Identity Futures Dinner in South Bay Tonight

Sorry for this late notice on the blog but I just figured out where we are eating.

At the Internet Identity Workshop 2 weeks ago one of the session was about the Identity Futures work that we started last fall. We went over the events that we developed – see here.

John Kelly my collaborator developing them and those exercises couldn’t make IIW and we had a corum of folks who were in centered in the South Bay so we are having a meeting this evening over indian food to talk about next steps for this work.

If you are interested in this you are most welcome to attend. We are meeting at

We are meeting at 6 PM at Heritage of India 167 S Main St, Milpitas, CA 95035

PLEASE RSVP to me kaliya (at)

Identity Talk at Net Squared Year Three

Here are the relevant links from my talk on Identity at Net Squared.

US, Our Organizations and The Web: Leveraging Identity Tools for Collaboration

Why is user-centric Digital Identity Important?
Augmented Social Network: Building Identity and Trust into the Next Generation Internet 2003, Ken Jordan, Jan Hauser, Steven Foster.


Data Linking

XRI Wikipedia at OASIS
XDI Wikipedia at OASIS

Strong Eye
Kintera & XDI

Identity Blog – Kim Cameron MSFT Identity Architect
Higgins Project at Eclipse
OSIS – Open Source Identity Systems (interop work with over 50 companies and projects)

Vendor Relationship Management
Project VRM at the Berkman Center, Harvard

Collaboration Community for the Evolving Identity and Relationship Layer
Identity Commons

Vendor Relationship Management Workshop
July 10-12, Boston

Internet Identity Workshop #7
November 10-12, Mountain View
Data Sharing Summit #3


Identity Community Foundational Resources

Laws of Identity

OECD Paper: At the Crossroads: Personhood and Digital Identity in the Information Society

Additional White Papers of Interest

Accountable Net: Peer Production of Internet Governance

Appropriating Technology for Social Change

Movement as Network

Network Centric Advocacy 2003

Simple Open Standards you can adopt now
XRDS – Simple
Open Social

Data Sharing Summit Notes

The Second Data Sharing Summit was a great success here are all the notes summarized along with the links to the wiki. If you were in a session feel free to add more content to the wiki. We are sending out a survey in the next day and are currently planning on moving ahead with a 3rd summit in September a year after the first one.

Data Sharing Events (link to wiki)
Data Sharing Events are independent open gathering spaces where all parties interested in challenge of data sharing can work together.
* Affiliate with a something like IC to build credibility

Friend Connect etc.
(link to wiki)

  • Friend Connect is a Platfrom support of OpenSocial, not a data collection exercise
  • Makes any site an OpenSocial Container

Activity Data
(link to wiki)

  • More Information / Discussion is needed around the rules for exposing activity beyond that which is avaliable through RSS, APML, etc. (i.e. how to promote and standardize the sharing of activity data which is avaliable behind the wall, through oAuth and other standards)
  • Contact of the stream matters more that delivery mechanism
  • People who are consuming the new structure will likely encounter new types of Activity Structures

Digital Public
(link to wiki)

  • The models of people in our heads don’t fit into schemas.

Linked Data
(link to wiki)
Presentation will be up on
* Demo of
* Illustration of distributed social network
* How to add security

What’s Real & Tech Best Practices
(link to wiki)

  • Use OAuth & Portable Contacts
  • Tech Best Practice Will be updated

MySpace Profile (link to wiki)

  • JSon (Open Social), hCard | XFN or FOAF, SemWeb, OpenDD, Portable Address Book (Plaxo)
  • Persistent Data Agreements
  • User Types

Personal Address Manager using ID-WSF
Working Demo (link to wiki)

  • Discovery of Delivery Service disc
  • Clear use-case and flow
  • Discussion of iCard and point of “mosaic” authorization (mashup of dereferenccable claims)

R-Cards Demonstration and Discussion (link to wiki)

  • R-Cards enable a ‘feed’ not just claims
  • Setting up the relationship is:

* different and positioned orthogonal to login.
* sometimes longterm (not necessarily continuous), or 1x, or short term.

  • R-Cards need a common data format (or formats) for RP’s
  • 1 issuer, multiple claims (links) to multiple sources

(pagan -> ptolemic -> copernican -> newtonian -> einsteinian)
Event Attendance Data Sharing (link to wiki)

  • Add event data API to Open Social Spec

Service Providers Matrix From Data Sharing Summit (link to wiki)

This Group Session was to create a Service Provider grid that illustrated the state of what features are available and if providers are using open standards to implement them.

Grid idea came from Stacy Higgingbotham’s – Prying Open the Social Graph article on GIGAOM and Kaliya’s session recommendation on Comparing the ‘Openness’ Announcements.

Grid as produced in the session can be accessed here: (click on Service Provider name along the top to see what data was inputted)
-NOTE: Since this data was put on the grid by both representatives of the service providers as well as other attendees at the Summit- this data is not verified

Daniela Barbosa of the DataPortability Project Group has volunteered on behalf of the Data Sharing Summit and the DataPortability group to find a home for this grid so that it can be verified and expanded upon. Information to be posted here as that is finalized.

Laws of Data Sharing From Data Sharing Summit (link wiki)
Jeff Hodges and Bob Blakely

Key words and phrases

  • Profile
  • Friends
  • Attributes
  • Rights (legal)
  • Expectations
  • Identity
  • Relationship
  • artifacts
  • group
  • social graph
  • social contract
  • Permissions Metadata
  • Open XML format for contact info
  • Delete Account

Broad Questions

  1. What expectations are being set?
  2. Whose expectations Matter?
  3. How do we avoid confusion?
  4. What confusion has to be overcome?
  5. What language is “product specific” and what is “market” specific?
  6. How does “identity”, or the understanding of identity, relate to the benefit and threat of data sharing.
  7. What should be my expectation about “private” data
  8. What datasharing norms “cultural”

Principles of Data Sharing

  • Data Sharing principles should follow social norms — or at least not be destructive of social norms.
  • Context is critical to decisions and expectation about the sharing of data
  • Expectations about sharing should be clear to the parties…[and preserved “downstream”]
  • There can be no expectation of “private” information and all expectations should operate accordingly, unless modified specifically by social contract
  • The community should support standard “best practices” and policies about preserving “permissions”

Action Items

  • Bob Blakley and Dan Carroll to follow up with Mary Rundle about work on Creative-Commons-like icons for Data Sharing.
  • Compile a bibliography of existing work around data sharing.

Some additional comments:

  • This isn’t exactly a new topic. Lots of existing organizations who are already dealing with issues around data sharing.

Data Sharing and Privacy (link to wiki)
The common stories about social network portability are all about letting data flow freely. There are many purposes — personal privacy; community norms; legal risks; business competitive issues — that might cause people to want use discretion and context in social network sharing. In this session, we’ll brainstorm stories for social network data sharing that incorporate concepts of privacy and context.

Everything is locked down, private, non portable. Or everything is open, public, and free-flowing.

But data sharing and privacy are not black and white. In real life, people share and present information based on social context. There are gradations of privacy and information sharing.

There are interesting social trends as people negotiate the increased default level of fame in internet life. And cautionary tales about data sharing gone wrong.

Private information
There are times when it is right to share data in a way that preserves privacy. Family members use different photo services, and want to share photos with each other but not the rest of the world. A group working on mergers and acquisitions absolutely needs to keep information confidential. In these cases one give permission to family, friends, or business associates based on membership in a group.

Signal to noise, social context
There are many circumstances where information isn’t truly private. But people choose to share with smaller groups. Someone doesn’t want to bore all of their friends with information about knitting or rock climbing, when that information is relevant only to a few. Information about one’s political or religious affiliation isn’t a secret, but it may not be the information one chooses to share when meeting new people at a professional conference. In these cases, it would be useful to have the ability to create tags for the relevant groups, and share by tag. The tags can capture the nuances of subgroups: knitting hats vs. knitting sweaters, say.

Progressive disclosure
There are circumstances when people want to start by sharing with a smaller group, and invite more people. Or start by sharing a little bit of information about common interest, and later share more sensitive information.

Stream filter
The signal to noise and progressive disclosure patterns are about the person sharing information. Stream filtering is for the recipient. Sometimes one wants to “people watch” a diverse stream of information. And sometimes one wants to focus on the current work project, or upcoming social events. Stream filtering is used by individuals who want to apply a context to the information they receive.

People use identifiers — dress or email address — to represent more than one persona. The same person wears different clothes, with co-workers, at a customer meeting vs. a barbecue.

Personal vs. admin control
In organizations, there are some things that an individual may want to control, and some things that admins want to control. A person might want to share soccer pictures with the soccer league. An admin may want to ensure that people aren’t sharing the sports illustrated calendar widget.

Reuse of Shared Information
As feeds for status and information shared in one service with its given context are used in different services and contexts there are increasing difficulties thinking through the implications of extended use and reuse of shared information. Often Facebook or Twitter (as example) status messages are pulled into Skype, but the contexts can be quite different as one is playful and the other is business context and the same message that is humorous in one can be damaging in the other.

We talked about people’s experiences handling the increased visibility of internet life.

Managing one’s reputation
People share about their experiences in order to get their side of the story out and create a public image. Among digital natives, “it’s not a real breakup until you’ve listed it on facebook.

Handling fame
Before the internet, there were only a small number of people who had more followers than people can confortably manage socially. Now many more people do. More widespread fame means that more people have the issues with stalkers and pestering fans.

Cautionary and instructive tales
At the session at the data sharing summit, the conversation turned to cautionary tales about social data sharing gone wrong.

Failed white lies
Someone begs out of a work-related social event by claiming the flu. His boss discovers a picture on flickr of the guy wearing a skirt and holding a drink. The picture is timestamped at the same data as the work party. His boss sends him a note suggesting that that may not be an effective way to recover from the flu. The lesson here is that some things that feel private are more public than we think.

Social network molting
It is socially awkward to unfriend people. Some people get around obsolete lists of friends by “forgetting” their password and needing to invite their current lists of friends with a new password. The lesson is that declared, public friends lists are inherently awkward.

The ex-girlfriend effect
The list of “people you should know” in social network recommendations often includes exes and enemies. These are people who are part of your social graph – but you are not connected to directly. The algorithm doesn’t know that some gaps in the social graph are deliberate.

Chris & Chris on Data Portability

Chris Mesina has a great post up about data portability.

1) It dives into the semantic meaning of the phrase and issues it raises about the actual nature of what needs to be built – is it data a physical thing that is ported around? or is it a digital thing that can be copied and moved and is present in the cloud. The nature of the metaphor makes a difference

2) He articulates the relationship between OpenID along with OAuth and other open standards listed on DP’s home page as proposed standards in the “social stack” – (there is none officially)

3) The Risks associated with Data Portability are clearly articulated
* Who does DP speak for and how is that different from the perception of who it speaks for
* Privacy – is it being addressed well? can it be addressed well with the current approach? what are the risks to the technologies if it is not addressed well.

4) What is Good about Data Portability.
* The phrase has created a conversation that can be useful in teasing out the more gnarly issues involved in developing social applications. He is cautionary about this though if the phrase is misunderstood and people have bad experiences with it – does that mean the technologies will be perceived as failures and there is a retreat back to walled gardens.

He closes with this

I think the next evolution of the social web is going to be one where we take certain things, like identity, like portable contact lists, like better and more consistent permissioning systems as givens, and as a result, will lead to much more interesting, more compelling, and, perhaps even more lucrative, uses of the open social web.

This whole posts gets to the heart of the question we will be opening up the Data Sharing Summit with an “unpanel” on Thursday.

Data Sharing: What Could Go Wrong?
Bob Blakely from the Burton Group will open the conversation

What data is shared?
Who’s data is it?
Who should be able to move it? and under what conditions should they be able to do so?

Other Conversant are:
* Daniela Barbosa, (day job at Dow Jones)
* Marc Canter, Broadband Mechanics
* Jospeh Smarr, Plaxo
* Ken Kovash, Mozilla

Should be very interesting getting to the heart of these matters.

If you care to read it Chris Saad has a response to Factory Joe’s post here.

Comparing the “Openness” Announcements

I just saw this image of a chart.
it has the name of the company down the side

  • Yahoo! – not sure what it was called
  • Google – Open Social + next week social connector
  • MSFT – Mesh
  • AOL – OpenID, AIM portability
  • Facebook – Connect
  • MySpace – Data Avalability

Smaller co’s/platforms

  • People Aggregator
  • Ning
  • LinkedIn
  • White Lable Social Networking App X.
  • Drupal
  • WordPress
  • etc…

Then across the top is a list of features. example – OAuth for Exporting contacts. Please comment on other features we should list.

In the matrix you check off what features they have and if they are using open standards to implement them.

The question is what are the features we should have along the top. I think we will do this exercise as a group this week at theInternet Identity Workshop since I know that at least the first 4 companies on this list will be there and I am hoping that last two are too.

PARTY!!! after IIW / before DSS Party hosted by

So this year after the Internet Identity Workshop there is going to be the Data Sharing Summit – in between is going to be the Happy Hour – in honor of Decentralized User-Centric Identity.

It is FREE (if you RSVP) from 6pm to 8pm Wednesday May 14th at Temptations, 288 Castro Street, Mountain View, CA 94041

You can eat there or move on to other fine venues on Castro Street.

I have to say how personally greatful I am to be working with Tony and his team on this event.

I met Tony about 2 months ago in NYC when he came to the Identity Commons meetup that Ryan Janssen hosted with me at Angel Soft. We talked a lot about the community and the history and the future – Ken Jordan, author of the Augmented Social Network: Building Identity and Trust into the Next Generation Internet (2003 First Monday), was there too. He has been doing a great job blogging about the issues on Own Your Identity and I am excited to introduce him to the whole Identity Commons and Data Sharing Community this week.

IIW and DSS retweeter set up on Twitter: follow IIW6

I have a ‘retweeter’ for the week of events set up at Group Tweet. My thought is we should just use one for both events – to help information flow between them. (if people really want a different one for both we can do that but lets discuss)

So how does this work.
First get a twitter account.

Then Follow IIW6 (this is because it is the 6th Internet Identity Workshop)
Then IIW6 will follow you back

When you direct message IIW6 it will be rebroadcast out to all the other subscribers to IIW6.

To direct message you simply type “d iiw6 Kim is giving a great talk in room A”
Then IIW6 will say “via @identitywoman Kim is giving a great talk in room A” and everyone who is following IIW6 will hear it.

With this set up we can talk to each other – back channel like.
The tweets that get sent out are currently sent to public.

If you have never tweeted before I think this a great opportunity to try it.

You can just follow one account – even have it come to your phone (because the volume won’t be that high) to do that you have to set device updates from IIW6 to ‘on’ another step after you click follow. It is very unlikely it will go over you total limit for text messaging for the month usually 150 or 200 messages on a standard plan.