Bingo! Ever heard of Private Credentials?

Re-posted from archive of infinite ideas machine 2004: [LINKS UNCHECKED]

Dave Birch gets it.

From Second sight in Thursday’s Guardian:

The identities within these national ID computers [i.e. smartcards] used to transact business (in the general sense, such as voting, shopping, booking a squash court and every thing else) in terminals, over the internet and via the television set are therefore not “real” identities (whatever they may be) but virtual identities: a kind of identity that exists only inside computers. Identity management in the physical world using national ID computers will have to converge with identity management in the rest of the virtual world….

If this is to be the case, we need to enure that the way these virtual identities are created and used is what we, as a society, really want from the future. There is one particular thing I really do want from them: anonymity. Why should the virtual identity stored on my national ID card be limited to Dave Birch? Why can’t I have a couple? Why can’t my card tell the pub that I’m virtually King Arthur when I’m proving that I’m over 18? It’s none of their business who I really am.

It seems to me that this could be one of the most interesting features of identity computers: their ability to reveal relevant facts about a person (this person is allowed to enter this leisure centre, for example) while simultaneously keeping the person’s identity private.

This is a theme and principle that has underpinned the work I’ve been doing for years now in the voluntary & public sector. Why *should* people be expected to give over one bit more information than is necessary for the required transaction? It’s hardly as if any agency or organisation from the banks to charities (or even the church), the government to multinational corporations have proven themselves to be utterly ‘squeaky clean’ when it comes to abuse or misuse of personal information. Individual ignorance, accident and oversight account for some of this – but the institutionalised trading of personal data without the knowledge of the persons being referred to is not only big business, for some firms/sectors it’s a business model!

Just because we have to identify certain aspects of ourselves to certain individuals or authorities at certain times, does not mean we should have to provide them with loads of linked pieces of information about ourselves. With regard to CareZone, for example, we wanted kids on the system to be able to digitally establish that they were a looked-after child, and therefore entitled to access certain services, without exposing any unnecessarily-identifying personal information. To address this I designed a system of personae (virtual identities) that performed as more than just simple avatars within the online shared space: they also provided ways in which even very young children could safely understand, manage and use appropriate digital identities.

The approach I took at the time seemed related (at least in principle) to Stefan Brands’ ‘Private Credentials’, published by Zero Knowledge Systems in late 2000 [456 KB PDF file], but there are a number of other credential-based schemes – e.g. the electronic cash system described by Chaum (whose excellent 1992 Scientific American article on blind signatures, Achieving Electronic Privacy, I highly recommend), Fiat and Naor at Crypto ’88 – that might feasibly combine PKI & digital certificates to achieve the sort of anonymity (or just simple privacy!) that Dave Birch desires.

This entry was posted in ID cards. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.