Identityblog Privacy Policy

This notice is the entire privacy notice for the site at which is solely owned and operated by Kim Cameron.

Personal information usage and storage 

  • In order to leave comments on the blog, I will ask you to log in and provide personal information (possibly via the intermediary of your social network provider if you reuse an existing social identity): a first name, last name, a ‘display name’ and an email address.
  • I don’t require that your first name, last name, or display name correspond to your natural identity. However you must be able to prove you can access to your working email address.
  • Each time you authenticate, I also employ a personal identifier – a random number used only at and created by your identity provider or our identity management system that I associate with you.
  • This information is stored in a WordPress mySQL database and protected by our identity management system.
  • The display name is retrieved from our database to identify your comments.
  • The email address is used as an anchor in case you are unable to authenticate to your identity provider: by proving ownership of the address you can register with another identity provider.

No combining or revealing of information

  • The information I collect will not be combined with information obtained from other services and companies.
  • The information will not be revealed to other companies or organizations under any circumstances unless I am legally required to do so.

No persistant cookies or tracking of your reading 

  • If you do not authenticate by using our identity management system, no cookie is generated and no tracking is done.
  • When you authenticate using our identity management system (and possibly a social networking provider), I create a session cookie to give you a better experience when leaving comments.  The time and IP address of your authentication may be stored in an audit database so we can aggregate the data and graph Identityblog usage.  No other tracking is done.
  • The cookie is not reused between sessions.
  • Under no circumstances do I track which postings you have read or searches you have done.


  • You will never be sent an email except a) to prove possession of your email address during registration or b) to reconnect you with identityblog in case of technical or operational issues… I assure you that you will never be sent a ‘reconnection’ message more than once in any three year period.

Updating your personal information

  • To change your personal information, please use the ‘Update Profile’ link after you log in. The system will be updated automatically.

This is a personal blog and my goal here is to convey why and how I am using (and will use) any information I ask you to provide. If you have other questions I should answer or comments on my policy, please let me know.

Published by

Kim Cameron

Work on identity.