{"id":871,"date":"2007-10-09T22:44:56","date_gmt":"2007-10-10T06:44:56","guid":{"rendered":"\/?p=871"},"modified":"2007-10-09T22:51:28","modified_gmt":"2007-10-10T06:51:28","slug":"bob-blakley-on-the-identity-oracle","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=871","title":{"rendered":"Bob Blakley on the Identity Oracle"},"content":{"rendered":"<p>As you can <a href=\"http:\/\/identityblog.burtongroup.com\/bgidps\/2007\/10\/what-the-identi.html\" class=\"broken_link\">read here<\/a>, Bob Blakley&nbsp;thrashes&nbsp;me for&nbsp;my characterization of an&nbsp;Identity Oracle as &#8220;<em>his sexy name for the&nbsp;claims transformer generating \u00e2\u20ac\u0153minimal disclosure tokens\u00e2\u20ac\u009d.<\/em>&nbsp;&nbsp; He thinks I&#39;m being geeky, and I probably am, but hey, geeks are people too.<\/p>\n<p>He puts it this way:<\/p>\n<blockquote><p>&nbsp;This statement is utterly and completely wrong.&nbsp; An Identity Oracle is <u><strong><em>NOT<\/em><\/strong><\/u> a \u00e2\u20ac\u0153claims transformer generating minimal disclosure tokens\u00e2\u20ac\u009d.&nbsp; It\u00e2\u20ac\u2122s not even a claims transformer.&nbsp; It\u00e2\u20ac\u2122s not even a server.&nbsp; It\u00e2\u20ac\u2122s not even technology.<\/p><\/blockquote>\n<p>&#8220;It&#39;s not even technology.&#8221;&nbsp; I guess it &#8220;just happens&#8221;.&nbsp;&nbsp;Reminds me of how&nbsp;Bentley Motorcars <a href=\"http:\/\/www.bentleymotors.com\/Corporate\/display.aspx?infid=318\" class=\"broken_link\">describe <\/a>what others would call a factory:<\/p>\n<blockquote><p>This isn\u00e2\u20ac\u2122t a factory visit. It\u00e2\u20ac\u2122s the Bentley Experience.<\/p><\/blockquote>\n<p>But let&#39;s&nbsp;not turn our backs on&nbsp;Bob&#39;s pain:<\/p>\n<blockquote><p>I\u00e2\u20ac\u2122ve said twenty times from various stages and in writing on my personal blog and here that as long as we continue to try to solve privacy problems using technology, we are going to continue to fail, and the Internet will continue to lack an identity layer, and it will continue to be a privacy hazard.&nbsp; Identity and privacy are not technology problems \u00e2\u20ac\u201c they\u00e2\u20ac\u2122re social, legal, and economic problems \u00e2\u20ac\u201c and no technology can solve these problems.<\/p><\/blockquote>\n<p>Of course I agree that technology can&#39;t solve problems, only its design and usage can.&nbsp; Although identity and privacy are social, legal and economic problems, they are technical ones too.<\/p>\n<p>It&#39;s paradoxical that I have to be the&nbsp;person to suggest that&nbsp;The&nbsp;Burton Group&nbsp;take in a bit of lawyer Lawrence Lessig&#39;s thinking about these matters,&nbsp;nicely summarized <a href=\"http:\/\/www.complete-review.com\/reviews\/lessigl\/code.htm\">here<\/a>:<\/p>\n<blockquote><p>Lessig&#8230; addresses the two forms of code that dominate the Internet: legal code (law) and machine code (the technology supporting the Internet).&nbsp; As Lessig points out, the influence of both must be understood, as both will determine the shape of the future.<\/p><\/blockquote>\n<p>That has become a bit of a mantra for me, and one of the reasons why, when I see interesting policy ideas, I try to understand how they relate to &#8220;code&#8221;.<\/p>\n<p>Anyway, let&#39;s get to all the good points&nbsp;Bob makes.&nbsp; Here&#39;s the basic dialog a service has with the Identity Oracle:<!--more--><\/p>\n<blockquote><p>\u00e2\u20ac\u0153I am allowed to extend service to Bob only if he is above the legal age for this service in the jurisdiction in which he lives. [Policy &#8211; ed.]&nbsp; Am I allowed to extend service to Bob? [Claim request &#8211; ed.]\u00e2\u20ac\u009d<\/p>\n<p>And the Identity Oracle\u00e2\u20ac\u2122s response looks like this:<\/p>\n<p>\u00e2\u20ac\u0153Yes.\u00e2\u20ac\u009d [Claim response &#8211; ed.]<\/p><\/blockquote>\n<p>And here&#39;s what makes this dialog [transformer &#8211; ed.] interesting:<\/p>\n<blockquote><p>The Identity Oracle, in normal operation, acts as a trusted agent for the user and does not disclose any personal information whatsoever; it just answers questions based on GiCorp\u00e2\u20ac\u2122s stated policies (that is, it distributes only metadata about its users \u00e2\u20ac\u201c not the underlying data).&nbsp;<\/p>\n<p>The Identity Oracle <em><strong>charges<\/strong><\/em> GiCorp and other relying-party customers money for its services.&nbsp; The <strong><em>asset<\/em><\/strong> on the basis of which the Identity Oracle is able to charge money is its database of personal information.&nbsp; Because personal information is its only business asset, the Identity Oracle guards personal information very carefully.<\/p>\n<p>Because disclosing personal information to relying-party customers like GiCorp would be giving away its only asset for free, it strongly resists disclosing personal information to its relying-party customers.&nbsp; In the rare cases in which relying parties need to receive actual personal data (not just metadata) to do their jobs, the Identity Oracle requires its relying-party customers to sign a legally binding contract stating what they are and are not allowed to do with the information.&nbsp; This contract contains indemnity clauses \u00e2\u20ac\u201c if GiCorp signs the contract and then misuses or improperly discloses the personal information it receives from the Identity Oracle about Bob, the contract requires GiCorp to pay a large amount of cash money to the Identity Oracle, which then turns around and reimburses Bob for his loss.<\/p>\n<p>This system provides Bob with much stronger protection than he receives under national privacy laws, which generally do not provide monetary damages for breaches of privacy.&nbsp; Contract law, however, can provide any penalty the parties (the Identity Oracle and its relying party customers like GiCorp) agree on.&nbsp; In order to obtain good liability terms for Bob, the Identity Oracle needs to have a valuable asset, to which GiCorp strongly desires access.&nbsp; This asset is the big database of personal data, belonging to the Identity Oracle, which enables GiCorp to do its business. And allows the Identity Oracle to charge for its services.<\/p><\/blockquote>\n<p>Demonstrating&nbsp;that it is in the interests of information providers to monetize information by&nbsp;NOT giving it away is important.&nbsp; Showing how this&nbsp;improves privacy and security of transactions makes it a double whammy.&nbsp;&nbsp;I&#39;m a big supporter, and I don&#39;t mean to in any way minimize&nbsp;Bob&#39;s contribution or uber point.&nbsp; However I consider it key that this service can be provided within the same architectural framework&nbsp;as other identity services &#8211; that it can run on the tracks we are currently laying down.&nbsp; I would think Bob would see that as positive.<\/p>\n<p>But he&nbsp;continues:<\/p>\n<blockquote><p>As long as we keep talking about \u00e2\u20ac\u0153claims transformers\u00e2\u20ac\u009d (which are computers) instead of \u00e2\u20ac\u0153identity providers\u00e2\u20ac\u009d and \u00e2\u20ac\u0153identity oracles\u00e2\u20ac\u009d (which are businesses) we are going to continue to build products nobody uses.&nbsp;<\/p><\/blockquote>\n<p>Actually, people use a lot of the identity products&nbsp;we work on.&nbsp; More than 87% of&nbsp;large enterprises last time I looked &#8211; one reason why a wide, open&nbsp;discussion of identity&nbsp;technology is so important.&nbsp; I expect that when we build claims transformers into products they will be used too.&nbsp; Everything is in the application.<\/p>\n<p>But back to the main point.&nbsp; Bob is right in terms of commercial consumer identity providers:<\/p>\n<blockquote><p>It\u00e2\u20ac\u2122s not an accident that there are no commercial consumer identity providers today \u00e2\u20ac\u201c no one is paying any attention to how such an entity would make <strong><em>money,<\/em><\/strong> and until investors know how they\u00e2\u20ac\u2122re going to get paid, nobody is going to go into the Identity business.<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>Is Bob&#39;s Identity Oracle really divorced from technology?<\/p>\n","protected":false},"author":68,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[37,8,11],"tags":[],"_links":{"self":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/871"}],"collection":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=871"}],"version-history":[{"count":0,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/871\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=871"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=871"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=871"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}