- People using computers should be in control of giving out information about themselves, just as they are in the physical world.
- The minimum information needed for the purpose at hand should be released, and only to those who need it.
- Details should be retained no longer than necesary.
- It should NOT be possible to automatically link up everything we do in all aspects of how we use the Internet. A single identifier that stitches everything up would have many unintended consequences.
- We need choice in terms of who provides our identity information in different contexts.
- The system must be built so we can understand how it works, make rational decisions and protect ourselves.
- Devices through which we employ identity should offer people the same kinds of identity controls – just as car makers offer similar controls so we can all drive safely.
