It breaks the law of minimal disclosure to reveal that “the person looking up Case X right now is the same person who looked up Case Y last weekâ€ when there is no need to do so.
A big correction was in the cards…
The PPID (or other authenticated identifier) delivered by an InfoCard could be used to animate a back-end protocol…
What are the relative benefits and problems of storing people's personal information versus asking for it on demand?
Kim Cameron Identity and Access Architect Microsoft Corporation May 2005 Applies to: Security Web development Web services Summary: Understand the dynamics causing digital identity systems to succeed or fail in various contexts, expressed as the Laws of Identity. Together these laws define a unifying identity metasystem that can offer the Internet the identity layer it … Continue reading THE LAWS OF IDENTITY
When I presented the Laws of Identity at the DIDW conference, someone asked how we would “enforce the laws”. I tried to explain that the laws are not what Bob Blakley calls “desiderata” – things that we would like to see. They are the objective characteristics of an enduring identity system at Internet scale. Timothy … Continue reading CardSystems appointed Professor of Identity
Second Law of Identity Before we get to take a walk on the Norlin side, it's time for the Second Law of Identity. And it's simple enough: The Minimal Disclosure Law of Identity The solution which discloses the least identifying information is the most stable, long-term solution. The thesis here is that the more identifying … Continue reading Second Law of Identity
But despite real positives, the bill as currently formulated leaves me eager to consult a bevy of lawyers…
A good example of “Privacy By Design” delivering tangible benefits
Whatever you do, stay away from a Mega Thruster Exhaust System