Future Identity - analysis resources on digital identity, privacy and public policy
Welcome to the Future Identity website
   Home      Portfolio      Recent engagements


June 2012 -
Start of new role as Technical Outreach Director with the Internet Society
July 2010
Start of new role as Research Director with Gartner Group (Burton 'Identity and Privacy Services' team)
European Commission project review (Protecting the Critical Financial Infrastructure)
Workshop with DIFI (Norwegian Agency for Public Administration and IT) on "Privacy and Regulation"
June 2010
Presentation and panel at the eema European e-Identity Conference, on "Privacy, Technology and the Law", and "The Values of your Digital Identity".
Keynote address to the 15th annual OTS conference, University of Maribor, Slovenia
Workshop with Consumer Focus on "Smart Grids and Privacy"
May 2010
Presentation on "Behavioural/Targeted Advertising" at Lewis Silkin, LLP.
Also travelled to London to mark the demise of the UK's National Identity Scheme with many of those who had thought it ill-conceived in principle and flawed in practice.
April 2010
A further project review on behalf of the European Commission - the project was one to look at risk management in the critical financial infrastructure across Europe.
March 2010
A new consulting client in the form of the Internet Society, who engaged me to help set up and facilitate an "ID-Legal" round table: bringing legal and technology experts together to map the gaps between their respective points of view. Very generously hosted by Scott David at the K&L Gates law firm offices in Washington DC.
Also in March I was delighted to speak at the UK Information Commissioner's Offices's national conference for Data Protection Officers. Not a consulting client on this occasion, but the invitation was an honour in itself.  


October 2009
October brought another new consulting engagement: this time, a project review on behalf of the European Commission. Very interesting work; the only slightly nerve-wracking aspect being the implication that millions of Euros could be well- or ill-spent based, in part, on my report.
Also in October - the Net-ID conference were kind enough to invite me back for a fourth year running, and I spoke on "Privacy and Policy in an Economic Downturn". I thoroughly recommend the Net-ID events: they are unique, in my experience of industry events. The organisers' care and attention to detail create an intimate, almost collegial atmosphere which never fails to inspire.
The quality of the other presentations at Net-ID is always the high point , though.
This year, the high points for me were
  • Gerry Gebel, who effortlessly demonstrated Burton Group's strength in depth: long-range thought leadership, backed up by solid research on market practice.
  • Dr Andrew Adams (Reading University) on the history of citizen identifiers in Japan. Excellent. It, in turn, reminded me of David Murakami Wood's fascinating talk on "Identity and exclusion in Brazil" at the LSE's IDIS workshop earlier in the year.

September 2009

Conferences and publications
September saw the first plenary sessions of the Kantara Initiative, in Las Vegas, so I was there to chair the first face-to-face meetings of the Privacy and Public Policy Work Group. I was delighted to see participation from Europe, the US, New Zealand and strong representation from Japan.
The obvious strong themes of interest were:
  • How to ensure that technological advances are adequately balanced by privacy-respecting governance;
  • How to make Levels of Assurance (LOAs) interoperable across organisations and borders.
No-one said the problems in this space were going to be easy. That's what makes it fun.
I also completed two pieces for publication: one on Privacy Enhancing Technologies, and one on Identity Management. More details via this site when they appear.
August 2009

Two new consultancy clients for Future Identity
Given the disruption which usually accompanies the holiday season, it was a real achievement to close two new pieces of consulting work over the period:
  • A joint industry/academia research project about service provider perspectives on data privacy;
  • Fact-finding research for an EU project on national identity schemes.
July 2009

Burton Catalyst 2009, San Diego
"The big one"... I don't know if Future Identity, at 6 months, is the youngest (or, come to that, smallest) company to get a speaking slot at Catalyst, but it must be close ;^)
Serious thanks, therefore, to Gerry Gebel, Ian Glazer and Bob Blakley for their faith in Future Identity and their conviction that I had something interesting to say to their audience. The Burton Group IDM team's expertise and thought leadership is a hard act to match, I have to say. My presentation seemed to be well received, though, and I am gradually getting used to the idea that snippets get Tweeted in real time. I have never thought of myself as a great source of sound-bites, but this is a great way to practise.
"Robin Wilton's 'Onions and Ladders' privacy discussion has been the most intellectually stimulating presentation I've seen at #catalyst09"
- Mark G Dixon via Twitter
You are welcome to download the presentation from the Resources page, here.
Identity and Privacy workshop (consulting engagement)
I ran a "Privacy Round-table" for a UK public sector body, to brief staff on the concepts of digital identity apd privacy and the ways in which these are related to technical and policy mechanisms for mitigating identity management risk. It was a great opportunity to re-examine and re-validate the Privacy Summit models, and to bring them up to date with new thoughts about networked and social interaction.
As ever, the session got good and interactive, and the level and nature of the questions was great. Each one of these sessions feeds into the ones which follow...
APPG open meeting, House of Commons
The All-Party Parliamentary Group (APPG) on Privacy met to hear views on the government's proposed Intercept Modernisation Programme (IMP). The arguments in favour centred around the government's duty of care to prevent harm to citizens. The arguments against raised questions of cost, proportionality, and risk. Just a tiny glimpse of one aspect of the Westminster machine, but a fascinating one.
June 2009

Quite a busy time for workshops, conferences, speaking engagements...
beingdigital event, London
A really lively event, with sensible use of Twitter to get real-time interaction going between the panel/speakers and the web. Great fun, and a useful exposure to the venture capital and new media communities.
Identity in the Information Society (IDIS) workshop, London School of Economics
A fascinating and thought-provoking series of eight presentations/papers, on topics ranging from "Four Myths About Iris Biometrics" to "Techniques of identification in the second Christian milennium". Look out for the published papers in the forthcoming IDIS Journal.
Butler Group conference on Identity Management and Remote Access Security, London
My thanks to Andy Kellett and the team at Butler for inviting me to speak on the topic of "Identity and Privacy in an Economic Downturn"; I've uploaded a copy of my presentation, and you are welcome to view/download it here. (In case you're wondering, yes, it is essentially the same presentation as for GSS, but with Future Identity branding).
May 2009

GSS Identity Management and Privacy conference, Johannesburg
It was a real honour and pleasure to be invited to give the opening keynote at this year's IDM and Privacy conference: my thanks to Paul Strauss, David Lello and the rest of the GSS team, and to Anke Robottom for making everything run so smoothly. You can find out more about GSS and its range of information security solutions here.
I spoke on the topic of "Information Security in a Recovering Economy". I can only hope the word "recovering" is not premature!
I've uploaded a copy of my presentation, and you are welcome to view/download it here.
RSA Europe 2009 - Conference Programme Committee

This year's RSA Europe conference will be in London, 20th-22nd October at the ExCel centre. I'm sure it will be a good conference, but having been on the selection panel for the Identity and Security track, I think it should be particularly worth following (but then, I would say that, wouldn't I?). There were dozens of high-quality submissions: the hard part was whittling them down to the 10 or so we needed... so all the sessions on the final list are ones we would be happy to attend ourselves. In fact, that's what I plan to do... hope to see you there.
Conference Home Page and Registration here.
Identity and Privacy Forum 2009

Also in May, I was asked to chair a couple of sessions at the Identity and Privacy Forum, hosted by Dave Birch (Consult Hyperion) and Toby Stevens (Enterprise Privacy Group). As you can see from the agenda here, I had the privilege of working with a strong line-up on both days,  which was far from onerous.
April 2009

Kantara Initiative
I'm delighted to announce that I have been appointed as Director of Privacy and Public Policy for the Liberty Alliance, with a remit to define, scope and prepare an equivalent post in the newly-formed Kantara Initiative. Kantara is an open and inclusive cross-sector collaborative body whose aim is to bridge the gaps between many existing projects on digital identity and privacy.
The creation of the DPP role is a testament to Kantara's recognition of privacy and policy as key parts of any viable system for digital identity. 
For more details about Kantara, its goals, membership and participation visit the website here.
The Kantara Initiative:
  • shaping the future of digital identity;
  • creating privacy-protecting and more inherently trustworthy online environments

March 2009

PrimeLife project
It's a privilege to have been invited onto the Advisory Group for the EU PrimeLife project, which had its first session in Frankfurt this month.  You can find some brief notes from the session here via the Future Identity blog, on a couple of topics of particular interest.
February 2009
Liberty Alliance, Privacy Steering Group
Late February saw the Liberty Alliance's plenary meetings, hosted at Sun Microsystems' Santa Clara campus. I was there to plan the next phase of work for the Public Policy Expert Group (PPEG), and also to host a Privacy Steering Group session in which we brought together representatives of the corporate CPO, legal and technology communities to help define Liberty's future work on identity and privacy. A summary of that meeting will go up shortly, both here and on the Liberty website. (Links to follow soon)
There's great work going on at Liberty, particularly in the areas of Identity Governance, Identity Assurance, and an intriguing project called the Citizen Dashboard. This latter work should make significant steps towards something which has, over the past couple of years, frequently been to subject of my mild-mannered rants: namely, a better way for the individual to see and manage their digital footprint.
I know the phrase "watch this space" is horribly clich├ęd, but this is a space genuinely worth watching.
EnCoRe project
I have also taken part in two workshop sessions for the EnCoRe project (mentioned on the Links page of this site).  EnCoRe is one of a triplet of projects sponsored by the UK Technology Strategy Board, and also aimed at improving the quality of individuals' perception of their online privacy and identity. The simply-stated objective of EnCoRe is to make the issuing and revocation of consent 'as easy as turning a tap on or off'. It will be simpler to state than to achieve, I'm sure, but well worth the investigation, and so far a very lean, productive project.

January 2009

Consulting engagement

I was delighted to be able to 'hit the ground running', and kick off 2009 (and Future Identity) by closing an order in the first week of January. This was for a consulting engagement with a UK public sector organisation, to do an analysis of plans for integration with a number of other European authentication services.
As you can imagine, a lot of my time currently is spent on developing the foundations of future business, so here are some of the other activities I've been involved in which I hope will result in project work in due course.
GENI programme
In late January I took part in the 'Workshop on GENI and Security', hosted by the University of California (Davis) for the US GENI programme. This brought together academic and commercial researchers to propose projects for the GENI programme. I set out a proposal for a privacy-related work stream to complement the other functional R&D themes in GENI. The formal proposal was submitted in February, so we will see what results from that once the proposals have been filtered and evaluated.