Establishing identity is a vital, risky and changing business

NEVER DITCH a party without an excuse. On a cold Sunday night in 1409, the great and the good of Renaissance Florence—men of the governing classes, painters, goldsmiths, sculptors—had gathered for dinner. Donatello was there, so was Filippo Brunelleschi, the engineer behind the great dome of the Duomo. But where was Il Grasso the woodcarver? “The fat one” had not even had the decency to send his regrets. Such a snub deserved a response.

Brunelleschi had a plan: take away his identity. “In revenge for his not coming this evening,” he said, according to Antonio Manetti’s 15th-century biography of the architect, “we’ll make him believe that he has become someone else.”

Grasso returned home from his workshop the next day to find his front door locked. He knocked, expecting his mother, only to hear a voice—Brunelleschi’s—that sounded uncannily like his own. The voice called itself Grasso and referred to him as Matteo, a local craftsman. Just then, Donatello walked by: “Good evening Matteo, are you looking for Grasso? He’s just gone inside.”

Baffled, Grasso headed for the Piazza di San Giovanni to seek out friends, elucidation, reassurance. Instead, officials from the city’s merchant court set upon him, calling him Matteo and demanding he pay off his outstanding debts. He spent the night in jail. The next day the real Matteo’s brothers came along to “settle his debts”, then carted him home for dinner. Grasso was gaslit: “I am no longer Grasso and have become Matteo.”

Valentin Groebner, a historian, uses the story of Il Grasso to illustrate his study of how people were identified in early modern Europe. It reveals two fundamental principles of personal identity. The first is that any individual’s identity is contingent on the recognition of others. The second is that anything like a modern life is rendered all but impossible when that recognition is not forthcoming, or is suborned.

Put those two things together and you see why the provision and policing of identity is one of the foundations of the modern state and the lives lived in it. A person’s sense of who they are depends on many things, and is not necessarily either stable or singular. People can identify in many ways, and often do so simultaneously. Your correspondent will happily reveal that he is an immigrant (never an expat) but also a pukka Londoner and none dare say him nay. Political and social culture—at least in the liberal West—have matured to a degree where an increasing number of countries allow him to choose his pronouns and assert his gender unilaterally. But a claim that his name is Leo Mirani, that he was born in 1983 and that he is a legal alien resident in Britain holds little weight without documentary evidence in areas regulated by the state: finance, housing, employment, marriage.

In the 19th and 20th centuries the power to issue legal identity, like the power to issue fiat money, became a state monopoly. When states do not properly apply this power, people suffer. In the poor world those without proof of identity may be cut off from food rations, public housing and other government assistance. That is why the 1989 UN Convention on the Rights of the Child lists the right to birth registration and to a name second only to the right to life, and why the aim of a “legal identity for all” is included in the sustainable development goals the UN has set for 2030. The World Bank reckons that at least a billion people lack an official proof of identity. Being undocumented means being cut off from the modern economy—or working in the shadows and risking exploitation. Identity is a vitally important service for citizens if they are to fully participate in the economy and society.

The fact that this service depends on the state raises problems. Identity, like tokens of monetary value, can be taken away by the state that issues it. A hundred years before India’s government declared, in 2016, that all 500- and 1000-rupee notes would cease to be legal tender, the Italian authorities invalidated all passports belonging to military-age men with immediate effect, causing confusion on a similar scale.

Being undocumented means being cut off from the economy, or working in the shadows and risking exploitation

The problem is rarely so obviously daft as in a recent case in Romania where a court refused to overturn a man’s death certificate on the grounds that, though incontestably alive, he had appealed too late. “I have no income and because I am listed as dead, I can’t do anything,” he said. Sometimes the oddities are simply inconvenient. Zhang Ying, one of this newspaper’s data journalists in China, cannot make doctor’s appointments or file taxes online because the unusual character for her name, Ying, does not appear in the official database of standard Chinese characters.

Sometimes real harm is done. For a worked example look no further than Britain. Britons, or at least those whose political voices are heard, have for generations seen the idea of being asked for their papers by an organ of the state as disturbingly continental. The identity services offered by the state are circumscribed appropriately. Compulsory identity cards have only been issued during wartime; efforts to reintroduce them have been repulsed.

In 2017, though, the media started reporting on dozens of legal residents being harassed, detained or in some cases deported because they could not prove their right to be in the country. A “hostile environment” policy of making Britain unwelcoming to illegal immigrants had carried through to children of immigrants who came to Britain from the West Indies and elsewhere after the second world war—the “Windrush generation”, so named after one of the ships on which they travelled. Since the Home Office had disposed of old “landing cards”, forms that documented the arrivals, a generation of Britons risked becoming illegal aliens.

The response of many observers, including liberal ones like this newspaper, was to call for a national identity register. But the fact that such registers are now a necessity does not mean that they are not, also, a worry. The information revolution means that far more data than ever before can be associated with people entered in such registers, a possibility being used liberally—which, in these matters, risks meaning illiberally—by states of all sorts. China and India are both developing elaborate systems not just to identify over a billion people each, but to organise their lives.

This issue is exacerbated by another change to the world of identity—online authentication. The power governments guard in the physical world has, online, been taken up by Facebook and Google. Nine out of ten non-Chinese websites that allow their users to log in with the credentials provided by another company use one or both of them. The economic incentives of the internet mean that these systems, like government bureaucracies, associate identity with ever greater swathes of information built up by the data-brokers who manage the flows of information between advertisers, tech firms and consumer companies. The firms which provide identity services have insight into the lives of their users, as states have into the lives of their citizens.

This introduces new vulnerabilities. The gaslighting of Il Grasso required that his “friends” know a great deal about the intimate details of his life. Outside police states, that level of detail was rarely accessible to 20th-century bureaucracies. Increasingly they now have the means to create such portraits—as a result, so do bad actors within the system, and criminals who break into it. As the gap between physical, self-asserted identity and remote, information-based identity has grown, the risk of being known to and identifiable by people you have never met increases. Again, the analogy with money illuminates. There are good reasons for society to have evolved from value stored in the weighable gold of Florentine ducats to the digital codes of bank databases. But that does not mean the new system is in all ways more secure.

Data breaches are common—Equifax, Yahoo and Marriott have all lost customer information. So are attacks. Mat Honan, a journalist, had his Google, Twitter and Apple accounts hijacked by hackers who used loopholes in each platform’s identity verification processes. As Mr Honan put it, “every time you call Pizza Hut, you’re giving the 16-year-old on the other end of the line all he needs to take over your entire digital life.”

But information technology provides possible avenues for improvement, too. Identity, in the state’s eyes, is a marker of a relationship that determines what you owe it and it owes you. New systems could allow the obligations and the identity to be unbundled—for each individual to be able to show that they deserved something without having to say who, exactly, they were.

Jeremy Bentham, an English philosopher, suggested in the 18th century that people should have a unique identifier based on their name and place and date of birth tattooed on their wrists. He believed this would improve people’s daily transactions: “Who are you, with whom I have to deal? The answer to this important question would no longer be liable to evasion.”

In future it may be possible to ask simply, “Do you have the qualities I seek in a counterparty to this deal?” and receive an answer you can trust from someone whose name you need not know. But it may also be possible to meet people who know exactly who you are, and what you’ve done, without you wanting them to.

2. Naming of names

To do the things that states want to do—be that tax their own people, fight other states, or improve the human condition—requires a particular way of seeing the world. As James C. Scott, a political scientist, suggests in his seminal work, “Seeing like a State: How Certain Schemes to Improve the Human Condition have Failed”, the pre-modern state was, in many crucial respects, particularly blind. It knew precious little about its subjects, their wealth, their landholdings and yields, their location, their very identity. It lacked anything like a detailed “map” of its terrain and its people.

The building blocks of a functioning society that people in the rich world mostly take for granted—permanent surnames, street numbers and addresses, standard units of weights and measurement—all came from attempts to draw such maps and thus make the world legible, as Mr Scott put it, to its states.

A map is a system of co-ordinates. So is an identity. It takes descriptors applicable across the population and uses them to specify an individual. Hence the double sense of “identity” as something that people share and something which defines them as themselves. In Middle French identité means the “quality or condition of being the same” (think identical twins). It was not until 1756 that the word came to be used to denote individuality.

For most people over most of history it has been the sameness that has mattered: identity tended to be a group designation. Sects, ethnicities and religions distinguished themselves from others and signalled membership of their groups through dress and headgear. Mostly this identification came from the group itself; sometimes it was imposed on them. As early as the eighth century Jews were required to wear distinctive clothing in the Islamic world, a practice adopted by medieval Catholic Europe and revived more recently by the Nazis.

Most early states were able to operate with these broad identities by being pretty broad-brush themselves; they dealt with intermediaries such as local chieftains, village heads and holy men, or through collective fines or punishment. They had some need for specifics: the Romans, peculiarly adept at organised violence, established the notion of a census so the state could keep tabs on young men of fighting age and call them up as necessary. But states cared much more about land, yields and ownership than they did about people per se. Domesday Book, through which William the Conqueror made legible the English lands he had invaded in 1066, was concerned almost entirely with primary landowners; peasants are listed by first name—a very vague form of identity—along with other assets such as land and mills. This way of looking at the world lingered for centuries: Louis XVI managed to escape from revolutionary Paris in 1791 because passports issued to nobility at the time listed their staff by description and nothing else. Louis assumed the dress of a valet.

In this world surnames—qualifiers added to the name proper—that denoted family were important almost exclusively when there was land or title to inherit. The vast mass of the people made do with a single name, which in a village is quite enough, since everyone knows you anyway. That said, names were quite few. As late as the 18th-century 90% of England’s men were either Charles, Edward, Henry, James, John, Richard or William. (William the Conqueror may not have been interested in the little people, but they happily named sons after him.) When needed, specificity could be added with a patronym or a professional description which, if its possessor passed on his profession, might run in the family. Smith was the most common surname in England for centuries; Johnson preserves a popular patronymic, as does Wilson.

It was only in 15th-century Florence that tax officials began to insist on a second name to help them see who was who, imposing a surname on those who lacked one. But away from rich cities and the seats of power things were slow to change. It took until the 17th century for people in the remotest parts of Tuscany to acquire fixed last names.

The modern notion of state-sanctioned identity can be dated to September 20 1792: “From this day forth begins a new era in the history of the world,” as Goethe put it. Admittedly, Goethe was not referring to a decree on l’état civil—civil status—made on that day by the National Assembly. He had in mind the Battle of Valmy, at which the French revolutionary army, imbued, it is said, with a new spirit of nationhood, beat the Prussians, who outnumbered and outgunned them. But the creation of civil status was a watershed too. It took the question of identity away from a hodgepodge of vouching for one another, parish records and the like. It changed the state’s attitude from that of previous censuses, such as the one called for in the constitution of the United States, which required only enumeration, not identification. It established the state’s direct and unique bureaucratic relationship with every citizen.

The 19th century saw the idea of such unique and authoritatively recorded relationships established as the primary form of identity across the metropolitan and colonial world. This was in part a response to the increasingly anonymous milieu of the Industrial Revolution’s cities, where identity could be assumed and shucked off more easily than in smaller communities. Part of this new state enforcement of identity was a legal prohibition on changing your name without seeking permission. Another was the identity card. France introduced them in Algeria in 1882, for vagrants in metropolitan France in 1912, and for foreigners in 1917.

The identities of criminals were of particular interest. In 1828 Prussia standardised the ways in which the police described people. In 1885 France adopted Alphonse Bertillon’s anthropometric system for identifying prisoners by measuring bits of the body (branding had been abolished in 1832), moving identity away from the social and legal world of names and heritage and into the measurable and purportedly objective world of anatomy. The system was soon adopted around the world, as was the standardised mugshot, another idea of Bertillon’s.

If state records were correct, your body no longer needed to be written on, as Bentham had suggested, in order to reveal definitively who you were. The anatomical measure that came to rule the roost was the fingerprint, simply taken, easily reproduced, purportedly unique—and also, remarkably, present even when the identifiable body that had left it was gone. The ability of the state to read the world was taken to a new level.

3. The truth of reconciliation

The fingerprint was just the start. There exist today any number of unique identifiers. The field of biometrics offers recognition by face, gait, retina, ear and more. There are official documents. And there are also mobile phone numbers, social network IDs, smartphone device IDs, constellations of browser cookies. Records of each are largely created separately from each other, and administered by divergent or competing interests within and outside the state. When reconciled, they can produce detailed portraits of the person they identify, locating them according to all sorts of varied co-ordinates.

Two current attempts at such reconciliation—one public, one private—stand out for their efforts to make such things work across huge populations: India’s “Aadhaar” ID project and Facebook. They both show how the control of identity is evolving in the 21st century. Neither is reassuring.

Like Aadhaar, Facebook is a juggernaut dimly understood even by its own creators

Aadhaar, which means “foundation”, is a 12-digit number tied to a person’s name, gender, address, date of birth, and the biometric information of ten fingerprints and two irises. It exists “to make every Indian, no matter how poor or marginalised, visible to the state,” Nandan Nilekani, a software billionaire and the architect of the programme, wrote in his 2015 book, “Rebooting India”. Making the pitch for the programme in a previous book, “Imagining India”, he argued that “creating a national register of citizens, assigning them a unique ID and linking them across a set of national databases…can have far-reaching effects in delivering public services better and targeting services more accurately.” If you hear echoes of Jeremy Bentham and James C. Scott in that you are not wrong.

Mr Nilekani’s vision was of less fraud, more efficiency, greater transparency and a lot more inclusion; Aadhaar was to bring hundreds of millions into the formal labour and financial markets. In the eight years since the first number was issued to Ranjana Sonawane, then a 30-year-old housewife in a remote village in western India, Aadhaar has achieved nearly universal coverage of India’s 1.3bn residents, in part by being admirably flexible. It requires no last names, and the address can be as vague as “behind the jamun tree”. It is non-binary with respect to gender, too.

But it is not, as originally conceived, voluntary. By the summer of 2018 Aadhaar was required or encouraged by nearly every government agency and programme. In one or more of India’s 29 states, it had been mooted as a requirement for access to subsidised grain, cooking gas, free school lunches, welfare payments, government pensions, public health care, fertiliser subsidies, scholarships, fellowships and rehabilitation from sex trafficking; to get a birth or death certificate, buy railway tickets, move large sums of money, file taxes, or buy and sell property. People reported being asked for Aadhaar when trying to send mail at the post office. The Reserve Bank of India ordered banks to link the number with accounts. The department of telecoms required it for a mobile phone subscriptions. Websites for arranging marriages started asking for it. Amazon asked people for Aadhaar numbers to track lost packages.

The question of whether all this was constitutional was brought to the Supreme Court. In September it ruled that it was, and allowed its use in the administration of welfare payments, subsidies and taxes, in effect making it mandatory. But it narrowed its use by the state and banned it for private companies. That restriction may not last. Arun Jaitley, the finance minister, has hinted that the government will pass new legislation to allow private use of the national ID.

Has Aadhaar made good on its promise to plug the holes in India’s leaky social-welfare system, cut corruption and ensure that the deserving get access to cheap grain and fuel? No one knows. When asked, a former boss of the Unique Identity Authority of India (UIDAI) called his successor to ask if there had been any studies of savings. There hadn’t.

Aadhaar has in some cases cut off access to benefits for people who previously received them and were not obviously fraudulent. Those who never got access in the first place have suffered, too. In February a woman gave birth outside a public hospital after being turned away for not having Aadhaar. Rural workers guaranteed employment by the law have had wages delayed because of Aadhaar’s shoddy implementation. Residents of Jagdamba Camp, a slum in South Delhi, say the complexity of the system for linking Aadhaar to new ration cards has resulted in family members being dropped off the list. Sainaj, a 55-year-old housewife, could not register her 29-year-old daughter, who is paralysed and unable to leave the house. She no longer receives food benefits, disability benefits, or free medication. Others complain about repeated, often fruitless trips to the local ration office to re-register or link their documents, eating into the day’s earnings.

Moreover, the system is prone to leaks, theft, misuse and overuse. No one knows for certain how much Aadhaar-associated data have been shared with whom, but in January 2018 Rachna Khaira, a reporter at the Tribune, a newspaper, bought a database with details on 1bn Indians for 500 rupees ($7). India’s states each have their own copies, and layers of sub-contractors have access to them. A system designed to prevent fraud has given rise to a whole new economy of fraudulent activity—such as the sale of fingerprints.

Mr Scott identifies four factors that are necessary for the failure of such “schemes to improve the human condition”: an administrative imposition of order that is inflexible and leaves out a lot of details about things in an attempt to make them simpler; an ideology that elevates science and technology above all else; an authoritarian state; and a prostrate civil society.

India fulfils the first two conditions and, under the Hindu nationalism of Narendra Modi, the prime minister, it is worryingly close to meeting the third. Journalists reporting on Aadhaar’s shortcomings have been intimidated by authorities. When Ms Khaira bought that bootlegged billion-person database the UIDAI filed a criminal complaint against her. In a country where both national parties stand accused of using voter lists to systematically target and murder minorities, it is not paranoia to fear a government with access to a comprehensive database on every citizen.

India does, however, possess a noisy and determined civil society. The Supreme Court ruling in September was the result of more than two dozen separate cases filed on legal, technical, constitutional and right-to-privacy grounds by concerned citizens. And the court’s ruling has acted as a check on the scheme’s ever-expanding scope, and limited the transfer of power from the identified to the identifiers.

The same cannot be said of Facebook, de facto identity provider of the non-Chinese parts of the internet. It is not just that nearly 2.3bn people use the service at least once a month, all identified by what seems to be a real name, all not only providing portraits of themselves but also helpfully linking themselves to their friends and interests (not to mention identifying pictures of each other). Almost every website, app and service now requires log-in details. Many people find it convenient to use the same social-network identity for many of these log-ins, and Facebook, as the biggest social network, has 60% of this “social log-in” market. Tinder, a dating app used by tens of millions of people, until recently required all its users to have a Facebook log-in, relying on its identity-verification procedures to keep creeps at bay. But that also creates a single point of failure. A data breach, revealed in September, compromised some 50m “access tokens”, which are used as people log in to other sites.

On top of this, Facebook’s ad infrastructure uses cookies to track the activity of users and non-users across the web; it also has ways to track what they do in other apps, and what they do offline. When someone swipes a loyalty card in a supermarket, the name, address and email address are useful bits of information for the retailer to reconcile with Facebook’s records, and it does so. This lets it build detailed—if not always accurate—profiles. Its policy of requiring real names links what it knows about online activity to offline identities. Facebook has become the internet’s equivalent of Aadhaar, a custodian of identities to which all other data that people might be interested in can be linked.

Like Aadhaar, Facebook is a juggernaut dimly understood even by its own creators. Its complexity makes it difficult to foresee problems and its size makes it impossible to control. Facebook has so far proved reluctant to self-regulate to any serious extent. Despite two years of negative publicity, and fresh scandals about data misuse emerging nearly every week, it is stuck reacting to them pretty much piecemeal. Some argue that users can simply vote with their feet, but there are no signs of that yet. It is not so much that it is hard—though it is for many. It is that most people don’t really seem to care.

4. The need-to-know basis

“Many of us in this room think we know how we use digital identity. But the truth is I am baffled most of the time. I just click OK,” said Adam Cooper, who helped set up the British government’s online identity system, Verify, and now works at ID2020, an organisation working to bring identity to the undocumented.

Mr Cooper was talking to a room full of specialists at a panel discussion in the House of Lords. The mood was gloomy. Steve Götz, another panelist, started his remarks by apologising “because I’m from Silicon Valley and we have created many of the problems we’re trying to solve today”. A similar sentiment pervaded an identity conference in Marseille in September. “The internet was built without identity management,” laments Thorsten Niebuhr of WedaCon, a German firm that does just that. “Most of us in the industry are aware of the problem. We’ve been talking about it for at least a decade. There are standards, but there is no coordinated effort” to manage digital identity.

It is because of that omission that Facebook has been able to dominate online identity, which for many of those at the meetings was problem enough. But the lapse also represents an opportunity cost. For most purposes the amount of information now linked to a digital identity, be it a Facebook log-in, an Aadhaar number or whatever, is extraneous and open to abuse. What a commercial or civic exchange requires is normally the ability to verify a fact about you—your age, say, or solvency—rather than to know who you are. When your correspondent went to that discussion at the House of Lords the security guards did not need to know who he was (though in a country with ID cards they probably would have asked for one). They needed to know he was unarmed, which was ascertained by other means.

With a good ID system, such an approach could be freely applied to aspects of life much subtler than the presence or absence of weaponry. It would be possible for people to verify facts about themselves without providing the opportunity for a panoramic snoop around their lives: to give the co-ordinate on the map that is relevant to the question asked without giving the other coordinates needed to specify exactly who you are.

Yoti, a London-based startup which wants to become the “world’s trusted identity platform”, is one of many attempts to provide such a service. Its system stores government ID documents and biometrics. If a user wants to buy a bottle of wine at a supermarket self-check-out and needs to prove their age, they scan a QR code and take a selfie using Yoti’s app. The retailer can be sure of their age, but no one has seen their name or nationality.

Several startups are entering the market. Many are looking to blockchains, such as the one which underpins bitcoin, and other “distributed-ledger technologies” to do for identity what cryptocurrencies claim to do for money—disentangle it from the state. Canada’s SecureKey, which uses a blockchain for “triple blind” privacy (meaning neither the issuer of an ID, the recipient, nor SecureKey sees more than needed for authentication), is backed by banks and telecom firms. Omidyar Network, an investment firm, is pouring money into identity companies. GSMA, a trade group of mobile-network operators, is promoting its own identity system along similar lines.

Governments and international organisations are interested. Countries around the world look to Estonia as a standard-bearer in issuing secure and useful e-identities. Austria’s eID, which makes it impossible to link identifiers across services, is seen as a model of privacy. But there have been disasters too. Nigeria’s MasterCard-branded biometric ID system has been widely criticised. Kenya is considering the collection of several forms of biometrics and DNA, too, in a programme that makes India’s look like a model of restraint. A new Venezuelan ID is used to track voting.

Immigration authorities and thermostats would set their own thresholds of acceptability

The need for secure online identities will become more urgent as the world digitises further. Connected devices are steadily infiltrating homes. Smart meters for utilities are becoming commonplace, as are smart thermostats. Voice-activated speakers such as Amazon’s Echo are increasingly popular. The median American household had at least five connected devices in 2017. That number may well double within a few years, and no one can say at what level it will plateau. All those devices need to be able to verify who is using them. Nobody wants a hacker opening their garage door or adjusting the heating. Passwords for every individual device are a non-starter. Large-scale biometric scanning is inevitable. If this all works with systems that endlessly check precisely who is doing what, rather than simply that whoever is doing something has the right to be doing it, privacy as it has been understood is over.

Identities which individuals can administer for themselves through a trusted non-state third party, or even a distributed ledger—“self-sovereign identities”, as their advocates call them in a rather “captain of my soul” sort of way—offer more benefits than just verification without undue disclosure. State ID documents often say who you were as much as who you are; self-sovereign ones could be bang up-to-date. And they could work probabilistically. “There is a 70% chance this is who it claims to be,” a machine would say. Immigration authorities and thermostats would set their own thresholds of acceptability.

There are two big obstacles to developing such systems. One is apathy. People do not adopt new IDs unless there is a reason to do so. States get around the problem by making it mandatory. Private companies must offer more. Microsoft introduced Passport, a digital ID for the web, two decades ago but it never took off. There were not enough users or websites to sustain it. Facebook became the internet’s identity provider by offering a range of other attractions.

The other problem is that few people have the patience to manage their own affairs, even when given the choice. People have for years talked about models of user control of data in the context of Facebook and Google. Yet no real options have materialised. Most people say they are concerned about the use of their personal data, but are perfectly happy to give it up with very little incentive, something academics call the “privacy paradox”. It is a paradox that keeps Facebook in business.

It is fruitless to blame people for this irritating inconsistency. It is the way people are. Perhaps more fruitful is to take aim at tech entrepreneurs and those to whom they look for inspiration. If enough of them were to take seriously the case for self-sovereign identities—and thus forswear the advantages that conveniently identity-tagged portraits of their customers bestow—they might provide an incentive for the development of such a system. If it could be made easy and fun, it might even be popular.

5. Lost and found

As much of the world risks being over-identified, however, remember those who remain underserved. You do not have to travel to the poor world to find one of the billion-plus people without proof of identity. You can find them in Baltimore, the biggest city in the American state with the highest median income.

For several months this year, students from Johns Hopkins University and members of Living Classrooms, a local NGO, operated an “identity clinic” for anyone who walked in. Visitors tended to be ex-convicts who had lost their documents. Some were homeless, some were recovering addicts. A few were all three. Volunteers helped them navigate the bureaucracy required to regain recognition. The clinic can only help those who were born in the state of Maryland—out-of-state birth certificates are even harder to track down.

Acquiring proof of identity without proof of identity is not easy. The undocumented must make trips to the Department of Vital Records (for a birth certificate), the Social Security Administration (to regain relevant numbers) and then to the Motor Vehicle Administration (for state ID). It is a time-consuming process.

Other documents are needed, too. Recently released offenders often do not have a home, so cannot show an address. Sometimes the volunteers send people to free health clinics, which provide a letter confirming overnight stay, thus establishing residence.

Carrick Bastiany-Gaumnitz was here one April morning for help getting his social security number. He did not say how he lost his ID; the clinic has a policy of asking no questions. He was chatty and full of energy. He hoped to go back to the local community college to take classes in physics. He had an idea for a startup.

Mr Bastiany-Gaumnitz was in a better position than Il Grasso; he could prove his identity to himself. He could reach into his pocket and pull out his phone, unlocking it with his fingerprints. He could log in to his Facebook account or his email. Yet none of these were sufficient: on the day we met he could not rent a car, find a stable place to live or apply for a job. He existed in flesh and blood, and as a consumer on Facebook, but was an illegible smudge to the state. Regaining his papers would make all the difference, he says. “A little thing like ID opens up a lot of possibilities for me.”

Correction (January 7th 2019): This piece originally said that the World Bank estimates that 1bn people lack a birth certificate. It is more accurate to say that they lack an official proof of identity. This has been amended.