“This above all: to thine own self be true,
And it must follow, as the night the day,
Thou canst not then be false to any man”
Hamlet (Act I, Sc. III 78-82)
November 1989 I was living in London, the heady final days of the 80s preceding the recessionary storm. Together Reagan and Gorbachev were generating the warmth that helped end the cold war. I remember flicking on the TV (no on-demand service) breaking news …….the Berlin Wall was coming down!
Stark contrast to the times we find ourselves in now. Walls were coming down, not going up. The world was attempting to unite, and that’s exactly how I remember feeling as I watched each graffiti covered brick hurled to the ground.
At the time I’d never been to Germany, nor did I know anyone living in Berlin. Regardless I felt deeply connected to the experience. I remember the rush of adrenalin as I witnessed exuberant strangers dangling from the wall.
What is this aspect of the human condition that makes us feel connected and touched by the joy of strangers?
What makes us celebrate the freedom of people we will never meet, whose lives we will never know?
I think one of the reasons the prodigal son story resonates, is because deep inside there is some part of us that wants to be welcomed with open arms, no matter what. Try friendship or marriage without forgiveness. Try coaching without empathy. Try running society on a binary system.
It’s why the simply statement “I’m sorry” takes a DEFCON 10 argument to a loving embrace.
Think about the great works of Shakespeare, his ability to tell stories that translate across cultures and time, universally describing the human condition; charting both the beauty and pain of our existence. It’s why Shakespeare resonates deeply and seems familiar despite the centuries that span the pen and experiencing his work in our modern era.
It is all there…love, intrigue, murder, kings, tax and bankers. He brings to life all the mystery, choices, personas and mistakes mankind has made along the way.
Now think about a blockchain, permanent…fixed and immutable, designed to oppose vulnerability and uncertainty, designed for absolute transparency. This is exactly what makes a blockchain great for things, transactions about things, records of things, agreements between things.
But whilst blockchain is great for records of events, it is not (currently) designed for empathy or forgiveness, so when it comes to people and identity, we need to think very carefully about how we apply immutability.
The world is grey.
Sure, there are some golden laws that guide how best a society functions. Maybe the mantra ‘do to others as you would have them do to you’ is a good place to start. And, yes…there are some brutal and despicable things that fit squarely in the ‘just wrong’ side of the ledger.
But….right now…..as we leave the post industrial world and lean into this knowledge and technology revolution, it would be wise to think twice before we leap onto solutions that may not allow us to engineer our way back.
We’re in transition.
Some things are still analogue.
The world of micro-payments and smart contracts and if-this-then-that-rules are starting to transform society in ways that have only been up till now…in our imagination.
Automated Bills of lading, supply chain management, optimised delivery locations, ideal time to purchase and records of process, provenance and completions all stand to be revolutionised by distributed systems and the promise of blockchain technology.
The world of things, and the record of things doing things with things for things will benefit greatly from the audit trail, immutability and non-repudiation.
It’s a blockchain nirvana.
But do those systems really understand intent…..the spirit of the law, conceptual frameworks, values, codes of conduct……ethics?
Are they mature enough to remove the training wheels without the safety net of the physical world?
Reflecting on the year just passed (2016), we witnessed some amazing innovation, a significant increase in the number of financial institutions experimenting with blockchain and some maturing technology.
The rise of smart provenance solutions like Everledger demonstrate the great benefits of recording and tracing the life of valuable assets. The benefits to insurers, Interpol, manufacturers and owners are clear. The potential for reduction in fraud and lowering insurance costs are some of the benefits as these types of services scale and mature.
However, it’s equally heart breaking to have witnessed the launch of the first Distributed Autonomous Organisation (DAO). It launched and raised $150M before a critical vulnerability changed everything.
How could this happen when the values and code of conduct was so clearly articulated?
We, as a DAO, ascribe to the following values:
- Voluntary participation
- Privacy and the right to anonymity
Unfortunately a private, anonymous ‘person/s’ was not transparent, and voluntarily decided to exclude all other participants from his/her/their democratic decision to use vulnerable code and drain $50M+ from the fund.
So what about the Code of Conduct?
We at the DAO, both as a whole and as individual members, will adhere to the following code of conduct:
- We will not seek profits through means contradictory to our stated values or the categorical imperative.
- We shall respect free speech and encourage all opinions to be both voiced and heard freely, without persecution.
- We will strive toward decentralization and autonomy whenever and wherever it is reasonably possible and beneficial.
- I’m guessing the person/s that decided to help themselves didn’t actually buy into those lines of Code?
History tells us that when it comes to something like the DAO gaming is in our DNA. Eventually society self regulates with rules of law. The aim being to protect the many from the few.
Trouble is, there are no clear laws to govern this stuff yet. We have thousands of years of laws and codes that have evolved to govern the physical world, real people, real organisations, but for this emerging world – legally we are still babes in the woods.
Just after the DAO hack I caught up with Mike Halsall from Singularity University, he shared these thoughts;
Decentralised Autonomous Organisations are the antithesis of the multi generally derived spaghetti of legal structures underpinned by States. This spaghetti tends toward centralisation to control, and generates employment to monetise. DAOs provide neither, yet they significantly increase societal utility, hence we are facing a complete rewrite of how society, money and utility operate
Sadly it wasn’t a small learn as you go experiment. It was a $150M all chips in play.
No prototyping or simulation….straight to production, reminding me of one of my favourite memes.
The community stepped in to resolve things through a bailout and recommendation to hard-fork the code, which is exactly the opposite of what is supposed to be possible in an autonomous organisation.
Whilst the proposed solution is in line with the ‘intent’ of the DAO, it had the community divided over whether or not it was right for ‘humans’ to intervene.
One of the voices against this action was Charles Hoskinson, former CEO of Ethereum. His comments spoke to the key issues with designing and deploying these new financial instruments.
Unfortunately, these ideas are encapsulated with thousands of booby traps, cobras, and other terrible things,” Why? Because they involve people. Algorithms are really dumb, and people are really smart. If a human designs an algorithm, then there’s going to be a human that’s really good at designing a way out of that algorithm to steal funds
That’s exactly what happened with The DAO.
During the crisis Ethereum’s (co-creator and inventor) Vitalik Buterin, stepped in with the ‘Wisdom of Solomon’ and suggested everyone just cool down and buy some time to think through the options. He suggested a soft-fork of the code until consensus could be reached on how best the vulnerability could be resolved.
During the cooling period he published a Medium post on Why Cryptoeconomics and X-Risk Researchers Should Listen to Each Other More. Vitalik concludes his article with;
The crypto ecosystem is shaping up to be a live experiment comprising many challenges at the forefront of software development, computer science, game theory and philosophy, and the results, regardless of whether they make it into mainstream social applications in their present form or after several iterations that involve substantial changes to the core concepts, are welcome for anyone to learn from and see
For the record, I remain completely divided about the hard fork. ‘If’ this was the analogue world and you could prove that someone defrauded a fund, then the law would support a process of resolution that ‘might’ include reparation. It wasn’t simply about the vulnerability of the code, if it was that, then maybe it should have been left alone to play out with the resulting losses. The real breach was the clear abuse of the values and code of conduct. Whoever took the funds, first and foremost agreed to the code of conduct and then wasn’t good for their word.
Shakespeare in action, ergo….the hard fork became the anti-body to back the house. The irony in this is exactly what makes this an ethical, technical and legal conundrum. Whom ever benefited first broke the values code, after that it was just plain theft.
Regardless, if you don’t test first, and put so much at risk, and assert the benefits of autonomy, then there’s a good argument for live by the sword and die by the sword.
It’s not autonomous if it requires governance and oversight. Which, for now….we really need.
We still have training wheels on……life is grey……people change…..shit happens…we make mistakes…..we learn…..we make new mistakes…..we learn more, and thankfully someone turns all the pain and joy into some type of cultural mythology that we collectively use to help understand ourselves and each other.
It’s because humanity isn’t binary.
We are oceans of paradox.
We are context specific creatures.
If the DAO showed us what can happen with money, just imagine what can happen with people in our current political climate.
Through 2016 I spent most of the year on the road speaking at identity, privacy, security and new business model events around the globe.
The events invariably bring together the world’s leading security specialists and identerati to showcase and share emerging technology, along with discussing the threats and opportunities of our hyper connected world. At these events I often presented on the emerging Me2B economy addressing the challenges of:
Identity + Privacy + Personal data
Increasingly blockchain entered the discussions. Despite all the arguments and some well-crafted ideas, I still can’t fathom the concept of using a technology that’s designed for transparency and immutability to record and publish the very things you want to be private, context and time specific.
As we move to the connected world of IoT, wearables, smart cars, homes and workplaces, we need to engineer elegant, privacy preserving identity management like never before.
All of these conversations circle me back to the Seven Laws of Identity. Around 2005 Kim Cameron (Microsoft’s Chief Architect of Identity) developed the Seven Laws of Identity. These represent a body of work across identity that prove the 10,000 hours theory. Kim’s prescient work was crafted over a decade ago, and yet even more critically important today. His paper lays out the following foundation for crafting the optimal environment for our digital selves:
(1) User Control and Consent
Digital identity systems must only reveal information identifying a user with the user’s consent.
(2) Limited Disclosure for Limited Use
The solution, which discloses the least identifying information and best limits its use, is the most stable, long-term solution.
(3) The Law of Fewest Parties
Digital identity systems must limit disclosure of identifying information to parties having a necessary and justifiable place in a given identity relationship.
(4) Directed Identity
A universal identity metasystem must support both “omnidirectional” identifiers for use by public entities and “unidirectional” identifiers for private entities, thus facilitating discovery while preventing unnecessary release of correlation handles.
(5) Pluralism of Operators and Technologies
A universal identity metasystem must channel and enable the interworking of multiple identity technologies run by multiple identity providers.
(6) Human Integration
A unifying identity metasystem must define the human user as a component integrated through protected and unambiguous human-machine communications.
(7) Consistent Experience Across Contexts
A unifying identity metasystem must provide a simple consistent experience while enabling separation of contexts through multiple operators and technologies.
Why is it so important? It’s important because our identities shape shift according to what we are doing and whom we are doing it with, for how long and when. We are different a different ‘me’ according to context, and to maintain autonomy we must continue to separate these different versions of ‘me’.
“We’re in the process of changing how we define what the human identity is” – John C Havens
This is one of my favourite quotes from John’s most recent book (Heartificial Intelligence; Embracing our Humanity to Maximize Machines), it reminds us that identity is in a critical state of evolution.
If on the internet no one knows you’re a dog, how you do you know me is me?
More importantly, how can you trust ‘I-am-me’ when it counts, without making ‘me-give-up-me’ for all time?
First up, we need to be able to easily determine when privacy is essential, versus the context that supports transparency and doesn’t violate trust.
On one of my trips home last year, I caught up with a friend. Over dinner we where chatting about how our friendship started and why, despite the fact that we only see each other once or twice a year, time never seems to pass. As I put myself in his place, it struck me that ‘his’ experience of ‘me’ – the identity he experiences me to be is unique to him. There isn’t another human being that experiences me in exactly the same way, and vice versa.
Through that connection my ‘identity’ to him is unique. My age, date of birth, gender, address, preferences, dislikes, bank balance, credit rating and favourites shoes remain constant….but none of that is ‘who’ I am in the context of our friendship.
We are context specific creatures.
We must have the mechanisms to maintain control over our context as a way to share more about me, without giving me away.
For the ID2020 Summit in May 2016, I co-authored a paper (‘Immutable Me’) on identity and blockchain together with the very talented George Samman. The paper was intended to start a discussion towards the ideal conditions for privacy and the (possible) use of blockchain technology for identity.
In the paper we set out the value of proving that a reliable record exists and recording the record of the record of the reliability; the location without the map, the safety deposit box without the combination.
In the following month, Steve Pannifer from Consult Hyperion did a stellar job of challenging the audience to also think carefully about the marriage of identity and blockchain, at CIS2016 in New Orleans. In his presentation, Steve started out by describing the key characteristics of a shared ledger.
- Many writers
- Immutable history
- Degree of transparency
- Limited trust
- Transactional nature
He then challenged the audience to think about identity. What possible harm might come if our personal details, credit history, employment records, marital status, sexual preference, political party and health was subject to ALL these characteristics?
Don’t we need to think twice before we make it all open and discoverable?
Around the same time Dave Birch, Director of Hyperion Consult gave this great presentation at the Dutch Blockchain Conference (#dbc16). In this talk Dave unpacks further the possibilities and challenges of Identity and Blockchain, with a strong focus on a need for pseudonymity.
Don’t get me wrong….there are some amazing things happening in the blockchain world right now. But we have to stop thinking everything is a nail, just because we have a hammer.
Part of what inspires me about blockchain are the discussions it forces around transparency, distributed systems, trust and lowering the cost of transactions. I love that at the time of writing this post Bitcoin was trading over USD$1,000 that’s an amazing Pretty Woman moment to anyone that said it wouldn’t inch past USD$1.
However when it comes to privacy, there is another quote from John C Havens that sums up beautifully the challenge.
“PRIVACY ISN’T DEAD, IT’S JUST BEEN MISMANAGED.
The evolving regulatory environment in Europe, including the General Data Protection Regulation (GDPR), will begin to force the way we design for privacy. In thinking about access rights and social lives that are searchable how do we;
- Ensure the stupid things we do in our youth don’t follow us around, indelibly inked on our digital skin
- Allow for people to learn, grow and evolve
- Make sure the competency of the now to overrides the failures of our past.
We need to know that we have designed systems that can provide digital forgiveness to mirror the way the best of us are wired.
We must find ways for us to be trusted and discovered, without losing autonomy through surveillance.
Shakespeare teaches us about ethics and morals. His writing describes the ways in which we wrestle with the human condition; greed, politics, family, statehood, love, death, war and accounting. It’s all there.
As we advance towards putting the world on blockchain and powering it with AI, we need to be thinking about two types of code before committing to Github….we need the ethics repository along with the hard code that is shaping how our immutable, AI world.
If we don’t, we will find a world where every relationship with our bank, insurance company, thermostat, FitBit, along with the blockchain applications they enable will result in being sold out to a universal “et tu brute”.
The header picture is part of the Berlin Wall, I snapped the picture on an iPhone 6 on the 21 August 2015…..it was the “Love” that jumped out.
As always when writing there’s a soundtrack in my head. This post was written over a months, mostly on flights, listening to lots of different things, but the track I couldn’t get out of my head towards finishing the post was Rag’n’Bone Man’s Human. Firstly, it’s a great reminder that we are human, and our humanity needs to be cherished.
Also because the track was featured in a story about MrErbil, a Gentlemen’s Club (no not that kind) in Erbil, Iraqi Kurdistan. The story about these young men reminded me that we are all so much more similar than different, they’re building a positive vision of a future, despite being kilometres away from war and horror – their story really touched me, and reminded me of my humanity. As always enjoy, KD 🙂