Brad Ideas - The paradox of identity management - Comments

Legislation doesn't cut it

brad — Tue, 06 May 2008 11:40:11 -0700

Legislation is not impotent, but it’s very far from omnipotent. Information flows around the rules, if you let it out. Regularly we see stories how how you can buy all sorts of records from corrupt government employees. I doubt we can stop corruption.

In addition, we can’t solve the problem of future surveillance technologies that most people have not dreamed of. Today there is not adequate AI to understand all this data we’ve let out, but there will be, and laws won’t stop it.

Yes and No

Radovan Semancik — Tue, 06 May 2008 10:27:11 -0700

Although I can agree that the way OpenID folk is heading is wrong, I cannot agree with everything. I do not agree that making the information sharing easier will inevitably lead to the massive disclose of personal data. I think that proper legislation and a good reputation mechanism can lead to a suitable equilibrium between privacy and disclose.
I strongly recommend you the books by Daniel Solove, especially "The Digital Person". You can find many answers there.

Trip-codes

Julian Morrison — Sat, 30 Jun 2007 05:47:40 -0700

If you need authenticity without identification ("only the real Mr Anonymous could have written this comment") there is a solution called "trip-codes", used in parts of the web. Basically, the user enters an arbitrary password which is hashed and the hash value is displayed alongside the user name. It's hard to fake, because you'd have to guess the password. However it makes no intrusive assertions about real identity.

But my son doesn't understand

Liz Strauss — Sat, 30 Jun 2007 00:49:38 -0700

You and I understand the value of privacy, but my son is just out of college . . . he's immortal still. He's been on a computer since he was three, and he's never been in danger in any world. The young men and women he went to university with and the young men and women who visit my blog are flattered when programs offer to track their slightest preferences.

The folks at CVS don't understand what they are giving away when they get that 10% discount, so why should my son with no experience understand?

It's not only that easy to go along with giving away the information. It's also that often an ego boost comes with the giving -- look there's my picture on the MyBlogLog widget, isn't that cool? Watch them track me all over the Internet.

It seems that many folks just can't see below the surface. Some days I feel that it could be too late for most of us already.

Sure

brad — Fri, 29 Jun 2007 21:07:53 -0700

Those of us in the tin-foil hat community (and I include myself) can do a lot with the more advanced identity control tools in OpenID. Though we already can do that, and many of us already do, with the old fashioned password reminder tool in the browser or various plugins.

Again, as I said, the easier you make it to hand over identity info, the easier it is to demand it.

Directed identity in OpenID 2.0

Simon Willison — Fri, 29 Jun 2007 17:48:35 -0700

Hi Brad,

Great post, lots of stuff to think about here. Are you aware of the directed identity stuff going on to OpenID 2.0? Essentially it will let you enter the URL to your OpenID provider (rather than your specific OpenID) - your provider will then generate a one-time OpenID that only works for you on that particular site, preventing that site from correlating your accounts. Your provider will still know which accounts you are using, but at least you can chose your provider based on their privacy policy.

The paradox of identity management

brad — Wed, 16 May 2007 16:34:50 -0700

Since the dawn of the web, there has been a call for a “single sign-on” facility. The web consists of millions of independently operated web sites, many of which ask users to create “accounts” and sign-on to use the site. This is frustrating to users.

Today the general single sign-on concept has morphed into what is now called “digital identity management” and is considerably more complex. The most recent project of excitement is OpenID which is a standard which allows users to log on using an identifier which can be the URL of an identity service, possibly even one they run themselves.

Many people view OpenID as positive for privacy because of what came before it. The first major single sign-on project was Microsoft Passport which came under criticism both because all your data was managed by a single company and that single company was a fairly notorious monopoly. To counter that, the Liberty Alliance project was brewed by Sun, AOL and many other companies, offering a system not run by any single company. OpenID is simpler and even more distributed.

However, I feel many of the actors in this space are not considering an inherent paradox that surrounds the entire field of identity management. On the surface, privacy-conscious identity management puts control over who gets identity information in the hands of the user. You decide who to give identity info to, and when. Ideally, you can even revoke access, and push for minimal disclosure. Kim Cameron summarized a set of laws of identity outlining many of these principles.

In spite of these laws one of the goals of most identity management systems has been ease of use. And who, on the surface, can argue with ease of use? Managing individual accounts at a thousand web sites is hard. Creating new accounts for every new web site is hard. We want something easier.

The paradox

However, here is the contradiction. If you make something easy to do, it will be done more often. It’s hard to see how this can’t be true. The easier it is to give somebody ID information, the more often it will be done. And the easier it is to give ID information, the more palatable it is to ask for, or demand it.