Who Stewards the Personal Data Question? Org Chart

Below is a diagram showing the non-profit organizations (note: no for-profits, conferences or governmental orgs were included) that are stewarding pieces of the Personal Data Ecosystem. I wanted to show how the orgs are relating to the problem of how to remake our digital lives, through more user-driven personal data, for more equal transactions throughout our lives with companies, the online world, and our government.

The orgs have been divided into four areas: technical, market, policy and individual advocates. While all the orgs have an interest and are doing some thinking in all the areas, these divisions show the foundational mission of the orgs. If each org, through its foundation mission, succeeded, they would be heros for sure. The problem is, mission creep. This is a problem for startups as well, where companies don't focus and get their piece right to succeed, but rather think competitively and try to take too many pieces of the market, leading to failure. So too will the large number of problems, plus mission creep, cause any of these orgs to fail at their mission.

Ideally, we'll see all the orgs working together in inter-disciplinary and multi-disciplinary ways, relating each of their solutions to the others, but keeping focused and executing their piece of this vast and Byzantine puzzle to solve the Personal Data Ecosystem. In creating this "org chart" I talked with folks like Kevin Marks of Microformats and Activity Streams, Harry Halpin of the Federated Social Web, Scott David, Don Thibeau of OIX and OpenID, Drummond Reed (who has worked with OASIS extensively), Doc Searls of VRM, Craig Burton, Steve Rappetti and Phil Wolff of Data Portability project, Dazza Greenwood of ID Cubed, Judi Clark and Joe Andrieu of Information Sharing Working Group, among others.

So here is a picture of who is doing what in the Personal Data space:

Below is more information on these organizations.

Individual Solutions

Customer Commons -- recently formed by Doc and Joyce Searls, Renee Lloyd, Joe Andrieu, Dean Landsman, Markus Sabadello, Judi Clark, Iain Henderson, Craig Burton, and me, as well as a few others in the room that, I apologize, I'm forgetting. Customer Commons' mission is: a community of customers, funded only by customers, serving the interests and aspirations of customers.

Market Solutions

Personal Data Ecosystem Consortium -- is a trade association for startups and big companies that agree to a set of principles for user-driven personal data. 19 companies (currently) have joined, and PDEC's mission is to support market solutions to the personal data question. Kaliya Hamlin is Executive Director and I am Chair of the Board.

PDEC also has just formed a Legal Town Hall, a monthly call starting January 11, 2012, to be led by Judi Clark, to talk about what kind of policies are needed when individuals share their data.

World Economic Forum -- WEF has been working with lots of early thinkers in the Personal Data space for the past 18 months to "rethink personal data." They put out a report: Personal Data: a New Asset Class last February and continue to have monthly calls to prepare for a presentation of the working groups' efforts at Davos in January.

Project VRM -- Vendor Relationships Management, the brainchild of Doc Searls created during his fellowship at the Berkman Center, is a discussion group with a very active maillist, a movement for user-driven relationships with entities, and a steward of developers coding to bear out the group's vision.

Policy Solutions

OIX: Open Identity Exchange -- Don Thibeau is Chair of their Board, and Scott David is their counsel. OIX's mission is to build trust in the exchange of identity credentials online. They do this through the open, standardization of Trust Frameworks. They don't make trust frameworks, but rather their mission is to be the home of other's trust frameworks for the sharing of personal data, login credentials, and other types of private or controlled information. For example, the company Drummond Reed co-founded, Respect Trust Framework at OIX, who publishes it for others to point to as a public declaration of the trust framework. And, the U.S. FICAM Trust Framework was the first open identity trust framework to be listed by OIX

Information Sharing Working Group -- From the ISWG: The ISWG works with the Kantara Initiative, Identity Commons, Project VRM, the Personal Data Ecosystem Consortium, and Customer Commons. Run by co-chairs, Joe Andrieu and Iain Henderson and secretary Judi Clark, ISWG's formal mission is "to identify and document the use cases and scenarios that illustrate the various sub-sets of user driven information, the benefits therein, and specify the policy and technology enablers that should be put in place to enable this information to flow."

The Information Sharing Work Group helps individuals take control of the information we share online. The Standard Information Sharing Agreement is a contract for the use of your information, agreed to BEFORE you share it. It has two parts. A basic agreement covers all the default terms, things like “don’t redistribute my information without my permission”, which all recipients agree to. Then, for each individual instance of sharing, a data transaction agreement with just the bare essentials: who gets what data for what purpose. By moving all the complicated legalese into the basic agreement, we’ve dramatically simplified each specific transaction agreement.

Now, when you want to know what’s happening with your data, it’s presented simply and concisely in easy-to-understand terms… while the basic agreement defines how recipients must treat your data appropriately. The Sharing Agreement is designed to make it easy to understand and make informed decisions about sharing information online.

ID Cubed (ID3) -- a newly formed research and developement group affiliated with MIT and led by John Clippinger, Executive Director and CEO, (who started the Law Lab at Berkman/Harvard a couple of years ago and the Social Physics project a couple of years before that, also at Berkman) and Henrik Sandell, COO and CTO of ID3. ID3's mission is to "oversee the development of a multi-disciplinary center founded to research the role of law in facilitating cooperation and entrepreneurial innovation." Their major focus based upon the website seems to be Trust Framework development. Dazza Greenwood is also involved, as is Mike Schwartz of Gluu is doing some technical work for them.

Technical Solutions

Data Portability Project -- "Aims to consult, design, educate and advocate interoperable data portability to users, developers and vendors." They don't make standards but they help steward them to support more data portability, including protocols like OpenID, OAuth, RSS, Microformats and RDF among others. Steve Repetti is their Chair and Phil Wolff is very active as a public speaker for them. Here is some additional information about their mission.

Federated Social Web -- has recently become a working group of W3C, and is stewarded by many including Evan Prodromou and Harry Halpin. FSW is stewarding work on federated social web software and protocols, including things like PubSubHubBub, OpenID, Activity Streams, OAuth, among many protocols.

Activity Streams -- developed a protocol for how user's share personal data, using both JSON and Atom based streams of metadata. Monica Wilkinson and Kevin Marks actively steward the project. Activity Streams works on the Microformats model, proposing standards around activities already heaving in used online.

Microformats -- Microformats have been created for many pieces of data shared, such as hcard or hcalendar. Stewards of this project include Tantek Celik and Kevin Marks.

OpenID -- Created protocol for a federated login with OpenID 2.0 spec. OpenID Foundation is currently working with Microsoft, Google and Facebook on OpenID Connect, as well as on Account Chooser, an open standard for web sign-in ease switching between multiple accounts on a website. OpenID Foundation's chair is Don Thibeau.

ID Trust, OASIS -- from their website: "...promotes greater understanding and adoption of standards-based identity and trusted infrastructure technologies, policies, and practices. The group provides a neutral setting where government agencies, companies, research institutes, and individuals work together to advance the use of trusted infrastructures, including the Public Key Infrastructure (PKI)."

XDI.org -- responsible for the XRI / XDI standard, currently for pointing to data and creating link contracts. From their website: "XDI.ORG is an international non-profit public trust organization governing open public XRI and XDI infrastructure. XRI (Extensible Resource Identifier) and XDI (XRI Data Interchange) are open standards for digital identity addressing and trusted data sharing developed at OASIS, the leading XML e-business standards body. XRI and XDI infrastructure enables individuals and organizations to establish persistent, privacy-protected Internet identities and form long-term, trusted peer-to-peer data sharing relationships." Drummond Reed co-chaired the group with well, Gabe Wachob, of the XRI TC at OASIS and Andy Dale, Markus Sabadello, Mike Schwartz we involved in developing the standard.

W3C -- Umbrella standards body stewarding a number of standards for personal data use and control including the Do Not Track proposal. The Federated Social Web, and all their combined efforts including Activity Streams, recently landed at W3C.

ITU (International Telecommunications Unit) -- making infocommunications standards since 1865. Yes.. that's really 1865.

User Managed Access (UMA), a Kantara working group -- develops specs to allow individuals to "control the authorization of data sharing and service access made between online services on the individual's behalf, and to facilitate interoperable implementations of the specs." UMA group chair is Eve Maler.

The Direct Project -- From their website: "The Direct Project specifies a simple, secure, scalable, standards-based way for participants to send authenticated, encrypted health information directly to known, trusted recipients over the Internet."

IETF (Internet Engineering Task Force) -- Working on a number of standards around identity and data portability.

Claims Agent Working Group -- is working on development of standards-based, interoperable, verified claims agent implementations. Is at IDCommons and was originally proposed by Paul Trevithick, though many people are part of the group.

Open Web Foundation -- is "independent non-profit dedicated to the development and protection of open, non-proprietary specifications for web technologies" and uses an open source model similar to the Apache Foundation. Their leadership includes Tantek Celik, Chris Messina & David Recordon.

Update: I've added the following item to technical:

SWIFT -- a non-profit based in Brussels that provides messaging standards around banking wires, is proposing a new infrastructure layer called the "Digital Asset Grid." The DAG would provide the metadata for all data transactions (including personal data), not just money wires, as well as a hardened, full duplex transaction layer for security, flexible identity and certified data. (Full disclosure, I'm on the team that proposed the Digital Asset Grid to SWIFT).

If you have more information about these groups, people involved, or corrections, please leave them in the comments and I'll update the post. Thanks!

Personal Data Ecosystem Consortium 2011 Recap, Part I

Personal Data Ecosystem Consortium, or PDEC, is an org I've been involved with for a year. I'm chairing the Board. We just sent out a Year in Review recap of our activities for 2011, Part I (first half of the year).

My involvement in PDEC included (these are quotes from our newsletter -- to read the whole newsletter see our PDEC post here our link):

NSTIC (National Strategy on Trusted Identities in Cyberspace) National Program Office Announcement
January 7th, 2011 -- Stanford, Palo Alto, CA
Mary Hodder and Kaliya Hamlin attended the NSTIC National Program Office Announcement at Standford University. Commerce Secretary Gary Locke and   Commerce Secretary Gary Locke and  White House Cybersecurity Coordinator Howard Schmidt both spoke. 

Department of Commerce Green Paper Response Due
January 28, 2011
Kaliya Hamlin and Mary Hodder submitted the PDEC Green Paper response to the DOC and the National Telecommuncations and Information Administration (NIST) on the DOC proposals around identity and personal data, and the Do Not Track proposal by the FTC.
Read it here at the DOC site.

Strata, Data Camp
February 1, 2011 -- Santa Clara
Mary Hodder led a session at Data Camp, Strata for developers on the Personal Data Ecosystem.

Conversational Commerce Conference (C3)
February 2-3, 2011 -- San Francisco
Mary Hodder spoke at the C3 Event, on a panel with Michael Becker, Dean Landesman, Prakash Kondepudi (of Intellius) and Julian Gay (Orange) on CRM, VRM and Personal Data. Kaliya Hamiln also attended.

FTC Do Not Track Event
February 9, 2011 -- Berkeley, CA
Mary Hodder attended the FTC all day meeting on Do Not Track.
I asked the only audience question of the day, about models other than DNT and business as usual: whether a Personal Data Ecosystem would create a market solution to solve user discontent with the current state of online tracking and user data.

Applied Brilliance Salon
February 17, 2011 -- San Francisco
I attended the salon, regarding Personal Data topics, hosted by Jerry Michalski. I asked the first audience question about a Personal Data Ecosystem solution.

Federal Trade Commission Paper Response Due
February 18, 2011
Mary Hodder submitted the PDEC response to the FTC on Do Not Track proposal.
Read it here at the FTC site.

Tracking Do Not Track panel, Morris + King
April 26, 2011 -- NYC
Mary Hodder spoke on a panel with Brian Morrisey of Digiday, David Norris of Blue Cava, Dan Jaffe of the National Association of Advertisers and Helen Nissenbaum of NYU.
Read more about the panel here at PDEC.

W3C Privacy and Tracking
April 28-29, 2011 -- Princeton, NJ
Mary Hodder attended the W3C event about privacy and tracking. Mostly the event focused on Do Not Track as the only solution, but I tried to ask as many questions as possible to open up thinking about a possible Personal Data Ecosystem approach.

12th Internet Identity Workshop including Yukon Day
May 3-5, 2011 -- Mountain View, CA
PDEC led a number of sessions on Personal Data as well as participate in other sessions on Trust Frameworks (presented by Drummond Reed and Scott David) and VRM (by Doc Searls).
Mary Hodder and Kaliya Hamlin held a session on the Personal Data Ecosystem Consortium.
Kaliya Hamlin hosted Personal Data Stores Lockers Vaults
Mary Hodder led a session on The State of Personal Data today.
Mary Hodder and Heather Schlegel led two sessions on What Part is Identity and What Part is Personal Data?

W3C Identity in the Browser Workshop
May 24th -- Mountain View, CA
Mary Hodder presented the Personal Data Ecosystem philosophy. More can be found about the workshop here.

Quantified Self
May 28, 2011 -- Mountain View, CA
Mary Hodder attended QS and led a session on Developing Health / QS Apps in a Personal Data Ecosystem model. Read more about it here in my post on the event.

Next Monday we'll be sending out Part II of this.. recapping our activities this fall.

Should an Actress be Suing IMDB Because She Doesn't Want Her Age Posted?

Brad McCarty of The Next Web thinks the IMDb: Age-publishing lawsuit is “a frivolous abuse” and should be dropped.

Reading his piece, I can see that on first glance, it sounds silly. An actress anonymously sues the Amazon-owned IMDB folks because they won't remove her birthdate, claiming that it will adversely affect her career. And now, IMBD has asked the judge to only allow the lawsuit to move forward if her name is made public:

"Truth and justice are philosophical pillars of this Court. The perpetuation of fraud, even for an actor's career, is inconsistent with these principals. Plaintiff's attempt to manipulate the federal court system so she can censor iMDb's display of her birth date and pretend to the world that she is not 40 years old is selfish, contrary to the public interest and a frivolous abuse of this Court's resources."

But this argument between IMDB and the actress points to a much bigger issue, and it's not the one about IMDB making its living trading on other's data, whether from Hollywood or the users who add to the IMDB system for free, which I would understand is a fairly selfish undertaking by IMDB.

Why should IMDB be able to operate "selfishly" by publishing people's personal data, outside their discretion, and the actress in question not be able to "selfishly" make a living by trading in her looks for salary? I would say IMDB is pretty hypocritical here. And do they really think the Judge, the public, or the Hollywood set they make money from, are that stupid that we wouldn't understand that IMDB is selfish too?

I understand from reading the Hollywood Reporter article that the IMDB believes she may be the same actress that years ago tried to change her birthday, submitted by a previous agent to IMDB. Since IMDB believes this is an issue of fraud (they have no proof), they now want the identity of the actress made public. But since the old information isn't part of the case, does it really matter? Yes, I get that actresses have lied about their ages for a long time, but is it really "in the public interest" to out this woman? It's definitely in her economic interest not to out her, so i just think Amazon-IMDB are being nasty and frankly it seems frivolous of them to try to out her.

But this is really beside the point.

The Larger Issue

I believe people should be able to choose what personal information is shown about them on websites.. especially data that isn't or wasn't before the past 10 years, public. It's easy to dismiss this as vanity or frivolous.. but as more and more personal data is out there, and as people lose control of it.. it points to a much larger issue: how do individuals control information about them that doesn't really need to be public?

I can see that by having her age obscured, the people who hire her would just think of her age based upon appearance.. which is actually for an actress or actor, probably a good measure. Giving the specific age will plant that in producer's and public's heads. So I can see her point.

Rather than get into a discussion of harms and "how bad is it" about one or another data breaches, I think the real question is:

What kind of society do we want to have, where everyone's data is public and out of their control? What does it do to us, to devolve into a totalitarian model where everyone is afraid because frankly, everyone has something to hide? Or maybe their friends do.

Right now, life and health insurance companies are telling the press and their investors that they are screening people in Facebook. And it's not just you under scrutiny. It's your friends. This was covered extensively in the Wall Street Journal "what they know" series a year ago. There are also finance companies that are telling users to "unfriend" anyone they are connected to in Facebook with bad credit... because when you are reviewed, friends with bad credit will reflect on you.

This issue of personal data and control is much larger than an actress and her age being displayed without her consent.

It's about how we allow others to show information about us, verses having control of it ourselves. I think for a civil and democratic society to work, we can't leave that up to companies with no oversight and a big profit motive, but instead need to think about giving the individual ultimate control over certain types of personal data.

So while the actress may be vain, may be trying to gloss over her age, or may just be reflecting the economic realities of her profession, which i do think are real, and we may poo-poo this as silly, this lawsuit reflects the much greater tension about personal data and control and actually could be a really interesting test case, given that we don't have much privacy law in the US.

Discussion: Building for a Personal Data Ecosystem - A Case Study

Just left the Quantified Self conference where I led a session in the last breakout on "building for a personal data ecosystem." Since we weren't on the official program, i was very happy to be holding something in an Infinity session. Fifteen or so people came, and I talked about Personal Data Ecosystem Consortium and our mission for a user centric data model where user's control their data through agents, or Personal Data Stores. I also mentioned what I was seeing at the event, which was lots of folks building apps, making new silos of data, and repeating the model where users' data is in question as to who owns it, and users don't really have access to their data except through the a service's website and possibly an API that might send a little data somewhere else (like twitter or facebook).

I suggested that in a Personal Data Ecosystem, apps makers could take data from their users and send it straight through to the users' Personal Data Stores (PDS). That way if the app or hardware changed or ceased to support their old systems, the user would have their old data to play with in their PDS. And I talked about open formats for the data (think.. what about an open format for Heart Monitor data, where you pulse is described and you can take that data anywhere). Services could think about just providing a great service, instead of trying to manage all the user data storage and security. Users would control their data in their Personal Data Stores/Lockers/Banks, and I said that a bunch of companies were building these PDSs, including Sing.ly which is building the Locker Project.

Sing.ly happened to have someone there, Jared Hansen, who is a developer in the open source project. And there was a guy from Basis, Bashir, who is building hardware (like a wristwatch) that you monitor things like your heartrate with.. though it does monitor many other things as well on your body. We also had a couple of health researchers there, plus other health and wellness companies looking at data, as well as Ian Li, of Carnegie Mellon who is researching data collection and normalization, and a woman from the EFF. And we had a couple of users who talked about what users need.

After a few minutes, Bashir from Basis explained their dilemma around the hardware which isn't all that profitable for them. So initially they were questioning what to do with the data and how to monitize the company. Should they sell the data, or give it to users, or charge uses for it, or give it away to developers who could create a great ecosystem by building lots of apps, thus driving more sales? And who's data is it?

WOW. WOW!!!!

So we were off an running, with the impromptu Basis use case of how to get the value of the data, include the user and let the user have choice and autonomy, and how to leverage what is being done out in the marketplace and with developers creativity with data. Oh.. and don't forget about participating in microformats and Activity Streams creation to make bottom up grass-roots standards for the data formats and exchanges.

We talked through what it would mean to give away the data, support users and ask them if they wanted their data included in studies, get additional revenue for Basis while maintaining the inclusion of the user in the process and what developers could and should do. We brainstormed a lot of things, and covered the good and bad points of how it would all work and how to support Basis' market model while still being good and fair to the users.

I have no idea what Basis will do, but I would love it if they would join the Personal Data Ecosystem Consortium in the Startup Circle, to help build out ways to make a user centric data system for user's wellness data collected with Basis hardware.

What an amazing opportunity Basis has for doing the right thing for users, and leading the wellness and personal data ecosystem by creating a win-win for themselves and users. They could create a new market for wellness data, that is user driven.

Frankly, we need more discussions like this. It's not about Do Not Track models where we kill all the data plus the value of it, and it's not about "business as usual" where the user isn't included and businesses do whatever they want with user data.

It's about creating markets that do right by users and have companies making money ethically and conversing with us in the market.

Thanks to everyone who came! We had many representatives of the relevant stakeholders and the discussion was enlightening and rare.. but one I hope to make more common in the near future!

Where is the Personal Data Awareness? And what are the Missed Opportunities at QS2011

I'm at the Quantified Self Conference in Mountain View today and tomorrow.

A few thoughts. There are lots of people here from various disciplines: health care, tech companies like 23andme.com that marry personal genomics and tech, apps makers and health and wellness hardware makers. And lots of folks just wanting to track themselves.

Sessions are preprogrammed (in other words, the conference is all done top down broadcast mode), and now and then in people's statements, a person will pass along the vibe of the old style medical industry (that is: we know more than you and we'll tell you what's true.. that mode was in the opening session where we were lectured to). Though I just walked through all the sessions in round 1 and the individual break out sessions are more discussion mode which is great to see.

There was a near complete lack of consciousness about protecting user's data as I walked in and spent a few minutes in each of the first 6 sessions. The impicit assumption was that "we" (builders, companies, etc) can take data and use it for whatever "we" want. Building systems that aren't just about more silos with data lock-in, or building for a Personal Data Ecosystem model where users keep their own archives and data, and then choose where their data goes, what purpose it's used for and control what is happening isn't on the radar. It is especially important that we look at issues of privacy, control, autonomy, choice and transparency for the highly personal, very sensitive data collected around personal wellness and health.

There is a single session, led by lawyers about privacy in round 2. But the rest of the sessions do not seem to be aware at all that they need to build from concept on for privacy, data control by the users, where users keep their data and the applications, devices and monitoring tools "use" the data with permission.

And there is no session about personal data control, where the QS apps would work on a Personal Data Store. I've asked to have one.. but we'll see if they decide to let me do it. The assumption is developers will just build more silos with more data collected, about you, crossed with other data about you, that after combined, creates yet another silo of data. There may be an API available, but effectively, the data is stuck in another silo, that a regular user can't really get at it, hold it, control it, share it, correct it or delete it.

It's dismal.. thinking about how all this highly personal data is just assumed to be owned by apps makers and companies and users are just cows in a big milking system. The participants of QS are just continuing the tradition started by the health industry and continued by tech company silos in making the users say "Moo." Pick your ecosystem and prepare to be milked.

Lastly, I'm really happy to report that the QS organizers decided to order a really healthy vegetable lunch salad (with either chicken or tofu on it).. Great work on that front!

McKinsey's Research Arm Claims Big Data Mining Will Save Us All

Steve Lohr has a write up in today's NYTimes: Mining of Raw Data May Bring a Surge of Innovation about McKinsey & Company's report on Big Data: The Next Frontier for Innovation, Competition and Productivity.

I think we need to challenge assumptions about the inputs... compare the inputs from "hoovered" personal data to that of what people assemble in personal data stores operating in a Personal Data Ecosystem.

Execs from Rapleaf and Intellius have admitted publicly, recently, that they know half their data is bad, they don't know which half. I also sat recently with the woman from Experian who is in charge of segregating and keeping separate data from the internet (verses financial data which is regulated) for their offerings about users. When I posited that a lot of her data was likely wrong, she agreed.

User's obscure their data intentionally because they are scared.

For myself, I can tell you that in the last few years, I have obscured data online (birthdate, zip code, name, address, phone number, preferences, email addresses) as well as health info (not to my doctors, but to data collectors whom I do not trust yet claim they never share the data. For example, you can't get a mammogram in SF / Children's Hosp without sharing a huge amount of very personal data.. so i made it all fake because I don't trust the lab and who they sell the data to...). And I fake it to the pharmacy when they ask for more than my basic info to fill a prescription. In fact my current insurance company has my name and birthdate a little wrong and i'm not correcting them.. because it makes it harder to aggregate my data across systems. Oh.. and my bank spells my name: Hoddler .. and has a slightly incorrect address (don't you love how they key in the wrong data!) and i'm not correcting that either.

I fake all sorts of stuff on and offline... I fail to correct bad data... I know many others do too.. I have since 1994 been faking my data online. Somehow even then, without understanding the privacy issues or how the internet worked then, I just didn't trust the system because I knew then we had no privacy protection in this country (US). As I began working with online technology in 1997, and started really understanding it, I've felt more than ever the need to obscure my data and make it difficult to combine in a pivot about me.

I get that this security by obscurity and mistakes doesn't cut it, but it's the best I can do right now.

So my question for the McKinsey research people is: have they factored this in?

And have they factored in that users have obscured enough information that me at one site cannot be aggregated with me at another site?

Or have they factored in that the people at institutions who key in the data from our driver's licenses get it wrong (my bank with my name and address) or the insurance co (my application correctly filled out.. with my name and DOB) or whatever?

The answer is to give us proper protections for our data. 4th amendment protections and rights over sharing of our data, so that we make sure the data is right. We can aggregate our own data in Personal Data Stores. Then we can trade fairly for that data if we agree to being included in the big data systems McKinsey is saying will help us so much.

I agree big data analytics can help us as a society, but not without good data, and not without including users into the system, as equitable players who deserve to have rights over our data, including choice and autonomy to participate in big data systems.

But until then.. big data is working with databases that are half right.. because we don't have choice, autonomy, rights or protections as users, and that's the first problem with McKinsey's assumptions.

Tracking Do Not Track at Morris + King

A bit of Context
Obviously, this diagram is a little cynical (courtesy of Chinagrrrl), but not too far off from how we manage personal data online today. But there are a lot of proposals on the table to fix this dilemma. One is Do Not Track which industry sees as something they can self-impose on an *opt-in* basis (for themselves) and opt-out (for the users) and self-regulate by having advertising trade org.s monitor compliance, with the FTC stepping in as necessary. There are also a number of DNT bills introduced in Congress and various hearings on tracking where the FTC would regulate implementation. And Johns Kerry and McCain have introduce a Rights and Responsibilities proposal in the Senate, that instead of Do Not Track (Kerry's LA, Danny Sepulveda told me DNT is a waste of time) suggest ways that data collectors would have to be responsible with our data. However, that bill lets 3rd party marketing, data tracking and Facebook's privacy bending ways totally off the hook. Both of these plans / legislative initiatives completely ignore the more than 40 startups and companies building for the Personal Data Ecosystem where users would collect their own data, and make use of the value, which the World Economic Forum recently said was "a new asset class".

That said, the rest of this post describes the Tracking DNT panel at Morris + King the other night.

Tracking Do Not Track
Tuesday night I was on a panel at Morris + King, an PR firm in NYC, called Tracking Do Not Track. Our hosts: Andy Morris and Dawn Barber (who co-founded NY Tech Meetup with Scott Heifferman) were very good about putting together a diverse group of people to talk about Do Not Track and the various issues with personal data and the advertising industry that have so many talking these days. My guesstimate was that about 100 people attended, mostly from industry (tech & advertising).

Our group included:
Brian Morrisey (Editor in Chief of Digiday, an ad industry trade publication) as Moderator
David Norris (CEO of Blue Cava)
Dan Jaffe (Exec VP, Govt Relations for the Assoc of National Advertisers - ANA)
Helen Nissenbaum, Professor, Media, Culture & Communication at New York University
and me: Chair of the Personal Data Ecosystem Consortium

We started off with Brian's question: who are you, what do you do in a nutshell, and what do you think of the state of online privacy these days?

I was first.. and gave a quick explanation of PDEC which is to say that we offer a middle way between Do Not Track (DNT) and what is going on now online (Business as Usual). Our middle way offers a market solution to users' wanting control of their data, and the tracking and digital dossier building by shadowy companies to stop..we don't believe DNT will work and don't support it, though we do see that some kind of "Rights and Responsibilities" legislation would help create a level playing field for any company that collects personal data. Those rights and responsibilities for personal data collectors needs to include giving user's a copy of their data, so they can then put them into personal data stores (or banks, lockers, etc) and then use the data as the person sees fit.

Oh, and I said the state of online privacy was pretty dismal, though I was optimistic because it feels like this year, it's actually possible to get personal data some basic protections similar to HIPPA or FCRA where user's can get their data, and we can make the Personal Data Ecosystem emerge as a market solution that finally works for people. Granted, it's a 5-7 year proposition to really create a new market, but we can actually start this year because of the 40 or so startups that are funded and building pieces of the PDE and the push in the US Government to do something about the dismalness of online privacy.

Helen Nissenbaum, whom I've admired for years for her thoughtful approach to privacy and usability, agreed that privacy online was pretty bad, and explained her work around Adnostic, a "privacy preserving targeted advertising" system made with some Stanford folks.

By far, the best comment Helen made all night was that tracking and aggregating data that pivots on people is not ethical, that it's bad for people and for the incremental 1% improvement we might see in targeted advertising, it's not worth the incredible intrusiveness of tracking. In particular she said, "Anonymization does not change intrusiveness."

Dan Jaffe spoke next, and surprise, agreed that online privacy is not good, but talked about how publishers need to support their businesses and that behavioral advertising is helping them do it, and that Do Not Track should be self-regulated by the industry because they know their business best. And government has a tendency to screw up regulations and therefore, we should let advertisers figure out what works.

Next up was David Norris, who agreed with my use of the word, "dismal" to describe online privacy and said that Blue Cava was supporting a self-regulatory model because they didn't feel that Do Not Track as proposed for legislation was a good idea.

We chatted about the viability of Do Not Track, and with Norris, Jaffe and me all agreeing it wasn't a good idea. However Jaffe said he didn't like the idea of any regulation, that the industry could do it themselves, and that my "data rights and responsibilities" support for legislation would be just as bad for data collectors.

Folks in the audience, like Esther Dyson, pushed back on Jaffe, saying that she wanted the ability to choose where and when her data was out at some vendors site, and that's why, she said, "I'm supporting Mary and her organization" because it's a market model that gave her choice.

I was very pleased to hear her endorse us (thank you Esther!)

In the end, I think we got our message out which is that tracking individuals is a bad thing, that users should be the only ones tracking themselves across sites, but that sites can track within the site to optimize business. And that users should have a marketplace to trade data, like they do in mileage accounts, and choose when they trade, as partners, and not have it done for them in secret as is the case now. And that we want to see users data protected with a basic set of rights, like Health, Education and Financial data currently is now.

Curiously, Dan Jaffe made a comment about HIPPA, the health data protection law, suggesting that users get their health data so maybe they could get their personal data too. Given that that is a law, and he was opposed to regulation of any sort otherwise, I wasn't sure what to make of this.

However, I was really pleased with the opportunity to talk about PDEC, the startups and tech efforts to create a personal data ecosystem, and to provide a different view than the usual support for Do Not Track as we try to figure out what is best for our society.

Thanks Andy and Dawn for inviting me!

The right to oblivion

Yesterday at this NCUA ICANN meeting in SF the right to oblivion was mentioned several times. It seems to be on people's minds as they try to figure out what privacy and data control mean to companies, to users, to privacy advocates and regulators.

Peter Fleischer who is Google's Global Privacy Counsel wrote a post on this topic: "Foggy Thinking about the Right to Oblivion" and I think he missed something very important in the discussion where people want to be "let alone." He mostly focuses on explicit data, the kind that user's put out there knowingly. But there is also implicit data, that users expect will stay within a website, and yet doesn't.

So I left this comment, but wanted to post it here as well:

I think you are missing an important distinction. There is data a user puts on the web: a facebook comment, a tweet, a flickr photo, etc. And there is data the user didn't expect to go anywhere except stay with the business they do or did business with:

* geolocation logs from one's mobile carrier
* purchases made with a vendor
* financial statements and the various actions one takes with bill pay, online banking and financial organization
* search activity logs
* an email address given to Facebook to be used as a login

The problem is that users expect that this data will stay with the obvious parties: you purchase something and your data should stay with the vendor and the shipping company. But the reality is your data is being sold all over, beacons are all over the purchase site, and you have no notice at all. Much less consent, except in some privacy policy you cannot begin to understand.

Or Facebook gives your email address to Rapleaf who matches it with activities all over the web. You have no idea, nor did you expect this.

Or you search on your mom's medical condition and now the beacons have transmitted the info to advertisers and pharmaceutical companies.

And you thought deleting your cookies would help. A complete waste of time now with flash cookies, beacons and fingerprinting of your computer.

What I think user's want is the right to control their own data. The right to ask that it be deleted after a period. The right to correct it if something is wrong, and the right to hold it, so they may store it in a personal data store (PDS).

And why, you ask, would anyone use a PDS? Well.. do you use Mint, or Dopplr, or Trippit, or have a mileage account? For that last one, you can get amazing things like free hotel room or plane tickets or even goods like flowers. We already use personal data stores now.. just very primitive ones. And we want the ability to trade our data because we might get a free book or discounted things. Those markets are yet to be sorted out.. but the apps to make that work are coming.

There is a lot to work out here, but there is a Personal Data Ecosystem coming.. companies are building for it, and frankly, we do need a little regulatory help on the side to support user's rights to their data.

And to keep sites, like the examples above, from sending your data off site through beacons and trackers or other data agreements. Instead, Ad companies should be sending websites a black box to process user data internally, and then pick relevant ads, so that sites never have their user's data leaving the site for any reason, unless the user takes it to their PDS.

It's the right thing to do for people.

PDEC Response to the FTC Do Not Track White Paper

Here is a link to the Personal Data Ecosystem Consortium response (pdf) I submitted late last night to the FTC about their Do Not Track white paper (pdf).

I got the letter and Q&A to the FTC (33 pages!) just in the nick of time as submission "00472"... at just about 9pm PST on February 18, after which the FTC shut down the submission site. You can see other submissions here but for now, nothing submitted last week is actually listed. Check back early next week for updates and the PDEC submission.

After working on this for 3 weeks off and on, between other endeavors, it's a huge relief to get it off.

Now the real work begins!

Speaking of Speaking.. the Personal Data Ecosystem Emerges

The last two weeks I've been speaking a lot. Why?

On 1/28/11 I was at She's Geeky SF leading a session with Kaliya Hamlin, Executive Director of Personal Data Ecosystem, where about 50 women came to talk about what this emerging organization and space are all about, and hear about what Kaliya Hamlin and I were submitting to the Department of Commerce in response to their Green Paper. On 1/3/11 I was at BigDataCamp 2011 (the night before O'Reilly's Strata) in Santa Clara, to lead a session on Personal Data Ecosystems. And on 2/3/11, I was on a panel called CRM versus VRM: Who Controls the Conversation at the Conversational Commerce Summit in SF. Also talking about the Personal Data Ecosystem.

Why all this talking? Well.. as I mentioned Kaliya Hamlin and I have submitted a response to the Department of Commerce Green Paper where they asked for comments about the FTC's Do Not Track proposal and options for how to protect user privacy and conduct secure logins, while still engaging in what the DOC does.. which is advise Congress on how to promote commerce in the Union.

I'm the Chair of the Board of Personal Data Ecosystem Consortium.

And I'm currently writing a response to the FTC's Do Not Track proposal.

Why all this work? Well.. I think the two extremes of on the one hand: shutting down tracking, or on the other: allowing a sort of "business as usual" stance for the intense tracking that goes on as we traverse the web, use our cell phones and generally act through digital mediums aren't the answers. We do need to dramatically alter what is happening, but not shut down the data.

Why? Instead of do not track, I want there a systems where *only I can self tracking*. Because I am the *only* ethical integration point of data about me.

Can you imagine if we did a "do not track" in 1979 when Airline Mileage Programs were just getting started? People have benefited enormously from them.. to the tune, per the Economist in 2005, of $700 billion in benefits. People want some self tracking, if they get something of value. They may want their histories private, but able to share a score or a piece of it, when they want. Because our data is gold. And we deserve to benefit from it.

We need to track ourselves, but only if we want to. And there needs to be no tracking of us, across sites, if we don't want it. But if we do, we need the ability to take our data, aggregate it, and trade it for goods. And to correct it, or delete it Like free plane tickets. And a lot of other things I think we can't imagine now. Because the Personal Data Ecosystem, and things like Vendor Relationship Management are just getting started.

We need to limit the surreptitious stalking of ourselves across digital platforms and sites by others, and take back the ownership of our own data, to be aggregated, deleted and managed only by the individual. And traded when we want to in a marketplace. And we need 4th Amendment protection for our personal data stores.

And we need marketplaces, much like the Mileage marketplaces, that allow us to trade our information, we need Personal Data Services that will store our data, make it portable, so that we can move our data when we want to (think taking your money from one bank and putting it into another) and we need an applications market for developers to do creative and interesting things with our data.

It's time.

Data Sharing Events Coming Soon!

There are two new events coming up for the Data Sharing group (we met last August in great camp type open space event where many interesting things developed, came to light, got solved, etc.) I'm on the advisory group, and will definitely be there and would love to see anyone who cares about attention data, both the control aspects at a site, as well as ownership issues, get moved forward in a community oriented way there as well.

Also, Mitch Ratcliffe wrote a great post today on these issues which you should totally checkout.

Here is the write up from the Facebook group entry:

* A Data Sharing Workshop at the Downtown San Francisco State University campus on April 18th and 19th.

* Data Sharing Summit 2 at the Computer History Museum in Mountain View on May 15th. (This is immediately following the Internet Identity Workshop May 12-14).

Hopefully at the first event some more clarity will emerge about how to actually do and get adoption of data sharing technologies. The second event we can see progress (it being a month later) and may have more 'decision makers' considering data sharing implementations and vendors that have ways to do it.

The goal of these events is to work together to build consensus around and get adoption of emerging data sharing standards. As with the previous summit, the upcoming event will follow the open space (un)conference format. The agenda is created on the first day of the event, allowing everyone to participate in the discussion.

Although Marc Canter was a key organizer of the first Data Sharing Summit, he has stepped back and his involvement is just one of group of advisors:

* David Recordon, Six Apart
* Joseph Smarr, Plaxo
* Chris Saad, Faraday Media
* Mary Hodder, Dabble
* Luke Sontag, Vidoop
* Kevin Marks, Google
* Marc Canter, Broadband Mechanics

The events will be produced by Kaliya Hamlin and Laurie Rae, who are collaborating with the Data Portability community and the SFSU Institute for Next Generation Internet.

We would like to invite you to attend one or both of these events.
Please go to http://datasharingsummit.com or to go ahead and register right away to to our Eventbrite page to register. We will be charging admission to cover the costs required for organizing these events.

The Early Bird rates are as follows:

April 18-19 Workshop
* Regular, $110.00
* Independent/Startup/Non-Profit, $80.00
* Student, $50.00

Workshop One-Day Only:
* Regular, $65.00
* Independent/Startup/Non-Profit, $50.00

April 18-19 & May 15:
* Corporate, $200.00
* Independent/Startup/Non-Profit, $140.00

May 15th Summit Only:
* Corporate, $100.00
* Independent/Startup/Non-Profit, $70.00

The Early Bird cut-off dates are April 7, 2008 for the Workshop and May 7th, 2008 for the Summit. Prices will increase by $50.00 after the cut-off dates.

We can bring you this event at such a low admission fee because 1/2 our costs are paid by sponsors - both small ($200) to the large (several thousand). PLEASE contact Laurie Rae at laurierae@datasharingsummit.com if you would like to sponsor.

Please contact us if you have any questions identitywoman@datasharingsummit.com & laurierae@datasharingsummit.com

We look forward to seeing you in April and May.

OpenID2 Developer Info Day Aug 10th Bay Area

From Kaliya Hamlin:

I am really pleased to announce that we have an OpenID Informational Evening for Developers August 10th 6-9 in Berkeley at 2029 University, Upstairs.

The Big news is the community has converged and figured out the authentication layer - OpenID…OpenID is just the authentication layer - but on top of this ad hoc standard lots of cool stuff can happen. The goal of the evening is not to geek out on identity but to connect with a developers working on applications that require users to login.

Find out more about what it is…how it works…how you can install. The incentives to learn are high with the $5000 bounty for having OpenID in Open Source projects.

Presenting and answering Questions

David Recordon formerly of Live Journal/Six Apart now of Verisign will be presenting a bit about the origins of OpenID but most importantly how it works…and how you install it.

Andy Dale from ooTao will talk a bit about i-names and how they work with OpenID2 and looking forward to what comes next after authentication - profile sharing. ooTao is also data sharing are running ibroker services.

Mary Hodder CEO of Dabble will talk about the work happening around the development of itags.

I am helping coordinate the evening please RSVP to me - kaliya (at) Mac (dot) com and feel free to ask me any questions.

If you know a developer - pass the word along.

ps. for all you Technorati guys who keep having questions, now is your chance to ask the guys who know.

UPDATE: Scott Keveton from JanRain will be there too. He just posted an OpenID walk through on his site.

UPDATE 2:Dick Hardt from Sxip will be in town and will also be joining us for the evening. Hopefully he will share some of the cool stuff sxip is doing with OpenID.

Privacy and New Technology: System Openness, User Control and Good Interface are Key to Making Users Feel More Comfortable, But So Would A Blanket Privacy Policy

Ross Mayfield has a really interesting discussion roundup on his site, about users driving policy. As the discussions around various blogs became more specific, much of it centered around privacy and social norms issues, particularly mismatched expectations between users and a system's designers. Design issues at the development level are key to narrowing these, giving users control and notice, as well as a good interface to easily understand and make good choices that suit their privacy needs and intentions with their information or system expectations. But I keep returning to the feeling that, regarding privacy, we really need a blanket privacy policy to make users feel comfortable as they interact in the digital world, and on the internet. This cannot be resolved with better interfaces, user control and system openness alone, though those are key to making information technologies work well and giving users what they want on a system level, leading to more informed users, and integrity in the relationships between systems and users and their data.

Systems and companies may make some relatively small amount of money now by using collected information from and about users, for purposes other than the users intended, for use outside of their relationships with those specific companies. But instances like those discussed below cause users to feel worried and sometimes outright scared, where they then refuse to participate in a system or with a company at all, or find themselves shocked after the fact by the results of their interactions with a company or entity. Unless people feel comfortable and protected, those profits resulting from systems currently selling or manipulating user data in ways the user doesn't intend will remain small in comparison to the tremendous amount of money to be made in web services, social networks, and with all sorts of other information technologies were most users to participate because they felt safe.

Most users will not now participate in information technology systems that require a lot of personal data unless there is something they get in return, and even then, it's a subset of the total internet user population. If users really trusted that they were in control of their own data, so they knew when their data went beyond those specific company systems and relationships, and could decide when and where to participate, instead of operating in a state of uninformed fear as companies currently now offer with no or little privacy policies, and little in the way of overall government protection, those companies (and many new ones based on new technologies) using exactly this kind of personal user data could make many times over what they do now. It is short term greed that keeps companies operating as they do, which keeps users from participating, which leads to few participants out of the whole of those using the internet. And yet, one company's policy to the next is confusing and unreliable, and not something people can or want to keep track of, and the resulting confusion also contributes to far less participation. I believe the only route to real information technology development with personal data and the profits that will follow is a blanket policy that every company will have to follow assuring customers of their own data privacy. Users would feel secure and many many more would participate, and those companies would make far more than they have seen under the current (no) privacy regime.

The discussion Ross catalogued partly centered around this: Danah Boyd responded to Wendy Seltzer (responding to Cory Doctorow saying that the last twenty years have been about technology and the next twenty will be about policy). Wendy suggested that originally, she thought that technology developments bringing about privacy tensions might ease as people became more sophisticated users, but instead she saw the gap as a critical mass of users would always lag behind technology developments as they learned a new information technology well enough to overcome, accept, steer away from or rearrange the privacy breaches, and so social norms developed as a result of these new technologies lag behind. Danah replied that social norms weren't falling behind, they are instead going in one direction while technologies are developed in another, and it baffles the social norms trying to cope.

I think in a way they are both right (both scenarios can exist with the same technology depending on use and result); it's not only lagging user competency and then the attendant reactions from users that will adjust, making some mental calculation with a new technology in order to get the amount of privacy or control they need, and it's not just diverging social norms, but also other issues on the design and development end that might solve this, like notice, good interface and user control, that allow for users to know immediately, and then deal with the privacy issues as they use the new technology, instead of finding out about their loss of privacy when it's too late, that will counter these kinds of issues. Technologists can do much better with design, as could corporate policies for privacy be much better, as could users in learning new technologies and protecting their own privacy as needed. But for most people and companies, the benefits will come when users know they are protected, understand a basic structure of privacy across companies and websites, which all interested can rely on, leading to users releasing information. Interesting uses of people's data will follow while still maintaining privacy and user control.

And yet instances of technology development seem to move in exactly the opposite direction at times, leading to scares with users, resulting in less participation with systems that might benefit us all if many participated, and well designed, with privacy built into the architecture, and privacy as a given right between users and the entities with whom they deal.

John Battelle points to a particularly disconcerting social and privacy issue brought up by a new web service, Cardbrowser. Apparently, they have 17,000 (and counting) business cards they've collected from some major conferences, with no privacy policy posted and little information about whether they let those giving the cards (presumably for the purposes of making a new contact person to person, not being entered into a web-searchable database for the whole internet to search, though this is unknown because they publish nothing about their data or privacy policies) know that the cards would end up there, or allowing users to be in control of their own information, or for that matter whether the companies on those cards know. Also, what about the idea that without your approval, Cardbrowser is linking and distributing your name, title, company name, phone numbers and location, attendance record, and dates, which is information that together with other personal information in publically available databases, might lead to even greater matching and sifting of personal digital identities that people don't want out there for just anyone to see without some reason or a warrant or some kind of permission and reciprocity (as our current analog social norms often dictate).

Similar issues exist with your cell phone keeping tabs on you. There's good and there's bad in systems like that, where some users want to keep track of their kids, which may not be objectionable, but others including the companies that buy the phones for their employees may do it for reasons that are totally unacceptable. These kinds of information technologies can allow uses that previously didn't exist, and therefore, there is a lag before a critical mass of users understands what is happening and does something about it, or at least has notice that the shift has occured and can then make choices about when to allow it, or self-censor.

In the case of the tracking phones, it becomes a matter of each user knowing when the tracking is turned on, and having control over that tracking. It's a matter of notice, and a matter of interface. A good interface, on any system that tracks your behavior, your movements, your private, semi-private, semi-public and public behavior, would show the tracking, and give control choices at the time of use. But well designed systems are rare today, and it's the invisible nature of the tracking, and our relationship to the data from the tracking, that causes consternation and upset. A blanket privacy policy would alleviate many fears and open up many new information technology development possibilities as well as many customers for companies to development relationships.