The US Department of Homeland Security’s (DHS) recent unveiling of a $1.7 million initiative to foster the development of digital wallets will raise eyebrows among privacy advocates. While DHS’s Science & Technology Directorate ostensibly presents this as the “Privacy Preserving Digital Credential Wallets & Verifiers” SVIP Topic Call, the devil will be in the details.
The plan is to use the system for “travel, immigration and citizenship status, employment, residency status and more.”
A look at the DHS’s announcement shows a particular emphasis on wallets that are compatible with World Wide Web Consortium’s (W3C) Verifiable Credential Data Model (VCDM) and W3C Decentralized Identifiers (DID) standards. On the surface, this may appear as a step toward standardization. However, this type of centralization could create a monoculture that will also speed up the move towards centralized digital IDs – which could be the entire plan.
Moreover, while the DHS claims to prioritize the portability and interoperability of these wallets, the question of who will wield the power and control over these centralized standards remains open to debate. The shadow of governmental overreach looms large, especially in an era where data is often considered more valuable than gold.
Melissa Oh, SVIP managing director, has lauded the initiative, stating, “Preserving the privacy of individuals as they use digital wallets to store their credentials is deeply important in ensuring the secure, confidential nature of their digital interactions in an increasingly interconnected world.”
But critics will retort that such platitudes do not adequately address the complex challenges of preserving privacy in an ever-evolving digital landscape.
DHS Chief Privacy Officer Mason Clutter’s remark that this investment is in the “building blocks” for privacy-preserving digital credentials, and portrays the department’s commitment to privacy as exemplary, raises questions.
Merely throwing money at technology is not a silver bullet for the multifaceted issue of privacy, especially when digital ID systems themselves are seen as ultimately antithetical to privacy.
The announcement made by DHS also includes the development of software-based verifier tools for mobile devices, designed to handle DHS credentials. This raises additional concerns about potential misuse and surveillance capabilities, particularly given the government’s involvement.
While the DHS’s $1.7 million initiative is being marketed as a pioneering step toward digital wallets, the critical perspectives warrant an even more rigorous scrutiny of its execution and implications. It is crucial to ensure that in our pursuit of technological advances, we do not inadvertently sacrifice the very privacy and security that we seek to protect.