A few years ago, the idea that we might easily see who uses our personal data and decide how the data is used, seemed quite far-fetched. Today, it feels much more achievable and that is thanks to organizations like MyData Global.
At the MyData annual conference in Helsinki this autumn, we were reminded of just how far we have come. A key topic in the conference was the practice of MyData, and self-sovereign identity (SSI) was at its core. After taking in several talks on SSI, ranging from technical-oriented sessions on standardization to seeing SSI solutions in action, for me the message was clear: the way digital trust is formed is changing.
MyData presents a disruptive model for the personal data economy. It is all about human rights, transparency and making digital systems more human-centric; it is about turning individuals into the rulers of their own identity. However, for a long time, MyData has lacked actual tools to make it happen. What we saw conceptualized in whitepapers was actually really hard to do in practice.
With self-sovereign identity, however, we are getting closer to realizing the MyData vision. SSI is a distributed approach to MyData, where individuals (identity holders) are in the driver’s seat with respect to their own data. In the SSI model, the identity holder can retrieve information from data issuers as verifiable credentials, which can then be shared with the recipient (verifier). The recipient uses the decentralized identity network to verify and validate the received data. And all this without the issuer and verifier needing to know each other beforehand.
The SSI model is MyData in practice
By providing verifiability to personal data, self-sovereign identity brings new tools to the fight against fraud. When businesses start to accept verifiable data that is nearly impossible to fake, then all non-verifiable data (e.g. fraudulent data) is useless to the would-be attacker. This simple but very powerful change is the next step of personal data processing and identity management, and it will provide a huge boost in combatting what has become 20+ billion dollar fraud problem.
Verifiable data exchange is the next evolution of personal data processing
Self-sovereign identity will also be useful in more daily routines. For example, think about the Social Insurance Institution of Finland, known here as KELA. Finns used to fill in their personal information on paper forms, before digital forms were introduced to speed up the process. However, the forms still need to be filled and verified manually, keeping the total cost of the process high. Using the SSI model, KELA could receive most of the information online via verifiable credentials, without clients needing to input the data manually. It also enables automatic verification of the information, freeing up the time of customer service professionals to help clients.
Verifiable data exchange with self-sovereign identity is the next step in evolution of personal data processing.
Next step: Implementing self-sovereign identity in Finland
Self-sovereign identity has been in the works for the Finnish MyData ecosystem for a few years already. Here at Tieto we have tested its capabilities in multiple proof-of-concept projects – not just with with KELA but with a long list of other organizations, including finance groups like Nordea and OP to public organizations like Defence Forces and Finnish Olympic Committee. The result is that we are confident that self-sovereign identity is key to implementing MyData in practice.
It is now time for the next step. To take MyData forward, Tieto has teamed up with others to found a Finnish self-sovereign identity network named Findy that aims to solve the challenge of being able to trust information exchanged online. Findy stands for Finnish Indy network, a collaboratively governed and operated decentralized identity network. In addition to Tieto, the current list of founding members of the initiative includes Nordea Bank, OP Bank, Asiakastieto Group, Accenture, Nixu, Suomen Tilaajavastuu and KELA.
---
Want to know more about MyData?
MyData is a Nordic Model for human-centric processing of personal data. Its conception in the current form took place when the Finnish Ministry of Transportation and Communication funded a whitepaper on the human-centric handling of personal data back in 2014. That whitepaper, along with active people from organizations like Open Knowledge Finland, was the starting point for a movement that has now grown into MyData Global Organization, with over 500 individual and 75 organization members.
Read more in my previous blogs:
Control your data to create better future - learn from top athletes and defense forces