IDESG: Governance beyond “us” Challenge 2 for NSTIC

Second Challenge:  How are we meaningfully and regularly checking in with those outside the community of self selected stakeholders – to regular citizens who have to use the currently broken systems we have today and hopefully will be enthused and inspired to adopt the outcomes of this whole effort?

The openness of NSTIC overall was inspired by the Open Government memo (  signed first day in office. It inspired a lot of my colleagues in the dialogue and deliberation community. (Yes, I have another life/carreer doing facilitation see

They went to work figuring out how to be sure that coherent resources and tools were available to those who were now mandated to “do” open government and have more public participation would have really good resources available.  Tom Atlee the person I co-wrote the Governance section of my NOI was one of the leaders of this working with the NCDD (the National Coalition for Dialogue and Deliberation) to define 7 core principles of public engagement.

Blog post that outlines them: (

[Read more...]

IDESG Governing “us”: Challenge 1 for NSTIC

I am posting to this blog the two posts I made to the NSTIC IDESG governance list on Tuesday. Here is the first one on Governing “us” (that is the word “us” not U.S.)

I only got on the [governance] list over the weekend despite raising my hand to be a part at some point in the Chicago meetings.

I am working to track all that is being discussed and I also want to breath and step back a bit. I want to share two bigger challenges and perspectives.

First Challenge how are we we connecting/structuring and governing the interested stakeholders who ARE showing up to engage.  How are we as Bob just asked creating ways, systems, processes and tools forward to create alignment and agreement?

Second Challenge  How are we meaningfully and regularly checking in with those outside the community of self selected stakeholders – to regular citizens who have to use the currently broken systems we have today and hopefully will be enthused and inspired to adopt the outcomes of this whole effort?

They are two quite different but related challenges. This e-mail will deal with challenge 1. The next one with Challenge 2.

[Read more...]

Consensus Process and IDESG (NSTIC)

In my governance NOI response I proposed several different methods be used to solicit input from a wide variety of stakeholders and bring forward from those processes clear paths for making a real strategy that take input from a wide range of stakeholders.

When the first governance drafts came out of the NPO, they articulated that the steering committee would operate via consensus BUT then it also articulated a whole set of voting rules for NOT abiding by consensus.

When I asked about their choice of using the term consensus to define a particular methodology – they came back and said well we didn’t actually mean to suggest the use of a particular proces.

But consensus IS a process method I said…and they said we didn’t mean to proscribe a method. So we were sort of in a loop.

Now that we are in this stage that is considering governance and systems for the community of self identified stakeholders (and people beyond this group who will be the users of the outputs).  What I don’t know is if people really know what real consensus process is or if we have anyone who is experienced in leading actual consensus processes? It keeps feeling to me like we are using Roberts Rules of Order and then getting everyone to agree – thus having “consensus”.  That isn’t consensus process.

Tree Bressen who was the leader of the Group Pattern Language project (I participated along with many others in its development) has an amazing collection of resources about conensus process including a flow chart of consensus process and Top 10 mistakes to avoid them.

Are we using consensus process?

One of the big issues of our democracy today (in the liberal west broadly) is that we have this tendency to believe that “voting” is the thing that makes it democratic. Voting is a particular method and one that by its nature sets up an adversarial dynamic. There are other methods and ways of achieving democracy and we can go well beyond the results of our current systems by using them. Tom has done a lot of research into them over the years at the Co-Intelligence Institute and has published two books The Tao of Democracy and Empowering Public Wisdom. 

I am glad methods outside what has been the normative frame of “Roberts Rules of Order” as Democracy are being considered…however we need to be clear on what processe we are using.




NSTIC Governance….Privacy Interests

This past weekend I finally got onto a bunch of mailing lists for NSTIC including the governance one. (you can too)

It is a generally accepted best practice that governance systems should be developed by the communities that need to live by them. With NSTIC the stakeholders were handed a charter and bylaws created (primarily driven by the vision of one guy) in the NSTIC National Program Office.  They kept saying “there is consens” around the charter and bylaws…but there wasn’t they were sort of thrust upon us and not developed by us.  We chose to accept them for now and are now in the process of re-visiting the bylaws handed to us and we agreed to for a short period to get things going.

The draft by-laws include a privacy standing committee that has veto power over the outcomes of Identity Ecosystem Steering Group.

One theory about why this is, I have heard more then once from industry folks involved with NSTIC, is that the privacy constituency “got” this committee and its veto power as a deal to participate in NSTIC.  We don’t know … cause the process of how this idea of having this committee have a veto was not transparent or open.

If we are committed to actually having a consensus based process then no one group committee needs a veto.

I said on the chat during the call that there was a misttrust issue.  I don’t trust giving the privacy advocates a veto in part because they don’t currently show up and engage with industry in the development of the tools and technologies.  I have regularly invited privacy advocates to participate in the Internet Identity Workshop and I regularly have those invitations declined. I will call out the specific groups the ACLU of Northern California and the EFF.  (Having received a cool shoulder from them I haven’t pursued inviting other groups however the woman from the World Privacy Forum who spoke today on the governance call would be great to have at IIW) Both claim “nonprofit” poverty and say lack of budget to attend such events. (IIW has an early bird ticket price of $150 and includes three meals a day for three days….so its not expensive). Both have multi-million dollar budgets and choose not to invest, as part of how then spend their resources, on showing up in forums like IIW with industry “making the sausage” of open standards for how identity will work for people on the internet.

Organizations like this tend to spend their money on lawsuits against companies who have violated privacy. I don’t disagree that EPIC and other groups should be holding Google and Facebook accountable for changing their settings in ways that violated user expectations and therefore one version of waht privacy is. However if that is all they do…(sue and file complaints with government agencies) then it is like investing in prisons instead of schools.  If you invest in schools you won’t need prison’s later to hold the citizens who become criminals because they didn’t get a good education.

If they chose to invest in the fora where technical standards are made and work with industry to ensure that the interoperable systems they design are in alignment with core functional requirements that give people control of the flow of information about them in digital systems (what we might call privacy). Then they wouldn’t have to file so many law suits down the road cause they would work well.

There is also the issue that “Privacy” isn’t ONE THING.

See: Solove – Taxonomy of Privacy 

Until it is clearer what the groups who are pro-privacy mean and how they see it being instantiated in the standards that becoms the code that will be the basis for the ecosystem.  It feels really hard to engage or trust them with a veto.

My fear is that a structure for IDESG that includes a privacy committee with a veto will continue to foster the current pattern of of industry interaction. The privacy interested groups will stay away from really engaging with technology developments as they are done BECAUSE they have a veto over them .. at the end of the process. They will stand on the sidelines and then swoop in and kinda “gotcha” those in industry who have been working together.





Kaliya for Mayor!…nope NSTIC

Update August 18th: 

Thank you to all the people and organizations who vote for me in the NSTIC election – I WON! .  I ran with my association to Planetwork and I am the Consumer and Citizen Advocate delegate for the next 6 months on the Management Council of the Steering Committee of the National Strategy for Trusted Identities in Cyberspace. You can learn more about my candidacy and the election on this post.  You can track the group/community progress at

I will be working hard with the AARP to grow the number of citizen and consumer advocate groups who are participating in the NSTIC process.

Original Post:

I’m Running for Mayor NSTIC!
Learn how to vote for me and get involved at Kaliya for Mayor .org

Here is the video!

[Read more...]