Identity Management From the Personal POV

Google provides a dashboard where you may view and edit the information it collects about you, and set policies for its collection of info in future. Google also describes data it collects that is not editable here.

It’s an interesting interface as much for what it implies as for what it states. Since multiple services, such as Gmail and Picasa, collect personal information independently, any inaccuracies in the various profiles could potentially be identified and corrected. For instance, my gmail profile lists Afghanistan as my location, but I’ll bet that, between Picasa, my calendar info, and various other indicators, that I’m not fooling anyone.

In combination with my Amazon, Chapters, Facebook and UVic information, I suppose there is a very strong connection for public and private institutions between my digital presences, my body, and, my interior life (especially as it pertains to spending money).

Identity Management is a computer science/management term to describe systems for collecting personal information and ascribing permissions to individuals. As we conduct more of our lives via computers, the control of this information, in terms of what is collected and how it is shared, is becoming more important. It’s a commonplace now that when we are offered a ‘free’ service such as Facebook, we are not in fact the patrons but the product. Many assert that this is the trade-off for the use of the service, but there is no room for negotiation. EULAs are mis-named for this sort of service. They should be called information collection agreements. Perhaps people should be reimbursed in dollars for the sale of this information.

There are many dimensions of this problem, and there is an open access journal devoted to the topic: Identity in the Information Society. Some of the issues are distinctly legal. In A Whole New ….You? ‘Personal Identity’, Emerging Technologies and the Law New Zealand law professor Colin Gavaghan discusses the philosophical assumptions about personal identity that underlie many legal concepts.

My conversations with my lawyer include emails with documents attached in PDF form. It would be great if I could manage who gets to see that stuff, and the encryption technology is available. What is lacking is a scheme by which I can determine policies and enforce sharing restrictions. The same issue of this journal has a paper suggesting a model for doing just that: A Persistent Data Tracking Mechanism for User-Centric Identity Governance.

Comments are closed.