The laws are as follows, with descriptions taken from the article:
1.User control and consent – Technical identity systems must only reveal information identifying a user with the user’s consent.
2. Minimal disclosure for a constrained use – The solution which discloses the least amount of identifying information and best limits its use is the most stable long term solution.
3. Justifiable parties – Digital identity systems must be designed so the disclosure of identifying information is limited to parties having a necessary and justifiable place in a given identity relationship.
4. Directed identity -A universal identity system must support both “omni-directional” identifiers for use by public entities and “unidirectional” identifiers for use by private entities, thus facilitating discovery while preventing unnecessary release of correlation handles.
5. Pluralism of operators and technologies – A universal identity system must channel and enable the inter-working of multiple identity technologies run by multiple identity providers.
6. Human integration – The universal identity metasystem must define the human user to be a component of the distributed system integrated through unambiguous human-machine communication mechanisms offering protection against identity attacks.
7. Consistent experience across contexts – The unifying identity metasystem must guarantee its users a simple, consistent experience while enabling separation of contexts through multiple operators and technologies.
Popularity: 1%
