Let’s talk a little bit about identity and privacy. First, we should better define identity, at least as it pertains to the Web.
Identity is not a username and password combination. Identity is not your OpenID or WebID. Those are simply identifiers, of which a user may have many different ones across the Web, one for each social network site. Even if a user has carefully selected to join only those sites that offer the option to register via OpenID Connect, their single OpenID is not their identity. It is just an identifier. So, OpenID Providers are not identity providers, they are identifier providers.
What is identity on the Web, then? Identity is your presence strewn throughout the Web. It is the sum total of all your verified activity on the Web (blog, forum, and social network posts, video, music, and photo uploads, etc.), your associated interactions with others, and their comments about and interactions with you. That makes up what can best be thought of as your identity graph.
When we talk about privacy control on the Web, we are not talking about the ability of users to totally control their identity graph. Obviously, a given user can theoretically control only part of their identity graph. Why? Because each user can exert only so much control over what others on the Web think and say about them. That part of their identity graph is controlled by others. ( See note at end)
So what are we trying to accomplish by allowing users partial access to and control over their identity graph? What kind of privacy controls can reasonably be provided to users?
Well, from a user’s perspective, privacy control on the Web is about offering fine-grained control over the data that they generate.
Open Stack Protocols Versus Semantic Stack Protocols
@arxpoetica, with regards to your comment here:
However, it occurred to me recently the protocols are by their very nature outward bound, and work completely counter to inward, privatized, protective non-shared data. I think this bears an important point, *even though* I completely believe the flow of data should be controlled mostly if not entirely by the user, and not by the protocol.
This is true more for the various Open Stack protocols than the Semantic Web Stack protocols. By its very nature, for instance, OpenID Connect requires the services of a 3rd-party identifier provider which in turn requires the services of a Key Signing Party (also called a Certificate Authority or CA for short) to issue a certificate. A WebID, on the other hand, can easily be created and controlled exclusively by the owner of the ID. This also includes the self-signed certificate which each user is free to generate and can quickly be changed at anytime for any reason. That is not practical with an OpenID.
–> See this link for short list of the advantages of self-signed certificates over Certificate Authoritie (CA) issued certificates http://blogs.sun.com/bblfish/entry/more_on_authorization_in_foaf#comment-1253630919000
The FOAF file is another piece of the Semantic Web Stack that can be (although often is not) under the exclusive control of the user. Whereas most FOAF files do indeed reside on 3rd-party services, any user who chooses can easily create their own FOAF file within a webspace that they control (their self-managed WordPress blog, for instance). They can then tell the world, via their WebID, that this is the webspace that I own and the FOAF file that I consider most relevant to my identity graph. All other FOAF files will of course remain in existence (at least until a given 3rd-party service shuts down), but none of those services can successfully claim to be that user’s primary FOAF file.
Offering Identity Graph Control
The real issue to discuss is how much identity graph control can we offer users (members) of BuddyPress sites? What options can and should we provide users to manage their privacy? To what degree can we offer users access to their data–in terms of not only privacy controls, but also in terms of data portability?
Obviously, whatever controls we provide in the BuddyPress codebase or via a 3rd-party component, we must offer Site Administrators the ultimate control. In other words, the Site Admins own the site. They take the risk in setting up the site and incur all the site expenses.
So, we have to consider their rights of ownership and offer them the ability to turn on or off any and all user-level identity management features. It will be up to each potential user who comes to a site to join, to make up their own mind as to whether the given site has an acceptable level of user-controllable identity management tools.
NOTE: Do users have any options for managing that part of their identity graph that is created and controlled by others? Yes. It is called reputation management and there are some fee-based services that offer users some concrete means with which to do just that. But in a free society whenever two or more people are involved in creating an identity graph, it will never be possible for each individual to be able to control their entire identity graph.
