Interwhat?

[Dave Birch] At the European e-ID conference in Leuven last month, a few basic conclusions were established early on in the proceedings: there is precious little interoperabilty across borders and it’s not obvious what to do about it, although the general idea of moving away from interoperable infrastructure and towards gateways to the “magic bus” seemed to have some currency. Not everyone was as downbeat as me. Perhaps the whole idea of pan-European interoperability is simply too big too take on and it might be better to refocus on more limited but more practical goals. The idea of a few national gateways that could interoperate may be more manageable and I did get involved in a couple of discussions about the layers that would be needed to make this happen. But on reflection, it was another idea that might have more success (because of a more decentralised nature): instead of trying to construct a system for interoperability, try to construct a market.

One idea that did catch my attention was the idea of ratings or stars based on authentication policy as the basis for a sort of trust, combining eBay-style (as was) community-based ratings with degrees of authentication to give a reasonably granular set of conditions under which identities may be accepted in different circumstances. If it were left to the market rather than, say, the European Commission, to determine pricing then one might assume that organisations and individuals would gravitate to the appropriate level for their transaction.

What does this mean? Well, it means that you wouldn’t ask for someone’s ID card and fingerprint authentication when all you want to know is whether they are over 18 or not (because it would cost too much). But it also means that you might often support quite important decisions (eg, shall we let this person into our World of Warcraft guild) on the reputation attached to their digital identity within a community — not necessarily your community, but a community that you trust — rather than an external reference (eg, the government) or rating system.

I used that example because a Gartner survey of 4770 internet users across the world found web users spend most of their online time on email, followed by information gathering; internet banking; sharing photos and videos (in effect, social networking); maps and transport information; and online shopping. Pretty much as you would expect, because that mirrors your usage. But when you look at the online habits of 13 to 18 year olds, a different picture emerges: they spend their time in communities of one kind or another, communicating with each other (and I know, from first hand experience, that they communicate comfortably through a variety of identities). Whereas we (ie, older persons) are stuck in a paradigm of external authentication and “ranking”, younger persons are not, so they naturally adjust to the idea that identity is not something granted by authority but constructed in a communities and transmitted between them.

So back to my hobby horse. We need to create identity infrastructure for the future, not the past, and trying to treat identity in the modern age as an electronic representation of pieces of cardboard, issued by one public authority and read by others, cannot possibly support individuals, business, organisations or, for that matter, governments in the 21st century.

These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]