A nice simplification of the ‘laws of identity’

– People using computers should be in control of giving out information about themselves, just as they are in the physical world.

– The minimum information needed for the purpose at hand should be released, and only to those who need it.

– Details should be retained no longer than necesary.

– It should NOT be possible to automatically link up everything we do in all aspects of how we use the Internet. A single identifier that stitches everything up would have many unintended consequences.

– We need choice in terms of who provides our identity information in different contexts.

– The system must be built so we can understand how it works, make rational decisions and protect ourselves.

– Devices through which we employ identity should offer people the same kinds of identity controls – just as car makers offer similar controls so we can all drive safely.