April 01, 2014
Imagine We Had No Transaction Receipts...
So, imagine you go to the store, you ask to buy a coffee, there is no cash register, no transaction receipt it given to you, but you are handed the coffee. They don't say anything. You payment is invisible. You don't know how much it will be but you agree to the opaque terms. If you get food poisoning later, it's going to be a huge hassle proving you where there, but it's possible. However, the authorities in charge of checking out food poisoning issues would need some proof. Maybe you threw away the cup, maybe you still have it. Maybe there is video surveillance and maybe not.
No receipt for tax purposes, or proving the cost from the vendor, or your expense report, or documentation about what you purchased.. no warranty or food safety proof, no date or time or place or anything. You just have a cup of coffee.
That's what it's like to go to a vendor online or on your phone, make an account and share some data. You do get something, but you don't really know what you "paid," you have no receipt after you agreed to get the service, and you have nothing from the vendor, other than maybe the confirmation email you received.
Now imagine the opposite:
That is the Open Notice and Consent Receipt system from the user perspective.
March 31, 2014
"Big Data" if Unspecfic, is Ridiculous
Here is a more specific look at what Big Data means, as a term:
There is your data, there is "little data" where when you share it, it's wrapped around you as the user, centralized. And that's "Big Data" that is really a large amount of "Little Data." Then there is Big Data that you as a user co-create with a vendor or service, that is relatable back to you but it's wrapped around objects, data models and identifiers that are first about the object and not about you. And then there is aggregated data that is depersonalized .. though it may still be possible with some detective work to find you.
My point in making this distinction is to note that talking about Big Data in an unspecific manner is a great opportunity to misunderstand, to miss potential solutions that apply to parts of this scale, but not all, and to talk past each other when we are discussing problems and solutions in the privacy arena.
February 19, 2014
Who says kids don't value privacy? And who says they won't pay for it? WhatsApp and Privacy
One of the interesting elements for me here is that kids were okay giving WhatsApp their data, for then (for now?), knowing there would be no ads, because it created "parent privacy" though the app, and reduced their costs sending TXT messages through the telcos.
I pay $20 a month for a flat rate of unlimited TXT msgs, SMS, *and* unlimited free cell-to-cell calls. I did it for the calls.. which anytime are 10cents during the day. I moved my plan from the 4th highest minutes, to the lowest, because almost all my calls are to other cells.
However, because I went from 500 texts (and 25cents for each additional) to unlimited, I now use about 2k texts. But every text is listed, time, date, phone number, on my bill, and that's easily sortable online if you log into the cell company's website. And my telco and many other apps have access to those messages.
Parents that want to track their kids, just sort the calls, track the times, etc.
Kids are paying $1 to both stop any additional costs for texting, and to stop the tracking.
I think this is a very interesting development.
What data does WhatsApp see in your phone?
Your phone has more intimate data about you than Facebook, in many ways because it's implicit, not explicit. WhatsApp doesn't need you to tell them your favorite movies or where you live; they know through the discussions, they know your real friends list based upon contacts and activity in your phone.
Here is the list of the data you agree to give WhatsApp for an Android install:
Your SMS messages
Storage -- contents of your USB storage
System tools: all shortcuts -- plus modify shortcuts including installing them and uninstalling them
Your location: AGPS and GPS
Microphone: record audio
Camera: take pictures and video, see your photos and video
Your application information: retrieve any running app, find all apps
Your personal information: read your own contact card
Your accounts: add or remove accounts, create accounts and set passwords, use accounts on the device
Network communications: connect and disconnect from wi-fi, full network access
Phone calls: direct call phone numbers, read phone status and identity of phone
Your social information: modify your contacts, read your contacts
Sync settings: read sync settings, read sync statistics, toggle sync on and off
System tools: modify system settings, test access to protected storage
Affects Battery: control vibration, prevent phone from sleeping
Your applications information: run at startup
Network Communications (a second listing): Google play billing service, receive data from Internet, view Wi-fi connections, view network connections
Your accounts (second listing): Find accounts on device, read Google service configuration
That's a lot of info. I would argue that this is more personal information that what you post voluntarily on FB.
But I think the kids were looking for Parent-Privacy, not Privacy from Telcos, the government or data aggregators mostly. And WhatsApp gives it to them, and reduces the costs of text messaging on the phone to $1 year.
Brilliant, and worth every penny of the $16-19b Facebook paid, What'sApp is reported to have 450m active users.. divide that into 19b and you get $45 a user.. or $16b is $35 a user.
When Flickr was bought, Yahoo paid $111 a user. With revenue of $25 a person x 60,000 paid users.
Myspace was $36.
Instagram was $28.
Skype was a whopping $264.
See more at Statista.
I don't know how many paid users WhatsApp has, but the service is free the first year, then $.99 a year after that. I suspect we'll find out how many at the next quarterly call Facebook has, because I can't find anything with that number out there now.
But WhatsApp sold for an amount that is comparable for a "consumer" service. And reasonable, even if $19b is a mind-blowing number in the scheme of things.
February 09, 2014
Data Privacy Legal Hack-A-thon, Day 2: Projects
UPDATED: As we get down to the wire on presentations tonight at 5pm, the room is quiet and everyone is working hard. One of our judges, K. Waterman is walking around, conversing with whomever has a minute. And we have settled out to these project teams:
Safe Sign-up: This will encrypt volunteer signups for events, especially protests, so that there is not one place that would have all the people at the event. Event organizers would have 5th Amendment protection for this information. By: Zaki Manian, Restore the Fourth, SF.
Bring your Own Chat: A secure zero-knowledge chat application using only Drop Box. By: Daniel Roesler, Restore the Fourth, SF. The project can be found here at Github: https://github.com/diafygi/byoFS.
Privacy Enhancing Toolkit: A toolkit for encrypted communications, file storage and sharing. By Judi Clark & Jenny Fang.
Bitcoin Privacy Documentation: Developing a framework for thinking about the privacy of financial transactions using Bitcoin. By: Alice Townes, Richard Down.
Mobile Privacy Shield: Intercept and display all the async calls for websites using a Firefox add-on. By: @nyceane.
I'm working on a presentation for tonight at the closing for the ON project and consent receipt.. not to be judged... just to show the concept to the room.
February 08, 2014
Data Privacy Legal Hack-A-thon, Day 1
We have five (5) projects going in San Francisco at the Data Privacy Legal Hackathon. After an initial introduction phase,
and discussions, teams broke out and are all quietly working away.
We have 3 groups and 2 individuals who are working on projects..
After we talked a bit, he realized the value of the parts I'm working on with the Consent Map, Consent Receipt and various tools to make that happen, like the API project to the map. We went over the whole ecosystem we all propose and he sees the complementarity.
Here is a diagram of that shows some of the different products that we discussed above:
But that group is more interested in getting privacy policies structures and visualized than the other side of the transaction which would look at terms an individual would submit, like Do Not Track. However, they recognized that there is a need for a consent receipt at the end of either side setting a term.
There is also a bitcoin thing for more private transactions for identity privacy (ie, taking things outside the financial networks, where you still have some kind of identity inside bitcoin, to taking things outside the identity systems in bitcoin..). I don't totally understand it but that's what they are talking about and trying to figure it out.
There is an https server project, and another individual project that I haven't yet discussed with the maker.
I'm working on the consent receipt. Other groups are likely want to hook into the consent receipt when they have their pieces.
January 27, 2014
The New American Radical: Upholding the Status Quo in Law (IE the Constitution)
So what does that mean... the Status Quo? What I mean by that is the body of law we count on, that we base everything on, already in place: the Constitution, the Bill of Rights (amendments 1-10) and the rest of the Constitutional Amendments. That status quo.
And wanting to just maintain the Status Quo, uphold and use it, as our standard of law, as the basis for what we do in the US? Yea, supporting that is the New American Radical act amongst the New American Radicals (you can count me amongst them as that's the system I signed up for... the one with the Constitution).
How can this be? Asking for such should be a traditionalist thing, leaving the radicals to ask for new amendments, change 'you can believe in' yada yada and other controversial innovations to the law? But no.. it's a radical act in America these days to just ask that we uphold the Constitution, the Bill of Rights and the Amendments.
I realized this is true, the other night, when I went to hear Daniel Ellsberg speak, along with Cindy Cohn of EFF, Shahid Buttar and Norman Soloman, along with Bob Jaffe moderating. And yes.. Ellsberg's an American Radical, but not just because he got the Pentagon Papers out 40 years ago. It's because he believes in the Constitution, the Bill of Rights, our other Amendments to be the rule of law. He had some very interesting things to share as well.
Ellsberg talked about how years ago, "Richard" Cheney (as he called him.. I'm so used to "Dick") communicated a desire to change the constitution because he thought it was wrong, and that it should be different. Ellsberg said that that's okay, but then you have to change things through the system. Instead, Cheney and Bush and others have been corrupt, because they got elected, swore an oath to "defend the Constitution of the United States against all enemies, foreign and domestic" but then subverted the rules they swore to uphold. (I knew they weren't honorable men, but I never thought about it in these terms.)
So in this case, they are the enemies, these corrupt parties, who subvert the Constitution, by taking, ".. your tax dollars, taken in secret, and spent in secret, to spy on everyone."
Ellsberg's example of a founding father who parallels the whistleblower / leaker of today is Nathan Hale, the man who was caught by the British and hanged in 1776 for trying to share information with his own countrymen, Americans, about what the British were doing. Hale's famous line is: "I only regret that I have but one life to give for my country."
What if we hanged people like that today, the people who leaked the full breadth of what was happening at Abu Ghraib instead of the public just seeing the sanitized, reduced version that claimed it was just a few isolated incidents, when in fact the torture at Abu Ghraib was huge and widespread and very shameful for us and our government? Or the Extraordinary Rendition program? Or Warrantless Wiretapping?
All these secretive activities changed when they became public. And they changed as a result of whistleblower-leakers sharing information the government didn't want to get out, with the exception of Congress legalizing Warrantless Wiretaps once that activity became public. And now things are changing again because of Edward Snowden and the NSA surveillance information he let out.
Ellsberg said, "To have knowledge of every private communication, every location, every credit card charge, everything.. to have one branch have power over the other two (executive, over legislative and judicial).. Snowden has confronted us with something that we could change.... But Obama is part of the problem. He just assures us that there is nothing to worry about. But who is to be trusted? The people who kept the secrets and lied to us? Diane Feinstein? Or do we trust Snowden? Snowden has done more to support the Constitution than any Senator, Congressman, the NSA ... "
Ellsberg also talked about how when he was in trial, 40 years ago, he was out on bail, and could speak freely with the press. Today, if Snowden were on trial, he'd be in a hole, like Chelsea Manning. We wouldn't hear his thoughts on the issues in the trial, because the government would stop it, in trial and outside.
During Ellsberg's trial, his lawyer tried about 5 times to get motive into the questioning, but the prosecution kept objecting. Motive didn't matter they said, and the judge agreed. The same thing would happen to Snowden, who would never be able to say, on the stand, why he did what he did.
Cindy Cohn who has heroically been bringing law suit after law suit to stop some of these illegal practices, talked about how originally the FISA court started out approving targeted warrants -- so at least they knew who was targeted. But things have devolved, to where the FISA court is now presented with massively expanded, abstract warrants that don't even have the FISA court knowing who specifically is targeted. Smith vs Maryland, which ruled on the pen register method of an unwarranted wiretapping of a single land line, "..doesn't even pass the giggle test" when applied to the massive surveillance we undergo now.
In fact, she said that, "Technology is our friend, encryption is our friend." That while major companies have been compromised, we need to develop technologies to help us, as much as we need to use legislative policy and the judicial system to fix this. Even companies, 5 large tech companies, had to get together last week and tell the government to stop hacking them, or they would lose customers and be severely affected.
Cindy recommended we tell legislators to vote against the sham FISA Improvement Act, and instead support the USA Freedom ACt and the Surveillance State Repeal Acts, which have bi-partisan congressional support.
"The days in which you can separate corporate surveillance and government surveillance are over.... The 3rd party doctrine undermines privacy, because *we all* give our data to 3rd parties." She went on to say that the tools for organizing against each type of collection are different, but the issues are similar.
Lastly she noted that for 9/11, collection wasn't the gap. They knew about the guys. Sharing between agencies was the gap. Yet we haven't solved for that but we are collecting like mad!
One other mention, Shahid Buttar spoke, but also performed a prose rap he's written, and he's running a Kickstarter to raise money (it's up Feb 6 so donate now) to do a professional video. (Reminds me a bit of Eddan Katz's Revolution is Not an AOL Keyword).
Note also that we are doing the Data Privacy Legal Hackthon in 12 days !! Join us to work on this problem technically in SF, NYC and London, or join us online if you can't make it in person.
Whether you support the artistic, legal or technical ways of addressing massive government surveillance and the subversion of the Constitution, stand up for your rights under the constitution.
Feel what it's like to be a Radical American!
Because you probably are a Radical American! Just like our forefathers and foremothers.
If you believe in the Rule of Law and the Constitution.
June 16, 2013
Thoughts About the Value of My Personal Data
Financial Times has a calculator for the value of your personal data. The numbers they use to calculate this are old, but even if the numbers were new and fresh, this is the wrong discussion.
I don't care that my data isn't worth that much on the open market or that in many ways, because my data leaks everywhere constantly and therefore many can aggregate and sell it, the market is commoditized and my data is in this market, worth very little.
My data is worth a lot to me, and it's worth protecting to me (as in, I'm willing to go to a lot more trouble over just my slice of data, than any of these companies are to protect *my* data).
In this way, the tragedy of the commons (the personal data aggregation commons) may be turned around from the old version, where individuals didn't do anything about the commons but those with monetary or other big interest cared about protecting something did take action (think , but my single interest in copyright law might not be worth my spending a lot of time on the other side, fighting their lobbying efforts, because to the average person, big copyright isn't that big a deal.. hence, the tragedy of the copyright commons). The shift in the personal data commons that we have now, where companies just hoover up everything in order to sell your commoditized data reflects a situation where the individual is highly motivated to protect their little mini-garden slice of their own data, to control the inputs and outputs, if the proper tools are in place to help us do it.
I think the FT calculator reflects the tragedy of the personal data commons model where Big Personal Data Aggregators attempt to sell our data in a commodity market, typically for a few cents, to less than a buck (I came in at $ .9792 or just under a dollar -- but over what period.. I don't know. Is this for each request for my data? That could be a lot of dollars over a year, I suppose).
If I stop some of my data going to the big aggregators, I can't imagine they would notice or really care, if one person has some data missing from their profile, within the gigantic aggregation system. But my little garden, well tended and organized, becomes much more valuable to me than $1 a hit. Now if someone wants the well tended accurate stuff, fully fleshed out, they will have to "pay" a lot, or a little for a small slice. That payment may come in the form of a trade, a discount, or a better deal, if I'm buying, or the ability to, say, read the whole New York Times site unencumbered if I share my data with them. Or it may be that I just don't share.. pay cash for what I use online, and then I'm much less a part of the commons, as my data isn't shared out in the marketplace.
But now you see, I've created choice for myself, control, autonomy, and transparency over my transactions.
I think folks at the VRM list, and in a few other places looking at this problem. know that it's my little garden that is well tended that will be far more valuable over time, against the old style, hoovered commodity world. But for now, all the FT can see is the old model. Rear view mirror. And that's fine. Just more motivation to bring the tools online for me to collect and organize my own info, and stop the leaks of our data, from getting to the big hoovering agents.
Also.. T.Rob has a great post that also reacts to the FT article -- he too rejects the premise of the argument FT makes: "The personal data to which the FT article refers is like crude oil. The personal data which we should be worried about is like premium unleaded gas. Either way, it's about you, directly impacts you and has market value to everyone but you. Don't let anyone tell you it has no value. Even the Financial Times."
January 29, 2013
Graph Search and the Like.
The question the new Graph Search at Facebook continually elicits in me as I've discussed it on various lists, as well as read a couple dozen articles on it, is:
Do I really need my whole graph to find what I need?
First.. how much and what do i need?
Advertisers, marketers, graph search makers, all operate on the assumption that we all need much more than we do.. and if the last 5 years had taught us anything, it's that a lot of people borrowed a lot of home equity to buy crap they later dumped at Goodwill..
In other words.. yes.. we do need some things, a plane ticket, rental car.. a new laptop.. etc. But I do think many know how to get those things.. without necessarily getting all that much input from others.
And that leads to my other point: how many others do you need, and how much of their input?
This weekend I had a guest here.. who rented a car from Avis.. and it's the third time she's signed up for the lowest level car and then been given a 3-series BMW or a Mini.. for $25 a day.
That's a nice to know factoid.. but if everyone coming to SFO knew it.. she would never get a BMW for a tin can on wheels price.. we talked about whether she would share this anywhere.. and she said no.. she would not share it. Though she's very active on many social communities.
Another angle: about 7 years ago, I was in a book club with Jerry Michalski and about 5 others.. and we would read books on ants and viruses and ecosystems.. trying to apply those understandings to what was going on online.. we did it for a couple of years and it was very helpful.
But one of our conclusions after talking through two dozen books and working through the logic of different takes on systems and people and flows of information was that in the end, you only need the right 5 people to help you find the things you need, get the right ideas, advice, etc to make good choices.. and these were verbal conversations because most often, even if these people were highly active online, they wouldn't necessarily share certain information online, for various reasons (it took too much time, there were consequences for having those opinions, they didn't want to be bugged, etc). In fact, much of the time the good intel didn't make it to the searchable web for months or a year or two later.. and I still find that true today, even with Twitter, FB, quora, tumbler, etc. People who really know stuff don't want or need to show it off.. and there is downside for sharing the data.
So these questions linger for me.. as I think about Graph Search.. which may have some value.. but I am highly skeptical of what, how much, etc.
There will be some value.. but I think maybe it will be comparable to the kind of "lift" that an Ad gets, when some new technology is added to the Ad selection or whatever.. often that lift is just a couple of percent better than before but to Ad people.. that's great.. because they are doing something at scale.
For us.. for individuals.. if Graph Search got us 10% better intel over what we could otherwise find using existing search systems.. would that be worth the increased personal exposure and loss of control over our data we give away in a system like this...
And lastly, I'm skeptical because I do believe Facebook's biggest issue is trust -- people withhold information intentionally. It's not a safe place and most people know it.
Graph Search makes Facebook a lot less safe. Which leads also to the question: do I need to know who in my graph likes something salacious? Really, does this help us develop better relationships or just make our current relationships a bit more unsavory?
So if people search, see what's exposed, and cut down their sharing even more, then the effectiveness of Graph Search goes way down. That 10% bump in quality information you got with Graph Search could turn out to drop 20 points.. you might find that you have -10% quality over your search results compared to before Graph Search.
I think Graph Search will only work when we have Personal Data Stores, and can set terms for use of our data, and then our friends can search our non-public, but friend-shared information, without fear that a company like Facebook will sell us out.
Until then, I'm very skeptical of Graph Search at Facebook, other than as a model for the sea change to come where we will drive our own data and interactions, and treat Facebook as the bar or restaurant it is, where I would most definitely want the in-person protection of clothing. As it stands now, we just got more naked in Facebook, which doesn't deserve to also hold our personal information the way it does now (leading to our naked state there). It's just a Cheesecake Factory online, but most people don't see that yet.
December 19, 2011
Resigning my Post as Chairman at PDEC
Effective immediately I'm resigning from the Personal Data Ecosystem Consortium's board after nearly 14 months as Chairman.
In this first year of PDEC, we published papers, spoke at events and contributed to various endeavors in the personal data discussions happening on the web and in person around the world.
I'm personally very committed to a world where individuals drive their own data and I'm very proud of the work we did at PDEC, which is focused on companies and how those companies can build for a personal data ecosystem.
In the past couple of months, I've also worked to create a new org: Customer Commons, with about eight other folks, where the org is for Individuals only, no companies may join. Customer Commons looks at markets and data from a strictly individual point of view. I believe that it's a conflict of interest to work on both organizations (which represent either individuals or companies). Therefore, I want to see Customer Commons get up and running, and I realize I can't remain at PDEC, which represents the company perspective on the personal data ecosystem.
So for the foreseeable future, I'll be working on the same personal data issues, but from this Individual perspective, at Customer Commons. I wish Personal Data Ecosystem Consortium all the best.
~ Mary Hodder
December 09, 2011
Personal Data Ecosystem Consortium 2011 Recap, Part III
Personal Data Ecosystem Consortium, or PDEC, is an org I've been involved with for a year. I'm chairing the Board. We just sent out a Year in Review recap of our activities for 2011, Part III (PDEC Recent News and Specific Topics).
My involvement in PDEC included items (quotes from our newsletter -- to read the whole newsletter see our PDEC post here our link):
Forrester Research Report covers Personal Identity Management
The Forrester Report releases a report on Personal Identity Management. PDEC was among 14 organizations/companies interviewed for the report including other startup circle members: Azigo, Singly/the locker Project, Personal. Read the report here, or download it from Personal's website.
I spent a lot of time with Forrester on important aspects of the report and was really pleased to see that they groked these ideas yet formed their own conclusions about what is happening with personal data and control over ones identity.
(L-R: Kaliya Hamlin - Executive Director PDEC, Markus Sabadello - Project Danube, Drummond Reed - Connect.me, Mike Shwartz - Gluu, Michelle Chibba - Director of Policy with office of the Privacy Commissioner of Ontario, Ann Cavoukian - Privacy Commissioner of Ontario (standing), Jason Cavnar - Sing.ly (standing), Shane Green - Personal (standing), Henrik Biering - Peercraft, Joe Andrieu - Switchbook, Mary Hodder -- Chair PDEC, Iain Henderson - The Customer’s Voice. Missing from picture Lindsay Crittendon – Sing.ly who also attended.)
Ann Cavoukian is well known for her Privacy by Design initiative and was in San Francisco to speak at Web 2.0 Summit, held concurrently with IIW. PDEC arranged a dinner with the Startup Circle companies and Cavoukian for the Sunday prior to the conferences. The conversation was wide ranging and those present had a chance to share how they were building privacy-by-design into their core business and technical architectures. We also discussed the challenges in the ecosystem and how she would support privacy-by-design initiatives.
World Economic Forum update:
October 4-5, 2011 - NYC
The Rethinking Personal Data project of the World Economic Forum telecommunications group continues to work toward understanding how the market will develop for personal data. WEF group members are actively working on developing a potential framework of how personal data can be shared when derived in different forms. PDEC members, along with Kaliya Hamlin and Mary Hodder, continue to work on the monthly calls with WEF toward a report release in the Spring, 2012.
December 07, 2011
Personal Data Ecosystem Consortium 2011 Recap, Part II
Personal Data Ecosystem Consortium, or PDEC, is an org I've been involved with for a year. I'm chairing the Board. We just sent out a Year in Review recap of our activities for 2011, Part II (second half of the year).
My involvement in PDEC included items (these are quotes from our newsletter -- to read the whole newsletter see our PDEC post here our link):
PDEC Value Network Mapping Meeting
August 3, 2011 - San Francisco
Kaliya Hamlin, Verna Allee of Value Networks LLC, & Mary Hodder met with Peter Vander Auwera of SWIFT, Dan Miller of C3, Drummond Reed, Doc Searls of The VRM Project, Craig Burton, Tony Fish (PDEC Board Member), Phil Wolfe of Data Portability Project and Nitin Shaw. The group met to work again on the current state of value online, as documented in the Value Network Map Project, started in July.
Sibos, SWIFT's Annual Event
September 20-24 - Toronto
Mary Hodder spoke at SIBOS about a new Digital Asset Grid that SWIFT would create to open the infrastructure for Personal Data, away from proprietary Silos to one where anyone could share personal data in a controlled and secure manner, with proper rights, and accountability.
IIW 13 was a great success!
October 17-19, 2011 - Mountain View
- PDEC's New Legal Advisory Board took shape with Judi Clark Chairing the effort. Notes from Judi's andMary Hodder's IIW session are here.
- Kaliya Hamlin hosted a session for big companies interested in Personal Data. We will be following up and exploring developing workshops for those companies.
- Customer Commons was created the day before IIW started with a group ranging from Doc and Joyce Searls to Craig Burton, Judi Clark, Joe Andrieu, Mary Ruddy, Mary Hodder, Drummond Reed, Britt Blaser, Markus Sabadello, and others. Customer Commons has evolved from the work at Project VRM, by Doc Searls and a large active community of VRMers. PDEC will be collaborating closely with Customer Commons. PDEC's collaboration will help companies offer early access to new Personal Data products to individual members to get feedback and early adoption from those folks very interested in the space. Notes from the working session are here.
- Markus Sabadello held a session on PDEC Technical Documentation and Interoperability. Notes are here.
- IIW opened Thursday with "Yukon Day," and many Startup Circle members and all of the companies doing something around personal data participating and sharing how they fit in to an overall ecosystem landscape.
- Mary Hodder worked on a diagram showing the range of organizations stewarding aspects of the Personal Data Ecosystem. A small version is below, but you can click through to read about all the orgs working on technical, market and policy for personal data, as well as the individual initiative led by Customer Commons. This diagram was first shared at IIW at the Final day closing session and iterated in the weeks following with input from Kaliya Hamlinand Judi Clark. The organizations listed in this diagram are working on different core foundational missions and working together to bring the PDE about more quickly.
pii - Privacy Identity Innovation - Venture Forum
November 15 - Palo Alto
Mary Hodder, PDEC's Chair, was on the closing panel, "Owning Online Identity: Consumer-Managed Data" about business models for a Personal Data Ecosystem, with Startup Circle companies: Jason Cavnar, Co-founder, Sing.ly and Shane Green, Co-founder, President and CEO, Personal. The panel also included Todd Cullen, VP Data Alliances at Acxiom, and Fatemah Khatibloo of Forrester, who moderated the discussion. Most sessions were blogged by Judi Clark at Digital ID Coach.
November 30, 2011
Who Stewards the Personal Data Question? Org Chart
Below is a diagram showing the non-profit organizations (note: no for-profits, conferences or governmental orgs were included) that are stewarding pieces of the Personal Data Ecosystem. I wanted to show how the orgs are relating to the problem of how to remake our digital lives, through more user-driven personal data, for more equal transactions throughout our lives with companies, the online world, and our government.
The orgs have been divided into four areas: technical, market, policy and individual advocates. While all the orgs have an interest and are doing some thinking in all the areas, these divisions show the foundational mission of the orgs. If each org, through its foundation mission, succeeded, they would be heros for sure. The problem is, mission creep. This is a problem for startups as well, where companies don't focus and get their piece right to succeed, but rather think competitively and try to take too many pieces of the market, leading to failure. So too will the large number of problems, plus mission creep, cause any of these orgs to fail at their mission.
Ideally, we'll see all the orgs working together in inter-disciplinary and multi-disciplinary ways, relating each of their solutions to the others, but keeping focused and executing their piece of this vast and Byzantine puzzle to solve the Personal Data Ecosystem. In creating this "org chart" I talked with folks like Kevin Marks of Microformats and Activity Streams, Harry Halpin of the Federated Social Web, Scott David, Don Thibeau of OIX and OpenID, Drummond Reed (who has worked with OASIS extensively), Doc Searls of VRM, Craig Burton, Steve Rappetti and Phil Wolff of Data Portability project, Dazza Greenwood of ID Cubed, Judi Clark and Joe Andrieu of Information Sharing Working Group, among others.
So here is a picture of who is doing what in the Personal Data space:
Below is more information on these organizations.
Customer Commons -- recently formed by Doc and Joyce Searls, Renee Lloyd, Joe Andrieu, Dean Landsman, Markus Sabadello, Judi Clark, Iain Henderson, Craig Burton, and me, as well as a few others in the room that, I apologize, I'm forgetting. Customer Commons' mission is: a community of customers, funded only by customers, serving the interests and aspirations of customers.
Personal Data Ecosystem Consortium -- is a trade association for startups and big companies that agree to a set of principles for user-driven personal data. 19 companies (currently) have joined, and PDEC's mission is to support market solutions to the personal data question. Kaliya Hamlin is Executive Director and I am Chair of the Board.
PDEC also has just formed a Legal Town Hall, a monthly call starting January 11, 2012, to be led by Judi Clark, to talk about what kind of policies are needed when individuals share their data.
World Economic Forum -- WEF has been working with lots of early thinkers in the Personal Data space for the past 18 months to "rethink personal data." They put out a report: Personal Data: a New Asset Class last February and continue to have monthly calls to prepare for a presentation of the working groups' efforts at Davos in January.
Project VRM -- Vendor Relationships Management, the brainchild of Doc Searls created during his fellowship at the Berkman Center, is a discussion group with a very active maillist, a movement for user-driven relationships with entities, and a steward of developers coding to bear out the group's vision.
OIX: Open Identity Exchange -- Don Thibeau is Chair of their Board, and Scott David is their counsel. OIX's mission is to build trust in the exchange of identity credentials online. They do this through the open, standardization of Trust Frameworks. They don't make trust frameworks, but rather their mission is to be the home of other's trust frameworks for the sharing of personal data, login credentials, and other types of private or controlled information. For example, the company Drummond Reed co-founded, Respect Trust Framework at OIX, who publishes it for others to point to as a public declaration of the trust framework. And, the U.S. FICAM Trust Framework was the first open identity trust framework to be listed by OIX
Information Sharing Working Group -- From the ISWG: The ISWG works with the Kantara Initiative, Identity Commons, Project VRM, the Personal Data Ecosystem Consortium, and Customer Commons. Run by co-chairs, Joe Andrieu and Iain Henderson and secretary Judi Clark, ISWG's formal mission is "to identify and document the use cases and scenarios that illustrate the various sub-sets of user driven information, the benefits therein, and specify the policy and technology enablers that should be put in place to enable this information to flow."
The Information Sharing Work Group helps individuals take control of the information we share online. The Standard Information Sharing Agreement is a contract for the use of your information, agreed to BEFORE you share it. It has two parts. A basic agreement covers all the default terms, things like “don’t redistribute my information without my permission”, which all recipients agree to. Then, for each individual instance of sharing, a data transaction agreement with just the bare essentials: who gets what data for what purpose. By moving all the complicated legalese into the basic agreement, we’ve dramatically simplified each specific transaction agreement.
Now, when you want to know what’s happening with your data, it’s presented simply and concisely in easy-to-understand terms… while the basic agreement defines how recipients must treat your data appropriately. The Sharing Agreement is designed to make it easy to understand and make informed decisions about sharing information online.
ID Cubed (ID3) -- a newly formed research and developement group affiliated with MIT and led by John Clippinger, Executive Director and CEO, (who started the Law Lab at Berkman/Harvard a couple of years ago and the Social Physics project a couple of years before that, also at Berkman) and Henrik Sandell, COO and CTO of ID3. ID3's mission is to "oversee the development of a multi-disciplinary center founded to research the role of law in facilitating cooperation and entrepreneurial innovation." Their major focus based upon the website seems to be Trust Framework development. Dazza Greenwood is also involved, as is Mike Schwartz of Gluu is doing some technical work for them.
Data Portability Project -- "Aims to consult, design, educate and advocate interoperable data portability to users, developers and vendors." They don't make standards but they help steward them to support more data portability, including protocols like OpenID, OAuth, RSS, Microformats and RDF among others. Steve Repetti is their Chair and Phil Wolff is very active as a public speaker for them. Here is some additional information about their mission.
Federated Social Web -- has recently become a working group of W3C, and is stewarded by many including Evan Prodromou and Harry Halpin. FSW is stewarding work on federated social web software and protocols, including things like PubSubHubBub, OpenID, Activity Streams, OAuth, among many protocols.
Activity Streams -- developed a protocol for how user's share personal data, using both JSON and Atom based streams of metadata. Monica Wilkinson and Kevin Marks actively steward the project. Activity Streams works on the Microformats model, proposing standards around activities already heaving in used online.
Microformats -- Microformats have been created for many pieces of data shared, such as hcard or hcalendar. Stewards of this project include Tantek Celik and Kevin Marks.
OpenID -- Created protocol for a federated login with OpenID 2.0 spec. OpenID Foundation is currently working with Microsoft, Google and Facebook on OpenID Connect, as well as on Account Chooser, an open standard for web sign-in ease switching between multiple accounts on a website. OpenID Foundation's chair is Don Thibeau.
ID Trust, OASIS -- from their website: "...promotes greater understanding and adoption of standards-based identity and trusted infrastructure technologies, policies, and practices. The group provides a neutral setting where government agencies, companies, research institutes, and individuals work together to advance the use of trusted infrastructures, including the Public Key Infrastructure (PKI)."
XDI.org -- responsible for the XRI / XDI standard, currently for pointing to data and creating link contracts. From their website: "XDI.ORG is an international non-profit public trust organization governing open public XRI and XDI infrastructure. XRI (Extensible Resource Identifier) and XDI (XRI Data Interchange) are open standards for digital identity addressing and trusted data sharing developed at OASIS, the leading XML e-business standards body. XRI and XDI infrastructure enables individuals and organizations to establish persistent, privacy-protected Internet identities and form long-term, trusted peer-to-peer data sharing relationships." Drummond Reed co-chaired the group with well, Gabe Wachob, of the XRI TC at OASIS and Andy Dale, Markus Sabadello, Mike Schwartz we involved in developing the standard.
W3C -- Umbrella standards body stewarding a number of standards for personal data use and control including the Do Not Track proposal. The Federated Social Web, and all their combined efforts including Activity Streams, recently landed at W3C.
ITU (International Telecommunications Unit) -- making infocommunications standards since 1865. Yes.. that's really 1865.
User Managed Access (UMA), a Kantara working group -- develops specs to allow individuals to "control the authorization of data sharing and service access made between online services on the individual's behalf, and to facilitate interoperable implementations of the specs." UMA group chair is Eve Maler.
The Direct Project -- From their website: "The Direct Project specifies a simple, secure, scalable, standards-based way for participants to send authenticated, encrypted health information directly to known, trusted recipients over the Internet."
IETF (Internet Engineering Task Force) -- Working on a number of standards around identity and data portability.
Claims Agent Working Group -- is working on development of standards-based, interoperable, verified claims agent implementations. Is at IDCommons and was originally proposed by Paul Trevithick, though many people are part of the group.
Open Web Foundation -- is "independent non-profit dedicated to the development and protection of open, non-proprietary specifications for web technologies" and uses an open source model similar to the Apache Foundation. Their leadership includes Tantek Celik, Chris Messina & David Recordon.
Update: I've added the following item to technical:
SWIFT -- a non-profit based in Brussels that provides messaging standards around banking wires, is proposing a new infrastructure layer called the "Digital Asset Grid." The DAG would provide the metadata for all data transactions (including personal data), not just money wires, as well as a hardened, full duplex transaction layer for security, flexible identity and certified data. (Full disclosure, I'm on the team that proposed the Digital Asset Grid to SWIFT).
If you have more information about these groups, people involved, or corrections, please leave them in the comments and I'll update the post. Thanks!
November 21, 2011
Personal Data Ecosystem Consortium 2011 Recap, Part I
Personal Data Ecosystem Consortium, or PDEC, is an org I've been involved with for a year. I'm chairing the Board. We just sent out a Year in Review recap of our activities for 2011, Part I (first half of the year).
My involvement in PDEC included (these are quotes from our newsletter -- to read the whole newsletter see our PDEC post here our link):
NSTIC (National Strategy on Trusted Identities in Cyberspace) National Program Office Announcement
January 7th, 2011 -- Stanford, Palo Alto, CA
Mary Hodder and Kaliya Hamlin attended the NSTIC National Program Office Announcement at Standford University. Commerce Secretary Gary Locke and Commerce Secretary Gary Locke and White House Cybersecurity Coordinator Howard Schmidt both spoke.
Department of Commerce Green Paper Response Due
January 28, 2011
Kaliya Hamlin and Mary Hodder submitted the PDEC Green Paper response to the DOC and the National Telecommuncations and Information Administration (NIST) on the DOC proposals around identity and personal data, and the Do Not Track proposal by the FTC.
Read it here at the DOC site.
Strata, Data Camp
February 1, 2011 -- Santa Clara
Mary Hodder led a session at Data Camp, Strata for developers on the Personal Data Ecosystem.
Conversational Commerce Conference (C3)
February 2-3, 2011 -- San Francisco
Mary Hodder spoke at the C3 Event, on a panel with Michael Becker, Dean Landesman, Prakash Kondepudi (of Intellius) and Julian Gay (Orange) on CRM, VRM and Personal Data. Kaliya Hamiln also attended.
FTC Do Not Track Event
February 9, 2011 -- Berkeley, CA
Mary Hodder attended the FTC all day meeting on Do Not Track.
I asked the only audience question of the day, about models other than DNT and business as usual: whether a Personal Data Ecosystem would create a market solution to solve user discontent with the current state of online tracking and user data.
Applied Brilliance Salon
February 17, 2011 -- San Francisco
I attended the salon, regarding Personal Data topics, hosted by Jerry Michalski. I asked the first audience question about a Personal Data Ecosystem solution.
Federal Trade Commission Paper Response Due
February 18, 2011
Mary Hodder submitted the PDEC response to the FTC on Do Not Track proposal.
Read it here at the FTC site.
Tracking Do Not Track panel, Morris + King
April 26, 2011 -- NYC
Mary Hodder spoke on a panel with Brian Morrisey of Digiday, David Norris of Blue Cava, Dan Jaffe of the National Association of Advertisers and Helen Nissenbaum of NYU.
Read more about the panel here at PDEC.
W3C Privacy and Tracking
April 28-29, 2011 -- Princeton, NJ
Mary Hodder attended the W3C event about privacy and tracking. Mostly the event focused on Do Not Track as the only solution, but I tried to ask as many questions as possible to open up thinking about a possible Personal Data Ecosystem approach.
12th Internet Identity Workshop including Yukon Day
May 3-5, 2011 -- Mountain View, CA
PDEC led a number of sessions on Personal Data as well as participate in other sessions on Trust Frameworks (presented by Drummond Reed and Scott David) and VRM (by Doc Searls).
Mary Hodder and Kaliya Hamlin held a session on the Personal Data Ecosystem Consortium.
Kaliya Hamlin hosted Personal Data Stores Lockers Vaults
Mary Hodder led a session on The State of Personal Data today.
Mary Hodder and Heather Schlegel led two sessions on What Part is Identity and What Part is Personal Data?
W3C Identity in the Browser Workshop
May 24th -- Mountain View, CA
Mary Hodder presented the Personal Data Ecosystem philosophy. More can be found about the workshop here.
May 28, 2011 -- Mountain View, CA
Mary Hodder attended QS and led a session on Developing Health / QS Apps in a Personal Data Ecosystem model. Read more about it here in my post on the event.
Next Monday we'll be sending out Part II of this.. recapping our activities this fall.
November 14, 2011
Should an Actress be Suing IMDB Because She Doesn't Want Her Age Posted?
Brad McCarty of The Next Web thinks the IMDb: Age-publishing lawsuit is “a frivolous abuse” and should be dropped.
Reading his piece, I can see that on first glance, it sounds silly. An actress anonymously sues the Amazon-owned IMDB folks because they won't remove her birthdate, claiming that it will adversely affect her career. And now, IMBD has asked the judge to only allow the lawsuit to move forward if her name is made public:
"Truth and justice are philosophical pillars of this Court. The perpetuation of fraud, even for an actor's career, is inconsistent with these principals. Plaintiff's attempt to manipulate the federal court system so she can censor iMDb's display of her birth date and pretend to the world that she is not 40 years old is selfish, contrary to the public interest and a frivolous abuse of this Court's resources."
But this argument between IMDB and the actress points to a much bigger issue, and it's not the one about IMDB making its living trading on other's data, whether from Hollywood or the users who add to the IMDB system for free, which I would understand is a fairly selfish undertaking by IMDB.
Why should IMDB be able to operate "selfishly" by publishing people's personal data, outside their discretion, and the actress in question not be able to "selfishly" make a living by trading in her looks for salary? I would say IMDB is pretty hypocritical here. And do they really think the Judge, the public, or the Hollywood set they make money from, are that stupid that we wouldn't understand that IMDB is selfish too?
I understand from reading the Hollywood Reporter article that the IMDB believes she may be the same actress that years ago tried to change her birthday, submitted by a previous agent to IMDB. Since IMDB believes this is an issue of fraud (they have no proof), they now want the identity of the actress made public. But since the old information isn't part of the case, does it really matter? Yes, I get that actresses have lied about their ages for a long time, but is it really "in the public interest" to out this woman? It's definitely in her economic interest not to out her, so i just think Amazon-IMDB are being nasty and frankly it seems frivolous of them to try to out her.
But this is really beside the point.
The Larger Issue
I believe people should be able to choose what personal information is shown about them on websites.. especially data that isn't or wasn't before the past 10 years, public. It's easy to dismiss this as vanity or frivolous.. but as more and more personal data is out there, and as people lose control of it.. it points to a much larger issue: how do individuals control information about them that doesn't really need to be public?
I can see that by having her age obscured, the people who hire her would just think of her age based upon appearance.. which is actually for an actress or actor, probably a good measure. Giving the specific age will plant that in producer's and public's heads. So I can see her point.
Rather than get into a discussion of harms and "how bad is it" about one or another data breaches, I think the real question is:
What kind of society do we want to have, where everyone's data is public and out of their control? What does it do to us, to devolve into a totalitarian model where everyone is afraid because frankly, everyone has something to hide? Or maybe their friends do.
Right now, life and health insurance companies are telling the press and their investors that they are screening people in Facebook. And it's not just you under scrutiny. It's your friends. This was covered extensively in the Wall Street Journal "what they know" series a year ago. There are also finance companies that are telling users to "unfriend" anyone they are connected to in Facebook with bad credit... because when you are reviewed, friends with bad credit will reflect on you.
This issue of personal data and control is much larger than an actress and her age being displayed without her consent.
It's about how we allow others to show information about us, verses having control of it ourselves. I think for a civil and democratic society to work, we can't leave that up to companies with no oversight and a big profit motive, but instead need to think about giving the individual ultimate control over certain types of personal data.
So while the actress may be vain, may be trying to gloss over her age, or may just be reflecting the economic realities of her profession, which i do think are real, and we may poo-poo this as silly, this lawsuit reflects the much greater tension about personal data and control and actually could be a really interesting test case, given that we don't have much privacy law in the US.
May 29, 2011
Discussion: Building for a Personal Data Ecosystem - A Case Study
Just left the Quantified Self conference where I led a session in the last breakout on "building for a personal data ecosystem." Since we weren't on the official program, i was very happy to be holding something in an Infinity session. Fifteen or so people came, and I talked about Personal Data Ecosystem Consortium and our mission for a user centric data model where user's control their data through agents, or Personal Data Stores. I also mentioned what I was seeing at the event, which was lots of folks building apps, making new silos of data, and repeating the model where users' data is in question as to who owns it, and users don't really have access to their data except through the a service's website and possibly an API that might send a little data somewhere else (like twitter or facebook).
I suggested that in a Personal Data Ecosystem, apps makers could take data from their users and send it straight through to the users' Personal Data Stores (PDS). That way if the app or hardware changed or ceased to support their old systems, the user would have their old data to play with in their PDS. And I talked about open formats for the data (think.. what about an open format for Heart Monitor data, where you pulse is described and you can take that data anywhere). Services could think about just providing a great service, instead of trying to manage all the user data storage and security. Users would control their data in their Personal Data Stores/Lockers/Banks, and I said that a bunch of companies were building these PDSs, including Sing.ly which is building the Locker Project.
Sing.ly happened to have someone there, Jared Hansen, who is a developer in the open source project. And there was a guy from Basis, Bashir, who is building hardware (like a wristwatch) that you monitor things like your heartrate with.. though it does monitor many other things as well on your body. We also had a couple of health researchers there, plus other health and wellness companies looking at data, as well as Ian Li, of Carnegie Mellon who is researching data collection and normalization, and a woman from the EFF. And we had a couple of users who talked about what users need.
After a few minutes, Bashir from Basis explained their dilemma around the hardware which isn't all that profitable for them. So initially they were questioning what to do with the data and how to monitize the company. Should they sell the data, or give it to users, or charge uses for it, or give it away to developers who could create a great ecosystem by building lots of apps, thus driving more sales? And who's data is it?
So we were off an running, with the impromptu Basis use case of how to get the value of the data, include the user and let the user have choice and autonomy, and how to leverage what is being done out in the marketplace and with developers creativity with data. Oh.. and don't forget about participating in microformats and Activity Streams creation to make bottom up grass-roots standards for the data formats and exchanges.
We talked through what it would mean to give away the data, support users and ask them if they wanted their data included in studies, get additional revenue for Basis while maintaining the inclusion of the user in the process and what developers could and should do. We brainstormed a lot of things, and covered the good and bad points of how it would all work and how to support Basis' market model while still being good and fair to the users.
I have no idea what Basis will do, but I would love it if they would join the Personal Data Ecosystem Consortium in the Startup Circle, to help build out ways to make a user centric data system for user's wellness data collected with Basis hardware.
What an amazing opportunity Basis has for doing the right thing for users, and leading the wellness and personal data ecosystem by creating a win-win for themselves and users. They could create a new market for wellness data, that is user driven.
Frankly, we need more discussions like this. It's not about Do Not Track models where we kill all the data plus the value of it, and it's not about "business as usual" where the user isn't included and businesses do whatever they want with user data.
It's about creating markets that do right by users and have companies making money ethically and conversing with us in the market.
Thanks to everyone who came! We had many representatives of the relevant stakeholders and the discussion was enlightening and rare.. but one I hope to make more common in the near future!
May 28, 2011
Where is the Personal Data Awareness? And what are the Missed Opportunities at QS2011
I'm at the Quantified Self Conference in Mountain View today and tomorrow.
A few thoughts. There are lots of people here from various disciplines: health care, tech companies like 23andme.com that marry personal genomics and tech, apps makers and health and wellness hardware makers. And lots of folks just wanting to track themselves.
Sessions are preprogrammed (in other words, the conference is all done top down broadcast mode), and now and then in people's statements, a person will pass along the vibe of the old style medical industry (that is: we know more than you and we'll tell you what's true.. that mode was in the opening session where we were lectured to). Though I just walked through all the sessions in round 1 and the individual break out sessions are more discussion mode which is great to see.
There was a near complete lack of consciousness about protecting user's data as I walked in and spent a few minutes in each of the first 6 sessions. The impicit assumption was that "we" (builders, companies, etc) can take data and use it for whatever "we" want. Building systems that aren't just about more silos with data lock-in, or building for a Personal Data Ecosystem model where users keep their own archives and data, and then choose where their data goes, what purpose it's used for and control what is happening isn't on the radar. It is especially important that we look at issues of privacy, control, autonomy, choice and transparency for the highly personal, very sensitive data collected around personal wellness and health.
There is a single session, led by lawyers about privacy in round 2. But the rest of the sessions do not seem to be aware at all that they need to build from concept on for privacy, data control by the users, where users keep their data and the applications, devices and monitoring tools "use" the data with permission.
And there is no session about personal data control, where the QS apps would work on a Personal Data Store. I've asked to have one.. but we'll see if they decide to let me do it. The assumption is developers will just build more silos with more data collected, about you, crossed with other data about you, that after combined, creates yet another silo of data. There may be an API available, but effectively, the data is stuck in another silo, that a regular user can't really get at it, hold it, control it, share it, correct it or delete it.
It's dismal.. thinking about how all this highly personal data is just assumed to be owned by apps makers and companies and users are just cows in a big milking system. The participants of QS are just continuing the tradition started by the health industry and continued by tech company silos in making the users say "Moo." Pick your ecosystem and prepare to be milked.
Lastly, I'm really happy to report that the QS organizers decided to order a really healthy vegetable lunch salad (with either chicken or tofu on it).. Great work on that front!
May 13, 2011
McKinsey's Research Arm Claims Big Data Mining Will Save Us All
Steve Lohr has a write up in today's NYTimes: Mining of Raw Data May Bring a Surge of Innovation about McKinsey & Company's report on Big Data: The Next Frontier for Innovation, Competition and Productivity.
I think we need to challenge assumptions about the inputs... compare the inputs from "hoovered" personal data to that of what people assemble in personal data stores operating in a Personal Data Ecosystem.
Execs from Rapleaf and Intellius have admitted publicly, recently, that they know half their data is bad, they don't know which half. I also sat recently with the woman from Experian who is in charge of segregating and keeping separate data from the internet (verses financial data which is regulated) for their offerings about users. When I posited that a lot of her data was likely wrong, she agreed.
User's obscure their data intentionally because they are scared.
For myself, I can tell you that in the last few years, I have obscured data online (birthdate, zip code, name, address, phone number, preferences, email addresses) as well as health info (not to my doctors, but to data collectors whom I do not trust yet claim they never share the data. For example, you can't get a mammogram in SF / Children's Hosp without sharing a huge amount of very personal data.. so i made it all fake because I don't trust the lab and who they sell the data to...). And I fake it to the pharmacy when they ask for more than my basic info to fill a prescription. In fact my current insurance company has my name and birthdate a little wrong and i'm not correcting them.. because it makes it harder to aggregate my data across systems. Oh.. and my bank spells my name: Hoddler .. and has a slightly incorrect address (don't you love how they key in the wrong data!) and i'm not correcting that either.
I fake all sorts of stuff on and offline... I fail to correct bad data... I know many others do too.. I have since 1994 been faking my data online. Somehow even then, without understanding the privacy issues or how the internet worked then, I just didn't trust the system because I knew then we had no privacy protection in this country (US). As I began working with online technology in 1997, and started really understanding it, I've felt more than ever the need to obscure my data and make it difficult to combine in a pivot about me.
I get that this security by obscurity and mistakes doesn't cut it, but it's the best I can do right now.
So my question for the McKinsey research people is: have they factored this in?
And have they factored in that users have obscured enough information that me at one site cannot be aggregated with me at another site?
Or have they factored in that the people at institutions who key in the data from our driver's licenses get it wrong (my bank with my name and address) or the insurance co (my application correctly filled out.. with my name and DOB) or whatever?
The answer is to give us proper protections for our data. 4th amendment protections and rights over sharing of our data, so that we make sure the data is right. We can aggregate our own data in Personal Data Stores. Then we can trade fairly for that data if we agree to being included in the big data systems McKinsey is saying will help us so much.
I agree big data analytics can help us as a society, but not without good data, and not without including users into the system, as equitable players who deserve to have rights over our data, including choice and autonomy to participate in big data systems.
But until then.. big data is working with databases that are half right.. because we don't have choice, autonomy, rights or protections as users, and that's the first problem with McKinsey's assumptions.
April 29, 2011
Tracking Do Not Track at Morris + King
A bit of Context
Obviously, this diagram is a little cynical (courtesy of Chinagrrrl), but not too far off from how we manage personal data online today. But there are a lot of proposals on the table to fix this dilemma. One is Do Not Track which industry sees as something they can self-impose on an *opt-in* basis (for themselves) and opt-out (for the users) and self-regulate by having advertising trade org.s monitor compliance, with the FTC stepping in as necessary. There are also a number of DNT bills introduced in Congress and various hearings on tracking where the FTC would regulate implementation. And Johns Kerry and McCain have introduce a Rights and Responsibilities proposal in the Senate, that instead of Do Not Track (Kerry's LA, Danny Sepulveda told me DNT is a waste of time) suggest ways that data collectors would have to be responsible with our data. However, that bill lets 3rd party marketing, data tracking and Facebook's privacy bending ways totally off the hook. Both of these plans / legislative initiatives completely ignore the more than 40 startups and companies building for the
That said, the rest of this post describes the Tracking DNT panel at Morris + King the other night.
Tracking Do Not Track
Tuesday night I was on a panel at Morris + King, an PR firm in NYC, called Tracking Do Not Track. Our hosts: Andy Morris and Dawn Barber (who co-founded NY Tech Meetup with Scott Heifferman) were very good about putting together a diverse group of people to talk about Do Not Track and the various issues with personal data and the advertising industry that have so many talking these days. My guesstimate was that about 100 people attended, mostly from industry (tech & advertising).
Our group included:
Brian Morrisey (Editor in Chief of Digiday, an ad industry trade publication) as Moderator
David Norris (CEO of Blue Cava)
Dan Jaffe (Exec VP, Govt Relations for the Assoc of National Advertisers - ANA)
Helen Nissenbaum, Professor, Media, Culture & Communication at New York University
and me: Chair of the Personal Data Ecosystem Consortium
We started off with Brian's question: who are you, what do you do in a nutshell, and what do you think of the state of online privacy these days?
I was first.. and gave a quick explanation of PDEC which is to say that we offer a middle way between Do Not Track (DNT) and what is going on now online (Business as Usual). Our middle way offers a market solution to users' wanting control of their data, and the tracking and digital dossier building by shadowy companies to stop..we don't believe DNT will work and don't support it, though we do see that some kind of "Rights and Responsibilities" legislation would help create a level playing field for any company that collects personal data. Those rights and responsibilities for personal data collectors needs to include giving user's a copy of their data, so they can then put them into personal data stores (or banks, lockers, etc) and then use the data as the person sees fit.
Oh, and I said the state of online privacy was pretty dismal, though I was optimistic because it feels like this year, it's actually possible to get personal data some basic protections similar to HIPPA or FCRA where user's can get their data, and we can make the Personal Data Ecosystem emerge as a market solution that finally works for people. Granted, it's a 5-7 year proposition to really create a new market, but we can actually start this year because of the 40 or so startups that are funded and building pieces of the PDE and the push in the US Government to do something about the dismalness of online privacy.
Helen Nissenbaum, whom I've admired for years for her thoughtful approach to privacy and usability, agreed that privacy online was pretty bad, and explained her work around Adnostic, a "privacy preserving targeted advertising" system made with some Stanford folks.
By far, the best comment Helen made all night was that tracking and aggregating data that pivots on people is not ethical, that it's bad for people and for the incremental 1% improvement we might see in targeted advertising, it's not worth the incredible intrusiveness of tracking. In particular she said, "Anonymization does not change intrusiveness."
Dan Jaffe spoke next, and surprise, agreed that online privacy is not good, but talked about how publishers need to support their businesses and that behavioral advertising is helping them do it, and that Do Not Track should be self-regulated by the industry because they know their business best. And government has a tendency to screw up regulations and therefore, we should let advertisers figure out what works.
Next up was David Norris, who agreed with my use of the word, "dismal" to describe online privacy and said that Blue Cava was supporting a self-regulatory model because they didn't feel that Do Not Track as proposed for legislation was a good idea.
We chatted about the viability of Do Not Track, and with Norris, Jaffe and me all agreeing it wasn't a good idea. However Jaffe said he didn't like the idea of any regulation, that the industry could do it themselves, and that my "data rights and responsibilities" support for legislation would be just as bad for data collectors.
Folks in the audience, like Esther Dyson, pushed back on Jaffe, saying that she wanted the ability to choose where and when her data was out at some vendors site, and that's why, she said, "I'm supporting Mary and her organization" because it's a market model that gave her choice.
I was very pleased to hear her endorse us (thank you Esther!)
In the end, I think we got our message out which is that tracking individuals is a bad thing, that users should be the only ones tracking themselves across sites, but that sites can track within the site to optimize business. And that users should have a marketplace to trade data, like they do in mileage accounts, and choose when they trade, as partners, and not have it done for them in secret as is the case now. And that we want to see users data protected with a basic set of rights, like Health, Education and Financial data currently is now.
Curiously, Dan Jaffe made a comment about HIPPA, the health data protection law, suggesting that users get their health data so maybe they could get their personal data too. Given that that is a law, and he was opposed to regulation of any sort otherwise, I wasn't sure what to make of this.
However, I was really pleased with the opportunity to talk about PDEC, the startups and tech efforts to create a personal data ecosystem, and to provide a different view than the usual support for Do Not Track as we try to figure out what is best for our society.
Thanks Andy and Dawn for inviting me!
March 12, 2011
The right to oblivion
Yesterday at this NCUA ICANN meeting in SF the right to oblivion was mentioned several times. It seems to be on people's minds as they try to figure out what privacy and data control mean to companies, to users, to privacy advocates and regulators.
Peter Fleischer who is Google's Global Privacy Counsel wrote a post on this topic: "Foggy Thinking about the Right to Oblivion" and I think he missed something very important in the discussion where people want to be "let alone." He mostly focuses on explicit data, the kind that user's put out there knowingly. But there is also implicit data, that users expect will stay within a website, and yet doesn't.
So I left this comment, but wanted to post it here as well:
I think you are missing an important distinction. There is data a user puts on the web: a facebook comment, a tweet, a flickr photo, etc. And there is data the user didn't expect to go anywhere except stay with the business they do or did business with:
* geolocation logs from one's mobile carrier
* purchases made with a vendor
* financial statements and the various actions one takes with bill pay, online banking and financial organization
* search activity logs
* an email address given to Facebook to be used as a login
Or Facebook gives your email address to Rapleaf who matches it with activities all over the web. You have no idea, nor did you expect this.
Or you search on your mom's medical condition and now the beacons have transmitted the info to advertisers and pharmaceutical companies.
And you thought deleting your cookies would help. A complete waste of time now with flash cookies, beacons and fingerprinting of your computer.
What I think user's want is the right to control their own data. The right to ask that it be deleted after a period. The right to correct it if something is wrong, and the right to hold it, so they may store it in a personal data store (PDS).
And why, you ask, would anyone use a PDS? Well.. do you use Mint, or Dopplr, or Trippit, or have a mileage account? For that last one, you can get amazing things like free hotel room or plane tickets or even goods like flowers. We already use personal data stores now.. just very primitive ones. And we want the ability to trade our data because we might get a free book or discounted things. Those markets are yet to be sorted out.. but the apps to make that work are coming.
There is a lot to work out here, but there is a Personal Data Ecosystem coming.. companies are building for it, and frankly, we do need a little regulatory help on the side to support user's rights to their data.
And to keep sites, like the examples above, from sending your data off site through beacons and trackers or other data agreements. Instead, Ad companies should be sending websites a black box to process user data internally, and then pick relevant ads, so that sites never have their user's data leaving the site for any reason, unless the user takes it to their PDS.
It's the right thing to do for people.
February 19, 2011
PDEC Response to the FTC Do Not Track White Paper
Here is a link to the Personal Data Ecosystem Consortium response (pdf) I submitted late last night to the FTC about their Do Not Track white paper (pdf).
I got the letter and Q&A to the FTC (33 pages!) just in the nick of time as submission "00472"... at just about 9pm PST on February 18, after which the FTC shut down the submission site. You can see other submissions here but for now, nothing submitted last week is actually listed. Check back early next week for updates and the PDEC submission.
After working on this for 3 weeks off and on, between other endeavors, it's a huge relief to get it off.
Now the real work begins!
February 07, 2011
Speaking of Speaking.. the Personal Data Ecosystem Emerges
The last two weeks I've been speaking a lot. Why?
On 1/28/11 I was at She's Geeky SF leading a session with Kaliya Hamlin, Executive Director of Personal Data Ecosystem, where about 50 women came to talk about what this emerging organization and space are all about, and hear about what Kaliya Hamlin and I were submitting to the Department of Commerce in response to their Green Paper. On 1/3/11 I was at BigDataCamp 2011 (the night before O'Reilly's Strata) in Santa Clara, to lead a session on Personal Data Ecosystems. And on 2/3/11, I was on a panel called CRM versus VRM: Who Controls the Conversation at the Conversational Commerce Summit in SF. Also talking about the Personal Data Ecosystem.
Why all this talking? Well.. as I mentioned Kaliya Hamlin and I have submitted a response to the Department of Commerce Green Paper where they asked for comments about the FTC's Do Not Track proposal and options for how to protect user privacy and conduct secure logins, while still engaging in what the DOC does.. which is advise Congress on how to promote commerce in the Union.
I'm the Chair of the Board of Personal Data Ecosystem Consortium.
And I'm currently writing a response to the FTC's Do Not Track proposal.
Why all this work? Well.. I think the two extremes of on the one hand: shutting down tracking, or on the other: allowing a sort of "business as usual" stance for the intense tracking that goes on as we traverse the web, use our cell phones and generally act through digital mediums aren't the answers. We do need to dramatically alter what is happening, but not shut down the data.
Why? Instead of do not track, I want there a systems where *only I can self tracking*. Because I am the *only* ethical integration point of data about me.
Can you imagine if we did a "do not track" in 1979 when Airline Mileage Programs were just getting started? People have benefited enormously from them.. to the tune, per the Economist in 2005, of $700 billion in benefits. People want some self tracking, if they get something of value. They may want their histories private, but able to share a score or a piece of it, when they want. Because our data is gold. And we deserve to benefit from it.
We need to track ourselves, but only if we want to. And there needs to be no tracking of us, across sites, if we don't want it. But if we do, we need the ability to take our data, aggregate it, and trade it for goods. And to correct it, or delete it Like free plane tickets. And a lot of other things I think we can't imagine now. Because the Personal Data Ecosystem, and things like Vendor Relationship Management are just getting started.
We need to limit the surreptitious stalking of ourselves across digital platforms and sites by others, and take back the ownership of our own data, to be aggregated, deleted and managed only by the individual. And traded when we want to in a marketplace. And we need 4th Amendment protection for our personal data stores.
And we need marketplaces, much like the Mileage marketplaces, that allow us to trade our information, we need Personal Data Services that will store our data, make it portable, so that we can move our data when we want to (think taking your money from one bank and putting it into another) and we need an applications market for developers to do creative and interesting things with our data.
March 18, 2008
Data Sharing Events Coming Soon!
There are two new events coming up for the Data Sharing group (we met last August in great camp type open space event where many interesting things developed, came to light, got solved, etc.) I'm on the advisory group, and will definitely be there and would love to see anyone who cares about attention data, both the control aspects at a site, as well as ownership issues, get moved forward in a community oriented way there as well.
Also, Mitch Ratcliffe wrote a great post today on these issues which you should totally checkout.
Here is the write up from the Facebook group entry:
* A Data Sharing Workshop at the Downtown San Francisco State University campus on April 18th and 19th.
* Data Sharing Summit 2 at the Computer History Museum in Mountain View on May 15th. (This is immediately following the Internet Identity Workshop May 12-14).
Hopefully at the first event some more clarity will emerge about how to actually do and get adoption of data sharing technologies. The second event we can see progress (it being a month later) and may have more 'decision makers' considering data sharing implementations and vendors that have ways to do it.
The goal of these events is to work together to build consensus around and get adoption of emerging data sharing standards. As with the previous summit, the upcoming event will follow the open space (un)conference format. The agenda is created on the first day of the event, allowing everyone to participate in the discussion.
Although Marc Canter was a key organizer of the first Data Sharing Summit, he has stepped back and his involvement is just one of group of advisors:
* David Recordon, Six Apart
* Joseph Smarr, Plaxo
* Chris Saad, Faraday Media
* Mary Hodder, Dabble
* Luke Sontag, Vidoop
* Kevin Marks, Google
* Marc Canter, Broadband Mechanics
The events will be produced by Kaliya Hamlin and Laurie Rae, who are collaborating with the Data Portability community and the SFSU Institute for Next Generation Internet.
We would like to invite you to attend one or both of these events.
Please go to http://datasharingsummit.com or to go ahead and register right away to to our Eventbrite page to register. We will be charging admission to cover the costs required for organizing these events.
The Early Bird rates are as follows:
April 18-19 Workshop
* Regular, $110.00
* Independent/Startup/Non-Profit, $80.00
* Student, $50.00
Workshop One-Day Only:
* Regular, $65.00
* Independent/Startup/Non-Profit, $50.00
April 18-19 & May 15:
* Corporate, $200.00
* Independent/Startup/Non-Profit, $140.00
May 15th Summit Only:
* Corporate, $100.00
* Independent/Startup/Non-Profit, $70.00
The Early Bird cut-off dates are April 7, 2008 for the Workshop and May 7th, 2008 for the Summit. Prices will increase by $50.00 after the cut-off dates.
We can bring you this event at such a low admission fee because 1/2 our costs are paid by sponsors - both small ($200) to the large (several thousand). PLEASE contact Laurie Rae at email@example.com if you would like to sponsor.
Please contact us if you have any questions firstname.lastname@example.org & email@example.com
We look forward to seeing you in April and May.
August 04, 2006
OpenID2 Developer Info Day Aug 10th Bay Area
From Kaliya Hamlin:
- I am really pleased to announce that we have an OpenID Informational Evening for Developers August 10th 6-9 in Berkeley at 2029 University, Upstairs.
- The Big news is the community has converged and figured out the authentication layer - OpenID…OpenID is just the authentication layer - but on top of this ad hoc standard lots of cool stuff can happen. The goal of the evening is not to geek out on identity but to connect with a developers working on applications that require users to login.
- Find out more about what it is…how it works…how you can install. The incentives to learn are high with the $5000 bounty for having OpenID in Open Source projects.
- Presenting and answering Questions
David Recordon formerly of Live Journal/Six Apart now of Verisign will be presenting a bit about the origins of OpenID but most importantly how it works…and how you install it.
- Andy Dale from ooTao will talk a bit about i-names and how they work with OpenID2 and looking forward to what comes next after authentication - profile sharing. ooTao is also data sharing are running ibroker services.
- I am helping coordinate the evening please RSVP to me - kaliya (at) Mac (dot) com and feel free to ask me any questions.
- If you know a developer - pass the word along.
ps. for all you Technorati guys who keep having questions, now is your chance to ask the guys who know.
- UPDATE: Scott Keveton from JanRain will be there too. He just posted an OpenID walk through on his site.
- UPDATE 2:Dick Hardt from Sxip will be in town and will also be joining us for the evening. Hopefully he will share some of the cool stuff sxip is doing with OpenID.
December 31, 2003
Systems and companies may make some relatively small amount of money now by using collected information from and about users, for purposes other than the users intended, for use outside of their relationships with those specific companies. But instances like those discussed below cause users to feel worried and sometimes outright scared, where they then refuse to participate in a system or with a company at all, or find themselves shocked after the fact by the results of their interactions with a company or entity. Unless people feel comfortable and protected, those profits resulting from systems currently selling or manipulating user data in ways the user doesn't intend will remain small in comparison to the tremendous amount of money to be made in web services, social networks, and with all sorts of other information technologies were most users to participate because they felt safe.
Most users will not now participate in information technology systems that require a lot of personal data unless there is something they get in return, and even then, it's a subset of the total internet user population. If users really trusted that they were in control of their own data, so they knew when their data went beyond those specific company systems and relationships, and could decide when and where to participate, instead of operating in a state of uninformed fear as companies currently now offer with no or little privacy policies, and little in the way of overall government protection, those companies (and many new ones based on new technologies) using exactly this kind of personal user data could make many times over what they do now. It is short term greed that keeps companies operating as they do, which keeps users from participating, which leads to few participants out of the whole of those using the internet. And yet, one company's policy to the next is confusing and unreliable, and not something people can or want to keep track of, and the resulting confusion also contributes to far less participation. I believe the only route to real information technology development with personal data and the profits that will follow is a blanket policy that every company will have to follow assuring customers of their own data privacy. Users would feel secure and many many more would participate, and those companies would make far more than they have seen under the current (no) privacy regime.
The discussion Ross catalogued partly centered around this: Danah Boyd responded to Wendy Seltzer (responding to Cory Doctorow saying that the last twenty years have been about technology and the next twenty will be about policy). Wendy suggested that originally, she thought that technology developments bringing about privacy tensions might ease as people became more sophisticated users, but instead she saw the gap as a critical mass of users would always lag behind technology developments as they learned a new information technology well enough to overcome, accept, steer away from or rearrange the privacy breaches, and so social norms developed as a result of these new technologies lag behind. Danah replied that social norms weren't falling behind, they are instead going in one direction while technologies are developed in another, and it baffles the social norms trying to cope.
I think in a way they are both right (both scenarios can exist with the same technology depending on use and result); it's not only lagging user competency and then the attendant reactions from users that will adjust, making some mental calculation with a new technology in order to get the amount of privacy or control they need, and it's not just diverging social norms, but also other issues on the design and development end that might solve this, like notice, good interface and user control, that allow for users to know immediately, and then deal with the privacy issues as they use the new technology, instead of finding out about their loss of privacy when it's too late, that will counter these kinds of issues. Technologists can do much better with design, as could corporate policies for privacy be much better, as could users in learning new technologies and protecting their own privacy as needed. But for most people and companies, the benefits will come when users know they are protected, understand a basic structure of privacy across companies and websites, which all interested can rely on, leading to users releasing information. Interesting uses of people's data will follow while still maintaining privacy and user control.
And yet instances of technology development seem to move in exactly the opposite direction at times, leading to scares with users, resulting in less participation with systems that might benefit us all if many participated, and well designed, with privacy built into the architecture, and privacy as a given right between users and the entities with whom they deal.
Similar issues exist with your cell phone keeping tabs on you. There's good and there's bad in systems like that, where some users want to keep track of their kids, which may not be objectionable, but others including the companies that buy the phones for their employees may do it for reasons that are totally unacceptable. These kinds of information technologies can allow uses that previously didn't exist, and therefore, there is a lag before a critical mass of users understands what is happening and does something about it, or at least has notice that the shift has occured and can then make choices about when to allow it, or self-censor.