National personality, national identity

How a country implements digital identity depends on its national character

Every seven years since 1964, the filmmaker Michael Apted has released another installment of "The Up Series." These films document the lives of a diverse group of Britons from the ages of 7 to, most recently, 49. One of the patterns that emerges is a dramatic illustration of the Jesuit motto that inspired the series: “Give me a child until he is 7 and I will give you the man.” You can clearly see how these kids’ very different personalities were fully formed at age seven.

Against the backdrop of that continuity, you can also watch the pattern of growth unfold. At 7, all the kids are bubbly and energetic. At 14, they’re all sullen and withdrawn. At 21, they’re all emerging into the world.

I thought about the interplay between these two patterns -- constant personality, changing phases of growth -- during a visit to Guadalajara, Mexico, last week. I was there to address the 40th gathering of the International Council for Information Technology in Government Administration (ICA), on how social software can help governments and citizens collaborate. But it was also a rare opportunity to see how the 25 nations represented there are expressing their unique national personalities as they move through phases of IT maturity.

One aspect of that progression that I watch closely is the evolution of digital identity. But as a U.S. citizen, my view is filtered through a schizophrenic national personality, as identity guru and InfoWorld Contributing Editor Phil Windley pointed out in our recent podcast. Here in the U.S. we’ve struck an odd deal, Phil says. We won’t issue national ID cards, but neither will we vigorously defend the privacy of citizens who use the various de facto national IDs: social security number, driver’s license, the emerging Real ID.

Europeans see things very differently. When I asked the Belgian delegate to ICA to show me his national “eID” smartcard, he was quick to point out that it’s a read-only device. There’s a certificate for digital signing but, apart from that, the card encodes only the same facts printed on its surface. Belgium wants its people, who are receiving these cards at the rate of 10,000 a month and who will all have them by 2009, to know that no secrets will be stored on (or transmitted by means of) the eIDs.

There’s also a youth version of the eID. When Belgian children turn 12, they’ll receive a smartcard and a reader from the government. Americans would regard this program as an Orwellian intrusion. For Belgians, it’s a way to help protect kids without necessarily compromising their privacy. One of the first uses of the youth eIDs will be to prove age to age-restricted Web sites.

How that’s done is a matter of choice, but there’s no technical requirement to fully disclose identity and a strong cultural preference not to. Kids will need only prove (by authenticating to the card) that they are citizens, and prove (by selectively disclosing their birth date) that they meet the age requirement.

On the other end of the spectrum, the New Zealand delegate told me that Kiwis hate national IDs even more than Americans do. You can present one persona to one government agency and a different persona to a different agency. Of course, high-tech credentials can support this approach, too. The maturation of identity technology creates a range of possible protocols. How we implement them will depend very much on who we are.