I’ve been reading with interest the work of Kim Cameron and Craig Burton on the laws of identity. I spent similar time and effort in the early days of Ping working with Eric Norlin, Phil Becker, Bryan Field-Elliott and Griffin Caruolo discussing the forces at work behind the evolution of identity systems. That work led to some musings about the tiers of identity (which Doc Searls later described in much better terms) and the phases of adoption.
I haven’t yet had time to give the laws serious thought, but their work has prompted me to consolidate some thinking that guides my movements in the space. While identity is indeed a complex and multi-faceted topic, I’ve come to appreciate one simple concept:
The right identity system will accomodate the needs of all participants. (I see basically three)
– individual (identity principle) – need/desire to know where information resides and control sharing of personal info
– company (typically the “other party” to an identity interaction) – need to identify & authenticate, need to track interaction history, desire to share certain information with partners
– government – acts on individuals behalf to regulate use of information amongst companies. Has a need to know certain information in certain circumstances
Likely more important than understanding the needs of the three paricipants above, for those involved in building this infrastructure, is the likely timing that various compontents will need to exist. A “balance” among the three parties will ultimately evolve, but it is likely that an imbalance will exist prior to this harmony being achieved. Understanding first order initiatives which are economically sustainable is key.