Core Concepts in Identity

One of the reasons that digital identity can be such a challenging topic to address is that we all swim in the sea of identity every day.  We don’t think about what is really going in the transactions….and many different aspects of a transaction can all seem do be one thing.  The early Identity Gang conversations focused a lot on figuring out what some core words meant and developed first shared understanding and then shared language to talk about these concepts in the community.

I’m writing this post now for a few reasons.

There is finally a conversation about taxonomy with the IDESG – (Yes! after over a year of being in existence it is finally happening (I recommended in my NSTIC NOI Response  that it be one of the first things focused on)

Secondly I have been giving a 1/2 day and 1 day seminar about identity and personal data for several years now (You can hire me!).  Recently I gave this seminar in New Zealand to top enterprise and government leaders working on identity projects 3 times in one week.  We covered:

  • The Persona and Context in Life
  • The Spectrum of Identity
  • What is Trust?
  • A Field Guide to Internet Trust
  • What is Personal Data
  • Market Models for Personal Data
  • Government Initiatives Globally in eID & Personal Data

[Read more...]

Web Wide Sentence Level Annotation ->

I first met Dan Whaley last spring via an introduction from Jim Fournier co-founder of Planetwork.  I was inspired by the vision he was working on building -  a way to have sentence level annotation of news and other articles on a web wide scale. Really a foundation for peer review on the web. The motivation for his work is to support greater discernment of the truth around climate change and other key issues facing our society and our planet.  (Another area I could see this being really useful right now is around accountability in the financial system and ways to make that real.)

He asked me to be a part of the project as an advisor particularly around identity issues and technology options for identity.  He is taking my advice and coming to IIW this coming week.  Its an honor to be amongst other distinguished advisors like Brewster Kahle,  John Perry Barlow,  Mark Surman and others..

He has been working on a development plan and has a solid on one in place.  He has launched a Kickstarter Campaign and  stars in the video that articulates the vision of the project.  If you are inspired by the vision I encourage you to contribute.

NSTIC Response by Identity Woman

Context for my response to the NSTIC Governance NOI

Table of Contents to Blog Posts of My Response

My Complete Response in PDF form Kaliya-NSTIC-NOI

Introductory Letter of the Response.

Context for my NSTIC NOI response

I surprised myself when writing my response to the NSTIC (National Strategy for Trusted Identities in Cyberspace)  Governance NOI (Notice of Inquiry).  I wasn’t sure exactly what I was going to say because the questions seemed like they were way ahead of where they should be interms of where things were.  I decided to begin by sharing important Context, Frames and Terms that were important before getting to the Questions of Governance and what should be done now.

I began with the word Ecosystem – what it meant and that a system was at the heart of this strategy not something simple or easily actionable.

I touched on the history of the Identity Community and how much conversation and intensive dialogue happened amongst that early community to get to a place where collaboration was natural and “easy”. A huge amount of effort went into developing shared language and understanding then and this is needed once again.  The range of self identified stakeholders for NSTIC is quite large (the range of not self identified stakeholders it could be said is everyone on the planet or at least all those with a digital connection (via phone or interent).

I put forward two different methods/tools/processes that could be used to form shared language and understanding across this stakeholder community Polarity Management and Value Network Mapping.

I suggest that the governance structure proposed a “steering group” actually have a mandate to regularly listen to and act on the recommendations of the system that are generated via 3 different well established dialogic processes (Creative Insight Council, World Cafe and Open Space Technology [What we use at IIW]. I then answer the NOI questions referencing the ideas above.

I am going to be posting the whole of my Response in a series of posts and linking them all from there.

I began with one earlier last week which is focused on “trust” both as an emergent property of the overall system AND as the current name of technology and policy/legal frameworks for identity creation.

Links to NSTIC Response Posts: (posts are in the process of being published should be up by Wednesday Sept 14th)

Here is the my opening to my response:

Dear Patrick Gallagher and Jeremy Grant,

The challenge of fostering the emergence and governance of an Identity Ecosystem is vast. I do think it is possible for a thriving ecosystem to emerge with the application of the best of available organizational, deliberative and governance processes and structures.

The high level vision outlined in the NSTIC has buy-in from a broad group of stakeholders. Making it real will involve government participation with the private commercial sector and civil society groups (neighborhood associations, schools, religious institutions, sports leagues, advocacy groups). The government also can’t abdicate responsibility and just collaborate with the private sector because its job is to be an advocate for the people and ensure that the guiding principles are not left behind because they are inconvenient or perceived to cost too much. The private sector is not just the largest IT companies, and government must remember to foster some space for new innovations to emerge. Government must, in this startup phase, develop with the broadest possible range of stakeholders, agree upon metrics (both qualitative and quantitative) for ecosystem health, balance and success, and have in place systems to monitor and feed back to the system the results from the agreed-upon indicators.

The danger of creating an unbalanced (in a range of ways) ecosystem is also present. On the one hand, because it could become very easy for virtually any company online to request highly validated identities and require the presentation of identifiers associated with “real legal name” credentials for almost all transactions and comments. This is an inhibitor of civil freedoms and creates a participatory panopticon

situation. On the other hand, a diverse range of accountability networks may not gain adoption because they are not well understood and therefore transactions online decline or people retreat into private commercially-controlled silos.

I open my response by diving into some of the terms and frames that are in NSTIC and used to talk about identity generally, along with examples from my community context. Within the history of the user-centric identity community are some key insights into how to best proceed with developing common stakeholder alignment towards collaborative action to make the vision presented in NSTIC a reality.

You will notice I take the liberty to craft questions that I wish were in the NOI. I added them because it is systems seeing and insight that will be key to effectively “steering”, or to use a more appropriate metaphor, catalyzing industry to move towards making the NSTIC vision of interoperable accountability frameworks and interoperable technologies for identities.

In the last 6 years I have worked with many talented systems thinkers, process innovators,  facilitators, and I have invited four of them to contribute in this response with me listed above as co-authors of particular sections.

My overall goal in this response is to outline several processes and structures that:

  • cultivate shared language and understanding,
  • collaboratively develop maps of common understanding of issues, ecosystem roles and value flows,
  • facilitate efficient information sharing,
  • provide efficient systems synthesis,
  • provide unique analytical tools,
  • allow the system to find pulse points to measure success and warn of imbalances,
  • have the potential to foster broad legitimacy with disinterested citizens (who after all are the ones with the identities, identifiers and claims) and
  • most importantly, foster collaboration and shared action by the wide pool of interested stakeholders working on making an Identity Ecosystem real.

I describe how they can be applied to the development of, leadership of, and ongoing accountability to all stakeholders of a “steering group”.

Because of the length and depth of my response, I have added a Table of Contents beginning on the next page.

Please let me know if you have any questions about this document.  I would be happy to answer them. I look forward to continued participation in this process.


-Kaliya, Identity Woman

IIWX Internet Identity Workshop 10, Introductory Talk

I gave this talk at the 10th Internet Identity workshop reviewing the shared history, language, understanding and work we have done together over the last 6 years of community life.

Part of this presentation touched on a timeline of events in the community. Those and more are reflected on this timeline that is beginning to be developed here. IIW11 will be November 9-11 in Mountain View, CA The first ever IIW outside the Bay Area will be happening September 9-10 in Washington DC following the Gov 2.0 Summit with the theme Open Identity for Open Government. The first IIW in Europe will be happening in London likely October 9-10 (dates still to be confirmed) prior to RSA Europe. If you would like to know about when the next IIWs have registration open please join this announce list. TheIdentity Gang is the community mailing list where conversations are ongoing about identity. You can follow modest updates about IIW on twitter via our handle – @idworkshop You can see IIW 10 attendees on our registration page.

Personal Anchors on the Web for Digital Identities

I have been evangelizing about user-centric identity on the web 5 years. I talk about the ideas with people constantly explaining and re-explaining different developments in the field, forward looking projects and visionary ideas community members talk about. I watch what I say carefully and I notice when I start thinking and explaining something differently.

The new term that has emerged for me this week is “anchor on the web”... as in Where is your anchor on the web? or People have an anchor on the web – this is there “identity” – the question is do they control (owning a domain name) it or is it controlled by the company that does.


I link this metaphor because it evokes the image of a boat that is you and an anchor that is linking you to somewhere – do you want this to land in a stable place that you have control over? Likely yes – if you anchor to someone else’s ship (have your name in their domain space) you are literally tied to them. Rather then being able to visit them on your own terms and leave if you like.


You can get copies of these images under CC license here.

In my last post I talked about facebook URLs and people getting their own domain name along with the contrast of usability with each. Chris Messina also wrote about facebook URLs and correctly points out that this is a battle over your digital identity.

I got a comment today from (they also have a blog) saying I was absolutely right about usability issues that domain registrars have.

You are absolutely right. It’s a common problem of domain registrars / hosting providers. They’re too focused on up-selling other services and the secondary market instead of serving the actual internet user. We’re watching the identity community closely with iWantMyName and will definitely provide identity management features in the future. For now, we already made the domain registration process easy and are helping users setting up apps like Gmail, Tumblr, Posterous etc.

Coincidently – today at SemTech the CEO of Nombray presented as part of Chris Saad’s talk about DataPortability. They let you very easily create a website under your own domain name that aggregates your information from around the web. I haven’t paid the $10 yet but I was very impressed with the usability of the sign up process and you can see my the 1/2 working site here.

There is of course too – but some how it feels a bit more like being tied to somewhere then actually owning your own domain (paying for it) and setting up the services under it.

The next level of interoperability and user-empowerment will be the way these systems map/document your online life and how they give you the data in a standard way when you leave their service to go to a different one.

I am hopeful these sites are the basis of what will become personal data stores that project VRM has brainstormed about and people/companies are developing.

UpDate: Wow and that was Post: 1000 for this blog!