Open Thinkering

Menu

Month: August 2024

Digital Credentials: why context matters

Posted on by Doug Belshaw
A glass greenhouse reflecting a sunset, surrounded by dense greenery and tall trees.

This post was prompted by attending another excellent AMA session with the Digital Credentials Consortium (DCC) yesterday. The discussion raised a recurring issue in the world of digital credentials: unrealistic expectations. People often expect too much and too little from these technologies, leading (I would argue) to both over-ambitious and underwhelming demands.

Overly ambitious expectations

There are many people, who seem to want digital credentials, such as Verifiable Credentials (VCs), to be universally applicable, solving every conceivable use case across different contexts. This mindset is what led to brief craze for blockchain-based credentials, where similar expectations were placed on distributed ledgers to ‘revolutionise’ various industries. A common desire is for these credentials to be “soul-bound,” linking them irrevocably to an individual’s biometric data. While this might sound like an ideal solution for ensuring security and authenticity, it introduces really quite significant privacy concerns. Tying credentials to biometric details could lead to a scenario where every interaction or transaction becomes a potential privacy risk.

This expectation fails to account for the importance of context in the use of credentials. Even the most critical credentials, such as passports, are context-dependent. Passports are used in specific scenarios—usually, crossing borders—where the context dictates the level of scrutiny and the type of verification required. Translating this into the digital world without considering the context creates unnecessary complexity and risks. Most things are not as critical as passports, so using them as a benchmark doesn’t make much sense.

The importance of context

Credentials are most valuable when they are context-specific. For example, Kerri Lemoie, Director of the DCC, uses the example of proving that you’re of legal drinking age. In this case, it’s unnecessary to disclose your exact birthdate; all that matters is whether you meet the age requirement. This selective disclosure is important, particularly for marginalised communities, such as transgender individuals or refugees, who may need to prove their eligibility or identity without revealing other, potentially sensitive, information.

The challenge here lies in creating digital credentials that respect context while providing the necessary information. It’s not just about what the credential says, but how, when, and where it is used. By designing credentials that allow for selective disclosure, we can protect privacy while ensuring that the credential fulfils its intended purpose.

The evolving nature of digital credentials

Traditional, offline credentials are static: once issued, they don’t change. In contrast, digital credentials offer the potential for evolution. They can be updated, linked to other digital artefacts, and grow in value over time as they gain endorsements or additional evidence.

This dynamism, however, places an unfair burden on credential holders. Employers, for instance, often expect to sift through hundreds or thousands of applications, using credentials as a filtering tool. This approach treats credentials as mere checkboxes, ignoring their potential richness and depth. Instead, there should be a shift towards recognising ‘benchmark’ credentials that indicate a candidate has met the minimum requirements, with further scrutiny placed on unique qualifications or endorsements that set them apart.

Credentials have traditionally been seen as part of wider ‘eportfolios’ but there is less understanding that, these days, credentials can be mini-eportfolios in and of themselves.

The relational aspect of credentials

At their core, all credentials are relational. They represent an attestation from one party to another—a way of saying, “This person did this thing” or “We vouch for this individual.” This relational nature is fundamental to their function, yet it’s often overlooked when people are talking about digital credentials.

The relational aspect becomes even more critical in the digital space. For instance, the concept of ‘trust registries,’ such as the one established by MIT, allows for the verification of credentials without needing to expose the underlying data. Tools like VerifierPlus enable this process, providing a way to check the validity of a credential quickly and efficiently. This is not unlike scanning a passport at a border crossing—simple, effective, and crucial for maintaining trust.

Privacy and security considerations

As digital credentials evolve, privacy concerns should remain at the forefront. It’s critical that credential holders have control over what information they share, and with whom. The current specification for Verifiable Credentials allows for this selective disclosure, but the user experience is still catching up. Some situations may require nothing more than proving control over a credential, while others may necessitate revealing a name or even providing biometric proof.

The key is flexibility. By designing systems that allow for a range of disclosures depending on the context, we can protect privacy while ensuring that credentials remain functional and trustworthy. This requires thoughtful UX design, as the technology must be intuitive and accessible to all users, not just those with technical expertise (as is the case currently).

Conclusion

Digital credentials hold immense potential, but this potential is only realised when we manage expectations, maintain context, and prioritise privacy. By recognising the relational nature of credentials and shifting some of the burden away from credential holders, we can create a more balanced, effective system that respects both individual rights and societal needs.

As we move forward, it’s crucial to keep these considerations in mind, ensuring that digital credentials are not just technically sound, but also socially responsible and practical in their application.

Image: Matej Spulak

Weeknote 33/2024

Posted on by Doug Belshaw
Black and white photo of Durham cathedral

My wife and I are currently away to celebrate our wedding anniversary. While the actual date isn’t for a couple of weeks, logistics at the start of the school year dictates that it’s now or never. We haven’t gone far; we’ve left our eldest home alone, while our youngest is staying over with my parents.

The weather has started to feel autumnal this week, which is no great surprise, I suppose, given that we’re at the back end of August. We’re entering one of my favourite times of the year to go camping — although for various reasons (moving house, the weather, logistics) I didn’t go last year. I almost snuck out on Friday night, but it was ridiculously windy.

I published a fair amount this week. Here, it was all related to my Systems Thinking module TB871:

Over at the WAO blog I also published the first post in a three-part series of An Introduction to Systems Thinking. Meanwhile, at Thought Shrapnel, I released the following onto an unsuspecting public:

On the work front, we continued work on the JFF and IRC project around user research and evaluation of the latter’s Job Readiness Credential. I’ve mentioned this a few times, and so regular readers might be wondering what it looks like (click to enlarge):

Screenshot of 'Job Readiness Training for New Americans' credential

We didn’t have a hand in designing the credential, and so there are some things which are coming out of the research with IRC staff, clients, and employers, that we expected — but also some things that we didn’t. As I always say: badges and credentials are a ‘trojan horse’ for organisational change and better-serving your audience.

We’ve been responding to some tenders this week, in one case organising a call for potential consortium partners. This went really well and, even if we don’t get that particular bit of work, it’s good to build relationships for the future. I also had an interview right after a migraine with Friends of the Earth about a potential ‘Greening AI’ research project. We should hear back about that last week.

One bit of work which is going ahead involves helping Skills Development Scotland for a few days as they think through how they might be able to use Verifiable Credentials with My World of Work. Hopefully that will lead to a longer engagement, as it’s a great use case.

Although we didn’t go to Colorado for The Badge Summit this year as we have in previous years, Anne did submit an updated version of her talk about how Open Recognition is a feminist practice to the Virtual Badge Summit. It’s well worth a watch.

Other than that, I’ve been sending my sister congratulations on her birthday, taking my son to work and my daughter to the opticians, running (~30km this week). I published my weeknote too early last week to mention that my son scored on his debut for his new football team, a brave header from a corner. As a defensive midfielder, he doesn’t score many, so it’s nice for him to have grabbed one.

I’ve got my next MSc assignment due in a couple of weeks’ time so I need to knuckle down for that. I haven’t treated this module the same as my previous one, taking the provided activities more as ‘suggestions’ than things I have to do. I’m still not sure what to do r.e. study after these two foundational modules, as I’m not keen to be studying over Christmas again. We’ll see.

Next week, it’s Bank Holiday Monday tomorrow and so a shorter working week. Our two teenagers start back at school halfway through the week after next, with my daughter starting high school, and my son going into his final-ever year of school. He’s currently thinking about Geography at university, but that may change.

Photo of Durham cathedral taken by me earlier today

TB871: Miscellaneous CSH stuff

Posted on by Doug Belshaw

Note: this is a post reflecting on one of the modules of my MSc in Systems Thinking in Practice. You can see all of the related posts in this category

This post is unashamedly a dumping ground for useful stuff from the TB871 Block 6 Tools Stream about Critical Systems Heuristics (CSH) that I might want to come back and reference at some point — potentially in an upcoming assignment.

But then [a systems thinking practitioner], when he becomes very serious about his own models, in which ‘all’ of the objectives are represented and a ‘proper’ compromise is created, is also deceived. In the straight-faced seriousness of his approach, he forgets many things: basic human values and his own inability really to understand all aspects of the system, and especially its politics.

(Churchman, 1968, p. 227, quoted in The Open University, 2020a)

Diagram showing the different parts of a CSH reference system
Increasingly detailed constituents of a critical systems heuristics reference system (The Open University, 2020b)
Cartoon showing a car going sideways compared to the rest of the traffic flow. An older man in the passenger seat is sitting next to a younger man at the steering wheel, and saying "Stop telling me how well you did on the written"
(The Open University, 2020c)
Boundary critique as boundary reflection (understanding interrelationships) and boundary discourse (engaging with multiple perspectives)
(The Open University, 2020d)

References

css.php