SSI and Guardianship - A practical Experiment
To accommodate guardianship needs in the context of online business transactions, the use of a guardianship verifiable credential is suggested. In the previous blog, we mentioned a recently released *whitepaper On Guardianship in Self-Sovereign Identity, that proposes a new kind of credential that, contrary to traditional credentials, is designed to accommodate transactions under a guardianship arrangement. In this blog, we report on our findings regarding its practicality. In the next blog we will elaborate on the consequences we think our findings should have.
* whitepaper “On Guardianship in Self-Sovereign Identity.”
Recall that the whitepaper proposes a novel kind of credential type, that is one in which not a person is the subject of a credential, but the actual guardianship. The guardianship credential specifies roles (such as 'child', 'dependent', or 'judge', 'parent', 'guardian', etc.), rights and duties (assigned to roles), and 'stakeholders', that are individuals or organizations that fulfill one or more of these roles in the guardianship.
During the Techruption Guardianship use case, TNO, KNB and Rabobank worked together to look into the different guardianship types that exist in the Netherlands, and the implications for organizations of accepting guardianship arrangements. Moreover, the practical usefulness of a guardianship credential was investigated. To do so, we decided to choose one out of the very many kinds of guardianship arrangements that are out there and see what a credential would look like, then select a practical use-case in which the credential could be applied, try to make it work, and see what happens.
We decided to choose a legal kind of guardianship in which a person that is not capable of managing their own finances gets a guardian appointed to do this for them. The roles here are 'dependent', 'guardian', and 'judge', where the latter has the duty of supervising the guardian, to ensure the guardian does not disadvantage the dependent. To determine whether the construction of a guardianship credential for such cases is feasible, tens of court cases were reviewed, and it was concluded that the court orders for the appointment of guardians appear to be a good basis for creating guardianship credentials as proposed by the whitepaper. In fact, judges already enter their verdicts in a system that third parties can query to see whether someone is 'under guardianship', and such a system could readily be extended to also provide the proposed credentials.
We also chose a second type of guardianship arrangement, in which a deceased person is the dependent and one or more others, called 'burial-executor', 'inheritance-executor' in The Netherlands, are the guardians that take care of the affairs of the deceased. A guardianship credential would thus contain 'deceased' as the dependent role, and 'burial-executor', 'inheritance-executor' and some others as guardian roles. The burial executor gets the right to organize the burial and pay for this from the checking account of the deceased. The inheritance executor gets full rights to all bank accounts as well as various other rights, and the duty to divide the legacy amongst the legitimate heirs. Creating a credential that satifies these requirements is more difficult than the first one, but still should not be a problem since the rights and duties have a solid legal basis.
As a practical use-case, we selected the case where a guardian needs to access a bank-account of the dependent, because it so happens that TNO has an SSI banking demo in its SSI-Lab that should be easy to adapt. It turns out that making the technical adaptations is indeed relatively easy, but that does not mean the guardianship credentials are also practically useful. Where with traditional credentials it is easy to find out for the banking application who the 'user' is (for example, credentials used to login into an account) and interpret credentials as being associated to this user. However, in a guardianship credential you need to go investigate the credential: who is the user, which (guardian)role it plays, whether the dependent has bank accounts with the bank, and finally what rights/duties the user has regarding these bank accounts. This means that the bank needs to verify more than only checking the ‘user’.
Of course, with a bit of additional coding, this can be solved, but this also means that any time changes are made in the syntax and/or semantics of such a credential type (e.g., because of laws that change, the nature of rights/duties change, etc.,), the code will also need to change. And note that this should happen not only in the bank application that supports financial transactions, but in every bank application that has to deal with such guardianship. And considering this for a bit longer, it seems reasonable to assume that also other organizations would have to do all this.
Our verdict: while guardianship credentials as proposed in the Sovrin whitepaper can be constructed relatively easily, there are concerns about their applicability in practice, because they require too much fine-tuning depending on the exact context, law and regulation, etc.
So then, is this the end of guardianship credentials as suggested in the whitepaper? We think so, unless of course there are other purposes/applications in which they can serve some role. In our next blog, we will provide our thoughts on improving the applicability, and about what we think might help organizations (banks and others) to transform their IT such that all their applications may use credentials and other SSI technologies to reduce the amount of work required to accommodate the wealth of (legal) guardianships that they are (legally) obliged to facilitate.
Sterre den Breeijen, Rieks Joosten, Peter Langenkamp (TNO)
Leon Roseleur (KNB)
Read more blogs about SSI and guardianship
This blog is the second in a series of three blogs about SSI and guardianship. Read more:
Read more about SSI technology
Read our latest in-depth articles about SSI technology.
Rieks JoostenFunctie:Senior Scientist
Rieks Joosten is senior scientist/innovator. He is a founder of TNO's SSI-lab, and its visionary. He has a background in information security, information process design, and architectures for supporting IT. Rieks is currently also focusing on the exchange of 'qualified data', e.g. in data spaces/ecosystems, and into semantic interoperability for human use.
Telefoon:+31 6 22 90 13 17
LinkedIn:Rieks on LinkedIn
Looking for an expert?View all experts
TNO EASSI can accelerate SSI adoption
TNO EASSI enables issuers and verifiers to save time and money by connecting to a single gateway in order to support any SSI wallet a holder may use.
TNO’s view of 2030: Digital privacy and security for everyone
Privacy and cyber security are the cornerstones of our digital society. With smart innovations like SSI technology, we will ensure that citizens exchange online data without any concerns by 2030. Read how.
Synthetic data generation: secure learning from personal data
Personal data from patients, citizens, or customers can be valuable and instructive for organisations, but the use of such data often raises privacy issues. Synthetic data may be the answer to this problem.
Conversational AI enables information exchange between humans and AI systems. But how do we deploy it responsibly? At TNO, we explore the challenges of making optimal use of this technology.
Poverty reduction can be made more effective with data analysis
With historically high inflation and rising energy bills, poverty reduction is more relevant than ever. Multi-Party Computation can help implementing authorities to get in touch with members of the general public who are entitled to additional support.