About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

20 posts categorized "Corporate & Campus"


By Dave Birch posted Jan 3 2011 at 10:04 PM
In some of the workshops that I've been running, I've mentioned that I think that transparency will be one of the key elements of new propositions in the world of electronic transactions and that clients looking to develop new businesses in that space might want to consider the opportunities for sustained advantage. Why not let me look inside my bank and see where my money is, so to speak? If I log in to my credit card issuer I can see that I spent £43 on books at Amazon: if I log in to Amazon I can that I spent £43 but I can also see what books I bought, recommendations, reviews and so on. They have the data, so they let me look at it. If I want to buy a carpet from a carpet company, how do I know whether they will go bankrupt or not before they deliver? Can I have a look at their order book?
Transparency increases confidence and trust. I often use a story from the August 1931 edition of Popular Mechanics to illustrate this point. The article concerns the relationship between transparency and behaviour in the specific case of depression-era extra-judicial unlicensed wealth redistribution...

BANK hold-ups may soon become things of the past if the common-sense but revolutionary ideas of Francis Keally, New York architect, are put into effect. He suggests that banks be constructed with glass walls and that office partitions within the building likewise be transparent, so that a clear view of everything that is happening inside the bank will be afforded from all angles at all times.

[From Glass Banks Will Foil Hold-Ups]

I urge you to clink on the link, by the way, to see the lovely drawing that goes with the article. The point is well made though: you can't rob a glass bank. No walls, no Bernie Madoff. But you can see the problem: some of the information in the bank is confidential: my personal details, for example. Thus, it would be great if I could look through the list of bank deposits to check that the bank really has the money it says it has, but I shouldn't be able to see who those depositors are (although I will want third-party verification that they exist!).

Why am I talking about this? Well, I read recently that Bank of America has called in management consultants to help them manage the fallout from an as-yet-nonexistent leak of corporate secrets, although why these secrets be prove embarrassing is not clear. In fact, no-one knows whether the leak will happen, or whether it will impact BofA, although Wikileaks' Julian Assange had previously mentioned having a BofA hard disk in his possession, so the market drew its own conclusions.

Bank of America shares fell 3 percent in trading the day after Mr. Assange made his threat against a nameless bank

[From Facing WikiLeaks Threat, Bank of America Plays Defense - NYTimes.com]

Serious money. Anyway, I'm interested in what this means for the future rather than what it means now: irrespective of what Bank of America's secrets actually are because

when WikiLeaks, a whistle-blowing website, promised to publish five gigabytes of files from an unnamed financial institution early next year, bankers everywhere started quaking in their hand-made shoes. And businesses were struck by an alarming thought: even if this threat proves empty, commercial secrets are no longer safe.

[From Business and WikiLeaks: Be afraid | The Economist]

Does technology provide any comfort here at all? I think it does. Many years ago, I had the pleasant experience of having dinner with Nicholas Negroponte, John Barlow and Eric Hughes, author of the cypherpunk manifesto, at a seminar in Palm Springs. This was in, I think, 1995. I can remember Eric talking about "encrypted open books", a topic that now seems fantastically prescient. His idea was to develop cryptographic techniques so that you could perform certain kinds of operations on encrypted data: in other words, you could build glass organisations where anyone could run some software to check your books without actually being able to read your books. Nick Szabo later referred back to the same concepts when talking about the specific issue of auditing.

Knowing that mutually confidential auditing can be accomplished in principle may lead us to practical solutions. Eric Hughes' "encrypted open books" was one attempt.

[From Szabo]

Things like this seem impossible when you think of books in terms of paper and index cards: how can you show me your books without giving away commercial data? But when we think in terms of bits, and cryptography, and "blinding" it is all perfectly sensible. This technology seems to me to open up a new model, where corporate data is encrypted but open to all so that no-one cares whether it is copied or distributed in any way. Instead of individuals being given the keys to the database, they will be given keys to decrypt only the data that they are allowed to see and since these keys can easily be stored in tamper-resistant hardware (whereas databases can't) the implementation becomes cost-effective. While I was thinking about this, Bob Hettinga reminded me about Peter Wayner's "translucent databases", that build on the Eric's concepts.

Wayner really does end up where a lot of us think databases will be someday, particularly in finance: repositories of data accessible only by digital bearer tokens using various blind signature protocols... and, oddly enough, not because someone or other wants to strike a blow against the empire, but simply because it's safer -- and cheaper -- to do that way.

[From Book Review: Peter Wayner's "Translucent Databases"]

There are other kinds of corporate data that it may at first seem need to be secret, but on reflection could be translucent (I'll switch to Peter's word here because it's a much better description of practical implementations). An example might be salaries. Have the payroll encrypted but open, so anyone can access a company's salary data and see what salaries are earned. Publish the key to decrypt the salaries, but not any other data. Now anyone who needs access to salary data (eg, the taxman, pressure groups, potential employees, customers etc) can see it and the relevant company data is transparent to them. One particular category of people who might need access to this data is staff! So, let's say I'm working on a particular project and need access to our salary data because I need to work out the costs of a proposed new business unit. All I need to know is the distribution of salaries: I don't need to know who they belong to. If our payroll data is open, I can get on and use it without having to have CDs of personal data sent through the post, of whatever.

I can see that for many organisations this kind of controlled transparency (ie, translucency) will be a competitive advantage: as an investor, as customer, as a citizen, I would trust these organsations far more than "closed" ones. Why wait for quarterly filings to see how a public company is doing when you could go on the web at any time to see their sales ledger? Why rely on management assurances of cost control when you can see how their purchase ledger is looking (without necessarily seeing what they're buying or who they are buying it from) when you can see it on their web page? Why not check staffing levels and qualifications by accessing the personnel database? Is this any crazier than Blippy?

These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]

Why are we waiting?

By Dave Birch posted Sep 20 2010 at 1:31 PM

[Dave Birch] It isn't only dreamers like me who want to see an effective digital infrastructure in place.

Law enforcement worldwide should focus on developing an international identity verification system, according to INTERPOL secretary general Ronald K. Noble.

[From INTERPOL: International ID verification system needed]

I agree, although I imagine my vision of this infrastructure and Interpol's may differ in a few details. But governments, irrespective of the law enforcement agenda, should be enthusiastic too. In a September 2010 research notes on "eIDs in Europe", Deutsche Bank say that

At the European level a number of electronic identity cards (eIDs) and the qualified electronic signature (QES) do already exist. Together they possess the potential to form another of the foundations of the internal market for financial services – especially for opening accounts.

Deutsche Bank go on to say that

A further obstacle will be that the design of ID cards does not fall within the competence of the EU and varies greatly from one member state to the other. To date, there are e.g. no harmonised European definitions for the topic of "identity" or "identification". This means that in the medium term the issue for the trailblazers in this segment is likely to be enhanced cooperation.

(Note to foreign readers: remember when reading that paragraph that "competence" in EU-speak does not mean the same thing as it does in normal language: they don't mean that the Commission would be hopeless at designing eID systems, although I'm sure they would be, but that it is not their problem -- it is a problem for national governments to solve.)

So how do we move forward then? Is it time for an ESTIC, a version of the US National Strategy for Trusted Identities in Cyberspace (NSTIC) that adds European values to the technical infrastructure to create something that the public and private sectors can use to transform (I mean this seriously) service delivery? This would rest on corporate identities (eg, your bank identity) being extended across corporate boundaries and into government -- as is already the case in Scandinavia -- and implies a much greater degree of public-private sector co-operation than we have seen to date.

Continue reading "Why are we waiting?" »

Body surfing

By Dave Birch posted Jan 4 2010 at 9:24 PM

[Dave Birch] At the excellent Mobile Industry Healthcare Summit in London I saw some very good presentations about the impending revolution in the health sector as wireless technology of one form or another begins to miniaturise, power-manage and self-configure. It's that internet of things again, with everything talking to everything else, this time connecting patients, machines, doctors, medicine and everything else.

I was particularly interested in the low-power (under 1v) short-range (couple of metres) "body area networks" that are under development by a number of companies (such as Toumaz, for example). I think I will amend the Consult Hyperion technology timeline that we use to help customers to plan their IT strategies so that it separates personal area networks (PANs) from BANs from now on, especially as a new standard (which is IEEE 802.15.6) is under development for BANs and is expected sometime in 2010. The driver for this is that PANs requires too much power (the "smart bandage" that I saw at the event has a 7 day lifetime with no external power) and the PAN protocols do not handle the requirements of the sector terribly well. The BAN protocol is specifically designed for low data rate and intermittent connections and will one day connect your pacemaker to your iPhone to your insurance company.

They're not here yet, but these things will come, and I rather like the idea of my band-aids chatting to each other and dropping a note to my doctor if things aren't healing properly. Of course, I would expect their communications to be encrypted and digitally-signed since I wouldn't want counterfeit medical equipment in the loop. But I'm sure the technology will be used for other things as well: some positive (helping monitor fitness regimes) and some stupid (such as having your body and your clothes have a dialog).

I also saw a presentation about some medicines that are taken internally (pills) that contain RFID tags that only activate once the pill has dissolved (ie, is in your stomach). The idea is to help to monitor old people to make sure that they are taking the right medicine at the right times. Fascinating stuff, and particularly fascinating to me because I am interested in the identity infrastructure that will be needed to support safe, smart healthcare.

Continue reading "Body surfing" »

Imperfect crime

By Dave Birch posted Dec 24 2009 at 10:15 AM

[Dave Birch] Some years ago at the Digital Money Forum, Richard Bartle from the University of Essex characterised the economy of virtual worlds as "people buying things that don't exist from people who don't own them" which was, frankly, a brilliant summary. There are also, sadly, a class of people stealing things that don't exist from people who don't own them and this is a crime, so it was with great interest I read that

A British man has been arrested and cautioned for stealing accounts for online game Runescape... A statement from the Police National e-crime unit said: "A 23-year-old man was arrested in Avon and Somerset... on suspicion of a number of computer misuse offences."... Once hi-tech thieves have these credentials they plunder the accounts, strip characters of their items and sell off the rare virtual goods for Runescape gold.

[From BBC News - Runescape creator pursues 'phishing thieves']

This is real identity theft. If criminals somehow get into my bank account and spirit the money away, I don't really care because it's the bank's problem and they will give me the money back. But if the criminals take over my Runescape character, that's a real personal violation. As I said before

a bank can easily restore my money, but it's much harder for Facebook to restore my reputation (apart from anything else, a reputation takes time to build). Which is the worse crime?

[From Digital Identity Forum: What identity is important?]

It's the latter, clearly. So perhaps the "standard" use case for strong authentication should be switched from logging on for home banking to logging on to Facebook, which takes us into the world of OAuth and OpenID instead of EMV and OTP. In this world, there's already plenty of work going on around authentication, credentials and federation that could provide key portions of the infrastructure that we know that we are going to need in the mass market.

Continue reading "Imperfect crime" »


By Dave Birch posted Nov 25 2009 at 10:43 PM

[Dave Birch] I enjoyed Scott Silverman's talk about privacy and security at ID World. Scott (the devil, according to CASPIAN) is the CEO of Verichip, the company that developed the first FDA-approved RFID chip for human implantation. (It's just a passive RFID chip containing a 16-bit identification number). Apparently, they had had some 900 emergency rooms across the US signed up for the service before the "privacy backlash" started. Opponents of the system told the newspapers that the chips caused cancer, and that was that.

Now, to be honest, I'm very sympathetic to Scott. A couple of years ago, I contacted Verichip because I thought it would be fun to have a Verichip implanted in my arm ready for the Digital Identity Forum, but they said no (spoilsports). My cat has one, and I'm jealous.

Anyway, the point is that the privacy backlash was so great that the stock price collapsed and the company -- which was reduced to a shell -- has now been restructured as PositiveID with Scott as the majority shareholder. They have a number of initiatives, one of them being "PatientID" which will link high-risk patients (eg, Alzheimer patients) to their medical records. Now, as far as I can see (and I'm speaking from the point of view of someone with an Alzheimer's sufferer in the family) this is a splendid idea. I'm pretty privacy sensitive, but this is an application that makes absolute sense to me. If I had Alzheimer's, I'd want a chip so that if I get lost or confused, a doctor can instantly find out who I am and what my conditions and medications are. You could do it by fingerprinting me, or iris scanning or whatever. But it appears to quick and simple to use the chip instead.

Scott also mentioned their "HealthID" initiative that will link sensors to the chip: so, for example, you could have a glucose-sensing chip for some types of diabetes so that when the chip is read to identify the patient it will also report glucose levels. If I had diabetes, I would much rather have one of these than prick my finger and test drops of blood. I wouldn't want everyone to be able to read it though, and this is where the problem comes: we need to have some form of standard privacy-enhancing infrastructure that sits above the "chip layer" to make this all work properly.

Continue reading "Verily" »

Close enough for jazz

By Dave Birch posted Nov 4 2009 at 6:40 PM

[Dave Birch] I had a typical fascinating and productive discussion with Hazel Lacohee and Piotr Cofta when we last got together. We were kicking around some ideas for finding practical ways to improve privacy, security and other good stuff while simultaneously worrying about the government's approach to the interweb, broadband and ID cards. With the right combination of technology and vision we can take an entirely different view of the "identity problem" and how to solve it. In a decentralised fashion we can see identity develop as an emergent property of trust networks, shaped by evolution to be fit for purpose or, as Piotr Cofta puts it, "good enough identity". Good enough identity (GEI). I love it.

I'm certain that there is merit in this approach. There is a real difference between between trying to create a kind of "gold standard" identity that delivers the highest possible levels of authentication and identification in all circumstances and trying to create an identity that is useful (defined by: reduces total transaction costs and, in my world, aligns social costs with private costs). Therefore, a utilitarian approach of trying to do something, anything to make the identity situation improve for individuals and organisations, we might be better off starting with some simple building blocks and building up rather than by starting with a national ID card (I mean, a 21st-century national ID card of the psychic ID kind, not electronic cardboard) and driving that down. Go from the personal to the enterprise, from the enterprise to government.

Continue reading "Close enough for jazz" »

What identity is important?

By Dave Birch posted Sep 8 2009 at 5:46 PM

[Dave Birch] A couple of days ago I was in a discussion concerning the discrepancy between what enlightened experts (eg, me) think about identity management and what governments, civil servants and IT vendors think about identity management. One of the points I made, which I think I can defend, is that the "common sense" notion of identity, rooted in our pre-industrial social structures and pre-human cortex, is not only not very good at dealing with the properties and implications of identity in an online world but positively misleading when applied to system and service design. The fact is that virtual identity and "physical" identity are not the same thing, and they differ in ways that we are only beginning to take on board. Here's an interesting reflection on the difference between physical and virtual identity.

I used to work on campus 5 days a week, but working at home more has coincided with the advent of blogs and twitter. My professional and personal profile on campus is now much higher than it was when I attended every day, but largely sat in my office, and occasionally ventured out for coffee.

[From Establishing Our Online Identity « Ramblings of a Remote Worker]

Interesting. An online identity in a context that makes it worth more than an offline identity, because it is more connected. The Facebook economy, so to speak. Which leads me on to...

Continue reading "What identity is important?" »

Bring it on

By Dave Birch posted Jul 29 2009 at 10:13 PM

[Dave Birch] As has been mentioned once or twice, the world of social networking provides a specific and immediate kind of weapons range for testing new ideas about identity and privacy. Facebook, in particular, seems to developing an emergent properties space where all sorts of experiments are already under way with the identity concepts at their core already one step removed from the common sense" view of identity . There is one class of experiment that I find particularly fascinating, and these are about matching and comparing the "grown ups" perspective against the "kids" perspective. US examples are always more acute because they involve law suits, so let's start there. Here's a fabulous example.

a suit was filed in Mississippi that alleges a school official—more specifically a teacher acting in her capacity as a cheerleading coach—demanded that members of her squad hand over their Facebook login information. According to the suit, the teacher used it to access a student's account, which included a heated discussion of some of the cheerleading squad's internal politics. That information was then shared widely among school administrators, which resulted in the student receiving various sanctions.

[From Cheerleader sues school, coach after illicit Facebook log-in - Ars Technica]

This follows on from other recent stories about employers demanding log in passwords for social networks and so forth. If my employer wanted my LinkedIn password, I would regard it is transparent evidence of their insanity and a clear flag that our working relationship had collapsed. But if you're a kid and it's a teacher asking, I suppose you might feel under pressure to comply with something that's obviously a breach of natural justice. Not surprising, in many ways, because it's always difficult for social mores to adjust to new technologies -- people used to be given instructions for answering the telephone -- and this stuff is still really, really new. People don't yet have sense of what is naturally right or wrong in the new environment.

So, people in authority behave inappropriately when faced with new technology. No big surprise. But what I found fascinating about this story -- and the lesson it contains about emerging "norms" around identity in a digital age -- was the reaction of some other kids faced with the same demand.

...several other students asked for their logins simply deleted their accounts using their cell phones, preventing this sort of intrusion; the schools apparently have a filter that blocks access to its Web interface from school computers.

[From Cheerleader sues school, coach after illicit Facebook log-in - Ars Technica]

In a way, I find this heartwarming. The kids aren't stupid: they live in that world and they can distinguish their multiple virtual identities. Faced with a privacy violation that undermines a virtual identity, they slash and burn. And the school's efforts to prevent them manipulating their virtual identities are fruitless.

Continue reading "Bring it on" »

No digital identity, no digital Britain

By Dave Birch posted Jan 30 2009 at 4:56 PM

[Dave Birch] I haven't had time to read the Carter report on Digital Britain yet, but I will try and catch up with it sometime soon. I've had a quick look at a few bullet points and not seen anything particularly interesting. There's been plenty of comment from sources that I pay attention too, though.

The long awaited (and somewhat delayed) Digital Britain interim report has been released, and, like the Gowers Report on intellectual property before it, this one seems way too "balanced" for its own good... For example, it says that the country should have universal broadband (of at least 2 Mbps), but doesn't explain how. It just offers up some vague statements about hoping that private sector ISPs reach that goal, and urging the BBC to promote the wonders of broadband to those who haven't signed up yet... The same sort of vague uselessness is found in the part on copyright and file sharing.

[From Digital Britain Report: Blank Promises, Vague Statements And Everything Is Hedged... | Techdirt]

It's hard for the people putting these sorts of reports together to take any real stance on issues, I'm sure, because they have to obtain some consensus. But perhaps some more real vision is needed at times like these, and that necessarily will mean that some sectors of industry will have to accept change. Because our customers are more interested in the transactional side of things, I'm always looking to see how the plans of the great and good will stimulate new business and what the impact on industry might be. Unfortunately, the early comments that I've been reading are not promising: apparently, one of Carter's suggestions is to impose a tax on broadband access and give the money to industries that have failed to adopt new business models in response to technological change. At first, I assumed he must be talking about sheep farmers, because the law dating back to 1572 requiring everyone to wear wool hats on Sunday isn't being properly enforced any more, but it turns out that he was talking about pop stars and record companies.

Carter appears to ask traditional industries to look to new business models, but offer them a subsidy at everyone else's expense if they can't find any. What's more, the voice of those industries is given disproportionate weight. Now, while it is generally true that at the dawn of new businesses this must always be true -- since the new businesses that might grow up around broadband don't yet have a voice to be heard -- that's no reason no to extend the range of voices to be heard. As the Open Rights Group say,

We are looking at the report in detail, but we are extremely concerned that the voice of consumers and citizens is being marginalised.

[From The Open Rights Group : Blog Archive » Digital Britain: leaving consumers out of the picture]

Indeed. Not only will citizens be marginalised, they will also be penalised.

Under the proposed scheme, the government would legislate a "Code on unlawful file-sharing" that ISPs would have to follow.

[From "Digital Britain" to legislate graduated response for ISPs - Ars Technica]

Why telephone companies aren't required to follow a "Code on unlawful bank robbery" that requires them to monitor telephone conversations and report the planning of bank robberies to the police, I don't know, but what I do know is that fining kids and kicking their parents off the Internet is not the way to build a healthy and prosperous 21st century business.

Continue reading "No digital identity, no digital Britain" »

Footprints in the silicon

By Dave Birch posted Oct 17 2008 at 1:26 PM
[Dave Birch] I like the phrase "digital footprints" as I think it provides as useful metaphor and image. Your digital identities leave digital footprints behind and other people -- perhaps people you don't know -- can follow those footprints. That's a reasonably powerful picture to put in front of people. I was trying to come up with something like this because I was thinking about how to educate people to be aware of the new way of the world. Children, in particular, need to understand the ramifications of their new media use (not to stop them from using it, but to help them to use it more effectively). For example...

When these kids are in high school and college, will a prerequisite for dating my teenage daughter be reading my blog?

[From Digital Footprints: Raising Kids Online - Media Bullseye]

Probably. It would certainly be way for a prospective daughter-in-law to score points with me! There's nothing wrong in helping children to lead lives online, but we must obviously do what we can to protect them and encourage responsible usage (which I think a digital identity infrastructure would do, but it's not the only way of doing it). Who are we protecting them from, other than future in-laws? We all understand the risks, even if they are somewhat overplayed in the media and not understood at all by politicians. As I said before

so it turns out that by and large perverts don't use social networking sites while pretending to be teenagers, but nonetheless something must be done, and who better to decide what to do than politicians.

[From Digital Identity Forum: Hard cases]

But your digital footprint isn't only of interest to criminals and peverts, but also marketers. In other words, hiding your digital footprint away (or not creating one) isn't a solution because allowing the right people to see your digital footprint at the right time means better products and services. In fact, if marketing could be on the basis of your digital footprint rather than a random collection of facts about you together with suppositions about group behaviour, that might be rather a good thing.

This is the future of marketing intelligence. Its no longer demographics. Identity is not worth collecting. Lets safely secure that with our customers, promise them we won't mine their identity. But the digital footprint, that is valuable. And the social context - Like Alan Moore says, this is the Black Gold of the 21st Century, the biggest prize. We can only discover social context accurately via the mobile phone, but the companies that build upon this dimension, those companies will seem like "reading our minds" in how accurately, cannily, they will serve ever better services and products and offers and campaigns for us.

[From Communities Dominate Brands: Datamining our identity, digital footprint, and social context]

We need a way to manage the connections between other people, our footprints and our selves.

Continue reading "Footprints in the silicon" »