Privacy characteristics of the Identity Metasystem

Microsoft has just completed a whitepaper that looks systematically at how the proposal for an Identity Metasystem advances privacy.  

The document offers a useful general overview of how the Metasystem is intended to work – in a form I think will be accessible to those concentrating on policy.  It also contains an instructive analysis of how the Metasystem embodies the principles articulated in the European Uniion data protection directives. 

I will run some exerpts that I think will be of general interest.  But I suspect all those interested in policy and identity technology will want to download the document, so I've added it to the roster of Identityblog white papers. 

  1. Privacy & MetasystemIntroduction
  2. Existing ID Card Schemes
  3. Anonymity, Privacy, and Security
  4. The Identity Metasystem
  5. The Seven Laws of Identity
  6. Roles
  7. Microsoft’s InformationCard Technology: Windows CardSpace
  8. Scenario One: Basic Protocol Flow
  9. Scenario Two: Protocol Flow with Relying Party STS
  10. User Experience
  11. Creating an Information Card
  12. Logging In with an Information Card
  13. Submitting an Information Card
  14. Example of InformationCard Interaction
  15. Privacy Benefits of Windows CardSpace and the Information Card Model
  16. Protection of Users Against Identity Attacks
  17. Information Card Technology and EU Data Privacy
  18. Overview of EU Data Privacy Law
  19. Data Controllers and Their Legal Obligations
  20. EU Data Privacy Laws and Information Cards
  21. Legitimate Processing
  22. Proportionate Processing
  23. Security
  24. Limits on Secondary Use
  25. Conclusion
  26. Acknowledgments 

From the Executive Summary:

Just as individual identity is fundamental to our face-to-face interactions, digital identity is fundamental to our interactions in the online world. Unfortunately, many of the challenges associated with the Internet stem from the lack of widely deployed, easily understood, and secure identity solutions. This should come as no surprise. After all, the Internet was designed for sharing information, not for securely identifying users and protecting personal data. However, the rapid proliferation of online theft and deception and the widespread misuse of personal information are threatening to erode public trust in the Internet and thus limit its growth and potential.      

Microsoft believes that no single identity management system will emerge and that efforts should instead be directed toward developing an overarching framework that connects different identity systems and sets out standards and protocols for ensuring the privacy and security of online interactions. Microsoft calls this concept the Identity Metasystem. The Identity Metasystem is not a specific product or solution, but rather an interoperable architecture that allows Internet users to use context-specific identities in their various online interactions.

This paper describes the Identity Metasystem and shows how it can meaningfully advance Internet user privacy. In particular, it will show how Microsoft’s contribution to the engineering of the Identity Metasystem—the Information Card technology—promotes privacy in three primary ways:

  • First, it helps users stay safe and in control of their online identity interactions by allowing them to select among a portfolio of digital identities and use them at Internet services of their choice. These digital identities may range from those containing no or very little personal information (perhaps nothing more than proof of an attribute such as age or gender) to those with highly sensitive personal information needed for interacting with financial, health institutions, or obtaining government benefits. The key point is that a web site or service only receives the information it needs rather than all of the personal information an individual possesses.
  • Second, it helps empower users to make informed and reasonable decisions about disclosing their identity information by enabling the use of a consistent, comprehensive, and easily understood user interface. Moreover, this technology implements a number of advanced security features that help safeguard users against identity theft by reliably authenticating sites to users and users to sites.
  • Third, and more generally, Information Card technology is hardwired to comply with data privacy laws and conforms to key requirements in the European Union’s privacy regime, including legitimate and proportionate processing, security, and restraints on secondary use.

In short, this new framework and new technology offer a cutting-edge solution to the digital identity debacle that is stifling the growth of online services and systems.

I want to congratulate Ira Rubinstein, Internet Policy Counsel for Microsoft, and Tom Daemen, a senior attorney in his group, for writing this analysis.  Other contributors include our Chief Privacy Stragegist, Peter Cullen, and Caspar Bowden, Chief Security and Privacy Officer for Europe.  Not to mention the inimitable Mike Jones, well known for his contribution to Identity Metasystem thinking.

Although the document uses the Cardspace implementation in illustrating its points, it's my hope that everyone working on the Identity Metasystem across the industry benefits from this work, since the notions apply to all of us.

Published by

Kim Cameron

Work on identity.