Four lessons on guardianship with Self-Sovereign Identity; March 2020

This blog discusses the concept of “guardianship” in the context of self-sovereign identity (SSI). Whereas SSI emphasizes the self-sovereignty of persons, there are many use cases where a person is unable or unauthorized to digitally represent itself, e.g. when the person is in a coma, incarcerated, a child or under legal guardianship.

We note that the term guardianship is vague and elusive. Mostly, phrases such as ‘taking care of someone’ or ‘acting on behalf of someone else’ are mentioned. Apart from that, different countries, states or organisations have different notions on what the duties and responsibilities of a guardian should be. Even though there might be some sense of consensus of what a guardian actually is to human beings, this is not enough to bring guardianship in practice in SSI context.

TNO is currently developing a conceptual model for the guardianship credential. This conceptual model should be precise enough to develop data models that machines can process for automated validating and automated decision making. It should be generic enough to make it applicable in a wide variety of use cases.

Below, we discuss some lessons that we learned while developing this conceptual model. TNO is currently contributing these lessons to the Sovrin Guardianship Working Group, see also this Sovrin whitepaper about guardianship, which was co-authored by TNO.

Lesson 1: Every jurisdiction uses another sense of guardianship

Within the context of SSI, we assume that all are self-sovereign: humans, organisations, and countries act self-sovereign. Each of these are “jurisdictions” that have their own rules, their own demands and decide for themselves which ‘entities’ they recognize to exist. In this blog, we use the term the jurisdiction in its wide sense. For example, the jurisdiction of the Dutch law is conceptually the same as the jurisdiction of a family. Both have existing entities, demands and rules, such as driving on the right side of the road or having breakfast at 7.30.

In this sense, different jurisdictions have different ways of looking into guardianship. In the Netherlands, a distinction is made between a financial guardian, called a “bewindvoerder”, and a non-parental authority for a child, called a “voogd”. The law clearly specifies what actions these different guardians are and are not allowed to do. These specific notions of guardianship do not exist, for example in the United States.

An example of a jurisdiction is the NGO camp as described in the Sovrin whitepaper about guardianship. That whitepaper describes a use case in which 6-year old Mya walks into a refugee camp with her grandmother Zo, see Figure 1. In this jurisdiction, Zo and the NGO itself are appointed as guardians for Mya. Within the jurisdiction of the Dutch law, this variant of guardianship would not be legally valid. Hence outside the gates of the camp, the guardianship credential may be unusable.

The lesson here is that there is no all-fitting definition of guardianship for all different jurisdictions.

Figure 1: Guardianship example: little Mya cannot collect her own food, but her grandmother Zo can pick up rations for two persons: one for herself and one for Mya

Please see the full Sovrin Mya video here.
(Reproduced with permission from Sovrin.)

Lesson 2: Only legal entities in a jurisdiction can be a guardian or a dependent

When a form of guardianship is set up in a certain jurisdiction, it is important to note that this is only possible when the subject of the guardianship (the “dependent”) is recognized by that jurisdiction as a legal entity. If it is not recognized as existent, why bother with giving it a guardian? In the same sense, the guardian should also be recognized as a legal entity, otherwise he cannot participate in any business transactions. A Verifier can only accept a guardianship credential, if it recognizes the jurisdiction of the Issuer that issued that credential because the guardian and dependent have a relation between them that is defined in this jurisdiction.

The lesson here is that a guardianship relation between a dependent and a guardian is only meaningful in cases that are governed by/in the jurisdiction in which that relation is defined.

Both dependent and guardian should be recognized legal entities in the jurisdictions of both the Issuer and Verifier of guardianship credentials.

Lesson 3: Ownership can be seen as specialization of guardianship

There is a similarity between the definitions of ownership and guardianship in most dictionaries. The term ‘owner’ is defined as “a person who owns something: one who has the legal or rightful title to something”, whereas the term ‘guardian’ is defined as “one who has the care of the person or property of another” (See Merriam-Webster dictionary). In this context of ownership, when someone owns something, then he is entitled to do certain things with this property that other individuals are not, such as selling it. Typically, this owner would protect or defend his property. This shows the correspondence between the concepts of guardianship and ownership. The main difference is that when someone owns something, the owner has full responsibility over that thing, in all different scopes. The subject of guardianship is not “owned” by the guardian, and guardianship is usually limited in scope: financial, health, … .

The lesson here is that one should always specify the scope of a guardianship.

Lesson 4: Guardianship applies per transactions

In general, people assume that guardianship is always existing in the full period of time that a guardian can act on behalf of its dependent. In practice, this seems less strict: when someone acts in a business transaction on behalf of themselves, then they have no guardian in that specific transaction. On the other hand, transactions where a guardian acts on behalf of another person can be seen as a guardianship transaction. This means that per transaction, there should be a check whether someone has or could have a guardian or not.

For example, someone who is under the Dutch “bewindvoering” might not be able to buy a TV online without consent of their guardian. In the purchase transaction, they need the consent. When actually picking up the TV from the store, and thus needing to present an identification, there is no need for the guardianship consent.

The lesson here is that the application of guardianship is transaction-specific, meaning that you cannot act in a certain transaction in one setting because this is allowed in another setting.

Conceptual model: guardianship, jurisdiction, scope, transaction

Figure 2 provides a conceptual model that summarizes the lessons of this blog. This model is work in progress. Please let us know your thoughts about guardianship, SSI, the usefulness model, and what aspects of guardianship should be worked out in further detail.

Figure 2: Conceptual model for the class of guardianship



Sterre den Breeijen, Rieks Joosten, Oskar van Deventer, TNO


Dr. ir. Oskar van Deventer

  • Scientific Coordinator