Category: Digital Identity

Here’s my new handy-dandy Web 2.0 business card – click on it:

Hat tip to Aaron Brazell!

Bill Burnham’s recently wrote a great post with a long title: A Unified Theory of Search, Social Networking, Structured Blogging, RSS and the Active Web. He’s talking about how, in the future, we’ll be able to tag content (“structured content”) on our personal and business website in a way that will make it more sensible to be indexed and searched.

A couple of days ago, I posted about GE’s use of RSS to make available podcasts of its financial announcements. In the world that Burnham’s envisioning, GE’s website would actually have a set of metadata in XML that would point, in a sructured way, to all manner of information about the company. It could, for example, even contain the full employee directory of everyone who works at GE – suitably protected so that it only made sense to legitimate business partners of the firm.

A couple of years ago, Dan Bricklin started down this path by describing some core XML that a company could put on its web site. He called it SMBmeta. Dan’s notion didn’t get much uptake – but it was early and the window of opportunity for it may yet lie ahead, particularly as new vertically focused search opportunities emerge.

Identity is a very noisy space, but, sadly, one in which little actually gets done beyond all the blather. And, oh, is there blather.

For the last couple of years there’s been a fall conference on digital identity stuff. Phil Windley and others are holding an Internet Identity Workshop in Berkeley later this month. Kim Cameron has his Laws of Identity – but he’s overlooked the law of lack of progress! Sxip’s Dick Hardt has a beautiful presentation on Identity 2.0 that’s sweeping the web. Sixapart developed TypeKey to simply deal with comment spam. InfoCards are coming in Window Vista, whenever that might be ready for primetime.

In an earlier post today, I closed by asking whether the emergence of a viable digital identity system for the web might be Web 2.0’s parallel to what SSL enabled for Web 1.0.

Recently, when Google opened up Gmail for general enrollment, they required you to provide a mobile phone number as part of your personal registration information. They send you a text message with a code in it that you need to bring back to their site to complete registration. They say they’re using the phone number as a mechanism to limit the number of Gmail accounts (10 max) that any one person can sign up for, but in the future they could be doing other things too.

I bring this up because Gmail is a great example of a web application that could have (*would love to have*) relied on an existing, trusted digital identity infrastructure for new user enrollment – if such a digital identity infrastructure actually existed.

And that’s the basic problem: getting something that’s trustable, reliable, and user controllable into the user’s hands — the electronic equivalent of my photo ID driver’s license or my passport. There are so many relying party wannabees…yes, maybe even Google. That side of the digital identity “chicken and egg” certainly isn’t the problem.

So, what is it that Google really wants to know about me before they give me a Gmail account? How is what Google wants (actually, needs) to know about me different from what my bank or brokerage or mortgage company needs to know?

They all want to rely on someone else (who they trust) to step forward on my behalf and declare that, yes indeed, this interaction is being driven by the person they know as Scott. But why would anyone want to provide such a service to others on my behalf? Said, perhaps more bluntly, what’s in it for them?

With a driver’s license, my state’s DMV doesn’t take any risk if some arbitrary third party (the local liquor store) decides to sell me a bottle of vodka based upon the credential the DMV issued to me literally years ago. There’s nothing in my booze purchase transaction for the DMV — no upside but, perhaps more importantly in terms of liability concerns, also no downside.

An analogy (always dangerous!) comes to mind. If I apply to open a credit card account, who does the card issuer rely on to make the decision whether to issue me a new credit card? As part of the application process, I supply the issuer with lots of personal information about me. But, of course, they can’t know whether it’s right or not. So, what do they do? They ask somebody else – specifically, a credit bureau – what they know about me. Am I a good guy? Do I have a history of paying my bills? Based upon what the credit bureau tells them about me, they just might issue me a new credit card.

If, subsequently, I turn out to be a dead beat and stiff them for the credit they’ve granted me, do they have any recourse to the credit bureau who sorta vouched for me during the application process? Let’s be very clear: NO! Similarly, if I was an identity thief and just impersonating another identity, does the credit bureau bear any risk of loss? Nope.

Why do we need credit bureaus? Because they provide a broad view of consumer behavior that’s very useful in making decisions to grant credit. And, let’s face the music, because for some things (like extending more credit) you just can’t trust what the individual says about themselves!

Back to digital identity…who’s my identity bureau on the Internet? Who’s willing to vouch for me to arbitrary third parties?

[More to come…]

Kim Cameron links to Toby Stevens and his new blog on privacy, identity and security. He discusses a maturity model for privacy which is very much along the same lines as the notion of personal data stewardship that I discussed earlier.

A couple of months back in one of her presentations on the impact of the Internet, Morgan Stanley’s Mary Meeker used a slide describing today’s hierarchy of individual needs.

In today’s post-modern culture, we don’t achieve self-actualization without having our “always on” access to the Internet – and – our ever present companions: mobile phones.

Take a look at the rest of those recurring payments hitting your credit cards each month – you might find a few other things in your own personal hierarchy of needs that are required for your “well being”!

Indeed, in her haste to make points about connectivity and mobility, Meeker overlooked some other basic necessities of life – like that credit card! After all, what good is the Internet without shopping at Amazon? And, what good is your mobile phone without your personalized ring tone?

Isn’t it interesting that the computer isn’t even mentioned by Meeker — just the connectivity. After all, what use today is a computer that isn’t connected to the Internet?

And, who has time for esteem any more anyway?

Of course, this was all a bit of a fun play on Abraham Maslow‘s original hierarchy of human needs proposed initially in 1943. Maslow’s hierarchy is based upon the premise that the path to self-actualization demands satisfaction of all of the lower level needs first. Sure, it’s all just Psych 101 stuff, but it’s fun and something we can all relate to as Maslow’s theory feels personally very appropriate.

A few weeks back, along comes Tim Oren doing an exploration of privacy in this post-modern and totally connected world. Tim’s spent some time digging on the subject and shares some of his initial insights.

It seems to me that what Tim’s really focused on a new form of shelter in our lives — a “digital shelter” that provides a roof over our personal information and protects it just like the roof over our heads provides shelter from the terrestrial elements. Fulfilling our human needs for shelter demands that both our physical and – oh, sorry – our “logical” embodiments are both well protected — or we’ll be troubled, tossing and turning, worrying about why things in our life just don’t feel safe.

To help illustrate his points, Tim introduces a new (and perhaps more disturbing) hierarchy: the Hierarchy of Privacy Unease.

Tim’s Hierarchy of Privacy Unease begins at the top with the worst possible outcome – a direct financial loss. The actual effect of a direct financial loss on an individual’s well being depends upon who bears the actual risk of loss – the individual or a supplier of services to the individual.

For example, with credit cards in the US, the risk of loss to the individual is zero. Card number data breaches, while spun up by the press as alarming, are of financial impact only to the card issuers, not the cardholders. Even so, the cardholder may feel “violated” if victimized by stolen card information.

On the other hand, data breaches that expose “enough” personal information to enable true identity theft (such as the Choicepoint example earlier this year) are extremely disruptive to the individual and may require significant effort by the individual over months of time to resolve. Unfortunately, in today’s easy credit society, having “enough” personal information boils down to the information requested on a credit card application coupled with some social engineering cleverness that is well known by fraudsters.

Next on Tim’s hierarchy is intrusion – the simple desire we all share to live our lives without unwelcome interruptions. Interruptions of any kind disturb our flow; unwelcome or inappropriate interruptions generate emotions of anger or fear. Sounds quite a bit like the “pursuit of happiness” now, doesn’t it?!

Tim’s compartment breach layer is one I’ve not thought a lot about before – but which resonates with me now that he’s pointed it out. Individually, we do rely on compartments to help secure our lives and well being. Compromises that enable cross-compartment linkages to be derived are disturbing and another potential threat to our well being.

The loss of information asymmetry is another destabilizer for the individual when it happens. Related to the notion of compartmentalization, none of us likes to be at a disadvantage when it comes to knowledge. We want to know the dealer invoice for that car we’re negotiating to buy – and we don’t want the dealer to know anything about our history of car purchases that might be used against us in a negotiation. It just doesn’t feel “right” when something someone knows about us is used against us in that way.

In Tim’s everything else category goes the seemingly endless tradeoffs we each make as we provide “just enough” of our personal information to third parties in trade for some sort of economic reward. We do so believing in real “compartmentalization” – that the data we provide to Safeway for participating in their discount program won’t be used against us in some other way.

Privacy policies are the primary mechanisms the data collectors use to inform us about their use of our data. Data breaches, which don’t abide by anyone’s privacy policies and, indeed, tear them to shreds, are increasingly the primary forces that expose us to damage – by putting us at an information disadvantage, invading our compartments of data, and moving us up Tim’s hierarchy, eventually destroying the digital shelter of protection over our heads – and our well being. Tim’s Hierarchy of Privacy Unease provides us with a very helpful way to think about these issues.

Of course, what we’d all really like to see is effective “pest control” in place between these layers – for it’s the very erosion of the layers that leads to these bad things happening. We want to know, with certainty, that those with whom we trade our personal information will take all necessary steps to protect it and use it responsibly.

Increaasingly, what we want from them is a “Code of Personal Data Stewardship” that is clear and unambiguous about their responsibilities for protecting our personal information – including notifying us and accepting liability for any breaches they’re involved in that affect our personal information that we’ve entrusted to them.

Existing efforts to date have failed to provide this level of assurance and trust for the individual. Trust-E, for example, seems to “walk softly” on these issues – being largely a group supported by those who seek to obtain and use our personal information (and post Trust-E seals on their websites), not by individuals wanting to ensure their personal data receives comprehensive protection.

Legislative efforts, responding to the data breaches earlier this year at Choicepoint, CardSystems and others, currently appear to be primarily directed at beefing up data breach notification obligations – by extending California’s recently enacted notification requirements nationwide. Unfortunately, an effort by legislators to impose requirements for stronger personal data stewardship – and associated liability if not achieved – seems sorely lacking.

Tim’s post certainly advanced my understanding of these issues and helped me think through my own personal hierarchy of needs related to privacy of my personal information. There’s a lot of chatter on the web these days about digital identity – but it seems to me that these issues of personal data stewardship are truly the top priority in terms of enabling all of us to feel safe and secure with a sound “digital shelter” over our heads!