The rise of generative AI intensifies risks of digital identity cloning, impersonation, and unauthorized commercial exploitation of personal data. To address these challenges, this paper proposes the Digital Identity Rights Framework (DIRF)—the first systematic, multidimensional framework for digital identity rights. DIRF operationalizes control over identity across three dimensions: behavioral, biometric, and personality attributes, formalizing 63 actionable control measures across nine domains. It integrates legal compliance mechanisms, technical enablers—including AI-generated content detection, dynamic digital watermarking, identity provenance protocols, smart contracts, and privacy-preserving computation—and hybrid governance models to ensure informed consent, end-to-end traceability, and lawful commercialization. Designed for cross-platform deployment and regulatory interoperability, DIRF delivers a practical, verifiable, and scalable governance paradigm for developers, legislators, and supervisory authorities—advancing digital identity protection from fragmented implementations toward standardized, large-scale adoption.

The rapid advancement and widespread adoption of generative artificial intelligence (AI) pose significant threats to the integrity of personal identity, including digital cloning, sophisticated impersonation, and the unauthorized monetization of identity-related data. Mitigating these risks necessitates the development of robust AI-generated content detection systems, enhanced legal frameworks, and ethical guidelines. This paper introduces the Digital Identity Rights Framework (DIRF), a structured security and governance model designed to protect behavioral, biometric, and personality-based digital likeness attributes to address this critical need. Structured across nine domains and 63 controls, DIRF integrates legal, technical, and hybrid enforcement mechanisms to secure digital identity consent, traceability, and monetization. We present the architectural foundations, enforcement strategies, and key use cases supporting the need for a unified framework. This work aims to inform platform builders, legal entities, and regulators about the essential controls needed to enforce identity rights in AI-driven systems.