Self-Sovereign Identity (SSI) is more an ideology than a new paradigm.
Just as democracy emerged from a sense of sovereignty against the caste system that was sustained through organized violence in a survival-of-the-fittest society,
I think Self-Sovereign Identity (SSI) emerged from a sense of ownership against the monopoly of information inherited through financial capital in a neoliberal society.
If democracy is a system in which national sovereignty resides with the people, the masses, and the masses hold power, exercise that power themselves, and conduct politics for the people, or an ideology that aspires to such politics ( Wikipedia ), then Self-Sovereign Identity, I would venture, can be described as a policy or platform-corporate ethic in which the right to use and leverage personal information held by companies, and the right to identity authentication issued by institutions (the state), belongs to the individual, the user, and the individual holds and exercises that authority on their own, with the platform being operated for the individual.
Just as the masses who lived under the old caste systems did, individuals living today take for granted the authority of platform companies that create various services from their information and generate added value through it. Or rather, we have been conditioned to take it for granted. In that sense, watching today's platform companies replicate, almost verbatim, the strategies and methods that the old democratic and socialist ideologies tried to maintain - and did maintain for a long time - I find myself thinking that the rather rare word "ideology" feels more apt than the phrase "paradigm shift."
Even when royal societies were transformed into democratic or socialist societies, the various nations did not, in fact, perish. The result was an expansion of cultural reach, fewer wars, and a higher standard of living. If anything, in the process of resistance split between two sides, irreversible and enormous wounds and sacrifices were paid. I think the same is true of the right to use personal data and information. Even if the right to use information returns to the individual - just as the old aristocrats once worried about the dangers of the lower classes learning to read - I expect the positive impact will outweigh the negative.
Not only domestically but worldwide, in the process of individual citizens transitioning toward democracy and away from those who sought to monopolize power, many people suffered physical and mental wounds, and in many places that process is still ongoing. And more importantly, situations are not infrequent in which an individual's dignity ends up subsumed by some political power. I suspect this is a property of individuals, or of human beings. I think the same is true of the properties of information and finance. The forces and some institutions currently leading the digital economy appear to be weighing DID against SSI. And just as those who once championed individual sovereignty, organized themselves and led the cause, ended up splitting into factions and ideologies of their own due to differing interests, hurting one another in the process, today's domestic and international SSI alliances are also engaged in their own silent battles.
Data, especially personal information, is often compared to crude oil. The reason is that the Web 2.0 market is fundamentally based on advertising as its revenue model. Looking at the crude oil being used as the analogy, after refining it transforms into various forms - heating fuel, electricity, gasoline, diesel - and exerts a close influence on our lives. Recently, however, with new issues such as environmental pollution being raised, oil is entering a new phase. For that reason, I personally think it is, in many respects, a very fitting analogy.
To prevent data, especially personal information, from entering a similarly negative new phase like the oil it is compared to, the individual - the holder of the rights - needs to take a serious interest in the information they themselves use, produce, store, and discard. Eventually it will become as natural as the multiplication table, but at first, in truth, it carries no small amount of burden. As part of that, we should at some point pay attention to the very nature of the internet that we use unsuspectingly and without thinking.
I do not know whether the underlying thinking is the same, but I want to share a notable comment (Kim Cameron, former Chief Identity Architect at Microsoft) that, to me, explains a similar contextual background more persuasively, introduced in Mastering Self-Sovereign Identity.
"The Internet was built without an identity layer."
What does this remark by Kim Cameron, who served as Microsoft's Chief Identity Architect from 2004 to 2019, mean? What is an "identity layer"? In an essay titled <The Laws of Identity>, posted on his blog over 2004 and 2005, Cameron writes the following.
"The Internet was built without a way to know who and what you are connecting to. This limits what we can do and exposes us to growing risks. If we do nothing, we will face an epidemic of theft and fraud that will continually erode the public's trust in the Internet."
Cameron noted that when the Internet was first developed in the 1960s and 1970s with support from the U.S. Defense Advanced Research Projects Agency (DARPA), it was designed to solve the problem of how to interconnect machines so that information and resources could be shared across multiple networks. The solution for this - packet-based data exchange and the TCP/IP protocol - was so excellent that a true "network of networks"[1] finally became possible. And from that point on, the Internet became a historic event.
Cameron observed, however, that the Internet's TCP/IP protocol can only know the addresses of the connected machines. Dealing only with machines, the Internet's TCP/IP protocol tells you nothing about the people, organizations, or things you are communicating with. Hackers have demonstrated methods of altering a computer's hardware address (MAC address) or IP address before it is sent to a remote network device. As a result, it has become nearly impossible to trust or rely on identifiers at the current network level.
Looking at Cameron's original blog posts shared above, although physically it is thinking from a full 20 years ago, there is a lot of notable, valuable content that has yet to be applied today, or that is only now becoming possible, so even if you are not a MyData or SSI practitioner, if you have even one foot in the IT field, it is worth a look.
