essay

Identity as Information

Reframing digital identity not as a credential to verify but as information to manage, share, and compose.

We’ve been thinking about digital identity wrong.

The default framing treats identity as a verification problem: prove who you are. Show your ID. Enter your password. Confirm your biometrics. The entire field — from enterprise IAM to decentralized identity — has organized around this question, and it’s led to a narrow set of solutions: better credentials, better authentication, better proofs.

But verification is just one operation you perform on identity. And by centering the field on it, we’ve built systems that are good at proving claims and bad at everything else: managing information, enabling discovery, supporting composability, and evolving over time.

The reframe: identity is information. Specifically, identity is the sum of information associated with an entity. Your name, your credentials, your social connections, your content, your transaction history, your preferences, your reputation — all of it is identity. Verification is one thing you do with that information. It’s not the thing itself.

Why the framing matters

This isn’t just semantics. The framing you start with determines the systems you build.

If identity is a verification problem, you build credential systems. Issuers, holders, verifiers. Attestation formats. Revocation registries. The architecture centers on a specific interaction: someone needs to prove something to someone else.

If identity is an information problem, you build data infrastructure. Streams of information that users create, control, and share. Applications that read from and write to shared data networks. The architecture centers on a different question: how does information about an entity flow through the world?

The verification framing gives you digital passports. The information framing gives you a composable data layer for everything identity-related — of which credentials are just one application.

The current web fragments identity information

Right now, the information that constitutes your digital identity is scattered across hundreds of databases you don’t control. Your professional identity lives on LinkedIn. Your social identity lives on Instagram and Twitter. Your consumer identity lives on Amazon and Google. Your financial identity lives at your bank. Your health identity lives at your hospital.

Each of these platforms holds a slice of the information that, taken together, describes who you are. None of them share it with each other (or with you) in any useful way. And you have no unified view of — let alone control over — the information that is, in aggregate, your identity.

This fragmentation isn’t just inconvenient. It’s structurally disempowering. When your identity information is distributed across silos you don’t control, you can’t compose it. You can’t bring your reputation from one context to another. You can’t give a new application access to your existing data without the old platform’s permission. Every new service starts from zero because it can’t access the information that already exists about you.

Identity as composable information

The alternative: identity information lives in user-controlled data streams on shared networks. Applications read from and write to these streams with the user’s permission. No single application owns the data. Any application can access it (with user consent).

In this model, identity isn’t something you prove — it’s something that accumulates and flows. Every interaction produces identity information. That information lives in streams you control. New applications can compose on existing information rather than starting cold.

Your social connections are a data stream. Your credentials are a data stream. Your content is a data stream. Your transaction history is a data stream. Each one is independently created, independently verifiable, and independently shareable. Together, they compose into the rich, multifaceted thing we call identity.

This is what we’re building with Ceramic: a network of user-controlled data streams that any application can read from and write to. It’s not an “identity system.” It’s data infrastructure that naturally supports identity because identity is, at its core, just information.

What this enables

When you treat identity as composable information rather than as credentials to verify, several things become possible:

Cross-platform reputation. Your reputation in one context can inform trust decisions in another — not because some authority certified you, but because the underlying information is shared and verifiable.

Application portability. Switching from one social app to another doesn’t mean losing your social graph and content. The information is yours and travels with you.

Progressive identity. Instead of proving everything upfront, you build identity over time through accumulated interactions. A new user isn’t unknown — they have data streams from other contexts that establish who they are.

Privacy-preserving sharing. Because you control the information and grant access selectively, you can share relevant identity data without exposing everything. Prove you’re over 18 without revealing your birthdate. Prove you have a degree without revealing your GPA.

This is the identity-specific instance of a broader thesis: the next generation of the web will be built on composable data rather than siloed data. Identity is arguably the most important domain for this shift because identity information is the connective tissue between everything else.

Composable financial data gives you DeFi. Composable social data gives you portable social networks. Composable identity data gives you a unified, user-controlled foundation that makes all other composability possible. You can’t compose data across applications if you can’t establish who the data belongs to and who has permission to access it.

Identity isn’t the whole picture. But it’s the piece that makes the rest of the picture possible. And getting it right means starting from the right framing: not “how do we verify people?” but “how does information about people flow through the world?”