Privacy And Trust – Epilogue


Another dimension of Trust has to do with standards. Because of standards, the Internet is the only thing I know of that works the same everywhere. Most things work differently in different parts of the world. The side of the road we drive on, the side of the car we drive from, the width of the railroad tracks, the plugs that we put in the wall; all work differently around the world. But not the Internet; it works exactly the same in every corner of the world. There are a lot of debates during the process while Internet standards are being developed but once published as a standard every vendor has an obligation to implement the standard. Most do.

Open standards need to continue to rule

Generally speaking, vendors compete on how well or how fast they are able to implement standards but they do not compete by changing an Internet standard. As an application developer, when an application is built with open standards you can have a high degree of Trust that the application will interoperate with other applications, that technical support will be available in the event of problems, and that there will be flexibility to change vendors if appropriate.

An open standard means a standard that is supported on all information technology platforms. XML and HTTP, for example, work with Windows, Unix, Linux, Apple, IBM, HP, and all PC’s. There are other important technologies like IBM’s mainframes or Microsoft’s Windows that are dominant in various ways. They support open standards, like XML and HTTP, but they are not themselves open standards.

So many issues; so little time

The final element of trust comes from public policy. There are many policy issues that will affect the Internet — taxation, trade rules, jurisdiction over transactions, protection of intellectual property, privacy, and others. Although the Internet is transferring power to the people there is still an important role for governments and global organizations. Generally speaking, regulations are not needed but thoughtful standards and cooperative policy work are. The private sector needs to provide aggressive leadership. We can’t delay. We have to anticipate the impending issues such as privacy and run hard and fast to address them. The alternative is to wait until the political pressures result in regulation that, in many cases, may be difficult and costly to implement.

The Electronic Authentication Partnership is a collaborative effort to insure interoperability of digital identities among various government and private sector organizations. After more than a year of meetings a charter was born. Although the project is urgent, the progress is slow. The eight page charter says nothing about authentication but says a lot about relying parties, credential issuers, service and product providers, credential holders, secretariat and administrative services to the partnership, oversight, classes of membership, and Federal liaison.

The good news is that the sixty-two vendors (and others not present) are working furiously to compete in the marketplace with biometric and identity management solutions. Someone will break the code, so to speak, like Amazon did with selling books. A financial services company or other institution will act boldly and discover that they can link their brand to the digital ID of their customers. They will create a paperless bank or insurance company and millions will defect their current provider for this new one.