VERIK / V094 / 09 JUL 2026
Agent IdentityGovernance

The Identity Stack the Standards Body Named

On the ITU-T Focus Group on Trust and Identity for Humans and Agentic AI, and the moment the identity layer stopped being a downstream compliance requirement and became the substrate governance object.

On July 9, 2026, at the AI for Good Summit in Geneva, the International Telecommunication Union announced the establishment of a new Focus Group under Study Group 17, named the Focus Group on Trust and Identity for Humans and Agentic AI, abbreviated FG-TIDA. The announcement was carried by Reuters wire on the same day. The Focus Group will develop frameworks aimed at ensuring AI agents remain identifiable, trustworthy, and subject to meaningful human control, particularly in sensitive areas such as financial transactions and critical infrastructure. Its Co-Chairs are Debora Comparin of Thales Cybersecurity and Digital Identity in France and Amir Banifatemi of Cognizant in the United Kingdom. Its Vice-Chairs are Liangliang Zhang of Huawei Technologies in China and Sounil Yu of Knostic in the United States. The first meeting will be held in Paris in November 2026, the second in Geneva in January 2027.

The distinctive property of FG-TIDA is not that a standards body has taken up agent identity. Several have. What is distinctive is the sentence that names the object.

What the Terms of Reference actually name

The Focus Group is not a Focus Group on identity for AI agents. It is a Focus Group on trust and identity for humans and agentic AI. The identity stack it will address is designed jointly for both. This is a departure from the design pattern under which most current agent-identity work has proceeded, in which the identity layer for humans exists first, has its own standards, and is then extended, wrapped, or annotated to accommodate machine agents.

The ITU SG17 workshop trilogy that produced the Focus Group makes the design intent explicit. The first workshop, held March 30 to 31 2026 at ITU headquarters, was titled Trustable and Interoperable Digital Identities for Human and Agentic AI. Its closing summary, adopted at the SG17 fifth plenary in early June 2026, called for a common, layered identity stack for agentic AI. Comparin, speaking at the announcement, phrased the requirement in the same shape: common international foundations were needed to establish who the agents are and how and when they can be trusted.

The layered identity stack is a phrase with a specific consequence. If the stack is one stack, then a governance decision about a layer of it is a governance decision about both humans and agents together. Wallet, credential-issuance, attestation, and revocation layers become, under the design intent the workshop trilogy adopted, shared substrate. That is a different governance object from the object most national-scale instruments have been legislating over.

The postures the instrument sits alongside

The instruments this catalog has been tracking through the first half of 2026 have been organized primarily around the model or the deploying organization. The EU AI Act assigns obligations to providers and deployers of AI systems. The June 2026 US Executive Order on AI systems in federal use assigns responsibilities to agencies procuring or fielding models. The EU Commission Action Plan on Cybersecurity and Artificial Intelligence, tabled July 7 2026, commits to an ENISA and Joint Research Centre evaluator platform oriented at models. The Malaysia AI Systems Cybersecurity Framework, launched July 9 2026 in Putrajaya, is scoped to AI systems.

FG-TIDA is not scoped to systems. It is scoped to identities, human and agentic, in one layered stack. Whether an AI agent is deployed by a compliant provider, evaluated by a national evaluator, or covered by a system-level cybersecurity framework does not answer the FG-TIDA question. The FG-TIDA question is whether the agent presents a resolvable identity at query time, whether the identity is bound to a principal in a way a counterparty can verify, and whether the revocation of that identity propagates to the systems that hold assertions about it.

The empirical baseline that already exists

The catalog contains at least one prior piece for which the FG-TIDA scope is directly load-bearing. The empirical study of ERC-8004, published June 24 2026, found that between 85 and 97 percent of on-chain agent identity registrations across Ethereum, BNB Smart Chain, and Base did not resolve to a live service endpoint, and that between 59.2 and 90.6 percent of the reviewers in the corresponding reputation registry exhibited coordinated behavior. That empirical result concerns exactly the layer FG-TIDA is now proposing to standardize. Whatever FG-TIDA produces will need to answer, in its own terms, whether the identities it defines are resolvable at query time, whether the identity binding is verifiable across organizational boundaries, and whether the reputation and validation layers built on top of the identity layer can be distinguished from placeholder registrations at the moment a counterparty agent needs to make a decision.

Who is at the table

The four leadership names carry weight. Thales is a European identity vendor with long history in national identity infrastructure. Cognizant is a global integrator embedded in enterprise deployments. Huawei is a persistent point of geopolitical contention in telecommunications and identity infrastructure. Knostic is a US firm focused on AI security. The composition is neither a Western coalition nor a private consortium nor a research consortium. It is a joint venue with the mandate to write a stack, not a compliance regime.

That does not resolve the sovereignty questions the identity layer carries. It sharpens them. The Focus Group will have to name whether it is building on top of national identity infrastructures, alongside them, or beneath them.

What remains on the table

The governance artifact is retained. The governance function is not.