Saturday, June 29, 2013

Info Age Fail 8: Fixing Identity

(This is part 8, Find Part 1 here.)

The first step to fixing the great information age fail is to fix identity. There needs to be a reliable way to prove you are you. (Note the way that is said: You prove who you are, not they determine who you are...).

Don't expect to leave this post with all the answers. It won't offer any answers. It is the framework on which the solution(s) will be built.

There are some key characteristics of this identity system:

It needs to have both a digital, and a physical form. It needs to be able to prove I am me to people in the real world, and to people and computers in the online/digital world. Perhaps a small card with USB and/or RFID and/or magnetic strip interfaces.

It must be a universal system. The same ID that works in New York must also work in California, Singapore, Taiwan, Paris, Rome, Moscow ...

The ID system must NOT be owned or maintained by any government or corporation. Ownership and maintenance must be distributed, the standards behind it must be open, unencumbered by patents or copyrights or other intellectual property rights. It must not in any way rely on any one individual, group, or ideal for operation.

The ID system must ONLY be an ID system. The ID database has the sole purpose of validating who you are. The open API of the system will allow (with the ID owner's permission) the ability to use it as a Single-Sign-On device (for example you can authorize the company you work for to allow your ID card to be used within their security door database, and computer login database.

The ID system must allow the user to Control its use. This might be accomplished by a PIN, a biometric interface,... The ID system might require a registered database of authenticator clients, and the ID holder would need to authorize each authenticator.

It must be illegal to require use of the ID system. Control of the ID and it's use is solely at the discretion of the user. Discrimination against non-ID users must be strictly forbidden and strongly penalized (Though there will be some systems which utilize the ID system, and which will provide a certain level of privilege to users, more on that later.

Remember, this is NOT the solution, this is the framework. There are other bits that are essential both to fix the information problem, and to protect the ID system. More to come.

<to Part 9>

No comments:

Post a Comment