Kim Cameron posted a busy person’s summary of the Laws of Identity and invited comments. Here is my version.
The Laws of Identity are fulfilled when …
- Individuals using computers can be in control of the information they give out about themselves.
- Individuals can give out just the information needed for the purpose at hand, and only to those who need it.
- 3rd parties can not link up all the ways individuals have used the Internet. For example, an individual always using a single identifier would be a big mistake.
- Individuals can choose who provides their identity information to whom and for what purpose.
- Individuals can understand how the identity system works and are able to make rational decisions and protect ourselves.
- Individuals can operate the identity system with a universally consistent, comprehensible user experience even though behind the scenes, different technologies, identifiers and identity providers are being used.