Is Identity About Ownership or Assertion? is an article by Eric Norlin as part of the DigitalIDWorld conference. Summary: “The Digital Identity ecosystem is a large one. One of the corners of that ecosystem is the “social software” movement. Many of the individuals and companies involved in social software talk about identity in terms of ownership. In this article, Eric examines whether the power of identity lies in ownership or assertion…”
My problem with this article is that Eric doesn’t ground what he’s referring to when he talks about idenitity. From my definition of “idenity” there’s no question about who owns identity. Identity can only be owned by the individual, because it is far more than simply the validity that someone exists. The problem is that most people think of identity as what facets people present, what data people produce, and what bits can provide authentication. The thing is that identity can’t be copied and stored, but the pointers to and output of one’s identity can be.
Also, when it comes to the power of assertion regarding one’s identity, everyone must read Judith Donath’s “Identity and Deception in the Virtual Community.”
Once I managed to Google up the article you’re talking about and actually read it, it was clear to me that you have kind of mangled the argument the guy makes in the course of summarizing. The point is that one’s relationship to one’s digital ID can’t be well understood in terms of an ownership model. Does a person “own” their name? Does “That’s my name, don’t wear it out” now have actual validity in a court of law? If people asserted ownership over personal names, you’d have a lot of James Browns fighting for a slice of the pie. Some information has to remain in the “public domain” if we are to function socially at all (my name, my social security, my number in the telephone book, the whois data for my URL) while some has to remain private (credit card numbers). Sometimes we rely on private information (a PIN number we store with our bank) to validate our identity, sometimes we use a trusted third party (Jason will confirm that I once ate lunch with Nick Denton). Both have to do with “verifying an assertion,” it seems to me. So that model does seem to make more sense, if this guy’s complaint about the social software gang is not a straw-man argument. Who knows? No time to hunt down the linakge right now.
D’oh! My apologies for not providing the link the first time – thanks for catching that!
Actually, what i’m arguing is that i take issue with the (ab)use of the term identity to reference simply the data bits that provide authentication. I believe that one’s identity reaches far deeper than one’s name, SSN and other data that operate simply as pointers to a unique physical body. Authentication is only one part of the actual issue.
Yet, when we refer to asserted elements of identity, we run into more than simply authentication. I assert that i’m a bodybuilder. Who will validate that? What does it mean to validate that aspect of my identity? What are the implicatios of the identity bits that i assert at Friendster? Who has the authority to validate that which i assert about myself?
My frustration is simply that people use the term identity without talking about which portion of it they are referring to. Is Eric simply referring to the portions about identity that authenticate someone’s existence? Probably not, because he’s asking about nuanced elements of our identity in reference to our social network. What happens when i say that you are my friend but you say you don’t know me well enough? Who validates that assertion? We’re probably both right even though it seems like a conflict. This is a totally different value and perspective on identity than authenticated identity.
Sorry to not be clear!