Contextual Identity — Fixing the Privacy

Unique Identity vs. Contextual Identity

Photo by Matúš Kovačovský on Unsplash

The identity is a human concept and it is time for a big shift.

The Universe doesn’t care about identity. The interactions in the Universe are made between identity-less parties. 
Still, as humans, we need a kind of identification as our lives are made by interactions with 3 types of entities:

a) things (objects)

b) people

c) technology

Usually, we need identity in order to authorize or track some kind of interaction.

The Past — Unique Identity

a) When interacting with things, those objects do not care about our identity. The laws of physics apply (_).

b) The situation is different when interacting with people. Most of the time, the identification is needed. For people the detail of “who are you?” counts.

c) For technology (e.g. computers) the situation is hybrid. The “thing part” of it will apply the “things laws of authorisation” (you can push a key on a computer no mater who you are), but the “intelligent part” of it will apply the “human laws of identification” because its programming is made by humans.

That is the situation now. As long as “the intelligent” part of technology is backed up by human design and programming, it will require human approach on identity (you need to identify yourself when interacting with technology). The Artificial Intelligence will change this as it will design and program having a different approach on contextual details. (_)

So humans developed a complex and strict system for identification. They introduced the “unique identity” — a person can be only that person — and implemented “unique id elements” that are recognizable as identity (name, photo id, fingerprints). All of those id elements assure the uniqueness of the identity for a person.

But, as long as an identity is unique for a person, that means it should be reusable. So, the identity we use in different situations (contexts) will be always the same and that means the receiver of the “id elements” will be able to use them in other contexts , sometimes in a fraudulent way.

There are 2 solutions for the privacy problems:

  1. Whenever the interaction is possible without identification, we should use that approach for all interactions (e.g. we can pay an apple at the market without the need to identify ourselves). This is the natural way of interaction but it is not used all the time. The businesses and the governments has the tendency to ask for identification much more then needed. That situation started to be regulated by lawmakers ( e.g. the EU-GPDR)
  2. When interaction is not possible without identification, then the identification should use “contextual identity” instead of “unique identity”

The Future — Contextual Identity

The “contextual identity” consist in different identifiers for an “entity” (persons, objects, virtual values) based on the context without being able to completely identify the “entity” but still allowing the receiver to complete the authorisation process as needed.

The contextual identity of the same “entity” (e.g. person) is different for each context. That way, unique id elements are not re-used.

The main advantage of using contextual identities is the isolation of different contexts from each other so a receiver getting the id details in a context, will not be able to use same id elements in other contexts, the privacy being assured.

To be easier to understand “contextual identities” think at the credit cards. It is like, with same bank account, we use a different credit card number for each merchant so if someone “still” our credit card number they will not be able to use it around to still our money.

In a primitive way, we use the “contextual identity” naturally in our life when we are known by the first name by the office colleagues, by the nick name by the very close friends and using the last name with officials. Those are different contextual identities.

Another example of existing uses of “contextual identity” is the use of barcode tickets. When you buy access to a theater play, a ticket is issued for you and you use that ticket at the entrance for access. When the ticket has an identification number (the bar code), the id is like your id for that very context of going to a theater play in a certain evening, to a certain theater and a certain play and even to a certain place inside the hall. That ticket id is your “contextual identity”.

The governments use a sort of contextual identification (is different then contextual identity). Many countries issue “contextual id documents” like driving license. Some of the countries do not have a centralized unique id document (especially English-speaking countries). There are even “proof of age” documents that are used by young people to buy alcohol. 
At the end of the day, those documents hold the “unique identity” of the individual and the document itself is a kind of authorization proof for that id and not a special issued “contextual identity”.

It is a task for the new technology to implement this concept at the root level of our interactions.

The new blockchain protocols and, probably a better fit, the newer tangle protocols (e.g. IOTA) should be involved for a proper implementation of the conceptual identity concept.

This is why one of the core components of the IM.CITY project is the Contextual Identity Manager facilitating the use of the contextual identities around the city contexts. The details on how IM.CITY will implement the contextual identities in the everyday life will be presented in separate material.

If you like to learn more about the IM.CITY project, let’s keep in touch!