Laws of Identity

There’s a stereotypical image that people who work at Microsoft are insular and inward-looking. Kim Cameron is far from that. He regularly posts insightful commentary on the ‘identity metasystem’ on his blog, and is widely seen as a ‘thought leader’ in identity management, driving forward standards such as Information Cards and taking a pragmatic, standards-based approach to Microsoft’s involvement in the ecosystem.

A couple of years ago he came up with a set of Laws of Identity – embracing the ideas that users should always own their data and dictate how it’s shared, that there should be minimal disclosure, and so on. In this post, you can see links to more detailed descriptions of the laws, and a nice image summarising the laws (shown below).

I’m spending progressively more time at work thinking about public/consumer identity as well as that kept within an enterprise, and I find keeping these laws in mind ensures the delivery focus is kept in the right place.