As outlined in this model one way to look at the identity problem is that information about a user flows out from their activities and then is passed – behind their back so to speak – to third parties that then aggregate models of the user. Those third parties then sell those heuristically built models to fulfill the demand for a better user model.
That process makes users reluctant to reveal information to other parties. They have no assurance that the information they reveal will “go no further”.
At the nub of this problem is the contract, implicit or explicit, that governs that revealing. For example if the user could get a signed non-disclosure agreement each time he reveals some information his confidence that his privacy could be protected would increased. The identity business could help with this.
This is one reason that corporate people often say that technically the identity problem is easy, but the business agreements are very very hard.
Today users contractual deal with the web services they reveal information to are governed by the privacy policies of those sites or the PPA (Privacy Protection Acts) of the relevant industries. The protections afforded are typically very thin. Web sites want to keep their options open. Web sites can’t afford to negotiate a distinct binding agreement with each and every user.
It isn’t practical to assume that one privacy contract/regulation will cover all cases. I want a different one for my home address, my phone number, my library records, my academic records, my performance reviews etc.
Problems of this kind can be solved in only two ways. You can set a very low baseline and then add protections; or you can set a very high base line and then open permissions. In a safe environment you can adopt the first design pattern, in a risky environment you must adopt the second.
This is possibly the hardest transition that must be managed in solving the identity problem. How do we bootstrap a very strict contractual/regulatory center piece and then empower the users and web sites relax that for individual cases.
Consider the FOAF directory service outlined in a previous posting. Could we write a contract we bind the web services to that strictly limits what they can do with the information they glean from the FOAF we helped them find? Would that frustrate any attempt to get the system to grow?