I recently spent time with nine or ten folks from an interesting startup tech company. Their product provides the confirmed identity of people when signing up to online services such as banking.

These people are talented and successful. They do research. They understand security. And in several discussions we talked about identity on the web.

Now, identity obviously includes things like passport, driver’s license, user id and password.

But it generalises rapidly into pretty much all personal data which can provide signals for the purposes of identifying who you are.

Expropriation of this personal data has led to so-called “surveillance capitalism” in which value arises from the data we unknowingly give the tech giants for free.

Surveillance Capitalism

Shoshana Zuboff, professor at Harvard Business School and author of The Age of Surveillance Capitalism (Profile Books Limited, 2019), describes this as the process by which our private human experience is brought into the marketplace — including everything from our emotional state and conversational habits to our sleep patterns and our walking gait — all of which becomes free raw material appropriated by the tech giants for a new kind of production process.

The output of this production process is the knowledge of who you are, what you’re thinking and, most valuable, what you’re about to do.

To give an idea of the speed at which this new market has developed, take the home thermostat.

In 2000, the idea of the smart home was a closed loop — intimate data about your home was expected to be used by you the homeowner alone. End of story. By 2017, it had completely changed. One University of London study in that year showed that a single Nest thermostat required the diligent consumer to review over 1000 privacy contracts in order to understand where the data goes.

Thus we have lost our decision rights. We are excluded from the decision-making process about our own property — our personal and private data.

Identity and the Technical Pole Star

So, back to our tech company in the identity space. What’s the technical guiding light?

In our conversations, one person spoke of wanting to be acquired — perhaps by a tech giant. Another spoke of wanting to recruit great engineers easily, perhaps using neat marketing ideas like Monzo with their “open source” career progression. Another spoke of engaging with the market “identirati” and standards bodies.

These are all good things to plan and do. But I’m missing the technical vision.

Where’s the pole star that both attracts talent and guides these details of execution?

My answer is we transform online identity. It’s disarmingly simple and works like this.

Every individual gets their own DNS “A” record (or more practically, an IPv6 AAAA record). An “A” record is that familiar name that resolves to a virtual server. Something like google.com or foobar.personal.id. Or, if you like vanity plates, jane.doe.name.

Free yourself - Lose the @ Sign

Spookily, this is actually simpler than today’s primary personal identity, which for most of us boils down to an email address. Email means you’re slave to someone’s DNS “MX” record.

Suddenly it becomes possible to achieve a whole lot of stuff we all want using existing technology.

Secure, zero-password logins. Digital signing of identity by recognised authorities. Automatic form filling. Automatic multi-party processes like parents authorizing their childrens’ logins or bank transfers that require multi-party approval. Licensing personal data to corporations for money… the list goes on and on.

We can turn today’s toxic relationship between individual and the “siren servers” (cf. Jaron Lavier) of the tech giants back the way it should be — a conversation between equals with fair exchange of value.

Did I mention no more passwords? Oh, I did.

The tech must be an open-source platform supporting both free public transactions such as simple or supervised login; and paid proprietary transactions such as identity verification using traditional documents like passport and driver’s licence.

Apps for smartphone and web make it completely automatic for individuals to use. Libraries and auto-provisioning with dynamic DNS make it trivial for web and online properties to provide.

Any tech company needs a strong and compelling tech vision to attract top talent. In the identity space, I reckon solving online identity and data privacy is a good one. It’s big, it’s relevant, it’s interesting, it’s feasible. With a strong, big-scale tech vision you can aim for IPO — and bat away suitors like flies as you head there.

Jacoby Thwaites

Jacoby Thwaites

Strictly no more than 2 cups of coffee, morning only