When I go to a bar, the bouncer usually stops me and asks for an ID. I show him my state-issued driver’s license and walk on by. This may be unusual, as I’m 36 (thanks, mom, for the good genes), but we’re all pretty accustomed to presenting our official identification when needed. We need IDs to vote in an election, and when we get pulled over for speeding. If identification is so commonplace in the physical world, why is it still such a hazy area on the Internet?
In the old days of web publishing, almost every site required its users to register in order to access certain functionalities, like commenting. However, each login was only useful to its corresponding website. Users had to remember a myriad of usernames and passwords just to read up on the morning news.
With the rise of social networks and search platforms, a few large B2C companies evolved into large-scale consumer identity providers (a.k.a. IdPs) — Facebook, Twitter and Google, among others. These companies began to fill the identity-management gap by giving users a few different IDs that worked across media websites. For instance, you can register at Mashable using your Facebook or Twitter ID, and a few others (like Google) will be activated soon.
As many of you know, when you register on a media site with your Facebook or Twitter identity, you’re usually asked to give access to your profile data (like name and email address), and allow that site to publish to your feeds (like your News Feed on Facebook, or your Timeline on Twitter). Presumably, media sites, not unlike Mashable, do this with the best of intentions. But they’re only going to publish content to your feed that you’ve expressed interest in, and then follow up with you via email, right? Maybe.