我們無法掌控自己的個人身份信息，這是一個問題。一直以來，通過谷歌可以搜索到一個人的生日和家庭住址，現在訪問這個黑網還可以找到許多依舊珍貴的信息，如社會保障號碼，銀行賬戶，醫保詳情以及令犯罪分子垂涎不已的一切數據。

之所以會出現這種情況，是因為作為消費者，我們更愿意選擇便利，而不是保護個人隱私。多數人同意在線分享信息之前，從沒有閱讀過附屬條款或進行深入的技術評估。我們不想為每一個賬號記住一個密碼，也不想每次在線購物的時候都要重新輸入信用卡賬號。相反，我們拱手交出了這些可以證明我們是誰的信息，結果就是，每一家公司和政府機構都成為了我們的身份信息的管理者，不論他們是否意識到了這一點。

但隨著區塊鏈技術的出現，隱私這個詞可能重新變得名副其實。區塊鏈可以控制信息，避免復制，這意味著自主權身份信息，或者個人可以控制存放在任何地方的私人信息的想法，第一次有可能變成現實。例如，伊利諾伊州區塊鏈倡議（Illinois Blockchain Initiative）正在試點將出生證放到區塊鏈上。他們希望創建自主權數字身份信息，由用戶自己掌控，并可迅速安全地進行身份驗證，不需要集中數據存儲庫。

杜絕身份盜竊

自主權身份信息不只是個絕妙的主意，還可以杜絕影響客戶隱私的許多問題，包括尤為重要的身份盜竊。去年，美國有1,670萬人遭遇了身份欺詐，比2016年增加了130萬人。但實際受害者可能要翻一倍，因為人們往往并不知道自己的數字身份信息被泄露，直到他們準備買房或申請貸款的時候才發現，這時他們的財務生活早已一團糟。

利用區塊鏈分布式總賬管理身份信息，使詐騙分子在肆意破壞的時候很難不留下明顯的數字痕跡。區塊鏈分布式總賬的原理是：區塊鏈中的每一個區塊均依賴前一個區塊建立，這些區塊的加密屬性，增加了修改存儲在現有區塊中的信息的難度。區塊鏈生成的記錄是不可篡改的，這意味著對與個人相關的每一個標識符的修改，都會生成記錄。該系統可防止數據管理機構的惡意行為，最終使身份盜竊更難以實施。

使每個人掌控自己的數據

區塊鏈分布式總賬的不可篡改記錄，使個人可以掌控與其身份有關的所有信息，并確保信息準確。例如，對于護照或駕照等線下身份，目前尚沒有一個被普遍接受的相對應的數字身份，因此人們每一次使用的時候，都會獲得一組獨一無二的標識符。這些私人信息形成了一個龐大的網絡，最終用戶很難跟蹤，而且由于安全情況不同，并且時間上滯后，因此機構無法保證這些信息的安全。

而通過基于區塊鏈的分散標識符（DiD），我們可以完全掌控自己的個人數據。實質上，分散標識符是一個存儲在區塊鏈分布式總賬上的加密統一資源定位符，每一個標識符被分配給了用戶身份數據中的不同部分，如姓名、出生日期和社會保險號碼等。用戶通過智能手機或電腦上的數字錢包應用，可以臨時授予對其所選的分散標識符的訪問權限。例如，今天你登陸一款新應用，通常要分享自己的姓名、電子郵件地址和其他基本信息。而有了分散標識符，這個過程變得更快更安全。應用將顯示一個二維碼，掃描二維碼，數字錢包應用會自動在區塊鏈內調用相關分散標識符，之后應用授予訪問權限。

我們的身份信息中會發生變化的部分，如電話、職位、家庭住址等，會使個人隱私變得更加復雜，因為一個標識符可能在不同時間關聯超過一個人。想想你在結婚后修改姓氏的時候，你需要更新多少信息？你必須修改護照、駕照、社交媒體賬號、銀行賬戶、醫療保險等等，這個令人頭疼的過程可能至少耗時幾個月。而有了分散標識符，更新信息變得更便捷；更新分散標識符時，相關服務會自動獲得更新的信息。這個過程勝過讓錯誤信息肆意傳播。

注意：這項工作仍在進行當中

任何顛覆性技術的成熟都需要時間。例如，互聯網背后的概念模型與通信協議 — 眾所周知的TCP/IP，在誕生了30年之后才開始顛覆零售、交通等傳統行業。

區塊鏈上的自主權身份信息肯定大有前途，但依舊有許多問題亟待解決。首先是驅動力的問題：現有公司為什么愿意喪失對客戶身份信息數據的控制？自主權身份信息并不符合企業的最佳利益，所以我們需要一家全新的公司，打造一個身份信息的區塊鏈分布式總賬。

另外還有其他技術問題需要克服。首先，真得有可能做到不可篡改嗎？理論上，區塊鏈是不可篡改的，它將扮演關鍵基礎設施的角色，但這種想法需要接受大量測試，才能獲得社會的信任。我們還需要確定如何安全準確地連接個人的物理身份與數字身份。區塊鏈只存在于數字世界，無法保證用戶的物理身份，這就增加了公司驗證、鏈接和識別兩種身份的負擔。

這些問題進一步強調了強大隱私保護基礎設施的必要性。其中必不可少的一部分是監管；在沒有法律先例的情況下，參與基于區塊鏈的身份信息生態系統的實體，必須接受風險、不確定性和無限的責任。我們需要一家值得信任的實體，就該系統的運行方式、制定一些合法的、可執行的規則，確定連接物理與數字世界的基礎設施，奠定為消費者提供基本保護的安全基礎。如果我們能做到這些，隱私將變成標準，而不是與己無關的事情。（財富中文網）

本文作者弗雷德里克·克里斯特為Okta聯合創始人兼COO。

譯者：劉進龍/汪皓

We lack control of our personal identities, and that’s a problem. Birthdates and home addresses have long been accessible through a quick Google search, but now a trip to the dark web will turn up the information many of us still hold precious: Social Security numbers, bank accounts, health insurance details, and whatever else a criminal may desire.

We got to this point because we consumers have historically favored convenience over privacy. Most of us don’t read the small print or do deep technical assessments before sharing information online. We don’t want to remember a different password for each account or re-enter credit card numbers every time we make an online purchase. Instead, we transferred ownership of the details that make us who we are, and as a result, we effectively put every company and government institution in the identity management business—whether they realized it or not.

But with the emergence of blockchain technology, the word privacy may regain its meaning. Blockchain’s ability to control information and avoid duplication means that self-sovereign identity, or the idea that individuals can control their personal data no matter where they are, could be a reality for the first time. For example, the Illinois Blockchain Initiative is managing a pilot program to put birth certificates on a blockchain. Their hope is to create self-sovereign, digital identities that can remain under a user’s control, capable of quick and secure validation without the need for a centralized repository.

The end of identity theft

Self-sovereign identity isn’t just a nice idea; it can put an end to many issues that impact consumer privacy, including, importantly, identity theft. Last year, 16.7 million people in the U.S. were victims of identify fraud, a 1.3-million-person jump since 2016. But these numbers only show half the story. Oftentimes, individuals have no idea that their digital identities have been compromised until they attempt to buy a home or take out a loan and find their financial lives in ruins.

Using a blockchain ledger to manage identities would make it extremely difficult for fraudsters to wreak havoc without leaving an obvious digital trail. Here’s how it works: Each block in the blockchain builds upon its predecessor, and the cryptographic nature of these blocks makes it hard to alter information stored in the existing blocks. The resulting record is immutable, meaning that changes to every single identifier associated with an individual must be logged. This system prevents malicious actions by data custodians, and ultimately makes identity theft more difficult to execute.

Putting individuals back in charge

A blockchain ledger’s immutable record is also what empowers individuals to take charge of all the information tied to their identity and ensure its accuracy over time. For example, since there isn’t a universally accepted digital equivalent for offline identity, such as a passport or a driver’s license, people are issued a unique set of identifiers for every single application they use. The result is a sprawling web of private information that end users struggle to keep track of, and organizations fail to keep secure thanks to inconsistent and lagging security postures.

But with blockchain-based Decentralized Identifiers (DiDs), individuals could regain complete control of their data. DiDs are basically a secret URL (which actually stands for Uniform Resource Locator) stored on a blockchain ledger, with each being assigned to the different parts of a user’s identity, such as their name, birthdate, and Social Security number. Using a digital wallet app on their smartphone or desktop, users have the power to temporarily grant access to the DiDs of their choosing. For example, when you sign up for a new app today, you typically have to share your name, email address, and other basic information. With DiDs, the process is faster and more secure. The app shows a QR code, you scan it, your digital wallet app automatically transfers your relevant DiDs over the blockchain, and the app grants access.

The changing parts of our identity, like phone numbers, job titles, and home addresses, further complicate individual privacy because it is possible for a single identifier to become associated with more than one person at different times. Think about all the details that must be updated if you get married and change your last name—you must change your passport, driver’s license, social media accounts, bank accounts, health insurance, etc.—the headache-inducing process takes months at least. DiDs empower individuals to swiftly update these details; when the DiD is updated, the services using your DiD automatically have the updated info. This process is much better than letting misinformation run free.

Caution: work in progress

Any transformational technology needs time to bake. For example, TCP/IP, the conceptual model and communications protocols behind the Internet we know today, was around for 30 years before it started disrupting legacy industries like retail and transportation.

The idea of self-sovereign identities on the blockchain is certainly promising, but there’s still a lot to figure out. There’s the issue of incentive: Why would incumbent businesses want to lose control of their customers’ identity data? Self-sovereign identities aren’t in enterprises’ best interest, so we’ll need a brand new player to build a blockchain ledger for identity.

There are other technical issues to overcome. First, is immutability really possible? In theory, a blockchain is immutable and would take the role of critical infrastructure, but this idea requires intensive testing before it can be trusted in the wild. We also need to determine how to securely and accurately connect individuals’ physical and digital identities. Blockchain only exists in the digital world and cannot guarantee the physical identity of the user, so this puts the burden on businesses to verify, link, and navigate the two.

These issues reinforce the need for strong privacy infrastructure. An integral piece of that is regulation; in the absence of legal precedent, the entities involved in a blockchain-based identity ecosystem would have to accept risk, uncertainty, and unbounded liability. We need a trusted entity to establish some legal and enforceable rules for how it will all work, infrastructure to bridge the physical and digital world, and the security groundwork to guarantee basic protections for consumers. If we can do these things, privacy will become standard, not a thing of the past.

Frederic Kerrest is the cofounder and COO of Okta.