Effects of USA PATRIOT Act on the Internet

Well researched article on consequencies of the controversial law. Some good points:

"We endow government with tremendous power -- power to arrest you, take away your property, take away your life, destroy your reputation, take your children away from you," Dempsey said. "I think those powers in the hands of human beings, acting under pressure, with the best of intentions, facing time deadlines in a world of limited resources, those kinds of powers need to be surrounded with a thicket of rules."

The problem that law enforcement and intelligence agencies face is not insufficient information -- "they are choking on information," Dempsey said. The deficiency is in targeting and analysis. The Patriot Act was based on "the assumption if you pour more data into the system, then the picture would become clearer, and I think that's a false presumption," Dempsey said.

The danger, said John Baker, a law professor at Louisiana State University, is applying the government's war powers to domestic activities. "We've never had such a mix-up between the president's wartime powers and law enforcement," Baker said. "The president has wide powers under war and national defense, but the national government does not have wide powers for law enforcement." [newhouse]

10:13:43 PM    

What is digital identity?

"You walk into your neighborhood watering hole. If they are in accordance with the laws of the land, they'll ask to see an ID -- most likely a driver's license. This driver's license isn't *actually* your identity, rather it is an authentication of certain attributes of your identity. For verification that you are who you say you are, the bartender might also look at the picture on the ID and then look at you. You've been authenticated and verified, now a transaction may take place" [digitalidworld]

Eric Norlin's example cited above reminds me to the best explanation of the topic I have seen, in Code and Other Laws of Cyberspace, which is perhaps even several steps further ahead in terms of quality. From the technical point of view, Digital Identity includes (1) authentication details (2) authorisation details and (3) personal preferences. Each of the data subset is used for different purpose, by different functions and have different security requirements.

8:27:12 PM    

PingID Digital Identity Crisis

I had a look at the PingID's DII architecture document. The project is a bit ambitious and there are several serious technical issues with it, but this is currently not important, because PingID faces a serious challenges on the business side of the project.

PingID Digital Identity aims to be an open standards-based global infrastructure implemented in peer to peer fashion using open source development model to provide features that are strikingly similar to
Passport.

Facing the evil empire is good, open standards are good, open source is generally not bad and P2P is a great concept. PingID was promising to develop a killer application that will bring power to the people to manage their own identity details. So where's the problem with all these great things?

PingID happened to choose a playground, which has a stability of moving sand. When they started several things happened that changed the ground very quickly. First, Microsoft promised to federate Passport, now they repackaged from service to product, and they are in the process of developing open standards that will support P2P, privacy and other things. As little information from Liberty Alliance as there is, I would wonder, if they did something completely different.

The PingID DII is offering more or less the same things, the only difference is its open-source implementation. So, are we going to end up with three open standard specifying one thing in 3 different ways? Which of these three will win? Is it going to be PingID?

PingID could win, only if they come with their product earlier than the bigs but I think they don't have the muscle to pull it off. They are doomed to be limited to an open-source niche, perhaps in a similar way as Andres' Jabber is.

Or... Wait a minute...

They can go to MS/IBM or LA, and work with them in the same way Dave Winer did when  developing SOAP. Then they would be "compatible", they would have the open source product, and a set of open standards. The question is, if the bigs would treated them as a real partner or as an annoying insect.

6:24:50 PM