The Fifth Law of Identity

Doc Searls has written about a conversation he had where Dave Winer says:

Doc Searls, bless his heart, offered RSS and podcasting as examples of technologies that were simple, therefore successful, and suggests that identity, if it were to be approached the same way, might have similar success. Bzzzt. Wrong. RSS was not easy, it was hard, for exactly the same reasons identity is hard. Too many cooks spoil the broth. Two ways to do identity is one too many.

The problem is that – at the same time – one way to do identity is too few. And this is what explains why the creation of a universal system of identity is one of the greatest challenges blocking the evolution of technology and the virtual world.

If you think about the requirements for governmental identity as expressed, for example, by the authors of the British Identity Card Bill we have just been considering, it becomes pretty clear that what may fly in the United Kingdom might not be appropriate for use in the Netherlands or even the United States. How would imposition of a Chinese-designed identity system go over in Texas? (Or put another way, how would the hegemony of a Redmond-designed system be received in Brussels?)

Further, a system appropriate for use with any government would in general be unsuitable for use in identification of employees by an employer.

Customers and individuals browsing the web will in turn want different levels of privacy than is likely to be provided by any employer.

So when it comes to identity, it is not only a matter of having identity providers run by different parties (including individuals themselves), but of having identity systems that offer different (and potentially contradictory) features.

A universal system must therefore embrace differentiation, while recognizing that each of us is simultaneously – in different contexts – a citizen, an employee, a customer, a virtual persona.

Thus I would say to Doc and Dave that different identity systems need to be able to exist in a metasystem based on a simple encapsulating protocol and surfaced through a unified user experience that allows individuals and organizations to select the appropriate identity providers and features as they go about their daily activities.

To put all of this another way, the universal identity system must not be another monolith. It must be both polycentric (federation implies this) but also polymorphic (existing in different forms). Which leads directly to the fifth law:

The Law of Pluralism:

A universal identity system MUST channel and enable the interworking of multiple identity technologies run by multiple identity providers.

It is this which will allow an identity ecology to emerge, evolve and self-organize.

Dave Winer's RSS is so powerful because it vehicles any content. We need to see that identity itself will have several – perhaps many – contents, and yet these can be expressed in a metasystem.

Published by

Kim Cameron

Work on identity.