Summer is coming to an end.
I had some good times off, disconnected with lots of reading, biking, and hanging around. Also the best way to let new ideas emerge.
Lately, i have been immersed in digital identity. First, I attended the EEMA European e-Identity Management Conference in London . The week after, I was the “tour guide” for a study week on the subject with 4 other colleagues.
We discovered a rich subject – in full (r)evolution – and we met really very smart people who were extremely knowledgeable about the subject.
Since then, I have been reading and thinking a lot about the subject.
This blog post – in different parts – is a detailed report of those conversations, reflections, interpreted in a very personal way. In other words, this is my very personal consolidation and internalization on the subject.
The subtitle of the blog is “the unpolished diamond”. Indeed, what I will present here is a multifaceted subject. It’s like a rough diamond, which still needs to be polished into a beautiful multifaceted shiny precious diamond.
The different facets of the diamond are organized in “chapters”. I feel like this can become the basis of a more in-depth whitepaper, or – time and ambition permitting – a book at some day. Please let me know and/or encourage me if you want me to go ahead with this crazy idea of a book.
I will come up with some other metaphores in subsequent posts. The one on “Digital Identity Tuner 7.0” is in the making, where I will really push the identity envelope.
Anyway, my identity story starts in 2001 or so. That’s when I got infected by the identity-virus: I was working for Microsoft (2001-2005) on the Belgian e-Identity Card (eID) project.
This was a once-in-a-life project, sponsored by Bill Gates himself, who saw the advent of 8 million eID citizen cards being distributed in a mandatory way to the Belgian citizens over a period of 5 years as a ideal test/pilot market. (BTW: Belgium is already renewing the first cards that were issued at the time; this means this has to be looked at as an infrastructure thing, that needs to be maintained for several generations)
We wanted to discover how citizens reacted to such eID card, assess what sort of applications were being build that consume this eID card, and what would be needed to support this sort of card in Microsoft products. This was far reaching, as we looked across the board at Windows OS, Microsoft Office, MSN (Safe chat for children), workflow, audit and regulatory requirements, and last but not least privacy.
My role was one of Business Development Manager, not so much in a sales mode, but rather in a research and discovery mode.
It was during this time that I met Kim Cameron (Microsoft’s Chief Architect Identity), just at a moment when Kim had published his seminal whitepapers “Laws of Identity” and “Towards an e-identity meta-system”.
Kim has become a friend since then, and I highly recommend his blog www.identityblog.com.
I was permeated with the early concepts of claims based identities, and ever since, I felt a natural attraction towards anything that was related to identity, not only e-identity but also identity in it’s philosophical and existential sense “who am I really ?”
Already at that time (2001),
I felt that the eID card
(a smart card with certificates issued
by the Belgian government)
was an anachronism.
We seemed to use
concepts of a physical world,
and tried to use them
in an on-line world
fundamentally different because
In addition one can question today whether the government (or a bank, or another “trusted” party should be the originator of the identity).
It’s like maintaining a 2D view on a world that has since long moved to 3D. It’s like looking at the sunset in 2D: what you see is a circle that gets smaller and smaller until it’s a dot and then finally disappears.
But in this 2D view, one has lost the 3D dimension of our planetary system, and the highly dynamic and interdependent set of moving parts.
This view is shared by David Birch, who runs a very interest Digital Identity Blog when he says:
The analog-digital comparison does not work when thinking about 21st century e-identity
There are indeed some novel views that
instead of having “an e-identity
issued by the government
to offer value to the citizens”,
it would not be better to have “an e-identity
issued and managed by the citizens
to offer value to the government”
This view is highly related to a tectonic shift of power back to the owner of the data, or more in general the revolution from “Push to Pull” business models that are so well described in John Hagel’s seminal book “The Power of Pull”, in my opinion THE business book of 2010 (although not shortlisted in FT’s 2010 best business books –> FT is wrong ;-)
In the next editions of the “unpolished digital identity series”, I will tackle following “chapters”:
- Digital identity in Cloud computing
- Digital Identity Tuner 7.0
- Business case/model
- Architectural perspectives
- The role of a registration authority (if any)
- Claims based identity: more than PKI
- Personal data sharing
- The “pile” of standards
- Vendor readiness
- User comfort
- Mental reference framework for SWIFT
- Trust Frameworks
- Form factors
- Developer perspective
- Digital identity and Digital footprint
- Social currency
- Semantic tagging of the WHO
Hmmm… it starts indeed looking like a book. Any input and suggestions welcome.