The information sharing industry is pretty opaque to most people. We have no idea what “they” know about us. Moreover, it can be infuriating when certain companies make assumptions about us that are clearly erroneous. It can be absolutely unnerving when total strangers strike a little too close to the bone.
It’s instructive to find out what they know! Several years ago (2006), my friends at Privacy Rights Clearinghouse wrote a post called For the New Year, Resolve to Check Yourself Out that will help you do this. Their list of resources will help you understand who you are from the perspectives of your:
Credit history
Medical Information
Bank account history
Insurance claims
Public records
Search engines
I’d add one point to their last bullet. If you have an account on Google, you can now go into your Google Account Settings (look for the link in the upper right corner to Settings). Under Personal Settings, look for Dashboard: View Data Stored with this Account. It’s a view of what Google knows about you.
Coaching moment: It can be both overwhelming and empowering to know this much about your world. Fortunately, the overwhelming feeling can be countered by putting the story together and taking control of the problems. You’re creating a story, a narrative of who you are. Fix your problems if you can. Imagine a world in which you controlled your own information and others came to you for it. That world might be highly customizable in ways that were unique to you. What would that look and feel like?
At this past IIW, I convened a session to ask if and how it might be possible to do a stateless distributed membership for a website. There are two main ideas behind this proposal. First, I don’t really NEED to have a membership database of my own. That is, I don’t need to have another place for you to create an account, user ID and password. We can use OpenID, Information Cards, or other technologies for authenticating and authorizing you. Second, if I want to move toward a world where you control your own data, I don’t need to maintain the database of your comments. I only need to know where your comments are stored so I can properly assemble things as needed. It’s convenient but not technically necessary to own and control all the bits myself.
My proposal for a Stateless Distributed Membership is a mouthful, so I’ll unpack it a bit. There are three parts: a membership, being stateless, and being distributed.
Membership
Let me start with the easy part. You probably understand the idea of membership as a group or association of people contributing to something like a conversation or project. They’re members of a group, or in my case, members of a conversation or project on my site. Nothing unusual about this idea.
Being Stateless
Next is the idea of being stateless. In computer science, the http protocol that you use to call a web page and associated resources is stateless because you call a page from the URL or a link in your browser, the server responds by sending the page, graphics, or whatever, then you see it. Each request is separate; there’s no need to stay connected to the servers. In my case, being “stateless” means that each transaction is independent. Eve Maler talks about a stateless identity in her post Both a data borrower and a data lender be:
This is a kind of data statelessness, in that when you tell various sites they can set, read, and republish your [information from your Personal Data Store], they’re letting go of any pretense of exclusive hosting control so that they can offer you a different kind of value.
Now, in the IdM and VRM worlds, some of us have been talking aboutidentity statelessness for a while, which is similar but looks more like straight data-sharing (reading) rather than arbitrary service access (setting).
For some reason this is a tougher sell — even though CRM systems and user accounts are shot through with pale copies of stale data (and, in the enterprise case, even though syncing directories and replicating databases is brittle and no fun).
Even when one party — say, you yourself — is authoritative for some piece of personal data (like your home address), all the sites insist on making you provision a copy of this data into their profile pages by hand and by value, and insist on thinking they own something truly valuable even after you move and forget to tell them.
The bottom line: if I don’t insist on “owning” your data, we both will realize more value from our trust and flexibility. It’s daring, and in the larger scheme of things, I believe it’s a Good Thing.
Distributed
Finally, the term distributed refers to the fact that all parts of the conversation or projects are stored elsewhere on the net. If you wish to add a comment to a conversation on my server, your comment is added to your personal datastore (wherever it is, and whatever form it might take). When you wish to read the conversation, my server compiles the contributions as needed.
In this model, I do need to maintain a database of where to find your comments and a way to authorize you as the person who granted permission for me to include them in the conversation on my website. But think of it: if you want to revoke permission for me to use your comments, you can. How revolutionary (and potentially messy) is that?
Furthermore, you may choose to log in using an identity that’s different from the last one you used. That works on my server. For example, you might wish to be a regular person contributing to most conversations, but if you’re a professional fundraiser and one of the threads is about raising funds for a non-profit, you may wish to disclose your work and position in that context. Your two identities describe different parts of your life, and you may have good reasons to keep those parts separate.
The IIW Session
In my session, I described this concept and asked what people thought about it. I offered three scenarios where people might interact. One of them: a conversation or forum where blog posts and trackbacks can help create a threaded conversation. The session is an hour-long exploration and discovery of the possibilities. If you have questions or can add a piece to this puzzle, I’d love to hear from you.
My heartfelt thanks go to the people with whom I’ve spoken about this, including =JeffH, Eve, the guy at the end of the video talking with me about trackbacks (I’m sorry I can’t find your name), several others who made great suggestions and shared ideas at my session, and Joe, who spent considerable time exploring underlying frameworks with me.
Coaching moment: You probably have more than one account online, and have likely cursed the problem of forgetting user names and passwords. You may have wished that the picture of you holding a beer wasn’t online for your boss to see. Maybe you’ve been spooked by an advertisement for something that you really didn’t want. If you could do things differently, what would you do? How do you handle your accounts now? Do you feel secure about your online practices? Do you even want to be in control? Not everyone does.
This year I’ve been scrambling between sessions that start and end with no break in between. Many of the videos are missing the first few minutes; the whole of the sessions are here. I’ll be uploading these over the next couple of days as my net access is severely constrained. One might reasonably think that the Computer History Museum–in the heart of Silicon Valley–would have good wireless connectivity, but I’ve seen too many jokes about their connecting a 300 baud modem to the wireless router. After all, it is history.
Yesterday I convened a workshop for the purpose of examining the ideas behind–and controls around–sharing of information. What’s information sharing? When we sign up for an online account, or when we purchase anything with a credit card, or when we introduce ourselves and offer our business card, we are sharing information with someone. What happens to that information next, and how people or companies benefit by or control it, was the subject of this workshop.
Scenario planning is a way of looking at a complex world and future decisions. Normally the practice of scenario planning takes considerable time (easily weeks to months), research, expertise and analysis to do properly. I was trained to do scenarios by Global Business Network (GBN), a company that first popularized this as a consulting practice. You may be interested in a scenarios paper I wrote back in 2002 for a more general audience, about the balance of power between restrictive/open network access providers and restrictive/open content providers: Our Stake in Cyberspace: The Future of the Internet and Communication As We Know It.
For our workshop purposes, we compressed the scenario planning process down to one day, brainstormed about our decisions and concerns, simplified the research, used the group’s expertise, and came away with simplified, shared insights. I’m still sorting through the notes and will post more about it shortly. One of the bottom lines from this event is this (thanks Joe): if I want to support user-driven access and control of information sharing, I need to be part of the VRM conversation, and help build and support the businesses involved in this work. (So far every VRM-oriented business appears to be in development.) Many of us are part of the conversation (mailing lists, social networking groups, face to face conversations, et al). I invite you to join the mailing list or read and comment on the blogs in the Blogroll (right column).
Coaching moment: What are the most important decisions that you or your business need to make in the next 3-7 years? Your questions might be yes/no or a choice among several. Now look to see what kind of forces affect your decisions. What kind of situations or characteristics or business/environmental forces will impact your decisions the most? Which ones can you do something about?
The process of writing down, then sorting through your mountains of details will often help you see your decision picture more clearly. Your considerations should include things you can do something about, things that affect you directly and need to be addressed. It’s generally not helpful in resolving your individual decisions to spend much time on global concerns that are not relevant to your decisions and out of your control right now, or are otherwise just plain unobtainable.
Basic brainstorming, sorting and planning is something you can do on your own or with friends. It’s not too hard, doesn’t require fancy tools (pencil and paper works well), and there are rewards (possibly great rewards!) for having tried. Don’t quickly push ideas away because they’re silly: sometimes those are the most valuable in the right context. You just need to write everything down, then sort and think about it; maybe re-sort and re-think. Ok, ready?
It’s that time of year again. The Internet Identity Workshop (IIW X) is coming up in a week. I’m planning to attend, and will keep you informed by video.
Speaking of IIW and videos, I was just reviewing my videos from last year (IIW IX and IIW8). One lesson learned: last year for IIW IX I tried to live stream the sessions but wow, the network at the Computer History Museum is… how shall I say… less than optimal for anything like staying connected. Many of the videos are in pieces, as the streaming failures usually crashed my browser too.
Here’s what I have from IIW-IX. Sorry about the advertising. I can’t turn it off.
Data Portability (real start is about 1:20 minutes in) with Elias Bizannes
Bioinformatics, Identity and the Law (part 1, part 2) with Scott David
Information Sharing (part 1, part 2) with Joe Andrieu
In contrast, I learned a different set of lessons for IIW8 (last spring). Those videos were recorded to disk. I had them all available as .mov files, but have recently updated them all to flash (still apparently the most commonly used format). Thanks to TubeMogul for distributing them to Blip.tv and iTunes. Here’s the post with links to each downloadable session.
If you’re inclined to join us for next week’s event, the logo above will take you to the registration page. Otherwise, stay tuned for selected video from this unconference.
I’ve learned that people will forget what you said, people will forget what you did, but people will never forget how you made them feel. — Maya Angelou
The information sharing industry is pretty opaque to most people. We have no idea what “they” know about us. Moreover, it can be infuriating when certain companies make assumptions about us that are clearly erroneous. It can be absolutely unnerving when total strangers strike a little too close to the bone.![[del.icio.us]](http://digitalidcoach.com/wp-content/plugins/bookmarkify/delicious.png)
![[Facebook]](http://digitalidcoach.com/wp-content/plugins/bookmarkify/facebook.png)
![[LinkedIn]](http://digitalidcoach.com/wp-content/plugins/bookmarkify/linkedin.png)
![[Ma.gnolia]](http://digitalidcoach.com/wp-content/plugins/bookmarkify/magnolia.png)
![[Technorati]](http://digitalidcoach.com/wp-content/plugins/bookmarkify/technorati.png)
![[Twitter]](http://digitalidcoach.com/wp-content/plugins/bookmarkify/twitter.png)
![[Email]](http://digitalidcoach.com/wp-content/plugins/bookmarkify/email.png)
