Tech Crunch is suing Facebook (But it is an April Fools Joke)

Mike Arrington outlines the details of the suite against FaceBook for $25 million in Statutory Damages

He has his own brand:

I am a very important person. Forbes recently named me No. 2 on their list of web celebrities, for example, and Business Week says I’m one of the 25 most influential people on the web.

His image is being used to endorse things:

that allow advertisers to post ads using my picture and name to endorse their products without my explicit permission. I’ve received literally dozens of emails from readers asking me if I’m associated with Blockbuster’s Movie Clique application, or the new Jackass movie (no to both).

The Law they are suing under:

The key factor in determining whether a use is permitted or not in California (where I live) is Civil Code Section 3344, which was first enacted in 1971. California is perhaps more aggressive than any other state in protecting publicity rights because of the number of people engaged in the entertainment business. The law allows for recuperation of damages, attorney’s fees and injunctive relief, as well as unspecified punitive damages and statutory damages of $750/incident in the event a person’s “name, voice, signature, photograph, or likeness” is used “in any manner on or in products, merchandise, or goods, or for purposes of advertising or selling, or soliciting purchases of products, merchandise, goods or services, without such person’s prior consent.” There are additional common law remedies available to us as well.

They didn’t want to do this but…

I am sad that this had to blow up to the point where we are publicly suing Facebook over the matter. We’ll be filing the lawsuit tomorrow along with a related civil case for assault and battery and infliction of emotional distress. In a round of negotiations over the lawsuit with Facebook led by Chief Privacy Officer Chris Kelly, things got out of hand. When our team of lawyers offered to settle for a mere $50 million, Kelly told me Facebook would “bury you and bury your crappy blog” if we filed the suit. He then threw his steaming hot triple soy latte espresso at me, which caused extensive second degree burns over the top half of my body. Later on, he also unfriended me.

This lawsuit could be a major step forward for having clearer End User Licence Agreements along with establishing norms of use for people’s personal data on sites.

Identity Commons Explainitory Diagram

I worked on this diagram of Identity Commons for a few hours last night. I hope it does a good job of getting across our loose distributed yet connected nature. Please let me know if you have ideas to improve it.

Someone already mentioned that “standards” is perhaps a challenging word – maybe it should be changed to “protocols”. Lets be clear IC is NOT a standards body never intended to be – goal help connect efforts together in a loose non-controling way that facilitates collaboration.

The Creepy Data

So Auren Hoffman e-mailed me regarding a blog post he just did about men and women and social networking. This subsequently pointed to his ‘research data’ which he does not disclose the way it was acquired.

There are three names for this company (more details can be seen in this post). One of them UpScoop gets users to enter their user-name and passwords for all their social networks – then “upscoops” the contact information of their friends and ‘scrapes’ all data it can see by logging in as those users. It then creates a database keyed to e-mail addresses for those users. This is an “opt-out” system – everyone is in it until they opt out – basically the ‘credit rating’ like system for social networks.

Then what happens is campaigns and social movement sites are approached by Trust Fuse to run the e-mail addresses they gather from supporters or those who want more information against their giant data base of e-mail addresses and it returns information about the person – their ‘real name’ their ‘age’ their ‘profession’ or what other information they are collecting (they make a point of NOT collecting sexual orientation information – this makes me feel soooo much safer about this ‘opt-out’ system).

I have had a conversation with leaders of a major social movement building organization and they have been approached by RapLeaf/UpScoop/TrustFuse to pay to run their e-mail addresses through their API.

I don’t think this model is respectful of human dignity in the online world.

I hope that Auren and people from his company can make it to both the Data Sharing Workshop and Summit & the Internet Identity Workshop.

On OpenID Progress: Part of a Bigger Challenge of Identity on the Web

TechCrunch just did a post about OpenID asked if it was being exploited by the large internet players that are participating in the community and adopting it.

I recall the first Internet Identity Workshop when the small crowd of ‘light weight’ ‘open’ ‘distributed’ SSO efforts came together and started their conversation about how they shared goals and very similar technology ideas – it was just the little guys.

Some context for those of you who don’t know this event was and continues to be co-convened and produced by myself, Doc Searls and Phil Windley – we are having our 6th stand alone workshop May 12-14 we also have also done 4 co-produced Identity Open Space events with Digital Identity World and Liberty Alliance near events that have had. This series of events that have no pre-set agenda in the past 2.5 years have been instrumental in moving the whole range of technologies forward because it creates “opportunities for both innovators and competitors, for the big guy and the small fry to come together in a safe and balanced space.” The Data Sharing Workshop and 2nd Summit – being done in collaboration with the more recently emergent are building on both
* the track record of the IIW in bringing together high level people in a range of companies trying to tackle the difficult problems that need to be solved to make the vision a reality and
* the technology (standards and code) that are being brought forward via the I
dentity Commons community.

They agreed to Yadis a common service discovery method that would help their slightly different approaches work behind the scenes and then decided that Yadis as not such a good brand name and that is should be folded in and called OpenID.

These little guys had big hopes that OpenID would get adoption by large companies. It has been truly amazing to watch over the past two years as this collaboration that was cultivated by a community conversation has continued over the course of the Internet Identity Workshops – we are having our 6th one this May.

This space has been a neutral haven for all to express their views opinions and interest in different technological approaches. The Data Sharing Workshop and Summit build on this successful tradition and stack of technologies – it is the space where those inspired by the vision of data portability can get down into the details and make it real. Back to the TechCruch post:

The problem, though, is that the Big Four Internet companies that I mentioned above have made big press announcements about their support for OpenID, but haven’t done enough to actually implement it.

I agree with this statement AND there is some deeper issues that have yet to be addressed by the protocol itself to enable large sites to ‘trust’ (in the technical sense that the protocol flow will do what is says and can not be attacked) it. OpenID can be attacked from all sides (blackHat paper PDF outlining them). Bob Blakley from the Burton Group articulates the issues well here. David Recordon responded to a long critique of Stefan’s about the protocol. I think there is the potential to solve these issues but just ‘targeting’ the big players without addressing the real technical and social issues that are inhibiting large scale adoption is not fair.

Chris Mesina puts forward an in depth post articulating a shitlist, hitlist and wishlist around OpenID along with an update.

Great list highlighting things but it does not get to the heart of what in-the-end are the issues both technological and social that could limit adoption as ‘the’ solution to all that is needed for a people empowering identity layer of the web.

I look at all the progress happening in the Identity Commons community (here is our previous quarter’s reports) and have hope that solutions will emerge to address these challenges an “identity meta system” to work

* making it safe for users by making phishing really easy to prevent (this is where the card selector tools come in – CardSpace (MSFT) and the Higgins Open Source Card Selector (IBM, Parity, Novell-Bandit Project) Pamela Project relying party code)

* supporting selective and progressive disclosure (is done in a user friendly/repeatable way with cards)

* finding equitable legal frameworks and agreements for personal information sharing (Identity Rights Agreements Group is working on this and a gathering is being organized for this summer to address their development – many hundreds of thousands of legal work is needed to make this real)

* supporting automatic syncing and updating of information (this is where XRI/XDI and the Higgins Framework comes in)

* having third parties that mediate between end-users, their information and the market. (Yet to emerge businesses with new trust and business models – Project VRM is working on some of this).

OpenID is one part of a cluster of solutions – it will not solve these problems by itself (no matter how strong ‘they community’ or ‘the grassroots pressure’ because it is not sophisticated enough a protocol to do so. Those serious about really having these challenges address are invited to participate in the community and those who want to report on progress around an identity layer of the web need to look beyond ‘just OpenID’ and explore other proposed and emerging solutions that will together create an identity layer for web.

One great place to do this is at the upcoming OSIS (Open Source Identity Systems) Interop Event happening at RSA.
If you are reading this – you are interested but it is all making your head spin we have a Newbies 4 Newbies group that you can join and get peer-to-peer support from others engaging with this material (all or parts of it) for the first time.

Interopping times 2 at RSA

OSIS Interoperability Demonstrations
TUESDAY April 8th 11:00 AM – 6:00 PM
Moscone South, Mezzanine Level Purple Room 220

To be able to see this you need to get an expo pass. See below on how to get one.

OSIS User centric identity network interoperability between identity providers, card selectors, browsers and websites demonstrates how users can ‘click-in’ to sites via self-issued and managed information cards, or i-cards. Open ID, Higgins Identity Framework, Microsoft CardSpace, SAML, WSTrust, Kerberos and X.509 components interoperate within an identity layer from open-source parts.

I am really excited about this 3rd Interop – for one it is ALL Day not just an evening – I also heard they are going to have comfy chairs. To be able to see this you need to get an expo pass – one way to get it is to attend the other Interop Event.

This one is also exciting – put on by the Concordia project at RSA on Monday April 7th from 9am-12:30pm.

Registration is free of charge, and you must register for the workshop in order to attend the Concordia event, whether you’re an interop demo participant or not! Register for the workshop on the RSA registration site. Use the registration code 148CON. This will also give you a free expo pass that you can use to attend the tradeshow portion of the Conference Tuesday through Friday.

I will be attending both and I encourage everyone interested in the topic and tracking the evolving state of the technology to do so.

Why now with the Data Sharing Workshop/Summit?

Link to the Data Sharing Workshop and Summit.

There is a lot of energy right now around different ideas on how to share data across social media sites. Based on current discussions on the lists and other places, it is clear that a range of potential standards and approaches are emerging.

The energy feels a lot like it did when Phil, Doc and I called the first Internet Identity Workshop – at that time there was a cluster of people thinking about and working on different technologies around user-centric identity. We had been meeting other conferences, but we had not spent time together to really hear different proposed approaches. They all had similar ideas. We recognized this and realized that if we brought them together, it would lead to the emergence of shared understanding and interesting alignments.

At IIW 1 the first day involved participants presenting their different approaches to user-centric identity. The second day was open space – an organized way to support critical conversations that emerged out from listening to all the presentations the day before. It was on that day that the serious conversation between Brad Fitzpatrick & David Recordon’s OpenID(1), Johannes Earnst’s LID, Drummond Reed’s xri/inames all had a conversation that lead to a commitment to meet up a month later and that conversation became Yadis – a group that was joined by SXIP a few months later and then a few months later this was all folded in and became OpenIDv2.

Another outcome of the Internet Identity Workshop has not matured yet but it is coming along. The card selector metaphor, interfaces and client code to do it are starting to be tested and deployed. The cooperate between Kim Cameron and his Microsoft team with IBM and the Higgins & Bandit open source projects has been fostered at these events. The OSIS (Open Source Identity System) Project and Concordia projects are both doing workshops interoperability testing at the forthcoming RSA conference. OSIS has over 200 test in their Interop. The range of actors (standards efforts, open source projects, commercial projects and companies) collaborating is impressive.

Phil, Doc and I didn’t know that these would be an “outcomes” of the event and certainly did not have it as a “goal.” What we did know was that by getting people together to share their ideas, technology approaches and standards, some good would happen – that is, collaboration, synergy and actual investment in and diffusion of user-centric technologies. We also chose a format with open space that left an open playing field – we were not deciding who got to talk, about what or when. This explicitly neutral unpolitical way of organizing also facilitated the collaborative environment.

My goal for the 2nd Data Sharing Summit is to bring together participants from

1) the large companies with 10s of millions of users like Microsoft, Google, Yahoo!, MySpace, Facebook, AOL, Amazon, eBay etc.

2) Small and Medium sized ‘web 2.0’ sites like LinkedIn, RapLeaf, Eventful, Dopplr, Linquia, Dabble, 30Boxes, Magnolia the whole range of Web 2.0 startups that are focused on services for people that involves peoples data.

3) The Standards Guys (Both adhoc and formal) Those putting forward a range of different approaches being proposed for managing the personal data/social network problem. This includes people from the user-centric identity efforts, semantic web standards and tools,

4) Social/Legal/Policy Implications Those thinking about and addressing the social and legal implications of the emerging technologies.

Bringing this range of people together will be key ingredient to getting this gathering be fruitful – I know because of who they are and the passion they have for the topic it will be. I am not going to define ahead of time “what the fruit looks like”

My hope is that there are some similar approaches that can discover each other “now” rather then a year from now when they are ‘going to market’ and decide to cooperate and merge efforts sooner rather then later (like happened with OpenID).

I asked two colleagues who will be attending what he thought the goals were:
* To establish shared consensus about the meaning of data sharing and portability for Internet users.
* To articulate a roadmap for how this can be achieved (and for determining “when we are there”).
* To understand what parts of this roadmap are technical and which are business/social/political/legal.
* To understand which technologies are available and which are emerging to achieve the roadmap.
* To determine how to move forward on the business/social/political/legal challenges.
* get disparate orgs ot work together
* get consensus on standards – and feedback
* identify missing standards
* get testing and compatibility labs -set up!
* and from an evangelistic POV – get Opt-In include din all systems

I think all of these will move forward in the format of Open Space and the collective participation and discernment at the beginning middle and end of the conference.
You can add goals here.

When I think about this gathering the big questions include:
* how do people link their information together across platforms with different services?
* how are permissions managed?
* what are the policies that apply?
* what standards exist?
* what code / frameworks are available to do this?
* what does it mean when my blog is the center of my network?
* is there a standard way to update presence?
* how do the identity tools (openID, oAuth, card selectors, data linking) apply?
* how do semantic web frameworks apply?

I hope to create a high-level professional community that is very engaged with these issues because they want to empower their users to have a copy of their data, to be aware of how it is used and to be able to use their data in interesting ways.

I also hope that a community will emerge that will work together, compete over different options and in the end solve the challenging set of problems that need to be addressed to get data sharing to work.

Does OpenID meet P___/Activist test yet?

Beth Kanter one of my favorite nonprofit tech friends Twittered this article The Cute Cat Theory Talk at eTech.

It puts forward an interesting hypothesis:

Based on my Tripod experience, I’d offer the hypothesis that any sufficiently advanced read/write technology will get used for two purposes: pornography and activism. Porn is a weak test for the success of participatory media – it’s like tapping a mike and asking, “Is it on?” If you’re not getting porn in your system, it doesn’t work. Activism is a stronger test – if activists are using your tools, it’s a pretty good indication that your tools are useful and usable.

The article goes continues summarizing a half dozen or more examples of how tools on the web have been used for activist purposes. It is an amazing list and worth the read.

I guess I am wondering if OpenID has been used for activism yet? I know that I have been evangelizing the concept in the NPTech community for longer then anywhere else – beginning at NTEN’s Nonprofit Technology Conference (NTC) in 2004. I am still not sure that it has sunk in or that they have figured out how to use it. Unfortunately I will not be at the NTC this year to find out.

Sorry – I am really trying to get openID to work on this hoster (well my tech person Lucy is) there is still something not working. So if you want to comment either link to this blog post and say it on your own site or send me e-mail kaliya (at) mac (dot) com. If any of you OpenID tech folks want to see if you can help her solve the problem let me know I will put you in touch.

Geeks and Social Algorythms

There is lots of coverage of the inventor of Dungeons and Dragon Mr. Gygax. I have spent a few days working with material about reputation and the difference between human knowing reputation and computational reputation. I have been thinking about how geeks and those coding social software and how for me as a community organizer it so often misses the mark. This excerpt made me chuckle cause it reminded me of part of the reason why. From the NYTimes:

Geeks like algorithms. We like sets of rules that guide future behavior. But people, normal people, consistently act outside rule sets. People are messy and unpredictable, until you have something like the Dungeons & Dragons character sheet. Once you’ve broken down the elements of an invented personality into numbers generated from dice, paper and pencil, you can do the same for your real self.

For us, the character sheet and the rules for adventuring in an imaginary world became a manual for how people are put together. Life could be lived as a kind of vast, always-on role-playing campaign.

Don’t give me that look. I know I’m not a paladin, and I know I don’t live in the Matrix. But the realization that everyone else was engaged in role-playing all the time gave my universe rules and order.

We geeks might not be able to intuit the subtext of a facial expression or a casual phrase, but give us a behavioral algorithm and human interactions become a data stream. We can process what’s going on in the heads of the people around us. Through careful observation of body language and awkward silences, we can even learn to detect when we are bringing the party down with our analysis of how loop quantum gravity helps explain the time travel in that new “Terminator” TV show. I mean, so I hear.

Social Network Stack proposed by Phil

My friend Phil Wolff over at Skype Journal has been thinking about Social Network Stack – He had a great diagram there and describes it this way:

We need a new stack to sort out social media’s plumbing.

Introducing the Social Stack’s Six Zones of Interoperability.

* ID (Account lifecycles, Login)
* Sync (Profile, Contacts, Objects)
* Permission (Policy, Licensing)
* Find (People Search, Discovery, Gatekeepers)
* Action (Group Actions, Relationship Actions)
* Now (Alerting, Presence)

Community providers like Skype stand to gain as their architectures first recognize/design, then adopt and apply the Social Stack’s standards. As with the first stack, the Social Stack will attract:

* Engineers amazed and delighted at how convenient it is to build solutions or integrate existing systems by using well documented patterns and protocols.
* Entrepreneurs hungry for the chance to build unique value atop commodity plumbing
* Capital seeking to unleash new markets
* Consumers flying to seamless onlife experiences

Newbies 4 Newbies Call Tomorrow

If user-centric identity, the identity meta-system, identity commons and all this stuff is confusing.

You are wading through all this content on these blogs and wikis and going “AHHH! I just want someone to explain it.”

Well we have the group for you!

Newbies 4 Newbies formed not to be “experts” explaining it to new folks but instead to support new people sharing with each other resources that they found helpful and to challenge the ‘older’ members of the community to better explain things.

The group has a mailing list and is having its 2nd conference call tomorrow :) Newbies are welcome :) Click on their wiki page for details – call number to be posted shortly both there and on the mailing list.

Lessig on the FCC and Internet

Lessig is on to corruption this is quoted from a recent interview he gave on the subject:

One of the biggest targets of reform that we should be thinking about is how to blow up the FCC. The FCC was set up to protect business and to protect the dominant industries of communication at the time, and its history has been a history of protectionism — protecting the dominant industry against new forms of competition — and it continues to have that effect today. It becomes a sort of short circuit for lobbyists; you only have to convince a small number of commissioners, as opposed to convincing all of Congress. So I think there are a lot of places we have to think about radically changing the scope and footprint of government.

Most interesting to me was when I was doing research very early on about this, and I talked to someone who was in the Clinton administration. They were talking about Al Gore’s original proposal for Title VII of the Communications Act. Title II deals with telecom and Title VI deals with cable and Title VII was going to be an Internet title. And Title VII was going to basically say, no regulation except for minimal interconnect requirements — so it would be taking away both DSL and cable and putting them under one regulatory structure that minimized regulation of both. When this idea was floated on the Hill, it was shot down. The answer came back was, “We can’t do this! How are we going to raise money from these people if we’ve deregulated all of this?”

So I completely agree. I think we’ve got to recognize that the way the system has functioned is to insinuate regulation in all sorts of places that aren’t necessary in order to fuel this political machine of fundraising. There’s this great speech of Ronald Reagan’s in 1965 where he talks about how every democracy fails, because once people realize they can vote themselves premiums, that’s what they’re going to do, and they’ll bankrupt the nation. Well, he had it half right, in the sense there’s a system where people realize they can vote themselves the benefits and destroy the economy. But it’s not the poor who gathered together and created massive force in Washington to distribute income to them. It’s this weird cabal of politicians and special-interest insiders that have achieved this effect. Basically, they can pervert the economy and growth in ways that protect and benefit certain interests.

UK to start fingerprinting ALL passengers on domestic flights

This was on Slashdot today…and in the Telegraph:

For the first time at any airport, the biometric checks will apply to all domestic passengers leaving the terminal, which will handle all British Airways flights to and from Heathrow.

The controversial security measure is also set to be introduced at Gatwick, Manchester and Heathrow’s Terminal 1, and many airline industry insiders believe fingerprinting could become universal at all UK airports within a few years.

All four million domestic passengers who will pass through Terminal 5 annually after it opens on March 27 will have four fingerprints taken, as well as being photographed, when they check in.

To ensure the passenger boarding the aircraft is the same person, the fingerprinting process will be repeated just before they board the aircraft and the photograph will be compared with their face.

BAA, the company which owns Heathrow, insists the biometric information will be destroyed after 24 hours and will not be passed on to the police.

It says the move is necessary to prevent criminals, terrorists and illegal immigrants trying to bypass border controls.

The company said the move had been necessitated by the design of Terminal 5, where international and domestic passengers share the same lounges and public areas after they have checked in.

Without the biometric checks, the company says, potential criminals and illegal immigrants arriving on international flights or in transit to another country could bypass border controls by swapping boarding passes with a domestic passenger who has already checked in.

Keen attacks the “identity dog’s” right to exist.

In my home town paper the headline was Disconnect 1st Amendment from Internet hatemongers. The LA times version was Douse the Online Flamers: Faceless Internet sadists who ruin reputations don’t deserve full free-speech protection. Written by Andrew Keen the Cult of the Amateur guy – who wrote the book to get attention and blogs himself .

It begins with our little friend the “identity dog“.

THE CARTOON isn’t as amusing as it once was. “On the Internet, nobody knows you’re a dog,” one Web-surfing canine barked to another in that 1993 classic from the New Yorker. Back then, of course, at the innocent dawn of the Internet Age, the idea that we might all be anonymous on the Web promised infinite intellectual freedom. Unfortunately, however, that promise hasn’t been realized. Today, too many anonymous Internet users are posting hateful content about their neighbors, classmates and co-workers; today, online media is an increasingly shadowy, vertiginous environment in which it is becoming harder and harder to know other people’s real identities.

It goes into depth about several cases where anonymous online speech was harmful to people online.
And ends with him too..

All three of these cases indicate that the U.S. Supreme Court soon might need to rethink the civic value of anonymous speech in the digital age. Today, when cowardly anonymity is souring Internet discourse, it really is hard to understand how anonymous speech is vital to a free society. That New Yorker cartoon remains true: On the Internet, nobody knows you’re a dog. But it is the responsibility of all of us — parents, citizens and lawmakers — to ensure that contemporary Web users don’t behave like antisocial canines. And one way to achieve this is by introducing more legislation to punish anonymous sadists whose online lies are intended to wreck the reputations and mental health of innocent Americans.

I just finished reading Daniel Solove the Future of Reputation.
It goes in to great detail about the different forms that violations of privacy and reputation can happen and what the law has had to say about it.

One of the most important things to remember is that Virtue of Anonymity this is covered on page 139 of the chapter on Free Speech, Anonymity and Accountability (PDF).

The saga ofArticle III Groupie demonstrates how easy it seems to be anonymous on the Internet. A person can readily create a blog under a pseudonym or can post anonymous comments to blogs or online discussion groups. According to a survey, percent ofbloggers use pseudonyms rather than their real identities. Anonymity can be essential to free speech. As the Supreme Court has noted: “Anonymous pamphlets, leaflets, brochures and even books have played an important role in the progress ofmankind. Persecuted groups and sects from time to time throughout history have been able to criticize oppressive practices and laws either anonymously or not at all.”60 Anonymous speech has a long history as an important mode of expression.

Between 1789 and 1809, six presidents, fifteen cabinet members, twenty senators, and thirty-four congressmen published anonymous political writings orused pen names. It was common for letters to the editor in local newspapers to be anonymous. Ben Franklin used more than forty pen names during his life. Mark Twain, O. Henry, Voltaire, George Sand, and George Eliot were all pseudonymous authors. Indeed, James Madison, Alexander Hamilton, and John Jay published the Federal Papers under the pseudonym Publius. Their opponents, the Anti-Federalists, also used pseudonyms.62
Anonymity allows people to be more experimental and eccentric without risking damage to their reputations.63Anonymity can be essential to the presentation ofideas, for it can strip away reader biases and prejudices and add mystique to a text. People might desire to be anonymous because they fear social ostracism or being fired from their jobs. Without anonymity, some people might not be willing to express controversial ideas. Anonymity thus can be critical to preserving people’s right to speak freely.

He goes on to talk about the problems that non-accountable anonymous speech can create.

One page 148 he gets to Balancing Anonymity and Accountability. It covers “John Doe” Law suits and the Issues around Section 230 immunity – that ISP’s and other hosters like Yahoo! or even me on my blog are not responsible for what others say in online spaces we provide. The and cases that Keen points to are the result of the failing to find a way to apply Section 230 immunity well.

Solove proposes asks “What Should the Law Do?”

Although existing law lacks nimble ways to resolve disputes about speech and privacy on the Internet, completely immunizing operators of websites works as a sledgehammer. It creates the wrong incentive, providing a broad immunity that can foster irresponsibility. Bloggers should have some responsibilities to others, and Section 230 is telling them that they do not. There are certainly problems with existing tort law. Lawsuits are costly to litigate, and being sued can saddle a blogger with massive expenses. Bloggers often don’t have deep pockets, and therefore it might be difficult for plaintiffs to find lawyers willing to take their cases. Lawsuits can take years to resolve. People seeking to protect their privacy must risk further publicity in bringing suit.

These are certainly serious problems, but the solution shouldn’t be to insulate bloggers from the law. Unfortunately, courts are interpreting Section 230 so broadly as to provide too much immunity, eliminating the incentive to foster a balance between speech and privacy. The way courts are using Section 230 exalts free speech to the detriment ofprivacy and reputation. As a result, a host ofwebsites have arisen that encourage others to post gossip and rumors as well as to engage in online shaming. These websites thrive under Section 230’s broad immunity.

The solution is to create a system for ensuring that people speak responsibly without the law’s cumbersome costs. The task ofdevising such a solution is a difficult one, but giving up on the law is not the answer. Blogging has given amateurs an unprecedented amount ofmedia power, and although we should encourage blogging, we shouldn’t scuttle our privacy and defamation laws in the process.

He concludes

Words can wound. They can destroy a person’s reputation, and in the process distort that person’s very identity. Nevertheless, we staunchly protect expression even when it can cause great damage because free speech is essential to our autonomy and to a democratic society. But protecting privacy and reputation is also necessary for autonomy and democracy. There is no easy solution to how to balance free speech with privacy and reputation. This balance isn’t like the typical balance ofcivil liberties against the need for order and social control. Instead, it is a balance with liberty on both sides ofthe scale—freedom to speak and express oneselfpitted against freedom to ensure that our reputations aren’t destroyed or our privacy isn’t invaded.

As I have tried to demonstrate in this chapter, a delicate balance can be reached, but it is not an easy feat. In many instances, free speech and privacy can both be preserved by shielding the identities ofprivate individuals involved in particular stories. With the Internet, a key issue for the law is who should be responsible for harmful speech when it appears on a website or blog. Much speech online can be posted by anybody who wants to comment to a blog post or speak in an online discussion forum. Commentators can cloak themselves in anonymity and readily spread information on popular blogs and websites. The law currently takes a broadly pro–free speech stance on online expression. As a result, it fails to create any incentive for operators ofwebsites to exercise responsibility with regard to the comments ofvisitors.

Balancing free speech with privacy and reputation is a complicated and delicate task. Too much weight on either side ofthe scale will have detrimental consequences. The law still has a distance to go toward establishing a good balance.

Andrew Keen is an ‘attention seeker’ (I had a ruder phrase in here but thought better then to publish it)- he is writing to be provocative, get attention and called upon to play the role of the ‘other side’ in a community that is experimenting with a range of forms of openness that challenge traditional or entrenched ‘expertise, authority and hierarchy’. Those threatened by emergence of power via new technologies ‘like’ what Andrew has to say. I think it is irresponsible for Andrew to call to the end of the First Amendment’s protection of Anonymous speech online because some small percentage of people are hurt by this – clearly there needs be some evolution in the law and the practices that we have to balance privacy and freedom.

Community to Community Diplomats and Diplomacy

I have been thinking a lot about how the different communities working on different aspects of open standards innovation for the web can understand how they are working together with each other – in relationship.

Community Diplomacy is the name I propose for a set of patterns and practices that already happens. By naming it and recognizing the people who do it – clarity could emerge.

Community Diplomat This is perhaps a new ‘role’ that if named in community can help bring clarity. These people can some times be called ‘evangelist’ but not necessarily. They are ‘sent out’ by one community on a mission to connect with and build relationship with another.

An example of this would be how Thomas Roessler Security Activity Lead at W3C have both done this for our respective communities. I first met Thomas at the W3C workshop Toward a More Secure Web – W3C Workshop on Transparency and Usability of Web Authentication. I instigated the writing of two papers that articulated activity going on in our ‘user-centric’ community one about Yadis and one about Identity Rights Agreements. I was bringing news from my community and taking back information from the gathering.

A few months later Thomas came to the Identity Open Space (Like Internet Identity Workshops but produced in partnership with other groups lie Liberty Alliance and DIDW) in Vancouver following a Liberty Alliance Meeting. He contributed to our meeting and took information from there back to his community (W3C).

Neither of us was going to become ‘full members’ the other community but we quite explicitly were there to grow mutual understanding and increase information exchange between our two communities.

I think there are a few more terms to help us be clear about terms and intentions. To talk about how we and the communities we are connected to can inter-relate.

Community Bridges These are people who are explicitly working to link different communities together – using social network analysis we see that communities have a core and a periphery. I know people are a part of many many communities – for the sake of this post I will just talk about the links between two communities. network image

So there are several forms of being a bridge you can be:
At the core of both
At the core of one and periphery of another
At the periphery of both

It is important to remember the language of social network analysis is descriptive – cores are not better than periphery. The core of a network is the engine that ‘gets stuff done’ together they have strong ties – meaning the communication on those pathways is frequent AND they are all interlinked to each other. The periphery of a network has links to people in the ‘core’ but not to as intensely these are also called weak ties because communication happens less frequently. The periphery of a community is where new ideas come in through it is as important to healthy functioning as a connected core.

Drummond Reed is a great example of someone who is rooted in several communities and fully participates in them. He is at the core of the XRI/XDI community and is a very active participant in OpenID (he is on the board). He is at the core of both.

Adriana Lukas who is in the VRM community leadership is a great example of someone who is very active in the core of one community – AND participating at the margins of several others related to aspects of the identity and technology that are needed for VRM.

I would describe myself as being in the periphery of two communities the Nonprofit Tech Community and the Open Source Community. I relationships with people who’s day to day work is deeply focused in these areas. I have attended both their major conferences for the past several years and my work relates to both but I am not at the Core of either community.

Community Cultivators – these people sit at the core of a community and work to grow and take care of it. They are looking out for new people who might contribute and helping them find a niche in the system. While researching this article I found my friend Jean’s article about Field Building that describes this process too.

Examples from the past week of work:
I inviting the two guys I met at the identity meetup Ryan and Tony we had in NYC to join Newbies 4 Newbies cause they are both new to the community & interested in learning more. I also connected with Mike Ozburn a long time community member via phone and in talking with him thought he would be a great fit for the Enterprise Positioning Group as he is currently working with Sprint.

Community to Community Diplomats and Diplomacy in Action

I think that if we name these practices it will be easier to trust/know that we have informational and relational links between communities via articulating these articulated – not formal but at least named connections.

I am watching the group begin a research initiative to understand what communities efforts relate to their goals. I know that I did and still do a lot of research and outreach for the Identity Commons community dating back to 2004 – out reaching to the SocialPhysics project at Berkman, to Doc Searls etc….

I hope the language put forward here can help us all be able to understand how we are linked and seek to build bridges between our efforts. There will never be ‘one’ organization or effort that links everything – there will always be many different ‘attractors’ that have different missions, strengths and purposes. I would like to see some further articulation of the practices and patterns that people who play these rolls do.

Identity Commons structure is designed to support the kinds of links – the people to people – community to community along with explicit information flow between groups to foster loose connection and space for collaboration between groups. Heallth of the overall identity commons community can be measured by the number and nature of cross community linkages (people). I have a post coming out shortly about the balance between parts (working groups) and the whole and how the balance we have is working and how it can be maintained.

Porn Spam App infects Facebook and “no one” cares?

Mary Hodder has a post up titled: Trashing Our Social Relationships (with Porn) to Get Your Numbers Up. It is quite insightful about the issues that aries when investment is based on ‘numbers’ rather then qualities of relationship.

This situation expresses clearly the social ‘issues’ that arise with the ‘open identity layer’ or ‘social layer’ or meta-systems. The kinds of behavior enabled via the social graph being ‘traversable’. I hope that some reason can prevail and the acceptable norms can emerge soon.

I wonder how open standards for portable social network information will deal with these problems.

The Porn picture app this is what happens:

Nothing “happens.” Except that the message was forwarded to the one person I left checked. In other words. It’s trick porn spam, features courtesy of Facebook and Slide.

So I sent in complaints to both companies (neither have contacted me back after a month — guys, it’s a social network, you know how to reach me.. give it a try!!)

After a while, I called people in each company that I knew through the tech comany. And was appalled at the responses I got. Now, these are people I know socially, and they gave me the real answers, but with the expectation that I would not attribute to them. However, I am confident that their answers reflect the culture and real value sets within these companies.

Facebook pointed the finger at Slide (the app maker in this case), and said, “There is nothing we can do. We have no control over the apps people make or the stuff they send.” Oh, and if I wanted Facebook to change the rules for apps makers? I’d have to get say, 80k of my closest Facebook friends to sign on a petition or group, and then they might look at the way they have allowed porn spam to trick people into forwarding, but until then, there would be no feature review.

Slide said that they thought Facebook was the problem, because as the “governing” body, Facebook makes the rules and “Slide wouldn’t be competitive if they changed what they do, and their competitors weren’t forced to as well.” In other words, Slides competitors use the same features to get more users (or trick more users as the case may be) and Slide didn’t want to lose out on getting more users with similar features, regardless of the effect the features have on us and our relationships.

Also both companies told me that blogging doesn’t affect them, because they don’t read blogs. The only thing they pay attention to are Facebook groups. Because they don’t look at problems that a single person discovers.

So in other words, a person with a legitimate complaint needs to have massive agreement and numbers in a Facebook group before these companies will even discuss a problem.

And, Slide and Facebook are willing to trash our relationships (real relationships) in order to get more numbers.

Now, note that many of the folks who sent the various porn spam (not just the ones in the photos above) sent very apologetic notes, because they were mortified that they had send their contacts porn spam.

Think about that. Your social networking / application software tricks you into doing something terribly socially embarrassing and you have to apologize? Wo. That’s really messed up.

In other words, your social networking software / applications are, gasp, anti-social.

So I have to ask, if these young boys (Zuckerberg, the app makers in the class at Stanford, etc) are so clueless about relationships and social protocols, that they would build apps and a system that promotes bad behavior like this, where are their mentors? Where are their funders (who presumably have some input and sway into what’s going on)? Why aren’t Peter Thiel and Dave McClure or even Jeff Clavier (who sounded like he was trying to or has invested in some of the guys from the apps class at Stanford) advising these people that while they are experimenting, that these are real established relationships, and Facebook is now mainstream, and therefore the apps can’t do this to people? I mean, it seems logical (and has happened in cultures around the world for millennia) that older, wiser men would advise young, clueless hormone driven boys how to act in the community. And what of Max Levechin? I mean, he’s kind of in the middle, age wise, but shouldn’t he know better than this?

Is the desperation for fame and money so great, that people would simply eschew social concerns in favor of ratings which then equal higher company valuations, and more billions on paper? Or do you want your claim to fame to be: “At least 15 million minutes wasted” from your experiments on Facebook (as I would imagine the Stanford student described above could claim)?

I guess the answer is yes, and so my response is, I can’t trust Slide, or Facebook. Nor do I have respect for their founders if this is the way they handle themselves and their companies.


Well, I remember having a conversation … Facebook as a whole, and a lot of people in general, were persuaded by the argument that You don’t want to get into legislating moral behavior. And really, it’s bad enough in government, but its more than just odd to put that kind of responsibility in the hands of programmers, its a horrible nuisance for those people that just want to build web applications.

But now they are on the long slope after achieving market dominance … they have to go back and tune all this stuff. Since they didn’t sell the company, they might not have a conflict of interest in restricting and redesigning the ACLs.


What the Heck is Identity Commons?

The purpose of Identity Commons is:

The purpose of Identity Commons is to support, facilitate, and promote the creation of an open identity layer for the Internet — one that maximizes control, convenience, and privacy for the individual while encouraging the development of healthy, interoperable communities.

This one sentence jams a lot into it – we tried to do that so the purpose didn’t go on and on – but was clear, broad and inclusive of the range of issues that need to be addressed and balanced. Jamming so much into that one sentence also creates a challenge – it has to be ‘parsed’ quite a bit to get what it all means. I worked with Chris Allen recently to separate out the values within the purpose and our community. This is our initial draft that is still evolving (wordsimthing suggestions are welcome).

We believe in the dignity of human individual in the context of the digital world.

In order to make this true we strive for a balance of factors and valuesas digital systems and tools evolve:

  • Individual control, convenience & privacy
  • Sharing of information when participating in community
  • Support for commercial and non-commercial exchange
  • Interoperability and openness between systems

We work to bring these values into practice by fostering a collaborative a community of individuals, organizations and companies share these values and are working together towards practical technical implementations.

We share a pragmatic idealism.

We work to practice what we preach and have openness and transparency in what we do.

We do know there are a lot of technical social and legal issues that arise and Identity Commons is a space that make it possible to in a non-directive non-hierachical way address them in a collaborative way.

We also have some shared principles mostly concerning how we organize ourselves and work together. Each has a sentence to articulate it further.

1. Self-organization
2. Transparency
3. Inclusion
4. Empowerment
5. Collaboration
6. Openness
7. Dogfooding

What the heck is an “open identity layer” – well we don’t exactly know but we do have a community that has come together some shared understanding and continue to ‘struggle’ with what it means and how it should work. Identity Commons provides a ‘common’ space to work on this shared goal by facilitating dialogue and collaboration.

Kim Cameron introduced the terminology “identity meta-system” and articulated what that might mean. The Laws of Identity were put forward by him along with some additional ideas by other community members.

There is no “decider” or group of deciders or “oversight committee” as part of Identity Commons ‘directing’ the development of the “open identity layer”.

We are a community collaborating together and working to exchange information about our independent but related efforts working towards the vision. The way we do this is via the working group agreement.

  1. Asking each working group to articulate its purpose, principles and practices by filling out a charter – this helps us be clear about how different groups work and what they do/are planning on doing
  2. Stewards review proposed working group charters – ask questions, consider were there are synergies, and see if they are aligned with the purpose and principles
  3. A vote of the stewards council is held
  4. Working Groups agree to report quarterly on their activities to remain active as groups of the organization – this also is our core ‘inter group communication mechanism – so that you don’t have to be on 20+ mailing lists to know what is going on in the community.

More about Stewards:
Each working group has one steward and an alternate for the stewards council.

The stewards are responsible for the things IC holds in common – the brand and its integrity and common assets (like the wiki and bank account). It does not ‘direct things’.

Stewards have (an optional) monthly phone calls and discuss and make decisions on a mailing list (that anyone can join).

More about Working Groups:
There are working groups within Identity Commons that support the community collaborating – the stewards council does not ‘run’ these groups but they serve the community and our efforts together- The Internet Identity Workshop, IC Collaborative Tools, Idnetity Futures, Id Media Review, Identity Gang, Marketing and Evangelism.

Working Groups come in several forms:
They can be an group of people with a passion to address something they feel needs to be addressed to get to the big vision. They want some wiki space and a mailing list to talk about the issues. Examples include Enterprise Positioning, Inclusive Initiatives, Identity Rights Agreements.

They can be an existing project that are part of a larger organization, Higgins is an example of this – they are a project of the Eclipse Foundation.

They can be something that grew out of conversations in the Identity Commons community and found a home within another organization like Project VRM (charter) has as part of the Berkman Center and will likely become its own ‘organization’ independent of Berkman by the end of the year.

They can be completely independent nonprofit organizations with their own boards, governance, bank account etc. examples include and OpenID.

Some just get technical stuff done as part of IC like OSIS (doing its 3rd Interop at RSA in a month), and Identity Schemas.

Benefits to being explicitly a part of the IC Community.

clarity about each groups purpose, principles, and practices – so that collaboration is easier.

sharing of information via the collaborative tools and lists, along with the required quarterly reporting,

We “don’t know” what an identity layer looks like but we do know it needs to have certain properties to make it work for people the extensible nature of IC gives people the freedom to start a new group that addresses an aspect of the vision. This is the page on the IC wiki that explains our organizational structure.

We are a community.
We are a community more then “an organization” and joining does not mean subsuming a group identity under IC but rather stating a commitment to a shared vision, common values and commitment to collaboration.

A touch of formalism can help create great clarity of group pratices (governenace), leadership, intention, and focus. Not needed for small groups of 12 people doing one thing- helpful when you scale to the 1000’s of people working on the big vision. IC through its groups structure has 1000’s of people participating helping to innovate the technology and think about the social and legal implications.

We are not about “a solution” or “a blue print” there will be multiple operators and multiple standards – yes like the web there may one day be ‘standard’ that emerges just like TCP/IP did and HTML/HTTPS – however it is way to early to promote or be behind “one” thing, it is not to early to start collaborating and building shared meaning and understanding and interoperability between emerging efforts.

Identity problems in the digital realm are as much about technical issues as they are about the social implications and legal issues. Identity Commons explicitly makes space for the social and legal issues to be deal with in relationship to the technologies as it evolves.

In closing there is a background (shorter) and a history (longer) written about the community as it evolved.

IC and Data Portability

Here are some question asked in a recent conversation on the lists about IC along with my responses.

Maybe the Identity commons should be trying to set boundaries as being purely about identity?

An “open identity layer” that touches so much and there needs to be a “common space” to nash through the vastness of the problem – to deal with the technical, social and legal issues around people sharing their information in community and business contexts. We have this ultra extensible form and broad purpose to enable this to happen – there is “no committee in charge” no “one” or “company” or “group” is deciding what we “do” – we are a loose conglomeration that shares vision and values. Working independently but connectedly and commited to collaboration. It It is an ‘unconventional’ model that that is working to supposed and connect diverse conversations and technical efforts together.

Can we instead resolve that we promise to incorporate any decisions made by Identity commons as being part of our blueprint?

There are no “decisions made by Identity Commons” read our principles – we are a cluster of working groups that work independently.

Your blueprint (as a side note why there is still ‘one blueprint’ and not ‘blueprints’ plural at the very least or preferably ‘reference implementations’ in the plural form is still a mystery to me) will likely draw on tech stuff groups in IC have been working on for a while. Why not be a part of the ‘commons’ that they are a part of?

My perception of IDCommons is that it’s about Identity, and in your words, interoperable user-centric identity.

Most of the people who have been involved for the past several years got involved to help people have control of their ‘data’ – their identity the informatoin about them is part of what composes their identity. they didn’t get involved to ‘invent’ an identifier layer that didn’t “do” anything

I see DataPortability being about data sharing (in a technical sense)Identity is clearly a very important part of that but I don’t see much at all on IDCommons about data sharing. It’s as though DP has a wider scope of which IDCommons is a major part.
The exceptions to this view are

  • Identity Schemas group
  • Photo Group
  • Data Sharing group

None of which seem to have much activity.

* OpenID has attribute exchange and Discovery in it – all about data sharing.
* Higgins & Bandit and the Pamela project ALL about infrastructure for card based tools that are all about data sharing for people.
* Project VRM all about how to create a new industry model to revolutionaize CRM and put individuals in charge of their data in radical new ways when relating to companies they do business with.
* I-brokers – their job is to stor data about people and have it be trusted.
* IRA – Identity Rights Agreements – all about how we create human understandable terms of service and norms in this area (it is a huge project and has interested folks but really needs a multi hundreds of thousands of dollars in legal work to ‘do it’).
* XRI and XDI two standards with roots in IC all about data sharing that can be applied to both peoples personal data and other forms of data that have nothing to do with people.
* OSIS is the Open Source Identity System and having its 3rd Interop event at RSA (The major security conference) in April with over 200 tests between relying parties, identity providers and (user-agents) card selectors. this group is ‘only’ a working group of IC (it does not have its own independent legal entity/or affiliation with another one as a project). People moving data around is what all this card stuff is about.

So. I am not sure where we have groups that are not in some way focused on this problem area.

DP is just the latest in a long line of initiatives that recognises the same underlying problem but none of the previous initiatives have captured mind share or really got traction.

Our goal is not to ‘capture [public] mind share’ (does the W3C, OASIS or IETF capture public mind share?) our goal is to facilitate the range of technical, social and legal initiatives that all need to happen to get and identity layer of the web – that shares people’s data in privacy protecing, conveninent and under their control. It is a huge problem – with many elements – having a loose community structure (with a slight bit of formalization) is actually working in some way to move this forward.

I think we’d be missing a lot if we scoped DP as a specialization of an “open identity layer”.

What do you think moving peoples personal information arournd – data portability is about. It is about building an ‘identity layer’ of the internet – for people and people’s DATA.

Chris has said a few times the scope of DP is to be narrow for now and focused on solving the data portability issue between mainstream social networks. This seems like something that fits into the purpose quite well.

Yes all data for all things needs to be moved around AND a good deal of data is created by people for people about people and the things the they do – hence the synergy.

Seems like semanitcs – when we wrote this purpose about two years ago this was the best we could do to describe this ‘vision’ it is VERY broad.

If DP wants to go beyond ‘people’ data that needs to move around GREAT – however much of that will be created by organizations and companies (that have identities).

Related Posts: What is Data
What the Heck is Identity Commons?

What is Data

I have like many working for years on different aspects of building an identity meta-system where users have control. have been listening to and in some cases contributing to the conversations at for a few months.

There seems to me to be two different but interrelated energetic focuses in the DP group

* one is evangeslistic and pushing a message out – out into the mainstreatm.

* the other is technical – around what tech to use, how to implement it, what ‘action to take’. (much of the activity around technical side of the identity stuff needed has been happening in the context of the Identity Commons community for several years)

* the policy group is relatively quite in DP (and at IC) this critical aspect is needed but there has yet to be a center of gravity around this in the world yet. When I look out on the landscape I see several nascent conversations and hope that those nascnet conversation leaders can be brought together – so a gravitational center that is collaborative between all the trains of thought can form and really get this to happen (it requires significant funding – brain power etc).

One of the community leaders said “the value of DataPortability is that it is a brand that can represent multiple communities.”

Another leader stated this “DP has a very specific goal. To research, document for mainstream consumption and evangelize best practices for DataPortability.”

It got me wondering about what DP’s brand “is”, if the primary focus “building a brand” and what will/does the brand mean and what does the organization do? The following are some crystalized ideas based on listening to and participating in the conversation. They are all very interesting possibilities.

* Does having the logo on your site mean something about how much control you give ‘users’/people the ability to move their data?

* Does it mean that ‘shared’ user data – the relationship that one user has with another or a record of a transaction that I did with a company – do both parties ‘own’ that information and have shared control over where it is ‘ported’ around?

* is it a public rallying call for ‘netizens’ to rally behind to demand that they have ‘data portability’ and with this large netizen organization go to ‘social network providers’ nd ‘demand’ that they install technology to make it easy?

* is it a ‘trade’ association of technology sites that agree to adopt open standards, do testing and hold each other accountable in getting this to happen?

* does it innovate the strong ‘business case’ for companies with large numbers of users (and those starting to grow the number of users) might actually spend development dollars that enable DP rather then ‘do it later’ after other key features are rolled out?

* is it a movement of advocates and net early adopters who want to create a buzz and “move” large social network providers to invest in the standards and technologies needed to support people being able to move their data?

* is it a place where the technical issues in making this vision a reality are figured out and the ‘answers’ (reference implementations) are promoted?

* Is it an ‘open brand’ that anyone can point to and ‘define’ for themselves and say they do it?

* Is it a brand like OSI (Open Source Initiative)that has an a process that defines what is and is not qualified ‘open source’ licence?

* Is it a brand that holds events to talk about the broad subject of Data Portabilty – (a vast problem – with many potential solutions)?

* Is it a “Movement” lead by a charismatic leader or group that has ‘followers’ (think Free Software as an example of this kind of movement)?

* is it an umbrella/coordinating space for different sector groups to find each other and collaborate on the shared by different problem space (health care, insurance, retail, nonprofit groups, airlines etc – etc) in an extensible way?

There is a related post about Identity Commons and DP
and What the Heck is Identity Commons?

Data Sharing Workshop and 2nd Summit

About a week ago I posted about the choice landscape we have for these events. No one seemed to have an opinion so we went with both and are having one event leaning more towards ‘the technical’ and another leaning more towards vendors with products and potential buyers.

The Data Sharing Workshop, April 18 – 19 at the SFSU, Downtown Campus.

The Data Sharing Summit, May 15, at the Computer History Museum. (immediately following the Internet Identity Workshop)

We received such a positive response to the Data Sharing Summit in September, 2007 and, given the ongoing emergence of different data sharing initiatives, such as, Social Networking Portability, the 1.0 release of the Higgins Framework, DiSO, MT activity feeds, etc. we decided that it was a good time to hold another summit.

Our purpose is to provide gathering spaces in which all parties can work together on the challenge of data sharing. We create the agenda the day it happens. It is about getting things done and figuring out the tough problems – there is no committee deciding who does or does not get to ‘present’ it is about breaking up and really diving in figuring out the solutions and building the consensus to get adoption.

Data Sharing Workshop Details

April 18-19, Friday-Saturday, SFSU Downtown Campus

We selected April 18th and 19th because it seemed like an ideal time to host this event, given that it falls in between RSA and Web 2.0 Expo. People who are the Bay Area from around the world will be able to participate in figuring out how to get data sharing to happen. Although the event will focus on technical aspects, it will also include social, legal and business issues related to data sharing. The space can accommodate up to 200 attendees.

This event is being co-presented by SFSU Institue for the Next Generation Internet

We decided to hold the event on Friday and Saturday to accommodate the needs of different attendees. If you are at a company that is focused on this work and you prefer not to work on weekends, you can attend Friday. Or if you are interested in the subject but are unable to attend due to work commitments, you can come on Saturday. Those who are highly dedicated can come to both days.

Data Sharing Summit 2 Details
May 15, Thursday, Computer History Museum, Mountain View, CA

This event will immediately follow the Sixth Internet Identity Workshop at the Computer History Museum in Mountain View CA. There will be a combined focus on technical work and on opportunities for vendors with solutions in this space to share and connect with potential adopters of Data Sharing tools.

You may want to arrive on the afternoon of May 14th to participate in Internet Identity Workshop activities relevant to DSS (such as the OSIS Interop). May 15th will be a long intensive day, ending around 5 or 6, in time for dinner. Because it is important to close the event together as a group, please make plans to be there all day. The space can hold up to 400 people.

If you are super into the topic of Data Sharing we highly recommend that you come to the [ Internet Identity Workshop] that precedes it.

The Problems, Offerings and Solutions that we put forward at the start of the first DSS is quite informative. Proposed topics and Outcomes are also lay the ground work for these next two events.

If you are interested in sponsoring please contact Laurie Rae at

Feel free to contact me if you have questions.

Internet Identity Workshop May 12-14

IIW2008 Registration banner

The Internet Identity Workshop is coming up May 12-4 … this will be 6th event. Phil has an announcement up – where you can find the gif to post on your blog :)

If you want to sponsor please contact Phil.

If you would like to help with the design – figuring out what happens Monday and some other time sculpting contact me – we are going to have a call this week to discuss.

I am really excited about this event for a few reasons. Things are happening – in a major way

  • Card Selector tools and technologies are being build and tested.
  • Convergence is happening (U-prove being bought by MSFT)
  • OpenID is becoming the new hot ‘buzz word’ according to my blogging friends and heard randomly in conversations in the valley by young ‘trying to start a company types’ to impress VC types.
  • The social issues are percolating in new ways and ‘demand’ for the movement of personal data is gaining real traction (
  • The OECD paper was just published that I had read small parts of before many months ago.
  • The Venn of Identity Paper written by Drummond and Eve is being published by the IEEE this month.
  • the IDTrust event that recently happened – went well and included many projects that have a home at IIW – hopefully some new folks will attend from the activities.
  • New people like Ryan are finding the problem of identity and learning about what is going on – and then explaining it.
  • Working groups founded at IIW – namely Enterprise Positioning and Newbies 4 Newbies both have mailing lists (Newbies, IdPositioning) and are holding regular calls.
  • The more vendor oriented day will happen on May 15th following IIW – it will be the 2nd Data Sharing Summit co-produced by Laurie Rae and I.
  • New social features on the web create new social practices – twitter, pounce, personal action or news feeds.
  • VRM is progressing and making presentations to ‘shift’ business logic.

Mashable: “privacy is just as important as openness”

Finally someone is not just hyping about portability without also considering the flip side.

(3) Privacy is just as important as openness. Where does my data end and yours begin? If you believe that users of Web 2.0 services have some inherent “right” to control their own data but that this data is in inexorably linked to the “social graph,” what “rights” do users have to control where “shared” data goes?