Archive

Posts Tagged ‘personal data store’

Stateless Distributed Membership

May 26th, 2010
1 comment

At this past IIW, I convened a session to ask if and how it might be possible to do a stateless distributed membership for a website. There are two main ideas behind this proposal. First, I don’t really NEED to have a membership database of my own. That is, I don’t need to have another place for you to create an account, user ID and password. We can use OpenID, Information Cards, or other technologies for authenticating and authorizing you. Second, if I want to move toward a world where you control your own data, I don’t need to maintain the database of your comments. I only need to know where your comments are stored so I can properly assemble things as needed. It’s convenient but not technically necessary to own and control all the bits myself.

My proposal for a Stateless Distributed Membership is a mouthful, so I’ll unpack it a bit. There are three parts: a membership, being stateless, and being distributed.

Membership

Let me start with the easy part. You probably understand the idea of membership as a group or association of people contributing to something like a conversation or project. They’re members of a group, or in my case, members of a conversation or project on my site. Nothing unusual about this idea.

Being Stateless

Next is the idea of being stateless. In computer science, the http protocol that you use to call a web page and associated resources is stateless because you call a page from the URL or a link in your browser, the server responds by sending the page, graphics, or whatever, then you see it. Each request is separate; there’s no need to stay connected to the servers. In my case, being “stateless” means that each transaction is independent. Eve Maler talks about a stateless identity in her post Both a data borrower and a data lender be:

This is a kind of data statelessness, in that when you tell various sites they can set, read, and republish your [information from your Personal Data Store], they’re letting go of any pretense of exclusive hosting control so that they can offer you a different kind of value.

Now, in the IdM and VRM worlds, some of us have been talking about identity statelessness for a while, which is similar but looks more like straight data-sharing (reading) rather than arbitrary service access (setting).

For some reason this is a tougher sell — even though CRM systems and user accounts are shot through with pale copies of stale data (and, in the enterprise case, even though syncing directories and replicating databases is brittle and no fun).

Even when one party — say, you yourself — is authoritative for some piece of personal data (like your home address), all the sites insist on making you provision a copy of this data into their profile pages by hand and by value, and insist on thinking they own something truly valuable even after you move and forget to tell them.

The bottom line: if I don’t insist on “owning” your data, we both will realize more value from our trust and flexibility. It’s daring, and in the larger scheme of things, I believe it’s a Good Thing.

Distributed

Finally, the term distributed refers to the fact that all parts of the conversation or projects are stored elsewhere on the net. If you wish to add a comment to a conversation on my server, your comment is added to your personal datastore (wherever it is, and whatever form it might take). When you wish to read the conversation, my server compiles the contributions as needed.

In this model, I do need to maintain a database of where to find your comments and a way to authorize you as the person who granted permission for me to include them in the conversation on my website. But think of it: if you want to revoke permission for me to use your comments, you can. How revolutionary (and potentially messy) is that?

Furthermore, you may choose to log in using an identity that’s different from the last one you used. That works on my server. For example, you might wish to be a regular person contributing to most conversations, but if you’re a professional fundraiser and one of the threads is about raising funds for a non-profit, you may wish to disclose your work and position in that context. Your two identities describe different parts of your life, and you may have good reasons to keep those parts separate.

The IIW Session

In my session, I described this concept and asked what people thought about it. I offered three scenarios where people might interact. One of them: a conversation or forum where blog posts and trackbacks can help create a threaded conversation. The session is an hour-long exploration and discovery of the possibilities. If you have questions or can add a piece to this puzzle, I’d love to hear from you.

My heartfelt thanks go to the people with whom I’ve spoken about this, including =JeffH, Eve, the guy at the end of the video talking with me about trackbacks (I’m sorry I can’t find your name), several others who made great suggestions and shared ideas at my session, and Joe, who spent considerable time exploring underlying frameworks with me.

Coaching moment: You probably have more than one account online, and have likely cursed the problem of forgetting user names and passwords. You may have wished that the picture of you holding a beer wasn’t online for your boss to see. Maybe you’ve been spooked by an advertisement for something that you really didn’t want. If you could do things differently, what would you do? How do you handle your accounts now? Do you feel secure about your online practices? Do you even want to be in control? Not everyone does.

[del.icio.us] [Facebook] [LinkedIn] [Ma.gnolia] [Technorati] [Twitter] [Email] More »

future, records, tools , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

IIWX: The Videos

May 19th, 2010
No comments

This year I’ve been scrambling between sessions that start and end with no break in between. Many of the videos are missing the first few minutes; the whole of the sessions are here. I’ll be uploading these over the next couple of days as my net access is severely constrained. One might reasonably think that the Computer History Museum–in the heart of Silicon Valley–would have good wireless connectivity, but I’ve seen too many jokes about their connecting a 300 baud modem to the wireless router. After all, it is history.

Here are my video archives.

My thanks to TubeMogul for distributing these videos, and to Blip.tv for hosting them all.
Tubemogul

[del.icio.us] [Facebook] [LinkedIn] [Ma.gnolia] [Technorati] [Twitter] [Email] More »

friends/family, future, records, tools , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Getting to know you

August 20th, 2009
1 comment

National ID cards and programs are problematic at best, and an ongoing nightmare for citizens and visitors alike when the programs are poorly designed. The U.S. government has made earlier attempts at developing such a program, which have failed. However, the dream lives on in the minds of certain government officials and representatives.

The Electronic Frontier Foundation (EFF) has been following these efforts for years. EFF’s Richard Esguerra has a post, PASS ID: REAL ID Reanimated that offers an informed look at the latest effort to create the next version of a national identity card.

The PASS ID Act (S. 1261) seeks to make many of the same ineffectual, dangerous changes the REAL ID Act attempted to impose. Fundamentally, PASS ID operates on the same flawed premise of REAL ID — that requiring various “identity documents” (and storing that information in databases for later access) will magically make state drivers’ licenses more legitimate, which will in turn improve national security.

An ID card is only a small part of the picture. The government program that supports the card is where the devils live. I recommend to you Bruce Schneier’s testimony to the Senate on why this whole idea is seriously flawed.

Coaching moment: Have you ever filled out a form for a new service, at a web site or store, where the form asked for information that they might not have needed for the transaction you were seeking? Long forms that ask a lot of questions about you, your preferences, your income, and other personal information, are unnecessary. If you’re just buying something, why might the vendor need your income, your birthdate, or any information about other family members?

The fact is that they often don’t need it. They’re collecting information about you because they can, and because you might volunteer it. Even when certain information is marked as “required,” it might be in your best interest to think twice about doing business with companies that would be so invasive and demanding.

Treat your personal information on a “need to know” basis. What that means is don’t give out more information about yourself than you think the companies need to know in order to carry out the transaction. If the company or form require more information than you’re comfortable giving, think hard about your future well-being as a trade-off for today’s discount. Your mindfulness is a low-cost insurance on your future.

[del.icio.us] [Facebook] [LinkedIn] [Ma.gnolia] [Technorati] [Twitter] [Email] More »

friends/family, future, history, records , , , , , , , , , , , , , , , , ,

Mapping the New Frontier

June 28th, 2009
3 comments

Personal Data EcosystemThis picture, and the accompanying post The Personal Data Ecosystem, describes a flow of data from and about us. (Click on the picture for a larger, more readable version on Flickr.)

This rather detailed article talks about the need for a Personal Data Store, a database of a sort, in which you could “source, gather, manage, enhance and selectively disclose data” that supports your needs. More importantly, this data store is something that YOU would control. This is significant because it inverts the power structure for data (right now everything is in the hands of the collector organizations), and makes your personal data more valuable by being more accurate, targeted to your needs, and freely exchanged for a specific purpose. The authors point out the desirability of this new paradigm: “if a new source emerges that is richer, deeper, more accurate, less toxic – and all at lower cost than existing sources; then organisations will use this source.” Note that the organizations will no longer need to maintain and update their databases at the same level that they do now.

Coaching moment: Many people don’t think twice about giving their name, address, phone number, and email address, to strangers if it means they might win a prize or gain some free advantage. Getting something for nothing has a strong pull. Their data has no inherent value to them. We’ve been trained well by the advertising and other industries that we are lacking, or that we are nothing without their products or services. On some level, we believe this.

It’s a lie.

Our value is in our uniqueness. We see and experience things in ways that are different from everyone else. Our perspectives on life, our needs to interact with others, our personal wishes and desires are part of who we are. The essence of what we think of as “good,” “moral,” or “right” is what we might contribute to making the world a better place.

Yes, we have things in common: the need to be loved, to eat and have shelter. Look beyond our necessities. If you could find others in the world that lifted you up and made you feel special, and you did the same for them, wouldn’t you want this? Can you think of any likely path that might happen with the current state of data ownership?

[del.icio.us] [Facebook] [LinkedIn] [Ma.gnolia] [Technorati] [Twitter] [Email] More »

future, records, tools , , , , , ,

Putting Customers in Charge

May 8th, 2009
No comments

I first met Doc Searls when he was advising a panel of speakers at a conference that the long-used metaphors of using war tactics by advertisers against customers was wrong. The advertising industry speaks in terms of slaughtering the competition, capturing and owning customers, and launching new campaigns to gain ground. Searls suggested that instead of fighting, we should be encouraging conversations with our customers, and that the marketplace was one large conversation. For example, if we (customers) loved something, it would sell well. Conversely, if we didn’t, that good or service would not meet with such success.

Ten years ago, Doc and others wrote The Cluetrain Manifesto: The End of Business as Usuallink to Cluetrain (the book) at Amazon. This book has ignited a conversation among certain people on all sides of the market (stores, advertisers, software and applications developers, and customers) that are now open to exploring how this might work. There’s a lot to discover!

Recently Searls has been energizing a conversation which was dubbed VRM. There’s more about it at ProjectVRM. At its heart, this is about putting customers and users in charge of everything that affects them. Watch this video for a better idea of what he means.

Coaching moment: What would it mean to you if a company that you cared about asked for your opinion? If you asked them to remove all of the data that they stored about you–and they said OK–what would you think of that? There are proposals currently being discussed, and tools being created, to allow you to control (store, allow selective access to) all of your own data. Are you interested in exploring and controlling information about yourself? Not all can be controlled, but much can!

[del.icio.us] [Facebook] [LinkedIn] [Ma.gnolia] [Technorati] [Twitter] [Email] More »

future, records, tools , , , , , , , ,

Switch to our mobile site