Bob Blakley, principal analyst at the Burton Group has, from time to time, talked about the “identity oracle.” Currently there are none, but Bob is convinced that there is a sound business model for one, which will – in the fullness of time – allow one to sprout, grow and flourish. This will happen, because – in Bob’s words: “…as long as we continue to try to solve privacy problems using technology, we are going to continue to fail, and the Internet will continue to lack an identity layer, and it will continue to be a privacy hazard. Identity and privacy are not technology problems – they’re social, legal, and economic problems – and no technology can solve these problems.”

But the identity oracle can solve the privacy problem.

Let’s say there’s a person, we’ll call him “Bob,” who wants to buy some wine from an Internet site and have it shipped to his house. In today’s market, Bob must provide the retailer with his credit card information, his shipping and billing addresses (because wine can only be shipped to certain states) and Bob must be home when it is delivered in order to prove to the delivery person that he is of legal age to buy alcoholic beverages.

None of that information needs to go to the wine seller (and, thus, to whomever the wine seller wishes to disclose it, either for free or for cash). Bob simply indicates to the wine seller who his identity oracle is. The wine seller asks the oracle: “Can Bob legally buy wine and receive it at his home address?” To which the Oracle replies either “yes” or “no.” If yes, the following transactions can occur:

1) The wine seller tells the oracle to bill Bob for the wine purchase.
2) The oracle tells Bob’s bank to debit that amount.
3) The wine seller delivers the shipping box to a carrier.
4) The oracle tells the carrier where to deliver the box and asks “how much?”
5) The oracle tells Bob’s bank to debit that amount.
6) The wine is delivered to Bob.

The wine seller cannot spam Bob (either by e-mail or snailmail) as it doesn’t know his address. Neither the bank nor the carrier knows what it is that Bob purchased. Only Bob and the oracle can reconstruct the entire transaction.

So why trust the oracle?

As Blakley puts it: “The identity oracle charges the wine seller and other relying-party customers money for its services. The asset on the basis of which the identity oracle is able to charge money is its database of personal information. Because personal information is its only business asset, the identity oracle guards personal information very carefully. Because disclosing personal information to relying-party customers like the wine seller would be giving away its only asset for free, it strongly resists disclosing personal information to its relying-party customers. In the rare cases in which relying parties need to receive actual personal data (not just metadata) to do their jobs, the identity oracle requires its relying-party customers to sign a legally binding contract stating what they are and are not allowed to do with the information.”

Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management.