... from the desk of Roger Sullivan

Wednesday, September 06, 2006

Comments on comments

Roland Sassen left a comment on my "...miles to go..." posting. Then Dave replied to my reply. I started a brief response, but got carried away ...

Yes, the technology exists (however exotic ala "Heartbeat-ID") to solve the personal identity portability problem. To a degree, that was exactly my point.

The issue remains that these technologies need to be deployed by reputable companies that I trust and that trust me - or the digital source of "me." This requires trust relationships between me, the Identity Provider(s) and the Service Provider(s). And the degree of trust is directly related to the "worth" of the transaction. Today, we're very much in a Jerry Maguire world. "Show me the money!" … and I’ll consider employing you as my [identity] “agent.”

There's a difference between needs of convenience, finance and well-being. The latter two are very important to my family and me and I'm willing to trade off (some) privacy concerns for personal gains that are financial or well-being (e.g. health, government services, etc.).

On the other hand, I will strictly control my privacy disclosure for relationships that are merely conveniences to me on the assumptions that: 1.) It’s none of their business; 2.) They don’t have a legitimate need to know; 3.) I don’t know what actual safeguards are in place to protect the data; and, 4.) I don’t know what they really intend to do with the information once it crosses the ether into the Service Provider bit buckets.

Years ago, the bank set all the rules for the one-to-one relationship. "Here are our conditions under which you may open a checking account, Roger." Today, information is shared with government agencies to try to prevent me from doing bad things with the money and/or discover if I am. Additionally, the regulators impose rules on my banking relationship that are beyond the control of the bank or me. It's the nature of the modern world. If I want the convenience of a checking account, I need to accept these rules. They were in full play when I opened a new bank account during my recent move.

These relationships are expanding and becoming one-to-many or even many-to-many involving businesses and consumers.

It is in this area where deployments are wrestling with the 'boundaries' between their needs, the needs of the consumer and the needs of their trading partners. These are not technical boundaries or limitations. They are all about contractual relationships – written or implied. It is difficult enough to establish these relationships where two parties are concerned. Add a third party (or four or five parties), and the complexity goes up exponentially.

The fact of the matter is that there are relatively few of these large-scale commercial deployments in place today where the interconnectedness could be leveraged as I wished to do. As these grow and we all become more experienced, that experience will trickle down to the “convenience” applications. The examples that I was trying to give were in the “finance” and “well being” categories – not convenience. Very few of these companies have the experience or willingness to extend their B2B or B2B2C mission-critical applications into an unknown world where users control virtually all elements of their identity information.

Market places require sellers and buyers. They don’t exist without both. Right now, I think that there are buyers who understand the need and would appreciate a solution. However, there are few sellers willing to participate in that market place under those terms – at least for the moment.

Cash still works, but it’s an inconvenient way to pay the bills.


Post a Comment

<< Home