Physical World Rights Test for Digital Identity
Evaluate any digital identity proposal by asking whether it replicates the rights you already hold in physical space.
The Physical World Rights Test is a decision-making mental model that forces any proposed digital identity system through a single pivotal question: does this digital norm replicate the rights and protections people already enjoy in the physical world? The framework treats physical-world privacy norms—selective disclosure, anonymous transactions, legal due process, individual control—as the floor below which no digital system should fall. By mapping each feature of a proposed system against its physical-world analogue, evaluators can quickly spot where corporate or state control is substituted for individual autonomy, where portability is absent, and where cryptographic selective disclosure could preserve privacy but has been omitted. The output is a clear verdict: align, reform, or reject.
- Physical-world privacy norms are the minimum standard for any digital identity system.
- Individual control over data is non-negotiable; corporate or government default custody is a red flag.
- Cryptography enables selective disclosure—revealing only what is necessary without exposing underlying personal data.
- Open standards and open-source tools level the playing field against proprietary walled gardens.
- The alternative to engagement is not freedom from digital identity—it is digital identity designed without your input.
- Portability and legal due process must be embedded at the technology and policy layer, not bolted on later.
- Identify the physical-world norm at stakeName the specific right people already hold in the physical world that the digital proposal touches—e.g., presenting an ID without creating a permanent record, speaking without surveillance, or transacting anonymously.Pro tipBe precise. 'Privacy' is too broad; 'the ability to show proof of age without revealing your address' is testable.
- Map the digital proposal against that normExamine every data flow in the proposed digital identity system. Determine whether it requires full disclosure, phone-home verification, or centralized data storage that has no physical-world equivalent.Pro tipRequest a data-flow diagram or whitepaper. Vague claims of 'security' are a signal to probe deeper.WarningWatch for systems that claim privacy by default but carve out broad exceptions for law enforcement or commercial partners in the fine print.
- Test for individual versus institutional custodyAsk explicitly: does the individual hold and control their own identity credential, or is control delegated to a corporation, government, or platform by default? Default institutional custody fails the test.Pro tipLook for self-sovereign identity (SSI) primitives—decentralized identifiers (DIDs) and verifiable credentials are signals of individual custody.
- Evaluate selective disclosure capabilityDetermine whether the system supports cryptographic selective disclosure—the ability to prove a specific attestation (e.g., 'over 18') without revealing the underlying data (e.g., full birthdate and address).Pro tipZero-knowledge proofs and selective disclosure credentials are the technical standard here; if the system cannot support them, demand a roadmap.WarningSystems that require full document scans or biometric phone-home checks for every verification fail this step regardless of their marketing language.
- Assess portability and interoperabilityCheck whether the user can migrate their identity data to another system or provider, or whether they are locked into a walled garden. Portability is the digital analogue of being able to carry your own wallet.Pro tipOpen standards bodies like the Decentralized Identity Foundation and OpenID Foundation publish interoperability profiles you can use as a benchmark.
- Apply the verdict and take actionIf the proposed system erodes one or more physical-world rights without a clear, proportionate justification, label it as failing the test and redirect your advocacy toward open-standards alternatives. Contact legislators, contribute to open-source projects, or publicly document the gap.Pro tipFrame the argument positively: 'we want to digitize identity, not create a new digital identity' resonates more broadly than pure opposition.WarningDisengagement is not a neutral choice—failing to advocate means the system gets designed without your input.
Worldcoin requires a biometric iris scan that is processed centrally to issue a 'proof of personhood.' Mapping against the physical-world norm of presenting a credential without a biometric record reveals an immediate failure: no physical-world ID system requires you to hand over a biometric template to a private company. Individual custody is absent, selective disclosure is not natively supported, and portability depends entirely on the issuing organization.
A system using a government-issued verifiable credential and a zero-knowledge proof allows a user to prove they are over 21 at a point-of-sale without transmitting their name, address, or exact birthdate. The physical-world analogue—showing a physical ID that a merchant glances at and hands back—is replicated. The user retains custody, only the necessary attestation is revealed, and no central log is created.
Evaluators applied the Physical World Rights Test to Utah's model digital identity legislation (SETA), checking whether it constrained both state and private-sector actors from retaining unnecessary data, whether it established a digital bill of rights for individuals, and whether it prohibited willy-nilly commercial resale of identity data. Each provision was mapped against the physical-world norm of controlling your own documents.
Extracted from TFTC. The framework was articulated by guest Gerald Cotten during a discussion on decentralized identity and the risks of centralized digital ID systems, framed around the principle of 'digitizing identity' rather than creating a new 'digital identity.'