thoughts and observations of a privacy, security and internet researcher, activist, and policy advisor

Wednesday, August 27, 2008

Laws of Identity Iterations - or: The Nexus Between Morality, Subjectivity, and Empirical Knowledge

Kim Cameron has recently tried to shorten his "Laws of Identity". This started an interesting semantic process, which I will address at the end. But first, let's have a look at the iterations.

Here are Kim's original laws:
  1. User Control and Consent: Digital identity systems must only reveal information identifying a user with the user’s consent.
  2. Limited Disclosure for Limited Use: The solution which discloses the least identifying information and best limits its use is the most stable, long-term solution.
  3. The Law of Fewest Parties: Digital identity systems must limit disclosure of identifying information to parties having a necessary and justifiable place in a given identity relationship.
  4. Directed Identity: A universal identity metasystem must support both “omnidirectional” identifiers for use by public entities and “unidirectional” identifiers for private entities, thus facilitating discovery while preventing unnecessary release of correlation handles.
  5. Pluralism of Operators and Technologies: A universal identity metasystem must channel and enable the interworking of multiple identity technologies run by multiple identity providers.
  6. Human Integration: A unifying identity metasystem must define the human user as a component integrated through protected and unambiguous human-machine communications.
  7. Consistent Experience Across Contexts: A unifying identity metasystem must provide a simple consistent experience while enabling separation of contexts through multiple operators and technologies.
Here are the new and shortened ones:
  1. People using computers should be in control of giving out information about themselves, just as they are in the physical world.
  2. The minimum information needed for the purpose at hand should be released, and only to those who need it. Details should be retained no longer than necesary.
  3. It should NOT be possible to automatically link up everything we do in all aspects of how we use the Internet. A single identifier that stitches everything up would have many unintended consequences.
  4. We need choice in terms of who provides our identity information in different contexts.
  5. The system must be built so we can understand how it works, make rational decisions and protect ourselves.
  6. Devices through which we employ identity should offer people the same kinds of identity controls - just as car makers offer similar controls so we can all drive safely.
Pamela Dingle still thinks this would not "resonate with people like my Mom". So she came up with the laws in even more colloquial terms:
  1. Don't do anything with my data unless I say so.
  2. Don't ask for or keep my data unless you have to.
  3. Don't let anyone see my data unless there is a good reason.
  4. I get to choose whether my data in one place is connected to my data everywhere else.
  5. I get to choose who speaks for me and I reserve the right to change my mind.
  6. If the easiest way to use the tool isn't the safest way to use the tool, the tool isn't built right.
  7. Agree on one way to do things so that I can be successful everywhere regardless of the tool I use.
But Pamela has more.
"If I could use any terms I wanted and assume that everyone understood them, I could get even shorter":
  1. Don’t share my information behind my back.
  2. Don’t take more information than you need.
  3. Don’t expose my information unnecessarily.
  4. Don’t link me or allow others to link me unless I want to be linked.
  5. Don’t lock me into silos.
  6. Don’t tell me to RTFM in order to be secure.
  7. Don’t let the product interfere with the ceremony.
The interesting thing I noticed is how the meaning of the laws changes along the way.

Kim's original laws have the remainders of empirical laws in them. This important aspect is much clearer in the very long version, but you can still see that the laws are meant as something that is based on observation, like the laws of physics: If you don't keep them in mind, stuff just won't work.

Kim's short version has exchanged a lot of the "must" wording with "should", which makes it sound much more like a moral statement.

Pamela's "for my mum" version goes further down this road. It takes a radically subjective perspective and tells the world what she wants to happen to her data, and how the systems she deals with should be built.

Her "favourite" version again changes the attitude and only works with "don't", which is clearly directed to the technology community from a user perspective, implicating the annoyance with many current systems.

So in the end, we have arrived full circle at the start, but know a bit more about the whole thing:

If the users don't want it, it just doesn't work. And there is even some morality behind it.