Abstract
The purpose of this paper is to explore the philosophical implications of the Self-sovereign identity (SSI), considered one of the most prominent examples in which the process that we define as data subjectivation takes place. We will begin by examining the technical side of the SSI model and then delve into the concepts of identity and sovereignty, which are crucial for defining digital identity. We will explain how these concepts must be understood within a broader theoretical framework that we refer to as data subjectivation. This framework acknowledges the emergence of a new digital subject defined through the materialisation of data, which determines an individual’s rights and powers in their digital life. We scrutinise this process starting from the concept of “virtual materiality” and from the relationship between the physical world and the virtual world defined by Katherine Hayles. We will show that, to achieve the promises that are often associated with the SSI model, such as a decentralised and trusted web inhabited by digitally “sovereign” users, we must frame the vision put forth by the SSI as a socio-technical imagery. We sketch how this discourse can be oriented by employing the idea of digital self-determination, trying to frame the open questions of powers and rights in digital spaces linking the SSI and the process of data subjectivation. Finally, we show how a purely technical solution to the goal of a user that “owns” their data cannot be feasible, and we encourage further exploration of the inextricable links between the technological development of digital identity solutions and the political values that shape them.
Similar content being viewed by others
Materials and/or Code Availability
Not applicable.
Notes
https://id2020.org/, accessed the 10th of May 2022.
Self-sovereign identity has been used for offering an identity for refugees in Jordan (Wang & De Filippi, 2020), although there is some criticism regarding the effective capacity of a technical solution to empower marginalised groups and individuals, by the use of technology alone (Cheesman, 2022; Corballis & Soar, 2022).
https://sovrin.org/, accessed the 10th of May 2022.
An interesting case of a moral value attached to the idea of “owning data” is the concept of “data altruism”. This term is employed by the Data Governance Act, where the regulation defines a framework where individuals and companies can freely choose to share their data to be used for public interest. This is clearly a case in which a positive value “altruism” is attached to the idea of possessing data as a commodity that can be collectively used and that their owner can donate. This idea becomes even more significant in the current European Commission’s proposal for the Data Act. Here, a series of articles are devoted to defining an obligation to share data in the case of a public emergency. This brings the discourse a step further: the ownership of data not only entails a moral significance, but enables a set of extraordinary obligations.
“A ‘verifiable presentation’ is a tamper-evident presentation encoded in such a way that authorship of the data can be trusted after a process of cryptographic verification” (https://www.w3.org/TR/vc-data-model/#dfn-verifiable-presentations).
https://www.moxytongue.com/2012/02/what-is-sovereign-source-authority.html, accessed the 18th September 2022.
Here, we present the reconstruction that Cristopher Allen offered in his seminal article http://www.lifewithalacrity.com/2016/04/the-path-to-self-soverereign-identity.html, accessed the 18th September 2022.
Hayles, tracing back the stages of the development of cybernetics, argues that the contemporary epoch (dating from 1980 to the present day) can be defined as the epoch of virtuality (as distinct from the two previous epochs, referred to as the epoch of “homeostasis”, characterised by the concepts expressed by the Macy Conferences on Cybernetics (Abraham, 2020) and following Wiener’s theoretical systematisation of “reflexivity”, marked by the publication of Autopoiesis and Cognition by Maturana and Varela (1980).
According to Hayles, three phases of cybernetics can be identified, marked by the characterisation of the relationship between materiality and immateriality. The three phases would be characterised by the concepts of homeostasis for the first phase, reflexivity for the second phase, and virtuality for the third phase. As for the phase of virtuality, according to Hayles, it would be characterised by a possible intersection between materiality and information.
https://essif-lab.eu/, accessed the 7th of May 2022.
Ursula von der Leyen, President of the European Commission, in her State of the Union address, 16 September 2020, https://commission.europa.eu/strategy-and-policy/priorities-2019-2024/europe-fit-digital-age/european-digital-identity_en, accessed at 1 Feb 2023.
References
Abraham, T. (2020). The Macy Conferences on Cybernetics: Reinstantiating the mind. Oxford Research Encyclopedia of Psychology. Retrieved 30 May 2022, from https://oxfordre.com/psychology/view/10.1093/acrefore/9780190236557.001.0001/acrefore-9780190236557-e-541
Bauman, Z. (2001). Identity in the globalising world. Social Anthropology, 9(2), 121–129.
Beer, S. (1959). Cybernetics and Management. New York: Wiley.
Biktimirov, M. R., Domashev, A. V., Cherkashin, P. A., & Shcherbakov, A. Y. (2017). Blockchain technology: Universal structure and requirements. Automatic Documentation and Mathematical Linguistics, 51(6), 235–238.
Birch. (2014). David. London Publishing Partnership.
Brand, R. A. (2008). Sovereignty: The state, the individual, and the international legal system in the twenty first century. Hastings International and Comparative Law Review, 25, 279–295.
Bratton, B. (2016). The Stack. On Software and Sovereignty. Massachusetts: The Mit Press.
Bringer, J., Chabanne, H., & Kindarji, B. (2011). Identification with encrypted biometric data. Security and Communication Networks, 4(5), 548–562.
Chadwick, D. W. (2009). Federated identity management. In A. Aldini, G. Barthe, & R. Gorrieri (A c. Di), Foundations of Security Analysis and Design V (Vol. 5705, pp. 96–120). Springer Berlin Heidelberg. https://doi.org/10.1007/978-3-642-03829-7_3
Cheesman, M. (2022). Self-sovereignty for refugees? The Contested Horizons of Digital Identity, Geopolitics, 27(1), 134–159. https://doi.org/10.1080/14650045.2020.1823836
Chen, X., & Yang, J. (2021). Digital space and virtual reality: An overview. In Handbook of Research on the Global Impacts and Roles of Immersive Media (pp. 198–212). IGI Global.
Clarke, R., & Koops, B. (2017). Attributes of physical and digital spaces relevant to the regulation of human behaviour. [Whitepaper]. http://www.rogerclarke.com/DV/PDS.html
Clauß, S., & Köhntopp, M. (2001). Identity management and its support of multilateral security. Computer Networks, 37(2), 205–219. https://doi.org/10.1016/S1389-1286(01)00217-1
Corballis, T., & Soar, M. (2022). Utopia of abstraction: Digital organizations and the promise of sovereignty. Big Data & Society, 9(1), 20539517221084588.
European Union: European Commission. (2021). Proposal for a regulation of the European parliament and of the council amending Regulation (EU) No 910/2014 as regards establishing a framework for a European Digital Identity, Accessible at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52021PC0281
Fischer-Hübner, S., Hoofnagle, C. J., Krontiris, I., Rannenberg, K., & Waidner, M. (2011). Online Privacy: Towards Informational Self-Determination on the Internet. Dagstuhl Manifestos, 1(1), 1–20.
Fischer-Hübner, S., Hoofnagle, C. J., Krontiris, I., Rannenberg, K., & Waidner, M. (2013). Online privacy: Towards informational self-determination on the Internet (August 29, 2011). Dagstuhl Manifestos, Vol. 1, Issue.
Foucault, M. (1983). The Government of Self and Others: Lectures at the Collège de France 1982-1983, trans. Graham Burchell, Lesson of March 9, 1983
Foucault, M. (1990). The history of sexuality: An introduction, volume I. Trans. Robert Hurley. New York: Vintage, 95.
Foucault, M. (2005). The hermeneutics of the subject. Lectures at the College de France, 1981–1982 (G. Burchell, Trans.). New York: Picador.
GDPR, E. (2016). General Data Protection Regulation (GDPR): Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), OJ 2016 L 119/1.
Gharib, M. (2022, February). Privacy and informational self-determination through informed consent: the way forward. In Computer Security (Ed.), ESORICS 2021 International Workshops: CyberICPS, SECPRE, ADIoT, SPOSE, CPS4CIP, and CDT&SECOMANE, Darmstadt, Germany, October 4–8, 2021, Revised Selected Papers (pp. 171–184). Cham: Springer International Publishing.
Goriunova, O. (2019). The digital subject: People as data as persons. Theory, Culture & Society., 36, 026327641984040. https://doi.org/10.1177/0263276419840409
Hayles, N. K. (1999). How we became posthuman: Virtual bodies in cybernetics, literature, and informatics. The University of Chicago Press.
Hoffman, J. (1997). Can we define sovereignty? Politics, 17(1), 53–58.
Hornung, G., & Schnabel, C. (2009). Data protection in Germany I: The population census decision and the right to informational self-determination. Computer Law and Security Review, 25, 84–88.
International Telecommunication Union, T X.1250. (2009). Baseline capabilities for enhanced global identity management and interoperability, series x: Data networks, open system communications and security, Accessible at: https://www.itu.int/rec/dologin_pub.asp?lang=e&id=T-REC-X.1250-200909-I!!PDFE&mtype=items
Ikäheimo, H. (2002). On the genus and species of recognition. Inquiry, 45(4), 447–462. https://doi.org/10.1080/002017402320947540
Ilievski, N. L. (2015). The individual sovereignty: Conceptualization and manifestation. Journal of Liberty and International Affairs, 23.
Ishmaev, G. (2021). Sovereignty, privacy, and ethics in blockchain-based identity management systems. Ethics and Information Technology, 23, 239–252. https://doi.org/10.1007/s10676-020-09563-x
Isin, E., & Ruppert, E. (2015). Being digital citizens, London, New York. Rowman & Littlefield.
Jensen, J. (2012, August). Federated identity management challenges. In 2012 Seventh International Conference on Availability, Reliability and Security, (pp. 230-235). IEEE.
Jordan, K., Hauser, J., & Foster, S. (2003). The Augmented Social Network: Building identity and trust into the next-generation Internet. First Monday.
Jøsang, A., & Pope, S. (2005). User centric identity management. In AusCERT Asia Pacific Information Technology Security Conference, (Vol. 22, p. 2005).
Käll, J. (2017). A posthuman data subject? The right to be forgotten and beyond. German Law Journal, 18(5), 1145–1162. https://doi.org/10.1017/S2071832200022288
Kölbel, T., Gawlitza, T., Weinhardt, C. (2022). Shaping governance in self-sovereign identity ecosystems: Towards a cooperative business model.
Kumar, V., & Bhardwaj, A. (2018). Identity management systems: A comparative analysis. International Journal of Strategic Decision Sciences (IJSDS), 9(1), 63–78. https://doi.org/10.4018/IJSDS.2018010105
Lee, D. (2021). Defining the rights of sovereignty. AJIL Unbound, 115, 322–327. https://doi.org/10.1017/aju.2021.44
Lessig, L. (2006). Code and other laws of cyberspace (version 2.0). Basic Books.
Maturana R. H., & Varela F. J. (1980). Autopoiesis and cognition: The realisation of the living, 1ed.
McMahon, R. (2011). The institutional development of indigenous broadband infrastructure in Canada and the United States: Two paths to “Digital Self-Determination”. Canadian Journal of Communication, 36(1), 115–140.
McMahon, R. (2013). Digital self-determination: Aboriginal peoples and the network society in Canada
Mohanta, B. K., Jena, D., Panda, S. S., & Sobhanayak, S. (2019). Blockchain technology: A survey on applications and security privacy challenges. Internet of Things, 8, 100107.
Ong-Van-Cung, K. S. (2011). Critique and subjectivation: Foucault and butler on the subject. Actuel Marx, 1(No 49), 148–161.
Osorio, O., Mauricio, H., & Nafría, J. D. (2016). The Cybersyn project as a paradigm for managing and learning in complexity.
Papageorgiou, A., Mygiakis, A., Loupos, K., & Krousarlis, T. (2020). DPKI: A blockchain-based decentralized public key infrastructure system. In 2020 Global Internet of Things Summit (GIoTS) (pp. 1–5). https://doi.org/10.1109/GIOTS49054.2020.9119673
Philpott, D. (1995). Sovereignty: An introduction and brief history. Journal of International Affairs, 48(2), 353–368. http://www.jstor.org/stable/24357595
Pimenidis, E. (2010). Digital identity management. In Handbook of Electronic Security and Digital Forensics (pp. 279–294).
Preukschat, A., Reed, D., & Searls, D. (2021). Self-sovereign identity: Decentralized digital identity and verifiable credentials.
Remolina, N., & Findlay, M. (2021). SMU Centre for AI & Data Governance Research Paper No. (03). Available at SSRN: https://ssrn.com/abstract=3831726 or https://doi.org/10.2139/ssrn.3831726
Rouvroy, A., & Poullet, Y. (2009). The right to informational self-determination and the value of self-development: reassessing the importance of privacy for democracy. In Gutwirth, S., Poullet, Y., De Hert, P., de Terwangne, C., & Nouwt, S. (Eds.). Reinventing data protection? Springer, Dordrecht. https://doi.org/10.1007/978-1-4020-9498-9_2
Sabadello, M. (2021). Decentralized identity for a peaceful society, (p244–249) in Preukshat A. & Reed D. (2021), Self sovereign identity, Manning.
Sedlmeir, J., Smethurst, R., Rieger, A., & Fridgen, G. (2021). Digital identities and verifiable credentials. Business & Information Systems Engineering, 63(5), 603–613. https://doi.org/10.1007/s12599-021-00722-y
Sovacool, B. K., & Hess, D. J. (2017). Ordering theories: Typologies and conceptual frameworks for sociotechnical change. Social Studies of Science, 47(5), 703–750.
Stokkink, Q., Ishmaev, G., Epema, D., & Pouwelse, J., 2021, Proceedings of the IEEE 46th Conference on Local Computer Networks, LCN 2021: Proceedings. Khoukhi, L., Oteafy, S. & Bulut, E. (eds.). Piscataway: IEEE , p. 81–89 9 p. 9525011. (Proceedings - Conference on Local Computer Networks, LCN; vol. 2021-October).
Tobin, A., & Reed, D. (2016). The inevitable rise of self-sovereign identity. The Sovrin Foundation, 29(2016), 18.
Wang, F., & De Filippi, P. (2020). Self-sovereign identity in a globalized world: Credentials-based identity systems as a driver for economic inclusion. Frontiers in Blockchain, 2, 28. https://doi.org/10.3389/fbloc.2019.00028
Wijetunga, W., & Anuradha, S. A. (2021). Ethical issues in digital space: A systematic literature review. Journal of Information, Communication and Ethics in Society, 19(2), 258–278.
Windley, P. J. (2005). Digital identity: Unmasking identity management architecture (IMA). O’Reilly Media, Inc.
World Bank Group, Digital Dividends. (2016). World development reports. Accessible at https://www.worldbank.org/en/publication/wdr2016
Zitter, A. J., Gstrein, O. J., & Yap, E. (2020). Digital identity and the blockchain: universal identity management and the concept of the “Self-Sovereign” individual. Frontiers in Blockchain, 3, 26.
Zuboff, S. (2019). The age of surveillance capitalism: The fight for a human future at the new frontier of power: Barack Obama’s books of 2019. Profile books.
Funding
This paper has received funding from the European Union’s Horizon 2020 Research and Innovation under the project IMPULSE – Identity management in public services, grant agreement No 101004459.
Author information
Authors and Affiliations
Contributions
All authors contributed to the study conception and design. Research on the relevant literature has been conducted by Federico Pierucci and Valeria Cesaroni. The first draft of the manuscript was written by Federico Pierucci and Valeria Cesaroni, and all authors commented on previous versions of the manuscript. All authors read and approved the final manuscript.
Corresponding author
Ethics declarations
Ethics Approval
Not applicable.
Consent to Participate
Both authors consent to the submission of this paper.
Competing Interests
The authors declare no competing interests.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Pierucci, F., Cesaroni, V. Data Subjectivation - Self-sovereign Identity and Digital Self-Determination. DISO 2, 21 (2023). https://doi.org/10.1007/s44206-023-00048-0
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s44206-023-00048-0