Saturday, June 11, 2005

What? I own my identity? You're kidding ...

I'm way behind on reading and posting, and now I'm playing catch-up. I have been so busy with my new "full time" job, along with working on three different start-ups. Oh yeah ... and with a family. :-)

So this post caught my eye, just because Jim Kobielus would say something so outrageous in my opinion. Anyone who has readm my First Axiom or Second Axiom will immediately know that there is no way that I could ever agree with this kind of statement:
Each person is the only legitimate owner of their identity, all manifestations of that identity, and all associated identity attributes.
What? Are you kidding? What a self-centered perspective of the world! Your identity is completely given to you. It was created and attributed to you by someone else, or some other organization. There is always someone else who knows this information about you, since they are the one(s) who gave it to you! Our identity is an aggregation of perspectives of us, given to us by the communities that we belong to. We can een have different and conflicting identity attributes at the same time ... because we can be members of different communities simultaneously and each of them can offer differing perspectives.

I believe that one of the biggest hurdles that is impacting the successful creation and deployment of Identity Management Solutions is this complete misunderstanding of the origins of our identity. I can understand the "feel good" nature of a comment like this, but as I disassemble the statement it all collapses around one core point ... that a "person is the only legitimate owner of their identity." If my identity is given to me by some community, how I can I be the owner of it? I am the recipient of it ... I have a community pointing their finger at me saying that it is true and accurate ... I even have to refer anyone asking for verification back to that community to have it proven.

It might be true that I would like to have as much control as possible, but there are other people who already know this information. In fact, there is a whole load of identity information that I give away simply by being available for public observation. Any of the other attributes are all ones that I get from elsewhere ... I am told what my identity is by someone else ... and that person or community is the owner of that observation.

I'll even go further ... since I've been wanting to write about this:
No person has a reputation as an absolute. All reputation is generated as an observation by another. All reputation is relative to some other person or community. A reputation is something that is said about you ... you don't have it.

Anyhow ... Jim ... we disagree on this note. I get that you might like this, or want it, as you feel that this would give you some level of security ... but you don't own any of your identity.
Who owns the attributes?. Jim Kobielus has jumped fearlessly into the fray of trying to define the normative principles of identity, by synthesizing the proposals of some others in this space. It's a well thought out piece, with some excellent ideas and only one major flaw. Unfortunately, that flaw comes at the very top of the stack when Jim states:
Each person is the only legitimate owner of their identity, all manifestations of that identity, and all associated identity attributes.


But read the rest of Kobielus' note for some interesting ideas. [The Virtual Quill]


Post a Comment

<< Home