#625: Decentralizing Identity in VR with Holonet & Self-Sovereign Identity

alberto-eliasHolonet is an open source project that implements the Decentralized Identity Specifications for open web VR platforms like WebXR. A self-sovereign identity system could enable the seamless portability of your avatar identity across multiple sites without having to use centralized authentication methods that would require you to login to every site with a unique username and password, or have to re-upload assets onto every metaverse world that you visit. The Decentralized Identity Foundation formed in May 2017 with a number of blockchain companies and bigger companies like Microsoft who got together to open source their blockchain identity IP in order to create a number of decentralized identity open standards.

Investor Chris Dixon recently published an essay titled “Why Decentralization Matters” where he argues that some of the most exciting entrepreneurial & development opportunities are in building out a robust decentralized Internet architecture that leverages the blockchain technologies and cryptonetworks. These decentralized systems are a counter balance to the aggregated power of centralized companies like Google & Facebook, who are currently dominating the the online advertising market. Dixon argues that these companies initially collaborated with third-party developers to grow their ecosystem, but they all eventually started to focus more on “extracting data from users and competing with complements over audiences and profits.” In order to drive their advertising-based revenue models, Google and Facebook have pioneered methods of “surveillance capitalism” that tracks information about what users do online to form unified profiles to model behaviors and ultimately match advertisers with potential customers.

VR & AR technologies will provide the opportunity to have access to even more powerful biometric, emotional, embodied movement, and eventually eye tracking data, which has an unknown ethical threshold between what is predicting or controlling user behavior. Be sure to check out Voices of VR episode #520 for a more comprehensive write-up, discussion, and links to other episodes covering the complicated privacy issues that VR and AR introduces.

Holonet developer Elias hopes that one antidote to companies tracking your every movement and action in virtual worlds is build compelling user experiences that leverage decentralized identity technologies to put the control of your identity and data back into your own hands. He’s released a sparse toolkit to start to integrate self-sovereign identity tools within WebVR sites on the open web, and he’s planning on working on integrations with the popular A-Frame WebVR framework.

LISTEN TO THE VOICES OF VR PODCAST

It’s still early days for where the open immersive web is headed, but High Fidelity is probably the most robust example of what’s possible with open web technologies. Co-founder Philip Rosedale told me that they’re planning on implementing a self-sovereign identity system, and High Fidelity also recently launched a beta of their own High Fidelity Coin cryptocurrency. Elias hopes that Holonet can provides tools for open web developers to create compelling user experiences that leverage the power of the open web with a decentralized user identity. There’s not a lot of compelling experiences just yet, but if Dixon is right, then we’re going to be seeing a lot more decentralized cryptonetworks in the future, and infrastructure tools like self-sovereign identity are going to be crucial ingredient for an open and portable metaverse that’s architected for privacy.

Other decentralized services mentioned in the podcast:

This is a listener-supported podcast through the Voices of VR Patreon.

Music: Fatality


Support Voices of VR

Music: Fatality & Summer Trip

Rough Transcript

[00:00:05.452] Kent Bye: The Voices of VR Podcast. My name is Kent Bye, and welcome to The Voices of VR Podcast. So just a few days ago, on February 18th, venture capitalist Chris Dixon wrote this really amazing article that's called Why Decentralization Matters. And he's looking at the evolution of these cryptocurrencies in the context of the evolution of the entire internet. And he's saying that there's been like these three phases of the internet. One was just to establish these open protocols and then the next phase with all these centralized incumbents like Google, Facebook, Amazon, and Apple that were creating these centralized marketplaces and really dominating the ecosystem in that way. And he says that the next trend of the web is this breaking up of these huge centralized portals into like these decentralized crypto networks And cryptocurrency is one leading indicator of that, of this new infrastructure layer. But the next layers are going to be these other dimensions of being able to actually host websites that are both scalable and stable. We're not at that point of actually having a stable decentralized infrastructure, but he's saying that all of the exciting entrepreneurship and investment is going towards this trend of decentralization. For me, talking to people like Neil Trevitt of the Kronos Group, he says that there's always this competition between the open platforms and the closed walled gardens, and that there's always going to be that tension between that unified user experience of that walled garden and sort of the open platform dimension of those open standards and that decentralization. So I see that there's not going to be one clear winner, but that the center of gravity, I think, is starting to shift back towards this decentralization. I think a big things that are driving that it's like, first of all, you have these both Google and Facebook are essentially ad companies and their policies, if they make some sort of policy change because they've been able to centralize so much of the ad revenue, it just changes the entire business models and sometimes puts people out of business if they just make a single decision. And so, in a lot of ways, the independent publishers and smaller content creators, they've lost the ability to be in charge of their own destiny because they're relying upon the whims of these huge centralized companies. The other thing is just this process of privacy and data collection is that, you know, that at the beginning you have this process by which both Google and Facebook and Twitter, you know, they'll have this kind of open period where they're really collaborating with third party developers. And then at some point it becomes actually more profitable for those companies to basically disempower those third party developers, then it becomes a matter of trying to extract information from the users and that information is what is driving all these ads to be able to specifically target people and create these different models of psychographic data and what people are interested in and to connect the people who want to advertise something with the people who might be interested in it. So both Google and Facebook have this huge monopoly on that ad market, and there's a couple of strategies here. One is to try to regulate things, but I think actually Chris Dixon argues that that doesn't really work with software networks because there's something that's fundamentally different with computer architectures that are fully programmable, and you can put whatever software you want on that, and they're going to be sort of interfacing through these open protocols. So it's a little difficult to, you know, how does the government come in and start to try to regulate something like this? And so the other strategy to kind of counter the centralization is this process of decentralization and to create open platforms that are using different technologies that are creating more of a market demand and a better user experience. And I think that's where we're kind of at is can we create these better user experiences that actually creates a market demands to be able to actually shift some of these different centralizations of power. And so certainly cryptocurrencies have been a huge part of that. And another part I think that is pretty huge when it comes to virtual reality and immersive technologies is identity. Because when you go on a internet and the World Wide Web, you're basically an invisible entity where you can go to a website and have the same experience. But when we go into a virtual reality, you actually have an embodiment. You have a character, you have an avatar. If you want to interact with other people who are kind of walking around in these shared social spaces, you kind of have to have some representation of yourself and for you to have a record of who you are and be able to prove it in some way. And so there's been this movement of using blockchain technologies in order to create this self-sovereign identity where you actually have control over your identity rather than for you to have Facebook or Twitter or Google be able to be the mediator of your identity through being able to sign on to different services. If you want to be an authenticated user on the web, then it's very easy to just use this. Otherwise, you have this situation where you have a username and password for every new place that you go into. And imagine if you wanted to go into a physical store to buy ice cream, if you had to remember what your password was for that ice cream place. So that's kind of what the Solve Sovereign Identity is trying to solve, is that it's more of an equivalent of you having an ID card that you're able to flash at different levels of information depending on what different virtual locations need in order to verify your identity. And it also enables you to have a consistent identity across multiple different WebVR and OpenWeb sites. So a lot of the virtual reality has been centralized in the game engines with both the Unreal Engine and Unity, but there's both WebVR, WebXR, as well as like High Fidelity, for example, is not only built on a lot of these open web technologies, but they've also implemented their own cryptocurrency. And so they're trying to implement a self-sovereign identity, which I talked to Philip Rosedale back in March of 2017 on episode 533 about what they're doing with self-sovereign identity. So that's when I first heard of self-sovereign identity was last year. And then in May 29th of 2017, there's actually the decentralized identity foundation where there was like 19 different blockchain technology companies that were saying, Hey, we want to make this happen. In order to do that, we need to not compete with each other, but we need to actually create these open standards. And so they, opened up their intellectual property and started collaborating. And then Microsoft, as well as IBM, as well as Accenture, some of these bigger, more established companies are also coming in and trying to establish the idea of a self-sovereign identity. They're working with the W3C to come up with some decentralized identity specifications. And so they just recently published a draft update to this back on February 12th, 2018. So there's a lot of movement towards this trend of decentralization. And it's at the level of the infrastructure layers right now. There's not a lot of really compelling virtual reality experiences that are really implementing this. I think high fidelity is probably one of the most compelling. And there's also some other people who want to see this happen on the open web. And so I had a chance to talk to somebody who's actually been building something called HoloNet, which is trying to implement these decentralized identity standards and to be able to seamlessly integrate within these virtual worlds. So I had a chance to talk to Alberto Elias of HoloNet to talk about his vision of why this is important as well as what he's doing to enable other open web developers to start to implement this type of technology. So we're covering all that and more on today's episode of the Voices of VR podcast. So this interview with Alberto happened on Wednesday, October 11th, 2017 at the Oculus Connect 4 conference in San Jose, California. So with that, let's go ahead and dive right in.

[00:07:37.016] Alberto Elias: My name is Alberto Elias, I'm from Spain and I'm working on a project called Holonet. It's a tool to build 3D websites that are interconnected between each other and you can move around with a self-sovereign identity. So this is a global identity, the user controls every single aspect of it and it allows for a seamless experience throughout all the virtual worlds. These work with VR and in the future with AR. which I think is super important because I think AR will make the whole digital platform more seamless with the physical platform and having a digital identity that works with that so you can automatically have the identity work with all digital apps, all AR, all VR apps instantly in whatever room it is, in whatever space it is. wherever you're working with that. If you're connecting with a person in the physical space, you have your identity and you can speak with them, or even see their name, and that name is because they've decided to share that name, or they've decided to share any other aspect with that, like their favourite colour or whatever. It could even be useful for icebreakers, but it's for everything. So if you go to Facebook, for example, The idea is that Facebook will say, I want these pieces of information. And you can say, OK, I'll let you read them, but you won't be able to control them. So you can give me a better experience for your platform, but the user is who controls that information.

[00:08:51.512] Kent Bye: Yeah, so this is a concept of identity and privacy that I first heard from Philip Rosedale of High Fidelity talking about the concept of self-sovereign identity and Christopher Allen has done a whole like evolution of identity and there's been different evolutions and different phases starting from having something that's like a centralized identity and then having like something like open ID and then you have like these federated identities, and then it started to go a little bit decentralized and then it kind of reverted in some ways to go back to like, you know, if you want to log into a website, you just use your Facebook password or Twitter password. And the downside to that is that now all of a sudden, when you're logging into these other websites, you are now sharing all sorts of information about yourself to this massive collection of data about you through these models of surveillance capitalism, They're trying to suck in all this information and track everything you do on the internet and to be able to eventually sell ads to you. So the concept of self-sovereign identity sounds like an antidote to that. So how is it an antidote?

[00:09:53.832] Alberto Elias: So what you've mentioned are my main reasons for working on this platform. So with VR and AR, digital platforms can capture even more data about us than ever before, which I think is very, very dangerous. The other reason I think is very important is because of making the experience more seamless. Like I said before, imagine if you go to the cinema and you buy tickets. You don't want to sign up for every single cinema in your city. You just go with your digital identity, which probably has your payment system attached to it, and you just pay instantly with that. And I think that will also work with VR. Having to log into every single WebVR-compatible website or WebAR-compatible website would be a massive pain in the arse and would throw people away from using web-based 3D technologies. So having a global self-sovereign identity I think also fixes the user experience of the platform.

[00:10:43.963] Kent Bye: So I guess that concept of the self-sovereign identity is kind of like a cryptographic key that I have a copy of saying that who I am and that may be the private key and then there's like a public key but there's sort of a you know almost like a metaphor of you going into a bar and there's a bouncer there who wants to see if you're 21 and you flash your identification and it's kind of like that. It sounds like this self-sovereign identity would be like there's some sort of exchange So what are you showing? Are you showing your public key? How does the cryptographic dimension actually work here with the self-sovereign identity? And what would be required in order to actually pull this off?

[00:11:18.692] Alberto Elias: So you mentioned Christopher Allen. He promotes this rebooting web of trust community. From that community, there are different specs that are being released. One is the DID, Decentralized Identity Spec. That allows for different mechanisms for decentralized identity. So you could have a decentralized identity based on Bitcoin, another one based on Ethereum, or another one based on what's called IPFS, which is a decentralized web protocol. It doesn't even have to use a blockchain. And the idea of decentralized ID is that they're all interoperable with each other as well. So for different reasons you could have an identity attached to one of the different methods. So in this case, and how I see it, generally with all of them you do have a private key, public key, private key, you never share that with anyone. The idea of a DID is that if you lose the private key, there are ways to revoke it and get a new one, and not lose any of your data. So that's being worked on as well. So don't worry if you lose it, there will be mechanisms to go around that. So another important detail is that you don't have only one public key, you can have many. And you can have public keys for different pieces of information. So if you share one public key, that could be dangerous because whoever you share it with, you share it with someone else. So you create public keys for small pieces of information or for specific actions.

[00:12:35.132] Kent Bye: So it's possible to have a private key but then generate multiple public keys that kind of match up with that private key?

[00:12:41.055] Alberto Elias: So what you can do is from a key, derive other keys. And that's basically the mechanism for this.

[00:12:49.497] Kent Bye: So one of the big things that I see in the future that we're starting to just now really deal with, I think, we're moving into a world where there's been so many different hacks of our data and information. So much information is available on the dark web. People who are able to get a hold of these databases. There was a recent leak with the Equifax data that has all sorts of like social security numbers for people who live in the United States. It just seems like this world of being able to steal our identities is going to become much more of an issue and problem. And so how does self-sovereign identity address the threats of having your identity stolen?

[00:13:28.582] Alberto Elias: So to build the self storing identity and to build the whole tool, I am using decentralized web protocols like IPFS and the DAP protocol. I'm basically testing both of them out. So decentralization is a massive help for this security issue, because if they hack one server, they might be accessing very, very small pieces of information. it's not like all the identities are in a server. They can hack your phone, they can get your identity, which you can revoke, but they can get your identity, but that's it, they can't get anybody else's identity. Or using the decentralized protocol for web contents, if they hack a website, to hack a website you don't really hack a server, because a website isn't hosted on a server, it is, but it isn't like an IP address that points to a server. You have an address that points to the content, wherever that content may be distributed on the network. So you could be having a copy of my website and another person in the other side of the world might have another copy. So to be able to hack that website, it's not just hacking a server. I see, yeah.

[00:14:34.563] Kent Bye: My understanding from the cryptocurrency world is that The distributed blockchain and ledger is secure because all the information is distributed amongst all these different computers. And so what I see is a little bit of this cat-and-mouse game, where if you wanted to create a giant botnet and then hack into all of these computers if you got a hold of some sort of malware, zero-day exploits that are out there, to be able to exploit the vulnerabilities that are inherent in all these systems that are being weaponized. And if you have a giant botnet and are able to find and discover all these individual nodes on the blockchain, you could theoretically get the information and start to spoof and hack some of these public and private keys. And I guess that's sort of like this new world of the cryptocurrency, that's a threat and possibility. And I'm just curious to hear your thoughts on that in terms of like, if there's going to be this cat and mouse game of having to hack an inordinate amount of computers, it starts to become a little bit more like, well, maybe there's at some point if everybody's using it, then it's going to be totally infeasible to be able to do that at scale.

[00:15:41.027] Alberto Elias: it would definitely be way harder. Like, to be able to hack a big company like Facebook or Google is hard because they've got very, very good security engineers working on it. But being able to hack the website of a local business, which they're probably using some consultant to work on it, who's probably working on many, many different websites, well, it's probably a lot easier because they're not keeping in mind all the different security practices. So having the network do this for you will obviously be a massive help for the whole digital ecosystem.

[00:16:12.710] Kent Bye: And so how does the virtual reality start to tie into this in terms of like, I have this self-sovereign identity, okay, now what? Now what does that enable with either an immersive virtual reality metaverse or a augmented reality overlay onto the entire world?

[00:16:29.221] Alberto Elias: I think it's both really. I think VR and AR are the next user interfaces for this digital platform. And I think they bring a fantastic bridge between the physical and the digital. So what I see is that they're going to make technology start to disappear a lot more in our lives. So it's going to be a part of us. And that's why I think it's super important that we have a decentralized self-sovereign identity as well.

[00:17:01.440] Kent Bye: So tell me what's next with this. I know that you're working on this. I know that High Fidelity is working on this. What is the strategy in order to come up with a larger movement? I know that there was recently a number of different companies that were basically collaborating to say, We actually all want this self-sovereign identity concept, so let's take all of our intellectual property around it and share it. And so there's about 18 or 20 companies that did that and come up with this decentralized identity foundation. They're working on these different specs and standards. So there seems to be these clusterings of people that used to be separated connecting, but where do you see it going from here to really kind of take it to the next level in terms of adoption?

[00:17:37.925] Alberto Elias: Well, that's also what I'm starting to do a lot more now. So there are many, many different projects pushing in the same direction, but fighting different fronts. So what I see a lot is that many of these projects, it's like our stakeholders have this specific concern, so we're going to rebuild the whole thing just for this specific concern. So the great thing about the self-sovereign identity movement is that all these companies are getting together and working together on a system that works for everyone. Hopefully we will see similar things pushing on the 3D side as well.

[00:18:10.592] Kent Bye: And so it was really interesting to hear that you could actually use like a Bitcoin wallet or Ethereum wallet so that you have a hash where people can send you money but you could actually start to use that as a self-sovereign identity.

[00:18:22.679] Alberto Elias: So the centralized identity methods that are blockchain-based, what they do is that the identity creation method, that's stamped on the blockchain. So you can verify that this identity was created at this point of time. And then you can use that identity for all other transactions. Those other transactions maybe don't need to happen on the blockchain themselves. It depends on the security needed to verify that transaction. Because there are many off-chain systems that do have a lot of verifiability. Not as much as a blockchain, but good enough for most things. And if we do everything on the blockchain, the blockchain will probably end up quite stuck. It won't be able to do all the transactions necessary. So we need to start looking at off-chain methods as well.

[00:19:09.357] Kent Bye: I guess one of the things that scares me about some of these either cryptocurrency or self-sovereign identity is the reliance upon having a private key that you're not supposed to share. And there's all sorts of potential vectors for you to either lose your laptop or to lose your phone or to be hacked and have that taken. And then, you know, the fear is that, oh, then they just go and drain your bank account of all the either bitcoins or Ethereum that you have in your wallet. If you take a step back and look at what is the ultimate dimension of being able to determine who you are, it seems like the DNA and the biometric level is going to be maybe a final arbiter to be able to discern that Alberto is Alberto and Kent is Kent because there's a DNA difference in that everything else is going to be some dimension that is vulnerable to either being hacked or having some dimension of finding some sort of loophole in the technology.

[00:20:02.196] Alberto Elias: But even DNA could be copied. Someone could, without much effort, get a DNA extract from you and use that to identify them as you anywhere. I think even a private key could be more secure, especially because a private key can be revoked, like I said earlier. So all decentralized identities need to build a way to revoke very, very easily and very quickly your private key in case it's lost or someone stole it. So that will be a solved problem.

[00:20:30.333] Kent Bye: How do you prevent someone from falsely saying that you lost your key and then they get a new key for you? If someone else is trying to revoke your key on your behalf, then that seems like another challenge.

[00:20:42.159] Alberto Elias: So one of the ways to do the key revocation is called social key revocation. So basically, you have a set of people, other identities, that you decide if you lose this key, they will vote, yes, this person has lost their key. They need a new one. So they would need to attack quite a few people to get around that. I mean, there will always be ways. there will always be ways, but this is definitely way safer than what we have right now.

[00:21:09.871] Kent Bye: Yeah, I mean, I'm just sort of thinking things out through here. I mean, it seems like there's an additional dimension there of your social group and your peers that you would have some mechanism for alerting them and then they would somehow vote.

[00:21:23.466] Alberto Elias: Yes, it's more or less like that. So one of the implementations, it has an Ethereum smart contract. You decide who the people who have your key in custody. So if you lose them, these people will have to send a transaction to this smart contract saying, yes, my friend needs a new private key. And if three out of four do that, then you get your new private key.

[00:21:47.296] Kent Bye: It seems like just having these cryptocurrencies built into the fabric of virtual reality worlds, that we're going to really need ways for people to exchange currency across different borders. But also, micropayments and microtransactions seems like it's going to be a potentially huge part of depending on how much time you're looking at something or paying attention. I know there's been some people that have started to, even while you're looking at something, mine a cryptocurrency on your compute resources while you're visiting their website, which it feels a little bit parasitic to do that. But at the same time, that could actually provide a way of monetizing attention in a way that could be a little bit more equitable than relying upon collecting all my data and then exploiting it in that way. So I'm just curious to hear some of your thoughts in terms of how These new cryptocurrencies could be embedded within the fabric of virtual reality such that we could maintain either these microtransactions or other ways of monetizing attention.

[00:22:43.887] Alberto Elias: So if I'm monetizing attention, there's a very interesting token which is the basic attention token by the Brave browser team. I prefer that than having a website mine when you visit the website because that's using an enormous amount of computer resources that you don't need to be using. So I think the other way is way more efficient. For microtransactions, so I know more about the Ethereum community, they're developing a project called Plasma that will allow for many chains to interrupt with each other and on top of that it will be way easier to build a microtransaction system that doesn't clutter the main blockchain. So that's stuff that's being worked on. The Ethereum founder said that in two or three years, they will be able to have the same amount of transactions as Visa has currently. So that doesn't mean they will have it. Ethereum would need to grow in popularity, but the technology will be there to do it. So if possible, that will allow for microtransactions to work out. And if we have blockchain-based microtransactions, I just think that it's going to be a very, very quick way to pay for everything. For example, there's also, for the decentralized web, there's this protocol called Filecoin. So when you create a decentralized website, normally you start hosting your own website on your devices. But what if you want to turn your computer off? Then the website disappears for the period of time your computer's turned off. So you can use Filecoin to pay other people to host your content as well. So it's basically like a hosting service, but it's distributed through the whole network and it's microtransaction based. And it also serves as a CDN, because you have people from all around, from different specific places in the world serving that content. So if the creator of the website is in China, the computer doesn't have to go to China to fetch it. That person from China can pay someone in the US, someone in Europe, someone in South America to host the website. So that's another microtransaction option. And then also, I think for 3D stuff, we'll end up having some kind of inventory system for digital assets. So having a blockchain to verify the creator and current owner of all digital assets, I think will be a crucial part of the platform.

[00:24:51.585] Kent Bye: Yeah, it sounds like that the Filecoin is a way to do like, is that kind of very similar to the IPFS, the internet?

[00:24:58.650] Alberto Elias: It's by the IPFS people. So Filecoin is built on top of IPFS. If you just use IPFS, then you need to find people to host your content by yourself. With Filecoin, there's a decentralized exchange network.

[00:25:11.768] Kent Bye: So it's sort of like a CDN that you can assure that it's going to be available and that, you know, what is the exchange there? How does a Filecoin, are you paying in Filecoin in order to host things or what?

[00:25:22.600] Alberto Elias: There's a decentralized exchange, so you pay with Filecoin and storage miners receive the Filecoin for storing the content for you.

[00:25:31.450] Kent Bye: Do you have to pay for bandwidth at that point?

[00:25:33.655] Alberto Elias: There are also retriever miners. So those are the people who will retrieve the websites when the user wants it. So those are paid as well.

[00:25:41.442] Kent Bye: OK. And for self-sovereign identity, is that also something that has a transaction fee to be able to, any time you flash your ID card to the bouncer at this metaphoric website that you're about to go into a virtual world, is there some sort of transaction fee that is taking place based upon the computing resources that would be required to verify that identity?

[00:26:01.218] Alberto Elias: Just to authenticate yourself? Definitely not. But for example, there's this concept of verified claims. So for example, a passport could be a verified claim issued by your local government. Or a driver's license could be another verified claim. And a less higher up level of a verified claim could be like, this person, I'm certifying that he's a human or she's a human being. There could be a verified claim for everything. A verified claim like, this is my friend or this is a family member. Verified claims could be on the blockchain as well, depending on the importance of it. I'd say a password could be something that the actual creation of the password and assigning it to this identity would be a transaction on the blockchain. But saying someone is a human, that might not be necessary.

[00:26:42.287] Kent Bye: Are there any other big distributed technologies that you think people should be aware of or start to look into in terms of if people are interested in either learning more or started to try to implement this, or other technologies that just make new things available?

[00:26:57.079] Alberto Elias: I can't think of any out of the top of my head. I think we've talked about decentralized web content like IPFS and ADAPT protocol. Ethereum is working on their own, which is called Swarm. The problem with Ethereum is that they're trying to capture every single aspect of anything you might need on a decentralized digital platform. So they're not really working with the rest of the community and trying to take advantage of strong points of other projects. Yeah, we talked a lot about different blockchains as well. There are many blockchains apart from Bitcoin or Ethereum. Many are also focused on privacy. So you don't really know who participated in a transaction, but you could verify that I was in that transaction at some point if necessary.

[00:27:38.158] Kent Bye: And I think another thing that I've found is that the incumbents that have their existing business models and revenue that are dialed up to full optimization with their AI machine learning sort of tuned algorithms to be able to take what is essentially like the performance-based marketing where they're having all their systems to be able to figure out who everybody is and to know what ads to serve to them. They have that all dialed in and I see that there's this trend where they're already continuing on that path to continue to do business as usual with these new immersive computing platforms. I think personally that there's a lot of concerns with biometric data and privacy that ethically I just feel like that's not a good sustainable future in the long term and I want them to start to explore this a little bit but they have very little incentive to do that. So if you were to talk to these people and say, okay, this is what I suggest that you should take a look at, otherwise you may be overthrown as an incumbent because this is the way the future is going. What would you suggest to them if you were in their shoes? What we would start to do to be able to start to think about new business models that could actually be sustainable both for themselves but also to make the distribution of resources a little bit more equitable so that there could be a little bit more of a sharing of the profits rather than just all into one company.

[00:29:00.789] Alberto Elias: So this is one of those, I still don't know how we're going to convince data hungry companies to move to this model. What I think is that we should work on forcing them to. Forcing them by offering users a much better experience that secures their data. So when I talk about this, I try not to use decentralization too much because users don't care if it's decentralized or centralized. They just don't care. What I'm trying to build is a completely open, interconnected 3D universe that has a very, very seamless experience because users can move around from one world to another with no problem. Everything's super easy and they don't lose any capability that they might have in a centralized system. So I think when it's super easy to create a new 3D world on top of this platform, and when it's super easy to use this platform, and it might even be easier, faster, and better than a centralized system, users will start using it, and companies will just have to move to this new platform. So that's my hope for it and that's how I'm trying to build this. Just trying to get all the decentralized and user-centric pieces of this project underneath a better user experience for the metaverse.

[00:30:19.618] Kent Bye: Yeah, we're here now at Oculus Connect 4. Oculus was bought by Facebook a number of years ago, and so Facebook is, you could call one of those data-hungry companies. And I've done a number of different episodes about privacy and Facebook, as well as with Google. and I have so many different concerns, but I'm curious to hear from you, like, why is this a topic that you're concerned about? Why should people be concerned about privacy? I mean, we seem to be perfectly happy to exchange access to our data for these services, and people enjoy those services, but why should that be a concern?

[00:30:54.796] Alberto Elias: We could end up in a situation where we have a benevolent dictator. So Facebook is basically controlled by one person, who's Mark Zuckerberg. He has complete voting power over Facebook. If everyone ends up using Facebook for everything, and when we say everything is everything, not just in the digital world, because the digital world is going to merge with the physical one. It is merging already. So if we end up using Facebook for everything, that means Mark Zuckerberg controls everything. which could bring in many good things. I'm sure he's not a bad person, he's not trying to destroy the world or anything. But when one person has that much power, what happens, even if he, by mistake, does a bad use of that power, which he has already done with many privacy concerns on Facebook, What if when Zuckerberg stops working for Facebook and someone else comes in, like has happened with presidents in different countries, there was a system in place to avoid the president having too much power in case a bad president stepped up? I think we need to make sure that happens with our lives in general. And even if some things are enticing about a benevolent dictator, I think as a whole it would be a disaster for the world if we end up in that situation. And it would take a really, really long time to go back to a more free society.

[00:32:19.868] Kent Bye: The thing that really concerns me is this whole concept of the third party doctrine, which is that whenever you decide to give anybody, any third party, any aspect of your data, then there's legally no reasonable expectation of that piece of data to remain private, meaning that the government doesn't have to get a search warrant to be able to get it. They could go to that company and say, hey, we have this person, he's a person of interest, we need to have everything you got on this person, and then they have to hand that over. And what I see is that this trend in all these tech companies that are just asking for more and more data, they're giving us more and more sweet candy to be able to use and to kind of hook us in, and that we are being driven by a lot of our compulsive behaviors. But there is that erosion of our rights to privacy such that, you know, just recently here in the United States, there was the internet service providers that went to Congress and said, hey, you know, Google and Facebook have been able to get all this data, we should be able to get it too. And they're like, okay, sure, you should be able to sell everybody's search history on the internet now. And that is the sort of question is that these things are no longer reasonably private, and that the more they have on us, the less we can have any sort of that reasonable expectation of privacy. And so that's, that's the thing that concerns me is like, what does this world look like, where we don't have any privacy?

[00:33:39.225] Alberto Elias: There's a lot of sci-fi dystopian fiction about this, and they all scare me a lot, so definitely don't want to end up there. I don't know, if we're controlled, it's definitely a place where culture would start dying, people would start expressing themselves way less. There would just be so many rules set up by other people. We already have a lot of rules. I just think we would go back to experiences we've already lived. but in a situation where governments and big companies actually have a lot more control over us, because mass surveillance on a whole other scale than what we've already heard from the Snowden leaks. It's hard to know exactly how that would work out, exactly what these governments and companies would do. I think different companies and different governments would use this power in different ways, but I think all of them would be quite terrible.

[00:34:33.063] Kent Bye: Well, for your initiatives, what's next for you? What are some of the next steps, and what are some of the big open questions that you have that are really driving your work forward?

[00:34:41.967] Alberto Elias: So my next steps is releasing a first version of this library, so people can very easily create these 3D worlds, interconnected 3D worlds, and easily create these identities that work in all these 3D worlds. From there, it's just extending the system to make sure it provides all the sweet candy that you get from a centralized system. making it interoperable with all other digital platforms as well. The end goal would be to make the open web the digital platform where anyone can build on top of it and anyone can seamlessly interact with it. So that would be the end goal, and it's just moving in that direction. So for now, many of these technologies, many of these projects, they're still not there. They still need to get some work on. So what I'm trying is to act as a bridge between where we want to go and where we are now, and trying to build the tool that is that bridge. It's basically to show what we can do, and it's more like a proposal of where I believe the web should go.

[00:35:45.559] Kent Bye: Great. And finally, what do you think is kind of the ultimate potential of virtual reality and what it might be able to enable?

[00:35:55.209] Alberto Elias: My answer to this is communication. Once we have an open VR and AR metaverse that we are all interconnected with our identities, we're connected with all the different 3D experiences that surround us, I think we can invent complete new ways of communication. Not just by using voice and gestures, or in digital platforms we might use sound or music or 3D models. Using them all together, even possibly creating new signs, new symbols to communicate deeper feelings in way less. So I think we'll be able to communicate a lot more with a lot less.

[00:36:36.492] Kent Bye: Awesome, well thank you so much.

[00:36:38.078] Alberto Elias: It's been great talking to you. Thank you very much.

[00:36:40.719] Kent Bye: So that was Alberto Elias. He's the creator of HoloNet, which just had their first release. And he's got a white paper that he just published. And he's trying to bring self-sovereign identity to the open web. So I have a number of different takeaways about this interview is that, first of all, I think that what the Decentralized Identity Foundation is doing with Decentralized identity specifications is what I see as a huge amount of traction and to be able to actually both specify these open standards, but also have some big players like Microsoft, as well as IBM and Accenture. And where HoloNet is at is basically it's like this open source project that is trying to integrate all these technologies and just create a framework that makes it easy for people to integrate it into other open web systems. So as of right now, there's no complete integration with A-Frame, which is probably one of the more popular WebVR frameworks that are out there. So what Alberto has done is to create something that you can start to work with and build something. So I think some of the earliest experiences that he's been able to build so far as a proof of concept are very basic. There's no super compelling user experience that isn't integrated into that just yet. And I think that this is still very early stages of where this technology is at, but If you look at the larger trends within technology, there is so much that is moving towards these decentralized systems. And there's just a little bit more of an equal exchange that's being cultivated and developed within this decentralized web, which I think is super exciting because instead of having the model now where companies like Google and Facebook are using this methodology of surveillance capitalism, And through different exchanges where you consent to, you're giving over all this data and then that data they're able to then mine and then be able to serve ads to you. And so, you know, one of the things that Alberta is saying is that whenever you have some entities that have so much power, then there's not only a right for abuse, But it's also like, you know, where's the accountability? Where are the checks and balances? If Mark Zuckerberg has a majority share at Facebook and there's billions of users that are using it, then that means that one man has the ability to make algorithmic decisions for billions of people for how they experience reality. At the end of the day, both Google and Facebook are these advertising companies, and their revenue is the thing that is going to be what is ultimately going to be driving whether or not they're still in business or not. But there's also other market solutions, which is like, well, somebody just has to create an experience that is better than what is being provided by either Google or Facebook on their different services. And the open web, I think, has the capability of eventually getting to that point. I don't think, certainly in the immersive virtual reality and augmented reality, it's nowhere near the quality that you can get from native code and using Unreal Engine or Unity. But I think that it's within the horizon of the next four or five years. It's certainly going to be on par. And so I think the infrastructures that are being built right now with this kind of open metaverse, a key part is going to be, well, how do you have this seamless transition from going from one site to the next? Do you have your body? Do you have your identity? How are you going to be able to basically walk down these public streets and for you to go in and out of these different buildings really does depend upon your ability to seamlessly translate your identity into these different contexts in these different situations. So I think that's where things are going. And the potential is absolutely huge. And the reality of where things are at right now is that it's still very, very early days, and there's not a lot of compelling user experiences that are out there to really convince users that this is a viable alternative. So that's the task for you, my listeners and developers, is to go out there, check it out, and try to actually start to build stuff and do some integrations with either WebVR or start to build it into your native applications, if there is any mechanism for being able to actually do that. It's starting on the open web, and so I think that's where a lot of the focus has been going. So for me, this is certainly a hot topic because it actually provides an antidote to some of these concerns about privacy. And how can you start to actually architect systems that have privacy in mind? And this is something that I've talked about on previous episodes. I think episode 520 is a good one to go check out to not only get a big write-up of a lot of my deeper thoughts about privacy, but also links to other episodes where I dive into a lot more detail about the implications of biometric data and what it means for these companies to potentially have access to what is essentially a map of your unconscious psyche and the unknown ethical thresholds between being able to do advertising or being able to explicitly control your beliefs and values in worldviews. So if you're working in this space and you're interested in these surveillance issues, I think one of the best things you could do is start to look into some of these self-sovereign identity systems and actually just start building something that's useful with them. So that's all that I have for today. I just wanted to thank you for listening to the Voices of VR podcast. And if you enjoyed the podcast, then please do spread the word, tell your friends, and consider becoming a member to the Voices of VR Patreon. This is a passion of mine to do this podcast, but it's also my livelihood. So if you do have the capacity to become a member and donate to this podcast, then I do rely upon your donations. You know, just like $5 a month makes a huge difference and allows me to continue to bring you this type of coverage. So you can donate today at patreon.com slash Voices of VR. Thanks for listening.

More from this show