Identity and Nymity: Public Policy Issues

Roger Clarke

Principal, Xamax Consultancy Pty Ltd, Canberra

Presentation to the Enterprise Architecture Open House, Government of Ontario, Toronto, 8 June 2004

Version of 17 May 2004

© Xamax Consultancy Pty Ltd, 2004

Available under an AEShareNet Free
for Education licence

This document is at

The accompanying slide-set is at


People are complicated. Each person presents themselves in many different roles, and has many identifiers, yet is only a single entity. To complicate things even further, multiple identifiers, and multiple sets of records in separate silos, have long been among the most important privacy protections.

People have also enjoyed anonymity in many circumstances. Cash payments for busfares and cups of coffee, voting, and treatment at discreet clinics, have not required disclosure of any of a person's identities, far less of a biometric. There have also been many circumstances in which pseudonyms have been permissible, such that the person behind the nym isn't known unless positive steps are taken to break through the veil.

These kinds of privacy protection are under assault to a far greater extent now than ever before. Can government agencies (and, indeed, consumer marketing corporations) exercise their legal and market muscle to simply force citizens and consumers to comply with their dictates?

People are being told to yield up identifiers at every turn, permit correlation among those identifiers, and accept the collection of biometric measures as complacently as packages and pallets. Are there limits to the practicality of these demands, and even to their acceptability? And, if there are such limits, how can architects and designers find out where they are?


An informal overview of the concepts is provided in 'Identification and Authentication Fundamentals'.

Indexes are provided to the author's works in the following areas:

The following are the key papers on which this presentation and paper draw:

Clarke R. (1994) 'Human Identification in Information Systems: Management Challenges and Public Policy Issues' Info. Technology & People 7,4 (December 1994). At

Clarke R. (1999) 'Anonymous, Pseudonymous and Identified Transactions: The Spectrum of Choice', Proc. IFIP User Identification & Privacy Protection Conference, Stockholm, June 1999, at

Clarke R. (2001) 'Authentication: A Sufficiently Rich Model to Enable e-Business' Review Draft of 26 December 2001, at

Clarke R. (2003) 'Authentication Re-visited: How Public Key Infrastructure Could Yet Prosper' Proc. 16th Bled Electronic Commerce Conf., Bled, Slovenia, 9-11 June 2003, at

Clarke R. (2004) 'Identity Management: The Technologies, Their Business Value, Their Problems, and Their Prospects' Xamax Consultancy Pty Ltd, March 2004, purchasable from

About the Author

Roger Clarke is Principal, Xamax Consultancy Pty Ltd, Canberra, which he established in 1982. His practice is primarily in strategic and policy aspects of eBusiness, information infrastructure, and dataveillance and privacy.

He has Honours and Masters degrees in Commerce, and a doctorate in information systems. He is also a Visiting Professor in the Baker & McKenzie Cyberspace Law & Policy Centre at the University of N.S.W., and in the E-Commerce Programme at the University of Hong Kong, and a Visiting Fellow in the Department of Computer Science, Australian National University.


Go to Roger's Home Page.

Go to the contents-page for this segment.

Send an email to Roger

Created: 17 May 2004

Last Amended: 17 May 2004

These community service pages are a joint offering of the Australian National University (which provides the infrastructure), and Roger Clarke (who provides the content).
The Australian National University
Visiting Fellow, Faculty of
Engineering and Information Technology,
Information Sciences Building Room 211
Xamax Consultancy Pty Ltd, ACN: 002 360 456
78 Sidaway St
Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 1472, 6288 6916