Can Microsoft Save the Net?
Lawrence Lessig at Wired - extolling the virtues of Microsoft's new InfoÂCard identity management protocol. [wired]
This might sound scary to friends of privacy. It shouldn't. The InfoCard system gives you more control over your data, not less. The protocol is built on a need-to-know principle: While an InfoCard might hold 30 facts about me, only the data I choose to reveal is shared. If I need to certify that I am a US citizen, then that fact is verified without also revealing my name, age, or place of birth. And when it comes to that fake PayPal site, the InfoCard system wouldn't recognize it - it wouldn't have theproper credentials.
Again, if this sounds scary to those suspicious of Microsoft, it shouldn't. It's a protocol - a set of rules for exchanging information - not a Microsoft product. Any company can provide certified protection for data using the protocol, and many will. So unlike Microsoft's Passport system, the dubious personal info repository that alarmed many people a few years ago, no central administrator decides how privacy is protected or trust secured. Instead, the protocol solves the problem of security the same way the Internet solved the problem of browsers - through competition on an open, neutral platform. This is infrastructure for a digital age. It's TCP/IP for privacy and security.