Guardianship for People
Jo Spencer
Sezoo Co-Founder | Digital Trust | SSI | Payments | Banking | Consultant | Technical Architect | Musician
A lot of the reasons for the inflexibilities and dangers in our online (or digital) world are due to the difficulty we have in confirming or proving that we are who we say we are, that we are related to others and that we can act on behalf of them.
This article is part of a series that we’re writing on how we might best implement a digital model for Guardianship. The first article (published on LinkedIn here) gives the background to the work of the Sovrin Guardianship Working Group. The subsequent articles describe specific aspects of this work and the benefits it can bring (such as in financial services), with the latest article focusing on the role of the jurisdiction.
This article considers the challenges with establishing and acting as a guardian digitally, the transformational opportunity of doing this better, and how Verifiable Credentials (VCs) and Decentralised Identifiers (DIDs) - the building blocks of Self-Sovereign Identity (SSI) based solutions - can be used to deliver powerful, digital, privacy-preserving guardianship arrangements that can enhance current physical processes and develop trusted, digital mechanisms.
Relationships
Guardianship in our physical existence is all about a relationship. We use existing family relationships, friendships (special, informal relationships) or special organisational relationships (citizen or refugee) to define formal relationships that can be reflected in existing legal processes and documentation, relevant to a specific use case and jurisdiction. These relationships are then used wherever necessary to allow the holder of the paper credential or occasionally a linked digital relationship to be seen as acting as a guardian in a number of prescribed and expected scenarios.
As part of current, physical guardianship interactions, the guardian typically needs to identify themselves, to present a specific jurisdictional credential and often needs other complex checks to be done by other professionals or organisations as part of the process. For example, we discussed in a previous article the challenge in dealing with banks as a guardian and what it’s like trying to reflect these identities and relationships into complex and financially critical processes.
When working from the Sovrin Foundation Guardianship Whitepaper, put together by an international task force in 2019, the use cases identified multiple relationships and guardianship types that needed to be supported at the same time. For example, the NGO was the physical guardian for the refugee, Mya, but her grandmother, Zo, was also her personal guardian. Each of these relationships implies different roles and responsibilities, rights and duties that need to be catered for in multiple interaction types.
So we need multiple relationships to be reflected in digital credentials, that can be used broadly, reflect the details of the relationship, add useful controls based on their use, be portable and widely usable, add to the existing user identity and authentication models, enhance physical credential definitions and support controls ensuring that they remain current. It sounds like a “big ask”.
So, it’s easy to feel (and you’d be right) that the current solutions don’t work and won’t ever work. Is that why we are making a mess of digital solutions, societal inclusion, digital migration and data security?
Luckily the use of Verifiable Credentials (VCs) Data Model and the use of Decentralised Identifiers (DIDs) as defined by the W3C and decentralised interactions underpinning the Self-Sovereign Identity (SSI) model makes this all possible. All we need to do is use supporting technologies to make this practical.
Enabling Parenthood Online
We’re typically born into a situation of guardianship. When we are children, our parents (typically) are our guardians and they look after us and all the information about us until we can look after ourselves. So, we end up with a filing cabinet of certificates (birth certificates, swimming prizes, exam results etc.) and lots of other information that allows us to become the grown up that we want to be, with the added complexity these days of having to act both physically and digitally. Ideally our parents look after these credentials, and use them for us, if necessary. At times when we are a child they may also need to be able to say, and sometimes prove, that they are our legal guardian, such as when arriving at a country border control or registering us for a new school.
But digital interactions and the inclusion of guardians are very rarely enabled, let alone checked and verified. Most processes are designed without considering how to get parental support. Signing up to a Facebook account is supposed to be limited to those 13 years old and over. It’s not checked and parental support (or control) isn’t included, even if you declare yourself to be only just over 13 and, in many jurisdictions, still considered a minor. If each guardian was to have a specific credential that they could use to approve this digital process (even as a zero-knowledge proof), it would at least make the process of signing up visible and give the guardian the opportunity to be involved.
We also need to be able to support and reflect as much as necessary the rich complexity of family lives. Changes in partnerships, complex relationships, alternative guardians (state, organisation or people) and other human condition situations need to be reflected. It’s probably because of these complex scenarios that addressing guardianship digitally has been ignored, leaving us with existing physical processes and no online support.
Identifying yourself as a guardian (having gone through an appropriate identification, authentication and authorisation process) should allow you to carry around a useful credential that parents don’t have today either physically or digitally. Where this credential is demanded, a guardian should be able to prove that they are the current dependent’s guardian and no one else can masquerade as their guardian, either physically or digitally.
Trying to be better online parents, would we want more “parental controls” in digital services if we could be sure that we were involving our parents or the current guardian? This might sound like a good outcome, but we need to promote very trustworthy solutions that are flexible to different guardianship scenarios, capable of change that support broad digital inclusion. And we need to be sensitive to the needs, and rights, of people of all ages to privacy and self-determination in environments where they, and those around them, are safe.
Throughout our formative years, our parents collect our credentials, digital and otherwise, as we earn them. They might give us the cups, trophies and certificates, but how can they hand our digital credentials to us when we become “of age”? It doesn’t happen easily. Currently we have to do all sorts of odd things to enable transfer of digital assets from one person (a guardian) to another (the dependent). Many of these events are immensely difficult, some mislead the service provider, most are not very secure, and none are natively digital.
So, parenthood and its supporting role of other forms of guardianship, needs to be enabled properly in a digital context, for the good of all.
Other types of People Guardianship
At the other end of our lives, we tend to need help too. With everything moving online, there’s a massive need to allow those that need help to be able to get it, whilst ensuring that the help is appropriate, trusted, privacy-supportive and coordinated during sensitive and critical physical and (more and more) digital activities.
We are often presented with a situation where physical processes are expected, but digital interactions are demanded. For example, providing a lasting financial power of attorney to a bank is a physical process (bringing or sending papers to the bank), but using a bank’s online channel (mobile or web-based) is a digital one.
The scenarios considered in the 2019 Sovrin Foundation whitepaper are a child refugee (Mya) and an adult living with dementia (Jamie). We explored these use cases in some detail in the Sovrin Working Group implementation guidelines - providing a full transcript analysis.
In Mya’s case, the jurisdiction of the guardianship relationship was deemed to be the NGO camp, which allocated Zo, her grandmother, and Julia, an employee of the camp, guardianship credentials accordingly. In the Jamie use case the Jurisdiction was deemed to be the country (or State) in which Jamie's wife was recognised as the Guardian of Jamie.
As digital recognition of guardianship arrangements becomes possible, we can see more context specific and time-bound scenarios being defined by verifiable credentials. Some of these scenarios are identified below:
- Will executor and access to financial accounts and information;
- Modernising LPAs (currently being considered in the UK);
- Collection of pharmaceuticals, post, pension (where that is still a physical process) and other sensitive activities;
- Contextual guardianship responsibilities, such as the teacher of a pupil while at school, and/or the school for all its pupils;
- Other digital support scenarios that reflect a belonging (e.g. Indigenous or other group-based or informal memberships).
Starting with the physical
Even in the physical world, it isn’t easy and there are dangers in using existing credentials when proving guardianship. A birth certificate is proof that the issuing authority recognises that a birth event occurred, provides date and location and names the child, mother, the father (if appropriate), and attending officials. Having a birth certificate doesn’t prove you are one of the named individuals in the certificate, and even if you could prove this, you may no longer be the guardian of the child. Holding the hand of a child who agrees that you are their parent sadly doesn’t necessarily make it so.
Having a trustworthy, privacy preserving, way to prove guardianship would be of benefit online and in person to parents, children and those that need to make decisions based on guardianship status. We need something new that we don't have today in the physical world.
Moving to digital
In digital scenarios, each step of the scenario is typically a 2-actor interaction - the user and the service provider. Each user traditionally needs to be able to identify themselves to the service provider and the service provider then controls what the user can do and what they need to make that possible. Ideally, each user should be able to hold and share with appropriate levels of trust, credentials that prove who they are, defines what they should be able to do and when and how these can be used. This means that the service provider doesn’t need to remember or control relationships, just be made aware of them and trust the process of the information being shared.
More traditional models of digital identity, using Identity Service Providers, might be reasonable at helping someone to identify and authenticate themselves, but these models were not designed to put in place a relationship and manage the resulting consents (and don’t get me started on how Open Banking shouldn’t use only OIDC for the authentication model). The introduction of an ISP intermediary that cannot understand the relationship and broadly support its use makes the specific 3-party digital interactions impractical.
As we use digital interactions more often, it doesn’t have to be a digitised version of the physical process. We need to make this easier, better and more trusted. But it does need to be thought through such that the physical and digital processes can coexist (and interact), rather than creating a monster of a different mechanism that involves unnecessary actors and complicates our already complex processes.
In the physical world we rely on legal documents. The digital version of these documents can be verifiable credentials. Smarter than physical documents, they need to at least:
- Show that the right people are involved;
- Define the rights and duties of the guardian;
- Allow the use of these credentials in various digital and physical interactions;
- Support different credential content for different purposes and jurisdictions;
- Be able to be verified as up to date.
So we need to work with the limitations of the physical and digital processes and build trust into these interactions and the issuance, holding and use of and the credentials that underpin them.
When we build the necessary digital processes into the current physical ones, or replace the physical ones with digital processes, we might be able to fully automate this process. For the foreseeable future - a transition state of both models - we need to make the physical and digital processes aligned and similar, but the digital solutions must address what’s a priority in building trust online and address failings of the current physical processes.
Doing it better...
So what do we need? We need our digital interactions to be better and easier than they are now and they also need to support existing physical processes. We’re unlikely to fix everything in a totally digital process, reflecting all the nuances that exist today. But the use of digital credentials can simplify existing physical processes and enable complex relationships in parts of the online scenarios.
If we look at a guardianship arrangement from a legal perspective, we might go down the route of defining guardianship relationships as smart contracts. These are trusted definitions of an arrangement that involves a number of people and organisations such that a number of processes can happen automatically or be controlled based on codified events that occur digitally. Eventually, this might be a good model. However, not every online process needs the complexity of a smart contract or can flex to using this type of solution.
A more flexible approach is the use of Verifiable Credentials (VCs) that can be specifically allocated, authenticated and managed to support specific, online activities. The use and availability of a digital wallet (specific or generic) shouldn’t be a deterrent of this approach, but the broad use of credentials does imply the holding and presentation of the credentials by the specific online user (a guardian in this case).
New Digital Opportunities
As mentioned earlier, the bilateral nature of traditional digital interactions doesn’t handle the multi-actor scenarios of guardianship. With VC-enabled authorisation, users can prove that they are allowed to carry out specific actions on behalf of the dependent, without the dependent being present and without having to connect with the issuer of the VC. So a VC-based guardianship solution allows a bilateral interaction to support a multi-actor scenario.
By including specific controls in the VC in terms of the rights and duties of the guardian, additional use cases can be developed that embed trust into the online process. These include:
- Multiple guardians with specific roles (rights and duties);
- Reflecting our complex life scenarios - surrogates, biological and legal parenthood, changed genders, separations and custody rights etc.;
- Easily reflecting guardianships for different contexts - short-term medical, requested support, etc.;
- More flexibility and visibility in creating, changing and destroying guardianship relationships;
- Different models of membership and
- Digital inclusion, indigenous membership.
By augmenting existing physical documents digitally (a QR code might be included to help), the physical process can be enhanced to support real-time verification, provide additional controls, adding associated attributes not on the document, through digital interactions. Part of that process would be to check digitally the guardian’s existence and their ability to do what’s being requested by presenting the document.
Guardianship as a Differentiator
So many situations and online experiences are distressing and complex that handling guardianship and other sensitive situations better will be a massive differentiator from a commercial perspective. A poor personal experience during times of duress will lead to a promise never to deal with a certain provider (bank etc.) ever again, and a willingness to share that opinion with others.
Managing situations where a customer is no longer able to manage their online account and others need to manage it for them is a reality for all online companies of any size. Trying not to be too morbid, in Australia, the number of registered deaths in the year to September 2020 was 164,100 in a population that had grown (slightly) to the end of September to over 25 million . That’s only 0.65%, but that’s everyone, and a growing population. So perhaps we could estimate conservatively that 1% of your customers die every year, and you have a legal responsibility to manage the closure well for their survivors. And that 1% doesn’t include a larger percentage of those who are alive but unable to manage their affairs. In a customer base of 3 million, that’s at least 30,000 a year of most likely the more complicated (and for banks the more wealthy) customers.
Providing trustworthy, privacy enhancing, empathetic support for Guardians will be a major differentiator for online service providers for forward looking companies. Looking after the Guardians who are looking after the dependents is a powerful service proposition.
We need a global standard based approach to issuing, holding and verifying information about us, about our relationships and what these mean. This solution needs to support minimal disclosure of the information and ongoing verification, allow direct (decentralised) interactions, which could be physical and/or digital, between only those that need to be involved, with privacy and security baked in from top to bottom. Lucky for us all, there’s a model and solution providers out there that can help this happen. The model is called Self-Sovereign Identity and we’ve been working on how this can be used to support guardianship in all different types of scenarios.
If you want to know more about how SSI can be applied to multiple relationships and use cases, reach out. They all use the same technical basis…
Hi Jo.. good to see.. Normally identity and relationship designs orient around hierarchical structure, like organisations and government and have built some big systems that way. For the SDP work (customer centric service delivery platforms at scale ) the directory/identity and governance design was around Subscribers, their needs re preferences, entitlements, mail boxes, devices, parental controls, account management, 20m users needed say 200m named and identified information objects which can work at 10000 authentications a second, diagram attached of the directory identity and governance structures. With cuuble, being a social web mesh user to user interaction system - took a few years for the address book design. Three levels- the nodal mesh (the global level) , the nodal level and the the personal level.. where each user can configure their address book from the global, nodal levels or add private entries and then designate how they relate to such entries be that a child, a parent, a doctor, nurse, social group, pets, Iot device. It also includes relationship groupings and genre,, Its a software configured multi level - role/title class hierarchy with genre system, we have about 30 roles/title configured. part 2