ID Cards Break the Laws (of Identity)
Regular readers of this blog will know that I follow the wacky world of ID cards and related matters quite closely, and it will come as no surprise that the following "short version" of the Laws of Identity by Mr Identity himself, Kim Cameron, piqued my interest:
People using computers should be in control of giving out information about themselves, just as they are in the physical world.
The minimum information needed for the purpose at hand should be released, and only to those who need it. Details should be retained no longer than necesary.
It should NOT be possible to automatically link up everything we do in all aspects of how we use the Internet. A single identifier that stitches everything up would have many unintended consequences.
We need choice in terms of who provides our identity information in different contexts.
The system must be built so we can understand how it works, make rational decisions and protect ourselves.
Devices through which we employ identity should offer people the same kinds of identity controls - just as car makers offer similar controls so we can all drive safely.
What struck me was how badly our dear ID cards will do against these, especially:
It should NOT be possible to automatically link up everything we do in all aspects of how we use the Internet. A single identifier that stitches everything up would have many unintended consequences.
I think we can safely say that however they implemented, the UK ID card will comprehensively break these laws of ID, not least through the process of "stitching everything up"...