September 18, 2005

Piling on 2: "The Importance of Identity" Online and off

In the immediately preceding post (Piling On: "The Importance of [the word] Identity"), I made a pedantic quibble with a generally good post byPhil Windley on the "Importance of Identity." The first post raised my persistent trouble with the use of the word "identity" and the flexibility of the language in general. In this post, it's my aim to pile on and add support to Phil and Jon Udell's observation and proposition that this identity thing transcends the "digital" qualifier that we have attached to it.

First things first. It is impossible not to agree with the foundational premise that, as Phil Becker repeats continuously, "ID is at the center." Whether the context is commercial transactions and ecommerce online, business-to-business activity, public/national security and safety, or just plain old making it through the complexities of everyday life, presenting and proving ourselves to others precedes all other activity. It is, in effect, becoming the price of entry in all manners of civil society.

Second, at present as we attempt to sort out the "digital" identity for online use, "analog" credentials are being used as a measure to address the need. It is, of course, suboptimal because the majority of these "offline" credentials have limitations on being used for "online" activity. The important matter here may not be the obvious inadequacy but rather the fundamental need for correspondence between so-called "offline" and "online" identity. The nature of the credential that purports that identity must, equally obviously, be suited to the nature of the medium in which it is being used. "Digital" as a modifier may have value only in specifying the primary medium for use of the credential rather than making the "identity" distinct and separate as tends to happen given the state of the language of identity.

Third, the distinctions between "corporate" and "personal/private" identity are or will soon be blurred to the point of irrelevance in many respects. This is a secondary function of the evolution that is being witnessed with this realization that "digital" itself is in fact an artificial distinction. True, it is easier to design and structure a system by limiting the application (aphoristically, "not boiling the ocean," or "eating the elephant one bite at a time," and so forth), and that has substantially happened by focusing on the commercial application of identity. Makes perfect sense: as Deep Throat intoned, "Follow the money." But, just as businesses have made use of Driver's Licenses and other acceptable credentials as a foundation for their own narrow-use identities (e.g., facility badges, HR records, etc.), so too can we expect the same to continue in the future. Wholesale redevelopment of "digital" identity as distinct from "identity" is unlikely to happen except at a technological and process level making the credential work within the context of the new environment in a way that satisfies anonymity, privacy, security, and certainty needs.

Fourth, because the national identity card notion raises the spectre of Big Brother and is objectionable to free people everywhere, and the organic development of an identity system in pockets without standards is too anarchical (maybe that's not a word, but you get my meaning), some system not especially different from that that exists in the "analog" realm today will eventually succeed. It will be characterized by the following traits:

  • A unique person will have a unique "identity" in the sense of being an identifiable individual among billions of others. That "identity" will be created by an authority such as a government at birth and "decommissioned" by the same government at death.
  • Every uniquely identified person will have the opportunity to create or accept a variety of credentials attesting to some attributes of that person/identity. There will be many providers of those credentials. Some will be more acceptable to businesses, other governments, other people, and so forth than others. Each individual and each accepting party will have the choice of which credentials it prefers to accept as a testimony of the person (identity) and certain permanent (e.g., age, sex) and transient (e.g., residence address, employer, etc.) attributes.
  • Many other credentials derived from those fundamental identity-credentials will be issued and rescinded from time to time over a lifetime. They will provide and attest to different sets of (contextually valid) attributes. They may or may not be supported by association to one of the core credentials issued by one of those few providers of the base identity credentials. (Today these might be the DMV, Passport, etc.)
  • No doubt there are more characteristics. Frankly, however, this is a good start that doesn't narrow down the possibilities too much. Underlying it all, however, is the critical fact that "digital" does not create or mean separate identity as much as it specifies a form of credential and requirement for a medium of information exchange. Identity is identity. Period.

    I might be wrong. So far it's looking pretty good though. And my song remains the same.

    Posted by Grayson at September 18, 2005 01:54 PM