If a Tree Falls …

Johannes' post on Phil Windley puts his finger on why defining "Digital Identity" is hard asserts that an identity is more than a set of claims.

If there is an entity, and there are no claims made about it, does it still have an identity?

If a tree falls in the forrest, and no one hears it, does it make a sound?

Ah, semantics!

From a materialistic perspective, define "sound" and you've answered the second question. Define "identity" and you've answered the first.

This is why Dave and Timothy (and I, to some extent) are on a rant about ontology and semantics. You don't get definitions right, it's hard to have lucid thoughts, let alone unambiguious communications.

"Do identical twins have different identities even if we can't tell them apart?" Define what you mean by "identity" and I'll answer your question.

We can't even answer basic questions about the "things" we are talking about because we don't have common definitions of them. Convinced yet about the importance of a well defined ontology for the digital identity community?

Identity or Persona?

I recently posted to the idworkshop list some thoughts on the terms Identity vs Persona. But I've just noticed a strong bias expressed by two bloggers whose opinions I respect: Timothy Grayson and Dave Kearns.

Both have been very clear in their statement that each person has exactly one identity in the following articles:
o Piling on: "The importance of [the word] identity"
o Piling on 2: "The Importance of Identity" Online and off
o Crying in the wilderness, again.

They both prefer the classical (philosophical) definition of identity -- identity is the thing that is you. So, by definition, one person can only have one identity. (BTW, Tim, I don't think your identity goes away when you die -- but perhaps that's not what you meant.) The other "identities" that people are talking about are actually personas.

While I agree with both Tim and Dave in their desires to be precise in discussions, I do think the train has left the station on how the word identity is understood. By popular usage, folks such as Phil Winley and Esther Dyson (as pointed out by Tim and Dave) use the term identity imprecisely to mean persona. Frankly, I think the term identity is so overused in both technical and pop culture that it has been rendered not-very-useful for technical discussions -- it might actually be a source of confusion. I would suggest, when we need more exact terms, we should use words with less cultural burden -- like persona; and, we need to find a word/phrase to refer to these unique things that are people (and objects) -- perhaps entity.


PS. I'm still swamped with work, so my postings will be haphazard, at best.



Date: Fri, 23 Sep 2005 14:36:59 -0700
To: idworkshop@googlegroups.com
From: "P.T. Ong" <p.t.ong@onghome.com>
Subject: Re: persona/identity

Strangely enough, I was just doing a systems design / object decomposition exercise last week, and decided to ditch "digital identity" and use "digital persona" instead; specifically because the phrase avoids the broader meanings of "identity" ... like "sense of self", "roots".

I think it's easier to understand "my persona for Acme Bank" than "my identity for Acme Bank". The term "persona" is less personal, so the user is more able to disassociate himself from the "persona" -- as it should be...

Getting more philosophical, I might never really know your true identity, but I can always use personas to point to the entity that is you.

Also, the discussion on anonymity gets easier. People can get confused when we talk about "anonymous identities" as the phrase is, superficially, a contradiction in terms -- "identity" might imply the lack of anonymity because it is tied closely with "sense of self". (http://blog.onghome.com/2005/03/strong-identities-can-be-anonymous.htm)

In the real world, words have associated meaning, connotations, emotional baggage, etc.; and it's confusing to the rest of the world (and to us too) when we technical folks try to use them in ways that conflict (or is in dissonance) with their commonplace uses.

pt

PS. I do realize that marketing-wise, it's too late to move from the use of "identity".


At 08:39 AM 9/23/2005, Dave Kearns wrote:
>From: "Luke Razzell" <luke@i-together.net>
>>
>> My dramatherapist girlfriend, Charla, pointed out to
>> me that "persona" is from the Greek for "mask":
>>
>
>That's where the usage came from. The "persona" in a Greek play
>represented the "role" that the actor was playing. Which, in today's
>usage (as opposed to, say, the arcane world of 1999) really confuses
>the issues of identity, persona and role.
>
>In fact, what we're calling "digital identity" used to be referred
>to as "digital persona"
>(http://www.networkworld.com/columnists/2000/1106kearns.html) (And I
>still have the outline of a book I wanted to write with that title.
>Until a biometrics company came along and took the name.)
>
>At the time, the few people involved in "digital identity"
>deliberately chose the term "digital persona" so as not to confuse
>people with the "I" word. From the discussion we've had here, it
>does seem that the confusion still rages. So I can heartily agree
>with Luke when he says:
>
>> In this way, deprecating "digital identity" in favour of the
>> synonymous "persona" helps to disambiguate the discussion:
>> we are left with comparisons of "personas" and "identities"
>> rather than the supremely confusing "digital identities" and
>>"identities"!
>>
>
>-dave


Update (Oct 1, 2005):
I forgot to cross-reference Luke Razzell's post on Persona and identity (http://www.i-together.net/weaverluke/2005/09/persona-and-identity.html).

Update (Oct 8, 2005):
Here are a few more follow-on posts on the topic:
o Timothy Grayson, The living language of identity
o Phil Windley, On the Word 'Identity'
o Johannes Ernst, Phil Windley puts his finger on why defining "Digital Identity" is hard

Identity or Persona?

I recently posted to the idworkshop list some thoughts on the terms Identity vs Persona. But I've just noticed a strong bias expressed by two bloggers whose opinions I respect: Timothy Grayson and Dave Kearns.

Both have been very clear in their statement that each person has exactly one identity in the following articles:
o Piling on: "The importance of [the word] identity"
o Piling on 2: "The Importance of Identity" Online and off
o Crying in the wilderness, again.

They both prefer the classical (philosophical) definition of identity -- identity is the thing that is you. So, by definition, one person can only have one identity. (BTW, Tim, I don't think your identity goes away when you die -- but perhaps that's not what you meant.) The other "identities" that people are talking about are actually personas.

While I agree with both Tim and Dave in their desires to be precise in discussions, I do think the train has left the station on how the word identity is understood. By popular usage, folks such as Phil Winley and Esther Dyson (as pointed out by Tim and Dave) use the term identity imprecisely to mean persona. Frankly, I think the term identity is so overused in both technical and pop culture that it has been rendered not-very-useful for technical discussions -- it might actually be a source of confusion. I would suggest, when we need more exact terms, we should use words with less cultural burden -- like persona; and, we need to find a word/phrase to refer to these unique things that are people (and objects) -- perhaps entity.


PS. I'm still swamped with work, so my postings will be haphazard, at best.



Date: Fri, 23 Sep 2005 14:36:59 -0700
To: idworkshop@googlegroups.com
From: "P.T. Ong" <p.t.ong@onghome.com>
Subject: Re: persona/identity

Strangely enough, I was just doing a systems design / object decomposition exercise last week, and decided to ditch "digital identity" and use "digital persona" instead; specifically because the phrase avoids the broader meanings of "identity" ... like "sense of self", "roots".

I think it's easier to understand "my persona for Acme Bank" than "my identity for Acme Bank". The term "persona" is less personal, so the user is more able to disassociate himself from the "persona" -- as it should be...

Getting more philosophical, I might never really know your true identity, but I can always use personas to point to the entity that is you.

Also, the discussion on anonymity gets easier. People can get confused when we talk about "anonymous identities" as the phrase is, superficially, a contradiction in terms -- "identity" might imply the lack of anonymity because it is tied closely with "sense of self". (http://blog.onghome.com/2005/03/strong-identities-can-be-anonymous.htm)

In the real world, words have associated meaning, connotations, emotional baggage, etc.; and it's confusing to the rest of the world (and to us too) when we technical folks try to use them in ways that conflict (or is in dissonance) with their commonplace uses.

pt

PS. I do realize that marketing-wise, it's too late to move from the use of "identity".


At 08:39 AM 9/23/2005, Dave Kearns wrote:
>From: "Luke Razzell" <luke@i-together.net>
>>
>> My dramatherapist girlfriend, Charla, pointed out to
>> me that "persona" is from the Greek for "mask":
>>
>
>That's where the usage came from. The "persona" in a Greek play
>represented the "role" that the actor was playing. Which, in today's
>usage (as opposed to, say, the arcane world of 1999) really confuses
>the issues of identity, persona and role.
>
>In fact, what we're calling "digital identity" used to be referred
>to as "digital persona"
>(http://www.networkworld.com/columnists/2000/1106kearns.html) (And I
>still have the outline of a book I wanted to write with that title.
>Until a biometrics company came along and took the name.)
>
>At the time, the few people involved in "digital identity"
>deliberately chose the term "digital persona" so as not to confuse
>people with the "I" word. From the discussion we've had here, it
>does seem that the confusion still rages. So I can heartily agree
>with Luke when he says:
>
>> In this way, deprecating "digital identity" in favour of the
>> synonymous "persona" helps to disambiguate the discussion:
>> we are left with comparisons of "personas" and "identities"
>> rather than the supremely confusing "digital identities" and
>>"identities"!
>>
>
>-dave


Update (Oct 1, 2005):
I forgot to cross-reference Luke Razzell's post on Persona and identity (http://www.i-together.net/weaverluke/2005/09/persona-and-identity.html).

Update (Oct 8, 2005):
Here are a few more follow-on posts on the topic:
o Timothy Grayson, The living language of identity
o Phil Windley, On the Word 'Identity'
o Johannes Ernst, Phil Windley puts his finger on why defining "Digital Identity" is hard

Stupid Users?!

Valerie Steeves has just posted an article about he observations at the World Summit on the Information Society meeting on cybersecurity. She expressed concern about how a certain European delegate said, "It’s the stupid users. If we could just get them to use the technology properly, then we wouldn’t have a problem."

I've been reading Tom Peter's recent book(let) on Design. When talking about technology (and every tool we use was at some point "technology"), we tend to blame the user when problems come up. In reality, most of these problems are becuase the technology was not designed for the parameters of human capability.

For example, as I like to say, there is an impedence mismatch between digital security requirements and human brains. Specifically, human brains are not configured to remember and precisely reproduce many sequences of complex symbols -- so we should not be surprised when we discover that passwords (managed by humans) are one of the weakest links in computer security.

Valerie went on to talk about how people use the need for security as a way to justify compromising privacy of end-users. I agree. It is all too tempting to "solve" problems using brute force.

Stupid Users?!

Valerie Steeves has just posted an article about he observations at the World Summit on the Information Society meeting on cybersecurity. She expressed concern about how a certain European delegate said, "It’s the stupid users. If we could just get them to use the technology properly, then we wouldn’t have a problem."

I've been reading Tom Peter's recent book(let) on Design. When talking about technology (and every tool we use was at some point "technology"), we tend to blame the user when problems come up. In reality, most of these problems are becuase the technology was not designed for the parameters of human capability.

For example, as I like to say, there is an impedence mismatch between digital security requirements and human brains. Specifically, human brains are not configured to remember and precisely reproduce many sequences of complex symbols -- so we should not be surprised when we discover that passwords (managed by humans) are one of the weakest links in computer security.

Valerie went on to talk about how people use the need for security as a way to justify compromising privacy of end-users. I agree. It is all too tempting to "solve" problems using brute force.

Humans as Smart Cards

Valery pointed to a great quote in the “Network Security – Private Communication in a Public World” by Kaufman, Perlman and Speciener, Prentice Hall 1995 ISBN 0-13-061466-1.
Humans are incapable of securely storing high-quality cryptographic keys, and they have unacceptable speed and accuracy when performing cryptographic operations. (They are also large, expensive to maintain, difficult to manage, and they pollute environment. It is astonishing that these devices continue to be manufactured and deployed. But they are sufficiently pervasive that we must design our protocols around their limitations.)
The way I talk about it is that there is an impedence mismatch between the human brain and digital security requirements.

Humans as Smart Cards

Valery pointed to a great quote in the “Network Security – Private Communication in a Public World” by Kaufman, Perlman and Speciener, Prentice Hall 1995 ISBN 0-13-061466-1.
Humans are incapable of securely storing high-quality cryptographic keys, and they have unacceptable speed and accuracy when performing cryptographic operations. (They are also large, expensive to maintain, difficult to manage, and they pollute environment. It is astonishing that these devices continue to be manufactured and deployed. But they are sufficiently pervasive that we must design our protocols around their limitations.)
The way I talk about it is that there is an impedence mismatch between the human brain and digital security requirements.

Identity and Privacy in Security

As I reread my post on the problems with RFID passports (http://blog.onghome.com/2005/04/sanity-around-rfid-passports.htm), it occurred to me that there is a more fundamental observation that needs to be made here...

When designing security systems based on strong authentication and identities, privacy is an important dimension to consider. The US State Department thought we could have better security by introducing strong(er) digital identities in passport via RFID tags. They forgot (or didn't realize) that without privacy considerations, the strong identity could be used, perhaps lethally, against the identity owner.

This reinforces my belief in the importance of privacy (and the works of individuals like Stefan Brands) to ensure the digital identity systems we build are actually usable.

Identity and Privacy in Security

As I reread my post on the problems with RFID passports (http://blog.onghome.com/2005/04/sanity-around-rfid-passports.htm), it occurred to me that there is a more fundamental observation that needs to be made here...

When designing security systems based on strong authentication and identities, privacy is an important dimension to consider. The US State Department thought we could have better security by introducing strong(er) digital identities in passport via RFID tags. They forgot (or didn't realize) that without privacy considerations, the strong identity could be used, perhaps lethally, against the identity owner.

This reinforces my belief in the importance of privacy (and the works of individuals like Stefan Brands) to ensure the digital identity systems we build are actually usable.

InfoCard is Not the Identity Metasystem

Noted. Just been catching up on the chatter on InfoCard.

Most notable is the point that Johannes Ernst, Doc Searls and Dave Kearns are making that Microsoft's InfoCard is not the identity metasystem. At best, it is a component of the metasystem.

o Johannes Ernst, More on the relationship between InfoCard and the Identity Metasystem.
o Doc Searls, Distinguishing between the Identity Metasystem and InfoCard.
o Dave Kearns, Identity metamagic.
o Johannes Ernst, What might an "Identity Meta-System" be?.
o Doc Searls, Some questions about the Identity Metasystem.

See Also
o P.T. Ong, More on InfoCards.

InfoCard is Not the Identity Metasystem

Noted. Just been catching up on the chatter on InfoCard.

Most notable is the point that Johannes Ernst, Doc Searls and Dave Kearns are making that Microsoft's InfoCard is not the identity metasystem. At best, it is a component of the metasystem.

o Johannes Ernst, More on the relationship between InfoCard and the Identity Metasystem.
o Doc Searls, Distinguishing between the Identity Metasystem and InfoCard.
o Dave Kearns, Identity metamagic.
o Johannes Ernst, What might an "Identity Meta-System" be?.
o Doc Searls, Some questions about the Identity Metasystem.

See Also
o P.T. Ong, More on InfoCards.

Long-Lived Software

Been busy with work. Still am... but I did have some time to do some reading and thinking about the nature of systems we build.

To date, most of the software we build do not last very long. Heck, most movies have longer lifespans than most software. The people at the Long Now (www.longnow.com) suggest that we should think about the long term impact of the systems and constructs that we create. The net is here to stay, and because the shorter-term thinking of the builders of parts of the net (e.g. IP address spaces), we are stuck with significant limitations.

Dan Bricklin has written about long-term engineering as it applies to software (http://www.bricklin.com/200yearsoftware.htm, http://www.planetpdf.com/forumarchive/6.03.200YearSoftware.pdf). Bricklin emphasizes fact that the structure and culture of a typical prepackaged software company is not attuned to the needs of societal infrastructure software. He proposes that software engineers should learn from civil engineering.

As we embark on designing what could be the future of a permanent fixture in cyberspace -- the identity infrastructure -- we should be cognizant of the long-term impact of our actions and designs.

Long-Lived Software

Been busy with work. Still am... but I did have some time to do some reading and thinking about the nature of systems we build.

To date, most of the software we build do not last very long. Heck, most movies have longer lifespans than most software. The people at the Long Now (www.longnow.com) suggest that we should think about the long term impact of the systems and constructs that we create. The net is here to stay, and because the shorter-term thinking of the builders of parts of the net (e.g. IP address spaces), we are stuck with significant limitations.

Dan Bricklin has written about long-term engineering as it applies to software (http://www.bricklin.com/200yearsoftware.htm, http://www.planetpdf.com/forumarchive/6.03.200YearSoftware.pdf). Bricklin emphasizes fact that the structure and culture of a typical prepackaged software company is not attuned to the needs of societal infrastructure software. He proposes that software engineers should learn from civil engineering.

As we embark on designing what could be the future of a permanent fixture in cyberspace -- the identity infrastructure -- we should be cognizant of the long-term impact of our actions and designs.

One Level of Indirection

A claim I heard a while ago is that every problem in computer science can be solved by adding a level of indirection.

Upon a closer reading of Stephen DownesAuthentication and Identification, I realized he gets into a bit of a spot with his approach, and has to redefine what most of us would accept as authentication to self-identification...
It is common at this juncture to confuse an identity claim with authentication. For example, the presentation of a bank card (a token) to a bank machine, combined with an assertion (the keying of a PIN), is often taken to constitute a type of authentication. However, it is not; it is nothing more than the claim to be a certain person.
Many of us would rather refer to the above process as the authentication of the account holder’s identity to the bank machine with a bank card (what you have) and the PIN (what you know), as opposed to self-identification of the account holder to the bank machine.

Because Downes does not separate an entity from its identity (or identities), authenticating an identity is equivalent to self-identification of an entity. So, to Downes, if you authenticate an identity (or self-identify, in his terminology), you lose any control and privacy—hence the need to (somewhat awkwardly) differentiate self-identification from authentication. The point I made in an earlier post (Strong Identities Can Be Anonymous) is that an entity does not have to be bound to its identity. This level of indirection allows for anonymous identities, and addresses most of the privacy and control concerns Downes raises in his article.

Update (November 12, 2007)
Joe Long tells me it was Jim Grey who said that any programming problem can be solved by adding one level of indirection and that any performance problem can be solved by removing one level of indirection. (I should do some research on this.)

One Level of Indirection

A claim I heard a while ago is that every problem in computer science can be solved by adding a level of indirection.

Upon a closer reading of Stephen DownesAuthentication and Identification, I realized he gets into a bit of a spot with his approach, and has to redefine what most of us would accept as authentication to self-identification...
It is common at this juncture to confuse an identity claim with authentication. For example, the presentation of a bank card (a token) to a bank machine, combined with an assertion (the keying of a PIN), is often taken to constitute a type of authentication. However, it is not; it is nothing more than the claim to be a certain person.
Many of us would rather refer to the above process as the authentication of the account holder’s identity to the bank machine with a bank card (what you have) and the PIN (what you know), as opposed to self-identification of the account holder to the bank machine.

Because Downes does not separate an entity from its identity (or identities), authenticating an identity is equivalent to self-identification of an entity. So, to Downes, if you authenticate an identity (or self-identify, in his terminology), you lose any control and privacy—hence the need to (somewhat awkwardly) differentiate self-identification from authentication. The point I made in an earlier post (Strong Identities Can Be Anonymous) is that an entity does not have to be bound to its identity. This level of indirection allows for anonymous identities, and addresses most of the privacy and control concerns Downes raises in his article.

Update (November 12, 2007)
Joe Long tells me it was Jim Grey who said that any programming problem can be solved by adding one level of indirection and that any performance problem can be solved by removing one level of indirection. (I should do some research on this.)

The Life and Limb Problem

I had earlier written about the three problems with using biometrics as authenticators:
  • The Technology Problem
  • The Social Acceptability Problem
  • The Clonability Problem
I'm adding one more:
  • The Life and Limb Problem
This problem with biometrics became clear to me with a report by Jonathan Kent, Malaysia car thieves steal finger, on the BBC News. The problem with some (not all) biometric metrics is that we are measuring some aspect of a body part that is not (painlessly) detachable from the rest of the body. When identity theft is to be commited on systems with biometric locks, physical violence is a very real and possibly easiest option for the criminals.

The Life and Limb Problem

I had earlier written about the three problems with using biometrics as authenticators:
  • The Technology Problem
  • The Social Acceptability Problem
  • The Clonability Problem
I'm adding one more:
  • The Life and Limb Problem
This problem with biometrics became clear to me with a report by Jonathan Kent, Malaysia car thieves steal finger, on the BBC News. The problem with some (not all) biometric metrics is that we are measuring some aspect of a body part that is not (painlessly) detachable from the rest of the body. When identity theft is to be commited on systems with biometric locks, physical violence is a very real and possibly easiest option for the criminals.

Why I’m Passionate About Digital Identity

I drafted this piece a while ago in response to Johannes Ernst’s post Where have all the visionaries gone?. Initially, I thought it was a bit over-the-top for this blog; but upon reflection, touchy-feely might be just what we need...

The future I see is a world of real choices. Every possible “thing” can be connected to every other “thing”. Things organize to help us live more simply, if we choose. Or we can choose to observe the full complexities of a fully wireless, connected world that we can barely imaging today. Just like the forest – we can see it as an elegant entity, or a very complex ecosystem.

But yet we maintain a level of privacy greater than most of us know today. (None of these blunt identity devices like RFID’s in passports.)

The descendants of AI agents (that we used to tinker with in grad schools) help us to manage just about every aspect of our lives from our calendars, to our groceries, to our health, to our social lives... if we choose. And these are our agents, if we choose – or perhaps Google might provide them to us in exchange for being able to study our habits – and again, it is our choice.

Things that are potentially criminal cannot be carried out with anonymous identity, so crime is low. Things that are harmless to others can be carried out with full anonymity. (Yes, I realize the interesting debates, as always, will be around what should be criminal.)

My ideal future fuses the utopia of security, privacy, and choice. As a society, the trade-offs we make between security and freedom are real ones, not Hobson’s choices; and as individuals, we have the freedom to choose which society we want to live in.

The required work week is tending towards zero (because machines keep improving productivity), but we soldier on because we have hopes that go beyond survival and our current state of existence.

(And, oh yes, no hunger, wars, plagues.)

But, today, we don’t yet have the constructs to support this connected world. Our identity systems today are grossly inadequate. And identity systems need to be at the core of this future world. So, we think, we design, we build, we write. Hopefully, some of the efforts of our digital identity community ends up in the foundation of that future society. I fully expect so. Call me a dreamer.