{"id":89423,"date":"2019-05-15T06:00:30","date_gmt":"2019-05-15T13:00:30","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\/?p=89423"},"modified":"2023-05-15T23:00:21","modified_gmt":"2023-05-16T06:00:21","slug":"decentralized-identity-digital-privacy","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/05\/15\/decentralized-identity-digital-privacy\/","title":{"rendered":"Decentralized identity and the path to digital privacy"},"content":{"rendered":"

Security is the central challenge of the digital age. Our digital lives have moved into the cloud. People now use multiple devices to connect to multiple applications through many different networks. Just about everything is connected to the internet, where threats remain constant and evolving. In this distributed, heterogeneous environment, however, there\u2019s still only one \u201cyou.\u201d That\u2019s why identity is the best path to security.<\/p>\n

The identity technologies my team at Microsoft builds serve as the frontline of our enterprise-class security solutions. Whether it\u2019s a customer using biometrics to log in with Windows Hello<\/a>, or enterprises relying on us to deliver risk-based conditional access through Azure Active Directory<\/a>, identity is the front door to our customers\u2019 content and experiences.<\/p>\n

Identity can also be a key enabler to something that\u2019s as important to our customers as security\u2014privacy. With identity as the control plane, we\u2019ve made security solutions more sophisticated, which is a good thing for both organizations and individuals. But when it comes to privacy, the needs of individuals and organizations are still out of balance. This week, I\u2019m in Munich, Germany, at the European Identity and Cloud Conference to talk about how mechanisms like decentralized identity can help us address this imbalance.<\/p>\n

\"Joy<\/p>\n

Anyone who reads the news knows that many individuals feel organizations have way too much control over their personal information. Organizations are rightfully being asked to take more responsibility for protecting the information of their customers. Even the best security isn\u2019t enough, however, if we don\u2019t give people greater control and privacy as well.<\/p>\n

That control begins with identity, because in your digital life, everything starts with you. Your identity is who you are. It\u2019s everything you say, do, and experience in your everyday life. Identity can provide the same control plane for privacy that it has for security.<\/p>\n

At Microsoft, we envision a world where technology facilitates respect for privacy. In this world, organizations no longer need to issue new identities. Instead, they embrace the digital identities that individuals bring with them. Each person\u2019s digital identity belongs to them. They control it.<\/p>\n

In this world, organizations are more intentional about the type of data they collect, how much they collect, where it comes from, and where it is stored. They accept information from individuals that an independent authority has verified, like citizenship verified by a government agency or education level verified by a university. Using verifiable credentials or claims that are digital, individuals can prove who<\/em> they are, and they can exchange digital information, or what<\/em> they are, with each organization. In other words, individuals and organizations can establish a mutual trust relationship.<\/p>\n

Verifiable information is stored with the individual. The organization doesn\u2019t have to collect or protect this sensitive information\u2014less liability for them, and more control for the individual. When people control their own identity, they can set constraints and control their digital data, sharing only the information necessary to conduct business with organizations, and no more.<\/p>\n

Organizations, for their part, can decide to store information with individuals rather than storing it themselves. This allows them to collaborate with anyone, confident that the information exchanged can be trusted, while reducing their liability and improving compliance. The individual, in essence, becomes a data controller. This changes the relationship\u2014and the balance of power\u2014with organizations.<\/p>\n

We\u2019re already seeing industry support for this paradigm shift, spearheaded by the work the Decentralized Identity Foundation (DIF) is doing. Microsoft, along with other companies, is contributing open source code to DIF so developers can take advantage of decentralized identities. Soon, DIF will have everything necessary for individuals and organizations to start using them. We\u2019re working with the community to build support for decentralized identity into the Microsoft platform so we can enable innovation, and so we can bring individuals and organizations together for stronger security and<\/em> privacy.<\/p>\n

As part of our goal to empower everyone with a self-owned identity, we\u2019re contributing technologies to a system that can support all kinds of entities, including millions of organizations, billions of people, and trillions of devices. One example of this is our collaboration with members of DIF, notably ConsenSys and Transmute, to develop a blockchain-agnostic protocol for creating scalable DID networks, called Sidetree<\/a>.<\/p>\n

As part of that collaboration, earlier this week we announced an early preview<\/a> of a Sidetree-based DID network that runs atop the Bitcoin blockchain, called ION (Identity Overlay Network). ION is designed to deliver the scale required for a world of DIDs, while inheriting and preserving the attributes of decentralization present in the Bitcoin blockchain. As with previously announced efforts, we\u2019re sharing our work as early as possible, rough edges and all, to start a conversation with the community and encourage further collaboration.<\/p>\n

These examples are only the beginning of our efforts to champion digital privacy through identity. The privacy conversation requires constant engagement and collaboration. In addition to industry partners, we\u2019re calling on organizations everywhere to join us in this effort:<\/p>\n