• Companies should move away from the "single sign-on" idea and accept that different types of information require different levels of security. One password doesn't fit all.
• The notion of unique "document identifiers" doesn't go far enough. We need unique "person identifiers" that aren't sensitive but can be used to disambiguate people. Then we need a way to record those identifiers to associate them with the right people. Some systems, such as LinkedIn, are starting to serve in this capacity, in the sense that once I've connected to someone, I should be able to find them regardless of how their email address and other contact information change in the future.
• Finally, if you want to fall off the grid, at least leave a few bread-crumbs for your old friends.