[Wg-p3] A Suggested Policy Demarkation Point: Open Vs. Closed Identity Systems

Mark Lizar info at smartspecies.com
Mon Sep 21 03:55:31 PDT 2009


Hello All,

I have been pondering the merits of a more explicit policy paradigm  
between open vs closed id systems, and a discussion about this for the  
working group.

The issue being that public policy in closed identity systems or  
systems with limited user driven/managed/volunteered access, needs a  
different type of policy than open, user controlled systems.  In  
addition, I wonder if this type of conversation may actually provide a  
very useful distinction for Kantara driven activities?

Behind the distinction of open and closed there is a great deal of  
ideological, philosophical, technical, jurisprudence, and sociological  
thought that can be sorted and contributed to both sides of the open  
and closed identity paradigm. A discussion in this light might reveal  
a significant difference in public/privacy policy needed for these  
very different types of applied identity technologies.  From what I  
understand a great deal of the work done in Kantara is for open ID  
systems?   Does an open identity system need different levels or types  
of assurance for privacy than closed identity systems?

  Eg. Open Id systems, social networking is user controlled, adequate  
tools need to be in place for the user to control the policies and  
these policies need to be enforceable by the user.  Even against the  
owner of the social networking site.

  Eg. Closed ID systems, enterprise, healthcare, id cards, drivers  
licenses, phone numbers, direct marketing. A policy explicit example  
for the use of a closed id system may be the need to mandate against   
function creep and designed around very specific to purpose etc. (use  
Uprove technology etc.) With risk management, different types of  
public usable transparency, access, and control is more specific to  
constitutional rights, rather then contract rights.

Do others think this would be a useful distinction to make and point  
to discuss?

Overall, it seems current events are pushing the agenda of this  
working group, starting with the Open ID/Inforcard initiative, and the  
letter this group has worked on for ICAM.  Now the news of this round  
table, the FTC roundtable can also be used as an ‘agenda driver’ to  
get things moving, in this sense I think it would be difficult to  
develop policy with any force or meaning, if the policy didnt first  
engage with the wider Kantara community. I propose that we use the  
roundtable as an opportunity to take the FTC questions, develop a  
survey pilot it in our working group, then vote on passing the survey  
around the working groups to start a process of developing a common  
policy platform for this working group.

My two cents worth,


- Mark Lizar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kantarainitiative.org/pipermail/wg-p3_kantarainitiative.org/attachments/20090921/5e367cb0/attachment.html>


More information about the Wg-p3 mailing list