I want to start off by saying that I am in agreement with Kim’s Fourth Law of Identity … however it did get me thinking about ‘public’ and ‘private’ … ‘omnidirectional’ and ‘unidirectional’ …
The Fourth Law of Identity
The Law of Directed Identity
A universal identity system MUST support both “omnidirectional”
identifiers for use by public entities and “unidirectional” identifiers
for use by private entities, thus facilitating discovery while
preventing unnecessary release of correlation handles.
First, when I think about identity, I now believe that a ‘public’
identity is really just a ‘default’ identity. This is what we are
willing to expose to anyone, anyplace, and at any time. If I look
at the ‘real world’, we have certain characteristics and behaviors that
we are willing to expose when we go out in public. We then might
meet up with someone else, and choose to exchange other information
‘privately’, however we actually reveal something about ourselves even
when we perform a ‘private’ exchange of information. Kim stated:
Entities that are public can have identitifiers that are
invariant and well-known. These identifiers can be thought of as
beacons, emitting identity to anyone who shows up – and thus being in
essence “omnidirectional” (they are willing to reveal their existence
to the set of all other identities).
I agree with this … for any provider of good or services to be
known, they must expose some sort of information to be
discovered. It could be that the entity might choose to ’emit
this beacon’ all of the time … or maybe to sit quietly waiting for
the detection of another entity. In either case, once the
‘omnidirectional beacon’ has been emitted, there is a way to reference
the source entity.
What I like is the second example:
A second example of such a public entity is the “polycomm”
which looms large in the scenario we chose as a backdrop to the present
discussion. The polycomm sits in a conference room in an enterprise.
Visitors to the conference room can see the polycomm and it offers
digital services by advertising itself to those who come near it. In
the thinking outlined here, it has an omni-directional identity.
This is no really big deal … it makes common sense … however:
Similarly, when entering a conference room furnished with
a polycomm, the omnidirectional identity beacon of that polycomm can be
used by the owner of a cell phone to decide whether she wants to
interact with it. If she does, a short-lived “unidirectional” identity
relation can be created between the cell phone and the polycomm – and
used to disclose a single music preference without associating that
preference with any long-lived identity whatsoever.
I’m not so sure that this is truly ‘unidirectional’ since
there are other artifacts of the ‘short-lived unidirectional identity
relation’ that could be observed. I might not be able to
determine the exact details of what is transferred, however I could
easily – with the assistance of some others in the room – triangulate
on the source of the signal and locate the owner of the cell
phone. I could then couple this with other visible or audible
information to begin the process of compiling a profile of that
person. So is this ‘private’?
Of course the owner of the cell phone could also
collaborate with others in the room to all initiate communications with
the polycomm at the same time, and the polycomm could be configured to
add random timings to assist with masking the true source of the music
preference, however this then still potentially identifies the ‘crowd’
or ‘community’ that is the source of the communications.
When I was working on digitalMe, I followed the work of the AT&T “Crowds” project … and also the Lucent Personal Web Assistant project.
Both of these convinced me that there might not really be a way to be
truly “private” … and that the best we can hope for is to hide in a