The first problem is that TypeKey encourages the wide distribution of a single unique identifier for it’s users – all over the net. Each site that uses TypeKey is given the same unique identifier for a user. This makes it significantly easier to invade the privacy of the users. For example if I visit sites on: depression, cats, damsels in distress, and terrorist strategies this unique identifier enables other parties to collect all that information about my behavior.
The fix is simple. Don’t hand out a universal identifing token!
Instead TypeKey should hand out a different token to each site. If the site wishes to obtain additional information it’s users it then has two choices. It can ask the user. It can go back to TypeKey. That matches up with user’s expections. Users do not expect sites that want to know more about them to go around conspiring with other sites.
Of course an identity system isn’t much use if you can’t use it to find out more about users. So the current design allows sites to query TypePad: “Tell me about user 12.” This needs to change so they ask: “This is site 35 tell me more about user 14.” TypePad can then assure it only tells sites it trusts this additional information. As an added benefit this also allows TypePad to let users configure exactly what things should be revealed to which sites.
Nothing about this alternative design precludes users from revealing as much as they like. What’s key is not to build a system that enables unnecessary revealing. Particularly not revealing by parties who users just happen to interact with incidentally.
I’m sure that it wasn’t Six Apart‘s intent to create a foundation that helps to enable invading user’s privacy. But sadly that’s what they are headed for.