The coming digital ID battle

So Glenn “Instapundit” Reynolds heard someone
from the music industry say its legislative goal is to mandate digital
IDs for Internet users.  The idea is that this would function like
a driver’s license, allowing users to be tracked and punished for
downloading copyrighted material.  This shortly after a New York Times column called for much the same thing. 

Digital ID seems to be bubbling up from several sources at once:

  • The technologists are pushing it as a central element of the Web services vision (via the Liberty Alliance and various Microsoft initiatives)
  • The businesspeople want it to enable efficient tracking of goods and people (via RFID)
  • The telcos want it to tie together legacy and IP communications (via ENUM)
  • Hardware vendors want it for security (via the Trusted Computing Group)
  • Governments want it as a tool to fight crime and terrorism
  • A host of others want it to address problems like spam. 

Add the music industry to the list.  All these digital ID systems
are different, and most of them aren’t interoperable.  But it may
be only a matter of time before there is pressure to hook together
whatever forms of identification do catch on. The lesson of the social
security number is that IDs for one purpose inevitably spill over to

I’m not a cyber-anarchist.  The idea of digital ID itself doesn’t
give me the willies.  I really have no problem with
knowing a lot about me, or airline ticket agents asking to see my
driver’s license.  What worries me is the possibility that we’ll
get digital IDs to solve one problem, and they will be applied to
something totally different.  I’m sure many of the people who
support some identification mechanism to cut down on spam wouldn’t want
a similar mechanism to police music downloads… but it’s the same technology

There’s a restaurant we go to in South Philly.  Great Italian
food.  Packed every night.  Funny thing, though. They only
take cash.  And supposedly, when they file their taxes, they never
report a profit.  Cash is anonymous and untraceable, which allows
for abuse.  There are many transactions where cash isn’t accepted,
or where it sets off scrutiny.  I’d hate to see cash go away,
though, because there are cases where it’s used improperly.  Just
as I’d hate to lose the convenience of credit cards, despite the
privacy and security risks they create. 

There will soon be significant battles over digital ID.  The
danger is that they won’t be seen for what they are, but as isolated
fights specific to a particular industry or situation.  The
essential objective should be balance — anonymity vs. identity,
openness vs. control, unification vs. segmentation.  Too far in
any direction, and we’ll suffer unintended consequences that far exceed
the benefits.

Unfortunately I won’t be able to make it to Digital ID World next week, which will no doubt address these issues.