Silicon Valley’s stealth incubator forging an identity
Mountain View, Calif. - Tucked into the upper floor of the Computer History Museum, above the Babbage Engine, the Hall of Fellows, and decades worth of artifacts, perhaps the most unknown incubator in the Valley is ironically working on identity.
Since 2005, the Internet Identity Workshop (now known simply as IIW) has brought together the brightest people working on answering the most basic question on the Internet – who are you?
Last week, IIW held its 15th three-day conference, attracting among others lawyers, venture capitalists, government wonks, Ph.D students, scientists, CEOs, CSOs, CTOs, CIOs, privacy experts, psychologists, reputation specialists and identity geeks.
“There is no graduate course in identity, this is the course,” said Don Thibeau, chairman of the Open Identity Exchange (OIX), which was conceived at IIW some five years ago. “IIW is like a floating center of excellence that picks people up and drops them off when they are done.”
With its unusual “unconference” format (there is no agenda – attendees suggest session topics each morning), eclectic list of global participants and unique traditions such as recognizing select contributors with wine or chocolate at the end of each day, IIW has become the innovation and collaboration pump for the identity industry and all that intersects with it.
OAuth 2.0, an authentication/authorization protocol, started here. It became an Internet Engineering Task Force (IETF) standard earlier this month and is already in use at such places as Google and Salesforce.com to secure mobile applications, and cloud and enterprise APIs.
OpenID Connect got its start at IIW and is now destined to become a standardized anchor for identity federation on the Web.
Combat collaboration
“IIW is a cauldron of benevolent chaos,” says Justin Richer, a member of the IETF’s OAuth 2.0 working group, who comes to dive into issues of the day. “There is just enough structure to make it fly.”
Thibeau remembers developing OIX, a trust framework certification program, at IIW. “We presented our idea every day of every IIW for three years in a row until we go it right.” Thibeau recalls people telling him how stupid the idea was before he and his colleague Drummond Reed returned to their hotel each night to refine the presentation. “Then we would go back the next day to hear them yell some more.”
Now, among other work, OIX is a trusted advisor to the British government in its nation-wide rollout of consumer access to public services via mobile and social identities. In addition, the U.K. has joined the OIX board.
In its early days, the National Strategy for Trusted Identities in Cyberspace (NSTIC), now infused with $16.5 million in federal funding, used IIW to vet some of its ideas and strategies, and to rally the identity community. IIW co-founder Kaliya “IdentityWoman” Hamlin was elected Consumer and Citizen Advocate delegate on the NSTIC steering group.
“It’s a different model of incubator,” says Mary Ruddy, chair of Identity Commons, which counts IIW as one of its working groups. “It is for innovating along an industry dimension. It’s an upside down umbrella place,” says Ruddy, who also is the founder of Meristic, which provides strategy and implementation services for user-driven identity management.
Ruddy says part of IIW’s beauty is the conversations that happen in what some participants describe as the “DMZ of IPR (intellectual property rights).”
“It is cool to see an idea from one or two seemingly crazy participants seven years ago now several years later have a bunch of companies that have code running and users and it is a fundable concept," she said.
At IIW, it is not uncommon for those “crazy participants” to be developers, engineers, entrepreneurs, government officials, vertical industry experts and policy makers who huddled together in a “session” drawing flow charts or debating strategies.
Where it all began
In 2005, the first IIW was held in a conference room at the University of California-Berkeley.
“We were a small group of about 30 like-mined people that thought there was more to Internet identity than user names and passwords,” said Phil Windley, who co-founded IIW along with IdentityWoman and Doc Searls, co-author of the Cluetrain Manifesto, author of The Intention Economy and long-time senior editor at Linux Journal.
Last week’s IIW, drew more than 200 attendees.
“The biggest change is now we have these groups that use IIW to work across company boundaries to solve problems in the identity space that don’t get talked about anywhere else,” said Windley. “Here people do real work. They argue about stuff.”
At IIW, participants check company logos and non-disclosure agreements at the door.
Dazza Greenwood, an IIW veteran and lecturer at MIT Media Labs, sees the conferences as an appropriate, safe and encouraging forum for that to happen.
He likens the innovation focus to Detroit's early days in the automobile industry, where the city’s pacesetters gathered socially and switched companies liberally much like technology movers-and-shakers do in Silicon Valley today.
“With IIW, people are distributed globally instead of concentrated locally, so this is that place to get together. The community building aspect is very valuable. You don’t get it anywhere else,” said Greenwood.
He recounts an insurance official who showed up in years past to jump-start an industry identity foundation. This year, real estate and mortgage banking interests used IIW to incubate ideas.
Peter Stepman, head of research and innovation at London-based venture capitalist firm WPSChallenger, came last week to his first IIW and led a couple of sessions, including one called “Group Therapy” to discuss how to communicate the value of identity to those who are not involved at this level.
“What I love about this is that we are all future pioneers,” said Stepman. “We have the desire to go forward, to trial, to do new things, and we all can communicate and exchange thoughts and ideas very fast here.”
Michael Dietz, another first timer, former Google intern and current Ph.D student at Rice University, came to get another angle on the topic.
“Here you can effect what you take away from the conference,” he said. “When you go to an academic conference you get a very narrow view of the world.”