Reflections on recent conversations about digital identity, sovereignty, and the erosion of foundational principles
Echoes from Geneva
I wasn’t present at the Global Digital Collaboration conference (GDC25), but the observations shared by colleagues who attended have crystallized some issues I’ve been wrestling with for years. I should note there’s a selection bias here: I’m the author of the 10 principles of self-sovereign identity, so my community tends to have strong opinions about digital identity. Still, when multiple trusted voices independently report similar concerns, patterns emerge that are worth examining. And these weren’t casual observers sharing these concerns. They were seasoned practitioners who’ve spent decades building identity infrastructure. Their collective unease speaks to something deeper than technical disagreements.
It’s hard to boil the problems at GDC25 down to a single issue, because they were so encompassing. For example, there was a pattern of scheduling issues that undercut the community co-organizing goal of the conference and seemed to particularly impact decentralized talks. One session ended up in a small, hot room on the top floor that was hard to find. (It was packed anyway!) Generally, the decentralized-centric talks were in bad locations, they were short, they had restricted topics, or they were shared with other panelists.
I think that logistical shuffling of events may point out one of the biggest issues: decentralized systems weren’t given much respect. This may be true genreally. There may be lip service to decentralized systems, but not deeper commitments. Its value isn’t appreciated, so we’re losing its principles. Worse, I see the intent of decentralization being inverted: where our goal is to give individuals independence and power by reducing the control of centralized entities, we’re often doing the opposite — still in the name of the decentralization.
The Echo Chamber Paradox
The problems at GDC25 remind me of Rebooting the Web of Trust (RWOT) community discussions I’ve been following, which reiterate that this is a larger issue. We debate the finer points of zero-knowledge proofs and DID conformance while missing the forest for the trees. Case in point: the recent emergence of “did:genuineid” — a centralized identifier system that fundamentally contradicts the “D” in DID.
Obviously, decentralization is a threat to those who currently hold power (whether they be governments, corporations, billionaires, or others who hold any sort of power), because it tries to remove their centralization (and therefore their power), to instead empower the individual. But if we can’t even maintain the semantic integrity of “decentralized” within our own technical community, devoted to the ideal, how can we fight for it in the larger world?
The Corpocratic Complication
GDC25 was held in Geneva, Switzerland. 30+ standards organizations convened to discuss the future of digital identity. Participants spanned the world from the United States to China. There was the oppotunity that GDC25 was going to be a truly international conference. Indeed, Swiss presenters were there, and they spoke of privacy, democratic involvement, and achieving public buy-in. It was exactly the themes that we as decentralized technologists wanted to hear.
But from what I’ve heard, things quickly degraded from that ideal. Take the United States. The sole representative of the country as a whole attended via teleconference. (He was the only presenter who did so!) His talk was all about Real ID, framed as a response to 9/11 and rooted in the Patriot Act. It lay somewhere between security-theatre and identity-as-surveillance, and that’s definitely not what we wanted to hear. (The contrast between the US and Swiss presentations was apparently jarring.)
And with that representative only attending remotely, the United State’s real representatives ended up being Google and Apple, each advancing their own corpocratic interests, not the interests of the people we try to empower with decentralized identities.
This isn’t just an American problem. It’s a symptom of a deeper issue happening across our digital infrastructure. It’s likely the heart of the inversions of decentralized goals that we’re seeing — and likely why those logistical reshufflings occurred: to please the gold sponsors. In fact, the conference sponsors tell the story: Google, Visa, Mastercard, and Huawei were positioned as “leading organizations supporting the advancement of wallets, credentials and trusted infrastructure in a manner of global collaboration.”
While Huawei’s presence demonstrates international diversity—a Swiss conference bringing together Europe and Asia—it also raised questions about whose vision of “trust” would ultimately prevail. When payment platforms and surveillance-capable tech giants frame the future of identity infrastructure, we shouldn’t be surprised when the architecture serves their interests first.
This echoes my concerns from “Has SSI Become Morally Bankrupt?”. We’ve allowed the narrative of self-sovereignty to be co-opted by the very platforms it was meant to challenge. The technical standards exist, but they’re being implemented in ways that invert their original purpose. Even UNECE sessions acknowledged the risk of “diluting the autonomy and decentralization that SSI is meant to provide.”
The Sovereignty Shell Game
Google was partnered with German Sparkasse on ZKP technology and that revealed a specific example of this co-opting.
Google’s open-sourcing of its Zero-Knowledge Proof libraries, announced July 3rd in partnership with Germany’s network of public savings banks, was positioned as supporting privacy in age verification. Yet as Carsten Stöcker pointed out, zero-knowledge doesn’t mean zero-tracking when the entire stack runs through platform intermediaries. Carsten noted that Google has “extensive tracking practices across mobile devices, web platforms and advertising infrastructure.” Meanwhile, the Google Play API makes no promises that the operations are protected from the rest of the OS.
The Google ZKP libraries (“longfellow-sk”) could be a great building block for truly user-centric systems, as they link Zero-Knowledge Proofs to legacy cryptographic signature systems that are still mandatory for some hardware. But they’d have to be detached from the rest of Google’s technology stack. Without that, there are too many questions. Could Google access some of the knowledge supposedly protected by ZKPs? Could they link it to other data? We have no idea.
The European Union’s eIDAS Regulation, set to take effect in 2026, encourages Member States to integrate privacy-enhancing technologies like ZKP into the European Digital Identity Wallet, but integration at the platform level offers similar dangers and could again invert the very privacy guarantees ZKP promises.
Historical Echoes, Modern Inversions
Identity technology’s goals being inverted, so that identity becomes a threat rather than a boon, isn’t a new problem. In “Echoes of History”, I examined how the contrasting approaches of Lentz and Carmille during WWII demonstrate the life-or-death importance of data minimization. Lentz’s comprehensive Dutch identity system enabled the Holocaust’s efficiency; Carmille’s deliberate exclusion of religious data from French records saved lives. Even when they’re decentralized, today’s digital identity systems face the same fundamental questions: what data should we collect, what should we reveal, and what should we refuse to record entirely?
But we’re adding a new layer of complexity. Not only must we consider what data to collect, but who controls the infrastructure that processes it. When Google partners with Sparkasse on “privacy-preserving” age verification, when eIDAS mandates integration at the operating system level, we’re not just risking data collection: we’re embedding it within platforms whose business models depend on surveillance. Even if the data is theoretically self-sovereign, the threat of data collected is still data revealed — just as happened with Lentz’s records.
The European eIDAS framework, which I analyzed in a follow-up piece to “Echoes from History”, shows how even well-intentioned regulatory efforts can accelerate platform capture when they mandate integration at the operating system level. As I wrote at the time, a history of problematic EU legislation that had the best of intentions but resulted in unintended consequences has laid the groundwork, and now identity is straight in that crosshairs. One of the first, and most obvious problems with eIDAS is the mandate “that web browers accept security certificates from individual member states and the EU can refuse to revoke them even if they’re dangerous.” There are many more — and I’m not the only voice on eIDAS and EUDI issues.
Supposedly self-sovereign certificates phoning home whenever they’re accessed is another recent threat that demonstrates best intentions gone awry. This not only violates privacy, but it undercuts some of our best arguments for self-soveereign control of credentials by returning liability for data leaks to the issuer. The No Phone Home initiative that Blockchain Commons joined last month represents one attempt to push back on that, but it feels like plugging holes in a dam that’s already cracking. It all does.
The Builder’s Dilemma
What troubles me most is the split I see in our community. On one side, technology purists build increasingly sophisticated protocols in isolation from policy reality. On the other, pragmatists make compromise after compromise until nothing remains of the original vision.
The recent debates about did:web conformance illustrate this perfectly. Joe Andrieu correctly notes that did:web can’t distinguish between deactivation and non-existence — a fundamental security boundary. Yet did:web remains essential to many implementation strategies because it bridges the gap between ideals and adoption. It provides developers and users with experience with DIDs, but in doing so undercut decentralized ideals for those users. We’re caught between philosophical purity and practical irrelevance.
In my recent writings on Values in Design and the Right to Transact, I’ve tried to articulate what we’re fighting for. But values without implementation are just philosophy, and implementation without values is just surrender.
The Global Digital Collaboration highlighted this tension perfectly. International progress on digital identity proceeds apace: Europe, Singapore, and China all advance their frameworks, but there are still essential issues that invert our fundamental goals in designing self-sovereign systems. Meanwhile, the U.S. remains even more stalled, its position represented only by the platforms that benefit from the status quo. Alongside this, technical standards discussions proceed in isolation from the policy, regulatory, and social frameworks that will determine their real-world impact.
Where Do We Go From Here?
I find myself returning to first principles. When we designed TLS 1.0, we understood that technical protocols encode power relationships. When we established the principles of self-sovereign identity, we knew that architecture was politics. Ongoing battles, such as those between Verifiable Credentials and ISO mDLs, between DIDComm and OpenID4VC, demonstrate disagreements over these power relationships made visible in technological discussions.
The question now is whether we can reclaim our ideals before they’re completely inverted by the side of centralized power and controlled architecture.
The path forward requires bridging the gaps Geneva revealed:
- Between corporate platform dominance and global digital sovereignty
- Between the promise of decentralization and the reality of recentralization
- Between technical standards and policy reality
- Between privacy absolutism and implementation pragmatism
A Personal Note
After three decades of building internet infrastructure, I’ve learned that the most dangerous moment isn’t when systems fail, it’s when they succeed in ways that invert their purpose. We built protocols for human autonomy and watched them become instruments of platform control. We created standards for decentralization and see them twisted into new forms of centralization.
This conversation continues in private Signal groups, in conference hallways, in the space between what we built and what we’ve become. The Atlantic Council warns of power centralizing “in ways that threaten the open and bottom-up governance traditions of the internet.” When critics from across the geopolitical spectrum — from sovereignty advocates to digital rights groups — all sense something amiss, it suggests a fundamental architectural problem that transcends ideology.
Perhaps it’s time for a new architecture: one that acknowledges these inversions and builds resistance into its very foundations.
But that’s a longer conversation for another day.
Christopher Allen has been architecting trust systems for over 30 years, from co-authoring TLS to establishing self-sovereign identity principles. He currently works on alternative approaches to digital identity through Blockchain Commons.