Web 5: all Jack should know about digital identity but is too afraid to ask

Jack Dorsey announces Web5, and the world goes mad. Has Jack lost the plot, or has he fixed the Internet and its missing identity layer?

One of the things that big tech and its leaders know is how to heat up a market. So the latest hype is Web5. On June the 10th, Twitter's former CEO, Jack Dorsey, announced his vision of a new internet to the world.

Just the mention of the word Web5 piqued the tech industry's interest: "never mind Web3, what happened to Web4," exclaimed thousands of Twitter users across the globe. Like the clever marketers Jack and his team are, they had attracted mass attention to this new (to them) project. But what is Web5, and is it all hype, or has Jack lost the plot?

Simple addition does not make a new internet

Driving the Web 5 development is Dorsey-backed Bitcoin company TBD, a subsidiary of Block Inc. TBD has supplied paperwork on this apparently revolutionary and progressive new contribution to the Internet. The documentation explains why Web5 has been chosen as the project name:

Web 5 is presented as simply an addition of Web2 and Web3. These guys know math!


I can accept that technology may involve a quantum leap so innovative that it seems to stand alone, moving outside the normal evolutionary stepwise processes of change: random mutations provide ample analogies in the natural world.

However, in the world of technology, we all stand on the shoulders of giants and apply incremental adjustments to build better solutions. Even the modern Internet was a series of gradual changes built upon ARPANET, PRNET (packet radio network), and SATNET (satellite network), driven by the TCP standard.

By using Web5 as a moniker for this project, Jack implies that this is a novel and never seen technological innovation. So much so that Web4 was not even needed as a progressive step. I would suggest this is a little arrogant…

Unfortunately, the mechanisms proposed as the fundamental basis of Web5 are not novel and have been around for years. Even so, you can still build novelty on the back of existing technology; organizations such as SRI International do this all the time to enormous benefit humankind: check out their work in areas such as ARPANET, medicine, and quantum computing. Unfortunately, however, this is not the case for Web5.

What is Web 5?

TBD Web 5 documentation describes the technology as "The decentralized web platform: A new evolution of the Web that enables decentralized apps and protocols." The backbone tech behind the system is the Bitcoin blockchain (because that's what TBD focuses on).

But this is not about cryptocurrency. Instead, according to the documentation, Decentralized Identifiers (DIDs), public keys, and endpoints are all issued to ION: ION is a permissionless DID layer that runs on top of the Bitcoin blockchain. Notably, Microsoft announced its use of ION in 2021 for its foray into the decentralized web.

The four key components of TBD’s Web 5 are as follows:

1. Decentralized identifiers - based on emerging identity standards from the Decentralized Identity Foundation (DIF). DIF has developed a Decentralized Identifier (DID). DIDs are typically stored on a blockchain.

2. Decentralized web node - implementation of DIFs decentralized data storage standard.

3. Self-sovereign identity service - a service to handle Verified Credentials across the entire lifecycle of use.

4. Self-sovereign SDK - to generate SSI wallets for consumers and citizens.

What Web5 is not

The philosophy behind Web 5 is ‘user-control of data.’ Both decentralized identity and the notion of user-centric data control are nothing new. The late great identity innovator, Kim Cameron, wrote about user-centric identity and data controls in his treatise “The laws of identity” in 2005. This treatise gave future identity systems something to aspire to. Cameron described how privacy issues and cybersecurity fears were exacerbated by a lack of an “internet identity layer.” This same internet security layer is referenced in the Web5 paper, which states:

“The web democratized the exchange of information, but it's missing a key layer: identity.”

In 2005 Kim Cameron wrote:

“We need a unifying identity metasystem that can protect applications from the internal complexities of specific implementations and allow digital identity to become loosely coupled.”

Cameron wrote this before the days of ubiquitous cloud computing and the API economy, which have revolutionized digital identity. He wrote it before Bitcoin was even a twinkle in Satoshi Nakamoto's eyes. However, this identity layer has eluded identity vendors, but there are sound reasons for this. Digital identity is more than technology. It is the pivot upon which human-computer interactions turn. Digital identity is crucial, even fundamental, to keeping the wheels of the internet turning.

Web5 is a technology only and does not encompass the nuanced requirements, including the vital importance of UX/UI (user experience/user interface) for consumer use of online, identity-driven transactions.

However, to give the Web 5.0 paper its due, it’s correct about many things, such as:

“We struggle to secure personal data with hundreds of accounts and passwords we can’t remember. On the web today, identity and personal data have become the property of third parties.”

To redress this and balance security and usability, Web5 proposes to use the blockchain, specifically the Bitcoin blockchain, and provide self-sovereign identity (SSI). Web 5.0 focuses on "creating delightful user experiences while returning ownership of data and identity to individuals." Sounds great. But digital identity is about so much more than technology…, and delightful user experiences require much thought on the UX of an online transaction. UX/UI and security are not decoupled, and a backend-only solution to consumer security and privacy is not the answer.

Identity isn’t just about technology…

Self-sovereign identity (SSI) is a decentralized technology approach to digital identity that has been kicking around the identity industry for many years. Sovrin, an independent not-for-profit organization established in 2016, has developed a framework for SSI. Sovrin describes SSI as a "digital movement that recognizes an individual should own and control their identity without the intervening administrative authorities."

This movement was influenced by Kim Cameron's vision of user-centric identity. The Sovrin Network is built upon four layers of technology and standards:

The Sovrin Hyperledger Indy project is an open-source distributed ledger built for decentralized identity developers. Hyperledger Aries is a spin-off of the Indy project that makes Sovrin blockchain agnostic.

Sovrin, being agnostic, gives it an edge over the Web5 project from TDP. However, both are still not the answer to building digital identity systems that people want to use: providing identity in a way that the average consumer can use is a hard nut to crack. A wallet on a mobile device will not cover the various use cases and user journeys required for mass consumer identity adoption.

The identity layer is NOT missing

Web5 is not the answer to digital identity because there is no single answer. I would argue that a digital identity layer is not missing because we do not need an identity to transact online. Human beings just want things to be simple and easy. Who, other than folks in the tech industry (and even many of those,) want to manage keys or recover an entire verified identity if a phone is stolen?

One of the current issues in the identity industry is the conflation of consumer identity with citizen identity. Consumers do not need an identity to handle most use cases. They just need a way to prove a particular aspect of their being; for example, I am over 21, so let me buy that crate of beer. Self-sovereign identity is overkill for most online transactions. SSI may even be a stumbling block to uptake across a mass demographic of users, including people with no access to smartphones (yes, they exist), disabilities that make smartphones challenging to use, and those in digital poverty. Delegation of identity is an area Sovrin and conventional identity systems have been exploring for many years. This use case is an area intrinsically entwined with user experience complexities.

And then, there are the scalability issues inherent in a Bitcoin blockchain-based system: In Web5, DIDs will be registered to a Bitcoin blockchain, and even though a DID is small, scalability and transaction costs may require off-chain storage. There is no simple answer to online identity. But maybe we just don't need an 'identity'; perhaps we just need mechanisms that share data securely and privately without the need to create a persistent identity?

Jack – just a final word from the author

Jack, Web 5 is nothing new and won't change the fundamental nature of how people use the Internet. Sorry, mate, but you need to understand the complex needs of people and not expect technology to magically crack the identity puzzle.

More from Cybernews:

Are you scared of a robotic future? You might have robophobia

Big Tech commits to combating disinformation in the new Code of Practice

New bill attempts to ban American location and health data trade

Are you ready for jet packs and invisibility cloaks?

25 million free VPN user records exposed

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked