A nice simplification of the ‘laws of identity’
– People using computers should be in control of giving out information about themselves, just as they are in the physical world.
– The minimum information needed for the purpose at hand should be released, and only to those who need it.
– Details should be retained no longer than necesary.
– It should NOT be possible to automatically link up everything we do in all aspects of how we use the Internet. A single identifier that stitches everything up would have many unintended consequences.
– We need choice in terms of who provides our identity information in different contexts.
– The system must be built so we can understand how it works, make rational decisions and protect ourselves.
– Devices through which we employ identity should offer people the same kinds of identity controls – just as car makers offer similar controls so we can all drive safely.