Digging DigID
Keep on diggin', Dave sez. So a
bunch of us have been diggin' on the DigID (digital ID) issue off-line.
By mutual agreement Dr. Weinberger has put the
tread on-line, at JOHO
the Blog.
I'm sure there will be more. Stay dug.
DigID, cont'd. Mitch weighs in. People own their identities and should continue to own them as they migrate into electronic environments (not just markets). But where the ID resides, whether on the user's computer or a server somewhere, is irrelevant; how we share that information and whether we have the freedom to remain anonymous is the issue. This requires that individuals own their identity. OWN, with full rights to revoke access to their identity.
Agreed. Here's a kicker: Dee Hock, the founder of VISA, has told me that the one thing he really regrets and would substantially change if he had it to do over again, is that VISA customers have no voice in the governance of the VISA system. He'd have the people who sign up for cards get a voice in policy about privacy and even a share of the economic value created by the pooling of the information that describes them to member banks.
That's a marching clue if I ever heard one. Mitch goes on: If you have to accept a DRM to get a Digital ID, then it is awful, because it imposes a coerced form of authentication on the user; they are right about this problem, but missing the larger issue of the fact that an organization is always involved... An open user-owned identity system would empower customers and resolve the problems Doc refers to, that of comparing prices, but it would raise the bar substantially in terms of the value of the identity. We can trade on the exposure of our identity or lack thereof, getting discounts for sharing more information, just as David says. That bargaining will never stop, because companies always want more information about us. None of the systems vying for market acceptance acknowledges the sovereignty of the individual identified, placing the ultimate decision about what to do with user information in the hands of people who view that information as an asset. As we already know from the fluid "privacy policies" of Web sites, which can be transformed overnight by management fiat or a merger that replaces the old policies with new ones, no organization, except one owned by the identity owners--individuals--is safe from that threat.
Which is, in much more detail, a big part of what I mean by "sovereign" identity. This thing has to start with the individual, and proceed out to the marketplace from there. Ownership is critical. By the way, this is exactly the kind of stuff that Andre told me a year ago, and that got me interested in what he and Bryan were doing with PingID. [The Doc Searls Weblog]
Mydentity & Ourdentity vs. Theirdentity. The DigID polylog continues. Here are Eric, Eric again, Mitch and Britt. So far. It's getting real interesting now. Rather than take them all on, I'll give you some thougts that came to me after reading something Eric says in that first post above: I think there's a misunderstanding around a T2 identity here. A T2 identity is (for instance) the title that you have a job. So let's say you're: Doc Searls
Senior Editor, Linux Journal and along with that title (and the accompanying benefits of it), you were issued a corporate credit card. These identities were issued to you and are temporary and conditional -- ie, if you get fired, you no longer have those identities. Compare that with a T1 -- that's your own individual identity....and therein I think Mitch is absolutely right -- we own it. period. T3 is the aggregated "identity" that is gathered via the marketing complex....I'm Eric Norlin, 31, holder of an Amex card, likes snicker's bars and drives a 1990 Acura Integra. Who owns this identity? The corporations will tell you its not you......probably some gray area here.
I'm suggesting three new names for the three tiers, and an explanation for each: - Tier 1 is Mydentity. It's the central and sovereign self-made and self-actualized polyhedron of my very self. It's as exposed and anonymous as I want it to be. It is on the various facets of this core ID that I allow others, with my consent, to paint the next layer...
- Tier 2, which is Ourdentity. It doesn't belong to me alone, nor to those who confer it upon me. My title with Linux Journal exists by mutual agreement. So do the IDs on my credit and membership cards. Some say David Searls. Others say Doc Searls. Agreements about each with the conferring entities keep the whole thing sane. As for the ownership issue, it's a bit of a red herring. Look at it this way: who 'owns' a contract? Or a marriage? Or a friendship? We're talking about agreements and relationships here. Until we build out a Mydentity-based DigID system, we'll continue to content ourselves with multiple Ourdentities (library cards, credit cards, bank accounts, etc.) which are each central to a relationship with just one company or other entity (DMV, local public radio station, coffee shop, whatever), and generally on the terms provided by the other (conferring) party. So far there is nothing that allows me to manage that relationship from my end, for example to selectively share aspects of my identity and its preferences with parts of the world other than those with whom I have any one given relationship. Nor are there ways to assert myself as an actual or potential customer ("I've got a Jabber XML session here that says I'm present in your zip code, Starbucks, and ready for my usual double cappuchino when I get off the exit in about five minutes") and make it persist across multiple relationships and categories ("Hey, coffee and wine shops, I'll be in town for the next day with a laptop and a PDA that are wondering who's ready for my business."). What we have no is built for consumers, not customers. We need to change that.
- Tier 3 is Theirdentity. This is about educated guesswork by marketers who, while they may have my name, generally know little more than a few demographic facts about me (e.g. age and zip code) [~] just enough to risk sending me, and 5,000 others they think are just like me, a piece of junk mail that stands less than a 1-in-20 chance of snagging me. When we have relationships between Mydentities and companies interested in the rich possibilities of Ourdentities, Tier 3 Theirdentities start going away. And another implementation stage of Cluetrain is underway.
My thoughts at midnight, anyway. [The Doc Searls Weblog]
5:28:32 AM 
|
|
