Digital Identity and Accountable Anonymity: Insights from Wes Kussmaul

As explored in a recent paper titled Personhood Credentials: Artificial Intelligence and the Value of Privacy-Preserving Tools to Distinguish Who is Real Online (https://arxiv.org/abs/2408.07892), it’s becoming increasingly apparent that the concept of relying parties extends beyond companies, institutions, and websites. The paper highlights the evolving need for privacy-preserving technologies to help authenticate individuals in a digital world where identity verification is crucial.

As we delve deeper into this concept of “asserting identity without disclosing it,” we turn to Wes Kussmaul, an authority on digital identity and privacy, who has explored these ideas extensively in his books Quiet Enjoyment and Escape The Plantation. Wes emphasizes that in our digital interactions, we all act as “relying parties,” depending on the identity claims of others in various contexts, whether personal, professional, or social. He underscores that while accountability is crucial for these interactions, protecting one’s anonymity is equally important.

This brings us to the central question: How do we assert our identity without disclosing our identity?

Wes points to an interesting analogy on the information highway—similar to how accountability was managed on the physical highway long ago. He explains,

“While this remains a challenge on the information highway—the internet—the same challenge was met and solved over a century ago on the physical highway. Think about your car’s license plate: it makes you accountable for what happens on public roadways, but no one gets to know your identity unless there’s been an incident. You can have as many cars on the road as your budget allows, each with a license plate that keeps your accountability and identity separate.

Your car’s license plate, paired with your undisclosed driver’s license number, provides what can be called Accountable Anonymity. That principle works even better on the information highway than on the physical highway, for two reasons:

  1. While physical license plate anonymity can be subverted by a phone call impersonating a police officer, the same accountable anonymity method, when implemented using a well-proven digital identity certificate, is not easily subverted.
  2. Unlike the cost of multiple cars with different license plates, you can create as many additional accountable anonymity digital identity certificates as you want, each representing a different pseudonym, at no charge.

The “certificate stack” works on the digital highway, much like a stable of cars works on the physical highway. At the bottom of the stack is your “foundational” identity certificate, which serves a purpose similar to that of your birth certificate. Typically, your birth certificate is only used as a breeder document to generate credentials like a driver’s license, passport, or employee ID—and is seldom used directly. Similarly, at the bottom of your certificate stack is your foundational certificate, which is used only to generate additional persona certificates whenever you want to participate in a new digital venue. Your persona certificate can contain nothing more than a certificate serial number and personal certification number (a type of public key), or it can also contain a pseudonym.

Now, the reader may be thinking that a license plate implies a centralized registry, i.e., centralized authority. And yes, centralized authority can indeed invite abuses of power. At the same time, as noted earlier, we are all relying parties. We all need a trusted source to attest to the identities of others we encounter online. That trust is essential in communities, dating sites, and even social networks, especially in an age where bots and troll farms skillfully form false beliefs and affiliations.

That necessity means governance. In the midst of all the talk about decentralization, the fact is that bitcoin is the only truly decentralized system supporting real value exchange. Other crypto worlds and networks that fly the decentralization flag depend upon a central source of governance, which determines, for example, the qualifications of those authorized to run a node on the system. As the prominent decentralization advocate Lawrence Lundy-Bryan notes, “There is no such thing as decentralized governance.

So, the challenge is to do authority right, avoiding the kinds of abuses that have made centralized authority synonymous with oppression.

Of the three approaches to the authority necessary for governance:

  1. Government
  2. Ignore the need for governance and facilitate fraud
  3. Participatory governance using:
    • Accountable anonymity digital identity certificates (persona or license plate certificates)
    • The Internet of People (IoP) protocol, where the identity certification authority keeps no identity information
    • Governance of the authority that is open to participation by anyone, provided they are accountable and actually participate in debate on an issue before they are allowed to vote on it (See https://optimocracy.org)
    • A certification authority that represents duly constituted public authority and cannot be bought and sold

The certification authority can also be used to implement professional licensing in the digital world—a method that has worked so well in the physical world that it tends to fly under the radar as everyone struggles with problems related to regulation. For an example of how professional licensing can solve problems in the digital world, consider how we might hold AI algorithms accountable.

When a human is deemed not capable of managing their own affairs, a court appoints a conservator who takes responsibility for the actions of their ward. Why should we not consider generative AI algorithms, capable of interacting as a human, as needing a conservator? The position of AI Conservator should be subject to professional licensing, and the output of the AI would be digitally signed by the professionally licensed AI Conservator.”

Reflecting on Wes Kussmaul’s insights, digital identity is clearly evolving beyond simple authentication. His concept of “accountable anonymity” highlights how digital certificates can protect privacy while maintaining online accountability. As digital interactions increasingly require identity verification, Wes’s ideas on governance and privacy-preserving tools point to a future where trust and security coexist with anonymity. This framework offers a balanced approach for a digitally interconnected world, where individual agency and secure interactions are equally essential.

By Esther Ibrahim