Summary of the 38th Internet Identity Workshop (IIW)

The annual Internet of Identity Workshop (IIW) recently took place from April 16th to April 18th at the Computer History Museum in Mountain View, California. This year's event emphasized the key themes and future trends of advancing trust, interoperability, and user-centric control in digital identity.

The workshop delved into several significant topics, with Content Authenticity and Personal AI Agents taking centre stage on Day 1.

Content Authenticity

Discussions focused on creating standards and frameworks to verify the legitimacy of digital content, aiming to combat misinformation. This involves developing mechanisms to attach verifiable provenance and authenticity signals to digital assets, enhancing trust online. The OpenID Foundation's efforts around shared signals and verifiable presentations were highlighted in this regard.

Personal AI Agents

The workshop explored the potential of personal AI agents in empowering individuals by managing consent, privacy preferences, and digital relationships on their behalf. This ties into efforts like Vendor Relationship Management (VRM) where AI mediates authentic, privacy-respecting interactions between individuals and companies.

Decentralized Identity Systems

IIW also advanced decentralized identity frameworks that give users control over their digital identities without reliance on centralized authorities. The OpenID Foundation's push to scale interoperability and address delegated authority challenges across global identity ecosystems was a key focus.

Future trends highlighted at the workshop include:

The growing adoption of decentralized identity standards and interoperable protocols to enable seamless, privacy-respecting user experiences.
Increased integration of personal AI agents managing consent and identity data proactively to build trust-based digital ecosystems.
Development and ratification of verifiable content authenticity standards to counter misinformation and improve digital content reliability.
Expanding collaboration between identity technology providers, regulators, and standards bodies to ensure global reach and compliance.
Bridging identity systems with emerging technologies such as blockchain, AI, and IoT for enhanced security, governance, and scalability.

Other notable sessions at the IIW included:

Eric Scouten from Adobe presenting on the Coalition for Content Provenance and Authenticity (C2PA), an initiative addressing concerns about digital content authenticity.
Discussions on the EU Digital Identity (EUDI) Wallet under eIDAS 2, with updates on progress and future plans, including an innovation competition designed to foster the creation of innovative prototypes in Germany.
The need for standardization and collaboration in digital identity technologies and protocols was emphasized.
Apple and Google demonstrated the interoperability between their respective wallets via a browser, marking a significant step in industry technology integration.
The OpenID4VP/Presentation Exchange session focused on enhancing the framework for website verification, aiming to simplify the query format and optimize interoperability of different verifiable credential data formats.
The discussion on personal AI agents explored how these agents could act autonomously on behalf of individuals, managing various aspects of digital life and privacy.
The OpenID4VP session showcased new features aimed at enhancing privacy and security, including capability negotiation and a new browser API.
The "Navigating the Credential MAZE with DIF" session introduced new initiatives by the Decentralized Identity Foundation (DIF) and the Claims and Credentials Group to standardize credential schemas for harmonizing verification practices across the industry.
The "Personal Data Store Faceoff" session provided a detailed comparison of existing personal data storage solutions, highlighting their unique features and potential for future developments.
SD-JWTs were discussed as a potential solution for revolutionizing the management and verification of digital identities in secure environments.

Predictions for future trends include increased use of verifiable credentials, greater industry consolidation, and enhanced user control and privacy. A session titled "A Bridge to the Future: Connecting X.509 and DIDs/VIDs" explored the potential for integrating traditional X.509 infrastructure with decentralized identifiers (DIDs).

The active involvement of major tech companies like Apple and Google highlights their important role in shaping industry standards. Decentralized Web Nodes (DWN) were also explored, highlighting their potential to support dynamic protocol implementation and offer scalable solutions across diverse digital landscapes.

On Day 2, advanced topics and industry engagement were the focus, including integrating authenticity and security in digital communications within C2PA manifests. The C2PA framework ensures the integrity and origin of digital content through manifest data models. Signed Data JSON Web Tokens (SD-JWTs) were discussed as a vital tool in securing digital identities.

The 2023 IIW served as a platform for industry leaders, technologists, and regulators to discuss, collaborate, and shape the future of digital identity standards. As we move forward, the emphasis on trust, interoperability, and user control promises to reshape the digital landscape, fostering a user-centric Internet identity architecture that is trustworthy, interoperable, and respectful of individual privacy in an increasingly AI- and IoT-connected world.

The workshop highlighted the potential of Personal AI Agents in managing consent, privacy preferences, and digital relationships, tying into efforts like Vendor Relationship Management (VRM) where AI mediates authentic, privacy-respecting interactions between individuals and companies.
Future trends in digital identity include the growing adoption of decentralized identity standards, increasing integration of Personal AI Agents managing consent and identity data, and the development of verifiable content authenticity standards to counter misinformation.