This position statement argues that we need countermeasures against coercion of verifiable credentials, especially COVID-19 credentials. We propose an initial set of countermeasures, which are an amalgamation of technical, governance and legal measures. Our implementation demonstrates the technical feasibility of one of the proposed countermeasures: technically enforced verification of the verifier.
The concept of ‘self-sovereign’ identity presumes that parties are free to enter a transaction, to share personal and confidential information, and to walk away when requests by the other party are deemed unreasonable or even unlawful. In practice, this is often not the case: “What do you give an 800-pound gorilla?”, answer: “Anything that it asks for”. Examples of such 800-pound gorillas are some big-tech websites, immigration offices and uniformed individuals alleging to represent law-enforcement. Also the typical client-server nature of web transactions reinforces this power imbalance, where the human party behind its client agent feels coerced into surrendering personal data as otherwise they are denied access to a product, service or location.
Much like in the aftermath of the September 11 attacks, the COVID-19 pandemic has made societies push for technological solutions that inherently carry the risk of violating individual freedoms.
In practice, the issue of countermeasures against coercion has so become more prominent and urgent in the context of the COVID-19 crisis. Here the 800-pound gorillas may be employers demanding health information that they are not entitled to, or even shops and restaurants, if the sharing of health data has become low friction thanks to verifiable credentials.
Efforts to mitigate the effects of the COVID-19 pandemic using identity technology therefore need strict legislation in order to uphold human rights and dignity. The awareness of this need is momentarily expressed broadly in societal organisations as well as in policy and law. A few examples are the following:
The UN High commissioner Human Rights recently urged the European Commission to “Enhance the availability, accessibility and effectiveness of redress mechanisms for unjustified decisions made by digital services”.
Early September this year, a California bill ‘AB-2004 Medical test results: verification credentials’ was proposed (and vetoed), requiring that “Verifiable credential models should not in any way compromise an individual’s right to privacy, including by means of tracking or reporting the individual’s usage of the verifiable health credential”.
In October 2020 the Dutch Senate approved a special temporary act regarding a notification-app for COVID-19, which makes it illegal to enforce the use of a covid-notification app or any other comparable digital means.
Implementations of one or more potential countermeasures against different types of coercion may be certified within a governance framework. In case of a machine readable governance framework, countermeasures may be automatically enforced, safeguarding its user from being coerced into action by for example unauthorized parties. In case legislation against coercion is implemented, a verifiable proof or registration of an unlawful request that will stand up in court is needed. Different governance frameworks may choose different balances between full self-sovereignty and tight control, depending on the interests that are at play as well as applicable legislation.
The following are examples of potential countermeasures against coercion. The governance framework can stimulate or enforce that some verifiable credentials are only presented when the holder agent determines that certain requirements are satisfied. When a requirement is not fulfilled, the user is warned about the violation and the holder agent may refuse presentation of the requested verifiable credential.
Subsequent to the Working Group use case ‘Verify the Verifier’ COVID-19 Credentials Initiative, one of us (Bloqzone) has built a ‘Verify-the-Verifier’ PoC . In this PoC, the doorman of a home-for-the-elderly requests a visitor to present specific credentials to gain access to the building. Before doing so however, the visitor ascertains whether the doorman has the proper authorization to ask for credentials by requesting his doorman for a credential in return, see Figure 1.
We need countermeasures against coercion of verifiable credentials, especially COVID-19 credentials. However, some of the countermeasures may only be effective with the appropriate legal precedence backing. For example, if the collected technical evidence is not accepted in court, it loses force against 800-pound gorillas. We call for a combined technical+governance+legal project to develop solutions and to assure the effectiveness of these in society.
Oskar van Deventer (TNO), Alexander Blom (Bloqzone), Line Kofoed (Bloqzone)
22 October 2020
 Oskar van Deventer et al, ‘Self-Sovereign Identity – the good, the bad and the ugly‘, TNO, May 2019.
 UN High Commissioner for Human Rights, Michelle Bachelet, Letter in response to the public consultation on the EU’s Digital Services Act, 2020-09-07.
 Senator Hertzberg et al, ‘AB-2004 Medical test results: verification credentials.‘, Bill Text.
 Tijdelijke wet notificatieapplicatie covid-19 (2020 6 October)
 Matthew Davie, Oskar van Deventer et al, ‘0289: The Trust Over IP Stack’, Draft Hyperledger Aries RFC 0289, 2019-2020.
 COVID-19 Credentials Initiative and Use Case 11 – Verify-the-Verifier.
 Bloqzone, ‘Who wants to know? Verifying the Verifier‘, demo PoC mandated verifier identification.