Privacy, identity, and more importantly, anonymity are one of those things I keep thinking about. A few months back I had this idea of comparing the need to that of credit reporting agencies. You have the big 3 - Equifax, Experian, TransUnion. They provide credit information to companies that want it. You request the info, they provide it. There's a fee for retrieving it. I think our personal identities should be treated similarly. We sign up for various online services and provide some PII, but not much. Why should the website be able to store that information? Maybe they shouldn't be able to. Instead, lets permit these identity brokers to control our private information. Name, address, email, etc. Then whenever a companies needs that info, for whatever reason, they query the identity broker, get select info they need and be done. Token based access could permit the site to certain data, for certain periods of time. You can review the tokens at a later date and make sure only the ones you care about get the info. Large companies that already participate in this space (Google, Microsoft, etc.) can separate out this business function and have it be isolated from their core products. I was thinking it'd require an act of congress to get implemented, and that may be possible. But instead of having that as a hard requirement, maybe just a branding/badge/logo on services. Say your product respects your privacy and uses data brokers for your privacy.

Going a step further, how do we encourage use? Aside from personal privacy, what if social media sites allowed us to use our identities to validate comments or attachments? Similar to the idea of a token, we upload a photo of our cat. We permit FB access to that cat pic, generate the token, say it's good until we revoke it. We revoke it, and now that picture will fail to load. We can also restrict access to our cat picture. By requesting access to the cat pic, another user provides their identity as well. If their identity is allowed to view it, then it can render. Similar to comments. It's just a string, but we can invalidate a token and make access to it no longer possible.

What about digital hoarding? Can't we screenshot everything or scrape the website and store it for later? Yes. But that's no longer a trusted source. Everything can be faked, especially as AI tools advance. Instead, by using the identity broker, you can verify if a statement was actually said. This will be a mindshift. Similar to how wikipedia isn't a credible source in a term paper, a screenshot is not proof of anything.

Identity brokers can also facilitate anonymous streams. Similar to a crypto wallet, separate personas can be generated by an identity. An anonymous comment can be produced and associated with that randomized persona. The identity broker can store the private key for the persona, possibly encrypted by the identity in some manner, or it can be stored elsewhere, free for the identity to resume using should they want to.

It's an interesting problem to think about.