I’ve been giving a lot of thought to identity lately and it’s becoming more clear to me that we don’t have “identities” like the internet thinks humans have “identities.”
I think the internet has even started influencing us to think of ourselves as having identity partitions (one login for my Facebook friends, one login for my “clean” profile…), but in reality these logins and other identity-related information that we carry around with us are just an attempt to do what humans have always done: manage the correlation of information about ourselves.
In the future, I think we will expect a lot more out of computers and networks when handling our personal information. There’s a book that’s on my reading list called “Privacy in Context” by Helen Nissinbaum that introduces the concept of “context breach” as a new way of thinking about a “data breach”: we are social creatures willing to share information within certain contexts, and these contexts come with norms that prevent people from sharing information willy-nilly. When information that was shared within one context escapes (e.g. via gossip, carelessness, or otherwise) then we regret having shared the information in that context. It allows for correlating information about us in a way we did not want and did not authorize.
I’m excited by Self-Sovereign Identity, and specifically the work being done by the Sovrin foundation. They and others in the SSI space (e.g. uPort, Iden3) seem to understand that correlation management is an essential characteristic of a humane identity system. Getting it right is hard–because we’ve evolved over millions of years to manage information about ourselves within our social groups–but as we bring these complex information correlation systems online with us, we will have a more humane, decentralized (and less correlated) internet.