Communication Service Providers (CSP) are in a challenging situation; they face, as we all do, declining trust in digital communications.

The decline in digital communications trust is occurring as a result of the connected individual’s exposure—either directly or indirectly—to unwanted or harmful communications, including robocalls, emails, sms messages, phishing and smishing messages, and more, as well as rampant, not recognized or well understood, phygital surveillance.

These communications and surveillance are annoying and distracting at best and, at worst, can lead to lasting and material harms: emotional, physical, digital (e.g., malware, ransomware), phygital, reputational, and financial. They can lead to losing sovereignty, agency, liberty, equity, equality, and dignity. In some rare cases, they can even lead to death. Most of these harms originate at the source, the initiator or sender of communication and engagement, not the individual. These senders, either unintentionally, intentioned but within the law, or intentioned outside of the law, are at the root of most harm.

Harm one, harm them all.

These harms do not simply affect the human, the “natural person,” as the GDPR calls them; they affect us all. When referring to the connected individual, we are not simply talking about the natural person, which tends to be our initial frame of reference; we are also talking about formal and informal groups, communities, enterprises, or governments, as well as our things (e.g., IoT devices, capital asset, that have their own independent identities, can increasingly make their own independent decisions, and are producing the lion share of data; often sensitive data, valuable data, in real-time).

From the natural person perspective, the research is clear; people feel helpless and indifferent (MEF Trust Studies); they are myriad in the privacy paradox. They do not think they can protect themselves, are incapable of managing their identity or reaping value from their data (something we can discuss and need to rectify), and lack the tools and education to do so. So, rather than taking personal phygital-accountability, they look to businesses and the government to protect them. According to the 2023 Telesign Trust Index and recently launched Continuous Trust Authority, 94% of consumers [connected individuals] surveyed agree that businesses bear responsibility for consumers’ privacy. And when consumers trust a brand, they reward that company with their business. According to Deloitte, people spend 25% more money with trusted brands.

However, The crucial problem is that individuals’ fundamental intentions and goals rarely align long-term with those of the business or government they interact with. Sure, their intentions and goals may align short-term for an episodic transaction, but long term, they often diverge. There is an asymmetry in knowledge and power between the individual and the commercial and civic actors. People give away immense value, i.e., data, for the immediate transaction; this value can only be crawled back with great effort.

It Is Time To Bring Personal and Organizational Identity Together

So, the big questions are, how do we bring back trust? How do we re-empower the individual with privacy and control, online and offline, in the metaverse or phygiverse? The existing methods—industry self-regulation, government regulations, centralized registries, or tried and true axioms like “trust, but verify”—work in limited ways. However, they leave much to be desired, not fully solving the problem. For instance, cybercrime, e.g., data breaches as a proxy, is rising yearly, causing trillions in damages, and the peak is nowhere in sight.

What we need are four things: 1) we must “distrust, then verify,” 2) to stop treating individuals as the social, commercial, and civic entre on the table to nourish all; instead, we need to get them off the table and give them a seat at the table, 3) to make an effort to achieve The Identity Nexus and solve The Identity Nexus equation; that is, to achieve a steady-state macro value to risk exchange ratio equilibrium between the actors (individuals, public and private organizations, and the community commons), and finally, 4) to strive for wide-spread participation in the personal and organizational identity ecosystem, an ecosystem that systemically holds every actor accountable for their actions, while preserving each actor’s social, commercial, and civic, privacy, capital, and legal rights.

Join us for the MEF CONNECTS ID & AUTH EVENT: The MEF CONNECTS ID & AUTH: The Dawn of Personal and Organizational Identity hybrid event, on May 25 in London (there is still time to register—participation is FREE—for in-person and online live stream; all registered participants will get access to the post-event recordings) is the industry’s first-ever event to bring the personal identity and organizational identity worlds together.

Personal Identity empowers people to have agency, dignity, and sovereignty of their phygital self. Organizational identity not only enables organizations to be cryptographically verified across all engagements and interactions (B2B, B2C, A2P, M2P, M2M, etc.)—globally, across jurisdictions, and across channels; it also ensures that anyone interfacing with the organization’s designated representatives, i.e., their agents—humans, bots, machines, APIs, messages, etc.— can automatically and without human intervention, validate the authority of the agent. Collectively, participants within the personal and organizational identity ecosystem should experience reduced exposure to cybercrime, increased revenue, reduced cost, more efficient operations, and several more benefits. The personal and organizational identity ecosystem is bringing in a new era of systemic trust; the trust elements, i.e., the personal credential and the organizational credential, are readily accessible, e.g., in a decentralized ledger or embedded directly into a communication. In other words, in every moment of truth, the actors’ actions can be verified, which means we can hold them accountable for their actions, which will enable verified attribution and, therefore, help us build verified reputations. For businesses, this will establish the next major business metric, “the number of verified connections.”

Nurturing the Personal and Organizational Ecosystem: It Takes a Community

To nurture this ecosystem, the entire community needs to come together. We need to leverage the five lenses—technology, culture, legal & regulatory, commercial, and political—to build flexible, agile, interoperable, and contextually relevant sources of truth, governance models, trust frameworks, policies, standards, protocols, open-source software, self-regulatory initiatives (principles, codes of conduct, guidelines, best practices), fair and reasonable government regulation (law, legislations, rules, regulations), OpenWallets, refined customer experiences, and educational programming that will help everyone thrive and flourish.

CPSs, especially, will need to do all of the above but within the context of assisting their executives and clients in understanding and adopting these new technologies and experiences. They’ll need to root out cybercrime at the source. To adopt organizational credentials and verified delegated authority. And revisit and reshape their business models.