No Phone Home

“If the capability exists… that power will be activated sooner or later; we’re always just one emergency away.”

As AI agents start acting on behalf of people and organizations, it is increasingly likely that they will make use of government-issued digital credentials.

Mobile Driver’s Licenses (mDLs) are one of the most widely discussed examples. They are already rolling out across North America and embedded in massive national programs across Europe and Australia.

At first glance, the mDL seems like a major leap forward in identity verification. It’s cryptographically secure. It’s mobile-native. And it promises a better user experience.

But there’s a latent privacy risk: phone home functionality.

“Phone home is not just surveillance and privacy invasion. It’s much worse than that.”
— Timothy Ruff, CSO, Digital Trust Venture Partners

When you present a digital credential — say to prove your age or identity — some systems will “phone home” to the original issuer to check that it’s valid. That means every use of your credential becomes an event the issuer can log, monitor, or even deny.

It’s like if every time you showed your driver’s license, the DMV got a ping and could choose whether to approve your action.

Ruff warns this is more than just invasive — it’s a control point. As he puts it:

“It is literally the government’s ability to say ‘yes, I will allow you to do that thing.’”

Agentic systems will rely on credentials to perform actions autonomously — sign contracts, access data, verify age, assert roles, or fulfill regulatory requirements.

If those credentials are tied to systems with phone home capabilities, we’re granting external authorities real-time control over our users’ behavior.

This might sound like a corner case — but it’s not. The ISO 18013 standard that underlies most mDL implementations includes built-in support for Server Retrieval Mode — a polite term for phone home. And even when government agencies say “we won’t turn it on,” Ruff urges caution:

“It’s like giving a four-year-old an ice cream cone and telling him not to lick it, then walking away. That’s privacy by policy. The only protection we have is current policy makers’ promise not to turn it on.”

And this isn’t just a fringe worry. A broad coalition of organizations — ranging from the ACLU, EFF, and EPIC to Brave Software and the Trust Over IP Foundation — has signed onto the No Phone Home campaign, warning that latent surveillance capabilities embedded in mDLs pose a systemic risk to civil liberties.

“Identity systems that phone home facilitate centralized tracking and control, privacy invasions, and other potential abuses. If this capability exists within a digital identity system, even inactively, it will eventually be used.”
— Joint statement from NoPhoneHome.com coalition

These risks aren’t just theoretical — they’re actively discussed by leaders in the decentralized identity and privacy communities. At events like the Internet Identity Workshop, concerns around latent surveillance, phone-home architectures, and verifier dominance have become central topics. It’s increasingly clear that if agentic systems are to flourish, they must be built on protocols designed to protect autonomy — not erode it.

The trend lines are clear. mDLs are expanding beyond traffic stops and airport checkpoints. In Utah, they’re being pushed into e-banking, online age verification, even car rentals. At the same time, they’re being positioned as a replacement for usernames and passwords — becoming the default authentication method across the web.

In Louisiana, residents must use the state’s LA Wallet app to verify their age when accessing adult content online — introducing the very real possibility of state agencies monitoring sensitive digital behavior.

“A stream of all your websites are flowing to the government, and it’s not hard to imagine how that could be abused against, say, Gaza protesters or protesters of any political stripe.”
— Jay Stanley, Senior Policy Analyst, ACLU

That’s when phone home becomes dangerous by design.

“Now combine that ubiquitous use with a latent phone home capability and you have a tinder box… With that surveillance comes control, the ability to stop saying ‘yes’ when requests for identity verification come in, for any reason under the sun.”
— Timothy Ruff

If modern decentralized identity protocols like KERI, ACDCs, and SD-JWTs can verify credentials without calling back to the issuer, why stick with phone home?

Ruff’s answer is blunt: convenience and familiarity.

Protocols like OpenID Connect and SAML, which inherently phone home, are deeply embedded in the identity and access management (IAM) industry. Developers know them. Enterprises depend on them. So they get reused — even when the context shifts from intra-organizational single sign-on to cross-domain surveillance.

“The ISO standard represents the interests of verifiers — big companies who want to make you prove who you are. It doesn’t represent the interests of identity holders, ordinary people who might want their privacy protected.”
— Jay Stanley, ACLU

But agentic systems demand a different foundation. They require credentials that are verifiable without revealing to an authority who used them, where, and for what. As Ruff puts it:

“A digital credential from the government should function like the physical one: it should have the power and trust of the government when I use it, but no built-in way for the government to know if, when, or where it’s being used.”

We’re at a fork in the road. As governments and vendors build out the infrastructure of digital identity, we must ask a simple but urgent question: Are we embedding latent surveillance into the foundation of agentic computing?

The fight is not against mDLs themselves, or even against governments. It’s against designing in control, then asking society to trust that it will never be used.

“If the capability exists… that power will be activated sooner or later; we’re always just one emergency away.”
— Timothy Ruff

If your agents are going to carry digital credentials, ensure those credentials don’t double as surveillance devices. And if you’re building a system that will issue credentials, design it so verification can happen without ever needing to call home.

Let’s build agentic systems on a foundation of trust without surveillance — not policy promises that can be reversed, but protocols that cannot be abused.

The post is based on a blog post and conversation with Timothy Ruff, CSO, Digital Trust Venture Partners LLC.

Ken Adler is a Tech Fellow and Director of Identity and Access Management at Indeed.com.

David McPike is a Principal Architect in Indeed’s Identity and Access Management department.

Disclaimer: This post was crafted with a little help from AI (ChatGPT), but all insights and opinions are entirely my own. No AI was harmed in the making of this post.

For further insights into the latent surveillance capabilities of mDLs, refer to Kim Hamilton Duffy’s detailed analysis: Even the Experts Didn’t Know. Also, see this StateScoop article. Enjoy the No Phone Home Song.