Policy

Part III — Decentralization, Autonomy, and the Technologies of Resistance

Published on Dec 11, 2025·11 min read
Part III — Decentralization, Autonomy, and the Technologies of Resistance

Introduction

By the end of 2025, the architecture of digital control is no longer a distant threat — it's already embedded in our daily lives. The European Union has advanced its EUDI Wallet pilots, with forecasts estimating 83 million instances in circulation by year's end, set to more than double to 169 million by 2026. Meanwhile, in the U.S., at least 18 states now accept mobile driver's licenses (mDLs) through apps like Apple Wallet and Google Wallet, from Arizona to Virginia. We've seen in Parts I and II how these centralized and corporate-driven models, while convenient, expose vulnerabilities to state overreach or unchecked surveillance. But there's a third way: one rooted in decentralization, where individuals reclaim autonomy over their data. From a humanist personalist perspective, this approach honors human dignity by ensuring technology serves relational freedom, not institutional control. In this final installment, we'll outline a blueprint for democratic digital identity systems that empower people, integrate practical resistance tools you can use today, and provide a scorecard for evaluation — because the future of digital freedom isn't just about critique; it's about action.

What decentralized tool have you tried recently? Share in the comments to build our collective knowledge.

1. Privacy by Architecture

The foundational principle for any democratic digital identity system is simple yet profound: make surveillance technically impossible. Rather than relying on goodwill or policy alone, embed privacy into the core design, ensuring that even a shift in political power can't subvert it. Cryptographic tools like zero-knowledge proofs (ZKPs), blind signatures, and decentralized identifiers (DIDs) enable systems to:

  • Authenticate without tracking
  • Verify without revealing unnecessary details
  • Operate without central logs
  • Resist profiling

For instance, ZKPs allow you to prove eligibility — such as being over 18 for a service — without disclosing your exact birthdate, preserving the essence of human interaction where trust is built selectively. A digital ID system where governments or corporations could track every usage is inherently unsafe; one where the mathematics prevents it is secure. From a humanist viewpoint, this isn't just technical wizardry — it's a safeguard for personal dignity, ensuring individuals remain subjects in their own stories, not objects in a database of monitored behaviors.

2. Strong Legal Protections

Technical safeguards are essential, but they can't stand in isolation. Democracies must complement architecture with robust laws that enshrine privacy as a fundamental right. This includes:

  • Constitutional protections against unreasonable surveillance
  • Strict limits on data retention
  • Bans on repurposing identity data for unrelated purposes
  • Transparent oversight of intelligence agencies
  • Meaningful penalties for violations

Much like Europe's GDPR, which imposed over €5.88 billion in total fines since 2018 by January 2025.

Yet, as we've seen, laws alone can falter during crises or uneven enforcement. Europe's model offers lessons here: its rights-based framework is strong, but varying implementation across member states highlights why legal protections must be paired with unbreachable tech. In a humanist frame, these laws affirm that privacy isn't a luxury — it's integral to human flourishing, enabling free association and self-determination without fear of reprisal.

3. Decentralized Infrastructure

Decentralization isn't merely an ideology; it's a practical strategy for resilience, distributing power to prevent any single entity from becoming a choke point for control. Systems built on distributed ledgers, open-source code, multiple independent identity providers, and local verification without central servers are far harder to weaponize or compromise.

Tools like DIDs and verifiable credentials (VCs) exemplify this: users store proofs on their own devices, not in government databases, allowing selective sharing while maintaining sovereignty. In real-world applications, British Columbia's OrgBook uses VCs to verify business credentials without centralized tracking, leveraging the Veres One DID method for tamper-proof issuance. Similarly, the Dutch IRMA app ("I Reveal My Attributes") enables citizens to disclose only necessary diploma details for job applications, embodying selective disclosure in everyday use. From a personalist lens, this shifts identity from a top-down commodity to a relational asset, where individuals control how they present themselves in society, fostering trust without total exposure.

How might decentralization change your daily online interactions? Reflect in the comments.

4. The Resistance Toolkit — What You Can Use Today

The beauty of decentralized technologies is that they're not waiting for governments or corporations — they're available now, empowering individuals to resist surveillance in practical ways. In 2025, a robust privacy stack can protect your communications, browsing, and identity without sacrificing usability. Here's a curated toolkit, grounded in tools that have seen significant updates this year:

End-to-End Encryption for Communication: Signal leads with its October 2025 introduction of the Sparse Post-Quantum Ratchet (SPQR), enhancing quantum resistance while maintaining forward secrecy. Pair it with usernames (rolled out earlier in the year) to hide phone numbers, making it ideal for private messaging. Alternatives like Session or SimpleX offer decentralized networks without metadata leaks.

Self-Sovereign Identity Wallets: Tools like walt.id and cheqd provide open-source wallets for storing VCs on your device. Polygon ID, updated in 2025, integrates with Ethereum for seamless credential management, while Dock and KERI-based wallets (e.g., Lissi) support key event logs for recoverable identities. Real-world use: Finland and Slovenia's EU student cards use VCs for cross-border verification.

Anonymous Browsing and VPNs: Tor Browser 15.0, released in October 2025, bolsters fingerprint resistance with spoofing and ML-informed defenses against tracking. Combine with Mullvad VPN or Proton's ecosystem, which in autumn 2025 added Shared Drives for families, building on its 2024 Skiff acquisition for encrypted notes and calendars.

Open-Source Protocols for Credentials: OpenID4VC drafts in 2025 integrate SD-JWT for selective disclosure and ISO 18013-5 for privacy-enhanced mDLs, already adopted in California and EU pilots.

These tools matter now more than ever because they democratize power: in a world of pervasive tracking, they restore agency, allowing you to navigate digital spaces as a free person, not a profiled consumer.

5. Civil Society & Independent Oversight

No system is complete without empowered watchdogs. Democracies must integrate journalists, civil liberties groups like the EFF, technologists, independent privacy regulators, and digital rights activists into the governance loop — not as outsiders, but as core stakeholders. They conduct audits, expose flaws, and advocate for reforms, ensuring transparency prevents overreach.

In 2025, Switzerland's e-ID pilots, approved in September after a referendum, incorporate "five anchors" for digital autonomy, including civil-society input to balance state involvement. Humanistically, this recognizes that true freedom emerges from community vigilance, where collective oversight protects individual dignity.

6. Digital ID Freedom Scorecard

Citizens don't need to be experts to assess a digital ID proposal. Use this 10-point scorecard, inspired by 2025 standards like ISO 23220 for privacy-preserving mDLs (adopted in California and the EU). Score 8+ for "safe"; below 6 signals high risk.

Apply this to any proposal — it's your tool for vigilance.

7. The Emerging Hybrid Model

The path forward lies in hybrids: blending Europe's rights-based laws, America's anti-centralization ethos, decentralized tech, and cryptographic guarantees. This yields convenience without coercion, security without surveillance.

2025 examples abound: British Columbia's OrgBook combines VCs with public ledgers for verifiable business data. Dutch IRMA merges selective disclosure with national systems for diplomas and IDs. Switzerland's e-ID pilots emphasize autonomy anchors, integrating SSI to resist platform lock-in. These models prove it's possible — and necessary — to design systems that prioritize human relations over hierarchical control.

— Pedro Murinelo