A post over on Jerry Fishenden’s weblog announces Microsoft’s decision to join the UK’s Enterprise Privacy Group as a founder member.

The Enterprise Privacy Group is an association of organisations working in partnership to understand privacy-related issues and to achieve collaborative solutions.

The Enterprise Privacy Group’s activities are reviewed by an Advisory Group that includes The British Computer Society, The London School of Economics Department of Information Systems and legal firm Olswang. In addition, the Information Commissioner’s Office has taken up Observer status.

I’ve had a couple of interesting conversations about communication and information management and overload today. I’ve also read a few interesting posts on the subject of anonymity, starting with Eric Norlin’s post about Esther Dyson’s post on anonymity.

What I found interesting in the confluence of these ideas - anonymity and information overload, is that while

“The internet inexorably drags all information it touches into the public domain over time. The rate at which it drags that information is directly correlated to the amount of contact it has with that information.” (Norlin’sMaxim)

and

“In fact, we expect to see some people create decoy identities to throw surveillors off the scent, fighting too much information with disinformation and fake “kompromat” (compromising materials).”

it was Eric’s comment at the end that gave me pause for thought.

“My simple proof (back in 2002) was Google — google your name today and google your name 30 days from now. More information about it exists online 30 days from now.”

This is all well and good, but Google, for all it’s globalness, is still primarily an American search engine, with the vast majority of results stacked with American-centric results (which may or may not be a result of the majority of English web pages being based in the US). Which means when I Google my own name, you don’t actually get anything about me. Instead, you get my namesake. If you limit the search to UK pages only, while the first result is about me, it’s not about me. A link to a site I actually own, that contains my name, is at number 20. The rest, well… Stephen King’s books are far more popular than me.

So, what’s the point of this? Well, Esther talks about a loss of anonymity, while Eric talks about noting the changes when you Google your own name. Well, the way things are going, my answer to What won’t we have in 2035? would have to be my own public identity. The more information that is dragged into the public domain, the more dilution there will be of actual information, especially about anyone who shares a name with a famous or public figure.

Perhaps the art to being anonymous is to hide in plain site?

I’m going to echo one of the comments made on this post by Pat Patterson, Sun’s Access Manager technical architect:

Talk about obtaining more knowledge via blogs rather than from product docs ;-)

The post, titled What is Federation? goes into detail about federation and federated services, touching briefly on Liberty, SAML and even Shibboleth. Go read Pat’s post, or start with Rohan Pinto’s original post that led to Pat’s comments.

Technorati Tags: federation, federated identity, identity, digital identity

We recently held a seminar on Identity Management at the University, and the Identity Management website page about the seminar has now launched. This page contains brief information about the day, and links to download the various presentations made.

Our thanks go to all the attendees, and to Robin for kindly allowing us to make his presentations available.

Technorati Tags: Identity, Identity Management, Digital Identity, Sun, University of Salford

I was reviewing the Shibboleth specification today, and came across a process flow chart of the Shibboleth process. It looked familiar, (more so since Robin’s comments about the Chip & Pin service being an anonymous provider or an identity enabler rather than an identity provider) so I mapped it across the diagram I created the other day about the Chip & Pin network and identity transience.

Of course, it could just be co-incidental, but it looks good. (Click for a larger version)

Technorati Tags: Chip and Pin, Identity, Shibboleth, Identity Enabler, Identity Provider

I read Robin’s weblog every day, but oddly I saw this on Toby’s log first (which could be because I’m subscribed to Toby’s through bloglines). If you look at the bottom of the right-hand menu you will see a ClustrMap, a small image of the world which shows where this website’s visitors come from.

As a nice visual way of finding out where your readers come from this is fantastic. Looking at Robin’s, you can see he has readers from all over the world - including China…

I’ve read this before, but it really didn’t sink in until I re-read it today. This is something that bears watching, especially if they do deliver the infrastructure element they’re claiming.

I showed my last post to a few people, and got some feedback on the idea. Robin pointed out that in this instance the chip and pin acts more like an anonymous provider rather than a transient provider, since the mechanism is not actually providing the identity, it is simply enabling the delivery of identity assertions. He says:

For the merchant, sufficient ‘proof’ of the cardholder’s ID is that they appear to have correctly entered the PIN. (Actually, of course, the merchant doesn’t give a toss if you’re the real cardholder, provided he is sure of getting paid. This accounts for why people have successfully signed for stuff as ‘Mickey Mouse’ &c).

Which makes a lot of sense. More to come on this in the next few days…

I’ve just finished reading Jerry Fishenden’s eID - identity management in an online world paper, and whilst reading it I was thinking through various use cases and analogies related to federated identity in the real world, from the perspective of my own transient identity thoughts, and it suddenly occurred to me that we already have most of the infrastructure in place in the UK to roll out a national digital ID card.

We use them every day - chip and pin debit and credit cards. (more…)

For the day at least. It’s International Talk Like a Pirate Day today.

Yaaaarrrr!