Apple podcasts: https://bit.ly/3qD1g2v
Google Podcasts: https://bit.ly/3skeTE2
Amazon Music: https://bit.ly/3QIDug5
In this episode of The Discussion I speak to Andrew Bud, Founder and CEO of iProov, the world leader in biometric face verification. We discuss the importance of keeping ahead of security in biometrics, the advantages of face biometrics over the iris or palm - and what he thinks about the future of anonymity.
I also speak with Bronwyn Williams, a futurist and economist based in South Africa. We discuss the issues that could arise from a single company becoming the centralised global infrastructure for digital identities ie Worldcoin’s World ID.
iProov website https://www.iproov.com
Genuine Presence Assurance https://www.iproov.com/why-iproov/the-problem-we-solve/genuine-presence
Biometric Threat Report https://www.iproov.com/reports/biometric-threat-intelligence
Flux Trends website https://fluxtrends.com
Bronwyn's blog https://whatthefuturenow.com
Bronwyn's book https://www.amazon.co.uk/Future-Starts-Now-Insights-Technology/dp/1472981502
Tracey Follows 00:20
Welcome to the Future of You. In this episode, we're going to look at biometrics with Andrew Bud, the founder and CEO of iProov. The world leader in biometric face verification. We took genuine presence assurance and liveness technology, but also the newly emerging threats - how to defend against injection attacks and what he thinks about the future of anonymity. Andrew also gives us the benefit of his vast wealth of experience in surveying the pros and cons of various biometrics, like the iris, the face, the palms, and explains why the face is still the biometric that does the job best.
Tracey Follows 01:00
We also chat with Bronwyn Williams. She's an economist and futurist based in South Africa, who is connecting the dots between biometrics economics, digital and fiat currencies, and all forms of credit. And she has some things to say about a potential world of Worldcoin. More detailed notes about both guests are in the show notes as are the links to any reports or articles mentioned. So without further delay, I'll hand over to Andrew to introduce iProov, and explain exactly what they do.
Tracey Follows 01:37
Andrew, thanks very much for joining me today on The Future of You podcast. I know you're very busy. So it's great to have you here.
Andrew Bud 01:43
Thank you so much for inviting me, Tracey.
Tracey Follows 01:44
Oh, not at all. I wonder if you could just tell our listeners, what iProov is and what you do?
Andrew Bud 01:50
So we assure the genuine presence of a remote online user, when an organisation or an enterprise is trying to establish trust in that remote user. Our job is to make sure that, that remote person is the right person that it is they are who you think they are, that they were a real person, and not an artefact like a photograph or a mask, and that they're right there right now. And not some sort of synthetic generative AIdeep fake. So we need, when a remote person is on the is using their device on their sofa at home, you want to know as an organisation, or even as another individual, you want to know that you're dealing with a real human being, that is who they claim to be. That's our job. And we do this on an enormous scale worldwide. By some estimations we are the largest company in the world.
Tracey Follows 02:49
So how do you do that? And what biometrics are involved in that process?
Andrew Bud 02:54
So we have to solve three problems. And the hardest problems, and they really are hard are not the ones that necessarily everyone thinks are hard. So the first problem is, is this the right person? In other words, does the person at the other end look like who they're supposed to look like? How do you know what they're supposed to look like? Well, you get an upload of their passport, maybe, which can now be done in a super secure way. In some countries in the world, there are national databases of people's identity documents. So you can just pull their, their trusted government image from a database. So by some means or another, you know what they're supposed to look like. And then you capture a little bit of video of them. And then you use face matching technology to determine if they look like what they're supposed to look like. 10 years ago, this was a nightmare. Because 10 years ago, face matching technology didn't work. The pose had to be absolutely right. The lighting had to be absolutely right. It was lethal if people smiled, or had spectacles. The world is utterly transformed. And today a machine is 10s of 1000 times better than a human being at doing that task. So although it has required a lot of developments and huge advances in machine learning technology, the problem a face matching is basically solved. That is not. And when people talk about biometrics, that's usually what they mean. But that is not the problem. The problem is, this person looks exactly what they're supposed to look like, but are they real? So now you got the second problem is are there a photograph or a printed mask? We have one done a few years ago that was so realistic, my wife absolutely wouldn't allow it in the house, a total lack of difference. Or is it an image on an iPad? And the third problem as I said is how can you be sure that what you're looking at even ever passed through a camera? Now these are very, these are basically, these are not really biometric problems. They are forgery detection problems. How do you know that a five pound note is a real five pound note and not as a not a forgery. And how do you know the face is a real face and not a not a bogus face, when what you're trying to win, the only way you have to determine this is a person's own mobile phone. So this has been done by any mobile phone that a person can have. So you've got no ultraviolet light and no fancy scanners. And you're in a world in which generative AI is making it possible today to produce spectacularly realistic images of people. That's what makes this problem very, very, very hard and getting hard all the time. And solving it is our task. In 30 seconds, I can tell you how if you'd like to know Tracey?
Tracey Follows 05:40
Yes, please do.
Andrew Bud 05:41
So what we do is we tell the user’s phone, through our cloud, we tell you, this phone, at the time which they're going to authenticate it, to flash a unique and unpredictable sequence of colours on the screen of their device that illuminates their face the user's face. And while the user's face is being illuminated by the sequence of colours, we stream video of their face back to our service. And in the service, we look at how the screen light reflects off their face. The way that it reflects spatially and spectrally. And the way those reflections interact with the ambient light, which is different each time, tells us that we're looking at a skin covered live three dimensional face shaped human face shaped object. And the sequence of colours, which is different, non repeating and unpredictable, tells us it has to be reflecting off the person's face like a one time stamp tells us that we're looking at a person who is right there, right now. The beauty of this method is that it is extremely difficult to forge. And it's also fantastically easy for the user actually to do. Because all they do is they look at their phone, their phone looks back at them, it flashes a bit, done, no instructions. Our core task is not just to make the super secure, but also to make it super inclusive. And the great thing about this is you don't have to do anything. There are no instructions to move or anything like that. You just look at your phone for a few seconds, it flashes at you, you're done. But the richness of information we get back from this screen illumination, how it interacts with the human skin and how it interacts with the ambient light has produced a system that is and continues to be extraordinarily difficult to forge. It's not impossible, it's not involved, no cybersecurity system is invulnerable. And for that reason, there's a second part of what we do, which is really critical is that we have a Security Operation Centre, which is monitoring all the millions of transactions that we do a day. And looking for the telltale, telltale signs, the weak signals, that a fraud is being activated, and it brings those potentially fraudulent imagery sessions to our threat analysts who study them. And from them, we learn what the latest attack methods of the bad guys are. And we evolve our systems to adapt to the new attacks. So our systems are never static. They're never standing still. What worked three months ago is not going to be secure today. And what works today is not going to be secure in three months time because the attack technology is moving so fast. And we have to move as fast as the attackers, as fast as the attackers do. So when a successful attack happens, and it does happen, it does happen from time to time, all liveness systems get breached all the time. The difference is, we know it and we fix it. And it's the combination of this, what we call this Flash Mark technology, and what we call the IQ of Security Operation Centre, our fraud detection and threat intelligence system that makes the system simultaneously so inclusive and so secure.
Tracey Follows 09:00
Excellent. And I want to ask you about the Threat Report that you've published this year, actually in a moment. But just before we do, is the process, the very sophisticated process, I didn't realise it was that sophisticated. The one that you've just explained, is that what we call liveness?
Andrew Bud 09:15
So there's a whole industry at the moment set up to detect so called liveness. We tend, we call it, we say it's broader than liveness. I've always felt, so a lot of the industry does call it liveness. I've always had a bit of concern about liveness ever since a bank in another country asked me if we could detect deadness. I thought they were joking, but they weren't. Liveness conventionally refers to whether you're looking at an artefact. Liveness is normally what do you use to defend against so called presentation attacks. A presentation attack is something presented to the camera, and that is becoming a decreasingly relevant part of the threat landscape. Increasingly, there isn't a camera because there's no device. Increasingly, the imagery stream has been directly injected into an app flow. So there is no presentation and therefore liveness really isn't adequate, which is why we talk about genuine presence assurance rather than liveness. But shall we say the general sector goes by that name, which I think is a bit reductive?
Tracey Follows 10:20
Okay, that explains that well, thank you. So let's get on to the latest threat report, because you talk about three major threats at least. And one of them the most interesting one, well, they're all interesting, but I think one that people might have heard the phrase before, which is digital injection attacks. Do you want to, can you explain a little bit about how those are happening and how they might be escalating now?
Andrew Bud 10:42
So we've hypothesised we, we've been worrying about this since 2013. This was actually the principal threat mechanism that we expected. But it really hasn't exploded until the last year or so. I mean, I was talking about deep fakes in a parliamentary committee back in 2018. They became fashionable in 2020. But really, we've seen them happening now. The key question is, does the imagery that is being sent from the remote user ever pass through a camera or not? If it passes through a camera, then there's an artefact. And you get all the cues and signals created when a nonhuman face is put in front of a camera. And there were lots and lots of cues like that. So that's and it's a relatively static problem in that sense. So it's not, it's not really all that hard. In the new digital injection attack, the attacker has, it's either subverted the software that runs on the customer's device, or is simply running it on their own device. And is creating the imagery and injecting it directly into the data stream that the local app and the cloud see. So there's all the cues that you would expect to see from a false object put in front of a camera vanish, because and that's what makes it much harder. Because you get these perfect imagery, you get these perfect images injected. For a long time, it was thought that the attacks were typically being done through web browsers, and it was fairly straightforward, because you could just kind of change the source camera in a web browser quite easily from the camera on the device to a virtual webcam. So it was child's play. And there were various methods that the industry has adopted for blocking those. What we saw between in between the first and second half of last year was 149% increase in the use of device emulators. It particularly attacks on mobile devices rather than desktops. And the problem with emulators is that they bypass all of these methods that have traditionally been used to prevent virtual webcams. And when we see a rise, such a rapid rise in attacks, it means that they're succeeding. If it doesn't work, crooks don't try it. But if it works, they do. So all the traditional methods that the industry had used to try to block injection attacks, it's quite evident they've been thanks to us, primarily, the use of Android emulators don't work anymore. So you can, fundamentally the way that you defend against these injection attacks, which are really lethal, I mean, do not underestimate them, when you see we see them all the time. They are indistinguishable to the naked eye.
Tracey Follows 13:30
What's the worst that could happen with one of these digital injection attacks? What would be the worst case scenario?
Andrew Bud 13:36
That an attacker can set up 10s of 1000s of user accounts for financial services or for government purposes, in the name of people who never existed or in the name of unwitting victims, and use them to launder 10s of billions of dollars. I mean, this is the way that massive organised crime and shall we say sanction states. There are certain states that finance their their atomic weapons and ballistic missile programmes by money laundering and to do that they need control of on ramp and off ramp accounts. And these sorts of synthetic or unwittingly stolen new accounts is the way that they do it. In future, I think the problem is going to get even worse, because with generative AI, it's going to become increasingly difficult to know whether you're dealing with the person that you think you're dealing with or not, and liveness. And despite what I said earlier, I'm going to interchangeably use that just for compatibility will increasingly become the core root of trust of the internet economy. Unless you know that you're dealing with the right person, a real person present there right now, you will not be able to trust who you're engaging with. So we become acutely aware that we are going to become one of the one of the roots of trust for identity in the entire future of the digital economy. And to do that, we're going to have to be able to continuously resist an increasingly ferocious and sophisticated set of attacks by digital injection imagery, looking and sounding exactly like a realistic human being. But, but one that doesn't, isn't there?
Tracey Follows 15:26
That's fascinating, because there's a lot of pushback in the mainstream media on digital identity in the most general sense. In fact, most people are still calling it digital identity cards, which we know they're not, but we're moving towards credentials, potentially. But there's a lot of pushback with people saying, why do we need digital identity this is, you know, surveillance, it's control of people, it's tracking, it's all these sorts of things. And I think we've knocked a lot of those myths on the head during this, this series in this podcast, but everything you're explaining tells us exactly why we need a good quality, well performing cyber secure digital identity because of all of that fraud. On that kind of scale, or even at a very personal private level. I mean, it's it's, it's going to happen, isn't it otherwise?
Andrew Bud 16:15
I tell my staff Tracey, that we are actually rapidly getting into the business of providing a fundamental human right. In an online world today, it will become increasingly difficult for people to function as citizens unless they are able to interact online. But interactions online will become increasingly difficult to do unless the counterparties trust, the person and generative AI is going to work very hard to destroy that trust. And any actual liveness genuine presence, assurance, will become the fundamental root of trust. So we find ourselves in a we find ourselves responsible for delivering human rights to people all over the world, which is quite a heavy responsibility.
Tracey Follows 17:06
I was going to say that it is a massive responsibility when everything that you've done, you know, if one tiny thing goes wrong, or somebody doesn't catch a certain threat, or it's not dealt with in the right way. I mean, the results are catastrophic, right?
Andrew Bud 17:20
We've always taken this extremely seriously. Look, Tracey, I'll tell you a quick story - I got into this business after I was running a mobile payments business in 2000, in the noughties. And at a certain point, we had a responsibility to people, but we just didn't realise it. And at a certain point, our network was used by cyber criminals to steal money from millions of people. And I ended up on television, a journalist shoved a microphone in my face and said, Mr. Bud, the role of you and your company in this scandal, were you complicit or just recklessly incompetent? It was 15 years ago, and I still remember it to this day. They were the right questions to ask, it's no good you saying, Well, I was compliant with this box ticking with that, and my slideware did this. You either take responsibility for doing the best you can to mitigate the risks that you know, are out there, or you have to ask that question. So we have always been focused upon trying to observe the threats that are out there, and building systems and processes as well as technology to mitigate them. That's why we are the only biometric company in the world to have achieved certification, under the eIDAS programme, both to deliver quality as a module, both to provide qualified signatures, the very highest level of signature, and EID level of assurance high. And the auditors came in. And they looked very closely, not just at our technology, but at all of our business processes and the systems that we have in place, and which are designed actively to search for the flaws, search for the vulnerabilities, search for the times when we're breached. Most companies don't ask questions, and they don't want the answers to. In order to fulfill that responsibility, we have to do that.
Tracey Follows 19:15
Well, that, again, is very interesting, because in this world of expanding apps and wallets that are often using biometrical matching of some description. I mean, I've got my passport in one. I mean, when I signed up to E-residency for Estonia, it was the same sort of thing. This time in two years, I mean, we'll have a lot more wallets asking for our face, presumably, or a biometric to be matched for us to go through this kind of secure authentication. How can we be sure that everybody and they're not, but how can we be sure that everybody is coming up to the sorts of standards that you're talking about?
Andrew Bud 19:52
That's a really interesting question. There's a big debate that's going on in Europe at the moment for example, about what the appropriate standards are for the creation of, of electronic identities and signatures under the new eIDAS2 standards. The S1 standards, it appears were originally devised for the creation of level of substantial. And everybody now understands that you've got to set up digital identities to level of assurance high. So there's a whole piece of work going on to try to figure out how on earth do you certify? How do you establish the difference between people like us, and maybe other competitors, who tried to do a really good job, and those who are just sort of tossing up bits of software to run on prem, and monitor and manage? Who are, who are even with the finest technology out there, ultimately creating undetectable vulnerability machines. It's a very tough problem. Up until now, all we've been able to point to are reference customers, like the US government, like three branches of the British government, like the Australian Government, like the government of Singapore, who invest the trust in their national digital identity programme SingPass in us, to say, look, these guys with their national security and signals apparatus have done what they needed to do to build their own trust in us. Whatever they did, probably is good enough for commercial applications as well. But we're going to need to do better than that. And in fact, we chair one of the pilot committees, which is currently, we co chair one of the pilot committees, which is trying to write standards for this for these kinds of problems. But it's a huge problem, because you're trying to test for the ability of a system to resist a moving target. You can't build a static test and say, well, it works. Anything that meets the standard works, that is just not appropriate in a world of rapidly evolving threats.
Tracey Follows 21:57
I mean, you mentioned the EU wallet system, or eIDAS, it goes under several names, doesn't it? But what are we doing in the UK? It seems to me in Europe, they've got some sort of digital infrastructure, and they're connecting lots of bits together. So whether it's AI and their regulation around that, their digital identity, the fact they've got interoperability across different member states, etc. And because it's becoming written into law. In the UK, we are going down a different route to digital identity. So how would you compare and contrast those two, particularly given what you've just given, which is this sort of cybersecurity environment and this environment of prevailing and increasing threats?
Andrew Bud 22:42
So, in the UK, we've always laboured, we've always had two very, very serious problems, which make digital identity very much more difficult in the UK than it does in the EU. One is that we don't have a national and national identity card system, every other country in Europe has a national identity system. So it is obligatory to get a national identity card. So there was a national demographic register, everybody is registered with it. In this country, we absolutely do not have that. Some people have passports, many people have driving licences, but the driving licence system has never been, was never set up and doesn't claim to have been set up as an identity system that in that sense is very different from the United States. So there were no, there were no universal sources of trust in this country. Which makes the problem enormously harder. The second is...
Tracey Follows 23:33
Not even our Gas bill!
Andrew Bud 23:34
Correct. You know, David Birch you know, David Birch joshes about, about that gold standard for for identity, the Gas bill. I mean, it is absolutely absurd. It is an example of identity theatre, you know, it makes life difficult. And I detest identity theatre, because it makes life difficult for good people and easy for hard people. You know, like liveness systems, for example, that involve people having to move there, move their heads, or speak, you know, typical way of getting liveness to work is you get someone to blink or something well, and the dirty little secret is, it's very, very, very easy to CGI to use to use generative AI to make a any head you want blink, or move their head around. Ordinary people have difficulty follow the instructions. So what systems like that do is that they are more likely to pass the attacker than the real people. So they preferentially pass attacks rather than real people. It's a bit like the gas bill problem. You know, attackers have no problem with it, but real people really fumble with it. So this identity theatre is quite dangerous. In the UK, you've got one problem, you've got no root of trust. And the other you have a powerful thread of basic political belief that says we shouldn't have identity documents full stop. That they mean something that they mean something quite bad. I think that's changing. It was very interesting that Tony Blair and William Hague together came out with their support a little while ago, saying look, giving people digital identity credentials as an option can only make their lives better and should not be confused, with anything compulsory. I think the advent of verifiable credentials, of decentralised identity will change everything. Because on the one hand it's a new narrative. And it's a narrative that meets a lot of the concerns people have about surveillance about privacy and so on. But the other thing, and this was sent to me by Ian Levy, Dr. Ian Levy, when he ran the National Cybersecurity Centre. He said the great one of the great advantage of, I'm paraphrasing here, one of the great advantages of verifiable credentials is that not only can they not be surveyed by your own hostile government, but they can't be surveyed by a foreign hostile government either. So in fact, what they do is they enable you to create an extremely robust and resilient new critical national infrastructure, which is, which can resist surveillance and attack by hostile powers, be they private or public. And I think that combination of their scalability, their infrastructural resilience, and the powerful narrative about their privacy, I think will shift the dial. I'm a huge believer in W3C verifiable credentials and decentralised identity.
Tracey Follows 26:29
I think once people understand that there is a user agency baked into that I think they're much more positive about the whole notion of digital identity. As we move into the Metaverse, which isn't going to be tomorrow might not even be 2030. But as it happens, when in much more immersive virtual environments, are we going to take the credentials or the digital identity that we have in the outside the physical world into these immersive environments? I wonder what your vision is of how that's going to work? If indeed it is?
Andrew Bud 27:03
I think the answer is yes. I came at this from a slightly different direction. I wrote a blog recently, which is on LinkedIn, which was stimulated by the thought of the portraits in Dumbledore's office in Harry Potter. In the last book, Harry goes to ask Dumbledore for advice, but Dumbledore is dead. These paintings are trained generative chatbots. And therefore, what we're going to see I think, is we may see people generating generative AI versions of themselves that will live on after they have died. But I think also we may see people creating them to do as agents going out and doing things. You know if I want to go out and argue with British Airways about the fact that my tear points haven't been haven't been credited, why the hell do I have to waste my own time doing I'll send out the Bud avatar to do it. So, so again, this is a world in which we have the potential of having extremely realistic agents of ourselves, potentially interacting with each other, and how the hell are we going to know if they're real or not. And it's going to matter because there is a real difference between the genuinely present person and an avatar. And that's going to come back to the assurance of genuine presence. I now believe that our ability to distinguish between a genuine, a real human being, in the end trust doesn't reside in verifiable credentials Tracey, trust resides in the stuff that goes on between our ears, and the ability to, to demonstrate to a high degree of probability that the interaction you're having is with a real human being a real thinking personally accountable human being will become fundamental not just to avoid fraud and money laundering, but but societal stability. And we will find that in the Metaverse as in real life, as in a world of generative AI, the ability, the issuer of the certificate of genuineness will become one of the key sources of trust in the entire economy. That's kind of the role that we see developing for us and, and our industry. So we're going to matter more and more and more. In the coming years. People say what's the future for iProov? I said, That's like asking a hamster on a wheel, what's the future for you as the wheel spins faster and faster. My future is saying our future is doing as good a job next year as we are this year. And it took a lot of effort to do as good a job this year as it did last year. So the future versus that is to stay calm and serene on that rapidly accelerating hamster wheel.
Tracey Follows 29:50
I keep saying identity is the issue of our generation but not only this generation, every generation going forward now. I mean, it is so important, but on that, are we going to be able to contain within ourselves different identities, if you like? Are we going to be able to preserve, for example, a pseunomous identity or anonymity in virtual environments?
Andrew Bud 30:11
I think it's absolutely fundamental. There's a difference between anonymity and pseudonymity. I'm a huge believer. And in this Dave Birch and I have always been able to outline. People want to be different people in different contexts. They want to have different personas. It's human nature, you know, I do not want to mix. I do not want to mix up my work persona with another persona that I have, that I have in a different context. So it is complete, I think it is absolutely essential that people are allowed to have different personas. But that's not quite the same as anonymity. I think that a true anonymity means that people that means that people escape accountability, and in societal justice, accountability is what stops people behaving very committing committing crimes. So I think true anonymity is socially very dangerous, because it absolves people of responsibility for their actions. And we see today, many, many examples of the consequences of that. But between pseudonymity and anonymity, I think there is a great gap. And I don't think it'll be acceptable for people to use the same persona, for everything that they do. And I'm sure, verify we couldn't.
Tracey Follows 31:25
Because a whistleblower, the whistleblower doesn't have to be anonymous, they could be pseudonymous couldn't they?
Andrew Bud 31:30
Yes, absolutely. Absolutely. And then you have to build a trust framework, which says that their identities can only be revealed under certain processes of governance. Governance will become increasingly important. I mean, one of the things that, as you said, earlier, you know, we're doing stuff in the UK, which is interesting. We're focusing much more on governance structures, and on trust frameworks than we are on technology. And you know, that I think that stands, providing it's done well. And there were some flaws and gaps, which everybody's working on at the moment. That could work quite well. I mean, look, eIDAS1 which was fundamentally a technology/architecture, as well as governance structure hasn't worked. It's done jolly well in Estonia. It's done spectacularly well in, in Belgium, and in the Netherlands. You can argue it's done well in Italy, but basically, it hasn't, it hasn't worked. So a trust framework, which is what the Australians, for example, have used to build their spectacularly successful identity infrastructure, may very well be the way forward. There's still a lot to do. But I think I see some very encouraging signs emerging in the UK, I mean, the quiet, quiet success of the Cabinet Office's, one login, for example, full disclosure, we delivered the onboarding for that. But is I think a pointer of the direction in which things can go.
Tracey Follows 32:48
Fantastic. Thank you so much, Andrew. Is there a message that you'd like to leave our listeners with, I know, you're not, you're not necessarily a believer in the need to highly educate people in all the technicalities of this stuff I know. But what we're trying to do is, is get broader and deeper consumer and public engagement in digital identity. And just so people can understand not necessarily the complex technologies, but the philosophies or the notions and the concepts and how we can move this forward. And so we hope that that will build trust. I wonder if you do have a message to people who are listening to this?
Andrew Bud 33:21
I want to draw picture shows that may help in comprehension, because people get very confused about digital identities. To me, a digital identity is a set of facts about me. And you've got I imagine this as being a set of bits of paper in a buff folder, I'm of an age when there were still buff folders, sitting on my desk. Traditional digital identity structures have involved that somebody's assembling that for me, and putting it in a filing cabinet in their office. And anybody who needed to know about me would go and ask the owner of the filing cabinet for me and pull the drawer out and refer to it and pull out that buff folder and tell the person who needed to know what was written on those bits of paper. And the modern world of verifiable credential eliminates that filing cabinet, we all carry our own folder around. And we have the means to, to disclose the things written in it in a safe and secure way. But a person is not the same as a set of facts in a folder. So there comes a moment in the life of every digital identity, when the facts in that when that folder has to be bound to a real life, physical human being. And that's a dangerous moment. Because if it gets bound to the wrong human being, or it gets bound to a non existent human being, the whole structure crumbles. And that's our job. So our job is to bind that buff folder full of facts about you to the real to a genuinely present human being who is the owner of that folder, no matter whether it's in their own pocket, or whether it's in a filing cabinet. And therefore in a world in which the word digital identity gets thrown around and means all sorts of different things. I think it's very important that people understand the difference between assembling trusted attributes facts about people and binding those facts to a real life, physical human being, on the basis of a trusted photograph.I'm sometimes asked, you know, what's so special about the face? You know, why not the iris and the other voice? And the answer is, well, frankly, the government, that when the government creates such credentials in my identity, they don't put my iris into it, the only thing that binds this passport, that I'm invisibly waving at you at this moment, Tracey, that shows that it's mine is my face on page two. So the face is special from that point of view. And the thing about voice is that there's so little information in it, that it will ultimately become impossible to distinguish between the real and the forgery. And that's, as you know, that's already been disclosed. Correct. So, you know, it had its moment, but unfortunately, generative AI, anything that has very little, anything that has very little information in it, and there's very little variety in it becomes weak to- irises, for example. So the face I think, will it won't be the only one there are other biometrics that are coming on such as palms, but the face will continue to become be the, the root of trust in the digital economy and assuring the genuine presence of that face will become fundamental to the stability of society.
Tracey Follows 36:41
Actually, I wonder if I can nip in with one final question, which is about gesture, actually. I remember when I was writing my book a few years ago now and that I was picking up the patents that Amazon had got on sort of vein recognition and gesture recognition. And Apple too, I think at the time - is this where you think we are heading in terms of biometrics?
Andrew Bud 37:02
So vein recognition is very interesting. But vein recognition requires specialist hardware it requires, it requires infrared requires near infrared cameras and sensors and so on. One of the tenets that we have in our in our absolute requirement for inclusiveness is that it's got to be that whatever you do has to work on anybody's device, whether it's whether it's a fancy Apple or laptop, or as we are, you know, we are working in the townships of South Africa. And when we're in South America, and in Southeast Asia, we're dealing with $20 Android handsets. So the key is it has to work within the existing hardware constraints of the world's handset base. Otherwise, you create exclusion. You know, there's a lot of discussion about bias at the moment,and a lot of that discussion about bias focuses on skintone., understandably. We can show both through independent NIST tests and through the data from our own system that this is unfounded, that there is no bias in these systems, when it comes to skin tone, but you also have to think about bias based on age and on gender, and on cognitive ability. In other words, how good are you at following instructions? And on wealth. How expensive a handset have you got? And what's really important, particularly for these large scale digital identity solutions is that you build solutions which are inclusive, that don't discriminate against people on the basis that if you haven't got the latest, Octo core system with time of flight sensors, that actually sorry, you're excluded from the digital economy. That's not okay. If you can't follow a series of complicated instructions, then you're excluded from the digital economy. That's not okay. So, a lot of these fancy technologies you know, like palm vein is great if you've got control over the hardware, but in mass applications in the process of creating and subsequently authenticating digital identities in an inclusive way, you've got to work with what you've got to work with. That's frankly, what makes our job so very difficult. You know, if we had ultraviolet and and ultraviolet sensors and infrared illuminators and multispectral cameras, and terahertz transducers available to us on every device, this we'd have an enormous amount more fun. In fact, we've got loads of patents that describe that. But it ain't going to happen anytime soon. So a lot of these technologies are much more restricted in their application. And they don't address the fundamental problem or bringing secure digital identity to everybody inclusively.
Tracey Follows 39:44
As Andrew mentioned in that interview, the iris is not the greatest biometric to be considered because it's easy to fake. But that hasn't stopped world coin rolling out its Iris capturing orb for its world ID. That's the name it's given to the companion product to world coin. They promise a more human internet with global proof of personhood, assuring us that the solution is privacy first self custodial and decentralised. Now, I'd already featured Worldcoin in last week's podcast. Check that out for the lowdown on how it works. And I also wrote an article in Forbes on the day they announced that they would be opening up the technology for anyone to use. That's to any company and any government. A spokesperson behind the iris scanning Orbotech said that the aim is to create the biggest identity and financial community that it can. And I guess allowing third parties to use that technology would of course, be one way of achieving that. But it's unclear, at least to me, whether that means that Worldcoin will be giving other companies access to personal identity data, or just the orb can be hired by others to harvest biometric customer data. However, we just heard from Andrew Bud that sophisticated hardware is needed for the best and most accurate biometric system, so how would they scale this up fully? Also unclear. And where does the identity data reside? And how can it be retrieved and by whom? Unclear to me, and I haven't even mentioned yet what standards and protections citizens may or may not have.
Tracey Follows 41:22
The fact that one company could become the global infrastructure for the digital identity of everyone on the planet, which is their aim, is a cause for concern amongst many. And one of those is Bronwyn Williams, based in South Africa and I caught up with her to see what lens pardon the pun, she has on Worldcoin, given her work on digital currencies, and real economies.
Tracey Follows 41:47
You like me have been all over Worldcoin for a while noticing that this wasn't just about crypto, it's about identity. But why don't you tell me what your point of view is on Worldcoin?
Bronwyn Williams 41:58
Well, Worldcoin is firstly, for someone that is interested in futures and signals and trends, a great case study because the combination is sort of lots of things. It's the identity question. It's the future of economics, the ideas of things like universal basic income, why do we even need these things? Why are they being told to us this is now the best thing that you can look forward to in the future? This sort of, please sir, can I have some more, kind of a future, is basically all you get with the universal basic income, it's basically giving up on progress and on increasing human flourishing or growth and saying instead well, you're never going to add value to society. So let us just give you some few coins, some few Worldcoins, and then you can survive, right? So it's quite a depressing view of the future. UBI is not a utopia, and it's very much a dystopia, we've, we've flat out failed. And this is now the best we have, quite frankly, you're surplus people, and we're gonna have to pay to keep you alive. What a terrible message to give to people. So that's on my sort of political economic bandwagon side there. But also Worldcoin is looking at decentralised technology, obviously, and trying to take it out of the fringy libertarian or right where Bitcoin came from and making it more mainstream. And then also, of course, the identity question, which I think is hugely critical. So I have looked at crypto for a very long time. I mean, I got my first crypto back in 2011 at a conference. I mean, I've understood this space, and from an outsider's perspective, so in the world, but not of the world at all in that regard. And what became pretty clear when you start to look at this from both an economics lens and from a futures and humans lens, that the challenge with DeFI with decentralised technologies of any sort, is the bridges, it's the on ramps and the off ramps. It's what goes on to the chain, how do you verify that that is in fact correct? And what comes off the train. So this can be quite dangerous because these sorts of systems, these immutable ledgers, because once information is put into them, it becomes law it becomes consensus can be dangerous if you putting garbage in. You're kind of therefore turning garbage into truth. So you're basically creating a lies into truth laundering machine, which I think from a philosophical perspective is quite an interesting way to look at these things. And Worldcoin is playing at the bridges. It's playing at the borderlands between the real world and the virtual world. And that I think, is a really critical weakness and also potential power placement to put yourself into. And of course, we know the people behind Worldcoin are all involved with the likes of of all the all the new AI technologies coming out. We know who these players are, we don't need to go into it. And they do understand the power game very well the power game between innovation and regulation, and how you can you can control both of those levers. You really do have a huge control over the future. And when it comes to DeFI when it comes to blockchain crypto and identity and verification of what's true and what's not there, the toll keepers the people who verify what goes out of Caesar's world and into crypto world are the kingmakers. That is the power position to be the troll that sits under the bridge, to be the tollgate. And with Worldcoin trying to then create a, yes, decentralised, and yes private identity in the world of Worldcoin. But by using that bridge as being a link to your human biology, is I think a really, really interesting point to look at. This is someone, the people that have designed the system really understand the power dynamics of the Metaverse, whatever you want to call it, the digital world, and how you control that by controlling what goes on to chain. And this of course, has been a huge challenge for anyone working in the crypto space. Okay, the first sort of breakthrough with Bitcoin all that was trying to not have the double spend problem, but that was still only dealing with information that was in the non Caesars world was in this walled garden. So they created rules, made the walled garden work very, very well. But still, if you've tried to money launder doing Bitcoin, whatever the critics of the system might say, it's very hard to do so because if you actually want to buy anything in the real world with your Bitcoin, there becomes a paper trail because now you have the walled garden and you back into Caesar's world,. If you want to buy a house with your ill gotten Bitcoin gains, you still have to register your property with your department of housing or whatever your legal structure is in your country. And at that point, suddenly, that sort of privacy and secrecy falls away, because I'm dealing in the real world, once again. And this is very similar, but like kind of opposite problem that Worldcoin is trying to do. So they're trying to not just solve the double spend problem, which has been solved with the likes of crypto, but also solve the not having multiple identities for one person problem. And this is the Worldcoin basically USP saying that there's only one account for every physical, biological human being in the system. So although yes, many of the critics of our sort of criticism of these sorts of problems, say, here's a zero proof condition, which is absolutely correct. When your iris is scanned, which is what you have to do before you get your unique, singular, one wallet per human biological person in the digital world identity, that data isn't stored and linked to you as a person, at least in theory, right? Because all it's done is it's checking against all the other records in the database, to make sure it doesn't exist there again, generates your private key and then delinks the private key information from the iris scan information, at least in theory, so it is private. In the world of Worldcoin, your identity, your biological identity is severed from your digital identity, but you still only have one digital identity. But if you start to spin again, in Caesar's real world will and can be linked to your biological person. So it's fine, you're private as long as you within that system trading within your walled garden network. But as soon as you cross the borders back into the real world, suddenly now what Worldcoin has done is created a bridge between your biological unique singular person and your unique singular digital identity. And the other thing that I think is really interesting there is that I worked a bit in the in the metaverse and gaming space and the killer app that everybody working in the space behind the scenes and the VC conversations taking place is that singular digital identity, that digital wallet that is the master key, the one identity to rule them all that links back to everything and that in that Metaverse space in the digital space, and I'm using these words kind of interchangeably, because it's basically the non real world, the digitised world. If you can control that, if you are essentially the issuer and verifier that toll gate or troll bridge, or whatever you want to call it, of the verification of these core identities in that metaverse space, the ones that tie all that you've spoken about a lot, those fragmented digital identities and half personas that we're sort of creating across all these different fields together, because you kind of have to because it's all very well to have multiple virtual identities. But when you actually want to go on holiday, get on a plane, you know, buy a house, drink some wine, whatever, whatever you're into, you need to have that credit come forward into the real world. So that is going to be that link through again and whoever controls that digital identity essentially is like the so called sort of like one world government master key holder. This is a huge power play if they can get it right. And when you start to see the work they're doing in developing markets and really working closely with governments digitising the undigitised, identifying the unidentified, banking the unbanked or at least giving them access to critical debt, but that's a different story. You can see how when you start to link be the link between the real and digital worlds you really do control so much of the future economics and politics going forward. That was a lot.
Tracey Follows 50:03
And you've reminded me actually of the very, very first episode we did of this podcast, when we had Dave Birch and Richard Bartle on. Dave obviously wrote a book god it must be at least 10 years ago now, Identity is the New Money. And he's well, well ahead of this, obviously. And then Richard Bartle, who was a big innovator in multiplayer gaming. We had this conversation about verifiable credentials, and how they'll work and how important they'll be in virtual worlds that are not just about gaming, but about living and doing stuff. And I was asking the question, but won't they come back to sort of a biometric? Because how would you anchor them? Because otherwise, you you can be a consistent or coherent person in that virtual world, but how do we know that it is actually is a person? Or even maybe is is that actual person? Which are obviously two different things. And we have this conversation and I, you reminded me to go back and listen to it now. But it was very much the case of No, no, no, no, we don't want anything to do with biometrics, because it is too tethered to the real unique, individual identity that is not just is a person, but is you that person. And that's exactly what you are explaining there. And I'm sure you read the piece, like I did, from Vitalik Butyrin, where he basically picks apart not actually not just Worldcoin, but lots of potential competitive offerings. And he, you know, weighs the pros and cons. But he does I think at one point kind of nutshell this whole idea, he says, yes, it's more secure in this piece of hardware, this device, this spooky, weird orb thing. But the downside is that it's much, much more centralised, which is exactly what you're saying. Right? Yeah. And I thought that was really that is the nutshell. Oh, you want privacy and security, haha. But the trade offs got to be you've got to hand it all over to one centralised, government or governing entity if you like. Which is actually the thing that everybody wanted to get away from, which is the whole self sovereign movement and the decentralisation movement. And I keep thinking that, and I've thought this for a while that this is going to end up potentially with a battle between, you know, states, or regions employing their own digital identity systems, which might be based on wallets and verifiable credentials, or could be something slightly different, but that sort of system versus a world system of digital identity, which is more oppressive, obviously, more centralised, it's kind of pushing down on the world, and, but he's potentially going to allow you to do lots of things in the virtual worlds as well as the real world. So I don't know if you've got any comments on that?
Bronwyn Williams 52:45
Yeah, I think that's just picking up on the Vitalic point there. I think the most interesting thing about Worldcoin is not the iris scan doesn't matter what it is, they could have taken a drop of blood, they could have done anything. And it's not even the fact that they're storing your bio identity. Worldcoin isn't ident isn't interested in your bio density. But what they've done is they've developed a system that if it works, will allow you actually on the back end, when you try and spend your money to link it back to your bio body. It actually doesn't even matter if they're using biometrics to do this. But as long as they creating a way to have a singular digital identity tied to a single human person, suddenly all the things you've spoken about, about how we can distribute and distribute our risk, much like we distribute our financial risk by having multiple identities, distribute the risk of getting cancelled, yes, of course, you know, increased distribution. And decreased distribution of risk means decreased, perhaps reward in terms of reputation. But it also means that you don't have all your eggs in one proverbial basket. But by creating that, implicit, not explicit link between your individual self and your digital self, suddenly, you don't have multiple identities, you have multiple identities in theory, but in practice, your government, whether it be a natural governments as we currently have, or a future one world government, there is a way to trace it back to you as soon as you try and do anything useful with that credit. And that other point you made was also very, very clear. Something that I'll be speaking about a lot, in fact I speak about it like every time I have any engagement with a client at the moment, is this idea that all data is credit data. And we have this idea that credit is to do with debt and money and capital. But it's not that, credit, if you want to look at the sort of root sort of meaning of these words is access to goods, services and opportunities. It's access to real things. And when you sort of try to think about this idea of like credit as being something like money, it's abstracted, and therefore we think that we can separate it from our natural selves. And this is essentially the con, the big lie of decentralisation, is that it is irrelevant, unless you're able to link it back to goods, services and opportunity right otherwise, everything stays in these systems are still potential energy or potential money or potential goods, services and opportunity. And when you have to realise it, suddenly you realise that all your privacy, all your decentralisation becomes kind of meaningless. And I know it sounds a bit melodramatic. But I read the Burning Tickers book about the Armenian Genocide, which I believe the Americans only sort of even acknowledged like last year, when Joe Biden tottered onto the stage. That's a side point. And you're talking about these very wealthy people, who packed up their lives and had strings of pills that they were using to try and bribe the guys that were going to massacre them. But you know, what, when a gun is pointed at your head, the guard's going to take your pills and your life, you know, and these are the sorts of things that I think about that when we talk about distributed identity and privacy and self sovereignty, inn a digital spaces, the digital is still the abstract, it is not the real. And I think there's a lot of narrative. And there's a lot of incentive, both from a political and an economic and a business sense of trying to conflate those two ideas of trying to get us to think that the unreal is in fact the real. And you have to always come back to what does this mean, in the real world? What does it mean, when I want to go buy something tomorrow, not just buy something but have it? What does it mean when I want to move physically through spaces or I want to eat, or I want to sleep and shelter I want to get on a piece of transport. If you're not able to do that none of these things are really worth anything. What these systems of centralising a point of failure do is they make us that more vulnerable to having that singular identity cut off. And you see you made the point earlier again, about saying whether our digital identity will be at a national or at an international level. As long as an international system exists, whether that system is controlled by regional governments or by domestic governments or not, doesn't really matter. Because if Worldcoin exists, and there's a critical mass of human beings in the Worldcoin, or some sort of comparative system, your domestic government will be able to verify that national government identity against that world identity. So as long as this database exists, we are no more or less free than we would be if we had just regional identities. I think that that's also a point that we need to understand because it's now a check and balance. It's a database with which to verify your individual humanity. And it's a tool that will be available, implicitly, if not explicitly, but implicitly de facto in the real world. Any government, authoritarian, democratic, or whatever will be able to then make that link as soon as you try and use that credit to get access to goods, services and opportunities. That credit, again, is the sum total of your entire perceived worth in the world your financial credit, your credentials, like you've spoken about, your reputation scores, your popularity, which has now also become quantifiable, thanks to social media. We know who has more likes, and who has more followers. And as soon as it becomes quantifiable, but comes fungible with monetary and goods, services, and opportunities, once again. And this is the other thing that's sort of the whole DeFI movement is done. That's so so interesting to me, is that it's made a whole lot of implicit worth, that we used to be able to use to actually get along with people without having literal scores over our heads, and turned it into explicit credit scores that combine into a singular number. Because all these credit scores, reputation, cash, worth, credentials, now become fungible, they can become summable, into an actual number. And again, I think you've spoken quite a lot also about books like Seeing like a State, which just to get, if you read that book, you then understand how this all ties together. Because what this is about, when you make the implicit explicit when you make the analogue digital, when you make things quantifiable, things that used to be nuanced, quantifiable, you, you make them manageable. You also lose a lot of the real human nuance that you have. And we also sort of fall into the trap of thinking that if it's not quantifiable, it doesn't exist. But it's actually quite the opposite. Anyway, that's a that's probably deviating a little bit too much into philosophy. But anything that is numbered can be managed, can be manipulated, and can be used as a means of control. And I'm so concerned about global systems because they exist, even if they're not the actually specified mechanism of control and management within a particular border.
Tracey Follows 59:29
For a long time, you said to me and others that South Africa is almost the blueprint, the preview for the rest of the world. Do you want to explain to people who haven't heard you say that before what you mean?
Bronwyn Williams 59:42
Yeah, so South Africa is that as a preview of what's going to happen with the weird West, I'm sure you're familiar with the term weird sort of Western educated, industrialised and fairly relatively rich world. We are a preview not a throwback to an embarrassing past. We're actually a preview as to where the rest of the weird West is headed. And I do consider South Africa to be part of the weird West due to our colonial history. But also due to the media we consume and the culture and how our culture is shaped. it's got a very Western, but it's not actually an African and Eastern bent. Although that might change in the future, that, again, would be a preview as to where the West is headed when you start to pick up all these signals. And I say that for many reasons, I say that for political reasons, for economic reasons, and also for social reasons. So perhaps you can start with the social reasons, that I think makes the point quite explicit. And that is that when you look at social issues, like intersectionality, like gender and race issues, we have not resolved those issues in my country. Not at all, we have some of the highest gender based violence rates in the world. And our racism is notoriously famous, in fact, it's the DeFIning sort of characteristic of what you think about when people think about South Africans, shamefully, is our terrible racist past. But where we are ahead of the rest of the world is that we started having conversations about things like race, identity and gender, a lot before the rest of the weird West was willing to explicitly state that. The weird West had feminism but it was intellectual feminism, it wasn't exactly practical feminism, you know, if you want to put it that way. If you look at our Constitution, we were talking about LGBT rights far before any other countries were doing so. We legalised things like same sex marriage far before when other parts of the so called liberal world did, which is quite extraordinary when you think about it. But the fact that we're having these conversations, and I remember these conversations when I was a child, that are now taking place in the discourse, across America, and Europe, and I find that really fascinating, because we tended to think we were so far behind, so far down south, we're so much poorer than you, surely we can't be ahead. But the poverty too, is a symbol and a symptom of what is coming for the rest of the weird West. It's what happens when quite frankly, you run out of other people's money, I mean, we don't need to go down the source of that quote, because that tends to alienate more friends than you tend to make. But the point is that that's exactly what's happened in South Africa. Want to talk about things like universal basic income? Well, we've got a population where more people than not are dependent on state grants, want to see how that's working out? Not so great, if you want to sort of see the actual numbers involved, you know, both real and relative poverty have not decreased thanks to social grants. And people criticise me for saying that that's effectively like a de facto universal basic income. But when you look at the economics of it, that's what it is, when you've got more people dependent on the state than independent from them. It has economic consequences, also has political consequences. When you get to that point, you don't really have democracy, because if you are not paying your government, and they're paying you who's working for whom. Government, as you said, it's supposed to be governance, right? Like, and that doesn't happen if they literally can control whether you eat or not, today or tomorrow. And that criticism about the fragility of democracy, something that the rest of the weird West is about to confront, hard and fast, especially as aging populations take place over there. Again, our population permit isn't exactly leading yours, but the issues that we have have been exacerbated in our country here. And I think that it's there's so many examples that you can go into there and just see how, in so many ways at a socio-cultural economic perspective, we tend to be a little bit ahead. And then also quite practical terms, I had a fascinating conversation with an academic political economist yesterday, around why South Africa takes up so much of the national discourse, because we're like, we're like a geopolitical disaster. We have a terrible economy, we quite frankly, have embarrassing politicians that make stupid decisions every day of the week. But the point is that from a geopolitical perspective, South Africa sits at the tipping point between past and present in one of the biggest flips that we're seeing, and that is the flip of power from the white weird West towards the coloured global south. And South Africa sits at two key intersections, which I'd never really thought of explicitly until I had this conversation. And the first is that it's part of BRICS, we were part of BRICS, even though we are tiny, compared to Brazil, India, Russia, China. We are so small. What are we doing there? That was the question I asked, like, why did they even want us? You know, why, why were we on board there before Saudi was? They are so much bigger than us. And the truth is that we are the gateway to Africa, which is the future in terms of demographics, and in terms of a whole lot of natural resources, which is both a blessing and a curse. But we essentially represent the entire African continent to BRICS, but also, we are the leading voice for the African Union on the side of the UN, which is also extraordinary. And what the economist was explaining to me there is that as he termed it, the so called coloured global south, the non white part of the world has now reached a more than 50% majority. And that's led purely, really by the African Union plus a few of the Caribbean states, if you look in terms of membership there, and South Africa is the leading voice in that regard, nobody else is organised enough. So we are, in effect, even if we shouldn't have the roll, we are in effect, the sort of linchpin between the negotiation between the past and the present, no matter who ends up falling into power in our sort of split new, not quite global hegemony. So anyway, we are an interesting place.
Bronwyn Williams 1:05:39
Tying all this stuff together. When you start to get to Central Bank digital currencies, we're putting real money, we're giving an explicit, not just an explicit credit score, but an explicit monetary score to all of our credit scores. And we're also putting it into very central hands. So the things with central that you can do with Central Bank digital currencies, that's not to say that there's actually going to happen that it can be done, which means in the wrong hands, in a more dictatorial type of society, you can do things like make money, make fungible things unfungible,. You can say that this particular person can only spend money on these particular things. You can change the value of that money instantaneously. And don't say governments won't do that. If you were an Indian citizen, and woke up one day to find out that all of your banknotes of a particular colour was suddenly worthless. Those notes are still in circulation. So they could still be traded in the physical sense. But you do have a digital currency.
Tracey Follows 1:06:41
Oh, but Bronwyn just to just to ask you about that. Because I mean, people think it's not possible. Okay. Or in that, Oh, that would never happen in that governments would never do that. But remembering COVID When the governments were demarcating between essential and non essential and that's like one of the things I think that could end up being programmed with, oh well this is non essential for you, therefore, you can't spend this money on that. Sorry to interrupt you. But I think that like this the connection, yes…
Bronwyn Williams 1:07:12
And I like what you said there, for you, because you could make different rules for different people, and no one would need to know. This is something of course, you work in the media space, you understand media trends, and you absolutely know about dark advertising and how you and I can both be served a different advert by the same politician promising us different things, and neither of us would ever be the wiser, right? So you could do the same thing with money. The whole point there is that and what the potential could be done central bank digital currencies, is that your account, your central bank account, which is the sum total of your Caesar's world wealth could be held with a central bank, and not with a private bank. So yes, several countries are trying to build legislation to force private banks to have a space in this ecosystem. That also raises questions for me, because if you have a legally sort of carved out space for private actors to benefit from public sort of policies, they are part of the centralised system, and they do have to fall into line with the rules. So if a central bank colours the coin to say that, okay, because we know, in a pandemic crisis, or the aliens have landed, or whatever, no one is allowed to buy ice cream, you know, the private banks will also have to follow through with that. So that's just another step. It makes it slightly more difficult to do these things. But it doesn't preclude anything that we sort of say here. So you can have different rules for different people, you can have different rules for different goods and services. You can add and subtract money from that account at a whim. If you're under save tax, you know, like a tax audit, and there's suspicion on your account, they could freeze it, all your assets. And I know that, I think, I'm sure you've spoken, and I think that that's been a topic of conversation in the UK at the moment with private banks cutting off people's access to credit right. Now imagine your state does that, which means it's the off switch for every bank, you know, like, this is the power that puts into it. But it's more than that, because as I've said, and I hope this point comes across, that credit is now more than just your money, it's your intellectual and social capital to that is also explicitly now linked to that same identity, which means our vulnerability becomes so much more. And I think my my fear and also my sort of challenge to people is to stop thinking that just because something is digital, that it is actually true. We've got to question how that information gone into channel I know that your book, I just want to come back to that point because you spoke about your your book when in your book about your Facebook identity challenge where you suddenly were non personed by Facebook. Imagine being nonpersoned by a master key which was which which says you're not actually a real individual across your social capital across your, your banking capital against everything else. This is possible with current technology, but only if we as biological humans submit to that and actually agree that that digital identity is immutable. So I just I just read your book thinking when I when I read that chapter, and I was like, Well, that could happen at a larger scale. And we think that we think that these sort of blockchain systems that have immutable truth baked into them, I hate that word immutable truth, what nonsense is that? There would be no way for you to argue against that system. Because that it's that singular identity, not just your Facebook identity, but your like Worldcoin, I use that inverted coin. So whatever it is your master identity has now been corrupted on chain, and someone has the ability to say where that is or not. I know that like Worldcoin is trying to solve that problem, say that'll never happen. But never say never, because the real world still exists. And someone can put bad data into that system. If it gets past the gatekeepers, if it gets past the trolls sitting under the bridges, that lie is no longer challengeable, becomes laundered into truth. And that truth machine idea that we should rely on single data points, that we should rely on immutable data chains is for me, hugely terrifying. We should be more okay with opacity and with actual trust, because trustless systems, by their very DeFInition, preclude trust from the system, and therefore they shouldn't be trusted, in my opinion.
Tracey Follows 1:11:24
I know I've got to let you go, unfortunately, and I know you've got tonnes of other things to say and predict probably, what thoughts would you like to leave us with in your five year window let's say so, to 2028? Where are we going to be? And what will be worrying about then?
Bronwyn Williams 1:11:42
Well, I think what's happening now is that a lot of the dots are being connected about these things that he's spoken about. And I think that's that's the big thing, that's the way that we're the discourse is going to shift, where you start to see how central banks own digital currencies, how artificial intelligence, how blockchain and this idea of immutable truth, and how identity and questions in the metaverse and all these things, how all of these conversations are coming together around a point. And I think this is going to be the big penny drop for a lot of people as to where we hit it and as to how close and closed that that gate will be once we step past that threshold. So I think that's what's going to happen there. We're going to start connecting those dots and and that's the big story. That is the big story I think of our generation, as to how to keep our various facets of our lives separate.
Tracey Follows 1:12:38Thank you for listening to the Future of You hosted by me Tracey Follows. Check out the show notes for more info about the topics covered in this episode. Do like and subscribe wherever you listen to podcasts. And if you know someone you think will enjoy this episode, please do share it with them. Visit thefutureofyou.co.uk for more on the future of identity in a digital world and thefutureofyou.consulting for the future of everything else. TheFuture of You podcast is produced by Big Tent Media.