Last week I attended the Internet Identity Workshop 2006b. It was amazing. Not only was it a source of much varied and in-depth information, the people and community were world-class, all engaged in an “unconference” format that was truly the most effective self-organizing and productive community effort I’ve ever seen. Major thanks to Kaliya Hamlin and the crew for moderating the whole program and to everyone who participated.
Three huge things were clear:
1. Identity systems that address the goals of Kim Cameron‘s Principles of Identity are now largely integration and product management problems.
With open source OpenID (wikipedia), Microsoft’s CardSpace (wikipedia), and the Liberty Alliance (wikipedia) all having deployed solutions, the hard part, technically, is arguably over. Now we have to figure out interoperability (still non-trivial) and how to communicate with users, grow usage, and complete the feature set. With most of the large technology players supporting Identity in some fashion, this is set to be one of the next major developments in people’s interactions with the Internet.
2. The community of people who have made this happen is truly amazing. I don’t know how to do justice to the spirit of open, respectful engagement that pervaded the entire workshop nor to the passion and quality of everyone there. In fact, I won’t even try. Instead, I’ll extend that spirt by inviting you to join us at the next Internet Identity Workshop in 2007.
3. VRM is ripe for development. Although VRM isn’t strictly about Identity, Identity enables ways for VRM to work without compromising the implicit privacy and security we have come to expect when buying.
I spoke about this last night with a colleague of mine who would love to be able to publish a bill of materials as a personal RFP for his company’s products, sort of a corporate VRM. The problem is that if he simply published that RFP on his blog, all of his competitors would see what they are ordering. This was in fact a useful World War II espionage technique: spy on factory orders to discern future battle plans. [Thanks to NPR‘s Morning Edition for their recent story on WWII spy Virginia Hall.]
Interoperable Identity systems would avoid that problem. Instead, you could publish an RFP with restrictions on who could read it, requiring them to be a valid vendor, including a legally binding assertion of the same. Further, you could hide your own identity so that even valid vendors don’t necessarily know which company is shopping around for those goods. You could also provide vendor-restricted information that only particular vendors see, such as customer IDs, which could help them prioritize and price more competively based on your existing relationship with them. You could even send it to specific vendors only or to both the open market and preferred vendors. Eventually, all of this will come together in a relatively seemless technology framework that creates a market of one on demand, when you are ready to buy.
There is still a lot of work to do, both with Identity and VRM, but I’m excited. It is amazing how far along Identity systems have come in the last two years and how close it is to mainstream viability, thanks largely to the energy and spirit of the community at IIW. It was also inspiring to see how quickly people warmed to the VRM idea and stepped up in a similar spirit to start working through the details. Doc Searls has already proven it can work in isolated examples (his VRM Gesture for a new phone worked like a charm.) Now to scale it to larger and more meaningful applications.