Strong network effects that monopolise humanity are one of the biggest threats of technology. It started with the physics waking up to the nuclear bomb. Chemistry waking up to the chemical weapons and the biology with it’s bio weapons and gene editing.
Tech just had it’s first encounter with abuse of central power
The world’s largest democracy getting hacked has spooked everyone and blockchain might seem like a default answer. But with more power comes even greater responsibility. The world is still considering the money laundering implications of crypto currencies. All the world leaders have spent considerable effort in the last few decades to cut off funding for terror, drugs, bribes and human trafficking through an organisation called Financial Action Task Force (FATF). This organisation operates behind the scenes to put together systems that get coordinated accross jurisdictions with 100s of central banks to stop the criminals from operating and crossing jurisdictions. It has put together a list of recommendations that currently all countries must follow. This includes high-risk transactions conducted under “New Payment Systems.”
Blockchains and crypto currencies are intertwined by birth. Part for the value of blockchain comes from the value exchange network.
Everyone needs a private key to operate on blockchain. This essentially represents you on blockchain with non-repudiation. It represents your digital Identity.
The problem is that these identities are currently pseudo-anonymous and anyone can create millions of them. They are impossible to regulate, which effectively undo’s all the effort FATF has put over the years.
The real cost of decentralization
I humbly propose a DAP triangle that throws light on the technical inability of regulators to deal with crime built on decentralised technologies.
Higher the decentralization, harder the choice becomes between privacy and accountability.
Decentralise — A system resistant to centralized control or failure.
Accountability — An endpoint or a transacting party that can be held responsible for failure of trust or compliances.
Privacy — An endpoint or transacting party that does not wish to be identified or the transaction be disclosed.
The following quadrilateral is proposed to understand the above dilemna. Its a threat model to assess any decentralised system.
Basically any decentralised system can either have transactions public or private. And on the other hand it can have counter-parties identified or anonymous. In the absence of any central authority the system suffers a limit of choosing between 4 edge results.
The bottom-left corner represents the most accountability as it decreases towards the top right and decends into a dark web.
The more decentralized a system is, the more binary the choice becomes within the two axis.
Non-standardized Identity systems make the problem accute.
The world lacks a credible unified Identity system. The identities are critical to generate accountability. Decentralised system often use remote KYC (identiy checks carried as ‘know your customers’). Without face-to-face KYC the processes are open to Identity fraud, fake identities and even having straw men.
Having both accountability and privacy is only possible with a central mediating authority that itself may be distributed. One possible solution is Identity insurance on blockchain. Wherein, the counter parties are indemnified for AML/KYC requirements while preserving privacy. The users may choose one of several insurance providers to hide their identities by providing insurance to cover counter party risk without having to disclose your detailed documents to everyone you deal with. It offers a far better user experience and security. Multiple insurance providers would lead to decentralized training and compliance as we drive the prices of the insurance down. This reduces the burden on regulators to train and enforce such compliances.
FATF, OECD and other regulators have a huge challenge in dealing with decentralised systems like crypto currencies before they can go main-stream. Building Identity insurance is a practical way to allow businesses to adopt Identity standards. This would need a pragmatic approach to calculating fines with regards to enforcing anti-money laundering rules to help develop the ecosystem around it.
Disclaimer — the ideas discussed here do not represent the view of crypto-community or the Identity related communities. They are solely expressed to identify, debate and resolve choke-points for crypto to go mainstream.
About the Author
Vishal Gupta is the founder of DIRO a project deeply involved in solving the Global Identity problem using a Decentralized Identity & Access Platform based on crowd-sourcing of contact directories. He is also a proponent of Self-soverign Identities as a foundation layer for Univarsal Basic Income and a borderless democratic world.