What are the implications if government decides to outsource the identity management of their citizens to the blockchain? What is our responsibility versus the role of the government?
Owning your own identity data using blockchain is more efficient, targeted and secure, but also requires you to be more responsible and to be protected by government against influences outside your control.
As the blockchain has already verified one’s identity there is no need for organizations to have their own identity check procedures – they simply ask the citizen for permission to access the blockchain based proof of identity. The citizen can be selective in which information to provide to whom for his own benefit. For example, he can customize his online shopping experience by sharing selective personal information (e.g. age, income, education) anonymously. Any further updates to one’s identity can be verified following specific rules governed by the blockchain (e.g. smart contracts for moving houses to update the citizen’s address).
Even though the data stored on the blockchain is more secure than in traditional identity management systems, a hack is not impossible (Buterin, 2017) and the citizen’s private keys to access the data can be lost or stolen. Even when the data is legally obtained, citizens are exposed to the risk that their privacy is not guaranteed by organizations who use the data. Apart from this, some amendments of the identity data still need to be verified outside the blockchain (e.g. when the citizen is born).
Therefore, the role of government in identity management remains important in order 1) to have a nation-wide backup plan in case of a major blockchain attack, 2) to ensure technologies are used to access the blockchain that minimize risk of loss or theft (e.g. using fingerprint), 3) to have privacy legislation in place for the use of blockchain data and 4) to check amendments to data that cannot be handled by smart contracts.