled
We’ve discussed how digital credentials allow for selective disclosure. Such functionality changes the fundamental dynamics of online data privacy. At present, individuals are often faced with the choice to either trust the service provider to handle their personal data with care or to not engage with the service at all.
With verifiable digital credentials, the user determines how, and with whom, the data is shared. Unlike with today’s huge, centralized customer databases, an organization has no way to extract this information without the individual’s explicit consent. The individuals create their own data flows. No third parties, surveillance applications, or cookie trails are involved.
Contrast this with the federated model of identity, the sign-in system that enables us to log in to websites using our Facebook or Google profiles. Federated identity basically includes any ID system that gets between the two primary parties in a transaction. In these examples, the intermediary tracks user interactions via a virtual cookie crumb trail.
An issuer of a digital credential has no record of where we use the credential or to whom we show it. Going back to our example, a university can issue a proof-of-degree credential which can be shared with prospective employers. The data is shared peer-to-peer, so the university doesn’t know about it. And the employer can assess authenticity without having to contact the university because each credential is cryptographically signed by the issuing authority.