I think this is only true if your definition of biometrics extends to behavioural data (plausible) and metadata (more of a stretch).
The credentials-based view of identity is a “retrospective” one, based on the idea of (to borrom Kim Cameron’s formulation) reification of the individual’s identifying attributes at a trusted ceremony. For instance - a passport application is made, supported by various bits of evidence, and the individual’s details are encapsulated in a physical form that is resistant to tampering/forgery, and designed so that it can be verified fairly reliably.
There’s a digital equivalent to that process, but I think it applies to only a subset of digital identity types.
The reason I say that is because I can be digitally identified by many third parties despite not having gone through a “trusted ceremony” to produce the data they use to identify me. In short - if you collect enough behavioural or meta data about someone, you can infer their identify without recourse to a credential. I would go further and say that this inference-based way of identifying someone is actually harder to subvert/forge/fool than most credential-based alternatives.
In the last conversation I had with Kim, he referred briefly to “selfness and whoness”, as a reduction of identity to two fundamental concepts/models. Sadly, we didn’t get a chance to have the next stage of that conversation, but I think your idea of personhood as a biological concept probably corresponds to “selfness”.
R
Robin Wilton, Senior Director - Internet Trust
wilton@isoc.org
[image001.png]
internetsociety.org | @internetsociety
On 20 Jul 2025, at 23:43, Adrian Gropper <agropper@healthurl.com> wrote:
Personhood is a biological concept. The digital manifestation of personhood is a biometric (or combination of biometrics).
