As the Internet of Things (IoT) bridges the gap between our virtual and digital worlds, personal data and security becomes a challenge. By leveraging the OpenStand Principles, Kantara members seek to leverage open standards to develop verifiable trusted solutions that respect users, serve society, and grow markets.

The Intersection of Things and Identity

As modern ICT infrastructure, networked devices and sensors combine to form the framework for the Internet of Things (IoT), the vital lifeblood that flows through IoT is personal and object-related data. The secure, precise and reliable management of the data shared between connected machines, objects and humans is critical to the future.  It is only when the proper data, identity, security and privacy frameworks are established that the true and positive potential of a technology-enabled, connected life for global citizens can be realized.

The IoT promises to bridge the gap between our virtual and digital worlds, creating a seamless connected experience for people. However, the quality of this future, “connected life” depends on our ability to develop new and improved, innovative and trust-based personal identity management solutions.  The complexities of Identity Management practices and solution limitations make it challenging for global inter-disciplinary communities to harmonize their identity and security practices and policies, online and offline.

The technology services and frameworks that connect businesses, consumers, governments and people are rapidly evolving.  Early Identity Management (IdM) technology services focused on security and access management – typically within organizational or national perimeters. However, the scope of these solutions is limited when taken into consideration against the increasingly complex and borderless nature of modern data sharing practices.

Personal Data and Security

As technology enables and expands our reach, we find ourselves challenged to comprehend the security and privacy implications of our modern human interactions.  The amount of personal data being generated has exponentially increased, fueled by the proliferation, adoption, and use of mobile, wearable, and sensor-enabled devices.  These technologies gather sensitive personal data that can be highly useful and beneficial to individuals and enterprises alike.  However, when put into the wrong hands, the same data may also be used for harm.

For example, today, many wearable devices are equipped with sensors that can record an individual’s physical activity, from the number of steps taken to sleep quality, diet patterns, heart rate, blood sugar levels and more. When combined with other recorded data (E.g. time/date, geo-locational information) and transmitted, via networked connections that employ different levels of security, our personal data can power apps, drive social media updates and be readily shared with other people or entities for a variety of purposes.

From a positive perspective, this data can help individuals manage and improve their physical health, be readily shared with partners and caregivers, be utilized in aggregate to support medical research and leveraged in other beneficial ways.  Unfortunately, our personal data may also be used in ways that are less obvious and/or desirable. On the down side, personal data can be intercepted by others, leveraged or sold to advertisers or used algorithmically to identify behavioral patterns that may impact an individual in an unforeseen manner, such as being leveraged by an insurance company to justify a policy rate increase.

Without question, the global need for comprehensive systems that enable the management and governance of personal data and identity systems presents a new frontier for ideation and innovation.  Varying national and industry practices exist today with regard to data management, privacy and security.  However, as our devices, apps and connections proliferate; as our data is shared in unforeseen ways; and as we attempt to realize the promises of IoT and new technology, a harmonized, proactive approach for the comprehensive management of our personal data, identity and privacy is a critical necessity.

Developing Trust-Based Services

To help improve and accelerate adoption of relationship-based digital identity solutions that support and simplify our connected lives, Kantara Initiative is running two parallel activities:

The Identities of Things Discussion Group (IDoT) is working to map and more fully understand the landscape (players, activities, solutions, trends, etc.) that stand at the intersection of Identity management and IoT.  The group’s goal is to deliver recommendations for the development and adoption of best practices, and to conduct a gap analysis that will help inform communities about collaboration opportunities that support interoperability within specific areas of interest.

The Identity Relationship Management (IRM) Working Group is researching, analyzing and developing best practices (and may potentially recommend future standards development activities) related to the varying global technical and policy frameworks that currently govern the connections between humans, entities, and devices. In the near term, this group will deliver a report that explores the “Laws of Relationships – A Work in Progress.”

Participation in both groups is open to anyone. Additional information can be found here.

When Kantara members have secured a more complete picture of the identity and IoT landscape, along with the associated implications related to security, privacy and technology interoperability, collective focus will shift.  In the next phase, members will focus on working collaboratively, openly and transparently developing programs and solutions to drive innovation in the global Identity Management space. Ultimately, Kantara Initiative seeks to establish a trust-driven foundation comprised of identity services that streamline and support a globally connected society, while respecting individual rights and privileges, and enabling companies, industries, government and civil service organizations to better serve people through advanced, interoperable technologies.

Kantara and OpenStand

Kantara Initiative is a signatory for the OpenStand Principles, and embraces an open, transparent, multi-stakeholder community.  Kantara members include technology and policy professionals from industry, research, academia governments, civil society, and more.

The adoption of the OpenStand Principles will help drive the open development of a transparent, accessible environment that supports innovation, technology development, and deployment for the benefit of humanity. By leveraging the OpenStand Principles, Kantara members seek to leverage open standards to develop verifiable trusted solutions that respect users, serve society, and grow markets.

For more information on how to get involved, please click here.


Joni Brennan is a contributing advocate and is the Executive Director for the Kantara Initiative

Contributing Advocate
Joni Brennan,
Executive Director, Kantara Initiative

About Kantara Initiative
The Kantara Initiative is a non-profit organization that helps accelerate the identity services market by developing innovations and programs to support trusted on-line transactions. The organization is dedicated to identify, and develop innovative and “trust-based” solutions that support the Connected Life. By definition, trust-based solutions leverage open standards, enable proportional data sharing in a manner that respects users, and apply verifiable best practices. Kantara Members are working to openly assess, innovate and develop programs that will help ensure a more safe, seamless and streamlined connected experience.