Continuing on the trek through my spam folder, a friend had sent me a pointer to this posting by a small company called Opinity that Ester Dyson had called “extremely interesting” at the Berkman identity meeting.
I've known the Opinity guys for a while now, but they have very much solidified their thinking and really thought hard about how to make their system accord with the Seven Laws. I think it's one of the more forward-thinking social computing initatives I've seen. They have great ideas for delivering new experiences without screwing up on the privacy front.
Last week, Ted Cho and Bill Washburn, two of the head guys at Opinity, had a talk with Kim Cameron, Microsoft's identity guy (which you probably knew already). This was a continuation of a discussion that goes back to last summer. As a result of these talks and our own ongoing focus, Opinity will implement Microsoft's InfoCard into Opinity 2.0.
This is not, as the saying goes, ‘a deal.’ This is a mutual agreement to work together on implementing Microsoft's identity management into Opinity's services.
From our point of view, it is an opportunity to get many of the features we want to offer our users into play–to put some software into people's hands that will enable them to manage their online selves. We like Kim Cameron's ideas and stated intentions. His Laws of Identity (which might more accurately be called “Desirable Principles of Identity Management,” but, really, that's not a very snappy title) provide an excellent way of thinking about open and user-controlled identity. Infocard gives those ideas concrete form.
So we're confident that this is a good start, a way of getting actual users into the game and manifesting our own commitments to user control of personal information. As I have said here in various ways, we want to give users the abilities to:
construct as comprehensive and detailed a picture of themselves as they choose
include whatever information they think is relevant
authenticate whatever information they wish give the information only to people they choose give the information only in situations they choose
It's like this: in a particular transaction, you want to verify you're over twenty-one and live in Denver; you should be able to reveal that information on that occasion, show that it's validated, and nothing else.
How all this will work out in practice remains to be seen–as Yogi Berra pointed out, prediction is difficult, especially of the future. We think InfoCard will set us on the road to making all this happen, and so we're committed to adopting InfoCard.
I should also point out that we're not locking anyone out. Doing so is not Kim Cameron's vision, and it certainly isn't ours. We remain standards-agnostic.
Personally, I also believe that we're seeing the emergence of identity management as something users can actually do. Bill Gates pushed hard for InfoCard in his talk at the RSA Conference, and Verisign has announced its endorsement of InfoCard, the announcement coming soon after its anouncement that eBay, Yahoo, and Motorola have signed up for Versign's online identity protection program, VIP. So you connect eBay-Yahoo-Verisign-Motorola to InfoCard and InfoCard to Windows Vista, and all of a sudden you have the possibility of millions of users getting their hands on managing their own identies. Also, the inclusion of Motorola in this deal could mean that millions of cellphone users could be part of all this.
One final thing I'd note about InfoCard: with it, users can assert information about themselves and aren't simply at the mercy of identity “providers.” This means that users can claim their own identities. It's about time, and we're totally stoked–to use the technical term–to see it happening.
I don't want to sound like a nag, but over time we'll see whether the Laws of Identity are really nothing more than “Desirable Principles of Identity Management.” I think people will eventual see that these are objective laws of distributed human systems that, over time, will gate what fails and succeeds as a widespread identity framework.