Technology Paternalism: AI, Algorithms, Digital Identity, and the Role of Self-Sovereign Identity | Kosma Connect From dark patterns and recommender systems to identity verification infrastructure and AI agents, digital systems increasingly shape what people can see, access, and do. This article explores technolo...

Martina Kolpondinos' article on Technology Paternalism is a worthy long read. Check it out:

kosmaconnect.net/interactionblog/technologypaternalism

She draws on Spiekermann & Pallas (2006): "the right to the last word" — people must be able to overrule autonomous system behavior.

papers.ssrn.com/sol3/papers....

Twenty years later, we still don't have it. Time to make it a design requirement.

I think "technology paternalism" names the diagnosis. It names an anti-pattern. "Coercion resistance" names the treatment.

Both do more work than "privacy" because they name the mechanism, not just the domain.

Self-Sovereign Identity: Ten Years Later Welcome to the Revisiting Self-Sovereign Identity (SSI) Principles series of online workshops.

This maps to work we're doing in the Revisiting SSI initiative — our four "coercion-prevention" lenses.

• Design → coercion resistance

• Algorithmic → self-coercion

• Infrastructural → choice architecture

• Protective → binding commitments

revisitingssi.com

Her four countermeasures — the test for any system:

• Can you override the decision?
• Can you contest it?
• Can you inspect the reasoning?
• Can you leave without losing everything?

If no to any: that's paternalism, not protection.

Infrastructural Paternalism: your credentials and relationships accumulate in one ecosystem. You can technically leave. You leave as nobody.

In my upcoming "Architecture of Autonomy" work I call this inversion "Exit → Erasure". Departure as digital death.

Protective Paternalism does the most damage to people with the least power.

Frame restrictions as safety and challenging them becomes unacceptable. The people who can least afford to look unreasonable stay silent.

Four forms, each at a different layer:

• Design — dark patterns, buried alternatives

• Algorithmic — filter bubbles, pre-selection

• Infrastructural — lock-in where leaving means losing everything

• Protective — safety framing that makes objection feel irresponsible

Technology Paternalism: AI, Algorithms, Digital Identity, and the Role of Self-Sovereign Identity | Kosma Connect From dark patterns and recommender systems to identity verification infrastructure and AI agents, digital systems increasingly shape what people can see, access, and do. This article explores technolo...

Martina Kolpondinos just named it: Technology Paternalism.

Systems that pre-decide your choices — justified as safety, efficiency, or protection. No bad intentions required. Just decisions embedded before anyone questions them.

kosmaconnect.net/interactionblog/technologypaternalism

I'm always seeking out the right words for what digital systems do to people.

"Privacy" means something different in every room, and has become so overloaded it has become meaningless.

"Censorship resistance" sounds like it's only about speech or money.

Neither names the mechanism. 🧵…

Sponsor @BlockchainCommons on GitHub Sponsors Blockchain Commons is a "not-for-profit" social benefit corporation committed to open source , advocating for the creation of open, interoperable, secure & compassionate digital infrastructure to e...

I do advocacy work to make sure digital identity legislation is human-centric and rights-first. My deepest work has been in Wyoming and Switzerland. You can support this advocacy by supporting @blockchaincommons.com. github.com/sponsors/Blo...

Utah joins Wyoming in building a model for identity legislation that treats people as principals, not products. If you're in another state, point your legislators at SB 275 and Wyoming's SF39. /7

That's what we need to watch for now. Beware platforms bearing gifts. The Googles and Facebooks will push for carve-outs that make the Duty of Loyalty optional. Regulatory capture is the real fight going forward. /6

And these aren't guidelines — they're statutory obligations. They can't be waived by clickwrap. As long as carve-outs aren't created in future sessions, the Duty of Loyalty is protected. /5

But the Duty of Loyalty is what really caught my eye. Wallet providers, verifiers, and relying parties must work in the "best interests of an individual." Compare that to today, where you create an identity on Facebook or Google and they extract from it mercilessly. SB 275 says no. /4

Other rights require architectural transparency, preserve management control for the user, disallow state surveillance, and require selective disclosure. You choose what to disclose. You can verify your age without handing over your birth date. /3

SB 275 has a digital bill of rights for identity. The first entry recognizes that identity is innate to the individual, not bestowed by the state. That's pretty close to the existence principle from my self-sovereign identity principles a decade ago. Great to see it in statute. /2

Musings of a Trust Architect: Progress toward a State-Endorsed Identity (SEDI) in Utah UPDATE, March 5, 2026: SB 275 has passed the Utah legislature unanimously — the Senate voted 25-0 and the House 70-0 — and has been sent to the governor for signature. It takes effect May 6, 2026. Thi...

Utah just passed SB 275 unanimously — Senate 25-0, House 70-0. Their State-Endorsed Digital Identity (SEDI) program is now law. This is a big win for self-sovereign identity. I wrote about it at @blockchaincommons.com. 🧵… /1 www.blockchaincommons.com/musings/Musi...

(1)conflict with the best interests of an individual;
(2)take advantage of or otherwise exploit an individual;
(3)result in a disproportionate risk to an individual;
(4)are to an individual's detriment; or
(5)cause harm to an individual."

"**Duty of loyalty** The department, a digital wallet provider, a verifier, a relying party, and a digital guardian shall refrain from practices or activities related to the processing of an individual's identity attributes that: …

But it is the addition of "Duty of Loyalty", which like Wyoming's "Principal Authority" evokes agency law, which as I understand it (but IANAL) makes it hard to use contract law to abrogate these duties…

👍 The new Utah #SEDI draft SB0275 has the essence of my first #SSI principle that I wrote 10 years ago:

"(1) An individual possesses an individual identity innate to the individual's existence and independent of the state, which identity is fundamental and inalienable."
le.utah.gov/~2026/bills/...

Announcing the 10-Year SSI Revision Project In 2016, I published The Path to Self-Sovereign Identity and with it proposed ten foundational principles for digital identity systems. These principles...

Next year it’ll be 10 years since @christophera.bsky.social wrote The Path to Self-Sovereign Identity along with a definition and 10 principles of SSI.

A group is now being convened to refine these principles. Hope to see some atproto folks get involved here, including @bnewbold.net & co.

Sponsor @BlockchainCommons on GitHub Sponsors Blockchain Commons is a "not-for-profit" social benefit corporation committed to open source , advocating for the creation of open, interoperable, secure & compassionate digital infrastructure to e...

Support our work to create infrastructure that can't be taken from us. Become a GitHub Sponsor of Blockchain Commons. Help us build autonomous infrastructure for coordination, collaboration, and identity beyond Bitcoin. [19/19] github.com/sponsors/Blo...

These aren't Bitcoin-specific features. They're the architecture of autonomy itself. QR codes, Bluetooth, threshold signatures, Gordian Envelope, XIDs. Technologies that enable Exodus Protocols for coordination, identity, and collaboration beyond value transfer. [18/19]

A journalist stores sources in a Gordian Club. One permit for their key, SSKR shares to their editors. Even if seized, encrypted information is protected. A protest group coordinates when messaging app becomes surveillance. Immigrants have credentials with no phone-home. [17/19]

Gordian Clubs use a permit system where different people access the same content different ways: private keys, XIDs, or secret shares. Multiple permits mean resilience. Transport neutral: internet, thumb drive, QR code in a newspaper, even @Blockstream Satellite. [16/19]

Musings of a Trust Architect: The Gordian Club ABSTRACT: Unencrypted data isn’t safe. Centralized servers aren’t reliable. Gordian Club offer an alternative: the autonomous cryptographic object (ACO). Self-contained objects protected by cryptograp...

Gordian Clubs shows these principles: an “Exodus Protocol” built on Autonomous Cryptographic Objects—self-contained, cryptographically secure, resilient when infrastructure fails. Unencrypted data isn’t safe; centralized servers aren’t reliable. [15/19] www.blockchaincommons.com/musings/musi...

Principle 5: work offline and across time. Bitcoin transactions can be signed offline and broadcast later. The protocol doesn't care about internet connectivity for core operations. True autonomy works with whatever channels remain available when coercion denies others. [14/19]

Principle 4: preserve exit through portability. Bitcoin keys work in any wallet. Open protocol means freedom to switch implementations. Without the ability to walk away, consent collapses into coercion. Lock-in is the opposite of sovereignty. [13/19]