This afternoon there was a good sized group that got together to discuss Identity Rights Agreements.
One big problem is the legal status of such agreements. Mary Rundle was very helpful to the discussion here.
One point was that an organization (like Identity Commons) could create a "trustmark" that Web sites that take identity data could display saying they agree to abidee by IRAs. This provides some prtection under trademark law, but may not be the best way really punish violaters.
Data protection privacy commissioners want to create a regime for protecting personly identifying information. What we're saying in the discussion of IRAs is that we can build systems that allow users to easily indicate their privacy preferences, at least for some classes of data. What's missing is the legal framework in the middle to make such agreements legally binding.
There's two sides to this: identity owners and identity consumers. I've thought of IRAs being about the identity owner side. There's the other side of trustmarks that indicate what a site's policies are.
We shouldn't have a fixed set of artfully designed icons, but rather a set of choices that lead to the agreements. This is basically what Creative Commons does: make some choices, end up with a few fix choices.
Ultimately, we need to think about negotiation. What if I don't want my credit card stored, but the site policy is to store it. I don't want to enter a negotiation to see whether I or they are willing to compromise.
I-names and other systems creating identity records seem like a great place to start. The interface could let users select IRAs for each identity data field and then be responsible for packaging it into the standard for wrapping identity data (be that hCards, vcards, or something else).
IRAs aren't about technological (DRM) or even legal enforcement, although ultimately legal enforcement may be possible. IRAs are about expressing preferences. If users can express their preferences, service providers can start to cater to them and advertise their willingness to cater to them.