I'm pondering these days about privacy issues of digital identities and wanted to bounce off some thoughts to see what feedback I get on this.
I've been active in the European scene of government-issued eIDs for some time (and have promoted the use of open source) and am participating in a European Thematic Network that gives input on where Europe should be going in the area of digital identities. So I have a natural interest in the U.S. NSTIC effort.
I full-heartedly subscribe the objectives which I think are defined really well. Reaching these objectives is certainly very ambitious and challenging and what can be achieved is all to be seen.
Acceptance by users is IMHO the most critical factor to success--and privacy is a key issue in this. (As is clearly stated in the NSTIC document).
After this introduction, here some thoughts that I would like to get feedback on.
We are on the brink of an era where much of our activities are moved from the physical world into the virtual world of cyberspace. Identity is intrinsically linked to virtual activities and we cannot avoid it but have to try to get it right.
In my view, there are two important differences between the physical and the digital world:
* selection (restriction) of audience
* life-time of information
In the physical world, every activity takes place in a certain location that controls the audience who can observe our actions. Someone may speak at a public conference that has press coverage, or have a beer at a bar with her friends. The choice of a location restricts the possible audiences we have and we typically chose different modalities of behavior in different places: For example, language or dress-code that is perfectly acceptable in one location, may be totally unacceptable in another.
The second point is one of life-time of information. In the physical world, the imprints of our actions fade away with time. People forget (forgive), even paper articles disappear in unsearchable paper archives and collect dust. Cyberspace is VERY different and it (potentially) never forgets. Each of our imprint is un-deletable and remains for life (and beyond, just that we may care less afterwards).
Because of these intrinsic differences between physical and virtual worlds, the consequences of our actions may be vastly different. If I drank a beer too many one night at the bar with my friends [which in this wider audience I have to disclaim is purely hypothetical and has never happened], consequences are none or very limited and will be forgotten in a couple of days. If I do something equivalent on some social network, it will be found by a potential employer who mines my behavior and I may not get that job I really need. This negative imprint in cyberspace may not even be true but falsely claimed by someone else...
Evidently, identity, and linking imprints based on identity, is the key problem in this area.
It seems to me that most things in cyberspace are public or close to public since many are clear text in the first place, others are "private" in the hands of third parties whose security meant to protect privacy is insufficient to withstand attacks, policy changes, commercial interests, or national security interests. I personally believe that once it's out there, it can be accessed (maybe not by everyone, but possibly by some who we don't like to know and for purposes that are not in our own interest).
I think for our personal well-being, it is important to have private places to retire to and save harbors where we can refuel before sailing again in the open seas. We have to find ways of doing this in cyberspace too.
The only way I see to achieve this is that we use multiple (digital) identities for different "virtual locations" that are not linkable. We need to have a free choice of an unlimited number of possibly pseudonimous or anonymous identities. This is not because we have something to hide, because we engage in illegal activities, but because this is a normal thing in our daily life experience in the real world.
(BTW, this is not my invention but called "partial identity", a term created by the FIDIS network some time ago).
I'm looking forward to get your reactions on this.