Google+ and my “real” name: Yes, I’m Identity Woman

When Google+ launched, I went with my handle as my last name.  This makes a ton of sense to me. If you asked most people what my last name is, they wouldn’t know. It isn’t “common” for me.  Many people don’t even seem to know my first name. I can’t tell you how many times I have found myself talking with folks at conferences this past year and seeing ZERO lighbulbs going off when I say my name “Kaliya”, but when I say I have the handle or blog “Identity Woman” they are like “Oh wow! You’re Identity Woman… cool!” with a tone of recognition – because they know my work by that name.

One theory I have about why this works is because it is not obvious how you pronounce my name when you read it.  And conversely, it isn’t obvious how you write my name when you hear it.  So the handle that is a bit longer but everyone can say spell “Identity Woman” really serves me well professionally.  It isn’t like some “easy to say and spell” google guy name like Chris Messina or Joseph Smarr or Eric Sachs or Andrew Nash. I don’t have the privilege of a name like that so I have this way around it.

So today…I get this

I have “violated” community standards when using a name I choose to express my identity – an identity that is known by almost all who meet me. I, until last October, had a business card for 5 years that just had Identity Woman across the top.

Display Name – To help fight spam and prevent fake profiles, use the name your friends, family, or co-workers usually call you. For example, if your full legal name is Charles Jones Jr. but you normally use Chuck Jones or Junior Jones, either of these would be acceptable. Learn more about your name and Google Profiles.

[Read more...]

The Trouble with Trust, & the case for Accountability Frameworks for NSTIC

There are many definitions of trust, and all people have their own internal perspective on what THEY trust.

As I outline in this next section, there is a lot of meaning packed into the word “trust” and it varies on context and scale. Given that the word trust is found 97 times in the NSTIC document and that the NSTIC governing body is going to be in charge of administering “trust marks” to “trust frameworks” it is important to review its meaning.

I can get behind this statement: There is an emergent property called trust, and if NSTIC is successful, trust on the web would go up, worldwide.

However, the way the word “trust” is used within the NSTIC document, it often includes far to broad a swath of meaning.

When spoken of in every day conversation trust is most often social trust.

[Read more...]

Alignment of Stakeholders around the many NSTIC Goals


The Many Goals for the Identity Ecosystem & NSTIC Governance

The NSTIC governance NOI articulates many key activities, qualities and goals for a governance system for NSTIC. NSTIC must:

  • convene a wide variety of stakeholders to facilitate consensus
  • administer the process for policy and standards
  • development for the Identity Ecosystem Framework in accordance with the Strategy’s Guiding Principles
  • maintain the rules of participating in the Identity Ecosystem
  • be private sector-led
  • be persistent and sustainable
  • foster the evolution of the Identity Ecosystem to match the evolution of cyberspace itself.

Achieving these goals will require high-performance collaboration amongst the steering group and all self-identified stakeholder groups. It will also require earning the legitimacy from the public at large and using methods that surface their experience of the Identity Ecosystem Framework as it evolves.

[Read more...]

Proactive Development of Shared Language by NSTIC Stakeholders

This is the “punchline section” (in my response it is after what is below…the history of collaboration in the identity community):

Proactive Development of Shared Language by NSTIC Stakeholders

In 2004-5 the Identity Gang (user-centric identity community) was 1/10 the size of the current NSTIC stakeholder community.  It took us a year of active grassroots effort to develop enough common language and shared understanding to collaborate. NSTIC doesn’t have 5-10 years to coalesce a community that can collaborate to build the Identity Ecosystem Framework. To succeed, the National Program Office must use processes to bring value and insight while also developing  shared language and understanding amongst stakeholders participating.

[Read more...]

Ecosystems Collaborate using Shared Language – NSTIC

Collaboration is a huge theme in NSTIC. Below is the initial approach to collaboration in the  document:

The National Strategy for Trusted Identities in Cyberspace charts a course for the public and private sectors to collaborate to raise the level of trust associated with the identities of individuals, organizations, networks, services, and devices involved in online transactions.

Collaboration, as defined by Eugene Kim, a collaboration expert and the first Chief Steward of Identity Commons, occurs when groups of two or more people interact and exchange knowledge in pursuit of a shared, collective, bounded goal

To achieve the challenging goals set out in NSTIC, such as raising trust levels around identities, high performance collaboration is required. Both shared language and shared understanding are prerequisites for high-performance collaboration.

This is a powerful excerpt from Eugene Kim’s blog about two experiences from technical community participants (including Drummond Reed from the user-centric identity community) that paints a clear picture of the importance of time for, and the proactive cultivation of, shared language:

[Read more...]

Ecosystem as the frame for NSTIC

What is an Ecosystem?

The National Strategy for Trusted Identities in Cyberspace paints a broad vision for an Identity Ecosystem. The strategy author’s choice to name the big picture vision an “ecosystem” is an opportunity not to be lost. An Identity Ecosystem construct will inform the choice of processes and structures appropriate to govern it.

An ecosystem is a biological environment consisting of all the organisms living in a particular area, as well as all the nonliving, physical components of the environment with which the organisms interact, such as air, soil, water and sunlight.

This definition reminds us that the context of an Identity Ecosystem is broad and goes beyond just the identities of people and devices but extends to the contexts in which they operate and interact, the network and indeed the wider world. When we discuss a person’s digital identity it should not be forgotten that we are each fundamentally biological beings living in complex social systems composed of groups, organizations and businesses, all socially constructed and embedded in a larger context, the biosphere surrounding the planet earth.

An overall Identity Ecosystem is needed because small islands of identity management online are working, but they have not been successfully woven together in a system that manages the tensions inherent in doing so to ensure long term thrivability of the overall system. [Read more...]

NSTIC Response by Identity Woman

Context for my response to the NSTIC Governance NOI

Table of Contents to Blog Posts of My Response

My Complete Response in PDF form Kaliya-NSTIC-NOI

Introductory Letter of the Response.

Context for my NSTIC NOI response

I surprised myself when writing my response to the NSTIC (National Strategy for Trusted Identities in Cyberspace)  Governance NOI (Notice of Inquiry).  I wasn’t sure exactly what I was going to say because the questions seemed like they were way ahead of where they should be interms of where things were.  I decided to begin by sharing important Context, Frames and Terms that were important before getting to the Questions of Governance and what should be done now.

I began with the word Ecosystem – what it meant and that a system was at the heart of this strategy not something simple or easily actionable.

I touched on the history of the Identity Community and how much conversation and intensive dialogue happened amongst that early community to get to a place where collaboration was natural and “easy”. A huge amount of effort went into developing shared language and understanding then and this is needed once again.  The range of self identified stakeholders for NSTIC is quite large (the range of not self identified stakeholders it could be said is everyone on the planet or at least all those with a digital connection (via phone or interent).

I put forward two different methods/tools/processes that could be used to form shared language and understanding across this stakeholder community Polarity Management and Value Network Mapping.

I suggest that the governance structure proposed a “steering group” actually have a mandate to regularly listen to and act on the recommendations of the system that are generated via 3 different well established dialogic processes (Creative Insight Council, World Cafe and Open Space Technology [What we use at IIW]. I then answer the NOI questions referencing the ideas above.

I am going to be posting the whole of my Response in a series of posts and linking them all from there.

I began with one earlier last week which is focused on “trust” both as an emergent property of the overall system AND as the current name of technology and policy/legal frameworks for identity creation.

Links to NSTIC Response Posts:

[Read more...]

Trust is at all time low in they West….why leading with “trust frameworks” might not work

The ID Coach has this quote at the top of her current blog post:

…trust indices in the Western world are at an all time low. We don’t trust our lawyers, or accountants — they shred lots of documents. Many believe that bankers recently brought the world economic system to its knees in the crisis of 2008 and subsequent recession. Most people aren’t too enamored of politicians, either.

It is from the current issue of the Harvard Business Review in an article about trust.

It makes another very clear point about why leading with the word “trust” to describe “trust frameowrks” when the institutions touting them are the very ones that people have skepticism about (lawyers, accountants, bankers) as a good way to solve all our problems online by having people prove who they are.

People don’t want to accept “trust” blindly form these institutions they want to understand how it works and then decide if they do trust it or not.  Asking questions about accountability seems much easier to be concrete about the actual mechanics that then may are may not be trustworthy.

PDEC Value Network Mapping Phase One – you are invited

This is cross posted from the PDEC Blog – original post over there.

Last week Kaliya and Verna Alee traveled to the Cloud Identity Summit to get the Phase 1 of our first Industry Collaborative project started.

We are working on developing Value Network Maps of how value flows between different roles in the personal data ecosystem. We are starting with a map of how things work today and then considering how things change if people have personal data stores with data usage rights they manage and control. [Read more...]

PDEC Industry Collaborative Project

I am at the Cloud Identity Summit with Verna Allee to begin our first Industry Collaboration Project.

Value Network Mapping and Analysis of the Current and Future Ecosystem for Personal Data

We are focused on defining ecosystem roles and mapping the value and data flows in online industries that collect and use personal data.  We will also consider what happens when new services that work on behalf of people are added into the mix.

If you are here at the Cloud Identity Summit please join us to contribute your ecosystem insights. This week we are mapping:

1-4pm Wednesday and Thursday Greys Peak 2 Room

Informally we will be at tables around the conference collaborating with attendees mapping.

We will continue the phase 1 effort August 3rd in San Francisco. If you are interested in learning more please contact me.

How does it work? In the session we will be working collaboratively refining roles such as, data broker, data aggregator, vendor, individual, transaction provider etc. We will then explore how value (money, information, data, etc flows) in between these roles today and look at how the ecosystem map changes when we add in emerging roles such as personal data store providers.

What is the output? In late summer PDEC will publishing the results of Phase 1 general Value Network Map under a creative commons, with attribution, commercial license.

What’s Next? In Phase 2 of the project the general value network map will serve as the basis of Industry Specific Maps for how the ecosystem is activated in different industry scenarios. Industries we have in the pipeline for sponsorship are Finance and Media/Advertising. We are considering maps for Telecommunications, Data Aggregation, and Implementing Accountability Frameworks.

If you are interested in participating in Phase 2 please contact me.


Accountability Framework – renaming “Trust Frameworks”

I challenged the choice of the phrase “trust frameworks” to describe policy/technology frameworks that have the goal of creating networks of interoperability in the question and answer part of the NSTIC governance workshop.  Jeremy Grant challenged me to think of a better name for  “trust frameworks” and I think I found it…

Accountability Frameworks

So far everyone I have shared this with likes this new potential name.

* It is 2 words.

* It captures the heart of the intention behind their purpose – Accountability

* Accountability is achieved in these frameworks via both technology standards and policies that are adopted and audible.

* Trust remains an emergent property of these accountability frameworks.

* There can be real conversations by various stakeholders who may have different needs and interests about the nature of the accountability in different frameworks. They can look to see weather particular accountability frameworks are trustworthy from a particular point of view.

* It avoids the problem of talking about the “trustability of trust frameworks”.