The dictionary definition of a commons is “land or resources belonging to or affecting the whole of a community”.
An Electronic Identity Commons is “a shared identity resource where community members mutually identify each other.”
Most electronic identity systems base identity on identification with data. They identify using attribute data about an entity. The identification data Identities become nodes in a network of Electronic Identities. If the data is the same, the identity is the same.
Identity founded on data proves to be expensive. It is expensive because protecting data is costly and the cost rises exponentially with the number of unique entities in the system.
With the Internet, we now have a highly connected world with rapid communication. Maintaining the integrity of our personal information in this environment costs more than the value of having an Electronic Identity. It leads to increasing breaches of privacy and security. The advent of intelligent bots and the Internet of things means privacy will continue to erode and with it a reduction in value of data based Identity.
We need a different approach.
An Identity Commons
In the real world, our relationships with others create our Identities. We are a spouse, a citizen, a shareholder, a member of a political party or a member of a church. It is our relationships in a community that define us and give us an Identity.
In a community, we mutually identify each other. We cannot have an Identity in a community unless the community agrees to grant us one and unless we agree to recognise others as part of the same community.
We build Electronic Identities by mutually identifying each other with peer to peer identification using data but, Identity is no longer synonymous with data. It uses data for peer to peer identification, but it is separate from the data. Its authenticity comes from proof of relationships using networked mutual recognition. Electronic Identities closely model our real world Identities.
We can use any entity as a peer. The sources of identity can now include organisations, houses, refrigerators, cars, the land, computer programs, mobile phones, credit cards with which we have a relationship.
We can restrict the spread of personal data to those relationships we trust.
Our Identities strengthen each time we use them. They strengthen because they change with changing circumstances.
The building blocks of our Identity are our peer to peer relationships rather than our data characteristics. Our relationships include the history of our peer to peer interactions. These relationships wax and wane and break.
An Identity Commons can coexist with data based Identities. The data based Identity is treated as a separate Identity. This means we can introduce an Identity Commons incrementally and only use it where it is cost effective.
An Identity Commons built using these principles will be private, scalable, secure, low-cost and adapt to changing circumstances.