RE: Kim Cameron's Laws of Identity

Shouldn't that include the right of proof that all data on a social web site
has been permanently deleted when requested?

 

len

 

-----Original Message-----
From: public-xg-socialweb-request@w3.org
[mailto:public-xg-socialweb-request@w3.org] On Behalf Of Melvin Carvalho
Sent: Wednesday, January 20, 2010 5:05 PM
To: Harry Halpin
Cc: public-xg-socialweb@w3.org
Subject: Re: Kim Cameron's Laws of Identity

 

This is great also:

A Bill of Rights for Users of the Social Web
Authored by Joseph Smarr, Marc Canter, Robert Scoble, and Michael Arrington

http://opensocialweb.org/2007/09/05/bill-of-rights/
<http://opensocialweb.org/2007/09/05/bill-of-rights/> 

We publicly assert that all users of the social web are entitled to certain
fundamental rights, specifically:
Ownership of their own personal information, including: 
- their own profile data
- the list of people they are connected to
- the activity stream of content they create;
- Control of whether and how such personal information is shared with
others; and
- Freedom to grant persistent access to their personal information to
trusted external sites.

Sites supporting these rights shall:
- Allow their users to syndicate their own profile data, their friends list,
and the data that's shared with them via the service, using a persistent URL
or API token and open data formats;
- Allow their users to syndicate their own stream of activity outside the
site;
- Allow their users to link from their profile pages to external identifiers
in a public way; and
- Allow their users to discover who else they know is also on their site,
using the same external identifiers made available for lookup within the
service.



On Wed, Jan 20, 2010 at 11:35 PM, Harry Halpin <hhalpin@ibiblio.org
<mailto:hhalpin@ibiblio.org> > wrote:

Following our phone call, here's some other "rules" for social web
work, including identity:

1. User Control and Consent:

   Digital identity systems must only reveal information identifying
a user with the user's consent.

2. Limited Disclosure for Limited Use

   The solution which discloses the least identifying information and
best limits its use is the most stable, long-term solution.

3. The Law of Fewest Parties

   Digital identity systems must limit disclosure of identifying
information to parties having a necessary and justifiable place in a
given identity relationship.

4. Directed Identity

   A universal identity metasystem must support both
"omnidirectional" identifiers for use by public entities and
"unidirectional" identifiers for private entities, thus facilitating
discovery while preventing unnecessary release of correlation handles.

5. Pluralism of Operators and Technologies:

   A universal identity metasystem must channel and enable the
interworking of multiple identity technologies run by multiple
identity providers.

6. Human Integration:

   A unifying identity metasystem must define the human user as a
component integrated through protected and unambiguous human-machine
communications.

7. Consistent Experience Across Contexts:

   A unifying identity metasystem must provide a simple consistent
experience while enabling separation of contexts through multiple
operators and technologies.

In full, on his website [1].

Here's a poster, quite nice [2].

[1] http://www.identityblog.com/?p=353 <http://www.identityblog.com/?p=353> 
[2]
http://www.identityblog.com/wp-content/images/2009/06/7_Laws_of_Identity.jpg
<http://www.identityblog.com/wp-content/images/2009/06/7_Laws_of_Identity.jp
g> 

 

This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail.