Tag: Privacy

The Burden We Bear

Dealing with privacy issues isn’t as simple as the tech (and all too often the security) industry thinks. There are some real challenges and ethical conundrums to deal with, and we ignore the reality of the society into which our products are going at our own peril. We are seeing this happen full force right

The Design of Trustworthy Things

With this years Identiverse just over a month away (and the deadline to get the draft of my talk this year swiftly approaching), I was reminded that I never got around to sharing video of the keynote I gave at last years conference. It was very kind and a tremendous vote of confidence in me

Will GDPR Kill Risk-Based Authentication?

No, I’m not declaring another thing in identity management dead. Instead, I’d like you to join me in exploring something that has been bugging me quite a bit lately. Risk-based Authentication can cover a spectrum of capabilities, but most generically it is a passive authentication factor that tries to measure the risk of a particular

Privacy in the World of Invisible Identity

In part 1 of my blog post expanding on my Cloud Identity Summit talk on Invisible Identity, I proposed ‘The 4 Core Principles of Invisible Identity‘ that ensure that security and usability stay in a symbiotic partnership for an organization. I believe that adopting the concept of Invisible Identity will be vital to securing people

My Relationship with Metadata: It’s Complicated!

Ever since the Snowden revelations broke, there has been a lot of interest in metadata, with a lot of ink (or should that be bytes?) devoted to defining exactly what it is, where it can be gathered from, who is capable (and how) of doing said gathering, and most importantly of all, if it is

Looks Like The Internet Finally Got An Identity Layer

As this Joy of Tech cartoon demonstrates, PRISM seems to have solved that problem for us. All that’s left to do is slap a RESTful Web Service on that data source. Should it be SAML or SCIM? This is pretty much the epitome of “It’s funny because it’s true”. The way that “metadata” can be

Dreaming of the Ethical Treatment of APIs

Anyone following me on Twitter is well aware of my stance on AddressBookGate. While the tech world’s initial outrage was being directed at Path, I felt that a more balanced conversation would also lay some culpability at the feet of Apple and other API platforms that were exposing data to applications like Path without any

Google+ and The Trouble With Tribbles

In a prior post I talked about the backlash against the “Real Names” policy that Google has instituted for it’s Google+ social network. The resulting nymwars are in full force, and drew me into a very interesting twitter back-and-forth between Kevin Marks, myself and Tim O’Reilly over the weekend, which Kaliya (or IdentityWoman, as she

What’s In A Name? A Lot, Actually

The “Real Names” debate has been fascinating to watch, because it such an intriguing melange of issues – social conventions, technical requirements, best practices, community responsibility – rolled into what would on the surface seem to be a very simple problem. After all, what we’re really talking about is what value to let people put