Digital identity on the blockchain: a cautious primer

Abstract

Over the decade since Bitcoin came into public consciousness with its first major bubble, scholars from a large variety of fields investigated this purportedly revolutionary technology and its impacts on society. However, it took some years before major legal efforts were undertaken beyond the academic realm, first in a regulatory approach and more recently when considering the legal and administrative applications of this technology. As some consider using it to handle digital identity, this chapter seeks to give legal scholars some grounding on blockchains, their advantages, use cases, and limits. To start with an intuitive definition, a blockchain is a distributed database. However, unlike some distributed databases where anyone can modify the content without maintaining a persistent history of modification (e.g., most of Wikipedia), blockchains have a temporal ordering of every modification. More importantly, they also ensure that all information in them respects a form of “validity” which prevents illegitimate edits and comes partially from a form of consensus. In this regard, Bitcoin was neither the first blockchain — that title goes to a notary blockchain published in the New York Times since 1995— nor the first electronic currency — which was invented by David Chaum in 1983. Bitcoin, however, was the first system to combine both ideas to have a widespread impact. We do not see this as a simple coincidence. Rather, inspired by Pablo Rauzy, we understand this as partially stemming from the fact that the tool had found its niche. Indeed, the blockchain can guarantee the validity of the information on it only insofar as the information concerns the blockchain itself. This is true for cryptocurrencies, where writing is performative in the sense that writing “person A owns 10 tokens” and having this information accepted by other actors makes it true. However, any other information — such as real estate ownership data — risks running into an oracle problem, whereby the veracity of the information depends on an external validator that makes the link between the blockchain and the material world. This would explain the struggle of many blockchain initiatives which were perceived as a “solution in search of a problem”. Thus, any proposal to use it should be critically analysed, especially when they are meant to augment or partially replace critical infrastructure, such as digital identity. This means not just looking at the necessary conditions that could make such uses legitimate but also keeping in mind the differences between an imagined ideal system and the reality once implemented, which might be comparable to the existing infrastructure. Indeed, any system used in the real world comes with its lot of bugs, inaccuracies, and vulnerabilities as well as ad hoc modifications due to political and legal considerations, all of which can break fundamental aspects. Although we aim to give definitions and general considerations on the question of using blockchains for digital identities, we should warn readers that many of our frameworks and examples are influenced by a civil law tradition, and more specifically a French one. We will also use multiple examples from blockchains not focused on digital identity as they have been more extensively studied. This chapter is structured as follows. We will first go over general considerations on the blockchain (definitions, assumptions, limits…). We will then analyse the specifics of using blockchains for digital identities and the corresponding constraints. Finally, we will discuss questions of ecological and social responsibility, as well as sociotechnical aspects which impact the large-scale deployment of such tools.

Publication
Preprint of a chapter of L’identité numérique en construction. Quels enjeux et quels modèles ? (eds. J. Eynard and G. Macilotti), Larcier Intersentia