Reality Check: Laws of Identity

  • Article

Kim Cameron is one of the top experts on identity and personal information management in the world. He may be best known for his Laws of Identity. Over at the Identity Blog he has listed these laws in easy to understand English. They are also listed below:

  • People using computers should be in control of giving out information about themselves, just as they are in the physical world.

  • The minimum information needed for the purpose at hand should be released, and only to those who need it. Details should be retained no longer than necesary.

  • It should NOT be possible to automatically link up everything we do in all aspects of how we use the Internet. A single identifier that stitches everything up would have many unintended consequences.

  • We need choice in terms of who provides our identity information in different contexts.

  • The system must be built so we can understand how it works, make rational decisions and protect ourselves.

  • Devices through which we employ identity should offer people the same kinds of identity controls - just as car makers offer similar controls so we can all drive safely..

It seems to me that the start of the school year is a great time to have a classroom discussion about privacy and identity and what they mean in today’s connected world. This is a topic that we all need to think about. And of course companies need to think about being good citizens of cyberspace and taking good care of the information they acquire. Bring it up with your students and if you have opinions (one way or another) or ways to make this list more understandable let Kim know about it. This is something we need some consensus on and Kim is a good listener.