• A new ecological theory of digital identity

    StephenWilson     |      June 18, 2011

    Privacy, security and "trust" researchers and policy workers may be interested in my new work "Identity evolves: Why Federated Identity is easier said than done".

    I presented this paper at the AusCERT conference last week (beware, it’s long, but a condensed version is coming).

    See lockstep.com.au/library/identity_authentication/an-ecological-theory-of-digit

    The privacy impacts of federated identity and trendy new "trust ecosystem" models (like the US National Strategy for Trusted Identities in Cyberspace, NSTIC) are complex. The biggest problem I believe is that many have underestimated the deep changes wrought by federated identity, and how it radically alters traditionally close bilateral relationships and information flows.

  • Daring to question “Open Identity”

    StephenWilson     |      April 11, 2010

    Is the Open Identity movement making the world simpler? Or more complex?

    There’s been intense renewed activity in cyber security under the banner "open identity". See http://openidentityexchange.org and http://informationcard.net.  But something about the word “open” has never sat well with me in the context of "open identity". I wonder if the open identity community has co-opted the word as one of those unquestionably good adjectives … and twisted it a little?

    Open standards and open government are obviously good things, and it’s clear what they mean.  And open source has a lot of goodness attached to it, even if it’s not without controversy. But what exactly does “open” mean in open identity?

  • Hotels, Identity Thieves and Terrorism

    StephenWilson     |      August 21, 2009

    The reservations databases of global hotel chains are a complete cornucopia for criminals.

    Radisson Hotels has reported a database breach which has exposed the credit card numbers of guests said to be "limited to an isolated number of hotels in the U.S. and Canada".

  • Digital Economy or Wild West?

    StephenWilson     |      June 8, 2009

    e-Security awareness cuts both ways.  If policy makers take the digital economy seriously, then they need to be aware of the limitations of relying on user education alone to protect the people against cyber crime.

    National e-Security Awareness Week is terrific. You gotta have awareness of safe Internet behaviours – it’s just like road safety. But awareness is not enough. Here I will argue that user education has reached its limit and that we need the same sort of balanced approach to e-security as we have in road safety.

  • Individual Health Identifiers and Privacy

    StephenWilson     |      March 11, 2009

    What’s to be done to ward off healthcare identity theft?

    Last week, Australian Health Ministers met in Melbourne; a comminique has been released by the Department of Health and Ageing. A range of matters were discussed, including the planned Individual Health Identifier (IHI).  The communique says:

  • What is privacy really all about?

    StephenWilson     |      March 4, 2009

    You can expect national security advisers to have some disdain for privacy, but they cannot simply re-define it.

  • How to trust in the Internet when nothing there is real?

    StephenWilson     |      January 13, 2009

    Suspension of disbelief when using the web is what enables most of the safety problems today, but the solution isn't to try to make people more wary "viewers".

  • Uncategorised

    Is re-blogging really engaging?

    StephenWilson     |      May 30, 2008

    The Open Forum administrator has recently reproduced here a great many blog posts by politicians and others from their own blogs. This is generally very interesting, and makes for a good read. But I've noticed that most of the subsequent discussion threads go cold very quickly. Moreover, I don't think I have seen a single […]

  • Uncategorised

    The sorry state of our economy

    StephenWilson     |      May 14, 2008

    Who do you get from business — which captain of industry — to enlighten us about the budget?

    Here’s proof positive of the malaise that besets our once-clever country. In the lead-up to the budget last Monday, ABC radio’s “The World Today” interviewed just one senior business identity for their view on what the economy needed from the government. It was Gerry Harvey.

    In a progressive, innovative, competitive country – like Malaysia, Singapore, Taiwan, Ireland or Finland perhaps – you’d expect to hear from CEOs in smart, export-oriented industries, such as biotech, energy, IT or communications. But in Australia, the most influential magnate we have is a consumer goods retailer. Isn't it really pathetic that a country's economy can be so dominated by the retail sector? No wonder the chief economic policy lever in Australia is the blunt instrument of interest rates.

    And to add insult to injury for those of us who wish we were cleverer, when interest rates are hiked to slow things down, the Gerry Harveys of the world proudly proclaim it's not making any difference to them. Nope, sales just keep on keep rising!

  • If it’s public then it’s not private. Really?

    StephenWilson     |      March 19, 2008

    Can Metcalf's Law be applied to personal data management?

    It is often said that if data about someone is already in the public domain, then that information is no longer private. Sounds reasonable, but I reckon that can become an insidious furphy.

    "The data is already public" was the chief debating point advanced by proponents of searchable white pages. They argued that because publicly available paper white pages reveal everyone's phone numbers, surely having a searchable database didn't change anything. But a searchable digital white pages really is different. And not just quantitatively — it makes reversing names from numbers vastly more efficient — but also qualitatively.

    For one thing, the very act of searching generates new types of information, much of which is private (and commercially valuable). For instance, whomever owns the searchable white pages also gets to know stuff like who else is interested in my phone number, and why. The owner can synthesise brand new information, none of which is accessible to me, even though nothing other than my 'already public' number has been revealed.

  • Uncategorised

    We’re governing the life out of innovative organisations

    StephenWilson     |      February 14, 2008

    If we’re going to cultivate innovation, originality and creativity, then we need less governance, not more.

    What on earth are managers up to these days? Here I write of the rise and rise of robotic, one dimensional, management-by-formula, and question if it is throttling innovation.

    In linguistics, there is a rhetorical fondness of the imaginary “Martian Linguist” who, according to Chomskian thinking, on a visit to Earth would deduce from the evidence that all humans speak the one language, with only minor local variants. Well, I’m thinking that if management theorists from Mars were to watch the goings on at most board rooms today, they could be forgiven for thinking that all human enterprises are actually engaged in the same activity – compliance!

  • Uncategorised

    Economics of renewable energy (not)

    StephenWilson     |      November 16, 2007

    It's not for nothing that they call economics the "dismal science".  It seems to me that the world's attention to macro economics is what stops renewable energy.  I don't know if the following analysis is really new or not, but if it's accurate, then as things stand, no renewable energy scheme stands a chance, regardless of the greenhouse effect.

    When you procure and install a renewable energy source, like a wind turbine or hot rocks plant, the financial transactions are simple, limited and rather local: 

    – build the power plant

    – operate the plant (pay a few staff, buy some occasional maintenance).

    But our globally favorite energy schemes — coal, gas, nuclear — all involve mining and massive ongoing exchanges of finance and resources, both human and physical…