Yahoo, the identity middle-man?
I had an interest thought about the direction of some of Yahoo’s projects. It seems like a lot of the stuff Yahoo is working on are about helping people to aggregate and manage their data. Two of the most obvious public examples are Fire Eagle and Open ID.
What I think is particularly interesting is that neither of these things are products or applications in themselves. Neither of them tries to control what you do with your data and in fact they will happily let you to use the information anywhere on the web that supports it.
I think Yahoo is actually creating an interesting market here. I don’t think I’m going out on a limb to say Yahoo is a brand perceived as safe and family friendly. By providing tools to let average people safeguard and manage important parts of their identity Yahoo is creating a new trend in middleware.
There has been some discussion recently about once you put something online how hard it is to manage thereafter. Conceptually Yahoo are positioning to help become your identity provider for the Web. Pick a brand you trust and let them act as a middleman between you and everyone else. Sites can put data in and sites can take data out but only if your middleman lets them.
Many people who support Open ID have stated an aim like this. Open ID allows SSO but it can also facilitate “attribute exchange”. This is where the Open ID provider passes the relying party¹ a number pieces of information (attributes) about the user logging in, assuming they say it’s ok. Right now Yahoo’s Open ID provider service allows users to pick a number of IDs they can use, from their Yahoo username, their Flickr username, to a random anonymous one. There is nothing that would stop Yahoo allowing you to associate a unique profile which each of these users. There is already a certain amount of evidence to show that the youth of today already do this kind of segmenting by hand and manage multiple online profiles.
I’d be interested in seeing what techniques can be applied to this information management. If you’ve ever seen the Facebook application TOS they are pretty harpdcore. You are allowed to store virtually nothing about the user in your own database. This is because Facebook are aware of the simple truth that once you share information you can’t unshare it. Look at the music industry, the properties of bits are not the same as those of physical objects. As such the only real protection you can offer the user is legal.
That said, obviously most people are happy to share information with many sites they use and let them store it. I’d like to see a much better way to represent the TOS so that a user could effectively review it before they share information. This a topic I discussed, yet again, at Leeds Barcamp. I want to see terms of service use a number of creative commons style attributes. Any additional terms they required would then be easy to identify and read. If you were using Open ID to sign in, it would be easy to define what you were happy to accept from a site and what you weren’t. Your Open ID provider could then easily flag any discrepancies to you before you login/signup.
Despite all of this I am not suggesting to say that Yahoo should own this potential market. However I think they are being extremely progressive in it. I’d love to see providers competing for consumer’s love. And, of course, since it’s all about being Open it’s not like anyone would stop you swapping providers. Not at least if they were sensible. I read a quote by a Sun exec (that I can’t seem to find) about making it easy for customers to leave, because they are much more likely to stay if they come back.
¹The site that lets you login with Open ID