The tech company that maintains the hotel check-in system set its cloud storage to public, allowing anyone to access customers' data without a password.
Eu is working on a digital wallet that would (among other things) help with this.
Afaik It has a tiered information/identity structure, where the lowest level is: “is this a human being” (as an alternative to captcha)
Then you could have age. (Just “is this person above %age”) Response would be just yes/no
Then spesific age, nationality etc etc.
You get the prompt, where it says what data they are asking for and you can concent or decline.
The source of authority would be the nation you are a citizen of, the origin of data would be obscured through EU proxies, and data would only be transferred if you approve the transaction from your app.
It’s a pretty big and ambitious project and could eventually lead to a lot easier transfer of sensitive data, where you are in control of who gets what and less need to store local copies of sensitive data. (An example usecase is for instance confirming a prescription to a drug for a pharmacy while traveling abroad).
Biggest risk as i see is people confirming data request without scrutiny. There needs to be mechanisms to aggressively revoke the ability to ask for data if abused. And I would assume the requirements to what org can ask for high tier data are really strict.
Sovereign identity and Solid are the way. But governments will have to play a role in large scale implementation.
For some reason people seem to trust commercial organizations with misaligned incentives over governmental bodies.
To be fair, some people have less reason to trust their government with their data, then others.
There are varying degrees of trust in authorities in the world.
For nations with high confidence and trust in the authorities, this feels like a no-brainer.
Agreed. Although confidence and trust sometimes misalign with actual actions and results.
Eu is working on a digital wallet that would (among other things) help with this.
Afaik It has a tiered information/identity structure, where the lowest level is: “is this a human being” (as an alternative to captcha)
Then you could have age. (Just “is this person above %age”) Response would be just yes/no
Then spesific age, nationality etc etc.
You get the prompt, where it says what data they are asking for and you can concent or decline.
The source of authority would be the nation you are a citizen of, the origin of data would be obscured through EU proxies, and data would only be transferred if you approve the transaction from your app.
It’s a pretty big and ambitious project and could eventually lead to a lot easier transfer of sensitive data, where you are in control of who gets what and less need to store local copies of sensitive data. (An example usecase is for instance confirming a prescription to a drug for a pharmacy while traveling abroad).
Biggest risk as i see is people confirming data request without scrutiny. There needs to be mechanisms to aggressively revoke the ability to ask for data if abused. And I would assume the requirements to what org can ask for high tier data are really strict.
Going to be interesting to see what comes of it.
Governments have a monopoly on legal violence.