Data wants to move.
In isolation, data is of limited use. In raw form, data is a useless blurb of one’s and zero’s. The goal is to maximise data movement to minimise friction, or at least so the saying goes. Yet maximising data movement is also paired with growing risks. Maintaining data quality, for one. Additionally, increased data volume means a larger attack surface. Next to quality and security, data privacy is third concern. In this article, we will explore what the movement of data has to do with the movement of people and things in the mobility sector.
For people to move, identity is the first step. Passports are gateways to border checks. Reputation drives Uber pick-up time. Authorisation unlocks assets, such as shared bike schemes. Physical movement is increasingly linked to digital verification processes. Businesses ask: How do we know this person or entity is who they claim to be? Can we complete transactions with this person? To verify the identity of a person, businesses currently need to maintain many relationships, relying more and more on large amounts of data from multiple sources to reliably and seamlessly authenticate individuals, causing fragmentation, duplication and greater security risks.
The duplicated costs of collecting, storing and protecting data in parallel to the liability associated with holding such data runs into the many millions and billions. Reading about a new privacy scandal almost every day, people have started to wonder: What do they need to know about me? How do I know they will not misuse my information?
For things to move, especially connected assets, identification is again critical. Does the sensor or vehicle in question broadcast high-quality data? Which sensors are allowed to share data? What level of authorisation is required, for example, to open the boot of a car? Estimates predict that there will be over 22 billion IoT devices by 2025. Striving to answer such emerging questions at speed, the mobility sector has become plagued with a patchwork of identity solutions.
Yet these solutions do not translate across use cases. Actually, these “solutions” are in fact siloed identification mechanisms, which little regard for data provenance, security, or privacy. However, these forgotten criteria have clear commercial drivers: Data provenance directly influences decision quality, security breaches are reflected in reputation, fines and recovery, and, finally, European GDPR legislation is hinting that data privacy is becoming the new default.
Let’s zoom out. What we are really asking is: (1) what are the claims about this person or thing, (2) who backs up these attestations, and (3) how much trust do we place in this verification? In blockchain lexicon, we call this question tree “verifiable claims”. For example, imagine the Driver and Vehicle Licensing Agency (DVLA) verifying driver license claims or passport authorities verifying traveller attributes. Some of the benefits of decentralised verifiable claims include that (1) a claim only needs to be verified once, (2) claims can grow more robust via multiple verifiers, (3) the nexus of these claims becomes portable, and (4) if claims can be precisely verified they can be precisely used. Check-marks for data provenance, security and privacy.
A digital world needs a digital form identity. For such a solution to work, interoperability is key. Acknowledging that interoperable identity is the key to such new data ecosystems, the Mobility Open Blockchain Initiative (MOBI) consortium collaborated on a standard for vehicle identity, starting with a “vehicle birth certificate”. Eventually, the mobility sector will need many such standards, for people and for things, to truly leverage the promise data movement.
The automotive and wider mobility industry faces a test of character. Having benefited from mostly sitting on the sidelines as web giants such as Facebook and Google debated data ethics with regulators, there is an opportunity for the industry to take a different turn. To design a data framework that respects data flow from assets as much as the people using them. To deploy frictionless, privacy-conform data sharing fit for the 21st century. Time will tell if they steer in the right direction.
Make sure to order Arwen’s new book: Identity Reboot, which examines how the break-down of personal data privacy is being exploited from profit and power perspectives, arguing that human behaviour is being devalued to an optimisation game, and that we are providing the data that will be optimised for.