The Identity Question
How digital identifiers are reshaping personhood, legitimacy, and power
The Invisible Contract of Identity
Every society depends on a simple fiction: that the name on a document is the same as the person before you. From passports to payrolls, identity is the connective tissue of civilization — it ties rights to recognition, duties to proof, existence to acknowledgement.
Yet this fiction is fraying. In the digital realm, people are represented not once but endlessly: usernames, cookies, wallet addresses, biometric hashes, behavioural profiles. The self has become a constellation scattered across corporate servers.
And as identity fragments, so does accountability. Who owns the digital version of you? Who decides which of your “selves” is real enough to transact, vote, or speak?
The question of digital trust ultimately reduces to this: What is a person in a machine-verifiable world?
From Paper to Protocol
The 20th-century identity model was institutional. States issued birth certificates; universities granted degrees; banks verified signatures. Each credential was static, physical, and anchored in bureaucratic time.
The internet broke this chain of custody. Digital identity became federated — “log in with Google” replaced proof of personhood. The result: efficiency without sovereignty.
We moved from trusted authorities to trusting platforms. Identity ceased to be a right and became a service.
Enter the new architecture: decentralized digital identity (DID). The idea is deceptively simple — every entity (person, device, organization) should control identifiers that are cryptographically verifiable yet not owned by any central intermediary. The W3C DID Core Standard and Verifiable Credentials Data Model 2.0 formalize this shift.
What used to require institutional endorsement can now be proven mathematically — sovereignty by key-pair.
The First Person Project and the Return of Agency
The First Person Project described in Platformocracy’s essay “The First Person Project Could Be the Future of Online Identity” (2025), reframes identity as an act of authorship.
It proposes that digital identity should emerge from the individual outward — not from the state downward or the platform inward. Its white paper envisions self-sovereign identifiers bound to personal data vaults where users define disclosure policies and provenance logs.
In other words: identity as a verb, not a noun. You perform identity through cryptographic assertion and selective transparency. It’s a radical re-centering of the self in the digital social contract — one aligned with ToIP’s Layer Two Governance Stack that encodes accountability and ethics as metadata, not afterthought.
Multiplicity and the Right to Partial Selves
Traditional systems crave singularity: one ID = one person. But human beings are multitudes. We play different roles — employee, parent, activist, citizen — and context defines which truths matter.
Digital identifiers, if well designed, can embrace this plurality through contextual disclosure and unlinkability. Selective-disclosure credentials (using zero-knowledge proofs and cryptographic blinding) allow users to prove facts without revealing identities — e.g., “I’m over 18” rather than “I am Sankarshan M”.
This principle — minimal disclosure for maximum assurance — underpins the privacy models in India’s DEPA, EU eIDAS 2.0, and Open Wallet Foundation standards.
The outcome is subtle but transformative: trust migrates from identity to behavioural integrity. You become trustworthy not because a database says so, but because your proofs persistently verify across contexts.
Identity as Infrastructure
In the emerging “digital public infrastructure” paradigm, identity is not an app — it’s a public utility. The Digital Public Goods Alliance (DPGA) defines digital identity as a foundational layer of the SDG agenda, on par with water or electricity. This framing carries moral weight: identity must be inclusive, portable, and open. Interoperability isn’t technical generosity; it’s a civil-rights obligation.
Consider how UN/CEFACT’s Global Trust Registry (GTR) complements this by cataloguing who can issue credentials under which governance. It transforms identity from private property into shared legitimacy — a registry of registries.
The Economic Logic of Trustworthy Identity
Identity has always been currency. Credit histories, KYC records, professional certifications — all are instruments of economic access.
In a verified-data economy, identity becomes programmable collateral. A freelancer’s work proofs, an SME’s compliance credentials, or a student’s micro-degrees can be composed into reputation graphs, enabling instant credit and cross-border employability.
The World Bank’s GovTech Index (2024) links verified identity adoption with a 15 % increase in service-delivery efficiency and measurable GDP gains.
When identity is verifiable, opportunity compounds. But when verification becomes exclusionary — through algorithmic bias, inaccessible standards, or surveillance — it compounds inequality.
The future of identity, therefore, is not about technology but equitable design.
The Privacy Paradox
Verification requires visibility; privacy demands invisibility. Reconciling them is the philosophical puzzle of digital civilization.
Current solutions — zero-knowledge proofs, decentralized data vaults, revocable credentials — mitigate risk but not motive. The deeper issue is governance: who decides what must be verifiable? Shoshana Zuboff’s Surveillance Capitalism warns that when verification is monetized, identity becomes extractive. Luciano Floridi’s Ethics of Information offers the counter-principle: data must serve as an extension of human dignity, not an instrument of control.
Hence the need for verifiable consent — consent that is itself a cryptographic, time-bound artefact, auditable by all parties. Projects like India’s DEPA and Solid exemplify this shift from terms-of-service to proof-of-will.
Governance by Design
Identity systems cannot rely on goodwill; they need governance metadata. The Trust Over IP Foundation introduces the idea of governance credentials: machine-readable charters that describe rules, oversight, and dispute processes. This enables what the Human Colossus Foundation calls consensual veracity — data that is true and legitimate.
When governance metadata travels with the credential, verifiability extends to ethics. For example, an employment credential can include the issuing firm’s labour-compliance proofs; a health certificate can reference its regulatory authority’s active licence in the GTR.
Identity thus evolves from a static label into a living trust relationship.
Polycentric Legitimacy
Elinor Ostrom’s concept of polycentric governance offers a model for global identity coordination. Instead of one root authority, multiple overlapping nodes (states, industries, communities) govern shared resources through transparent rules and local autonomy.
Applied digitally, polycentric identity means each jurisdiction maintains its own registry but adheres to common interoperability protocols. The DeDi Project (Decentralised Directories) demonstrates this: national or sectoral directories publish verifiable governance credentials discoverable through GTR.
Polycentricity prevents both monopoly and chaos — a web of mutual accountability.
Cultural Identity in a Machine Age
Identity is more than authorization; it is storytelling. When narratives become data, culture risks compression - who curates the semantics of ethnicity, gender, or belief in digital schemas?
The Human Colossus Foundation’s Dynamic Data Economy (DDE) offers an answer: model semantics as shared meaning, not fixed taxonomy. Communities co-create vocabularies, maintaining interpretive control over how their truths are encoded.
This transforms digital identity from colonization to collaboration — a semantic commons where culture can evolve without being flattened into checkboxes.
The Ethics of Immutability
Blockchain evangelists celebrate immutability as virtue, but identity demands amnesia with precision. Humans change; ledgers do not.
A verifiable system must allow revocation, expiry, contextual retirement — proof without permanence. The EU’s Right to Be Forgotten and NIST’s Data Lifecycle Controls (2023) both stress controlled mutability as a trust feature, not a flaw.
Technically, this is achieved through status registries, time-stamped revocation lists, and short-lived cryptographic keys — governance through ephemerality.
Identity and AI: The Coming Convergence
Artificial-intelligence agents are acquiring credentials — model cards, API keys, safety attestations. They will transact, sign, and even represent humans. This creates a new ontological layer: machine personhood.
Without verifiable human anchors, AI agents could manipulate or impersonate identities at planetary scale. ToIP’s Human-in-the-Loop Principle and HCF’s semantic anchors both insist that all machine agents must trace to accountable human governance credentials.
The future of digital trust, then, is not man vs machine but shared verifiability across ontologies — biological, institutional, and algorithmic.
Example — Ukraine’s Diia Platform
Ukraine’s Diia app integrates government services, IDs, and digital signatures for millions. During wartime, it enabled remote administration, benefits distribution, and even citizen reporting. However, it also highlights the trade-off between resilience and surveillance. Critics warn of centralised data risk; proponents see civic empowerment.
The lesson: digital identity is national infrastructure — its design encodes political philosophy. An open, federated model could make Diia a prototype for “sovereign interoperability” — a concept now explored by the World Bank Digital GovTech program.
Example — The First Person Commons
Building on the First Person Project, several startups are piloting personhood registries anchored in self-issued credentials. Instead of state ID, individuals register public-key fingerprints in distributed directories, later linking verified attributes (education, work, citizenship). The model mirrors the Human Colossus Foundation’s notion of self-verifiable objects. Each person becomes a data custodian, not a data subject.
Such systems, if backed by global standards and ethical governance, could redefine what “identity” means for refugees, gig-workers, and unbanked populations — those excluded by traditional paperwork yet rich in lived legitimacy.
The Moral Frontier: Identity as Care
Hannah Arendt observed that human dignity lies in the ability “to begin anew.” Digital identity must preserve that freedom — the right to reinvent oneself without institutional amnesia or permanent surveillance. Hence, future identity systems must support:
Temporal renewal: proofs that expire gracefully.
Contextual freedom: multiple coexisting personas.
Relational trust: reputation earned through consentful interactions.
The Human Colossus Foundation’s semantic layer, the UN/CEFACT GTR, and DeDi networks together provide the scaffolding for this humane infrastructure — one where verification coexists with forgiveness.
The Next Decade of Personhood
By 2035, every credible transaction — financial, social, ecological — will hinge on verifiable identity. But legitimacy will not depend on who controls the infrastructure; it will depend on how it is governed.
Three trends are converging:
Polycentric registries — federation without centralization.
Verifiable governance — every rule as machine-readable charter.
Semantic commons — shared meaning as public infrastructure.
Together, they outline a possible future where identity is no longer a weapon or a commodity, but a shared language of truth.
Identity is no longer paperwork; it’s infrastructure. And infrastructure, once invisible, defines everything that flows through it. If the 20th century built institutions to prove we exist, the 21st must build systems that prove we belong — not to databases, but to one another.
References & Further Reading
The First Person Project White Paper (2025) – firstpersonproject.org
Platformocracy – Explainer 3: The First Person Project – platformocracy.com/p/explainer-3-the-first-person-project-could-be-the-future-of-online-identity
W3C DID Core v1.0 – w3.org/TR/did-core
W3C Verifiable Credentials Data Model 2.0 – w3.org/TR/vc-data-model-2.0
Trust Over IP Foundation – Governance Frameworks – trustoverip.org
Human Colossus Foundation – Dynamic Data Economy v1.0 – humancolossus.foundation
UN/CEFACT Global Trust Registry – sites.google.com/sezoo.digital/globaltrustregistry
DeDi Project – Decentralised Directories – dedi.global
Digital Public Goods Alliance (DPGA) – digitalpublicgoods.net
World Bank GovTech Maturity Index (2024) – worldbank.org
Luciano Floridi – The Ethics of Information (2013)
Hannah Arendt – The Human Condition (1958)
Shoshana Zuboff – The Age of Surveillance Capitalism (2019)
Elinor Ostrom – Governing the Commons (1990)