??”The Laws of Identity, Cameron, 2005
Let??™s focus once more on the partnership example we
introduced in last section ???User Control and Consent.???
The Seven Laws of Identity 97
Your company negotiated access to the hardware vendor website
to ful?¬?ll a business need, empowering employees to purchase
devices for the company with a process as agile as
possible. The purchase process needs to gather some speci?¬?c
data from every shopping session. The fact that you are an employee
of a certain partner, your name, the business address to
which items will have to be shipped, coordinates for emitting an
invoice, the spending limit that has been assigned to you or to
your role. Omit any of those data, and the transaction cannot
take place. Do they need to know your salary? Your home address?
Your blood type? You religious beliefs? Your hair length?
They would probably be happy to have some of that information,
but the answer to all these questions is a resounding no.
The reason for which you are shopping at their website is performing
purchases for your employer. The fact that you are a
geek and that later that night you will buy an oscilloscope for
your personal enjoyment is not relevant now, and therefore your
home address should not be part of the current transaction.
Pages:
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176