About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« August 2007 | Main | October 2007 »

8 posts from September 2007

The "P word"

By davebirch posted Sep 28 2007 at 11:08 AM
[Dave Birch] I'm a fan of Privacy Enhancing Technologies (PETs), but I recognise that however much sense they make to individuals, they must make sense to organisations as well. As this points out, they haven't so far. Many PETs weren't very practical to use even though they were technically-appealing to people like me. The dedicated, paranoid and perhaps even the criminal can surf anonymously with a little latency but as soon as you want to carry out an online transaction, sign on to a site, make a purchase, or otherwise (as the article nicely phrases it) become engaged online in a sustained way, you end up having to identity yourself. The people who take this seriously are serious about the weakest link: however vigilant you might be most of the time, it only takes one slip to ruin it and then the double-glazing web site has your mobile phone number. Doing anything about this -- for most people -- need both a lot more knowledge of the technology and the issues and a lot more work. And that has killed it before: online privacy was just too much work. And, anyway, the benefits of online privacy tended to pale in the face of immediate gratification needs, and greater conveniences, personalization, efficiency, and essential connectedness afforded by consent and trust. The privacy emphasis slides inexorably towards holding others accountable for the personal information they must inevitably collect about us, not PETs. This leads to a situation where for those people concerned privacy (which is not actually the majority of the population, whatever they may say in surveys) the realistic way to protect themselves is to essentially withdraw from society: electronic abstinence. I'm looking forward to discussing these issues at the Enterprise Privacy Group next week and will report back with (I'm sure) some new ideas for getting over these barriers.

Technorati Tags: ,

Continue reading "The "P word"" »

Sva cviqve persona

By davebirch posted Sep 24 2007 at 8:52 PM
[Dave Birch] The idea that people might be represented by signs rather than names is actually rather an old one, and I'm not saying this just because I went to see the artist currently known as Prince in London last week. From a technical perspective, I can see the obvious advantages and disadvantages. On the plus side, there are a lot more signs than there are names and they are a help for the illiterate. On the minus side, it makes issuing identity cards a lot more complicated (although a lot more interesting as well). But I also think that signs carrying a meaning that names do not: I quite like the idea of a sign for my individual persona, a sign for my work persona, a sign for my play persona and so forth. This would have the effect of communicating my persona to counterparties in a rich way, like choosing a pseudonym but acting simultaneously as an identity selector and a mask. Who do you want to be today, so to speak. Since I believe firmly that we have to develop a this richer notion of identity before we can make progress digitising it, the connection between signs, logos, masks and pseudonyms is fascinating.

Technorati Tags: ,

Continue reading "Sva cviqve persona" »

Cardspace and OpenID experiments

By davebirch posted Sep 18 2007 at 12:18 PM
[Dave Birch] I've been playing around with both Cardspace and OpenID just to get a sense of where they are. As I've said before, I'm not a management consultant, so I want to know who these things work before I start advising people about them, so I've been investing quite a bit of effort into seeing how they are coming together from a user perspective. Having got my OpenID login sorted out, it was time to play with CardSpace. There's lots happening around CardSpace at the moment (I'm particularly interested in the presentation by our good friends ACI Worldwide at Digital Identity World about using CardSpace with 3D Secure) and it's cropping up in more corporate strategies. Now that the Windows Live sites support CardSpace login, I'm sure a lot more people will be playing with it and beginning to appreciate how it might work for them.

Technorati Tags: , , , , ,

Continue reading "Cardspace and OpenID experiments" »

It's in the bank

By davebirch posted Sep 17 2007 at 2:17 PM
[Dave Birch] It's not really about identity, but I was struck by Jerry Fishenden's point about how banks could be offering more services on the back of their digital infrastructure. He was talking about services such as letting me store key personal information, information that I might then choose to disclose on a selective basis in the same way I can choose to selectively disclose or transfer financial information. Now I definitely agree with Jerry that this presents an opportunity here for banks to become the friend of the consumer in the digital age (I think I've called it "becoming the customer's privacy pal" in a previous presentation). However, given that the Information Commissioner's report for 2007 identified 12 U.K. high street banks as discarding customers' personal details in rubbish bins, Jerry may be overestimating consumers' inclinations toward banks as safe stores (!) but it's a useful idea to play with. After all, if the bank issues me with an identity, then a bank might be a reasonable place to store data relating to that identity. Which is a small step from the bank as identity manager: why not have your IBAN as one of your OpenIDs (apart from Ben Laurie's perfectly reasonable concerns about phishing)?

Technorati Tags: , , ,

Continue reading "It's in the bank" »

Why do biometric systems fail?

By davebirch posted Sep 14 2007 at 8:17 AM
[Dave Birch] I've been wondering why the IRIS biometric scheme is so bad. I've now given up on it completely: the last couple of times I've tried to used -- when it's actually been working -- it hasn't let me in. I don't know why it's stop recognising me, although I have a theory. What if it is something to do with the number of people enrolled? I was an early adopter of the scheme, and it's always been pretty terrible. I've complained about it before bit always come back and given it another try. Well, no more. Whether the biometric, the system or the government procurement procedure failed, I'm not sure. But it's not a very good advertisement for large-scale biometrics, just as the procurement for the national identity card in the U.K. is about to begin.

Technorati Tags: , ,

Continue reading "Why do biometric systems fail?" »

Kids ID cards

By davebirch posted Sep 12 2007 at 11:05 PM
[Dave Birch] In the U.K., we're just in the process of putting the details of all children in the country on to the web (except for kids whose parents have "celebrity status", according to the Education Minister) at the cost of half a billion dollars. In the U.S., the Florida Department of Highway Safety and Motor Vehicles is encouraging parents to bring their children aged five and older to some Real ID: a Florida Identification Card. The cards hold a current digital photo and vital information, which also will be entered into an emergency database available only to law enforcement (just as the British database will be available to only 330,000 qualified individuals). The card costs $3, but the article doesn't say why anyone would want one. What can a kid do with this ID card that they can't do without it?

Technorati Tags:

Continue reading "Kids ID cards" »

Tom Ilube, Garlik

By davebirch posted Sep 4 2007 at 11:54 PM
[Dave Birch] This week's podcast features Tom Ilube, CEO of garlik. Garlik is a new consumer company pioneering a range of services to help give people "real power over their personal information in the digital world, using semantic web technologies". In this podcast, we'll find out what that means and how garlik will make a living out of it. Tom Ilube was CIO at Egg until 2005, so he knows a thing or to about innovative plays in the consumer space.

Technorati Tags: ,

Continue reading "Tom Ilube, Garlik" »

How much is "my" data worth?

By davebirch posted Sep 4 2007 at 4:26 PM
[Dave Birch] When developing business cases for some kinds of identification and authentication products, it's difficult to round out the figures when no-one knows how to value personal data. How much is it actually worth? An interesting estimate comes from the loyalty world, where the Tesco Clubcard is the standard U.K. example. Tesco won't say how much Clubcard means in terms of additional revenue, but the impact in some stores is put as high as 12 per cent, enough to push an £800,000-a-week branch through the £1 million barrier. So if you divide the sales by the number of customers, you ought to get a rough estimate of the value of each customer's data. I don't think it's that simple though, because Tesco's additional sales are not down just to the value of the data, but the value of the processing they apply to it. Simply having a list of your groceries would deliver little value (although it might be scary in 20 years time when the government bump you down the NHS waiting list because of all the rubbish you ate when younger).

Technorati Tags: , ,

Continue reading "How much is "my" data worth?" »