Second Law of Identity
Before we get to take a walk on the Norlin side, it's time for the Second Law of Identity. And it's simple enough:
The Minimal Disclosure Law of Identity
The solution which discloses the least identifying information is the most stable, long-term solution.
The thesis here is that the more identifying information is released, the more a solution invites abuse by rogue (and ultimately criminal) elements. We will return to a more rigorous discussion of these dynamics later in our conversation. For now, we will just point out that we are getting many reinforcing reports about the increasing professionalism and criminalization of identity attacks.
Let's now go back to the case of Eric's polycomm (by the way, I saw a ‘polycom’ at Bartell's today ! – but luckily it only had a single “m”. I will try to get a photograph, though of course that might be dangerous…) If you missed out on the polycomm idea – which set the terms of reference for the current scenario exploration – please take a look at this.
The second law of identity tells us:
A solution in which the polycomm had to query my mobile phone for a social security number and then use this as a key for discovering the address of an all-knowing mp3 service would be much less stable than one which allowed the polycomm to query the mobile phone directly for the address of an all-knowing mp3 service.
But this latter would still be a relatively unstable service since it would need to be able to collect and potentially divulge all my music preferences.
The most stable solution would be one where the polycomm simply asked my anonymous (i.e. next generation) mobile phone what music selection “the anonymous I” would like to hear next.
In our example, the second law of identity applies as follows… (where “<” means “divulges less identifying information”)…
momentary anonymous listener preference < well-known individual music profile < citizen SSN
To consider potential economic value in these three cases:
Information linking my Citizen SSN to other identifying information is worth a lot. Protecting it is a complex and difficult long-term goal with continuously increasing associated costs, since this information will become an ongoing target of escalating professional attacks.
My full individual music profile – if systematic in the sense that computers can guarantee – has a potential (and therefore covetable) value for those marketing music.
But my “momentary anonymous listener preference” has no value to anyone but me.
Thus “momentary anonymnous listener preference” is a solution less likely to involve negative and anti-social side-effects than the other solutions.
And our law of identity is thus analogous to any prudent advice involving risk: minimize it.