Surveillance is digital

Analogous vaccination and passports are a thing of the past: this is the opinion of the organization ID2020 from New York. It is working on a transnational digital identity in which all the information about each individual is to flow together: proof of education and vaccination, financial status, accounts of networks such as Twitter or Facebook up to the data produced by the smartphone.

ID2020 supporters include Microsoft, the GAVI Vaccine Alliance, the Rockefeller Foundation, and the International Rescue Committee (IRC). Cooperation partners include the US government, the EU Commission and the UN refugee agency UNHCR.

Self-managed identity

Instead of papers, everyone should identify themselves with their faces, irises and fingerprints in the future, at least these are the plans of the high-tech companies and the ID2020 alliance. “Everyone should have the data themselves,” says Dakota Gruener, head of ID2020. We are also talking about the ‘self-sovereign identity’, the so-called self-governing identity.

The data is to be stored on a blockchain. A kind of digital accountbook that stores data encrypted on countless servers worldwide. ID2020 itself advertises its future scenarios to the public as an advanced project. It shares the “conviction that identity is a human right and that the individual must have “ownership” of his own identity”.

“One in seven people in the world cannot prove who they are; and is therefore largely excluded from health, school and banking,” says Gruener. In future, if a bank, landlord or border official requires details about a particular person, they can share the relevant information via a smartphone app.

Travelling without a passport

If you want to travel in the future, you should be able to do this with a digital passport. The “Known Traveller Digital Identity” (KTDI) project, which was presented for the first time at the World Economic Forum (WEF) 2018 in cooperation with the United States Department of Homeland Security, is also running under ID2020.

In future, KTDI will enable undocumented travel. For this purpose, travellers provide their biometric data and personal information such as already made trips abroad, the use of credit cards or the place of residence. “If this system is used for a certain period of time, past border crossings are also stored. And with that, of course, credibility increases because you can provide more validated data,” says Christoph Wolff, head of the KTDI project.

“When the traveler arrives and is able to identify himself through his biometrics, this information flows together in the background, and the traveler is rated as trustworthy in 99 percent of cases,” Wolff continues. He could thus cross the relevant checkpoint without being in the queue or being checked. A first pilot project to enable passport-free travel between Canada and the Netherlands will start in early 2021.

Projects are already underway

The first pilot projects to establish digital identities are already underway. In Bangladesh, ID2020 entered into a cooperation with the government in September 2019 together with the vaccination alliance GAVI. This provides for the use of vaccinations as an opportunity to establish digital identities. “In Bangladesh, only 20 percent of all children still receive a birth certificate; at the same time, however, almost all children are vaccinated against diseases,” says Gruener. This led ID2020 to the idea of linking the two things together.

“On the one hand, we are strengthening the vaccination system by introducing digital vaccination certificate; on the other hand, we are using the digitalization of the vaccination system to build a digital identity for children,” says Gruener. The pilot project in Bangladesh is just the beginning. The plans of ID2020 go much further. The alliance wants to introduce digital ID cards worldwide. The Corona vaccination could possibly serve as an accelerator. German journalist Thomas Kruchem told SRF news: “No paper that can be lost or forged. No, a digital biometric proof: the border agency’s camera or at the entrance to the football stadium detects on my face whether I’m vaccinated.”

These scenarios are consistent with what ID2020 partner Bill Gates announced this spring. Gates has argued that proof of corona vaccination must become a prerequisite for cross-border travel. It calls for a digital vaccination card on a biometric basis. So that cameras from border authorities can see on the face whether the person is vaccinated. The Bill and Melinda Gates Foundation also funded the GAVI Immunising Alliance, which is one of ID2020’s biggest supporters.

U.S. government has access to the data

What these visions of the tech giants and the ID2020 alliance could mean in concrete terms is likely to be the case in many horror scenarios. Citizens can emancipate themselves from their governments with digital passports. This can be particularly crucial for those citizens fleeing their country.

But they are all the more dependent on the US government for this. This is because the US security authorities have access to the data on servers of US companies, which are the lead in the creation of digital passports, by means of the so-called Cloud Act. They are the ones who control the centrally managed access esintocing identity data. The German business journalist Norbert Häring writes:

“Nothing will stop the U.S. government from ordering Microsoft or Amazon or any of the U.S. companies that determine the program’s blockchain architecture to read or block the data of individuals or companies, or to manipulate them in a way that renders those affected incapacitated.”

Data protection at risk

Privacy experts are also raising concerns about ID2020’s plans. Tom Fisher, privacy campaigner for Privacy International, sees digital passports as a major threat. “Completely hidden … the power gap in almost every identity check,” Fisher says. He considers it unrealistic for users to share information that they also want to share. “If my employer wants a document from me, a border guard or my landlord – then I can hardly say ‘no’.”

In addition, the plans of ID2020 are incompatible with the current EU General Data Protection Regulation. According to this, data may only be processed for specific purposes. The Regulation provides that personal data will be deleted as soon as the purpose of their collection ceases or data subjects withdraw their consent. On a blockchain, however, deletion is impossible, because all entries are based on each other.