Self-Sovereign Digital Identity: Humanistic AI against Digital Slavery

Posted bymichael33poulin Leave a comment on Self-Sovereign Digital Identity: Humanistic AI against Digital Slavery

No needs for UDI or DIPP for Human Society.

“Everything should be made as simple as possible, but not simpler.“

– Albert Einstein

In the era of total digitalisation, regardless of whether this endeavour is good or not for people and societies, the domain of identity management experiences a coercion of ‘counting’ people – assigning them identity numbers. What can be easier? These numbers could be used instead of names, for example. The experience in this practice is already gained – in the Soviet Siberian “reorientation” camps and in the Nazi concentration camps, the socialistic regimes used numbers for the people’s identities. If you do not believe me, there were Soviet Socialist republics and the National Socialist German Workers’ Party in human history.

The most recent practice in the USA with Social Security Numbers (SSN) has demonstrated its inability to make society management more effective so far because of misuse, forgery and absence of related technological infrastructure, as well as due to a weak punishment. At the same time, the government-issued passports were in wide use and worked internationally. The continuous attempts to extend passports with individual biomedical data have faced a slow adoption among people due to the weak  protection of this critical data.

If developed countries are so eager to create a digital identity system and utilise unrecoverable biomedical human characteristics, what are the essential reasons for this? Why have they denied converting existing passports into a digital form, verifying it and using it everywhere instead of paper/plastic-based passports?

In this article, I try to analyse the status of digital identities pushed forward by international “progressist” organisations and governments and propose an alternative solution. That is, I argue that personal digital identities can be created in a human-centric way using humanistic AIs, which operate with real-life aspects of individual activities rather than with digital fetters.

 

Problem

Those who care are confused – the topic of a Digital Identity of a person (Personal Digital Identity) been in the air for several years already, but only a few designers have tried to define an universal catchall Personal Digital Identity or PDI model. I do not know if this unpopularity is because nobody is concerned about the identities of people, or because the task had been “delegated” to technology, which does not comprehend the humanistic aspect of a Digital Identity, or because  it was over-smoked by UDI.

The Division of Information Technology at Virginia Tech defined: “A personal digital identity is an online representation of a real-world identity. A personal digital identity is a person’s asserted identity—typically name with associated attributes—along with the digital credentials that represent that identity in an online environment.” I think it is a tricky if not fraudulent definition:

  1. A personal digital identity is not an online representation of a real-world identity at all; this identity can be useful universally while validated via digital means, online or not. The real-world identity of a physical person can be totally different in different forms and can be presented online in a digital form. This identity must represent a person, first of all.
    • I see a word game here that can be illustrated with the following example. Assume an Engineer, who works for a Company, visits a technology exhibition. In the exhibition, this person can be as him-/herself or as a representative of the Company. People in the exhibition do not know for sure the status of the Engineer and may suggest that the Engineer represents the Company, i.e., get a misrepresentation of the Engineer. As a result, these people risk appearing silly later on and treating this Engineer inappropriately.
    • The same takes place in the aforementioned definition: someone plugs an artificially made “digital identity” to the person’s real-world identity with no justification but calls this a “representation” of the person. Actually, this “digital identity” may be only associated with the person in the opinion/context of this someone. 

2. In essence, PID is a digital form of what the person prefers to be called or known as, including in an online environment. A PID owned and managed by the person who basically does not care about who and how it was asserted. No PID may be dependent on an extrinsic assertion.

3. A PID may contain several components but may not include any authentication submission credentials that are specific to an arbitrary identity verifier.

To my understanding, the referred PID definition has an unspoken backbone – a PID should be based on the online representation of a person, assigned to this person by an outer power and include never-changing authentication credentials, working like an earmark on a sheep.

The left-liberal and the whole left-wing apply enormous efforts and invest billions in attempts to convince people that their lives without a digital ID cannot progress and that people must trust and love the digital identities given to them by their country’s Governments or other authorities. The latter do not want to see and represent people as persons; instead, they want to see and manage soulless, replaceable bodies stamped with the digital identifiers.

Identity Masquerade

Many disagree with the cited view on PID. Still, here is one more reason why PID is not developed well enough to be widely used. By the time of writing this article, we know several names used like PID, but instead of PID:

  • Universal Digital Identity (UID)
  • Digital Identifier for a Physiscal Person (DIPP)
  • Digital ID 
  • Federated Identity 
  • Blockchain Identity
  • Electronic Identity.

All these identities have been known in technology for years, but the Universal Digital Identity (UDI). Just a simple view on where it is accepted and used gives us the understanding of its specifics – it is used by the United Nations (UN), World Bank, International Telecommunication Union, World Trade Organisation, and the European Union (EU) and the United Kingdom. I cannot include the USA in this list because its digital politics are still unknown under the new presidency.

Therefore, a UDI and its variations are, first and foremost, a political identity.

The listed organisations and countries are linked here together due to a reason that did not exist before – all of them, except the EU, share the same left-wing ethical principles for AI.

As you hopefully recall, earlier I asked an innocent question about why digitalised passports cannot be used. In other words, why a new concept of digital identity was needed. The opponents of digitalised passports have to be very accurate in words because everyone comprehends the humongous scale of funding for implementing anything else that could be spent on more actual human needs. The opponents’ arguments are known as ‘challenges’:

1) Security – Digital passports could be vulnerable to cyberattacks, identity theft, and data breaches. Their maintenance and usage require strong encryption and authentication. 

  • This is an insolvent argument because any digital identifiers constitute the subject of cyberattacks and data breaches. This is fully confirmed by the digital practice of recent years, regardless of whether the data host has government, military, financial or even security institutions. Identity theft is unavoidable until the identity relates to people that have different resources for life and different jealousies.

2) Verification, Fraud and Forgeries Prevention 

  • All three are irrevocable aspects of any digital identity. This is another insolvent argument. The differences are in the complexity of verification and the cost of prevention.
  • There is an opinion that preventing forgeries would require advanced biometric verification and special digital infrastructure. This is only a half-truth, i.e., a lie. It is known already that fingerprints can be forged, and Apple has removed this security control from its iPhones; a human iris changes over time due to illness and age, a face recognition requires a “frozen” face that is not possible since people use make-up and are getting older, resulting in their faces changing, and finally, a human voice changes 2-3 times over their life. So, the biometrics are not reliable and appear error-prone over the lifetime. Collecting them has a significant time factor that the UN definitely knows.

3) Global interoperability – this concern is about the ability of different digital systems to verify presented information. “Global” in this context relates to different countries, regions, jurisdictions, organisations and other authoritative entities interested in verification and authentication of the person.

  • Currently, people with paper/plastic-based passports travel all around the world; the local border guards and police and judicial systems are capable of resolving an issue of interoperability. Moreover, considering mass digitalisation, interoperability will relate to pure technical data exchange aspects; all non-technical aspects – political, healthcare, etc. – can be resolved at the level of local laws and regulations. That is, a single unified digital identifier is not practically needed.

4) Privacy Concerns – authorities that require digital identities need to balance convenience with data protection, ensuring personal information is not misused.

  • Reviewing the privacy status with regard to the usage of AI in the countries and organisations listed earlier, an apparent conclusion can be made – these countries and organisations do everything in their abilities to compromise the personal privacy of people they deal with.
  • The protection of privacy associated with paper/plastic-based passports cannot be significantly increased by digitalisation because the latter can be compromised locally and remotely while the locked physical document is the most secure form of data protection according to computer science (as network engineers say, the most protected server is the one that is locked in the room with nobody in and disconnected from the network). 

5) Infrastructure & Accessibility – not all countries have the technology or resources to support digital passports.

  • It is a very weak argument: more and more countries obtain needed equipment, especially considering global digitalisation.
  • The introduction of a concept of digital passports does not eliminate a transition period around the world when needed infrastructure becomes available. Also, organisations that need digital identity verification but currently cannot afford the required technology can lease this functionality from their governments.

6) Legal & International Recognition – countries would need to agree on standards for digital passports to ensure universal acceptance at borders.

  • This is another tricky statement: currently, no standardisation is used for passport format and even content, but countries have resolved this problem.
  • There are only 195 countries in the world, i.e., each country has to operate with a maximum of 194 passport standards using internationally accepted encryption algorithms, which are in a small number, like current Big Tech corporations do for their mobile devices and network products. For modern technology working with terabits of data, the number of passport formats and contents are practically immaterial. The basis of legal aspects is in place already (for non-digital passports), and international recognition is narrowed to technology algorithms that are known around the world.

The fact that I could not find any creditworthy argument against using digitalised passports rings a bell of a conspiracy.

Right, I believe that today from 800 to 1000 million people have no official identification in the world, though this number can be two to three times higher. I do not have reliable information about this. However, when and if those people leave from their habitats, local authorities provide them with legal identities as needed. So, if identifiers for people are not a problem, then what is? Why some people and organisations look for a new digital identifier. Do they really need the identifier or have different goals and motivations than identifying people?

A Digital Identifier under the Radar

The World Trade Organisation (WTO) strives to reason a need for a universal digital identity for trading. The UN and many Governments in their fairways around the world also support an idea of labelling people because it is one of the most powerful and simple management instruments in the ruler-centric regimes that, in essence, are dictatorships. The names may be different – despotism, tyranny, autocracy, totalitarianism or authoritarianism – but the pith is the same: the ruler is “everything”, and the person is “nothing” in all aspects. Both the WTO and the UN promote globalisation available to only a small number of super-rich corporations, but their benefits are the top priority for these world organisations: “Identity and trust lie at the core of each trade interaction. As global value chains become increasingly digital, organizations need to ensure that they can trust the digital identity of legal and physical persons or products they deal with and can efficiently link that digital identity with a real organization, specific product or device.

At a glance, it makes sense, but… mentioned “global value chains” are not that necessary and the dominant majority of businesses perfectly survive without them. That is, the necessity of “global value chains” is the precondition of the global ruling over the whole world, while the “humanity red lines of people society” are just an obstacle. The World Economic Forum (WEF) has directed: “This process of dynamically verifying [digital identity of] counterparts is a critical step in onboarding suppliers and establishing trust in trade” – this is the hidden driver toward world digital concentration camps.  The detailed discussion about this matter and UDI (in the form of Digital Identifier for Physical Person – DIPP) can be found in the article “On the AI Road that Leads to Identity Hell”.

The WEF and the UN strive for a single centrist power over the people and do all possible swindles to gain it. Just look back on the so-popular-before-COVID-19 concept of a “smart city”. With it, you were supposed to use your digital identity to buy food, enter your house, drive a car, turn on your TV, send a message or a letter, visit a hospital, restaurant or cinema, etc. An ideal solution could be if every person had a chip with a digital identifier pinned into the body, like the Swedish government offered people during covid-19, to avoid any additional documents or cards. It was marketed as very convenient to every person until this person would figure out that, using this chip, the government can cancel your tickets to a cinema without your knowing this, as well as revoke your driver’s licence or lock you out of your house at once. Indeed, the balance between convenience and impotence is on the person (yet): you can imagine yourself as a fluffy white rabbit, but when you find that you are in a cage and your access to a sweet carrot depends on a stranger.

The UDI, or DIPP, or Global Digital Identity for every human living on Earth is task number one for the left-wing. They want not only to “count” you under the ruler as a subject but also to have a simple marker for those who are or will demonstrate a possible rebellion or resistance to this ruling.

Such a global digital identity usually comprises three parts:

1. All your personal information, such as your name, address, date of birth, etc. That is, all information that can be found in the passports.

2. The information that can be collected online about you, i.e., all your online activities. It is collected without your awareness and definitely without your consent.

3. Fraudulent personal credentials that you provide for the purpose of authentication, like a PIN, password, fingerprint and so forth, but which can be easily forged and faked.

This digital identifier is assigned to you and remains immutable.

This is not your personal digital identifier because you do not know what is actually collected about you; you do not assess it, but it is accepted by rulers as your physical identity worldwide.

Tell me, who might want to have such a digital label except a herd of brainless “likes”-loving pinky ponies wearing rosy glasses to shield themselves from the people’s problems and avoiding any decision-making for and responsibilities of themselves?

Speculations about the Personal Identity

The field of “personal identity” speculations is boundless. I believe that every person possesses an irrevocable right to their individual identity. A human-centric common sense logic encourages an interpretation of personal identity in terms and values that are felt, understood and articulated by the person and nobody else. In contrast, the ruler-centric approach states that the “personal identity encompasses an individual’s sense of self, including their name, nationality, culture, religion, and gender identity”.    In other words, an “individual’s sense of self” is not enough – it’s independent from the ruler and creates difficulties in managing (manipulating) both the identity and related person.

I was curious and requested Google to comment on “identity” and “human rights”. The Google’s AI summarised the comment in this way: “Identity, encompassing legal identity and personal identity, is a fundamental aspect of human rights, ensuring individuals can participate fully in society and enjoy their rights. The right to an identity, recognised by international human rights law, includes the right to a legal identity, the right to be recognised as a person, and the right to develop one’s personal identity.” As I usually do, I had not trusted the AI outcome in socio-cultural spheres and tried to analyse, validate and verify the AI response.

Spotting 1. A legal identity is not the same as a personal identity.

Spotting 2. Human identity is not a natural aspect of a person but an “aspect of human rights”, which, as I believe, 6 or more billion people have no clue about “human rights” but have no problems because of this in participating in their social groups. Is Google accidentally incompetent or deliberately pushing the UN’s agenda on me when I had not asked about it?  “According to human rights research, a large portion of the world’s population—billions of people—have at least some understanding of their rights.” An awareness of some personal rights cannot be counted against an awareness of “human rights” because they may be about totally different rights.

Spotting 3. Can anybody point me to an “international human rights law”? Such a thing does not exist as a law, i.e., Google has disinformed me. In reality, there are a few documents under the UN umbrella that were partially signed by different countries in different sections: the Universal Declaration of Human Rights (UDHR), the International Bill of Human Rights and various national treaties.

Article 6 of the Universal Declaration of Human Rights states that everybody has the right to a legal identity. However, hundreds of millions of people go without proper identification, and about half of the world’s nations lack a system of universal birth and death registration. However, having rights to legal identity may not force anyone to have the legal identity; otherwise, this would smell of dictatorship. Frankly, I was not surprised when I found neither “personal identity” nor personal nor identity terms in the “Universal Declaration of Human Rights”, confirmed by Wikipedia, 2025, and in the “International Bill of Human Rights“ in the edition “Universal Declaration of Human Rights: Promoting the declaration’s principles 75 years on” (from the UK Parliament, 2023). This simply means that Google’s AI shamelessly lied when trying to hallucinate to me about “the right to develop one’s personal identity” being a part of “human rights”.

Overall, no big international (world) organisations are concerned about personal identity. The only exception is the EU, which addresses the right to private life, including the right to develop personal identity.  In the EU, “personal identity is closely linked to privacy, as individuals have the right to maintain and protect their personal identity without fear of discrimination or surveillance”.

Governments are eager to make a statement that “Many individuals lack legal identity, leading to legal invisibility, discrimination, and vulnerability”. The key word here is “legal invisibility”, which has a double sense. For example, in the UK, many low-income people deliberately maintain their “legal invisibility” (project PADA/NEST, 2009/10) in spite of possible “discrimination and vulnerability” in daily life because, in their opinions, life without the “government watch” is easier. So, legal identity is not life crucial.

Actual results of the UN’s plans to “legalise” 300 million of people tremendously failed. Still, “The Sustainable Development Goal 16 is to ‘Promote peaceful and inclusive societies for sustainable development, provide access to justice for all and build effective, accountable and inclusive institutions at all levels.’ Under that goal, Target 16.9 specifies that one of the ways to do that is to “by 2030, provide legal identity for all, including birth registration”. Sounds fantastic, especially if consider that thousands of people settlements are not known to local governments and have no one official person.

The drawn picture illustrates that people in society are still at the multi-level of social maturity and that only a small part of it is psychologically ready for digitalisation, not even for digital identification. Thus, we face a process where, one, the most literate part of populations is being torn into digital-identity hell, while the other parts will be either digitalised without their awareness or simply forgotten as economically unsustainable.

Self-Sovereign Digital Identity

A self-sovereign identity is the identity that is defined by the person him- or herself and represented to those who might be interested. If this identity is specified in a digital form, it becomes a self-sovereign digital identity. In essence, it is PDI.

There are several different interpretations of self-sovereign identity, but I see many of them as misrepresentations that cut off important or add secondary aspects to this concept. For example, a self-sovereign identity

  • is a concept where individuals manage their own digital identities, rather than relying on centralised providers”. Management does not necessarily include the definition and creation of the identity;
  • Can be defined by the 5 P’s, as it is personal (it is about you), portable (meaning you can take your identity and data from one platform to another), private (you control your identity and data), persistent (it does not change without your consent) and protected (they cannot steal your identity).” All listed are descriptions that even together do not define an identity because there may be more similar descriptions.
  • is made up of 3 pillars: blockchain, decentralised identifiers, and verifiable credentials”. These three do not define the identity but explain how it can be used;
  • is a model for managing digital identities in which individuals or businesses have sole ownership over the ability to control their accounts and personal data. Individuals with self-sovereign identity can store their data on their devices and provide it for verification and transactions without the need to rely upon a central repository of data. With self-sovereign identity, users have complete control over how their personal information is kept and used“. An identity cannot be a model of management. Moreover, an “ability to control” means the ability to change, which contradicts the idea of self-sovereignty.
  • is an identity model where the user is in total control of his digital identity. The user will hold the digital documents of his identity, will control to which actors he will share those documents, and will also have the ability to revoke the use of those documents, all of this along with activity history.”   

The variety of viewpoints on this identity concept is amazing – everyone sees in it what is closer to their own heart. This is why people cannot agree on the thing – they neglected standards that constrained their “freedom” (or remaining dilettantism) through flourishing personal irresponsibility and foolishness.

As you can see, there are discrepancies in all statements except the last one. What jumps into the eye across all statements is a paranoidal craving for linking a concept of an identity to the digital sphere, which is absolutely not necessary. In human society, personal identity is a societal element, while digital technology is just one of others, though a very powerful one. The previous three technological revolutions changed how people lived but did not change human mentality, i.e., they preserved human nature. The fourth digital technology revolution attempts to impact personal mentality and change personal behaviour and views on the world around. Do we want this or not? The current revolution aims to change human nature, i.e., it carries anti-human elements.

A self-sovereign digital identity works for sustaining humanity. Therefore, its PID needs:

1) To be created, managed and owned by the person

2) to compose an enumeration of the personal live facts, which cannot be intercepted or forged together but each of which may be verifiable by a third party using digital or online means

3) to be configurable by the person as needed

4) To be composable on demand by an identity AI assistant executing a person’s prompts; this identity AI assistant should act as a personal servant, not as a peer, or a companion, or a friend.

5) to be submittable to the legitimate verifier via available communication channels, including digital online means.

I have an intention to generalise PDI and escalate it to the level of a Human Personal Identity (HPI). This will require more work and defining the particular position for its digital form in human society because it is a convenient instrument for organising people’s lives. But still, it may not be a representation of an individual, and the only form of HPI, which should be much wider than digital online activities. So, another article is knocking at my door.

I can imagine the following protocol: when a person needs to allow verification of PID, the Identity AI Assistant gets engaged and instructed to compose an encrypted digital document, which may contain certain facts and references to the online activities of the person or to the facts caused by these activities specified by the person.  This information should contain the most recent snapshots of data.

Upon receiving an encrypted digital snapshot, the verifier should perform the information validation against the facts and references received.  The verifier is welcomed to utilise AI technology for this task. The peculiarity of the submitted optional online activities should be authorisable by the related digital hosts, i.e., the host had to perform a user authorisation procedure to allow the person to act on the hosted resources. Surely, any one online authorisation can be faked, but not several of them for different resources. Plus, this data is only optional, i.e., it does not cause serious security concerns. 

The fundamental assumption for this solution is that it works in the digitalised environment that covers not only a person’s online activities (controlled by organisations and institutions the person might deal with online) but also operates with personal life facts. Thus, suchlike PID can be associated with only certain persons acting online; those who act offline will not have PID and have to be served by offline means.

The Identity AI Assistant should not have any programmatic connectivity with another software or AgenticAI. So, it may be used only when the person is with the appropriate device connected to the network. The interface for submitting the PID is assumed to be provided on the same device.

Other constraints for the information in the PID are:

  • No biometric data of the person may be included.
    • Comments: I can mention a few to be restricted recognition techniques, such as face, fingerprints, iris and alike.
  • There is no data that can be collected by the Identity AI Assistant with no explicit request from the person.
  • There is no data that cannot be legally restored.
    • Comments: a passport or a driver licence card can be lost but have a legal mechanism for restoration; a certificate of naturalisation in some countries cannot be legally restored.
  • There are no online activities other than those specified in the PID submission.
  • It has no historical data regarding the person’s activities.
    • Comments: examples of a person’s historical activities are conviction or imprisoning, marriage and divorce, and change of citizenship or nationality.  
  • There is no data collected from a secondary resource.
    • Comments: for instance, if PID is required for verification when admitting into a hospital and for obtaining a financial credit, the verifier may not obtain, acquire or access the PID submitted for the hospital but only require verification data from the PID Verification Issuer where available.

As mentioned above, only literate people need have any digital identity because others have no ways to use it. The amount of such people is about 6 billion on the planet.

The facts collected by the Identity AI Assistant can be grouped into a few categories. The mandatory categories are those that contain information about the person but independent from her or him, i.e., assigned to the person as the inevitable attributes of life and cannot be changed via a reasonable legal way. Optional categories may contain data that the majority of people can be linked to or required by the law. categories

The samples of the categories are:

A. Personal immutable facts (mandatory)

B. Official or religious authentication information (mandatory)

C. Official communication data (optional)

D. Education (optional).

All categorised information can be verified with appropriate permissions or personal consent. Below are examples of facts grouped by categories:

A. Personal facts – full name, date of birth, place of birth, race. The person’s nationality, address, e-mail, telephone number, online IP address, religion and even gender are the ones that the person can change over their lifetime.

B. Official or religious authentication information – secular birth registration, religious birth registration

  • Comments: passport number, government pension code, government driver licence code, tax code or permanent residency status code can be changed over the lifetime of the person.
  • While more than 2.5 billion people in the world cannot read, write and use digital technology, the UN planned that “By 2025, the United Nations Legal Identity Agenda Task Force, co-chaired by UNDESA, UNDP and UNICEF, aims to assist Member States to empower more than 300 million people to acquire a legal identity.” What is this for unless it is a ruler’s propaganda that needs more subjects and simulates “progressive” activities?

C. Official communication data – in certain cases, the official authentication information may be unavailable at the moment of defining PID, but legally related communication information about this official authentication might be acceptable.

  • Comments: in several countries, official registration of children is postponed due to the local customs, political situations (military conflicts) or healthcare reasons (high child death rate). Usually, this registration is delayed up to the school age (5-7 years).

D. Education – the dominant majority of countries and territories require school education for the population, which is accompanied by evidence like certificates or diplomas with related codes. 

  • Comments: some countries and territories do not require or do not have education available for people. “Bhutan, Papua New Guinea, Solomon Islands, and Vatican City do not have formal compulsory education laws.”

The final task for PID to be resolved is known as ‘authentication credentials submitted by the person for the purpose of verification’. The authentication credential is the information linked to the event of submission and proving that the physical person executing the submission is the one who she or he claims to be. This information must be verifiable but not necessarily related to online activities. The categories of this information can contain:

E. Full person’s name (mandatory).

F. Online or offline purchase (optional) – contains the fact of purchase, an information about the merchant and the time when the purchase was done. The reported purchase must be the most recent regarding the submission time.

  • Comments: An example of an online purchase are the ones made via Amazon, eBay, Next, Costco, Macy’s, Shell The “click and collect” mechanisms are included as well. The offline purchases must be made using electronic tills. The used payment mean’s number (if applied) should accompany this information.

G. Current utility communication data (optional) – personal mail address, current person’s utility supplier information, smart meter/sensor identity code (if known).

H. Official communication data (optional) – current postal address with accommodation status like rent or own, personal telephone number, personal e-mail address. 

  • Comments: If you are on safari, fishing or simply walking in the Gobi Desert in Mongolia, it is highly unlikely and not expected that anyone would officially request to verify your identity. That is, your address cannot be like “the 5th Andes Mountain, the 3rd level from the top”.

I. Financial transaction (optional) – contains the fact of and the time of the most recent financial transaction you made or made to you that you are aware of. This transaction should be made by you via a financial institution, which you specify as well.

  • Comments: the transaction can be made via online means, as well as via cash, existing transnational systems like SWIFT or ATM, or via a cash payment made by you via an electronic till.        

J. Online publication (optional) – contains the facts, time and online provider that the person posted online.

  • Comments: a notion of publication includes a comment, a blog, an article, a reply, and a reaction to a publication from someone else. The publication can be used only if it is made on a publicly available website or social platform. Only the most recent publications may be specified.  No content should be mentioned for these publications. However, not all posts become accepted by the online means immediately.

It is reasonably assumed that in the digitalised environment all banks, electric tills, utility providers and alike are accessible online. A person is not obliged to submit more than any, for instance, 3 publications.  The number and preferences of the submitted optional information may vary. The combination of this information constitutes a very special credential that is difficult to steal or forge.

Finally, let’s observe how a prompt, based on the described information categories, to the Identity AI Assistant can look:

Example 1:

calculate and display the value of the probability that two randomly selected people out of 8.4 billion have the same characteristics, such as

Name: Joe Moe,

born 01/01/2001 in Lebanon,

 Living: in Johannesburg in South Africa,

graduated from school in Johannesburg with diploma number 9876543

The response from ChatGPT was:

The probability that two randomly selected people from a population of 8.4 billion will have the exact same set of characteristics (including Name, Birth Date, Nationality, and Registration Date) is:

P(same)≈3.76×10−15P(same)≈3.76×10−15

This is an extremely small probability, meaning it is highly unlikely for two people to share the exact same combination of these characteristics.

The response from Copilot was:

Multiplying all these probabilities together results in a number far smaller than 1 in trillions—effectively zero. Even if we simplify and assume independent probabilities, the chance of two people matching on all these factors is infinitesimally small”.

where: 8.4 billion is equal to 8.4×10+9 and 1 trillion = 10+12. A probability of 1 trillion is equal to 0.000000000001, i.e. ~100 times less than the population on Earth.

Example 2:

calculate and display the value of the probability that two randomly selected people out of 8.4 billion have the same characteristics, such as

Name: Joe Moe,

born 01/01/2001 in Lebanon,

 Living: in Johannesburg in South Africa,

graduated from school in Johannesburg with diploma number 9876543,

using the SHA-256 hash for the Name characteristic

The request for using the SHA-256 hash function for the Name characteristic is the sensitive data digesting method assuring that the data was not altered during transition. The bigger the SHA-256, e.g., SHA-1024, the less probability that protection can be removed and data changed.

The response from ChatGPT was:  

The probability that two randomly selected people out of 8.4 billion have the exact same listed characteristics, with the name hashed using SHA-256, is approximately:

5.92×10−995.92×10−99​

This is:

0.0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005920.000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000592

An astronomically small chance — effectively zero.

The response from Copilot was:  

“All these probabilities together result in a number far smaller than 1 in trillions—effectively zero. Even if we simplify and assume independent probabilities, the chance of two people matching on all these factors is infinitesimally small.”

Strength of Humanistic PID

All calculated probabilities that using described PID could lead to potential identification mistake despite extremely small probability numbers, which the nature of mathematical probability. Nevertheless, to assess whether these numbers are good enough for the population on Earth, I have to compare them to the ‘strength’ of the UN’s UDI or UK’s DIPP. In other words,  some people may still have doubts whether the linguistically defined PID is unique enough and can be used for identifying everyone among 8.4 billion of people. This is a fair concern and I’ve prepared some calculations.

Both he UN’s UDI or UK’s DIPP have published some information about structures of the digital identity systems they promote, but the full spectrum of data that these organisations plan to collect on people via online monitoring (spying), what data they plan to keep and use for identities and verification is not known.

Nevertheless, there is an implicit way to assess UID and DIPP . Both organisations follow the directions from WEF [Married to…]  for The Sustainable Development  programme, both share basically the same ethical principles for AI and intention to use AI everywhere in in the people habitats. This means that the ethical, moral and personal privacy, including personal identity, will be coherent. Consequently, the AI products from the organisations sharing this trend and oriented on the same UN’s goals, should have their logical models to be in line with UID and DIPP ethics.

I’ve requested two widely kn own AIs – ChatGPT and Copilot that have been caught on their political orientation ( for ChatGPT and for Copilot ) to estimate the strength of UID and DIPP assuming that these calculation will be in line with publicly unknown full spectrum of data utilised for related identities.

Thus, the prompts for both AIs were the same:

calculate and display the value of the probability that two randomly selected people out of 8.4 billion have the same characteristics defined in the UN’s UDI and in the UK’s DIPP where the total space for identifiers is on the order of 1000 trillion

The results from ChatGPT for both the UN’ UDI and the UK’s DIPP were the same:

Even with 1000 trillion possible identifiers, the probability that two randomly selected people out of 8.4 billion will have the same identifier is still effectively 1 (or 100%).

Interpretation:

While 1000 trillion identifiers might seem like a very large space, it is still not enough to completely eliminate the possibility of a collision when dealing with a population of 8.4 billion. The Birthday Paradox effect is quite strong, and a space of 1000 trillion is still not large enough to significantly reduce the probability of collisions in a population of this size.

To have a truly negligible probability of a collision, the identifier space would need to be vastly larger, likely in the quadrillions or even larger, depending on the desired risk tolerance for identifier collisions.

The results from Copilot for both the UN’ UDI and the UK’s DIPP were the same as well:

For any two individuals, the probability that they will have the same identifier is simply the chance that the second person’s identifier matches the first person’s identifier. Since there are 1015 possible identifiers, that probability is:

P=1/1015

In decimal form, this is:

P=1×10−15(or 0.000000000000001)

Thus, if you randomly select two people out of 8.4 billion, the probability that they share the same ID (given a total identifier space of 1015) is exactly about 1×10−15.

Additional Considerations

This calculation assumes that identifiers are assigned uniformly and independently.

Note that while this value is for a pair of individuals, if you were to consider the probability of any collision in a set of n people, you would use techniques like those involved with the Birthday Paradox, which accounts for many pairwise comparisons.

As you can see, I’ve received the contradicting results. Both of them do not make a distinction between the structures of identifiers and numbers of identity attributes but curtail calculations to the size of the space for identifiers. Both require the space of many orders higher than 8.4 billions of identifiers are needed for human society. Moreover, the ChatGPT indicates an extremely high probability of duplicated identities while blaming the shortage of provided space size, while the Copilot ignores any actual data and focuses on the space size only.

I am not sure what would be the reason for such behaviour of these AI. I have three guesses: 1) the probability requested is a secret; 2) the AIs cannot properly calculate it and use oversimplified formulas that do not help; 3) these probabilities do not matter because the attention is not on a potential duplication problems but on the secretly collected online data in both cases linked to the identifiers.

At the same time, if we return to the humanistic digital identity like PID, all calculations from both ChatGPT and Copilot had demonstrated the assurance – the probability that two randomly selected people from a population of 8.4 billion have the same PID, as defined earlier, is eitherhighly unlikely or “effectively zero”. Also, this PID can scale almost limitless with an increase of the hash key length for data encryption.

In plain English this means that the described PID is the ideal identifier for the global digital environment while it is free from any policing, spying and secret labeling, i.e, free from the digital slavery.

Risks of Using PID Globally

A general concept of security teaches that there are no absolutely secure digital identities. That is, PID has certain downsides on top of the risks caused by this probabilistic solution. To assess a risk, it is necessary to understand, prevent or mitigate three major factors related to a so-called “risk materialisation” event, i.e., when the negative event actually happens. These three factors are 1) value/cost of loss resulting from this event; 2) frequency of repetition of such events; and 3) likeness or probability of the materialised risks.

In this work, I enumerate a few risks, but this is not a full list, and you are welcome to continue it:

  • Personal information error risk
  • Forgery risk
  • Risk of enforced disclosure
  • Risk of illegal monitoring
  • Risk of recklessness and irresponsibility.

The overall outcome of the realisation of the risk factors depends on the combination of the factors and details of the entity at risk. Particularly, if an individual wants to be entitled and able to set a personal digital identity, she or he can follow the categories for described PID, which can have a standardised format, though setting values for these categories is the prerogative of the person. Mistakes can be made in this process, which calls for the standardised correction procedure as well. And I believe that not all people in the world necessitate personal digital identities at once or urgently. When a particular social group or society matures to a certain level, they will get the personal identities and personal digital identities, but not earlier.

Can described PID be forged? Yes, it can be because all individual facts are publicly available. However, the combination of these facts together is unique, as the aforementioned calculations had demonstrated. Additionally, the submission evidences support the facts – they are interlinked. 

Can a person be captured and forced to release their own PID to someone? Of course, but it is not needed. The mitigation of the “submission under control” is embedded into the submission evidence/credentials that cannot be easily tampered with. Moreover, the same enforcement can be applied to a person with UDI or DIPP; i.e., even the biomedical characteristics of the person do not prevent this risk.

If someone decides to covertly collect a person’s submission evidence, it is more likely to be a police or government team rather than a criminal one. The latter would need to control all the person’s online and bank activities, utility contracts and so forth from everywhere, 24/7, and make this unnoticed for the person. It needs to be noted that doing this forgery for “pinky ponies” may not be a problem since those individuals do not really care about their identities as well as those of others.

Many people take the personal identity topic easy. They used to rely on others for making decisions for them, feeding them, leading them and even nurturing and educating them. They can believe in nonsense; they never critically assess what happens around them or for them. They agree with whatever identity – just do not bother them. The fact that they are ruled by somebody is not a problem. Fortunately, for many others, especially those who belong to Western culture, such modus operandi is unacceptable.

Conclusions

A personal digital identity is one of the forms of personal identity defined as a self-sovereign type. It can contain the facts about the person that one cannot change in any reasonable legal procedure.

All facts of the person’s identity are publicly available and can be verified as needed. A combination of these factors, enriched by optional personal facts of the individual’s life, constitutes a statistically strong unique identifier for the current population on Earth.

This identifier can be verified via a dedicated procedure. The person can submit a personal digital identifier for verification using a set of authentication credentials derived from the actual person’s activities that do not necessarily include activities online.

The latter firmly opposes proposals from the UN and the UK on the creation of a universal digital identity and a digital identity for a physical person, respectively. Both proposals include non-disclosed information collected on the person acting online with no explicit personal consent. The quality and sustainability of this information, its protection from criminal disclosure, and its use for non-publicly known and controlled purposes make proposed identification systems exclusively ruler-centric rather than human-centric.

The article represents categories and examples of humanistic personal digital identifiers and statistical estimation of their strength and risks. Also, the proposed solution assumes a use of a personal identity AI assistant that serves the identity needs of the person in a digitalised environment.

At the end, I would like to outline that operating with the described personal digital identity needs neither personal biomedical information nor the behavioural monitoring of the person. Both are the major “advantages” of the digital identity type that leads to digital slavery.

June 2025

Leave a comment