W3C home > Mailing lists > Public > public-xg-socialweb@w3.org > January 2010

Re: Kim Cameron's Laws of Identity

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Thu, 21 Jan 2010 00:03:59 +0100
Message-ID: <9178f78c1001201503pc934139k686ef94b10178356@mail.gmail.com>
To: Harry Halpin <hhalpin@ibiblio.org>
Cc: public-xg-socialweb@w3.org
This is great also:

A Bill of Rights for Users of the Social Web
Authored by Joseph Smarr, Marc Canter, Robert Scoble, and Michael Arrington


We publicly assert that all users of the social web are entitled to certain
fundamental rights, specifically:
Ownership of their own personal information, including:
- their own profile data
- the list of people they are connected to
- the activity stream of content they create;
- Control of whether and how such personal information is shared with
others; and
- Freedom to grant persistent access to their personal information to
trusted external sites.

Sites supporting these rights shall:
- Allow their users to syndicate their own profile data, their friends list,
and the data that’s shared with them via the service, using a persistent URL
or API token and open data formats;
- Allow their users to syndicate their own stream of activity outside the
- Allow their users to link from their profile pages to external identifiers
in a public way; and
- Allow their users to discover who else they know is also on their site,
using the same external identifiers made available for lookup within the

On Wed, Jan 20, 2010 at 11:35 PM, Harry Halpin <hhalpin@ibiblio.org> wrote:

> Following our phone call, here's some other "rules" for social web
> work, including identity:
> 1. User Control and Consent:
>    Digital identity systems must only reveal information identifying
> a user with the user’s consent.
> 2. Limited Disclosure for Limited Use
>    The solution which discloses the least identifying information and
> best limits its use is the most stable, long-term solution.
> 3. The Law of Fewest Parties
>    Digital identity systems must limit disclosure of identifying
> information to parties having a necessary and justifiable place in a
> given identity relationship.
> 4. Directed Identity
>    A universal identity metasystem must support both
> “omnidirectional” identifiers for use by public entities and
> “unidirectional” identifiers for private entities, thus facilitating
> discovery while preventing unnecessary release of correlation handles.
> 5. Pluralism of Operators and Technologies:
>    A universal identity metasystem must channel and enable the
> interworking of multiple identity technologies run by multiple
> identity providers.
> 6. Human Integration:
>    A unifying identity metasystem must define the human user as a
> component integrated through protected and unambiguous human-machine
> communications.
> 7. Consistent Experience Across Contexts:
>    A unifying identity metasystem must provide a simple consistent
> experience while enabling separation of contexts through multiple
> operators and technologies.
> In full, on his website [1].
> Here's a poster, quite nice [2].
> [1] http://www.identityblog.com/?p=353
> [2]
> http://www.identityblog.com/wp-content/images/2009/06/7_Laws_of_Identity.jpg
Received on Wednesday, 20 January 2010 23:04:33 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:22:08 UTC