Identity is everywhere. But does it need to be? How can we answer this question?
Lots of websites want or need you to sign in. Sometimes this is because the system just won’t work if you don’t. In some others, it’s an optional but genuinely helpful part of the machinery. But often, identity is there to allow collection of data, and not to improve the function of the system.
How can tell the difference between these scenarios, and what does it mean for the way websites should be built?
For your eyes only
Some websites fundamentally won’t work unless you sign in. With the exception of something like Maildrop, which is a deliberately temporary email system with “no expectation of privacy”, you can’t use soemail without a persistent address and a way to protect your inbox from other people.
You can’t collaborate in a shared document unless you know who’s editing what. In general, you can’t have a system remember something - like your favourite locations on a map - unless you have some way to come back as you.
This is functional identity: identity that enables features that wouldn’t work without it.
Identity and Access
Sometimes identity isn’t about who you are, but what you’re entitled to access.
- Netflix requires personal identity because the individual is the customer.
- Academic journals often use institutional identity: IP ranges, proxy access, or federated systems like Shibboleth and OpenAthens.
This is identity as proof of payment. The system doesn’t need your name. It needs to know that someone with access rights is requesting a resource.
Need-to-know vs. Want-to-know
4. Identity as Convenience: The Trade-Off
Other systems collect identity not because they must, but because it’s helpful—to the user, and especially to the platform.
- Amazon stores your payment and shipping details.
- Spotify recommends music based on listening history.
- Deliveroo remembers your past orders and preferred restaurants.
This is identity as lubricant—it reduces friction and enables personalisation. But this same convenience opens the door to behavioural profiling, preference shaping, and cross-context tracking.
5. Identity as Control: The Overreach
Some systems demand identity when they don’t need it at all.
Take BBC iPlayer. Funded by the UK licence fee, it is—technically—a public service. But viewers now need a personal account to access content, not because the platform requires it functionally, but because it supports analytics and audience segmentation.
This is identity as strategic overreach: the transformation of a public-good system into a private-data asset.
6. Google: The Identity Gravity Well
No platform illustrates the full identity spectrum better than Google:
- Search works without a login—but your queries are logged if you are signed in.
- YouTube, Maps, and News function anonymously, but are significantly more tailored with identity.
- Gmail, Drive, and Calendar require sign-in—they are identity-dependent systems.
What makes Google especially powerful is its use of OpenID Connect (OIDC) and Single Sign-On (SSO), which allow your identity to persist invisibly across services.
Sign in once, and your identity silently follows you—across products, pages, sessions, and time.
6.5 Analytics and the Illusion of Anonymity
Even when you’re not signed in, tracking continues.
Google Analytics and similar platforms are embedded across millions of websites. They use pseudonymous identifiers (e.g. _ga cookies), device fingerprints, and session IDs to collect behavioural data (Google Analytics Terms).
Although platforms claim these identifiers are “anonymous”, they coexist with sessions where you are signed in. Correlation—via AI or simple matching—is trivial and increasingly automatic (EFF: One-Way Mirror).
6.6 Correlation Is Inevitable
Retail platforms exploit this fact:
- Your signed-out browsing history fills your cart when you return.
- Your views and preferences persist across devices.
- When you eventually sign in, all prior behaviour is linked.
Machine learning makes these correlations inevitable—even across cookie resets, incognito sessions, or pseudo-anonymous logins (Brave Research on ML and Identity).
“You can sign out any time you like, but you can never leave.”
6.7 The Failure of Consent
To address privacy concerns, we got cookie banners and consent managers.
But most are riddled with dark patterns:
- “Accept All” is always brighter
- Refusing tracking requires multiple steps
- Preferences are buried, delayed, or obscured
These banners allow platforms to say “you consented”—without ensuring that users understood or meant to. This is performative privacy, not actual control.
6.8 The Browser Pushback
Real change has come from browsers, not businesses:
- Safari uses Intelligent Tracking Prevention (ITP), limiting third-party cookies via on-device machine learning.
- Firefox blocks known trackers by default (Mozilla ETP).
- iOS introduced a system-level option to “Ask App Not To Track”, cutting off cross-app fingerprinting.
These tools reduce the scope of surveillance—but don’t rebuild the system.
7. From Platform Identity to Wallet Identity
That’s what digital wallets propose: shift identity from platforms to people.
Instead of signing in to dozens of services and handing over your email and phone number, you could selectively share just what’s needed:
- Prove you’re a student—without revealing your university email.
- Prove you’re over 18—without sharing your birthday.
This is the promise of the Verifiable Credentials (VC) standard and Decentralized Identifiers (DIDs), both from the W3C.
The EU Digital Identity Wallet (under eIDAS 2.0) is turning this into law for Member States.
Technically, this is made possible by protocols like Self-Issued OpenID Provider (SIOP), which allow users to authenticate using identities stored on their own device—not controlled by Google, Facebook, or Apple.
8. Identity with Integrity
The goal isn’t to reject identity. It’s to use it wisely.
✅ Use identity when it’s functionally required ✅ Allow entitlement-based access without individual exposure ❌ Avoid identity collection where it serves only platform goals ❌ Challenge systems that collect identity because they can
The RIVER framework offers one example in the research world: preserving provenance and accountability in authorship without extending surveillance or undermining institutional access.
The same principle can apply across the web.
9. Conclusion: A Web That Asks, Not Assumes
Today, identity is ambient. It’s inferred even when not offered. It persists even when you think you’ve left.
To fix this, we need more than patchwork consent and protective defaults. We need to rethink identity from the ground up:
- From centralised to distributed
- From persistent to contextual
- From platform-owned to user-held
Next time you’re asked to log in, stop and ask:
Is this for my benefit—or theirs?
Because the most important identity online might be the one that says: not this time.