Andreas Constantinidies, Ashley Fox, Andrea Servida, Andreas Ebert, Nicole Sandler Discuss Digital Identity at Blockchain for Europe Summit | EU Parliament, Brussels
Andreas Constantinidies, Ashley Fox, Andrea Servida, Andreas Ebert, Nicole Sandler Discuss Digital Identity at Blockchain for Europe Summit (EU Parliament)
- One of the biggest hurdles that digital identity has had to combat is the notion of whether an individual’s data will be safely stored anywhere other than in government archives
- Blockchain is immutable and unhackable – making sure individuals data is more secure
- Putting the data owner in control, allows them to give, read and write access to only those that they wish to give their information to
INTERVIEW TRANSCRIPTS: Andreas Constantinidies, Senior Director of APCO Worldwide, Ashley Fox, MEP Economic Affairs & Technology Committee at European Parliament, Andrea Servida, Head of Unit Digital Identity for European Commission, Andreas Ebert, Regional Technology Officer for EU Microsoft, and Nicole Sandler, VP FinTech and RegTech for EMEA Barclays
Andreas Constantinidies (Senior Director, APCO Worldwide):00:00:00
I think we can get started. I know that some people might still be lost in the European parliament trying to find their way here, but the room is pretty full, so I think we can, we can give it a go. First of all, welcome to the first panel of the afternoon. My name is Andreas Constantinidies. I am the head of APCO European technology practice. I will be hosting today. I will be moderating a digital identity panel. The panel is kindly hosted by MEP, Ashley Fox, which you all know. So, to start with, I would like to give him the floor to say a few words.
Ashley Fox (MEP Economic Affairs & Technology Committee, European Parliament):00:00:37
Well, thank you very much for your kind introduction. It’s a pleasure to be here and also to have the opportunity to talk about something that isn’t related to Brexit. For those of you that don’t know me, I’m, I’m also the chairman of the European parliament or party innovation group. And we formed, we formed this group to ensure that policy makers were informed about the advances in modern technology because far too often policy makers are quite happy to talk about it without actually knowing very much at all on the subject. It’s, I want to thank APCO worldwide for organizing this event. We’ve had a splendid turnout and I think for the, the next event we’ll need a bigger room. But I wanted to talk today particularly about digital identity. I think digital identity is the most important aspect of unlocking the potential of blockchain and also more broadly vital to the future of our digital society.
Ashley Fox (MEP Economic Affairs & Technology Committee, European Parliament):00:01:46
I like to make three points from the perspective of policy makers, the importance of providing security, the necessity for the clarity of regulation and the need for a change of mentality, addressing the importance of security. One of the biggest hurdles that digital identity has had to combat is the notion of whether an individual’s data will be safely stored anywhere other than in government archives. And this has been one of the biggest inhibitors for the development of digital ID. Blockchain offers the opportunity to allay some of these fears. With it being immutable and unhackable or so, we hope storing identity on blockchain allows for an individual’s data to be arguably more secure. Solutions have been developed that put consumers in control of their own data and only let relevant agencies see the necessary information. In addition, putting the data owner in control also allows them to give, read and write access to only those that they wish to give it to. From my perspective, this is a move in the right as we see more and more data breaches and questions over data ownership, embracing a blockchain solution could solve some of these problems.
Ashley Fox (MEP Economic Affairs & Technology Committee, European Parliament): 00:03:11
The second point is the necessity to provide clarity. Industry thrives on clarity and policy makers are often guilty of not giving this to them. A great example of this is the fear that blockchain and the GDPR would be incompatible. I hosted a discussion on this topic with the innovation group earlier this year and one of the most hotly debated aspects was whether the right of erasure was possible on the blockchain. Now the conclusion to this was yes, we needed to acknowledge that there is a broader definition to erasure than physically destroying a record or deleting the information from a server. It can also be from the removal of a private key issues such as these arrive consistently in the advent of new technology and with digital ID it will be no different. It will be important to ensure that digital ID is accepted as a legal form of identification for this.
Ashley Fox (MEP Economic Affairs & Technology Committee, European Parliament):00:04:15
Developers will need to know what solutions need to be inbuilt to ensure their compatibility. It is for this reason that I am a strong advocate of sandboxes as I believe it gives entrepreneurs the opportunity to understand the regulatory environment that they have to comply with, but also give supervisors the opportunity to learn about new technology and have a closer eye on the impact of it. The final point I’d like to make is one of needing to change mentality. This is a point I’ve made on a number of occasions in relation to PSD, two payment services directive. However, it is also relevant here when we look at identity and the information that is collected from us. The metrics of first name, last name, date of birth and dress seem a little thin in comparison to the data available. Huge amounts of data collected from us every day.
Ashley Fox (MEP Economic Affairs & Technology Committee, European Parliament): 00:05:15
Whether that is spending habits or the articles we’ve read, arguably this information we’ll be able to provide a better idea of an individual’s identity than a name and address. However, I think when we are met with technological advances, it is often difficult to move ourselves out of the box of the familiar and to look to see how the technology can improve what we already have rather than the new opportunities it presents. We need to adapt what ID is to more than just what we were able to collect in the early 19 hundreds digital ID on the blockchain offers this opportunity rather than just digitalizing existing identity. It can develop a system where identity can be created using the huge amounts of information collected. We can have new metrics and this also has the potential of including a wider range of people who are excluded from previous IDs. Thank you for inviting me and I look forward to the discussion.
Andreas Constantinidies (Senior Director, APCO Worldwide):00:06:22
Thank you, Mr. Fox. I think the next person that would, can consider the stages and the asset Avida head of unit for in government and trust in the European commission before becoming head of unit – task force. And we’ve known each other, you know, in that domain for a number of years. We started the discussion on the EA thus back in 2000 and 1200 mistaken. And Andrea, it would be great if you can touch upon some of the early lessons that we’ve learned on the ADAS, especially when it comes down to the mutual recognition of vid. And if you can also talk about the European blockchain infrastructure and also how that relates to digital identity. And you have five or six minutes.
Andrea Servida (Head of Unit Digital Identity, European Commission):00:07:12
Thank you very much. Good afternoon to everybody. I’m really pleased to be here today to address you and to try to contribute even though it’s going to be difficult for Andres to keep a me with regard to the timing of not the discipline that he knows very well. I think that the, the discussion of today is key and I would like just to, to start the link into the third point that was made by the honorable member of the parliament because the change of culture and the change of attitude is important. The experience that we have developed the gain [inaudible] is that if you look at the regulation is the regulation which applies across the 20th member States. We don’t define what is identity. We talk about identity identification but we don’t define what is it dented. Why? Because that is a culture very sensitive culturally is very sensitive.
Andrea Servida (Head of Unit Digital Identity, European Commission): 00:08:09
But eventually what counts is what is indeed you can enforce in relation what you want to do. If you need to know whether more than 18, you don’t need to have my AA, my date of birth. You need to have a trusted assertion about my age and is yes or no with regard to what is the treasurer, am I over 18 yes sir. But that, yes, I should be a trustworthy obsession that should be in a way linked to an identity that could indeed be disclosed if a process is there and the need is therefore that assertion to lead to the identity. Why I’m saying this, I’m saying this because digital identity, we say digital identity in the context in not digital idea and this is why in Europe by Andrea Sanders we talk about electronic identification. So digital identity is going to be what will speak for us in the digital and there is where blockchain is going to be extremely important assertion like what is, whether my age is more than 18 or not, once is assessed and once I’m proved to be alive, alive and I can enforce that the assertion myself or I can produce and share that assertion myself with a security, a link that is there to make it possible for the relying party to receive this assertion in full compliance with what are the obligation that he has to discharge.
Andrea Servida (Head of Unit Digital Identity, European Commission):00:09:33
Then there is no point for me to seek for that assertion more than once and there is where I think is important to look at the how the technology is making it possible for digital identity to really flesh out only what is the indeed needed for the purpose. What speaks for me but not about me. I needed to prove that I’m reciting the country and I have a certain more than a certain age to asserted yes are needed. They don’t need to know where in the country I leave. The need to know that I’m there and there is where I think that indeed there is a huge opportunity as the honorable, honorable member of the parliament, the European parliament just said to unlock potential for the people and for the economy, for the social growth that we can, we all strive to achieve. This is important because we have seen with the ideas and the ideas is about, let me call it any this way for those read international prices, the legal entity, what makes them the rest of either to be undress or Veda fine in my country is a process by which you know I’m given extra in identity by my state.
Andrea Servida (Head of Unit Digital Identity, European Commission): 00:10:41
You like it, you don’t like it doesn’t really matters but associated to this process there is the possibility for me to use digital representation of data entity to access public services and my country. I’m a citizen of Italy, I mean Italian but also citizen of Europe. The others are regulation allows me to rely under certain condition on the use of these identification means to access services provided to me and to which I may be entitled by another public administration or in another member state. Is this a huge of huge importer? Yes it is because to some extent it provides a trust tanker across the member States or what in the digital is going to be the way in which we can leverage whatever we are relying upon at the national level for us to access services offered by the public sector. To some extent.
Andrea Servida (Head of Unit Digital Identity, European Commission): 00:11:40
It’s like the passport is something they regulate that is regulated between countries but is leverage in particularly regulated environments where the entity is to be proved for whatever reason. And this is why, for instance, in the work that we have been doing since I would say the adoption of others articulation 2014 and even before then, we have tried to make sure that that that insects a specific legislation, the digital is taken account in the right way. The most, I would say outstanding. I would say. Achievement that I can share with you today. Certainly I would say the anti-money laundering directive where digital identity under the others or the relation and knowledge to be relevant and possibly appropriate for the to provide the proofs of in-person verification of the perspective clients to a bank, which ISL or a financial institution that has to meet these type of challenges.
Andrea Servida (Head of Unit Digital Identity, European Commission): 00:12:39
I think this is important because it gets them to who is going to benefit and how. If we see what is indeed now available across the member States and we have 24 countries now that are rolling out electronic identity for the purpose of accessing public services, we can leverage those investments to make the anchoring of the identity or whatever is going to use. This speaks for us in the blockchain but in the digital in general to be enforceable, which will make us, which will give us the possibility to disclose selectively, consciously only those I attributed that are needed for the transaction. There is no point of if I want to comply with a true identity policy or whatever service provider to give my GSN know that the service provider may be receiving or may should be open to receive what is a trusted assertion for which a country is taking a responsibility and the liability Stover all the other 27 member States for that assertion to be uniquely linked to what I indeed make myself to speak for me in that in that particular or the in that particular setting, and this is important because I mean identity, digital identity, so not the full disclosure of all our personal data is I think the honorable member of the parliament just said, but what is in the that is relevant in a way that can be enforced and linked in a unique and secure way to a distinguishable person.
Andrea Servida (Head of Unit Digital Identity, European Commission): 00:14:14
Those disclosure will make us to be able to fully comply with the GDPR data. Municipalization is there and that saying that that is where there is certainly the, I would say opportunities and deliver the first level. The second one is that blockchain certainly is as it was alluded to before in any and certainly an interesting environment to manage selectively the disclosures of what the speaks for us proves assertion attributes. We’ve already validated the associated information about my identity, but that can be done in a way that indeed is under my control. We need to reestablish the control over the entity to those who are owning the data, whether it is a nature person, legal person. Because if you don’t do this, then of course I mean we are good not going to benefit from what is the value that is created in a way that unfortunately now is transparent to most of the user with the data that we have.
Andrea Servida (Head of Unit Digital Identity, European Commission): 00:15:15
And these are you sitting for the future. Because if we don’t go that down that path, it will be difficult to regain control. So when all these technology will be coupled with even more technologies that we have leaving for spheres, devices, which we lack that on our behalf towards the digital, we have plenty of opportunities, potential for growth potentials for enjoyment, seamless and I would say secure, but the control is to be reestablished. And I think that GDPR goes in that direction. The blockchain goes into as a concept. There’s more that goes in the direction we need to, to leverage these, I would say for the future of our society. Thank you.
Andreas Constantinidies (Senior Director, APCO Worldwide):00:16:00
Thank you so much Andrea. Right on time. And next in line is another Andreas, maybe it’s an only panel in Brussels with three undress out of the seven and reservoir does original technology officer for Microsoft in the EU. He has been with Microsoft for close to two decades, three, three. And he has been a member of multiple advisory an expert group in Brussels under as maybe you can talk to us about what Microsoft has been doing in trying to commercialize blockchain based decentralized identities.
Andreas Ebert (Regional Technology Officer, EU Microsoft):00:16:42
Thank you. Thank you so much for the opportunity to be with you today. I’d like to pick up immediately these statements made earlier in way around basically unhackable kind of blockchains or other pieces of technology. I do think if other researchers as researchers funded by European research funding are successful in the quest to tackle quantum computing, maybe we should reconsider the term and keeper for blockchain based of technologies. Invasive. It’s been kind of interesting. Basically overlap between different developments happening in society, in technology and in the industry that they’re influencing each other in this thing. The reaction need to be constantly evaluated. What is the proper way going forward on this one? So I’d like to focus on four things as a commercial entity. I’m with Microsoft. So it’s a company whose business model is based on a platform business model and that like to explain what this means in this context as a platform company, you are not creating individual solutions where you have targeted kinds of individual projects being done at the leading edge of whatever kind of new concept is.
Andreas Ebert (Regional Technology Officer, EU Microsoft):00:17:46
As a platform company, you are creating a platform that innovation can help them on top of your platform and both areas, which is the topic of today, blockchain or the entity or what we call platform product or domains in a way. So for instance, the way how different blockchains can be implemented on one side is of course on one side the kind of conceptual architecture. But making it simple as possible that innovation can materialize in the market as fast as possible is by the contribution of our company is hopefully contributing a bit to this kind of a F effect. On this one. On the other side, identity has been a core component. I think of every large it’s company’s kind of business journey. And they do have all these kinds of platform products around enterprise-oriented identity enterprise to consumer oriented, oriented, entered identities or identities only for the consumer sector, like our Hotmail account kind of system.
Andreas Ebert (Regional Technology Officer, EU Microsoft):00:18:42
But I’d like to share more information of a new world that we want to get into a decentralized identity as a first-class citizen in the whole world of identity. And I think it’s compliments very strongly. The two previous speakers kind of desire that I then they should be secure. And so you’re going to only from a cybersecurity perspective, but secure from a conceptual perspective who owns the identity? Cause even if you have a case degree from a technology perspective, PKI infrastructure, the public keys are typically hosted in a database. The database could be hosted by a government entity, could be hosted by a commercial entity, but not by the person who wants to own his own identity in a way. So, I do think this kind of desire comes very nicely together in this kind of tool developments on one side, but we’d call it decentralized ID system.
Andreas Ebert (Regional Technology Officer, EU Microsoft):00:19:35
And so, if you’re interested, decentralized ID foundation, it’s more information. You can take a look up on this one. And blockchain is to root ledger within its capability of he moved to restore to basically create an, an entity less kind of root directory of the public keys people are relying upon in the decentralized ID environment. So number one, make dissenters idea. First class citizen is an objective. Our ID architect, Kim Cameron, maybe some of you know, Kim Cameron is intensely working on. The other thing is around security. Security can be done by a blockchain and there’s also other technologies available. One of those technologies is called confidential computing, which is a broader set of technologies to keep processing as secure as possible because security need to be available in. And number one on the kind of conceptual side is the protocol secure, is the process secure, but the implementation security is as important as the conceptual security anyway.
Andreas Ebert (Regional Technology Officer, EU Microsoft):00:20:40
Then second thing is around how to basically manage your own identities. And the concept in the decentralized ID foundation work again is a 50 plus kind of organizations partnering to create this protocol. And you can imagine it’s similar to the DNS system of the internet who owns the DNS from a database perspective because it is mutual store about all the kinds of the yellow pages of, of the public internet. But the same kind of principle should be behind the decentralized ID infrastructure on this one. So imagine that you want to store your own identities and it could be not only one but it could be many because you might publish some of your identities, others only for bilateral kinds of interactions in a way, so you need to represent them. And so, the concept being used there is called the identity hub, separating the concept of your identity.
Andreas Ebert (Regional Technology Officer, EU Microsoft):00:21:33
Vista food secure representation storage could be a device, it could be your car, it could be a network of different devices so that you are not relying on the availability on a single physical device where your identity is being stored in a way. And so overlapping these kind of two concepts. Consider blockchain is the root of trust in this decentralized self-sovereign identity sometimes being called dissenters ID system. And there are multiple technology choices available for the transaction kind of sites that you have this tamper-proof or log, all these kinds of things. But the foundational root layer a thing is one of those areas of blockchain is really uniquely positioned to provide value and create this kind of a hook than a digital representation can be done. One quick comment on the GDPR side because gene bar has been mentioned a couple of times.
Andreas Ebert (Regional Technology Officer, EU Microsoft):00:22:27
Is the blockchain exposed to GDPR? Yes it is. Is there an area of investigation necessarily? Yes it is. But you can architect solutions around it and it doesn’t really leave any implementing party of the process side of compliancy. Blockchain is the technology. GDPR compliance is a process compliancy, which would be kind of technology agnostic but it can be architected in the way how it can do that. Last comment on this one is whenever you are implementing complex technology in a regulated world like data protection or in regulated industries, think about the economics of compliancy and that’s the reason why we focus so much on standardized services because the significant part of the value proposition on those kinds of standards services that the economics of compliances orders of magnitude better. It’s like if you were to build your own car, getting certified for Rose versus getting a car from a mass producer of cars where that type certification is from an economic perspective is different scale. So, thank you so much.
Andreas Constantinidies (Senior Director, APCO Worldwide):00:23:37
Thank you so much. I would like a now to pass the floor to Nicole Sandler from, Barclays and Nicole is a leading on FinTech policy at Barclays. And she also represents Barclays in a number of expert groups here in in Brussels. And he called you want to. Tell us what the Barclays is doing in this space.
Nicole Sandler (VP FinTech and RegTech, EMEA Barclays):00:23:58
First, I’d like to say thank you for having me today. So far the conversation has been very interesting and we’ll get to them points where we’ll see that I’m not fully in agreement with them or the points that have been made, but I think that always makes for a good panel where someone can tell me that I’m wrong at the end of it. So in terms of Barclays, when we’re looking at DLT solutions, we’ll sit down, we’ll be a grief verse, whether it’d be through from legal, some of them policies from, from strategy, the tech architects, and we’ll say, what are the problems that we want to solve? Now sometimes blockchain will be the answer. Sometimes it won’t. Sometimes it’ll be part of the solution. When I think about identity, what are some of the key issues? Well, some of them are that it’s very expensive to verify an authorize say for instance I saw a statistic which said at 3.3 billion was spent in the UK last year on maintenance and administration of KYT.
Nicole Sandler (VP FinTech and RegTech, EMEA Barclays):00:24:50
It’s a lot of money. When I’m looking at other problems, one of them would be, so I recently remortgaged my very small flat in London. When I remortgaged with my bank, I had to provide all of my identity documents. Again, it was the same bank, it’s the same mortgage. I was just asking to do a remortgage on it. That’s very frustrating. Now, if that’s frustrating for me who works at a bank, I can only imagine how frustrating that is for other people who don’t have to deal for bank every single day. Now I know one of the questions, one of the points that was made earlier with about culture and has been a cultural change. So sometimes I’ll go to panels and I’ll have people say to me, it’s very difficult to get banks to think about innovation. It’s very difficult to get to get banks to look at AI and DLT and look at ways of solving problems.
Nicole Sandler (VP FinTech and RegTech, EMEA Barclays):00:25:33
And I sit there, I say, well, I’ve worked at Barclays for a number of years. I’ve worked in tech policy for five years. There has been a shift in terms of legacy issues and legacy thinking, but I, I don’t hold that. I think it’s difficult at within banks and within the industry to get them to look at using technologies to solve problems. So I’m, I’m always a bit surprised by that, but I think it’s also a cultural change just generally across the public. So if I said to my father, so we’ve told, mentioned self-sovereign identity earlier, I said to my father that you can hold your data and you’re going to be in total control of it. And if something goes wrong, essentially it might be on you because you’ve got to hold onto the permissions, you’re going to hold the keys. It’s on you. I think my father would turn around to me and say, I don’t, I don’t really want to do that.
Nicole Sandler (VP FinTech and RegTech, EMEA Barclays):00:26:22
Why would I want to see that someone else could hold my data so when else can do this? So it’s also a change with it across the public as to what they want to be doing with their data. And I think it’s not just about changes within the industry, it changes, it changes across, across the whole public and in different jurisdictions as well. You know what someone might say in one jurisdiction when it comes to identity might not necessarily be the same in another jurisdiction. So I think someone mentioned them earlier, the sandbox solutions. Anyone that knows me and knows that I’m a large fan of the sandbox, Barclays went into the FDA sandbox in cohort three. And I think it’s a great way to see where your test is hitting a regulatory perimeter. Now do I think the sandbox was good for Barclays and we did it actually with a number of third-party suppliers.
Nicole Sandler (VP FinTech and RegTech, EMEA Barclays):00:27:07
Yes, I did. Do I think that Barclays and the third party suppliers are the people that are going to benefit most from the sandbox? Absolutely not. I think the people that benefit the most are the regulators and the policy makers because you can see where your test is hitting a perimeter and that go to the point of clarity that was mentioned earlier. People want to know what they’re allowed to do, and if your regulatory landscape is unclear, it’s very difficult to know what you’re allowed to do that it’s almost impossible. And for anyone in the industry, whether it’s a bank, whether it’s a startup, you need to know what you’re allowed to do because if you think you can’t do something potentially from a banking perspective, you’re not going to do it. Because even if legally you may think that you’re okay or in a gray area and some lawyer tells you that it, that it’s going to be all right.
Nicole Sandler (VP FinTech and RegTech, EMEA Barclays): 00:27:51
Reputationally is it’s going to be a problem if something goes wrong. So I think we’ve touched on quite a few of those points earlier in terms of the, the one point that I was going to say that I may or may not agree with, it’s on the GDPR and the right of Arabia I’ve got to meet, I’m overjoyed for someone to tell me today that there’s nothing wrong with article 17 and the GDPR and blockchain that they get to work totally well together. Cause I, I’ve sat in a number of meetings of both regulators and policymakers where we’ve turned around and said, I think article 17 might be a problem for us because it’s not clear as drafted what the right to pervasion means. It may be that you can raise, you can take something off, you can remove your personal data. But I don’t understand how that works on the blockchain because blockchain is immutable. So you need to tell me what you mean by Eurasia. Do you mean encryption? If you mean encryption, that’s brilliant. But I have to meet today is the first day that anyone has told me the article 17 and the blockchain will work well together and it’s not an issue. So if that’s one take away, I take that. That’s brilliant. I have to admit it. It’s the first time I’ve had it.
Andreas Constantinidies (Senior Director, APCO Worldwide):00:29:07
Thank you so much. Nicole, why don’t we move now to, to look from a VMware. Look, I’m not going to try to say your last name. You can say, well how or you can pronounce it. Luke is a computer science by training and now he said global solutions consultant focusing on a couple of key accounts such as a NATO and Swift. I know that VMware has announced a couple of important developments on blockchain the last few months. If you can touch upon those. And then we were discussing last about you know, how you can potentially delete blocks. And I guess there’s also links to the discussion on GDPR. Please go ahead.
Luc D’Hauwe (Global Solutions Consultant, VMware): 00:29:50
Thank you. Hi, my name is pronounced though, but don’t worry if you cannot pronounce it you’re not the first one. Now if you look at the VMware, indeed announced a couple of products that’s coming up, but in fact, the journey started three, four years ago and we didn’t look at blockchain another, what solution can we solve with it? We first looked at the blockchain itself, and one of the key aspect to talk about blockchain for us is a distributed trust. If you don’t have a solution where you have a distributed trust, maybe you just should look in a regular database, maybe a replicated database, but not in a blockchain. Because today, blockchain is still a sexy word. A lot of people, they just want to have a proof of concept on blockchain without thinking about that. And on that, we built that on a distributed trust.
Luc D’Hauwe (Global Solutions Consultant, VMware): 00:30:45
And this morning I heard in one of the session saying, yeah, scale and security. It doesn’t go together. We don’t agree with that. We looked into a consensus mechanism which can scale and provide security. And we call that a Byzantine fault tolerant agreement. And in fact, the idea is that you got to come to an agreement on what you put on the blockchain, the next block and knowing that some of your notes may be compromised because we said security is safe. In blockchains, certainly if you look the like [inaudible] we have like a security by numbers but you cannot assure that every note will always be 100% sure. So we are assuming that it’s not always the case, but still that you have an agreement and that’s a secured. Now once you have that, you can build on top of that.
Luc D’Hauwe (Global Solutions Consultant, VMware): 00:31:47
And what we were working on, it’s what we called zero knowledge of proof. And the ID behind it is that you can prove that you have something without showing it. So also we call it for a fireball claims and daily use. It can be if somebody wants to buy alcohol and he has to show that is from legal, H Y duskiness has to show an ID, which is birthdate on it. It just good if you can prove yes, I’m legal age and that’s all they have to know. So and based on that, you can start building a further on that. Another use case is like if you apply for a job and a, you want in your CV, you say, I had this education with this degree. If the company that wants to employ you want to verify that they cannot call to the school because of the schools would have hundreds of calls each day.
Luc D’Hauwe (Global Solutions Consultant, VMware): 00:32:50
That’s not possible. But with verbal claims you can show that your CV is correct because today if you’re applying for a job, and certainly if you are recruiting it’s not uncommon that CVS or sometimes uplift that little bit. But by doing that you start building like an ID and it’s not an ID. Like we put your passport, we put it in a blockchain. It’s an ID that can live on different blockchains. You can have like educational institution making a blockchain where the, they put information on it, but you can have other blockchains. And for us it’s important and we are so working on that to connect those different blockchains together and by doing that you can buy the trust. Now to come back on idea is part of my role. I was also in other sessions with a NATO and where they discuss also the use case of blockchain, how one of the use cases, it’s like refugees that they are facing.
Luc D’Hauwe (Global Solutions Consultant, VMware): 00:33:52
So, you have in a situation that can be a war situation. Vertical can also be a Seville, a disaster, something that’s happened, but certainly in a war scenario, by definition, the people who are fleeing from the country don’t trust the government anymore. So then the having a an ID based provided by that government is not something that you can work on top of that in the world there are more than 1 billion people who don’t have any way to prove who they are. They don’t have any papers, they don’t have birth certificates. Okay. That’s maybe uncommon in the Western world. But even I heard the just before the meeting that even in the UK, we’re talking about 1 million people that don’t have that, all those needed papers. So, and then again, you can have a technology like blockchain helping there and now you will not have for one entity who put there and the entity.
Luc D’Hauwe (Global Solutions Consultant, VMware): 00:34:50
But you have to imagine a situation like when an NGO, like the red cross, first time received the refugee, the record sternum in the blockchain, and further when they have aided and they go further on in the change or for help, the action stake at heartache and her noted down in the blockchain and a later, maybe they arrive in Europe, you have a chain that they can prove that they are from a certain country because we know, we can see in the blockchain that the red cross met them the first time in Syria or in Lebanon or another place. Or at least you have some, a trust. And that’s an indifferent way of looking or to an identity. But it’s certainly a way worldwide to it. And that’s yeah, and we are of course commercial company. We want to bring our products, but what we made are on the consensus or agreement. We open sources because we also recognize, like I said to you will have different blockchains connecting to each other. It builds, not all leave blockchains running on VR technology. You will have [inaudible] running up Microsoft, IBM technology. It’s important that they can work together and that’s why we are open sourcing it, giving different parts of different integrator, the possibility to connect those different blockchains together.
Andreas Constantinidies (Senior Director, APCO Worldwide): 00:36:18
Thank you so much. Look for your intervention. And last but not least, Carsten do you want to tell us a bit about what you guys are doing at Spherity?
Carsten Stocker (CEO/Founder Spherity):00:36:34
Yeah. Thank you for having me. My name’s Carsten Stocker. I founded a startup called Spherity which is a combination of sphere and identity because a core hypothesis we have in the context of the fourth industrial solution. So enter digital, physical and biological spheres approached by new technologies. So we need an identity systems that fulfill basically this requirement to connect human identities, living organisms, identities with physical identities, with objects, with machines, with autonomous agents, and connect this with SIA identities in the digital sphere. So that’s, that’s what we basically do. We totally believe you need an interoperable system that can connect all these identities. We don’t need a silo system. Identities for vehicles, identities for people living in Portugal, identities for objects in a fast moving consumer goods supply chain. So it was forced industry evolution when all the technologies are blended together. So we need to put the interoperable identity system and probably also servers to say I’m so far from a, from a, from a scaling perspective for and that solution perspective, it’s really valuable to look into what’s the Chinese are doing the Chinese appalling triple digit billion dollar into all kinds of FOS industrial solution technologies.
Carsten Stocker (CEO/Founder Spherity):00:37:56
That’s just one Chinese conglomerate who is building a smart city for 32 billion us dollar. And I think that the culture and the mind, mind mindset topics that we are asking for business cases and for a little bit of tiny things and to the Chinese business case is Chinese supremacy. And it’s a global competition we are in, I would come back to this a bit later, but anyway, so identity first and does solution. So if you look in the internet today, we are 4 billion people in the internet. So, we soon, soon had 40 billion IOT devices.
Carsten Stocker (CEO/Founder Spherity):00:38:31
Double digit triple digit, billions of software agents in the internet. So soon with a transition from a human focused internet with all transactions among humans to fully digital machine autonomous agents, internet with entirely new concepts of identity and with entirely new concepts in the digital world. I have my digital identities sitting here. Let’s say it’s my, my Amazon Alexa agent. I can easily create it, update it, a clay Milford. I can clone split much it, I can aggregate it, I can put some optimization. I can do a lot of things in real time at a very high frequency, a digital identity. And it’s an entirely new concept compared to humans, which are pretty static. It’s an addition. So first in that solution. So we have a passionate about it. It’s called by Gardner autonomic things. Some other people call this thing was the ubiquitous agent.
Carsten Stocker (CEO/Founder Spherity):00:39:31
So, it’s basically identities not static anymore. So it was all the data sitting in a database, government database, blockchain database, whatever. So our digital identities, who you’re connected with, autonomous agents, anti-autonomous agents, are selling our data, providing access to our physical resources, to our smart home as providing sickness, sickness for our head’s care data, kind of to do a prediction, do I need to change my lifestyle, kind of to have better health. And these autonomous agents would pretty much change how we interact and the ways as one big automotive play on Germany, that’s not as a question anymore, how to sell our cars. It’s asking how to sell our mobility services to Amazon Alexa and the business to agent to consumer play and yeah, to be relevant in the future of NBF after the peak auto and no one sells cars anymore. And so bottom line is, so in terms of interoperability, digital identity with humans, physical objects are casts and software agents or is a bit of interoperability needed.
Carsten Stocker (CEO/Founder Spherity):00:40:33
So, we heard about verifiability as extremely interesting. So, in Germany you have industry for zero and as a European country as well, I think we are world leading here and in industry for zero as one big problem. So are produce in a manufacturing line, production line. I produce an object, sends the object, has some, some inbound logistics objects produced, is quality assured. It’s kind of, I’m sold as a component implemented in the car and a product. So there are a lot of transactions going on. The object has to mean verified. The quality assurance data needs to be checked. So some quality spec inspectors coming in. And there’s one big problem in industry for zero. When I have this 25 sitting in the Taiwan supplier database that sent sales a digital turn, the identity to an OEM and civil M sets to fleet operator.
Carsten Stocker (CEO/Founder Spherity):00:41:26
So, this doesn’t work at all. It’s not interoperable from an addressing scheme. And it’s not working a verifiability thing because when it’s a fleet operator needs to verify a spare part or an insurance company to verify piece of telemedics data as they cannot independently do it. And with blockchain taking the hood of trust out of central databases, putting it on a decentral disputed ledger, suddenly every player along the value chain can take an object, can take an assertion. You mentioned your surgeon can independently verify it as super valuable for industry for zero and of course what can be done for zero cannot be done for humans. And it’s a little bit see the perspective we have here. So, before I close, I think it’s a big d it comes to blockchain identities that we have all this 10 boxes and regulatory kind of clarity in place that a lot of use cases that can be done into today’s existing market designs into existence regulatory frameworks.
Carsten Stocker (CEO/Founder Spherity):00:42:26
So, it’s not about crying like I need to do this. So regulators and the policymakers, a lot of stuff can be done today in terms of kind of taking on the competition with the Chinese. Chinese are doing large scale few tests. I think we also have to do cone same direction too, to have a little bit more dual mode of operations approach, like existing systems in parallel, a distributed systems fuel testing it, scaling it to build it to the technology competencies here to compete with Chinese supremacy in your future and alters us. And that’s where I want to really close because U S is pushing standards like Hey send the world by web W’s. We see consortium, they are pushing the standards and you mentioned them, verifiable claims, decentralized identities, the semantic reps, they are pushing the standards. And when, when I look in this ecosystem, I don’t see so much proof from European player here and there they are Sam’s but boot force in the U S so we have to take on the competition with the Chinese in terms of their, their risk appetite to scale and build technologies for supremacy and also try to standardize every single day for the future of the internet.
Carsten Stocker (CEO/Founder Spherity):00:43:38
And yeah, it’s pretty competitive. And in Europe you have to be a co-create to collaborate, to cooperate and manage as our, to stay competitive.
Andreas Constantinidies (Senior Director, APCO Worldwide):00:43:50
Thank you so much. Carsten, we have about half an hour for a question. So I would like to open the floor.
Andreas Constantinidies (Senior Director, APCO Worldwide): 00:44:08
Everybody’s shy after lunch. Then maybe I can ask Andrea and they are talking about the ideas. Do you think that we need to go back and revisit? The idea is now that we’re talking about a blockchain and identity, hopefully not, but I would like to get your thoughts on that.
Andrea Servida (Head of Unit Digital Identity, European Commission): 00:44:23
Whether we like it or not or in 2020, we have to come forward, what we report on how we are. This is working, what has been the impact. I would say pick up on certain points that were made earlier. In particular of what, what I had the pleasure a couple of weeks ago. I was in a panel with the prime minister from Malta and it was it was actually very proudly saying, Oh, you know, our country is the first country that has adopted a low on blockchain, actually set of low on blockchain. We enable, I would say the way in which blockchain may deliver services both for public. So public survey, but even more importantly for private sector. And what they struck me is that he said that in a very proud way. We don’t mention blockchain in the law,
Andrea Servida (Head of Unit Digital Identity, European Commission): 00:45:14
Which is I think what they should make us think of it because indeed what, what counts is to see and to try to capture whatever origination what is indeed that is going to enable, what are the principles, what are indeed the long term, what I would say those, those conditions that will nurture innovation and will stimulate innovation. Then today’s blockchain, DLT, you call it whatever you like. But in the future we don’t know. And, but certainly the blockchain DLT is bringing forward a new elements that it’s, it’s worth reflecting upon. And another question and other issues related to these and which is also linked to what we just said by Carsten, you know, the 3.3 billion that are spent on every time, every year on verifying identities. Of course. I mean if we would be able to make the proofs or water is being verified to be portable because digital allows this to do, then of course, I mean you can make these peer resources.
Andrea Servida (Head of Unit Digital Identity, European Commission): 00:46:11
So, a lot of those of that bill to do something else. And in this respect, the most of you have known that indeed we are on us and the anti-money laundering directive PSD two, which is indeed and other examples of where ID electronic identification can play. We very regard I would say to meeting requirements for strength costs. Strong customer authentication as a by the regulation in all these, in all, in this context we are working with Digi, just we do to face my own in the Yardi and K what see the purpose being to make, make it portable so that once a Clare has done something in a branch moving and asking for a mortgage elsewhere, she has not to go again. How this is being served. Of course a Bravo distributor ledger may become extremely important. But what I think is indeed important is to capture what is indeed to be unlocked in terms of regulatory issues that that may impede an out to these to happen. And of course, boxing in sandbox in this respect is certainly something that we all welcome.
Andreas Constantinidies (Senior Director, APCO Worldwide):00:47:22
Thank you, Andrea. Please
Speaker 1: 00:47:37
So, I’m working with I triple E standards and those have a startup. So if you were to adopt the decentralized identity, who would pay for the infrastructure? Who would maintain the infrastructure?
Andreas Ebert (Regional Technology Officer, EU Microsoft):00:47:58
Who wants to take this? I can start is the limited perspective as a commercial entity on this one because it’s depending on the use case, Cassidy, the kinds of financial activity anyway. If you have a decentralized identity scheme, what is happening is that different business models either have explicit monetization opportunities saying, look, you can get without advertising. The kind of that you’re saying you need to be a subscription that you can basically host or a this kind of activity or it’s an embedded kind of a system or component in a, in a broader kind of system. So the monetization in the commercial world is happening to biggie along those three lines, is it the kind of subscription topic? Is it the transaction based fee or is it a certain party famously called this advertising based business model. In a way there’s this re care signal monetization opportunities and financial sustainable models in a way.
Andreas Ebert (Regional Technology Officer, EU Microsoft):00:48:49
I can’t talk on behalf of governments what the potential financial instruments would be to fund these kinds of activities. But typically that’s in the commercial sector on this one. But this helping, this kind of thing is key. Incredible. And I mentioned quickly in my initial comment about economies of scale happening, and this is a, a, a panel on blockchain and identity, but the foundation, at least from our perspective is to superior economics of the count more than the hyperscale cloud modeling away on three layers depleted to me manifested number one, the unit cost of it typically goes down by an order of magnitude, the cost of or the economics of compliance. It typically increases by two orders of magnitude and the speed of innovation take up to be increased by three orders of magnitude because you can ship to a global customer base on a daily base new functionalities in a way. And so when people talk about the calc paradigm to begin this kind of scale, benefits are not the primary dimension they’re thinking about. And especially in the context of platforms like blockchains or identities, those kinds of, if economic effects are kicking in very, very fast.
Andreas Constantinidies (Senior Director, APCO Worldwide): 00:49:59
Thank you. Andreas and there, do you want to say anything on the infrastructure side of things?
Andrea Servida (Head of Unit Digital Identity, European Commission): 00:50:11
Okay. I suppose the very question is who is going to benefit unless we make an infrastructure to work for society and let’s not forget the ILS is an example investment that started in the 90s to facilitated engagement of citizen governments.
Andrea Servida (Head of Unit Digital Identity, European Commission): 00:50:28
At the local, regional and so and federal ordinance central levels. But once you have done it, you know a donation that could be leveraged to make it easier for private sector and the user to be first a secure secondary to reach more transparency and the higher level of accountability in the digital which are preconditioned for security to be there because otherwise there is no situ. There is technical security but nothing else. And even more importantly it is much easier I would say to reestablish a kind of, you know, fair balance between who is crunching the data, my identity data and where the value is created to whom the benefit goes. So I would say in a provocative way, if we don’t afford these security infrastructure, who’s going to benefit from the identity? And we see now in the way in which identity is being crunched that the most of the value is not for those who get their identity data to be crunched, but they are for those that are crunching the data in a way that is not even easy for whoever to establish exactly what is indeed the value that can generate.
Andrea Servida (Head of Unit Digital Identity, European Commission): 00:51:37
You may be associated to some failure, but you know, I suspect that you’re not economic modeling. It goes well beyond what is somehow public knowledge in this aspect.
Nicole Sandler (VP FinTech and RegTech, EMEA Barclays):00:51:54
So, I hear the maintenance question quite a lot. Where where’s the data could be maintained? Who’s going to be organizing it? Who’s going to be running it. Sometimes you’ll hear that perhaps that should be the governments that do that and I’m not going to say yes or no on that. The only thing I would say is, and it becomes quite jurisdictional now if DLT is meant to help solve some cross border issues, that’s one of the things I’m told a lot about DLT. If you’re only leaving it with governments, then you are going to lead into a jurisdiction or problem. I don’t know what the solution is to that, but I just think it’s something that’s worth thinking about when you’re talking about maintenance and handing it over just to governments.
Ashley Fox (MEP Economic Affairs & Technology Committee, European Parliament):00:52:34
So, I think this is something that policy makers have yet to discuss. I’m very keen that is, is not the taxpayer. I’m very keen that does governments do not get involved because they’ll do it badly and cost us more money and I don’t want consumers either. So that leaves the businesses who in some form will have to pay some sort of fee for access. So when they verify identity, there will be a fee and it might be a tiny fee. It might be a one year old sent for a hundred checks or, or whatever it is. But I’d be very keen to keep the base in the private sector and keep the taxpayer out of this.
Andreas Constantinidies (Senior Director, APCO Worldwide): 00:53:14
Okay. Thank you. Anybody else? Yes, there’s more questions. Yeah. Thank you. Also, from an identity company.
Speaker 2: 00:53:27
I’d like to just touch on this first on this point made before. And what I would like to touch on is this question of where the government or whether European union could be involved, especially in terms of standardization because yes, it should be to M two companies. It should be to competition in the market. But for that we need a clear stance on standardization. We nuclear stands on where’s the, I don’t, how is the IDAs integrated into self-sovereign identity and how is it integrated with these open standards we’ve been talking about what was mentioned by Microsoft are also part of business our company. And it’s really about how can we establish a market that truly allows for competition. So, we actually see these effects of prices going down, better utility coming from these different attribution sources, these kinds of things.
Andrea Servida (Head of Unit Digital Identity, European Commission) 00:54:13
I think that in a way that a could be considered as the sandbox approach. Actually. the what the commission is promoting is this type of approach. And we have done in the past a pilot with mobile because AI does is indeed provided the framework and leverage is what is there. You know, I’m from a country where identity is normally provided by the private, by public sector. You know I have an identity card since I am 16 and electronic identities also there of what was notified under the others was the private sector scheme as in the UK. Why? Because there is a business there. If this is recognized by members in the context of what can be enforced as credential to prove the identity up to the point of person verification of the whole, the legitimate older of these credentials, then of course this becomes an asset for whoever is going to transact.
Andrea Servida (Head of Unit Digital Identity, European Commission): 00:55:09
Either the user who may pay some fees or the recipients. You know, if I have to, I would say manage a data to prove the identity of my prospective clients in the digital. I have to go via quite a demanding process. If I do it without relying on a trust and core that my may leverage for that purpose. I need to get, you know, a copy of document which I have to maintain. I have to make them secure to make them available, blah blah blah blah. I could indeed have to take in the risk management framework. Other measures including you know, if I show up to a bank to get my identity plus you know, invoices or what all these data they have to be maintained up to actualize if needed and all the rest of it. If the digital identity is actually to be becomes transactional in the sense that can be relied upon as it is under the orders.
Andrea Servida (Head of Unit Digital Identity, European Commission): 00:56:03
Then of course, I mean the business model emerge but the member States you should make the effort as some member States have done to open up this opportunity for the private sector to provision and to rely upon what is going to be somehow made rec recognize that an enforceable cross border. That is the first point. The second point, the second hospital, related to that quote to your question is that when I have the trusting core that is enforceable, then of course anything else that I need to transect is really what is fit matching the need to know principal. Do I need to prove a it was made set before you know the time above a certain age. Yes sir. If that yes is an assertion which can be enforced associated and the entity that is distinguishable than the relying party. Just get the yes have a stamp or whatever.
Andrea Servida (Head of Unit Digital Identity, European Commission): 00:56:56
Much easier for the relying party to discharge or the obligation under whatever regulation the sector specific the GDPR because he has a yes and perhaps some of the say cross board that identifier which is persistent according to the other. So there is plenty of opportunities to send digital identity anchor to recognize that enforceable electronic identity as the transformative element to change the way in which we do engage in, in the digital for sake of, you know, being given more protected. The visa VI what we may or may not like to be doing yourself or delegating somebody else to do for that for us. Yes.
Andreas Ebert (Regional Technology Officer, EU Microsoft):00:57:38
I’d like to add on what Andrea has said on the EEI, this kind of architecture, the way how I see it as a technology’s person is based, maybe it’s a surprising kind of statement. I do think that Europe has one of the most advanced interoperability frameworks. The European interoperability framework is a four layered modeling case. I haven’t looked into this one where you have four layers of interoperability, technical interoperability, semantic interoperability, organizational interoperability, and the fourth layer is legally interoperability and there might be a fifth one which is not in the document, which is human interoperability. So if two people don’t want to work together, no technology will make it happen. So the four layers are to be spread between the different things. The way how I see them, maybe Andrea would see it differently that EEI does, is focusing on the semantic layer and deleting interoperability thing.
Andreas Ebert (Regional Technology Officer, EU Microsoft):00:58:27
Because no technology will make it happen to the government agency or, or a civil servant has to accept the certificate improve and stuff like that. That has to be done at the legal interoperability layer. And new technology typically develops much faster versus evolutional legal interoperability because societal norms are moving slower typically than technical innovation. So the way how I see this in the interrelated kind of layers is that semantic layer and legal interoperability, these, the EEI, this kind of core competence and focus and framework and the block chain slash identity is rather focusing on the technically slash organizational layer, how to create basically technical protocols that people can trust, how to basically treat business process that is actually executable from usability perspective like that. And so, this intersection between the four layers is the way how I see this interaction between new technology and the core competence of governance thing. This is the way how our society should work.
Ashley Fox (MEP Economic Affairs & Technology Committee, European Parliament):00:59:22
If I can just pop in here quickly. A few years ago, the competition and markets or authority in the United Kingdom got the biggest banks together on their open banking working group and they got them to design a standardize interface and that was the industry deciding what those standards would be and that will be the basis of open banking in the future. That’s the basis of PSD too. So I’d hope that industry could work together and they can design the standards. That’s certainly my preferred option.
Nicole Sandler (VP FinTech and RegTech, EMEA Barclays):00:59:59
Thank you. I just wanted to touch back on the sandbox point that was made earlier that the commission would like to see member States. I don’t want to paraphrase, but I’m using this tool much more than they do at the moment. If in Europe the sandbox isn’t that prevalent, it’s used a lot more in other jurisdictions. I like to go one step further than talking about sandboxes within the member States because whilst I am a keen advocate for that, I think a lot of innovation happens outside of Europe. You know you need to look to APAC, you look to the US you actually look to the middle East and you see what’s going on there and in order to progress you need to look at where the best practices are and it may not be that the best practices are always within Europe. I think open banking has been an excellent initiative in terms of data frameworks.
Nicole Sandler (VP FinTech and RegTech, EMEA Barclays):01:00:42
The EU has been very forward thinking in terms of sandbox is less though. So when I think about what I would like to see from a sandbox or not even just the sandbox in innovation hub, I was absolutely delighted when the global financial innovation network was launched. When I saw the first consultation come out saying we’d like regulators from across different jurisdictions to get together because we want to sit down and talk and discuss what the issues are, what the policies should be. Because innovation is a problem across multiple jurisdictions. It’s not something that’s just based off in the UK or based in Spain or based just within the EU that that’s not how it works. And my, my parents moved from South Africa to England about 40 years ago getting a bank account and an internet bank account. Very, very tricky. Is it easier now?
Nicole Sandler (VP FinTech and RegTech, EMEA Barclays):01:01:31
No, it’s not. It’s still very difficult from someone from the U S to get a bank account in, in the UK. That’s an international problem. So for me, what I would absolutely love to see is for some of the member States within the EU to get involved in the global financial innovation network, you don’t want to do the sandbox part. Whilst I, to be honest, I don’t understand why you should be involved from an educational perspective to speak to other regulators, whether it’s math, whether it’s aged care, may whether it’s someone in the middle East, Abu Dhabi or Dubai. Because then you’re going to either sit there and say, well, I don’t agree with this and actually the way we’re doing it as better and you’re educating them. If I’m going to be quite honest, it’s probably going to be the other way round in a number of instances where you’re going to have someone from Singapore tell you what they’re doing in the DLT space and why that would you in the EU because yes, it’s great to have competition but it’s great also to collaborate and it’s great to look outside of the EU at the other jurisdictions which will actually help you get better.
Nicole Sandler (VP FinTech and RegTech, EMEA Barclays):01:02:30
So that that was just the point I wanted to add on the sandbox because it’s not just about in the member States or just a phenom in Europe. It’s looking outwards as well.
Andreas Ebert (Regional Technology Officer, EU Microsoft):01:02:43
Just adding one more thing because it has been mentioned, the kind of inspiration that new concepts developed in Europe should be global lighthouse kinds of things and GDPR is one of those kinds of, let’s say developments for Europe is really leading from a kind of breads of thinking how person data should be protected in a way and they want to share one data point, which I found particularly interesting the way how we implement GDPR. Is it globally consistent across our global services interface. We don’t have a European version of our products on productivity office, whatever the title, the name is and the U S version or an Asian version. We have one version. And so what we did was given that as a kind of industrialization of it, they can measure how many people are asking for data, exes on getting information about their own data being stored in a service. So in the first six months, 5 million people executed their rights given by the GDPR to look into kind of data access. But most of the 5 million people are from outside Europe. So the country is the highest number of people benefiting from the developments in Europe. Very in us, 2 million people. The second one was Japan and to certain almost Germany anyway. And so, it’s really visible globally that the standard standards set by Europe are used by humans and people on the planet.
Andreas Constantinidies (Senior Director, APCO Worldwide):01:04:02
Thank you, Andrea. So I saw a couple of hands on this over there. Yup.
Speaker 1: 01:04:07
Hi, I’m David with Bitcom, the German digital association. We’ve touched obviously on like how to create an interoperable identities solution and it’s all very exciting and something that we’re all so excited to, to support. But in, in Germany, we fight much more basic, ancient battles. You could say for example, just last week the, the federal minister for the chancellery at one of our conferences estimated that in Germany they’re still at 1,800 paper form requirements in German law. So even if we create the best solution of particular identity on the blockchain or online and take control over the data back to back to the individuals, they might not actually be able to use that identity a whole lot because of the way that that paper form is still embedded in national laws. Offices is different from country to country. Germany’s an extreme case. Other countries like Estonia basically do not have those requirements anymore. But is there something that, that you think and goes to everyone, I think that you think the, the European level could do to, to facilitate the transformation back from the paper-based administration to the digital administration?
Andrea Servida (Head of Unit Digital Identity, European Commission): 01:05:18
The primary responsibility and salary responsibility to intervene in that area is all the member States. So, and the way in which I would say we have been conducting, I would say [inaudible] or [inaudible], the way in which or the policy has been shaped up through the last 10 12 years is about engaging the members to 18 building upon those are good experiences that could, I would say projects which are the at the European level will drive the digital transformation cross border but also at the national level in these respects. I can, I can tell you that, you know, and I’m very pleased to say that on the 21st of November, the regulations seeing digital gateway was published on the official journal that contains in article 14 the first ever cross border instantiation of provision or one solid principle related to the 2122 procedures which are there. This means that the, of course the ones are the principle, which means that the postal given the possibility to citizen and companies to consent for data to be fetched, aware the data are already stored, provided that of course they are available in digital forms is actually there.
Andrea Servida (Head of Unit Digital Identity, European Commission): 01:06:41
But you know, that is already something that gave us a first a clear message that there’s, there is nothing that is indeed of the say making things complicated more than I would say preexisting to the digital transformation. Digital transformation is to make life easier to our safe for our citizens, for our businesses and it can be managed. But in order to be managed in particular, when you go to public sector, you have to have the trust and core. That is the way in which I can digitally be reassured that the person, whether it’s a nature person, a legal person, because it does cover both. The person that is acting digitally towards my administration is actually associated to towards an identity that has been verified proof and on which I can rely. Because there is a framework that allows me to do it.
Andrea Servida (Head of Unit Digital Identity, European Commission): 01:07:36
It seems very liter, but certainly the more this will become the practice, the easier indeed will be also for I would say countries that I have been a bit of a say like less digital in the past to see that is doable not just for sake of the citizen but to make their cities and to benefit from what the scale. So, Europe is going to offer to them as a person, as entrepreneurs, as business has a consumer because that is where it boils down to. So, we are driving this wave, you know the others we have the one solely principal with the action plans with other legislation.
Andrea Servida (Head of Unit Digital Identity, European Commission): 01:08:16
I mean global dementia was alluded to the financial action task force which is about anti money laundering is now tailored to what the Europe will be anti-money laundering number three we are number five. The digital has been now pushed there and we are paving the way. There has been taken as a reference for sake of making it possible for business to leverage this. We are working the UNC trial level to make digital trust services and the digital identity to be recognized in the trade, that dimension business to business. Once it’s there, then of course you can make the federating approach or to become the practice and these will have a repercussion also at the national level because I mean you can be digital for border. You are not easy to national because I mean expectation are created to push also governing to act more quickly and it’s not just Germany unfortunately.
Andreas Ebert (Regional Technology Officer, EU Microsoft):01:09:12
I do think there’s a couple of preconditions which are helping to accelerate this kind of thing. I’m very proud as an Austrian and European citizen that our countries started to get very deep into the kind of foundational things, addressing the cultural sentiment kind of seeing and the foundational stuff. So we changed the constitution for two things for accelerate e-government services. Number one, the concept of original fundamentally changed from a paper based original, ultimately proof of ownership, proof of truth in court, and the digital representation to believe used to simplify business processes to the reverse order saying the digital copies, the original ultimately holding court and you get the paper copy for human readability kind of thing. So, this foundation seeing accelerated significantly the uptake of digital services in government, but also the culture of identity.
Andreas Ebert (Regional Technology Officer, EU Microsoft):01:10:10
We have sectorial identify, which is the second thing which I’m very proud about in my country that we say, how do we balance properly the power of identity but also the risk using digital identities. And so we have what is called a sectary that identifies that every single ministry has a different slice of your identity and to need a court order to recombine it back to basically do something between cross ministries kind of thing. So, this is something every country has to address the kind of cultural resistance to accelerate the uptick of technology.
Carsten Stocker (CEO/Founder Spherity):01:10:46
And so, it’s sought in Germany, I think. Yeah. I think people are aware of this. It’s probably not on the highest part of the political agenda I would say. So we have as, as a provinces political agenda. And maybe I would like to maybe go back to this industry for zero. One because this is high on the agenda and at least I think the German industry is pushing to get them digital identity systems into this entity. That’s a good news. In addition, I want to say, so it’s about identity. It’s not, let’s say we need to have a shit load of blockchain in expensive blockchain infrastructure in place. I think we only need a bit of, let’s say a blockchain, immutable blockchain storage in place to store an immutable pool to anchor a verifiable claim and it’s not so, so expensive. In addition, there are lot of cryptographic methods that are there.
Carsten Stocker (CEO/Founder Spherity):01:11:40
There are a lot of kinds of research researchers going on and industrial players are kind of jumping on the bandwagon to use cryptographic data structure to pull something off chain to anchor poof on chain and to really drive scalability because with this kind of things the, our scalability is possible. It’s possible in industry Fazio sector, but then it’s also possible for humans as well because they have less protections. And last thing, what’s also kind of an aspect, let’s say at least in the industry in Germany, so we have GDPR for humans and especially when I have machines and some machines are doing economic transactions because they have their wallet and do some transactions. So the machines are also vulnerable to be exploited by another machine kind of sets, kind of, let’s say I’m trying to get a hold of data to do some of this leak data and for that, for that reason, there’s also this concept, it’s now suddenly a little bit bottom up, discuss GDPR for machines to protect the machines and the agents when they engage in commercial or some others. Then the two transactions that also have that say a privacy preserving identity infrastructure and yeah, that’s a good thing. And a lot of engineering still has to be done.
Speaker 2: 01:13:02
So, my name is Paula [inaudible] from Portugal. I was involved in the EE identity process for stork back in the days. So I remember the challenge back then when, well we have this model of funding so that we can create the infrastructure and then we treat, we try to allure business partners into the process so that they can be part of the sustainability model. So I fully agree with Mr. Ashley when they say we shouldn’t push on the taxpayer, we should have the business to pay for, for the benefit of having a certified attributes. That is one way of doing things and this discussion as diverging a little bit from, from blockchain itself. And I would like to reframe it in terms of blockchain in a sense that blockchain is kind of a sum of three different key features, which is distributed systems, which is token economics and its cybersecurity or cryptographic.
Speaker 2: 01:14:01
And I would like to, to focus on the token economics of it because if we look into the example of Bitcoin that started this whole conversation more than 10 years, the beauty of the, of the academic processes, the token economics is the alignment of incentives of the, the participants in this model. So the system is self-sustainable, which is totally different. But from what we’re discussing here, we’re discussing a top down approach where we funded, when we try to engage and from an, from an approach of alignment of incentives, you simply create the framework or the legal framework and then the system by itself is sustainable. So, my question to the panel is, if is foreseen in this discussion around identity to work upon the alignment of incentives, of finding some framework to have a token economic coupled with the identity process.
Andreas Constantinidies (Senior Director, APCO Worldwide):01:14:58
Thank you. Any takers?
Carsten Stocker (CEO/Founder Spherity):01:15:02
So, I can ask this from the tanker perspective. So, couple of people are looking into crypto economic incentive models that people put infrastructure in place. So is Bitcoin problem being you just burn NRG for kind of doing this hashing and I think so when you look into the basic needs of identity, it’s key management and to be able to do privacy preserving transactions. And so a couple of technologies such as multi-party computation and that’s that leads vision. We have to combine multi-party computation was a crypto economic incentive model that people puts a technology in place, a privacy preserving technology in place that yeah the citizen can kind of use it for their identity transactions for the digital twins, digital niece, whatever. They have that to kind of let’s a little bit of a technology push that we are doing provide incentives to put privacy preserving technology in place. Exactly the essence of Bitcoin example but not for cryptocurrency primarily for an identity system.
Luc D’Hauwe (Global Solutions Consultant, VMware):01:16:07
I will add one comment. I think if you expect that out of the government, you put like a, a blockchain with identity in there and you expect industry to, to fund that. It’s my B turn out in the other way because what you will see is that industry, if they have a use case, they will spry applied, having implemented own ID and then funded because they use it, they have a business use of it. So be prepared to accept that there exists different ideas. If I look to my personally Belgium citizen and Europe, so I will have an idea in Europe, but I’m working for an American company. We’d be very surprised that American company, if they using the ID that will be based on a European, a model or a rules. So they never have to do European ones. I’m a driving instructor.
Luc D’Hauwe (Global Solutions Consultant, VMware): 01:17:04
Next year they will start all trainings, tests that we do, must be electronically note. So I will have there also an ID. It’s not linked to my electronic ID of the government. So you will have, people will have maybe dozens of different ideas and I think you should need to be prepared to cooperate that and to link them together. I don’t believe there is will be one idea. I said it in the beginning. It’s not like buy a passport that I put in the blockchain. If you tried to do to that, I don’t think it will succeed. You will look into synergies and then use cases and in the beginning it will be learning and maybe a, sometimes it will fail and you build on that. But if you think that you will have an overall with all ideas and everybody using that personally, I don’t believe in that.
Andreas Ebert (Regional Technology Officer, EU Microsoft):01:18:00
Super, super quick comment on this one. You mentioned the kind of, let’s say, what is holding us back to uptake a, this kind of thing. A couple of quick comments on this one to be had this European experience that grid computing was funded out of public money, but it didn’t create the new economic models when the public funding stopped. The model didn’t survive. Child was a kind of, let’s say tech, the same thing but a different economic model behind it. AI’s and I’s example for blockchain. So in the last 12 months, I don’t know if people paid attention this one, the cost of AI models went down by a factor of 500 because hardware, software, algorithms, data availability or these things created network effects. In this one we see the very same in the blockchain domain as well because you can run blockchain your own server, you could go to the cloud in, in virtual machines, but we can use it on micropayments with serverless infrastructure as well. So each one has orders of magnitude better efficiency. So the objective of have innovation diffusion is to keep the cost of failure down. Did people have safe ground that kind of sent box and economic sense folks to test out new innovations to find the proper business model bottom up because top down it might be the wrong guidance getting top down in a way, but there’s a lot of network effects happening underneath. Thank you.
Andreas Constantinidies (Senior Director, APCO Worldwide):01:19:20
Mr. Fox, any closing remarks?
Ashley Fox (MEP Economic Affairs & Technology Committee, European Parliament):01:19:25
I was very glad he agreed with me.