Whose Identity is it anyway ?

I attended last Monday's Mobile Monday / Identity Society meeting dealing with Mobile Identity.

The session started with 4 presentations:

Jim Cray of Sun went through the Sun Identity Manager service, which I suspect most Identity fundis know well, but did make the interesting point that today customers want Identity as part of the platform, not an optional plug in. (We are seeing the same thing)

Dave Birch of Consult Hyperion talked about Identity as a Utility, and the need for an "endgame" vision of Identity that can help prevent abuses where people ask for far more data than they need (he gave the example of a nightclub that collected a lot of personal data just to establish whether people are under age.)

Dr Janko Mrsic-Flogel talked about the things Transport for London is doing in integrating their real time schedule data with people's mobile phones to give travellers a far richer view of the travel info and reduce travel stress. Most excellent! It uses Near Field Comms, so that was interesting too.

Ben Whitaker of Masabi talked about their new technology that allows 2 orders of magnitude better security over other 2-factor authorisation techniques, and to massively reduce the "man in the middle" effect. It is a creative approach, so good luck - but man in the middle attacks are a very persistent issue....many have tried before etc etc

I was speaking on the Q&A panel along with the above worthies (we have done quite a bit of client work in the Trust / Identity area, and here are some other blog posts), and Ajit Jaokar, chaired by Luke Razzell of the Identity Society, who had kindly invited me. Luke asked us what we thought the major opportunities, disruptions and threats for mobile Identity. Ajit and Dave have already blogged their take, so here's mine:

Opportunity - merging the multiple sources of Identity we have, and also allowing us to federate our own - the "Lord Voldemort Horcrux" strategy
Disruption - people understanding the value of their identity and taking control of it rather than going down the passive consumption path - would hurt quite a number of well laid business plans...
Threat - early Identity abuse from commercial entities, taking advantage of early day ignorance of users destroys trust in network based Identity services

There were two areas that took a lot of discussion in the Q&A:

- Whose Identity is it - if I give you my phone number on your mobile, is it yours to distribute as you will, or no?
- Social Nets and "Letting it all hang out" - is this the "new way" we live our lives, our just (mainly youthful) naivete*.

These two debates lasted well into the apres-event drinks...................and will probably reverberate for quite a while yet,

*Postscript - these guys say its not an issue (but then they would, the study was funded by MSFT and News Int'l among others - I think this is a long burn thing