The internet has fundamentally transformed the environment in which governments operate in, from a generally static one with low information velocity, to a global, incredibly dynamic one with incredibly fast information exchange. With this comes a great increase in globalization; after all, the internet, is not bounded by country (generally, barring the Great Firewall, etc), so commerce and governance disseminate across the world. From our discussion, the themes that emerged suggested two possible end-game outcomes of increased digitization are either a very centralized, all-powerful government with full access to our information, and thereby our lives, contrasted with a completely decentralized world where nation-states have very little power, with even the concept of a country having little meaning. What’s crucial to understand is the internet is at its core agenda-agnostic, happy to enable both scenario 1 and scenario 2 all through a little protocol called TCP/IP.
While discussing the concept of government by API, a possibility allowing for streamlined development, innovation, and lower costs, an interesting issue that stood out to me was how we would deal with identities and authentication in such a paradigm. If access to government services occurs mainly through the internet, the ability to uniquely and securely identify citizens becomes a core part of the national infrastructure, for failing to do so ultimately results in an erosion of sovereignty and opens up pathways to fraud, at the same time leaving the legitimately needy stranded. The US has made very little progress on this front, with our means of identification typically reserved to Social Security numbers or drivers licenses. Both of these mechanisms have shaky foundations. Social Security numbers were never designed as identity numbers, and recent breaches like with Equifax essentially make SSNs semi-public information. So SSNs work as a unique identifier but not necessarily as an authenticator. Meanwhile drivers licenses, used as photo IDs at places like voting stations, come with their own challenges, namely that using them would exclude those who typically tend to be lower-income or minorities.
While the US has stalled on that front, other countries like India, with their Aadhaar program, have made broad-based efforts to create an digital identity system for the 21st century. I’ve actually received an Aadhaar ID myself, when visiting for a couple months. The process is painless, and involves simply showing up with a couple documents and getting a biometric scan. Privacy concerns are of course a concern in such a system, but by being very careful with what information is actually stored (the relevant hashes), the government is able to open up the doors for innovation atop the platform while minimizing losses should leakage occur. In the US, such a broad governmental collection of data would likely be politically infeasible, so we talked about private solutions possibly emerging. For example, Google and Facebook accounts already authenticate us to a variety of services, and comprise of a trove of information that essentially represents our digital life. At a certain inflection point, our Facebook IDs could become more relevant that our SSNs. The idea of private companies doing “public” services is increasingly common around the world. Take Sesame Credit, under the Alibaba family, which has become the de facto platform for credit ratings in China. This trend is not necessarily good or bad, but we must carefully consider the incentives that arise once a firm becomes a natural monopoly, and ensure that a private solution truly is the optimal one.
One thing’s for sure: in a post-Arab Spring, post-“fake news” world, the internet has shifted all prior assumptions of the relationship between the people and the state.