I wrote the original post after watching the Bradley Horwitz (@elatable) - Tim O'Reilly (@timoreilly) interview re: Google+. I found Tim's choice of words about the tone (strident) and judgement (self-righteous) towards those standing up for their freedom to choose their own names on the new social network being rolled out by Google internet's predominant search engine disappointing.  His response to my post was to call me self-righteous and reiterate that this was just a market issue.

I myself have been the victim of a Google+ suspension since July 31st and yesterday I applied for a mononym profile (which is what it was before they insisted I fill out my last name which I chose to do so with my online handle and real life identity "Identity Woman") 

In the thread this morning Tim said that the kind of pressure being aimed at Google is way worse then anything they are doing and that in fact Google was the subject of a "lynch mob" by these same people.  Sigh, I guess Tim hasn't read much history but I have included some quotes form and links to wikipedia for additional historial context.

Update: inspired in part by this post an amazing post "about tone" as a silencing/ignoring tactics when difficult, uncomfortable challenges are raised in situations of privilege was written by Shiela Marie.  

I think there is a need for greater understanding all around and that perhaps blogging and tweeting isn't really the best way to address it.  I know that in the identity community when we first formed once we started meeting one another in person and really having deep dialogues in analogue form that deeper understanding emerged.  IIW the place we have been gathering for 6 years and talking about the identity issues of the internet and other digital systems is coming up in mid-October and all are welcome.  The agenda is created live the day of the event and all topics are welcome.

Here's the thread... (oldest tweets first)

 Note all the images of tweets in this thread are linked to the actual tweet (unless they erased the tweet). 

Steve, thanks for highlighting the bizarre choice to use a "lynch mob" as the metaphor to describe what is happening to Google around this issue.

From Wikipedia: Lynching is an extrajudicial execution carried out by a mob, often by hanging, but also by burning at the stake or shooting, in order to punish an alleged transgressor, or to intimidate, control, or otherwise manipulate a population of people.... Lynchings have been more frequent in times of social and economic tension, and have often been means used by the politically dominant population to oppress social challengers. 

The article on Lynch Mobs is part of the Discrimination set of articles in Wikipedia. Within sociology, 'discrimination' is the prejudicial treatment of an individual based on their membership in a certain group or category. Discrimination is the actual behavior towards members of another group. It involves excluding or restricting members of one group from opportunities that are available to other groups. An individual need not be actually harmed in order to be discriminated against. He or she just needs to be treated worse than others for some arbitrary reason.

 

From the Wikipedia article on Oppression: Indirect oppression is oppression that is effected by psychological attack, situational constraints or other indirect means. It has been a popular tactic practiced in single power, power monopoly or other authoritarian or totalitarian regimes.

The point I was making with my previous post Google+ says your name is "Toby" not "Kunta Kinte" is that Google is being discriminatory and oppressive towards people who refuse to use their "wallet names" and who choose to go by pseudonyms.  Which party in this situation is really acting like a lynch mob?

As I said in my previous post the tone of those who are suffering at the hands of this policy implemented by THE dominant search utility on the web are loud, shrill, piercing, high-pitched and rough sounding and I imagine are heard by those within Google who are receiving them as grating and obnoxious. Rather then empathizing with human pain and suffering that is reflected in the tone, Tim and others are just dismissing them and their concerns.  Here is one of the clearest posts by someone very affected by what Google is doing: To those who say they "don't get it"...(Google, G+, etc) 

Really? Google+ is effectively lynching, that is killing the digital persona's of people who's names don't conform to its policies. So what is not extreme about that? is there a middle ground when you feel your digital life is threatened? Of course the reaction of people has some edge to it because people feel that the digital identifier that is the anchor for their "digital body" could be terminated and thus puts their digital lives are at risk.  They are being a bit shrill when the talk about the issues because they are deeply personal and have real impact on their lives because it impacts their ability, their freedom to communicate.

To close, Doc Searls has a great post up about what this might all really be about Circling Around your Wallet.

  Note all the images of tweets in this thread are linked to the actual tweet (unless they erased the tweet). 

This whole line of thought to explain to those who don't get what is going on with Google+ names policy arose yesterday after I watched the Bradley Horwitz - Tim O'Reilly interview (they start talking about the real names issue at about minute 24).

More on my personal Google+ suspension that continues to Day 29.

Tim is struck by the Steve Jobs element of how Bradley and Google is talking about designing for the way the world will be not how it is....implying and even explicitly saying that in the future we will just all use our real names for everything so lets get started doing that now.   - you know happy future vision of benevolent design choice by humans of large corporate controlled digital systems.  Yes, many Googlers like Chris Messina who used to have a handle online "Factory Joe" made the conscious choice to bring it together with his "real name". For him the cost-benefit trade of for this and decided that for him it was no longer worth it. Totally fine choice for him. What is at issue is when his choice becomes all of our choice because he and others like him have the power to decide for all of us.

Young men like Chris have a lot of privilege in the world and they can do things/make choices that others have less freedom (privilege) to make without those choices affecting their lives in material ways (chances of employment, social acceptance between different contexts with different norms, having accepting family members who are not bigoted against their personal life choices).  I thought that one of the things Chris got form his years dating Tara Hunt was more of a clue about the issues that women and others who are not young white straight monogamous men living in western liberal democracy, liberal metropolises face. His posts on the topic include the following but some how...I guess he still doesn't get this issue in relation to Google (maybe he does but it seems like people who work at Google stop blogging upon their date of employ and Google employees who have spoken up on the issue have been gagged).

* Kirrily Robert: Standing out in the Crowd where he highlights these posts

• Recruit diversity
• Say it. Mean it.
• Tools. (Tools are easy.)
• Transparency.
• Don’t stare.
• Value all contributions.
• Call people on their crap.
• Pay attention.

* Future of the White Boys Clubs

* Future of White Boys’ Clubs Redux #fowaspeak

Fundamentally technology systems and techno-social systems are created by people making choices AND it is at this time in the history of the web we get to as a culture and society choose the range of options available for human expression of identity online.  IF THE PEOPLE WHO HAVE ALL THE POWER to make this choice in these digital systems have the demographic profile of Brad and Tim then we will get one outcome - it will favor them and their world view and exclude others who are different (ala the very long list of people negatively affected by real names policies). It is an abuse of power as danah boyd eloquently explains on her blog.

Tim goes on to say (at min 28) that his own reaction to "some of the strident calls for you guys [Google+] to change what you are doing" lead him to the conclusion "give me a break, lets try some different things lets figure out what we learn from them..the market will tell you what it really demands"

Lets look at this more deeply - Tim's specific labeling of the resistance to the policies as "strident" is coming from a position of power and privilege that is judging these people in a way that demeans, what they are saying.

From Wiktionary: Strident

1. Loud; shrill, piercing, high-pitched; rough-sounding

   The trumpet sounded strident against the string orchestra.

2. Grating or obnoxious

   The artist chose a strident mixture of colors.

Because the opposition is so sharp and clear - people are speaking up in shrill, piercing, "high-pitched" ways because they are being hurt so badly and deeply by requirement for real names and how suspensions are being handled.  The words of these people are being heard by Tim and others in power as grating and obnoxious because they aren't supposed to speak up...they should just accept what is happening to them right?

One response of Google+ leadership and technology leaders like Tim O'Reilly could have is to be to be empathetic, to look inward and connect to the human beings speaking and say something like:

Wow, we had no understanding of how "unfree" some people feel online and in our society broadly.

We had no idea about how many different kinds of people (who are not like us) are affected real names policies.

We didn't really realize existed, or had any needs different then ours and how can we struggle with them to make a more just society so they are not affected negatively if they were out/public about those things.

In the meantime lets really listen and get that they have real and valid needs for safety and the right to express themselves and lets and not ban them from our services for their choice not to use use their real name.

Instead Tim and others are dismissing the real hurt and anguish being felt by people saying they are being "strident" for speaking up for their right to pick their own name and to be for Google's continued insistence they have the right to decide what an acceptable name is for people.

This is about power and those who speak up to it being judged and labeled negatively for doing so. I asked in twitter yesterday if women suffragettes were strident, and were the stonewall rioters and the subsequent movement for gay rights strident? Yes they were! They were standing up for what was right and against and unjust social system that was harmful to people.  I am concerned about the rights and freedoms of nyms both because people have personal life issues they want to be free to create accounts to express/deal with AND because they have political beliefs they want to share.

Imagine if the people who were standing up and organizing for gay rights in the 60's and 70's had digital tools to do so and imagine all the major places were public discourse about this happened were in online social spaces where "real names" were required and imagine that all of their families and employers would therefore know about their status as a GAY  (LTBTQ) PERSON. Do you think we would have had the gay rights movement? Do you think it would have been possible? Do you think that enough people would have stood up knowing they would be laid off, fired, black balled, told their kids couldn't play with neighbor kids.

Many groups who are systemically and socially oppressed (yes in our modern liberal democracy there is lots of oppression going on) fear to speak up TODAY about the issues going on in the system that affect them.  Many people have ideas that would transform the social order but challenge power will fear speaking up about these new ideas if all speech in online public fora must be linked to real names seen by their real employers who could really fire/let them go.

Unless we embed the freedom to have pseudonymous speech in major online social spaces where serious public/political dialogue occurs then we risk not having a free society any more.  Free meaning the freedom to challenge injustice the freedom to seek greater accountability by those in power (government and corporate), to open up the systems that run our society.

Over the course of yesterday I continued to think more about the deeper nature of the issues going on and the fundamental nature of the power we have to name ourselves and what it means to have this freedom.  I remembered the series Roots  and suggested that young Googlers rent it from/watch it on netflix and then have dialogues about privileged and oppression.

For those of you who didn't watch it in the 70's (I was born in the 70's do didn't watch it then either),  it is the story of a Alex Haley's black family descended from a man who was stolen from his village in Africa and brought to America as a slave. He is very clear on his identity, who he is, he is a Mandinka warrior and his name is Kunta Kinte,.  One of the first things his white slave owner Master Reynolds does is rename him Toby.  He refuses to accept this new name, this identity that they have said he must take on...he does accept the name but only after great human suffering inflicted by his master to get him to comply with his wishes.

This is the sort version:

"Bonus suppression" Google runs YouTube and they took the clip of the movie scene down for "inappropriate nudity or sexual" - it has neither, it just made a dramatic point and made them look bad. In the clip Kunta Kinte is facing the camera with part of his chest showing being whipped from behind by a white man who is working for the slaveowner until he breaks. After repeating his name is Kunta Kinte when asked what his name is, he finally says... it is Toby. 

For slightly more context for the scene this is 8 min.

I highly recommend watching the WHOLE movie if you haven't seen it.

Just to be really clear for those of you who might not be tracking the point I am making. I and the other people in Google+ who choose to have handles/nyms that are persistent and that we are known by but are being rejected by Google+ are Kunta Kinte and the Google+ name police is the slave owner whipping him until he submits to calling himself Toby.

Metaphorically this IS what is going on.  "Yes" I and other people who use handles and use nyms have a choice "not to use the service" - we are technically "not slaves" like Toby is. However we have already been using Google e-mail and other services for years with the names we chose - in changing the rules on the Google plantation they have undermined the social contract that it had with existing users. Google is a major forum for expression of ideas and is THE dominant search engine (one could argue monopolistic search engine). It will be using people's +1's to determine search results and these will shape public discourse.

Many different people are now fearful of speaking up in Google+ about these issues (even if the are not affected) because they fear the will be affected (having their access to their accounts turned off). Just look at what has happened Google+ turned off Violet Blue's profile knowing full well it was her real name and people rightly so imagine this is because she was speaking out for those who were suspended and could not speak.

Back to what Tim said above - he says that "the market will decide" these things. The core issues here are freedom of speech and power within the social sphere not about "the market". It is about what is right and just in a society. The market decided that it was ok to do slavery for hundreds of years, the market decided that it was ok to discriminate systematically against black people with Jim Crow laws and the market decided it was ok to discriminate against women in professional fields like law and medicine until things changed in the 60's.

Continuing the quotes from Tim "lets the arguments be from efficacy not from self righteousness"

Let me ask you this Tim: Was Kunta Kinte being self righteous to insist on his own choice of his own name?

Update:

Tim thinks that I am being self-righteous for even asking this question. He agrees with me that Kunta Kinte is not self righteous to stand up for his name but adds that that I am self-righteous to ask this question which in this post was explicitly drawing the analogy between Kunta Kinte's struggle for his right to assert his own identity and mine along with others with handles and Nyms in relationship to Google+. The fact that he is judging us as being "self-righteous" kinda proves my point that we are challenging the the power and authority of the system and being judged negatively by the powers that be for for doing so.

Tim thinks that this issue is just a matter for the market to decide. Sadly he doesn't see it as the silencing of voices and the inability for those who are not as privileged as he is to speak with their own voice on the Google platform the dominant search utility for the web.

In the morning there was a whole much longer set of twitter responses kicked of by Kevin Marks and going back and forth with Tim O'Reilly and others.

Update: inspired in part by this post an amazing post "about tone" as a silencing/ignoring tactics when difficult, uncomfortable challenges are raised in situations of privilege was written by Shiela Marie.  

I decided to go in and change my profile basically back to what it was before all this started.  I put a  ( . ) dot in the last name field.  In my original version of my google proflile my last name was a * and when they said that was not acceptable I put my last name as my online handle "Identity Woman".

So just now as I did put a ( . ) for a last name I was told that a ( . ) didn't meet the real names policy and I could appeal so I did. There is no text field where you can explain yourself -  you can only submit your "Identification Documents" and "Links" to prove your identity.  This lack of ability to actually communicate/talk in a human way with the people who are making these decisions is really alienating. I did put a link to this blog post so we shall see.

I really don't want to use or need a last name. I have yet to meet any one with my name IRL (In Real Life) and it is very uncommon. If you search for Kaliya in Google. I am all over the front page as Identity Woman along with the mythical Hindu sea serpent that I share a name with.

I refuse to headline my "real" last name it is not "mine" and identify with it as an "other" name.  I am fine with it being on my drivers license and passport but it is not what I want at the top of MY PROFILE in Google at the heart of the social web as it relates to "me" the "real me" not the one on my legal paperwork.

At the heart of User-Centric identity is the freedom to choose one's name and this choice of mine is mine to make not Google's. We shall see how this goes over.

Here is my next posts about:

1) the broader political meanings of all of this: Google+ says your name is "Toby" NOT "Kunta Kinte"

Here are the previous posts about interacting with the Google+ name police:

* Google+ and my "real" name: Yes, I'm Identity Woman August 1

* Nymwars: IRL on Google's Lawns. August 5th

* Google+ Suspension saga continues. August 9, 2011.

As I outline in this next section, there is a lot of meaning packed into the word “trust” and it varies on context and scale. Given that the word trust is found 97 times in the NSTIC document and that the NSTIC governing body is going to be in charge of administering “trust marks” to “trust frameworks” it is important to review its meaning.

I can get behind this statement: There is an emergent property called trust, and if NSTIC is successful, trust on the web would go up, worldwide.

However, the way the word “trust” is used within the NSTIC document, it often includes far to broad a swath of meaning.

When spoken of in every day conversation trust is most often social trust.

Trust in a social context: The typical definition of trust follows the general intuition about trust and contains such elements as:

• the willingness of one party (trustor) to rely on the actions of another party (trustee);
• reasonable expectation (confidence) of the trustor that the trustee will behave in a way beneficial to the trustor;
• risk of harm to the trustor if the trustee will not behave accordingly; and
• the absence of trustor's enforcement or control over actions performed by the trustee.

When discussing digital systems there is another meaning for trust related to cryptography and security and other policy enforcement.

Computational Trust - In Information security, computational trust is the generation of trusted authorities or user trust through cryptography.

Trusted Systems - In the security engineering subspecialty of computer science, a trusted system is a system that is relied upon to a specified extent to enforce a specified security policy. As such, a trusted system is one whose failure may break a specified security.

The choice of one individual to trust another depends on who they are, depending on the context, relationship and other factors. This can change and perhaps be tracked.

Trust Metrics -In psychology and sociology, a trust metric is a measurement of the degree to which one social actor (an individual or a group) trusts another social actor.

Trust Operates on Different Scales

In The Speed of TRUST: The One Thing That Changes Everything, Stephen M.R. Covey articulates 5 different ones. I think this model is helpful because it highlights how much trust means and how it operates differently at different scales.

Covey starts with people trusting themselves: SELF TRUST

Are we credible to ourselves?

• Do we have integrity are we congruent inside and out and walking our talk, living in accordance with one’s own values and beliefs?
• What is our intent when interacting with straightforward motives based on mutual benefit?
• What are our capabilities? Do we have the ability to establish, grow, extend and restore trust? What abilities do you have that inspired confidence, talents attitudes, skill, knowledge, style.
• What are our results? Do we get the right things done, are they done well and what is our consistency of results or tack record?

People in the Quantified Self movement are actually using digital devices and sensors to track themselves. They are using data analysis tools to see how fast they ran or what their caloric intake was. One of the reasons people track themselves to work on improving themselves, set goals and measure achievement over time. As they achieve results towards a goal they increase their credibility - their self trust.

Covey moves on to people trusting each other: RELATIONSHIP TRUST
One cultivates this kind of trust with others when one behaves consistently in ways that build trust. People are biologically wired to track behavior of others and form opinions about trustworthiness in real time, all the time balancing a wide array of variables. One way to simplify this is to imagine that with every person you interact with you have a “trust account”. The way you make deposits “In” to someone’s bank account is to have consistent behavior. Deposits are withdrawn from the “account” when someone is not consistent in following agreements.

Behaviors he believes generate trust:

• Create Transparency
• Demonstrate Respect
• Practice Accountability
• Deliver Results
• Get Better
• Extend Trust
• Talk Straight
• Listen First
• Show Loyalty
• Confront Reality
• Clarify Expectations
• Keep Commitments

People are really different: different kinds of behaviors matter more or less to an individual, and therefore a behavior’s meaning affects the current balance on any person’s given trust account account differently.

The Identity Ecosystem is an online environment where individuals and organizations will be able to trust each other because they follow agreed upon standards to obtain and authenticate their digital identities and the digital identities of devices. The Identity Ecosystem Framework is the overarching set of interoperability standards, risk models, privacy and liability policies, requirements, and accountability mechanisms that govern the Identity Ecosystem.

This quote from NSTIC makes a big assertion that trust is going to flow between people because they followed agreed-upon standards to obtain and authenticate their digital identities.

The implicit use case might be an individual, lets say her name is Jenna, goes to an attribute verifier service provider like her retail branch bank with attributes like drivers license, latest utility bill and her record showing she has also had a bank account with them for 5 years. The bank checks Jenna’s physical world credentials and then issue a digital token she can use to do 2-factor authentication online. The digital token, when she goes online, presents Jenna’s name as written on her driver’s license.

I see three behaviors in this use case:

Confronting Reality - there is a reality for most people in western liberal democracies that the government of the county or province you were born issued you a paper saying so, and this ironically named breeder document begets you more forms of identification. If a user has not been using their real name, they will now be forced to do so. The reality is, birthplace can have a huge effect on a person’s legal and identify reality.

Creating Transparency - Jenna has linked her “real legal name” to an account which that when she uses it will be transparent about who she is and let everyone know. This means people who look her up online can find her street address in real life. Well, it turns out this creates a vulnerability because others can find where her house is, stalk her or make threats against her.

Practicing Accountability - The ability to be accountable. If Jenna choose a criminal action online, others would be able to trace her by the real name she was using. But so too if she was mildly socially rude, people would know to withdraw from her “trust account”.

There are nine other behaviors really matter in human to human trust relationships but which are not covered in any way by the standards for obtaining and authenticating digital identities - the so-called trust frameworks.

There are other aspect that are not comparable about this scenario when you map them to how people trust one another in everyday life. I don’t trust people because I know their legal name because I checked it on their drivers license. In physical space, I see someone I know and I know it is them because they are in the same body form they were last time I saw them. This verisimilitude to the mental picture I have of them allows me to authenticate36 them visually. When I see them, I can pull up my mental trust account and see how much I have deposited in their account.

In the digital realm, I anchor my mental trust account to identifiers I hold for people in my mind. I need to have confidence that the system they use to authenticate (using a user name and password) is secure, that it isn’t someone else logging in and “being them” because they control the identifier.

When people interact with businesses, they use similar mental models for judging trustworthiness based on observed actions and experiences. The use of the phrase “trust framework” by its very name implies that those who have complied with its requirements are trustworthy because they had a standard way to obtain a digital identity and authenticate. There is a great diversity of particular behaviors that people use to make trust judgements. If people want to use one trust framework or another because they judge one or another ratings agency assesses it to be more “trustworthy” we have a very messy, convoluted conversation.

In groups of people working together: ORGANIZATIONAL TRUST
This mode of trust is about alignment of the structures, systems and symbols of organizational trust. If trust is low in an organization, then to compensate, certain behaviors or systems patterns emerge that are costly: Redundancy, Bureaucracy, Politics, Disengagement, Turnover, Churn and Fraud.

For organization there is: MARKET TRUST
The perception of a business entity in the market place is where there are all kinds of services that help consumers navigate what products to buy. Market trust is developed by repeated activity observed over time.

Beyond the business or nonprofit is: SOCIETAL TRUST
This is about giving back and contributing to the society and the commons. It is particularly important to give back to society trust assets one owns but everyone benefits from. It is vital that societal trust be maintained because other scales for trust operate at this level as a support structure. This is where there is backup when other forms of trust fail and you can trust the court system to give you fair treatment when seeking redress.

“If NSTIC is successful, trust on the web would go up, worldwide.” The trust in this sentence is at the societal level scale and I believe it is true. However the way to succeed in achieving this level of trust is not to name policy-tech frameworks throughout the system “trust frameworks”. I am very keen on NSTIC succeeding, however I am concerned that naming this critical part of the proposed ecosystem “trust frameworks” will actually generate mistrust of the system. If the term “trust framework” is the way policy-technology frameworks within the ecosystem are named and explained to the public, but people find those frameworks untrustworthy, they will suspect anything self labeled with “trust”. People will ask themselves: why should we trust a Trust Framework? Who made up the trust frameworks? Individuals will think to themselves: I am the one who decides what to trust...don’t tell me to trust something just because you call it a “Trust Framework.” Given the recent large scale institutional breakdown in trust in the banking system, consumers are skeptical of large publicly traded companies saying “trust us” we have a “trust framework” to protect you.

I highlighted the challenge with using the word, trust, for policy-technology frameworks at the NSTIC governance workshop at the beginning of June where Jeremy Grant asked me if I had a better name. I do have a better name for trust frameworks:

Accountability Frameworks.

Here is some of my reasoning:

• It is 2 words.
• It captures the heart of the intended purpose: Accountability
• Accountability is achieved in these frameworks via both technology standards and policies that are adopted and audit-able.
• Trust remains an emergent property of these accountability frameworks.
• There can be real conversations by various stakeholders who may have different needs and interests about the nature of the accountability in different frameworks. They can look to see weather particular accountability frameworks are trustworthy from a particular point of view.
• It avoids the problem of talking about the "trustability of trust frameworks".

Trust is absolutely essential in the Identity Ecosystem. People must trust that the information they share will be handled with care, respected and that human dignity is maintained by the individual actors within the Identity Ecosystem. This is achieved by having real accountability in the system around the user’s rights to use their data being respected. When the system is functioning well and accountability frameworks are followed then overall systems behavior of the Identity Ecosystem will be trustworthy.

This post is from pages 20-24 of Kaliya's NSTIC Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

This is the section before: Alignment of Stakeholders around the many NSTIC Goals

This is the section after: Ecosystem Maps - Present, Evolving, Future

The woman writing the article is very clear on the identity "creep" that happened and got to the point of requiring users to use the Real ID account within the system to post on forums and EVEYWHERE they interacted on company websites.

She articulates clearly why this creates an unhealthy climate and a chilled atmosphere for many users.

She articulated why she chose initially to sign up for the service using her "Real Name"

When Real ID came out a few weeks ago, I threw caution to the wind. Although my name is fairly uncommon, I immediately added everyone in my guild. I did this mostly because I like my guildmates, I trust them, and I’m an officer of our guild; it would be strange for me to not use this service. We killed heroic Lich King together, we make all kinds of obscene jokes, and although I’m one of two females in the entire guild of forty or so people, harassment is never an issue. I’m an equal. I’ve been here for over a year, and as such, giving these players my real life name wasn’t an issue.

Listen to her language carefully - she says "in this context" I trusted sharing my real name and my gender which is likely given away by her real name.  She knows her guild mates and they don't harass her.

there was a smaller problem. The guildmates I’d friended had friends who could see me as well because of this. For some reason, Real ID came with the feature that everyone can view other people’s friends–that is to say if I friend Joe, I can then see Joe’s friends and Joe’s friends can see me.

In the process though her "real name" was leaked beyond this trusted group to their friends.  Some of whom may not have known her gender.

Now their "Real ID" system is being extended farther.

Blizzard announced today that all posts on their forums will be now using Real ID. This is mandatory–if you want to post, you have to post this way....real life names will be next to those who post. This will affect everyone, even Blizzard employees. They are also adding a karma feature that will be a lot like Reddit or Digg.

You think why is this "so bad" we should all just be comfortable being "out" about our gaming life or what we say online.

1st she highlights why anonymity is good:

The internet is largely what it is because of its anonymity–for better and for worse. Many great discussions have been had solely because someone could submit their words without worry of being judged.

She acknowledges "greifing" happens because of this but that this is mitigated by moderation.

She says those who really do want grief other people are being given more tools to do so with by actually revealing people's real life names, and addresses (in physical or online space).

by using a full name, players are tied to their real life persona and unable to separate themselves from their online one.

Taking away the freedom to "disaggregate" yourself is where the issue is.  People need to be able to be gamers and NOT have it leak into their real lives where it could affect their livelyhood or standing in a totally different community.

In this system, it becomes linked forever in search engines. This means potential employers could find out if a player was a World of Warcraft fan and even the characters they have with a simple search.

If you don't think it is an issue perhaps you are not in a minority or in a "target population"

Women might find it harsher with new avenues of harassment opened. Transgendered people could be inadvertently outted when someone sees Sally, the friendly Paladin chick, posting under the name Steve. Someone could have a distinctive name and be disregarded solely because their name sounded like a person of a certain background, race, religion, or otherwise. And if someone’s a minor–or even major–celebrity, having their name exposed could be damaging.

Those in charge of and designing systems need to think twice before making changes.

Like I said, there were options. Unfortunately it seems Blizzard executives chose not to look into them and then turned a blind eye. It’s just a shame that this lack of foresight will probably at the very least result in the harassment of many thousands of individuals–if it doesn’t end up causing something worse for a select few.

As for me, I haven’t forgotten about the person from France who spent over six months to track down and attempt murder on a guy who fragged him in Counter-strike (NY Daily News). Call me pessimistic all you want, but I have to wonder if Blizzard’s marketing department even thought about it.

The Identity Spectrum gives a understanding of the different kinds of identity that are possible in digital systems. They are not exculsive - you can mix and match. I will define the terms below and discuss mixing and matching below.

Anonymous Identity is on one end of the identity spectrum--basically you use an account or identifier every time go to a Web site--no persistence, no way to connect the search you did last week with the one you did this week.

Pseudonymous Identity is where over time you use the same account or identifier over and over again at a site. It usually means you don't reveal your common/real name or other information that would make you personally identifiable. You could use the same identifier at multiple sites thus creating a correlation between actions on one site and another.

Self-Asserted Identity is what is typical on the Web today. You are asked to share your name, date of birth, city of residence, mailing address etc. You fill in forms again and again. You can give "fake" information or true information about yourself--it is up to you.

Socially Validated Identity is an identifier within the context of a social graph that is linked to and because of the social links it is acknowledged by others thus being socially validated

Verified Identity is when there are claims about you that you have had verified by a third party. So for example if you are an employee of a company your employer could issue a claim that you were indeed an employee. You might have your bank verify for your address. etc.

Mixing and Matching on the Identity Spectrum
You could have a socially verified pseudonymous identity. That is people recognize and acknowledge a pseudonymous handle/avatar name by linking to it in a social graph. You can have verified anonymity where attributes about a handle/avatar are 'verified' but the all the information about the verified identity (full name, address, birthdate etc) is not reviled.

Reading the article in The Independent this stood out for me

The creation of the ID or Unique Identification Number (UID) was a major plank of the manifesto of the ruling Congress Party during the recent election.

India is not a western democracy where "everyone" has papers and certificates of birth. As the article highlights

"This could be used as a security measure by the government which leaves migrant workers, refugees and other stateless people in India in limbo, without access to public services, employment and basic welfare."

Our identities don't come from government - they come from our social interactions and relationships.

The other issue that comes from this is "everyone in one database" is a giant honey pot.

AUSTRALIANS will need a photo identity card within four years to receive Medicare and welfare payments but will not be forced to carry it at all times.

The new "smart card" will contain "enhanced security" and replace 17 existing cards for Medicare benefits, family tax, child-care and unemployment payments, pensions, Austudy and pharmaceutical and transport concessions....

The card will also be used to check identities for immigration and security purposes and to crack down on fraud. Its embedded computer chip will include a photograph, number, signature, date of birth and address.

I knew that Harvard was critical to get involved in the discussion so when I found out about the conference on Internet and Society I flew out there specifically to talk at length with John about what Identity Commons and i-names. We had a great meeting in the Charles hotel for about two and a half hours. I also on that trip spoke at length with Paul and Mary.

Then when we were out at PCForum for a pre-Forum identity gang. John couldn't make that but got there late in the day. I set up a breakfast meeting with Owen Davis, Drummond Reed and John Clipppinger to talk about identity matters including how to get support from the big players for the kind of research and dialogue needed to address the social concerns. It seems the subsequent conversations went well and they secured some funding.

So...Doc that is part of the story about how John Clippinger and the Berkman Center got involved in the identity conversation.

I found a retreat to go on at Manzanita Village for 10 days. I was not quite thinking it would be about 6 1hour+ sits each day - this with meals and a work shift left little time for myself. All that meditating and eating in silence was GREAT though. Of course they didn't mention Christmas at all (Even though I was there for Christmas) but we did all 8 nights of Hanukkah and 7 of Kwanzaa. I should add that not mentioning Christmas at all was sad for me - I generally think of myself as a happy Episcopalian and I get tired of inter-religious meaning 'everything but christianity' in California.

I got thinking about our community around identity while there because there was several non-binary-gender choice folks who were also meditating. Are we going to build identity systems that are inclusive of non-binary gender choices?

I sat beside a young Transwoman named Hanah, beside her was a woman named Fred who by the end of her stay was wearing a bright orange button that said I might be transsexual. There was a Transgender Man named Jaran. It is not to surprising that there would be some transgender folks at the treat because Caterian Reed one of the Dharma teachers there is a Transwoman. In the end sitting there meditating - people are just people.

It is good to be back now. Everything is moving just a bit slower. I am breathing more consciously and overall refreshed. I just did a sidebar revamp that includes events that I am going to or might go to all the way to October (you have to scroll down to get it).

Technorati Tags: Drupal

The recent leak revealing Santa Claus to be "your mommy and daddy" has been linked to President Bush's senior political adviser and deputy chief of staff Karl Rove.

"If this devastating leak, which severely undermines the security of children everywhere and has compromised parent-child relations, came from the highest levels of the White House, that is an outrage," said former Bush counterterrorism adviser and outspoken Bush Administration critic Richard Clarke.

The identity of the mythical holiday gift-giver, previously known only in grown-up circles, was published in the popular Timbertoes cartoon in the December issue of Highlights For Children. Jean Abrams, a conservative firebrand known to have close ties to Bush appointees in the Department of Education, revealed "Santa" to be a code name for anonymous parental gift-giving.

It is a political economy thriller (my favorite kind). It touches on a range of the complex issues of today's world.

• A web of entrenched oil interests
• US interest in energy reserves and the rise of China
• Secret operations 'in American interesAmerican interest'
• The lack of economic opportunity for the "youth buldge" coming of age in the Arab/Muslim world with no hope of a good job there for no hope of getting married and having "a life."
• The intense living conditions of migrant workers throughout the middle east.
• How corporate acquisitions and flexibility affects peoples lives - 'letting them go.'
• When work disappears and religious "institutions" become appealing life options leading to young men willing to kill themselves for 'the true faith.'
• When emir's pick their successor based on the preference of Texas oil firms, their law firms and American 'government interest.'
• When flights flying far above and missiles can take out the one car with the one guy they don't want around any more.

Identity arises again and again. I am going to write more about this after I see it a third time today.

Daniel Solove has a great book out about digital identity and the challenges that we face today with it. He likens the situation we face with our digital dossiers to that of The Trial as opposed to they typical Orwellian metaphor - often apt but not the only applicable one. This reality is all to familiar for those trapped in the hall of mirrors called the 'No Fly List.' .....

Sarah Zapolsky was checking in for a flight to Italy when she discovered that her 9-month-old son's name was on the United States' "no fly" list of suspected terrorists.

"We pointed down to the stroller, and he sat there and gurgled," Zapolsky said, recalling the July incident at Dulles International Airport outside Washington, D.C. "The desk agent started laughing...She couldn't print us out a boarding pass because he's on the no-fly list."

Zapolsky, who did not want her son's name made public, said she was initially amused by the mix-up. "But when I found out you can't actually get off the list, I started to get a bit annoyed."

She isn't alone.

According to the Transportation Security Administration, more than 28,000 people have applied to the TSA redress office to get on the "cleared list," which takes note of individuals whose names are similar to those on the terrorism watch list, but even getting on that list does not guarantee an end to hassles related to the no-fly list.

The TSA does not reveal how many or which names are actually on the list, and complaints do not get names removed, since those names are also those of suspected terrorists. The best that innocent travelers can hope for is a letter from the TSA that it says should facilitate travel but is no panacea.

In addition to babies, the victims of mistaken identity on the no-fly list have included aging retirees and public figures such as Democratic Sen. Edward Kennedy of Massachusetts, Republican Rep. Don Young of Alaska and Democratic Rep. John Lewis of Georgia.

"It's a significant problem," said Brenda Jones, the spokeswoman for Rep. Lewis, who travels by plane at least twice a week. She said the congressman had written to the TSA, but "he is still on the no-fly list, and the problems persist."

Secretive list
While the number of suspected terrorists on the list is unknown, aviation sources estimate that it includes tens of thousands of names, if not more.

TSA spokesman Christopher White said the agency has seven people working full-time on processing applications to get on the cleared list. Considering the number of applications, that works out to less than 4,000 complaints per redress officer.

"We do take the cleared list very seriously, and it's also important for us to focus on the right people. It does us no good to focus on the wrong John Doe," White said.

Cleared individuals receive a letter from the TSA saying, "we have provided sufficient personal information to the airlines to distinguish you from other individuals" but cautions that "TSA cannot ensure that your travel will be delay-free."

John Graham, a 63-year-old former Department of State official, said his TSA letter had not helped at all.

"I'm at a point now where I don't really care whether my name is on the list as a mistake, as mistaken identity or whether someone at TSA does intend to hassle me. The fact is, there's a total absence of due process," he said.

The American Civil Liberties Union calls the no-fly list system unconstitutional, saying it treats people as guilty without a trial and unfairly deprives them of freedoms. It also says the system is an inaccurate and ineffective security method.

Despite efforts by the TSA to address complaints and concerns about the no-fly list, ACLU attorney Reggie Shuford said very little had changed to improve the process.

"We continually hear from people being caught up on the no-fly list with the same frustrating experiences and inability to get off the list," he said.

Peter Johnson, a retired bibliographer at Princeton University, said travel became "hellish" after he discovered his name was on the no-fly list in August 2004.

"I'm not sure if what's behind this is an effort to simply control people or if it's largely mismanagement and poorly conceptualized programming," Johnson said, adding that a TSA official had told him that there were more than 2,000 other Peter Johnsons in the United States who reported similar problems.

Mary Hodder shared here use of identity for her video community.
Tom from Opinity shared how they are using identity for their reputation network.
Marc Canter shared his use of identity (specifically SXIP) in GoingOn across networks and communities.
Chirs Allen shared some use cases for networks where he needs identity.
I closed out by talking about the new identity commons 'clear focus.

the developers who attended expressed their interest in being there and we broke for lunch.

All had a good time and much networking happened.

Metadata isn't limited to alternative identifiers. Imagine that an XRI-identified resource is a technical manual, available as a PDF or Word document and retrievable from a variety of mirrored network locations via various protocols. In a broad sense, the manual is the same document irrespective of where it is located, how it is retrieved or in what format it is represented. XRIs are ideally suited for identifying resources at this level of abstraction because the resolution process lets the consuming application choose the best network location, retrieval method and file format for its needs from the available options.

Like URIs, XRIs are composed of an authority portion and a path portion. XRI resolution converts the authority portion and the path portion of an XRI to an XML document called an XRIDescriptor. The XRIDescriptor describes the identified resource and the means by which the digital representation of the resource can be retrieved. By providing an additional level of in direction away from concrete instances of a resource, XRIs provide a permanent, unbreakable reference on which stable business relationships can be based.

There is a great diagram on the next page.

Technorati Tags: identity, Userinterface, usability

I have just begun to skim over the contents. Identity for this author has two primary elements Affiliations and Values. "Identity Zones" are the ways you can measure the role affiliations and values play in your life. It seems like an interesting self reflection process.

Technorati Tags: identity

These are my tags on my photos and my bookmarks. How can we get out of pattern giant identity silos buying up other services? I want an integrated Identity on the web that I manage weaving together tools and services that are useful to me not just handy cause they are in one of the mega silos.

Hopefully they will avoid the major faux-pas that happened with Flickr where they asked users to to enter a yahoo ID instead of their existing Flickr account.

Monday, December 12, 2005 9-12 noon, with lunch from 12-1

Canton Dim Sum @ 655 Folsom St in San Francisco.

Cost $20 for lunch (PLEASE RSVP HEREas the Canton Restaurant has been kind enough to give us the space if we all have lunch there, but we need an accurate count by Sunday at noon).

If you are a developer working on a application that has folks login - this is a morning for you.

Doc Searls will begin the day giving an overview of the identity landscape. He and others will answer the question:
* Why do identity systems matter when building new systems and tools?

We are bringing together a spectrum of folks who have been working on developing identity systems and tools. Identity Developers will share their work, basics and best practices to date to get started exploring integrating identity into these applications. These include YADIS, LID, Open ID, i-names/XRI, SXIP, among others.

Developers of applications who have included identity into their services and tools will share briefly how they've done it. Application developers will hear from and meet with identity developers to ask questions.

Event Info
Detailed Agenda
and RSVP here.
(sorry for the 2nd post on this blog but it finally sound.

The event starts at 9 goes to 12 with lunch after that. Cost is $20 for lunch.
It will be a very interactive event and you will get to meet all the key identity developers and an overview of options to build identity into systems.

You will need to sign up on the wiki.

Technorati Tags: identity, YADIS, workshop, XDI, XRI

I would like to ad and expand on the list. These communities coming together are diverse and have a range of needs. It is not just 'developers' coming together to code together.

• Small business owners who are building businesses based on these platforms. This community has needs to address real client needs that can sometimes be overlooked by the 'core' developers - I hope we can create a space for these real issues to be surfaced and action to be taken.
• Individual developers who work on contract for a range of projects.
• designers who have a skill set to build sites.
• User experience people who have an enourmous amount to contribute (the FLOSS Usability sprints have gone a long way to addressing the wide gap between open source and usability.)
• Project managers that pull teams together with a whole variety of skill sets.
• Folks developing platform in specific niches that have real gifts to bring the community - remember that the margins are where the really interesting things.

Face time amongst this diverse groups needs to be used to

• Develop vision about the platform - this will help the community develop consensus and confidence in the platforms survival
• Listening to emerging needs that end users and communities using those platforms and weaving those into development roadmaps
• Learning about usability and how to meet weave this into development roadmaps
• Business models for businesses? how do we make money to eat, feed those who work for us and better yet THRIVE?
• How do we share information about development we are working on? (a new module or feature that others might also need to develop)
• What are the collaborative flows that really support the core development and meet their business goals.

Technorati Tags: Bryght, Drupal, identity, nptech, Opensource, usability

Technorati Tags: DocSearls, identity

All of our clients want to have data from web-based applications (i.e. transaction processing, membership management) as well as basic forms (i.e. registration, surveys, etc.) integrate automatically with the back-end database, in our case Salesforce and potentially CiviCRM. I’d love to see you guys certify applications that are compliant with these standards and give them a stamp of approval so that we could use them for clients.

The way the agenda looks, your audience really ought to be the ‘product managers’ and execs of folks like Salesforce, CiviCRM, CivicSpace, Democracy In Action, Radical Designs, CrownePeak, everyone building add-on modules to Drupal & Mambo, the dozens of membership management software vendors, etc.

The Goal
The goal is to explain the technical aspects of XRI and XDI to potential techincal implementors of these open standards. Supporting single sign on, doing basic datasharing and other key elements like i-brokers. He will do this by articulating practical applications that he and others are building (See below). You will get to connect with others exploring using these standards and share information with them.

Who is Andy?
Andy builds enterprise software and within the last 8 months has been working on building enterprise quality applications using these tools. He articulates these standards with amazing clarity and has real experience.

When
The event begins at noon with "bring your own lunch" and the program will begin at 1 pm.

Where
It will be at ooTao's offices in Alameda. 3rd Floor, 1080 Marina Village Parkway.

Cost
FREE! (because we love you and want to offer a barrier free opportunity to learn more and join the community of implementors in a face-to-face way). All you have to do is RSVP to Justine [ justine.hirsch *at* ootao *dot* com] and come.

Agenda
This agenda and address is on the wiki and will be updated. Please go there and ad more about what you want to learn and how this 3 hours can be of most benefit to you.

There are 3 basic levels of integration, or engagement, that are possible with the evolving social and dataweb standards:

• Single Sign On
• Publish data from your system
• Consume Data Shared from other systems

We will explore these implementations in detail by reviewing these 3 use cases:

Signing in using Single Sign on:
This use case will let us set the landscape of the basic i-name infrastructure; i-brokers, service providers, xri resolution and yadis resolution.

Publishing data from a system:
Giving someone that donates money on-line a signed record of their gift.
This use case demonstrates publishing data from a system. The data is provided to the userso that they can share it with other systems as they see fit . This shows basic XDI syntax and permissioning.

Getting email addresses from a user's XDI profile:
This case demonstrates how to either use your existing database as an XDI cache or make XDI calls in place of conventional SQL calls.

Technorati Tags: Amsoft, Collaboration, identity, ootao, Planetwork, XRI, XDI

This day shaped my identity as a Canadian. We had a remembrance day service every year at school in which we did two things gracefully. Remembering what war is really like and horrible it is (and that we should not do it again ever if at all possible) and a deep honoring of those who did fight in World War One, Two and the Korean War. Veterans sell poppies (plastic ones) starting just before Halloween and the money goes towards veterans. It is the last holiday in Canada before Christmas (we have a micro version of US thanksgiving on the first Monday of October.)

We had the day off and it was not just a bank holiday but a 'real holiday' where shat down. My family often watched services on TV or went to them.

I am sad that I did not get to experience remembrance day now that I am in America - it is deep. The days that are different here are numerous and the way we honor them in Canada are part of my identity. It is interesting to watch how when the days happen and you sort of participate but not participate. They you don't have your 'own version' and elements of your identity slip away.

Just something to think about in identity land.

designing for life stages by Danah Boyde
Three critical life stages in Western culture that affect a lot of our social technologies: The first is identity formation; the second is contributive participation in society; the third is reflection and storytelling.

I was very careful to not begin my online life until I felt settled in my identity. I was an avid watcher of the web but did very little talking or writing. Always conscious that what I put out there might be there for ever.

The first things about me on the web were newspaper articles about my waterpolo career. The next was a talk that I gave while at my first job.

Now there are ever more opportunities to express oneself on the web as a young person - through online networks. How do we support the evolution of healthy identities in the digital realm and invite real participation. It was surprising to me how little the 'elders' at SVN knew about the next generation of the web. The very tools they might use to effectively reflect on the world around them and use to tell stories. I hope that I can work with them on this.

I have seen the possibility of a tool like this for a while because my sense it that right now companies are very hesitant to let someone else handle authentication to their primary 'login' (the login that a blogger uses to blog on their blog). But they are willing for the sake of the social value it brings and the easy of moving around the blogosphere let a decentralized network handle 'secondary' login to comment. I hope that others join the party in this space with tools and that there is an openness to let users choose which form of identifier they want to use.

They are all talking about how to better tether their horses to their carts. I tried to tell them about cars… They wanted to know how you tether a horse to a car...There needs to be a real paradigm shift. It’s going to take some time, and a lot of work. The glimmer of hope; there were a few people there that really got it. Together with those few people I think we can move this stuff forward by leading by example.

I got to reconnect with Ed Batista the former ED of NTEN and now Director of Attention Trust (he also is 1/2 time at Beconfire as a consultant). He specifically mentioned Eric's article about Web 3.0 looking at Identity and Web 2.0.

Simple rules create complex behavior.

Complex rules create simple behavior.

He wowed the audience because he treats presentation as performance art just like R0ml, Doc, Lessig and Dick do. After the NTEN national conference last year on his recommendation I went to see Tufte's workshop on the visual display of information. It was great. This weekend when I presented twice I incorporated one of his techniques "the black screen". The audiences loved the talks and it was fun to energize see an energized audience.
Talk began by highlighting that social networks are not new...they are family friends and college room mates. They are increasingly stretched because new communications tools help us stay connected over distance better then ever before (The high-school to College IM phenomena.).

How do you scale when social networks show up to your issue? If 10,000 folks showed up for 10 min what could they do for you?

There were 5 core elements that he invited us to look at

Strong Social Ties - we are overwhelmed by information so the information we are most likely to pay attention to will come through our social network.

Rich Communications Grid - how do you communicate with others.

Common Story - the core 10%t hat share story they do 90% of the work.

Shared Resources - working together these networks are bossless but leader-full.

Clarity of Purpose - this emerges as the above fall into place

Attention Trust - You Own: Yourself; Your data; Your attention.

Your Rights: When you give your attention to sites that adhere to the AttentionTrust, these rights are guaranteed.

Property: You own your attention and can store it wherever you wish. You have CONTROL.

Mobility: You can securely move your attention wherever you want whenever you want to. You have the ability to TRANSFER your attention.

Economy: You can pay attention to whomever you wish and receive value in return. Your attention has WORTH.

Transparency: You can see exactly how your attention is being used. You can DECIDE who you trust.

Dumbest thing said on the stage:
Bary Diller dismissed the idea that citizens with blogs and video editing software were major threats to the entertainment industry. "There is not that much talent in the world," Diller said. "There are very few people in very few closets in very few rooms that are really talented and can't get out." "People with talent and expertise at making entertainment products are not going to be displaced by 1,800 people coming up with their videos that they think are going to have an appeal." (this is excerted from Andreas Duss)

To top it off it was Echoed by Vinod Khosla the next day. I guess the big boys don't really get it - it is like . The cool kids do so...watch out.

Reminds me of this story about denial that I just read in FAST COMPANY (one of my FAVORITE magazines)

Jon Wilkins had just finished telling a room of 100 or so of his peers that their industry is institutionally incapable of giving clients the smartest ideas. How ad agencies and media agencies that decide where ads run are built like factories, focused on one output (and that output is their handcuff). How a new model needs to emerge, one that can provide unbiased advice to marketers.

"You're saying everything's changing and it's not."

Before Wilkins could respond, one of his clients intercepted the challenge. "I used to kid myself I wasn't going bald," said Mark Finney, the clearly hairless head of media for Orange, Europe's third-largest wireless carrier. "I'd pull my hair forward, I'd cover it over this way, I'd look in the mirror and think, It's never going to happen to me. Then suddenly I started realizing I looked really stupid. . . . I hate to say it, but Jon's right and you're wrong. You're covering your baldness, and at a certain point, you're going to look stupid."

Future Assertion of Note:
Mary Meeker talked about the future of looking for stuff.
Search, Find, and Obtain so that there will be little difference between Marketing, Advertising and Selling.
Her presentation is full of numbers worth checking out.

Acquisitions of Note:
Weblogs Inc was bought by AOL (the deal closed in July just announced though)
Upcoming.org was bought by Yahoo

Alliance of Note:
Sun - Google (comments by Johnathan CEO of Sun)

Rumor of note:
Microsoft buying AOL
Notably Absent:
Discussion of the open source platforms like Drupal that are major parts of Web 2.0 (the people collaborating) and the communities of developers and small businesses around them. I guess cause they are open source and they don't have thousands to shell out the Tim and John they don't rate. Hopefully we can do a conference with the cool kids building open source ecologies.

Here is the opening....

There were many who thought that an identity solution would emerge to support single sign on (SSO) shortly after the Web's emergence in 1994. An SSO solution has proven very elusive. Solving internet identity management, creating an efficient, reliable ecosystem, is often alluded to as "The Holy Grail." One of the reasons for this elusiveness is the fact that identity is no small matter. It lies at the core of who we are as social beings. There are many ways to think about what identity is, such as: how we define ourselves (self-assertions), how others see us (facts about us), and what others think about us (our reputation).

When tackling the problem of representing these elements, the first challenge is settling on a protocol used in a system that is flexible and broad enough to encompass the enormously wide range of ways people around the globe use and define identity. Identity protocols are not like TCP/IP--simply just connecting two machines. While reading Protocol: How Control Exists After Decentralization, I came across this quote that summed up the challenge. "Protocol is synonymous with possibility ... Protocol outlines the playing field for what can happen, and where. If one chooses to ignore a certain protocol, then it becomes impossible to communicate on that particular channel. No protocol, no connection." The edge use cases must be considered carefully so that they are included within the protocol's possibility landscape. The inherent complexity of this next identity layer of the Net is one of the reasons it has yet to successfully emerge.

We've built an online service (or Playground, as we like to call it) for building and using social applications. Social "apps" are web applications that enable people to match, transact, and communicate with other people.

Should be very interesting to see what gets built on this "playground." It also seems like a good place for XRI/XDI and perhaps also reputation for the different participating folks.

Meanwhile, startups like Sxip are exploring the potential of federated identity, in quest of a kind of "distributed 1-click" that will provide a seamless Web 2.0 identity subsystem...While the jury's still out on the success of any particular startup or approach, it's clear that standards and solutions in these areas, effectively turning certain classes of data into reliable subsystems of the "internet operating system", will enable the next generation of applications.

A further point must be noted with regard to data, and that is user concerns about privacy and their rights to their own data. In many of the early web applications, copyright is only loosely enforced. For example, Amazon lays claim to any reviews submitted to the site, but in the absence of enforcement, people may repost the same review elsewhere. However, as companies begin to realize that control over data may be their chief source of competitive advantage, we may see heightened attempts at control.

Much as the rise of proprietary software led to the Free Software movement, we expect the rise of proprietary databases to result in a Free Data movement within the next decade. One can see early signs of this countervailing trend in open data projects such as Wikipedia, the Creative Commons, and in software projects like Greasemonkey, which allow users to take control of how data is displayed on their computer.

I hope that Identity Common's who's founding principles assert this Freedom loud and clear can lead the way on this.

Users must be treated as co-developers, in a reflection of open source development practices (even if the software in question is unlikely to be released under an open source license.) The open source dictum, "release early and release often" in fact has morphed into an even more radical position, "the perpetual beta," in which the product is developed in the open, with new features slipstreamed in on a monthly, weekly, or even daily basis.

Lightweight Programming Models
There are several significant lessons here:
Think syndication, not coordination. Simple web services, like RSS and REST-based web services, are about syndicating data outwards, not controlling what happens when it gets to the other end of the connection. This idea is fundamental to the internet itself, a reflection of what is known as the end-to-end principle.

It's easy to see how Web 2.0 will also remake the address book. A Web 2.0-style address book would treat the local address book on the PC or phone merely as a cache of the contacts you've explicitly asked the system to remember. Meanwhile, a web-based synchronization agent, Gmail-style, would remember every message sent or received, every email address and every phone number used, and build social networking heuristics to decide which ones to offer up as alternatives when an answer wasn't found in the local cache.

I mention the founding of Virtual Rights to address this new era of personal representation online. I share what inspires me how we can use these tools to empower us as citizens.