Private Personal Agents vs. Microsoft's Passport

stefaanh asks: "With the recent MS Passport concerns, I remembered an 'IEEE Expert' 'JANUARY-FEBRUARY 1997 article called 'Managing your privacy in an on-line world' written by Michael McCandless. It talks about why you would hand out private information (on the Net), and proposes a personal agent that manages your info, in a way that you control, what, who and when to give out a selection of your sensitive data. Who benefits: you, and the companies that don't pay for outdated or inaccurate data anymore, but [pay you] for accessing correct data. Since I consider Passports 'security' not as serious as the potential of consumer tracking, what sits in the way for this personal agent to challenge the threat of Passport's centralized approach? Isn't the time right for such an implementation?"

Re:The ultimate personal agent

[Cynikal]

Yes but don't forget that our era is based on laziness. Anything that makes our lives just that tiny little bit easier is essential to some people. How many people will spend 30 minutes looking for the remote when they could just walk up and change the channel?

Then theres people like my father who *can't* remember half their information. Sometimes i have to call him to get his new email address cause he forgot his password and had to register a new account.. now if only he could get a fingerprint authenticy device to log him into one server that could feed whatever else to whatever site he needed...

I don't know, Its a good idea for some, and a bad idea to others. It depends on what you like. just respect other peoples' choices to decide what THEY like...

Re:The ultimate personal agent

[jheinen]

It doesn't matter if people are lazy or not. Your brain and keyboard don't mean squat when you want to order a book from Amazon and it says "Passport required." When all commercial sites require this, you are left with no choice but to sign up and have your data managed by M$. Either that, or forgo purchasing online and start buying all your stuff from brick & mortar shops with cash.

-Jeff

Re:The ultimate personal agent

[spencerogden]

Wouldn't a program on your computer, which stores your info encrypted, and then sends it out when it gets a finger print work? And would also mean you don't have to store your info on a third party?

Missing the point.

[Carnage4Life]

Are people really this lazy, or am I missing something?

Passport isn't about saving keystrokes, it's about control, specifically who has access to your personal data and for how long.

As slashdot has reported in the past, Failed Dotcoms Like Selling Private Customer Data, and a most recent example of this is Egghead.com selling its customer list to Fry's Electronics Twice already I personally have knowingly been bitten by this (CDNow and Egghead) and I have no idea what websites I may have bought a book or CD from in the past that may have failed with my personal info in their databases or haven been sold to a competitor. With a system like Passport, I specify what which websites have information about me, what information they get to see and exactly how long keep this information.

This is just one of dozens of possible Passport usage scenarios.

Interesting approach

[sfe_software]

I personally hate Passport. However, if a centralized system were done *correctly*, there are a couple of advantages.

You can use it from any PC. A "wallet" system is just too complicated for most users (it can be transported, but most users won't bother). Plus, if I'm not mistaken, Passport would work from any browser. Wallet systems (which I believe IE and Mozilla both have an implementation) work only on that browser, and on that PC unless you export.

On top of that, the Passport system is more automatic; get a Hotmail account and you have a Passport account. Use one of the participating online retailers and you have a passport account.

OTOH, if a "wallet" system were implemented that was cross-browser (if not cross-platform), and more easily transportable, maybe it would catch on. I would trust my data on my own machine long before I'd trust it on a bunch of NT boxes up in Redmond (or wherever)...

In either case, personally I prefer to judge everything on a site-by-site basis. I often use a different email address for each site, partly so I can track originators of SPAM lists and such... so neither method would work for me.

Also keep in mind that, if you use a "wallet" system and use the same information at each site, this information could just as easily be shared between sites, and compared/compiled to track your usage, though admittedly it would be more difficult/less likely than a centralized system.