When the government threatened to regulate an industry that has for some time been playing fast and loose with people’s personal data, the industry proposed to open their databases–at least a little. The Open Data Partnership is claimed to be a “market-wide collaboration that allows consumers to gain more control over the information that companies have collected about their interests in one easy-to-use portal.”
SmartPlanet quoted Mike Zaneis, Senior Vice President and General Counsel for the Interactive Advertising Bureau (IAB), who explained:
Better Advertising’s Open Data Partnership is exactly the kind of initiative that will enable us to remain self-regulated as an industry. The more transparency we can provide consumers that enables them to retain control over their own data, the more trusted our ecosystem becomes – to the benefit of everyone.
Interestingly, many of the big data tracking companies have already signed on. (Hubspot, which just received an infusion of $32M from Google and Salesforce, are all missing from the list.)
With predictions for a sharp increase in analytics and data mining in 2011, the window offered by the Open Data Partnership is an interesting third option to “Do Not Track” or laissez-faire. It gives people better understanding and control over what they’re sharing and why. That said, it’s still about advertising (in which people are the product, not the customers).
Coaching moment: This is an interesting situation. If you could know more about yourself by looking at the data being collected, would you? Once you saw this information, would you be inclined to help correct it? If not, why?
1. Mobile identity always has been and will continue to be the biggest game in town. Each year nearly 5 billion smart card technology subscriber identity modules are sold. And as smart phones grow in sophistication and as a result occupy an increasing percentage of user screen time they will become the most important area in the identity marketplace.
2. None of the Facebook, Google, OpenID, triad will actually manage to issue trusted identities in 2011 and consumers will continue to fail to realize they are the product and not the customer for these and many other identity providers.
7. The User Managed Access work of the Kantara Initiative will gain support as it addresses the overarching requirement of the need for user control of personal information in the era of shared infrastructure.
9. Consumers will demand the adoption and benefits of commercial off-the-shelf application software to provide privacy and identity protection of data at rest and in motion via encryption and secure channels in their day to day communications with banks, health care organizations, and other organizations even in those states where it is not mandated.
11. Identity theft and fraud will continue to grow and be subsidized by consumers via premiums, user fees and interest rates without the mandate for strong interoperable identities. And while the National Strategy for Trusted Identities will talk the talk it remains to be seen if it can walk the walk.
Coaching moment: As passive customers of digital services, we are prone to greater influence and manipulation by the system, for the benefits of the system and not for ourselves. If we wish to empower ourselves–and the commercial marketplace generally–with better and more trustworthy practices, we will need to be active and even vocal supporters of the alternatives that lead us in that preferred direction. This isn’t as scary as it might seem. It just means making certain choices more mindfully, more aware of the cost of “free.”
The information sharing industry is pretty opaque to most people. We have no idea what “they” know about us. Moreover, it can be infuriating when certain companies make assumptions about us that are clearly erroneous. It can be absolutely unnerving when total strangers strike a little too close to the bone.
It’s instructive to find out what they know! Several years ago (2006), my friends at Privacy Rights Clearinghouse wrote a post called For the New Year, Resolve to Check Yourself Out that will help you do this. Their list of resources will help you understand who you are from the perspectives of your:
Credit history
Medical Information
Bank account history
Insurance claims
Public records
Search engines
I’d add one point to their last bullet. If you have an account on Google, you can now go into your Google Account Settings (look for the link in the upper right corner to Settings). Under Personal Settings, look for Dashboard: View Data Stored with this Account. It’s a view of what Google knows about you.
Coaching moment: It can be both overwhelming and empowering to know this much about your world. Fortunately, the overwhelming feeling can be countered by putting the story together and taking control of the problems. You’re creating a story, a narrative of who you are. Fix your problems if you can. Imagine a world in which you controlled your own information and others came to you for it. That world might be highly customizable in ways that were unique to you. What would that look and feel like?
At this past IIW, I convened a session to ask if and how it might be possible to do a stateless distributed membership for a website. There are two main ideas behind this proposal. First, I don’t really NEED to have a membership database of my own. That is, I don’t need to have another place for you to create an account, user ID and password. We can use OpenID, Information Cards, or other technologies for authenticating and authorizing you. Second, if I want to move toward a world where you control your own data, I don’t need to maintain the database of your comments. I only need to know where your comments are stored so I can properly assemble things as needed. It’s convenient but not technically necessary to own and control all the bits myself.
My proposal for a Stateless Distributed Membership is a mouthful, so I’ll unpack it a bit. There are three parts: a membership, being stateless, and being distributed.
Membership
Let me start with the easy part. You probably understand the idea of membership as a group or association of people contributing to something like a conversation or project. They’re members of a group, or in my case, members of a conversation or project on my site. Nothing unusual about this idea.
Being Stateless
Next is the idea of being stateless. In computer science, the http protocol that you use to call a web page and associated resources is stateless because you call a page from the URL or a link in your browser, the server responds by sending the page, graphics, or whatever, then you see it. Each request is separate; there’s no need to stay connected to the servers. In my case, being “stateless” means that each transaction is independent. Eve Maler talks about a stateless identity in her post Both a data borrower and a data lender be:
This is a kind of data statelessness, in that when you tell various sites they can set, read, and republish your [information from your Personal Data Store], they’re letting go of any pretense of exclusive hosting control so that they can offer you a different kind of value.
Now, in the IdM and VRM worlds, some of us have been talking aboutidentity statelessness for a while, which is similar but looks more like straight data-sharing (reading) rather than arbitrary service access (setting).
For some reason this is a tougher sell — even though CRM systems and user accounts are shot through with pale copies of stale data (and, in the enterprise case, even though syncing directories and replicating databases is brittle and no fun).
Even when one party — say, you yourself — is authoritative for some piece of personal data (like your home address), all the sites insist on making you provision a copy of this data into their profile pages by hand and by value, and insist on thinking they own something truly valuable even after you move and forget to tell them.
The bottom line: if I don’t insist on “owning” your data, we both will realize more value from our trust and flexibility. It’s daring, and in the larger scheme of things, I believe it’s a Good Thing.
Distributed
Finally, the term distributed refers to the fact that all parts of the conversation or projects are stored elsewhere on the net. If you wish to add a comment to a conversation on my server, your comment is added to your personal datastore (wherever it is, and whatever form it might take). When you wish to read the conversation, my server compiles the contributions as needed.
In this model, I do need to maintain a database of where to find your comments and a way to authorize you as the person who granted permission for me to include them in the conversation on my website. But think of it: if you want to revoke permission for me to use your comments, you can. How revolutionary (and potentially messy) is that?
Furthermore, you may choose to log in using an identity that’s different from the last one you used. That works on my server. For example, you might wish to be a regular person contributing to most conversations, but if you’re a professional fundraiser and one of the threads is about raising funds for a non-profit, you may wish to disclose your work and position in that context. Your two identities describe different parts of your life, and you may have good reasons to keep those parts separate.
The IIW Session
In my session, I described this concept and asked what people thought about it. I offered three scenarios where people might interact. One of them: a conversation or forum where blog posts and trackbacks can help create a threaded conversation. The session is an hour-long exploration and discovery of the possibilities. If you have questions or can add a piece to this puzzle, I’d love to hear from you.
My heartfelt thanks go to the people with whom I’ve spoken about this, including =JeffH, Eve, the guy at the end of the video talking with me about trackbacks (I’m sorry I can’t find your name), several others who made great suggestions and shared ideas at my session, and Joe, who spent considerable time exploring underlying frameworks with me.
Coaching moment: You probably have more than one account online, and have likely cursed the problem of forgetting user names and passwords. You may have wished that the picture of you holding a beer wasn’t online for your boss to see. Maybe you’ve been spooked by an advertisement for something that you really didn’t want. If you could do things differently, what would you do? How do you handle your accounts now? Do you feel secure about your online practices? Do you even want to be in control? Not everyone does.
This post is going all geeky on you. There’s a mission and a method to my madness, and I mean madness in the most forward thinking way. After all, if we don’t have a vision or a dream, what makes up the color in our future?
First up is Fred Wilson’s presentation from a talk that he gave at Google. Note that even though these are just the slides, Wilson gives you a clear idea that there’s something disruptive going on.
Second up is a report from JD Lasica and the Aspen Institute entitled Identity in the Age of Cloud Computing (PDF, purchase). Lasica points out that the disruption is all about identity, personal empowerment, and benefits to society and commerce all around. From his report:
Excerpt: Why the Cloud Matters
According to Newsweek: “At the end of August [2008], as Hurricane Gustav threatened the coast of Texas, the Obama campaign called the Red Cross to say it would be routing donations to it via the Red Cross home page. Get your servers ready—our guys can be pretty nuts, Team Obama said. Sure, sure, whatever, the Red Cross responded. We’ve been through 9/11, Katrina, we can handle it. The surge of Obama dollars crashed the Red Cross website in less than 15 minutes.”
The New York-based tech start-up Animoto, which lets users create professional-quality, MTV-style videos using their own images and licensed music, was averaging 5,000 users a day until it suddenly received a burst of new users who discovered it through Facebook. Its traffic surged to 750,000 visitors over three days. The number of servers Animoto was running on jumped from 50 to 3,500 during that span of time. “It was just numbers we never imagined we would ever see,” chief technology officer Stevie Clifton told a Seattle newspaper. “It was fun and scary and pretty cool.” Thanks to AmazonWeb Services, Animoto’s servers did not crash, because Animoto does not have any servers. It outsources its computing power to Amazon.comand pays only for what it uses. The ten-employee company is now expanding. Amazon CEO Jeff Bezos touts Animoto as the poster company for cloud computing.
The tales of the Red Cross and Animoto neatly sum up the contrast between the former economy and the emerging cloud economy. If the Internet economy is an apt descriptor of the changes taking place around us today, then the term cloud economy could justly be ascribed to the still larger global disruptions ahead. Google CEO Eric Schmidt has called this “the cloud computing age.”
Coaching moment: Sometimes people I talk with say that they feel like a lone wolf howling at the moon. Most of the time these people are visionaries or idealists that don’t have a common public voice. The crowd hasn’t discovered the conversation yet. Identity is one of those conversations. It’s a relatively small group talking about a subject that everyone will be impacted by, and that the future will be shaped by (one way or another).
If you’re one of the lone wolves, take heart. Keep up the good work. The more we tell the story, the better we get. The better the story becomes, the more people will want to hear it. The time is good to explore, discover, think, discuss, and practice telling the story. Not everyone is ready to hear it yet, which is ok. All things in time.
![[del.icio.us]](http://digitalidcoach.com/wp-content/plugins/bookmarkify/delicious.png)
![[Facebook]](http://digitalidcoach.com/wp-content/plugins/bookmarkify/facebook.png)
![[LinkedIn]](http://digitalidcoach.com/wp-content/plugins/bookmarkify/linkedin.png)
![[Ma.gnolia]](http://digitalidcoach.com/wp-content/plugins/bookmarkify/magnolia.png)
![[Technorati]](http://digitalidcoach.com/wp-content/plugins/bookmarkify/technorati.png)
![[Twitter]](http://digitalidcoach.com/wp-content/plugins/bookmarkify/twitter.png)
![[Email]](http://digitalidcoach.com/wp-content/plugins/bookmarkify/email.png)
