Decentralized identity and the path to digital privacy

This week the European Identity and Cloud Conference took place, where Joy Chik, Corporate Vice President, Microsoft Identity was talking. She was actually announcing some very interesting efforts around identity and privacy, mainly the work we do around decentralized identity.

If you read her blog post here, you will find a few very remarkable statement like

DevOps Connect:DevSecOps @ RSAC 2022

With identity as the control plane, we’ve made security solutions more sophisticated, which is a good thing for both organizations and individuals. But when it comes to privacy, the needs of individuals and organizations are still out of balance.

Point is, authenticating you and knowing who you are is not a contradiction to privacy. Having one identity you control might be the future.

That control begins with identity, because in your digital life, everything starts with you. Your identity is who you are. It’s everything you say, do, and experience in your everyday life. Identity can provide the same control plane for privacy that it has for security.

At Microsoft, we envision a world where technology facilitates respect for privacy. In this world, organizations no longer need to issue new identities. Instead, they embrace the digital identities that individuals bring with them. Each person’s digital identity belongs to them. They control it.

Even though some companies will not look at it that way, it has quite some benefits for them as well, as they can reduce the responsibility for the data they need:

Organizations, for their part, can decide to store information with individuals rather than storing it themselves. This allows them to collaborate with anyone, confident that the information exchanged can be trusted, while reducing their liability and improving compliance. The individual, in essence, becomes a data controller. This changes the relationship—
and the balance of power—
with organizations.

This sounds futuristic? Well, it is not. The underlying technology to make this happen is basically here and so is the industry support. We just released a first framework publicly. Just read Joy’s post.

In my opinion, this can become huge!

*** This is a Security Bloggers Network syndicated blog from Roger Halbheer on Security authored by Roger Halbheer. Read the original post at: