Overview#

Introduced in 2004, as I recall, by Kim Cameron The Seven Laws Of Identity is still the Strategic guidelines that should be used to determine if Digital Identity systems are "there yet".

The Seven Laws Of Identity

1 Law of User Control and Consent#

User Control and Consent: Identity systems must only reveal information identifying a user with the user's consent.

2 Law of Minimal Disclosure For A Constrained Use#

Minimal Disclosure for a Constrained Use: The identity system must disclose the least identifying information possible, as this is the most stable, long-term solution.

3 Law of Justifiable Parties#

Justifiable Parties: Identity systems must be designed so the disclosure of identifying information is limited to parties having a necessary and justifiable place in a given identity relationship.

4 Law of Directed Identity #

A universal identity system must support both "omni-directional" identifiers for use by public entities and "uni-directional" identifiers for use by private entities, thus facilitating discovery while preventing unnecessary release of correlation handles.

5 Law of Pluralism of Operators and Technologies#

A universal identity solution must utilize and enable the interoperation of multiple identity technologies run by multiple identity providers.

6 Law of Human Integration#

Identity systems must define the human user to be a component of the distributed system, integrated through unambiguous human-machine communication mechanisms offering protection against identity attacks.

7 Law of Consistent Experience Across Contexts#

The unifying identity metasystem must guarantee its users a simple, consistent experience while enabling separation of contexts through multiple operators and technologies.

Conclusion#

Those of us who work on or with identity systems need to obey the The Seven Laws Of Identity. Otherwise, we create a wake of reinforcing side effects that eventually undermine all resulting technology. The result is similar to what would happen if civil engineers were to flaunt the law of gravity. By following them we can build a unifying identity metasystem that is universally accepted and enduring.

Full Paper on The Seven Laws Of Identity#

• The Seven Laws Of Identity/TheLawsOfIdentity.pdf

More Information#

There might be more information for this subject on one of the following:

• ISO 29100
• Kim Cameron
• Law of Consistent Experience Across Contexts
• Law of Directed Identity
• Law of Human Integration
• Law of Justifiable Parties
• Law of Minimal Disclosure For A Constrained Use
• Law of Pluralism of Operators and Technologies
• Law of User Control and Consent
• Life Management Platform
• Microsoft Passport
• News
• Self-Sovereign Identity
• The Laws of Relationships
• User-centric Identity
• Web Blog_blogentry_071115_1

---

• [#1] - MSDN Article on Microsoft's Vision for an Identity Metasystem - based on information obtained 2013-04-10
• [#2] - From Kim Cameron's Blog - based on information obtained 2013-04-10