Your online self is a patchwork: usernames, profiles, login credentials, and behavioural data scattered across dozens of platforms. You created it, but you don’t really control it. Platforms decide what you can change, what you can export, and what happens to your account when you break a rule or they change their mind. Governments and employers increasingly want to tie that digital presence to a verified, official identity. The question of who owns your digital identity isn’t abstract—it shapes what you can do online, how you’re held accountable, and who can lock you out of your own life.
The Platform Default
In practice, ownership is mostly with the platforms. When you sign up for a service, you agree to terms that grant them broad rights to host, use, and sometimes share your data. Your “identity” on that platform—your profile, your history, your connections—lives on their servers. They can suspend it, delete it, or hand it over to law enforcement. You can’t take your social graph or your recommendation history with you in any usable form when you leave. Data portability regulations in some regions require that companies let you download your data, but that’s usually a dump of files, not a way to move your identity to another service. So your online self is fragmented, and each fragment is under someone else’s control.
Why It Matters
Losing access to an account can mean losing access to your work, your contacts, or years of photos. It can happen because of a hack, a mistaken ban, or a policy change. When identity is held by platforms, you’re always one decision away from being locked out. That’s not just inconvenient—for people who rely on a platform for their livelihood or their primary way to communicate, it’s existential. And because identities are siloed, you don’t have a single “you” that you can move or back up. You have dozens of partial selves, each at the mercy of a different company.
Government and Verified Identity
On the other side, governments are pushing for verified digital identity—linking your online presence to a state-issued ID. The goals are often legitimate: reducing fraud, ensuring age verification, and making sure that “one person, one vote” or “one person, one benefit” holds. But verified identity also means that the state (or its contractors) becomes a gatekeeper. Your ability to participate in certain online spaces could depend on handing over your real-world identity to a platform or a government system. The trade-off between accountability and anonymity is real. So is the risk of centralising identity in the hands of a few actors who can exclude you or leak your data.
Self-Sovereign and Decentralised Identity
Self-sovereign identity (SSI) and related ideas propose that you should hold your own identity credentials—verified claims from issuers (governments, employers, schools) that you can present when needed, without the verifier holding your data. In theory, you own the credentials; you choose when to show them and to whom. Decentralised identifiers (DIDs) and verifiable credentials are the technical building blocks. In practice, adoption is slow. Most services aren’t built to accept a credential you hold in your wallet instead of a username and password in their database. The ecosystem is still emerging. But the direction is clear: identity that you control, rather than identity that platforms and governments hold about you.
What You Can Do Now
You can’t single-handedly shift the whole system, but you can reduce your exposure. Use a password manager and strong, unique credentials so that one breach doesn’t cascade. Where possible, use two-factor authentication and consider hardware keys for critical accounts. Support and use services that offer data export and account portability. Be cautious about linking your real identity to every platform—sometimes a pseudonym or a separate profile is the right choice. And pay attention to policy: data protection laws, right-to-deletion, and rules about identity verification are being debated and passed now. Who owns your online self will be decided in part by regulation and in part by what we demand as users. The default is that we don’t own it. Changing that starts with asking the question.
