"Sign in with Google" has become so naturalized that questioning it feels paranoid. This is itself worth questioning. When a surveillance arrangement becomes the unquestioned default, the surveillance no longer requires justification; the alternative requires justification.
The civic dimension of the default matters. A democratic society depends on the existence of un-surveilled spaces — spaces where citizens can think, discuss, organize, dissent, change their minds, without the activity being logged for later use. The architecture of identity infrastructure determines what un-surveilled spaces are operationally possible. If every authentication is logged centrally, the un-surveilled space collapses.
The historical analogue. The transition from cash payments to card payments transferred a similar amount of activity into the centrally-logged category. The card networks did not advocate for this transfer on the basis of its civic implications; they advocated for it on the basis of convenience. The convenience was real; the civic loss was diffuse and slow to be recognized. Decades later, scholars and regulators are arguing about whether the loss can be reversed.
The same pattern is repeating with identity. The federated authentication default — Sign in with Google, with Apple, with Facebook — was adopted on the basis of convenience. The civic loss is diffuse: every authentication metadata becomes part of a near-complete profile of the citizen's activity. The scale of the surveillance is invisible per-transaction and overwhelming in aggregate.
The architecture of decentralized authentication offers an alternative civics. A credential held by the user, presented selectively, verified cryptographically — no third party in the loop, no log retained by any centralized provider. The same convenience for the user (one identity, many services) but without the surveillance trade-off.
The civic case for this is not merely about privacy as a personal right. It is about preserving the structural conditions under which democratic society operates. The argument requires the same kind of intentionality the historical defenders of voting privacy, mail privacy, and association privacy applied.
Three structural conditions worth preserving.
Condition 1: Unobserved deliberation. Citizens forming political opinions, evaluating candidates, considering controversial views need spaces where the consideration is not logged. The current authentication architecture undermines this because the platforms where deliberation happens authenticate users through the surveillance default.
Condition 2: Reversible association. Citizens joining or leaving associations (political parties, religious groups, advocacy organizations, support networks) need the joining and leaving to be reversible without permanent record. The current authentication architecture creates permanent records of every association joined.
Condition 3: Cross-platform pseudonymity. Citizens engaging in some activities under one persona and other activities under another persona — a long-standing pattern of healthy democratic engagement — need the personas to be cryptographically separable. The current authentication architecture (one Google account → many services) breaks the pseudonymity by default.
Each of these is preserved by the decentralized authentication architecture and broken by the federated default. The civic stakes are real.
The transition from the federated default to the decentralized alternative is not just a technical choice. It is a civic choice. The technologists building the alternative — Solidus and peers — are doing civic work even when the immediate framing is commercial. The buyers integrating the alternative are making civic decisions even when the immediate justification is procurement.
The 100-year frame. The architectural choices made in 2026-2030 about identity infrastructure will shape the structural conditions of democratic society for generations. The convenience trade-off that produced "Sign in with Google" was not, in retrospect, a fair trade. The opportunity to undo it without giving up convenience exists in this decade.
For the citizen, this article is not asking for personal action — most readers cannot meaningfully shape the architectural choices at the platform level. The asks are different: notice the default; support technologists building the alternative; favor platforms that integrate the alternative; advocate where appropriate for regulatory frameworks that mandate it.
The civic case for decentralized authentication is the case for preserving the structural conditions of democratic society. The technology exists. The standards exist. The implementations exist. The choice to deploy them broadly is collective.
Top comments (0)