Sunday, 13 August 2017

POST Estonia is a real place

My little corner of the internet seems awash with tales of a mythical utopia that goes by the name of Estonia. I’ve been hearing about digital identity in Estonia more and more. At meetings and conferences, on Twitter and in conversation, I hear people talking about the Estonian national identity scheme that uses a blockchain. The Harvard Business Review, for example, tells us that “since 2007 Estonia has been operating a universal national digital identity scheme using blockchain."

I’m not sure if some of the people talking about this on Twitter know that Estonia is actually real place and some of us have been there. The Estonian national digital identity scheme is a real thing. It launched in 2002. A decade ago a colleague at Consult Hyperion, Margaret Ford, interviewed Mart Parve from the Estonian “Look@World” Foundation in the long standing “Tomorrow’s Transactions” podcast series (available here). Mart was responsible for using the smart ID service (both online and offline) to help Estonia develop its e-society. If you listen carefully to them talking, you will notice that they never mention the blockchain, which is unsurprising since Satoshi’s Nakamoto’s paper on the subject was not published until more than a year later, in October 2008.

The strangeness of the obsession with Estonia in blockchain circles began to obsess me after I was invited along to a blockchain breakfast (seriously) at the House of Lords last year. The invitation came because I had been asked to contribute to the Parliamentary Office of Science and Technology (POST) work on shared ledger technologies (SLTs). In this Government Office for Science report on “Distributed Ledger Technology: beyond blockchain” Sir Mark focused on a particular kind of distributed ledger, the Bitcoin blockchain, and attempted to explain it to the general reader and then explore some of the potential uses.

<p >Personally, I found the report slightly confusing because it was jumping between ledgers, blockchains, the bitcoin blockchain and bitcoin almost on a paragraph by paragraph basis. I realise that I read the document from a very technical perspective and that I may see some of these things therefore in the wrong context, but I prefer Richard Brown’s term “shared ledger technology” as a starting point because I feel that the fact that multiple organisations share the ledger is more important than its architecture. I think the report might have benefited from some more description of shared ledgers, and the reasons why Moore’s Law and falling communications costs have made the core idea of everyone storing every transaction a plausible architecture. Here’s the way that my colleagues at Consult Hyperion and I started to think about the ledger a couple of years ago, the "4Cs" model that has worked rather well.

Consensus Computer Model

I prefer to use this layered approach to explain the key components of a shared ledger and then develop ideas around different choices in those layers. Different choices in consensus technology, for example, lead to a variety of different possibilities for implementing a shared ledger. In order to help categorise these possibilities, and narrow them down to make useful discussions between the strategists and technologists, I use the taxonomy that Consult Hyperion developed to distinguish between different kinds of public and private ledgers. Rather flatteringly, Sir Mark used a simplified version of the this model on page 19 of his report. When the report came out I said that it might be considered reckless to disagree with the Chief Scientific Adviser, but I just did not (and do not) see cryptocurrency as a sensible government option for digital currency. Sir Mark said that permissioned ledgers (i.e., not the Bitcoin blockchain) are appealing for government applications and I’m sure he was right about this, although I remain sceptical about some of the suggested government uses that are based on costs or efficiency. I think that his suggestions around applications that focus on transparency are the more interesting areas to explore in the short term and they would be my focus if I were looking to start exploratory or pilot projects in the field. I share the Open Data Institute’s view on this:

We agree that blockchains could be used to build confidence in government services, through public auditability, and could also be used for widely distributed data collection and publishing, such as supply chain information.

[From Comment: Blockchain technology is useful, but not for everything | Open Data Institute]

Anyway putting my nerdy criticisms to one side, Sir Mark’s conclusions (which were essentially that the technology is worth exploring in government contexts) were surely correct. At the breakfast, Sir Mark said that the goal of the POST reports is to demystify technology for policy makers although I have to report that in his closing remarks he said that we had not been entirely successful in this enterprise and I fully concur with his opinion. After a while, the discussion moved on to the Estonian electronic identity system. I expressed some scepticism as to whether the Estonian electronic identity system was on a blockchain. The conversation continued. Then to my shame I lost it and began babbling “it’s not a blockchain” until the chairman, in an appropriate and gentlemanly manner, told me to shut up.

House of Blockchain

When it came time for my contribution, by the way, I said that it wasn’t at all clear to me that it was accurate to describe Bitcoin as a decentralised system since almost all of the hashing power resides with a very small number of unaccountable mining pools based in China but, more importantly that

  1. It seems to me that many of the efforts to move shared ledgers into the marketplace have concentrated on shaping shared ledgers to emulate existing solutions in the hope that SLTs will be faster, higher or stronger. These are all unproven assertions. It is possible that a shared ledger replacement for RTGS might be cheaper, or more resilient or more functional that the currency centralised solution, but who knows?

  2. The transparency of the shared ledger, the aspect that most doesn’t work for current solutions in current markets, may well turn out to be the most important characteristic because it allows for ambient accountability and therefore opens up the potential for new kinds of markets that are far less costly and complex to regulate, manage, inspect and audit. This is the “shared ledger as regtech not fintech meme” that I am rather fond of.

  3. Just as the invention of double-entry bookkeeping allowed for the creation of new kinds of enterprise, so it seems to me that the shared ledger will similarly lead to new kinds of enterprise that use the shared ledger application (the SLAPP) as the engine of progress and the focus of innovation. I assume that there are kids in basements experimenting with SLAPPs right now and that this is where the breakthrough use case will come from. As I some time ago in a discussion about shared ledgers for land registry, turning the ledger into a platform may be the most important reason for shifting to this implementation.

Anyway. My point is that the Estonian ID scheme, launched in 2002, has nothing to do with distributed ledgers or blockchains or any similar technology. As it happens, a some time after my breakfast with their lordships, I had another breakfast, this time with the new CIO of Estonia, Siim Sikkut

sikkut17 

I asked him where this “Estonian blockchain ID” myth came from, since I find it absolutely baffling that this urban legend has obtained such traction.  He said that it might be something to do with people misunderstanding the use of hashes to protect the integrity of data in the Estonian system. Aha! Then I remembered something… More than decade ago I edited the book “Digital Identity Management” and Taarvi Martens (one of the architects of the Estonian scheme) was kind enough submit a case study for it. Here is an extract from that very case study:

Long-time validity of these [digitally-signed] documents is secured by logging of issued validity confirmations by the Validation Authority. This log is cryptographically secured by one-way hash-function and newspaper-publication to prevent back-dating and carefully backed up to preserve digital history of mankind.

Mystery solved! It looks as if the mention of the record of document hashes has triggered an inappropriate correlation amongst less technical observers and as Siim observed, it may indeed be the origin of the fake news about Estonia’s non-existent digital identity blockchain.

No comments:

Post a Comment