The Field Guide to Identity: Identifiers, Attributes, Names and More. Part 1 Intro + What is Identity

This paper is still being worked on. I submitted it to the 2014 ID360 Conference hosted by the Center for Identity at the University of Texas at Austin and was sent to present it there until I had to back out because I was still sick from attending the NSTIC meeting in San Jose 2 weeks before. Another version will be submitted for final publication – so your comments are welcome.

Introduction

I was attending a day long think tank called Forces Shaping the Future of Identity hosted by the Office of the Director of National Intelligence and facilitated by the Institute for the Future. A man in the audience pipped up “Are we going to Define what we mean by Identity?” I smiled :).  One can’t go very far in a conversation about identity before someone asks “that” question. It always is asked when space is opened up to discuss the topic.
I have been engaged with communities of technology professionals and with forward looking civil society organizations circling around the question what is Identity for over 10 years. The simple one-liner comprehensive definition that I use is Identity is socially constructed and contextual. However it’s just one line.  This paper is a Field Guide covering core concepts along with a visual language to represent them so we can talk about it in a meaningful way across the whole lifecycle from cradle to grave, both online and off and in other times.  It builds on the model we used for the Field Guide to Trust Models that I co-wrote last year for the ID360 Conference.

Part 2: Names, Part 3: Identifiers  Part 4: Name Space, Attributes and Conclusion.

This is Part 1:

What is Identity?

Identity is socially constructed and contextual.

Our sense of self arises first from our social interactions with our family of origin.  Humans are unique animals in that 80% of our brain growth happens outside of the womb in the first three years of life. Our family of origin is within the context of a community and in this age broader society that ultimately reaches to be global in scope.
The names we have, identifier systems, attributes that are articulated all depend on our context and from there the social constructions that define these.

Sense of Self

We are told who we are by our family – they give us a name and share with us who we are.

When does it begin? When people recognize you?

When are we recognized as a person?  Different cultures have different traditions.
I have had a connection with the 3HO Sikh community. When a woman is 120 days pregnant there is a celebration to welcome the spirit of the child into the community. Women who give birth in that tradition stay at home and don’t go out for 40 days after the child is born.

Self as a Part of Something Greater

We are defined by who we are connected to. Our identities as part of something greater. Children seek to understand their environment to understand where they fit in. An example from my childhood is one my first memories.  I remember a Canada Day Celebration we attended in Hastings Park. Being Canadian is to be mutli-cultural. The day had different ethnic communities performing on a stage different folk dances while dressed in traditional dress. At some point they handed out Canadian flags on 30 centimeter (12 inch) flag poles with a stand made out of shiny gold colored plastic in a box. It symbolizes this point in time where I understood myself to be part of something bigger to be part of the nation I was born in along with understanding some key values.

Projection of Self

We begin to understand who we are by projecting ourselves into these contexts we find ourselves and learning from the response – shaping ourselves.
There is an African saying/word –  Ubuntu – I am because you are. We are the authors of each other.

Context of Observation

The context of observation matters for shaping our identities. It defines the scope of our freedom expression our ability to make choices about context.
There are three different types of observation that are quite different.

Being Seen – a mutual act. I see you, You see me. We see each other.

Being Watched – this is where one is observed but it is not known by the observee. However it is known to the observee that they might be watched for example walking down one’s street, one knows that one could be seen by any of one’s neighbors looking out their window. One also knows that being inside of one’s own home prevents one from being watched. When walking into a store one knows that the storekeeper will see us, watch us in the store and we know that when we leave the store they will not be able to watch us. When we return to the same store they will likely recognize us (because we are returning in the same body) and know something about us based on prior interactions. In time a relationship of knowing might develop.
It should be noted that our bodies in physical space give away attributes about us that we can not proactively hide. Because we live in a society that is full of implicit bias the experiences of different types of people is different in the world.  Banaji’s work on implicit bias is a starting point. Following the Trayvon Martin verdict the president gave a speech where he said that before he was president he regularly was shadowed while shopping in stores because he was stereotyped. My partner had this happen to him this fall while shopping at Old Navy and it was not the first time.

Being Stalked – This is what happens when the watching shifts from an appropriate happenstance window of time. To watching over time and space – to following and monitoring our behavior without our knowledge.

Self in Small Society

I have often heard it said that with the advent of what appears to be ubiquitous digital identity and the fact that we can be “seen” is just like it was when we lived in small societies.

In small societies it is said that there is no privacy – everyone knows everyone’s business. Their is another layer there is a relational human connection that weaves the people in this context together.

They know each other, they can understand when they are seen and know they are being watched as the move about town.

In a a small society you also know when you are not being watched when you are in your own home with your blinds drawn.

A mesh-network of relationships that form over life and inter-generationally that inform identity and role in the society.

Self in Mass Society

The self of is shaped by living in a mass society.

We developed systems using the technology of paper and bureaucratic record keeping of the state as way to give abstract identity to citizens to provide them services. This began first with the pensions given to civil war veterans. In the 1930’s a system was developed to support people paying for and getting Social Security benefits. The advent of cars as machines that people operate gave rise to the development of licensing of people to be able to drive the vehicles. These all assigned people numbers by the state so they can present themselves to the state at a future time and be recognized. It is vital to remember that we are not our government issued paperwork. We are people with our own identities, our own relational lives in our communities. We must not mistake how identity in mass society operates for what it is a system, a set of technologies to manage identity in mass society.

Self in Communities

Communities provide the middle ground in between the Small Society and Mass Society modalities of Identity. Communities of interest, communities of practice and geography give us the freedom to move between different contexts and develop different aspects of ourselves. This type of contextual movement and flexibility is part of what it mean to live in cities and particularly large cities. Where people in one context would not necessarily share other contexts. The freedom to move between different contexts exists in the digital real. The internet enabled those in more remote locations to also participate in communities of interest and practice well beyond what they could access via their local geography. We need to work to ensure the freedom to move between communities is not implicitly eroded in the digital realm. One key way to do this is to ensure that people have the freedom to use non-corelateable identifiers (pseudonyms) across different contexts they do not want linked.

Self in relationship to Employers

The power relationship between an employee and an employer is quite clear. The employer does the vetting of potential new employees. They are hired and given access to the employers systems to do work for them. When the employee was no longer working for a company because of any number of reasons – retirement, resignation, termination – the employer revokes the employees ability to access those services. This power relationship is NOT the same of an individual citizen’s relative to their government or the power relationship of a person relative to communities they participate in. In both cases the person has an inherent identity that can not be “revoked”.

Power and Context

The Self in a Small society is embedded in a social mesh one can not escape. There is no “other place” and one is defined in that society and because it is so small one can not leave.

The self in a Mass society is in a power relationship with the state. Where one has rights but one also must use the identification system they issue and manage to interact and connect with it.

The self in community gets to navigate a myriad of different ones each with its own social constructions and how power operates and flows within it. (egalitarian, religions, social) communities, work places (traditional owner, worker | worker owners | holocracy).

Abstraction

The start of all our conversations about people’s identity comes from being embodied beings. The beauty of the digital realm is that we can abstract ourselves from our bodies and via digital identities interact via digital media. This gives us the freedom to connect to communities beyond those we could access in our local geographic location.

Atoms and Bits

Atoms and Bits are different. The difference between them is still not well understood.

  • “Atoms” Physical things can only be in one place at one time.
  • “Bits” Can be replicated and be in two or more places at once.

Physical Body

Atoms – We each have only one physical body. Our physical bodies can only be in one physical place at once. It is recognizable by other humans we meet and interact with. Because it is persistent we can be re-recognized and relationships can grow and evolve based on this. When we move between contexts in physical space – we can be recognized in different ones and connections made across them. We also have social norms, taboos and laws that help us maintain social graces.

Digital Representation

Bits – When we create digital representations of ourselves we get to extend ourselves – our presences to multiple places at the same time. We can use a digital identity that is strongly linked to the identity(ies) and contexts we use/have in the physical world. We also have the freedom to create a digital representation that steps out of the identity we occupy in the physical realm.

We can be an elf or an ork in a online game.
We can cloak our gender or choose to be a different gender.
We can cloak our race or choose to be a different one when we represent ourselves online.
We can interact on a level playing field when in the physical realm we are confined to a wheel chair.

These identities we create and inhabit online are not “fake” or “false” or “not real”. They are representations of the self. The digital realm is an abstraction and gives us the freedom to articulate different aspects of ourselves outside of the physical world.

Digital Dossier

In the digital realm because it is en-coded means that our our movements around digital space leave trails, records of the meta-data generated when we click, type, post a photo, pay for a song do basically anything online. We leave these behind and the systems that we interact with collect them and reconstruct them to develop a digital dossier of us. This behavior if it happened in the world of atoms in the physical space would be considered stalking. We have a stalker economy where our second selves are owned by corporations and used to judge us and target things at us.

Power in Space & Relationships

The freedom of people to transend aspects of identity from the physical world is disruptive to some of default power dynamics.

Disrupting Privilege

The push back against Google+’s requirement for the use of “real names” was lead by women and others who use the freedom of the digital realm to step out of the bias they experience in the physical world.

The people who were pro-real name were largely white men from privileged positions in the technology industry and implicitly through the support of the policies wanted the default privileges they enjoyed in the physical realm to continue into the digital.

Shape of Space

In the physical world we understand how different physical spaces work in terms of how big they are, how many people are in them, what the norms and terms and conditions are. We know that based on these we have a social understanding.

The challenge in the digital world is that the space is shaped by code and defined by the makers of the contexts. These contexts can change at their will. As has happened repeatedly with Facebook’s changing settings for who could see what personal information. This instability creates mistrust particularly by vulnerable people in these systems.

The commercial consumer web spaces currently have a structure where they collect so much information about us via their practices of stalking us digitally. They have enormous power over us.

The Field Guide to Identity: Identifiers, Attributes, Names and More. Part 2: Names

This paper is still being worked on. I submitted it to the 2014 ID360 Conference hosted by the Center for Identity at the University of Texas at Austin and was sent to present it there until I had to back out because I was still sick from attending the NSTIC meeting in San Jose 2 weeks before. Another version will be submitted for final publication – so your comments are welcome.

Part 1: Intro + hat is Identity?   Part 3: Identifiers  Part 4: Name Space, Attributes and Conclusion.

This is Part 2:

Names

Names are what we call ourselves and what others call us. They are a special kind of identifier because they are the link between us and the social world around us. We present ourselves using names so people know how to refer to us when talking to others or call us when they are talking to us. They convey meaning and have power.

Digital devices can also have names are defined by the administrators of these devices. Places have names given to them by people in a given context these help us refer to a geographic location. It should be noted that the names first nations (indian or native american) people had for places are different then the ones that the American’s colonized their land used.

Given Names

These are the names our parents give us when we are born. In America we have a naming convention of a first name and last name. This convention originates from ___ when states were seeking to impose control.

Name structure in various cultures

Different cultures have very different naming conventions. In Hong Kong their is a convention of an english first name written in English and a Chinese character written last name. In Mayanmar everyone has a first name.

Meaning in Wisdom Traditions

Different wisdom traditions ascribe different ways to interpret and ascribe meaning in names.

NickName

These arise when people start to refer to us by a different name then the name we might give ourselves. We can take these on and they can become our name. They might arise from our families, from school, from sports teams, social clubs, work places. In these different contexts, the name that we are referred to may have nothing to do with the name our our birth certificate and the people using the name to refer to us.

Name on Government Issued Paperwork

We have a convention in the liberal west of registering names with the state. This originated out of several practices in the last several hundred years. One key aspect of this is to both provide services to citizens but also to control citizens.

Pen Name / Stage Name

A name used by artists for their artistic expression and authorship. It does not match the name on government issued paperwork and is often used to obscure the link between such authorship and government paperwork names so that they are free to express themselves artistically.

Autonym

A name that one uses to refer to themselves. An example is that when Jorge Mario Bergoglio became pope he chose to become Pope Francis.

Pseudonym

A name that one uses to interact in various contexts that may be linked one’s name on one’s government issued paperwork. Bob is clearly linked to the name Robert or Barb to Barbara or Liz to Elizabeth on government issued paperwork. It is important to note that many non-european languages also have examples of these.

Mononym

This is name consisting of a single word. Examples include Stilgarian and Sai. Madona or Cher are examples of Pseudonymous, Mononym, Stage Names

Handle

A name that one uses to represent ones digital identity in online contexts. It arose in computer culture when people needed to have a user name within a computer system. This is closely related to Screen names.

Screen Name

The name that one chooses to have displayed on screen. In a system like World of Warcraft the service knows identity information of their clients who pay monthly to access their service. They choose to support those player presenting to the other players on the system and forums a “screen name” that reflects their gaming persona or character name.

Name Haystack

Different Names have different qualities of hiding in the haystack of the similar or the same names. Some people have huge name – haystacks where tens of thousands people have the same name – Mike Smith, Joe Johnston, Mohamed Husain, Avi Blum, Katherine Jones. Mike Garcia who works for NIST said that there were 17 different Mike or Michael Garcia’s. People use pseudonyms to help manage the fact that name-haystacks exist making them more or less identifiable depending on the size of theirs.

Roles

RBAC – Roll Based Access Control is based on managing the rights and privileges for digital systems based on roles. When a person gets a role assigned to them the inherit the privileges.

Community groups also have different roles that might have . Earn role from getting a degree.

Titles, Given and Created

There is a history of titles being pasted down.

Eastern Wisdom Traditions pass them down from guru to student creating lineage’s.

I have had conversations with friends about who the next “Identity Woman” might be. This identity that I have constructed to hold an aspect of my self – work focused on people’s rights around their digital selves. I could see at some point handing this identity over to someone else who wants to continue the torch over.

Collective Single Identity

Theses identities are co-created by two or more people. They are managed and maintained and people jointly act together to create a persona.

 

 

 

The Field Guide to Identity: Identifiers, Attributes, Names and More. Part 3: Identifiers

This paper is still being worked on. I submitted it to the 2014 ID360 Conference hosted by the Center for Identity at the University of Texas at Austin and was sent to present it there until I had to back out because I was still sick from attending the NSTIC meeting in San Jose 2 weeks before. Another version will be submitted for final publication – so your comments are welcome.

Part 1:  Intro + hat is Identity?   Part 2: Names   Part 4: Name Space, Attributes and Conclusion.

This is Part 3:

Identifiers

For people Names are a special class of Identifiers. They are both self-asserted by people and are used to refer to them and acknowledge them in social context.

System Identifiers

In systems, bureaucratic, digital and techno-bureaucratic identifiers are alpha numeric string pointers at/for people in systems.

This may seem simple but their are many different types and a person with a record in a system will likely have more then one type. To get these different types of identifiers I will share different examples.

Persistent Correlateable Identifiers

This type of identifier is re-used over time within contexts and across multiple contexts.

Examples

Student Number - When I enrolled at my university I was assigned an 8 digit student number. This number was persistent over my time as a student at the school. When interacting with school institutions I was asked to share this number so that activity could be linked together across different facets of the institution.

Social Security Number – This number is issued by the federal government to those born in the US as part of the standard process for being born. It is meant to help those who submit money to the SSN system and when they retire be able to collect money from the system.

Phone Number - People today often have a personal number that they use across many different contexts. It is common place to ask for a phone number to be able to contact a person. What people don’t know is that those are used to look people up in data broker services. The phone number is used to link together activity across contexts.

E-mail Address - Many people have one personal address and use it These are often used across different contexts. What people don’t know is that those are used to look people up in 9data broker services like RapLeaf.

Directed Identifiers

A directed identifier is created to support individuals using different identifiers in different contexts. The purpose of this is to inhibit the ability to link records across contexts.

Examples

The British Columbia eID System – This system enrolls citizens and issues a card to them. When the card is used to access different government systems by the citizens. It does not use one identifier for the citizen. Rather for each system it uses a different identifier for the system – an identifier directed for a particular system.

Defacto Identifiers

By combining a name names, and key attributes together systems use this combination to create a defacto identifier which uniquely identifies a person often in the context of a whole society. An example is the us of “name” “birth date” and “birth place”. It seems innocent enough to be asked for one’s name, birthdate and place but this becomes a persistent correlateable identifier to link and track activity across many systems. The creation of defacto identifiers that are persistent and correlateable limits people’s ability to control how they present in different contexts.

Opaque Identifiers

An opaque identifier is one that does not give away information about the subject it identifies.

Examples of Opaque Identifiers

The BC Government eID program has at its core an opaque identifier on each card – it points to their card record. It is just a number with no meaning. If they loose their card a new opaque identifier is issued for their next card.
Examples of Non-Opaque Identifiers

National Identity Number in South Africa contains a lot of information it is a 13-digit number containing only numeric characters, and no whitespace, punctuation, or alpha characters. It is defined as YYMMDDSSSSCAZ:

  • YYMMDD represents the date of birth (DoB);
  • SSSS is a sequence number registered with the same birth date (where females are assigned sequential numbers in the range 0000 to 4999 and males from 5000 to 9999);
  • C is the citizenship with 0 if the person is a SA citizen, 1 if the person is a permanent resident;
  • A is 8 or 9. Prior to 1994 this number was used to indicate the holder’s race;

• Z is a checksum digit.

The US Social Security Number is created via a formula and so the number gives away information about the person it identifiers.

Phone numbers give away information about the metro region that a person was issued the number from.

End-Point

Some identifiers that represent people are also end-points to which messages can be sent.

Physical Address

It is often forgotten in conversations about digital identity that we had a system of end-points for people before networks known as a mailing address. They system of mailing addresses was developed and is maintained by the US postal service.

Network Address

Phone Number – Now with cellular phones people have their own phone numbers (not just one for a household or their workplace as a whole). This permits both voice calls being made, text messages and MMS Multi-Media messages. The name space for phone number originates from the ITU-T. They are globally unique. They are also recyclable.

E-mail Address – These addresses permit people to send messages to the address they have. They are globally unique. The name space for domain names resides with ICANN. They are also recyclable.

Device Identifier

Many digital devices have unique identifiers. Activity on digital networks can be linked together by tracking these activity originating from particular devices even if people using them .

Non-End-Point

These are identifiers that do not resolve in digital or physical networks.

Document Identifiers

Documents like birth certificates have serial numbers that identify the document.

Document Validation Systems

These systems are used to look up which documents are infact valid. When properly constructed they don’t give away any information about the person. Those using the system type in the serial number of the document and information it contains and the system simply returns a Yes/No answer about weather it is valid or not.

Beacons

A beacon actually broadcasts from a digital device a persistent correlateable identifier to any device that asks for it. It creates a form of tracking people and their devices in the physical world.

Examples

RFID chips, cellular phones, laptop computers

Polymorphic

These systems generate different identifiers depending on context.

Examples

The BC eID system way of using one card that then supports the use of different identifiers depending on context.

Time Limited & Revocable

Some identifiers are created and point at a person but are revocable. An example is a phone number that is after one stops paying one’s phone bill for a month is re-assigned to another person. An employee at a company may have an employee number that is revoked (no longer valid) once employment is terminated. A passport number is an identifier that has a time limit it is good for 5 or 10 years. A landed immigrant card (green card) in the US is only good for 10 years.

Un-Revocable

These identifiers are persistent and are not revoked. Examples include Social Security Numbers.

Identifier Issues

Identifier Recycling

Some identifiers are in systems where identifiers that point at one person can be discontinued (they stop paying their phone bill or using their e-mail address) and then the identifier can be re-assigned to a different user.

Delegation (Acting on Behalf of Another)

This functionality is critically to a variety of user populations. Elders who want to delegate access to their accounts children. Service professionals who have contractual relationships with clients such as an accountant managing access to financial & tax records. Most systems are designed with an assumption that people themselves are the only one accessing accounts. This creates a problem when people want to delegate access they have to turn over their own credentials so the person they are delegating to “pretends” to be the actual user.

Stewardship (Care-Taking – Oversight)

Their is another role that is slightly different then delegation when someone turns over a power of attorney like function for a particular account/set of functions. Stewardship of identity is the type of relationship a parent has for a child’s identity or the type of care needed to help the mentally disabled with their interactions online.

The Mesh of Pointers

We end-up with a way that identifiers work together as a web of pointers towards a particular individual.

The Field Guide to Identity: Identifiers, Attributes, Names and More. Part 4: Name Spaces, Attributes, Conclusion

This paper is still being worked on. I submitted it to the 2014 ID360 Conference hosted by the Center for Identity at the University of Texas at Austin and was sent to present it there until I had to back out because I was still sick from attending the NSTIC meeting in San Jose 2 weeks before. Another version will be submitted for final publication – so your comments are welcome.

Part 1: Intro + What is Identity?   Part 2: Names   Part 3: Identifiers

This is Part 4:

Name Spaces

Different identifier systems work differently some originate from physical space and others operate purely in the digital realm.

Local

A great example of a local name space in the physical world is a school classroom. It is not uncommon in american classrooms that when there is a name space clash – that is two people have the same name in the same space – they take on different names to be identifiable within that context. Take for example those with the names “Stowe” “Fen” and “Chris” – each is one part of the name Christopher : Chris – Stowe – Fer. When they were in grade school each took on a different part of the name and it stuck with them.

Global

These names spaces mean that identifiers within them are unique and global. Phone numbers, domain names and thus e-mail addresses.

Private

Some private name spaces seem like global name spaces but they are run by private companies under privately decided terms and conditions. Examples include skype handles, twitter handles,

International Registry

These are identifiers in a global space that are registered and managed globally an example is domain names.

Attributes

Self Asserted

These are attributes that people self defined. They include things that are subjective like “favorite color” or “name”

Inherent

These arise from the individual and typically do not change (such as birth date) and are not as morphable. Sex and ethnic identity are things that people have and display in the physical world that don’t (typically) change throughout one’s life.

Ascribed

These are attributes that are given to us by others or by systems. This may include names that are imposed on us by social convention and or power relationships.

Assigned

These are attributes that are given to us by others or by systems.

Examples:

Social Security Numbers are assigned by the Social Security Administration.

Conclusion

Identity is a big topic and outlining the core concepts needed to understand it was the purpose of this paper. We need to think about how the systems that manage identity are structured. Are they designed to have power over people, supporting people having power with one another or enabling power to be networked between us to create something greater then ourselves. These questions are relevant across the whole life-cycle of identity from cradle to grave.

Core Concepts in Identity

One of the reasons that digital identity can be such a challenging topic to address is that we all swim in the sea of identity every day.  We don’t think about what is really going in the transactions….and many different aspects of a transaction can all seem do be one thing.  The early Identity Gang conversations focused a lot on figuring out what some core words meant and developed first shared understanding and then shared language to talk about these concepts in the community.

I’m writing this post now for a few reasons.

There is finally a conversation about taxonomy with the IDESG – (Yes! after over a year of being in existence it is finally happening (I recommended in my NSTIC NOI Response  that it be one of the first things focused on)

Secondly I have been giving a 1/2 day and 1 day seminar about identity and personal data for several years now (You can hire me!).  Recently I gave this seminar in New Zealand to top enterprise and government leaders working on identity projects 3 times in one week.  We covered:

  • The Persona and Context in Life
  • The Spectrum of Identity
  • What is Trust?
  • A Field Guide to Internet Trust
  • What is Personal Data
  • Market Models for Personal Data
  • Government Initiatives Globally in eID & Personal Data

[Read more…]

Recent Travels Pt1: IIW

IIW is always a whirlwind and this one was no exception. The good thing was that even with it being the biggest one yet it was the most organized with the most team members.  Phil and I were the executive producers. Doc played is leadership role.  Heidi did an amazing job with production coordinating the catering, working with the museum and Kas did a fabulous job leading the notes collection effort and Emma who works of site got things up on the wiki in good order.

We had a session that highlighted all the different standards bodies standards and we are now working on getting the list annotated and plan to maintain it on the Identity Commons wiki that Jamie Clark so aptly called “the switzerland” of identity.

 

 

 

 

 

 

 

 

 

 

We have a Satellite event for sure in DC January 17th – Registration is Live.

We are working on pulling one together in Toronto Canada in

early February, and Australia in Late March.

ID Collaboration Day is February 27th in SF (we are still Venue hunting).

I am learning that some wonder why I have such strong opinions about standards…the reason being they define the landscape of possibility for any given protocol. When we talk about standards for identity we end up defining how people can express themselves in digital networks and getting it right and making the range of possibility very broad is kinda important.  If you are interested in reading more about this I recommend Protocol:  and The Exploit. This quote from Bruce Sterling relative to emerging AR [Augmented Reality] Standards.

If Code is Law then Standards are like the Senate.

 

 

 

 

 

 

 

 

 

 

 

 

Identity in the Contexts of the Future OR Participatory Totalitarianism

This is the latest from Google in their “names policy

We understand that your identity on Google+ is important to you, and our Name Policy may not be for everyone at this time.

Kinda sounds like the owners of stores in the south who said their stores were not for everyone especially black people who didn’t have skin color they liked. It is a fundamentally discriminatory policy.  If we don’t have the freedom to choose our own names in digital space and the freedom to maintain different identifiers across different social spaces we will end up in a very creepy world…Here is my TEDxBrussels talk.

[Read more…]

Web Wide Sentence Level Annotation -> Hypothes.is

I first met Dan Whaley last spring via an introduction from Jim Fournier co-founder of Planetwork.  I was inspired by the vision he was working on building Hypothes.is -  a way to have sentence level annotation of news and other articles on a web wide scale. Really a foundation for peer review on the web. The motivation for his work is to support greater discernment of the truth around climate change and other key issues facing our society and our planet.  (Another area I could see this being really useful right now is around accountability in the financial system and ways to make that real.)

He asked me to be a part of the project as an advisor particularly around identity issues and technology options for identity.  He is taking my advice and coming to IIW this coming week.  Its an honor to be amongst other distinguished advisors like Brewster Kahle,  John Perry Barlow,  Mark Surman and others..

He has been working on a development plan and has a solid on one in place.  He has launched a Kickstarter Campaign and  stars in the video that articulates the vision of the project.  If you are inspired by the vision I encourage you to contribute.

Is Google+ is being lynched by out-spoken users upset by real names policy?

Following my post yesterday Google+ says your name is “Toby” not “Kunta Kinte”, I chronicled tweets from this morning’s back and forth with  Tim O’Reilly and Kevin MarksNishant  KaushikPhil Hunt,  Steve Bogart and Suw Charman-Anderson.

I wrote the original post after watching the Bradley Horwitz (@elatable) – Tim O’Reilly (@timoreilly) interview re: Google+. I found Tim’s choice of words about the tone (strident) and judgement (self-righteous) towards those standing up for their freedom to choose their own names on the new social network being rolled out by Google internet’s predominant search engine disappointing.  His response to my post was to call me self-righteous and reiterate that this was just a market issue.

I myself have been the victim of a Google+ suspension since July 31st and yesterday I applied for a mononym profile (which is what it was before they insisted I fill out my last name which I chose to do so with my online handle and real life identity “Identity Woman”) 

In the thread this morning Tim said that the kind of pressure being aimed at Google is way worse then anything they are doing and that in fact Google was the subject of a “lynch mob” by these same people.  Sigh, I guess Tim hasn’t read much history but I have included some quotes form and links to wikipedia for additional historial context.

Update: inspired in part by this post an amazing post “about tone” as a silencing/ignoring tactics when difficult, uncomfortable challenges are raised in situations of privilege was written by Shiela Marie.  

I think there is a need for greater understanding all around and that perhaps blogging and tweeting isn’t really the best way to address it.  I know that in the identity community when we first formed once we started meeting one another in person and really having deep dialogues in analogue form that deeper understanding emerged.  IIW the place we have been gathering for 6 years and talking about the identity issues of the internet and other digital systems is coming up in mid-October and all are welcome.  The agenda is created live the day of the event and all topics are welcome.

Here’s the thread… (oldest tweets first)

 Note all the images of tweets in this thread are linked to the actual tweet (unless they erased the tweet).  [Read more…]

Google+ says your name is “Toby” NOT “Kunta Kinte”

This post is about what is going on at a deeper level when Google+ says your name is “Toby” NOT “Kunta Kinte”. The punchline video is at the bottom feel free to scroll there and watch if you don’t want to read to much.

This whole line of thought to explain to those who don’t get what is going on with Google+ names policy arose yesterday after I watched the Bradley Horwitz – Tim O’Reilly interview (they start talking about the real names issue at about minute 24).

[Read more…]

The Trouble with Trust, & the case for Accountability Frameworks for NSTIC

There are many definitions of trust, and all people have their own internal perspective on what THEY trust.

As I outline in this next section, there is a lot of meaning packed into the word “trust” and it varies on context and scale. Given that the word trust is found 97 times in the NSTIC document and that the NSTIC governing body is going to be in charge of administering “trust marks” to “trust frameworks” it is important to review its meaning.

I can get behind this statement: There is an emergent property called trust, and if NSTIC is successful, trust on the web would go up, worldwide.

However, the way the word “trust” is used within the NSTIC document, it often includes far to broad a swath of meaning.

When spoken of in every day conversation trust is most often social trust.

[Read more…]

Ecosystem as the frame for NSTIC

What is an Ecosystem?

The National Strategy for Trusted Identities in Cyberspace paints a broad vision for an Identity Ecosystem. The strategy author’s choice to name the big picture vision an “ecosystem” is an opportunity not to be lost. An Identity Ecosystem construct will inform the choice of processes and structures appropriate to govern it.

An ecosystem is a biological environment consisting of all the organisms living in a particular area, as well as all the nonliving, physical components of the environment with which the organisms interact, such as air, soil, water and sunlight.

This definition reminds us that the context of an Identity Ecosystem is broad and goes beyond just the identities of people and devices but extends to the contexts in which they operate and interact, the network and indeed the wider world. When we discuss a person’s digital identity it should not be forgotten that we are each fundamentally biological beings living in complex social systems composed of groups, organizations and businesses, all socially constructed and embedded in a larger context, the biosphere surrounding the planet earth.

An overall Identity Ecosystem is needed because small islands of identity management online are working, but they have not been successfully woven together in a system that manages the tensions inherent in doing so to ensure long term thrivability of the overall system. [Read more…]

NSTIC Response by Identity Woman

Context for my response to the NSTIC Governance NOI

Table of Contents to Blog Posts of My Response

My Complete Response in PDF form Kaliya-NSTIC-NOI

Introductory Letter of the Response.

Context for my NSTIC NOI response

I surprised myself when writing my response to the NSTIC (National Strategy for Trusted Identities in Cyberspace)  Governance NOI (Notice of Inquiry).  I wasn’t sure exactly what I was going to say because the questions seemed like they were way ahead of where they should be interms of where things were.  I decided to begin by sharing important Context, Frames and Terms that were important before getting to the Questions of Governance and what should be done now.

I began with the word Ecosystem – what it meant and that a system was at the heart of this strategy not something simple or easily actionable.

I touched on the history of the Identity Community and how much conversation and intensive dialogue happened amongst that early community to get to a place where collaboration was natural and “easy”. A huge amount of effort went into developing shared language and understanding then and this is needed once again.  The range of self identified stakeholders for NSTIC is quite large (the range of not self identified stakeholders it could be said is everyone on the planet or at least all those with a digital connection (via phone or interent).

I put forward two different methods/tools/processes that could be used to form shared language and understanding across this stakeholder community Polarity Management and Value Network Mapping.

I suggest that the governance structure proposed a “steering group” actually have a mandate to regularly listen to and act on the recommendations of the system that are generated via 3 different well established dialogic processes (Creative Insight Council, World Cafe and Open Space Technology [What we use at IIW]. I then answer the NOI questions referencing the ideas above.

I am going to be posting the whole of my Response in a series of posts and linking them all from there.

I began with one earlier last week which is focused on “trust” both as an emergent property of the overall system AND as the current name of technology and policy/legal frameworks for identity creation.


Links to NSTIC Response Posts:

[Read more…]

India says it will be creating National ID for Citizens

I found this last night on Slashdot – it was to important not to blog about. “India to Put All Citizen Info into Central Database

Reading the article in The Independent this stood out for me

The creation of the ID or Unique Identification Number (UID) was a major plank of the manifesto of the ruling Congress Party during the recent election.

India is not a western democracy where “everyone” has papers and certificates of birth. As the article highlights

“This could be used as a security measure by the government which leaves migrant workers, refugees and other stateless people in India in limbo, without access to public services, employment and basic welfare.”

Our identities don’t come from government – they come from our social interactions and relationships.

The other issue that comes from this is “everyone in one database” is a giant honey pot.

Personal Anchors on the Web for Digital Identities

I have been evangelizing about user-centric identity on the web 5 years. I talk about the ideas with people constantly explaining and re-explaining different developments in the field, forward looking projects and visionary ideas community members talk about. I watch what I say carefully and I notice when I start thinking and explaining something differently.

The new term that has emerged for me this week is “anchor on the web”... as in Where is your anchor on the web? or People have an anchor on the web – this is there “identity” – the question is do they control (owning a domain name) it or is it controlled by the company that does.

200906160037.jpg

I link this metaphor because it evokes the image of a boat that is you and an anchor that is linking you to somewhere – do you want this to land in a stable place that you have control over? Likely yes – if you anchor to someone else’s ship (have your name in their domain space) you are literally tied to them. Rather then being able to visit them on your own terms and leave if you like.

200906160058.jpg  

You can get copies of these images under CC license here.

In my last post I talked about facebook URLs and people getting their own domain name along with the contrast of usability with each. Chris Messina also wrote about facebook URLs and correctly points out that this is a battle over your digital identity.

I got a comment today from IWantMyName.com (they also have a blog) saying I was absolutely right about usability issues that domain registrars have.

You are absolutely right. It’s a common problem of domain registrars / hosting providers. They’re too focused on up-selling other services and the secondary market instead of serving the actual internet user. We’re watching the identity community closely with iWantMyName and will definitely provide identity management features in the future. For now, we already made the domain registration process easy and are helping users setting up apps like Gmail, Tumblr, Posterous etc.

Coincidently – today at SemTech the CEO of Nombray presented as part of Chris Saad’s talk about DataPortability. They let you very easily create a website under your own domain name that aggregates your information from around the web. I haven’t paid the $10 yet but I was very impressed with the usability of the sign up process and you can see my the 1/2 working site here.

There is of course Chi.mp too – but some how it feels a bit more like being tied to somewhere then actually owning your own domain (paying for it) and setting up the services under it.

The next level of interoperability and user-empowerment will be the way these systems map/document your online life and how they give you the data in a standard way when you leave their service to go to a different one.

I am hopeful these sites are the basis of what will become personal data stores that project VRM has brainstormed about and people/companies are developing.

UpDate: Wow and that was Post: 1000 for this blog!

ID Panel at SXSW

TWITTER HASH TAG FOR THIS PANEL
#sxswid

our handles
@identitywoman
@bobblakley
@etelos
@jsmarr

Panel Outline

1) Brief Intro

2) CONTEXT – 15 min
5m – looking back – enterprise IdM 101 – Bob Blakley
5m – SaaS is happening – Danny Kolke
5m – OpenID and Oauth

3) Discussion – 15-20min

4) Questions

LUNCH AFTERWARDS
we are heading over to Austin Iron Works to continue the conversation

http://idsxsw.eventbrite.com/

The next community event
INTERNET IDENTITY WORKSHOP
www.internetidentityworkshop.com

Identity events of the year – Part 2

This is part 2 and continues from part 1. I will re post this caveat again.

I am not going to do a “top ten list” – not really my style. I tend to take things as they are and appreciate the amazing, wonderful, mysterious, sensuous, intellectually stimulating but don’t “compare” in a sort of ordered list way. So just so there is clarity on the number of things I mention I will “number” them but this is NOT a top ten list – I wrote this post as a reflection without thought to order.

(un5) The emergence of Portable Contacts was a great development out of the Data Sharing Events that I put on with Laurie. The conversation between Joseph and the MSFT guys (Indu and Angus) lead to this – sort of a practical low hanging fruit thing to do – rather then solve everything – just how to get the list of contacts I have in one place out and importable to another. Joseph’s community leadership has really impressed me to. He is all about getting things done and finding the needed elements to make things happen.

(un6) I have enjoyed watching Marc draw on his fence – yes he does this literally - and talk about his vision of the social web evolving. He “published” a book containing some of what he has been talking about. You can describe Marc as many things but I for one respect him as a visionary – ahead of his time in seeing where things will be going on the web and what will be needed. (You can see his predictions for 2009 here) Just as an example of something he said that really struck me as original and important to think about looking ahead – he talked about how groups need to live autonomously – outside any one platform or silo – and that we need a language of social verbs that are open and standard across them. Maybe some more people will “get” what Marc has been saying in this regard and some open standards can evolve to address this.

(un7) In a year end review it would be a mistake to not name the IDTBD conversation that happened this summer. You can read the whole thread of the e-mail conversation in the google group – it is public. There were in the end two different ways to look at how to organize (and I think they can complementary) one put organizational form and structure first and the other put relationship and community first and said that needed form and structure could emerge from that. In the middle of the conversation we were referred to Clay Shirky’s work – both this video about LOVE in technical communities and how it is very long lasting and sustaining and his book - the power of organizing without organization. (He also has another talk about Coordination Costs that is informative). Identity Commons is an organization being held together with many of the new super low cost tools that mean organizational overhead that was needed to organize people as organized as we are isn’t needed like it was 5-10 years ago. Having said this there is much to be improved and in the survey we sent out after IIW we asked about IC and the community wanted us to focus on supporting/providing better communication between groups and also increased PR/outside world awareness of the collaborative work happening in the community.

(un8) The OpenID Foundation part of the Identity Commons community held its first elections for the community seats on the board.

(un9) Information Card Foundation launched and is part of the community of Identity Commons. I have been quite impressed with the energy and evangelism of Charles Andres. (they too are using a low organizational overhead model for getting things done). I actually got a the Azigo card selector working on my Mac and downloaded a “managed” card from an early behind the scenes trial of CivicID. I also failed at getting an “I’m over 18 card from Equifax” – Actually the experience of their knowledge based authentication made me think my identity has been “stolen” it asked me about a bunch of loans I haven’t taken out. So now I have a bunch of personal identity detective work to do this year (I will be blogging about those adventures).

(un10) Parity Communications shipped some pretty amazing stuff and it has been a long time coming*. They are behind the Equifax I’m over 18 card issuing site using their service called Card Press for issuing information cards. (as an aside I “get the whole stock photo with people holding their hands in a card shape – but why the girl with no top on?)

* Some background I first talked to Paul Trevithic and Mary Ruddy in the winter of 2004 while working for Identity Commons I knew I had to go out and meet them – to learn what they were up to and hopefully link/sync it with what Owen, Andrew & Drummond&Co. were up to around user-centric identity. They were into Social physics along with John Clippinger and both Paul and John were at the 2004 Planetwork Conference.

Over all it was an amazing year and it seems that the coming year will continue to have this field evolve.

I am working hard on pulling together two events before the next IIW (May 18-20 – put it on your calendars). One is specifically focused on “What are the Business Models” we should have an announcement about that next week but the dates will be the last week of Feb.

The other is focused on the intersection of identity technologies and the legal realm – I am meeting face to face with Lucy Lynch from ISOC in Eugene this week to work on details for that.

The Identity Futures group continues to percolate along and is working on developing a proposal to do some scenario visioning/planning.

I am hoping to spend some more time thinking about and talking to women to understand more about their needs and practices around identity online. Just in the last week while organizing She’s Geeky (the women’s only tech conference happening at the end of January) two women have mentioned they have had online stalker experiences recently. Several also have very particular ways of presenting themselves one example is a woman who professionally they use their first initial and last name – when they submit resume’s etc and in their general life online/socially they use their First name and last initial – to ensure that they are not findable at least by an employer initially doesn’t know their full name and thus their gender.

Identity events of the year – Part 1

I am not going to do a “top ten list” – not really my style. I tend to take things as they are and appreciate the amazing, wonderful, mysterious, sensuous, intellectually stimulating but don’t “compare” in a sort of ordered list way. So just so there is clarity on the number of things I mention I will “number” them but this is NOT a top ten list – I wrote this post as a reflection without thought to order.

This morning while swimming I got to reflecting about the year in identity and it did seem appropriate to share some of them.

(un1) Bob’s Relationship paper (that I hope Burton Group will release into the world) was put forward in draft form at IIW#7 (2008a) and the Data Sharing Summit in May. It framed the problem of identity and articulated some missing pieces to the puzzle we are solving – supporting an identity layer emerge. He high lighted the fact that identity happens in the context of relationship and finding ways to document the terms and conditions in a relationship – making the relationship itself its own node and not just a line in a social graph. Since the paper is mostly been available to enterprise clients of the Burton Group and some folks in the identity community this missing piece – the node of relationship itself has not been taken up. I am hopeful it will emerge. I think some of what the Higgins project is proposing as an R-Card – a place to co-manage relationship data between two parties in a transaction could for fill this.

Update: I spoke with Bob since this post and Burton will be releasing this paper in Q1.

(un2) Facebook’s emergence as the dominant social networking service and this being the anti-pattern that the communities that I have been participating in for 6 years now had articulated was a danger that needed to be addressed preemptively with open standards that worked between silo’s.

(un3) Related to this – I am remember that summer at the invitational gathering at Hollyhock (a retreat center in Canada I love and I became the accidental poster child for) I got to meet with colleagues who lead workshops there some of whom I have known for years. They knew I was into the web and social things there – “digital identity” but this year they “got” more of what I was talking about. The reason was because of issues they themselves had – one had pictures and e-mails and other things the community had put forward around someone’s life threatening illness. They found they couldn’t get the data out. … it wasn’t there. People informally in conversations I overheard were kinda freeked out by the service (you need to remember that in Canada Facebook has incredibly high penetration into the lives of “normal” folks about 40% of all Canadians are on it – so more normal folks then in the US).

So back to the open standards working between sites – putting at least doors between walled gardens – it seems that finding the agreement and finding adoption of such open standards is difficult – or perhaps more to the point it is not a “high business priority” – it is easy to have a big network just grow and become the default. I think the efforts of the open stack community are noble and I hope they succeed. I also think they need to address some of the things that facebook messes up. These include mushing all my worlds together- (water polo from when I was in highschool, kindergarten class at school, water polo from college, water polo from the national team, highschool, elementary school 1, elementary school too, my process facilitator community, the identity community, the all the worlds I am in they are all FLAT – my social reality isn’t flat. People and the topics I am interested in at any one time come closer and go out father. I have divers interests and everyone I know is not interested in everything I do. I know this. I am not trying to “hide” anything or “be secret” I just want to respect the attention of my friends. I hope this nuanced social understanding can be grasped by someone building these tools. It is not that complex.

It may be that this kind of nuance will show up in smart clients. I am hopeful that this year there will be at least one for twitter. (I want to have two kinds of twitter friends – the ones that I read ALL their tweets (scrolling back to see what happened when I was not online) and those that i will watch passively when I happen to be online too.

(un4) TWITTER really broke on to the scene this year. I started tweeting because of Phil Windley’s comment about how it got him connected to his remote team – as a water cooler replacement – to know what they were up to in daily life (I had had an account for about a year before but hadn’t gotten into it). I was also at a talking heads forum on collaboration for a day in January and several friends were there who were tweeters so I did the laborious work of finding people to follow (back then there was no people search – you sort of found people by who you saw following people you knew).

I have several more thoughts about big things of the year. I will continue to write in the next few days. I am going to get back into blogging. These last 8 months since IIW#7 2008a I have had some rather significant personal life background noise. It is why I haven’t been writing or getting out much. So one of my resolutions for the year is to blog more.

It continues here with Part 2.

Identity and personal control on horizon in web 2.0 2009 predictions

Mary Hodder is one of the 8 experts Fast Company tapped to predict evolutionary trends for web 2.o in 2009:

Mary Hodder, Founder of Dabble.com and VP of Product Development, Apisphere

“The future of social media is user’s owning their data, deciding who to send it to. Look for more companies that currently host the user’s identity to have less control over that, as things like Open ID take over and more companies try to compete by giving users more control over themselves. Look for ways users can own their own data, and companies that might offer that, sort of like a personal information bank. The changes may seem subtle but I think we’ll see companies now, like Facebook, who try to be everything to you: your bank account for info, your identity, your tools for publishing, and your bar/restaurant for socializing, having to give up some of those roles or hold them less powerfully. And I don’t think it’s natural for one company to hold all that power. It leaves you with very little control over your online self.

Of course, Facebook will fight this to the last, so they won’t be the first to give up some of this control. Others will and eventually to compete Facebook will follow. But they are the great example of the problem.

The other big change will be in companies finally building for revenue in the social and any other space online, as they build for growth in their free or social products.”

She is clearly pointing to emergence of Vendor Relationship Management tools and also the possibility of information card technologies that give users more control along with OpenID and OAuth that are linking web 2.0 services. She highlights the ‘business model’ issue that still has not been figured out for social networks or for identity technologies. We are hoping to address some of this at a special session of Internet Identity Workshop focused just on business models this winter.

It should be noted that 5/8 experts tapped were women the other 4 are Charlene Li, Rebecca Moore, Susan Mernit & Tara Hunt.

Cybersecurity report covers Identity

Lucy Lynch posted this “The CSIS Commission on Cybersecurity for the 44th Presidency ” to the ID-Legal e-mail list.

We are actually going to discuss it on our upcoming call along with figuring out our steward to Identity Commons. Lucy and I will be spending 2 days at the end of December face to face in Eugene planning strategy/execution/deliverables around having at least event in DC this winter/spring before the next IIW.

The CSIS Commission on Cybersecurity for the 44th Presidency has released its final report, “Securing Cyberspace for the 44th Presidency.” The Commissions three major findings are:

1. Cybersecurity is now one of the major national security problems facing the United States;

2. Decisions and actions must respect American values related to privacy and civil liberties; and

3. Only a comprehensive national security strategy that embraces both the domestic and international aspects of cybersecurity will improve the situation.”

There is a section on: Identity Management for CyberSecurity (page 67) that folks will want to read. CSIS is a Washington think tank, so this
is only advisory, but interesting to see some old models coming around again.

“CSIS was launched at the height of the Cold War, dedicated to the simple but urgent goal of finding ways for America to survive as a nation and prosper as a people. During the following four decades, CSIS has grown to become one of the nations and the worlds preeminent public policy institutions on U.S. and international security.”

Cybersecurity report covers Identity

Lucy Lynch posted this “The CSIS Commission on Cybersecurity for the 44th Presidency ” to the ID-Legal e-mail list.

We are actually going to discuss it on our upcoming call along with figuring out our steward to Identity Commons. Lucy and I will be spending 2 days at the end of December face to face in Eugene planning strategy/execution/deliverables around having at least event in DC this winter/spring before the next IIW.

The CSIS Commission on Cybersecurity for the 44th Presidency has released its final report, “Securing Cyberspace for the 44th Presidency.” The Commissions three major findings are:

1. Cybersecurity is now one of the major national security problems facing the United States;

2. Decisions and actions must respect American values related to privacy and civil liberties; and

3. Only a comprehensive national security strategy that embraces both the domestic and international aspects of cybersecurity will improve the situation.”

There is a section on: Identity Management for CyberSecurity (page 67) that folks will want to read. CSIS is a Washington think tank, so this
is only advisory, but interesting to see some old models coming around again.

“CSIS was launched at the height of the Cold War, dedicated to the simple but urgent goal of finding ways for America to survive as a nation and prosper as a people. During the following four decades, CSIS has grown to become one of the nations and the worlds preeminent public policy institutions on U.S. and international security.”

Finding Identity Projects in unexpected places

Two weekends ago I was in Austin Texas for the 4th National Coalition for Dialogue and Deliberation Conference. They hold their conference every 2 years and I have attended that last two. What was surprising this time was I actually found identity projects in the wild. I met Lou and Wayne (Lou is wearing black so he is from NY – Wayne is wearing the uniform from DC a suit ad tie.)

IMG_1373.JPG

Lou is working on CivicID (a project of Gateway to gov)- they do 3rd party constituent validation. The plan right now is to issue OpenID’s that can be used on different services. Because they get third party validation the idea is that legislators will listen to electronic communication more because they know it is from actual constituents. I asked if they would be issuing claims based information cards and he said yes they would get to that.

Wayne is working on the OPen Forum Foundation their first Project is to address communication difficulties between:

* Constituents: Are you happy with your ability to communicate with your elected officials and the people who make the decisions about your world?
* Government decision-makers and staff: Are you able to handle the inflow of emails, faxes, and phone calls from constituents and respond in the way that you would like?
* Advocacy Groups: Do you find it easy to express the voice of your members to their elected officials in a way that gets heard and is productive?

Two years ago I was at NCDD talking to the online deliberation guys explaining identity – this time there were several projects that all were aware of it at least.

Practical Evolution - this has gone through several evolutions and is being used in Australia.

Intellitics – Tim Bomans Company is working on Zilino

DeepDebate.org a project lead by Lucas Ciof is working on a system to help dive into different

Idealogue Inc. by Noam Shore is also doing online tools for civic engagement.

It was quite exciting to see all this activity Tim Erickson has a post on his blog with videos about three of them.

I had dinner both Friday and Saturday night with the tech guys :) – (Yes the first night I was the only woman at dinner and the second night one of two) I am hoping several of these guys come to IIW and share what they are working on.

Today I am headed to the Open Sustainability Network Camp and tomorrow to Bioneers (a conference I have been attending since 1999). I am hoping that I will be pleasantly surprised at both to find people doing interesting identity projects in the field.

I came to this field from a civil society perspective via my work with Planetwork. This does not mean however that I am anti-business or don’t care about the needs of large enterprises in this space. In the last several years I have come to appreciate how fundamentally essential their role is in making any of the original idealistic “user-centric” vision articulated in places like the ASN Paper happen. I also don’t think that business alone can get this layer to happen and without civil society engagement or uses it will take much longer. It is most definitely a both-and situation rather then an either-or.

I have often chosen to speak to the civil society perspective when I am in the community. There are already so many people who work at large enterprises and thinking about the business models. Perhaps this was a mistake because it may not be obvious how much I care about the business side of things. I CARE about it AND it is not all that matters. I am hoping in the next while to invite more people working day to day in the nonprofit, social and environmentally responsible business sector, advocacy groups and others to become more involved in the identity community. My finding of the projects at NCDD doing identity shows there is now a wider understanding of the use for identity and people beginning to experiment with application.

On Identity and Collaboration

The article that Martin Richards was working about OpenID at the last IIW was finally published in Infomation Week One Web, One WebID. It summarized the confusion in the market well. My dad – who knows nothing about the space summarized the article well (the capital letters are his)

From the article it looks like there is quite a way to go before there is a more secure system that is both WIDELY adopted and VERY secure to everybody’s satisfaction.

I say in the article I am ever optimistic about things becoming clear and harmonized

All of these plans will one day fit together, says Kaliya Hamlin, a freelance identity consultant who organizes the biannual [sic] Internet Identity Workshop and maintains a primary hub for the identity community. At the moment, however, at least to the layman, they form a bewildering jigsaw with lots of unconnected pieces and no unifying design.

I also know that markets and communities are not things you control. We can bring order to this space and I hope to continue to do so with my efforts in this community.

I was thinking about about the evolution of the community and the world-view/cultural differences that we have among us. I went back to surf through some of what Meg Wheatly had online to see if there was something that captured the essence of the model of organization we are working with. I thought with her experience coming from the corporate sector and doing organizational development work in large fortune 500 companies and her research into now living systems work she might have some words that articulate the essence of what we are doing with this model.

These few lines particularly jumped out at me form this interview with her:

The real eye-opener for me was to realize how control and order were two different things, and that you could have order without control… To understand order that arises, rather than order that is imposed through direction and control — that is a very significant new path.

I realized that was what we were doing with the Identity Commons organizational model – supporting the emergence of order rather then trying to control what happens. The question we are trying to solve how to have an identity layer/framework/social norms/standards for the internet and other digital systems is a HUGE and complex problem. It has not been solved by control and won’t be. However creating a space for order and clarity to emerge – for self organizing around different ideas, ways of doing things – and resourcing collaboration, cooperation and harmonization efforts WILL get us there faster then not having that space.

The process of articulating to the community – what you want to do – and how you want to do it – this creates accountability. This helps us see ourselves and what is going on in the community through the simple light weight formal processes and with these processes order emerges.

From the conversation today I articulated some further clarity. The whole point of having a loose collaborative space with a shared brand is to support stuff innovating not having the big corporations playing in the space approve every use of the Brand.

It is to support ideas bubbling and percolating and not feeling like one group or company needs to control that other group over there does or might do in the name of the organization.

In a group/organization agreeing to participate in Identity Commons, that group is making a commitment to collaborate and share information. Agreeing to participate one does not have to “AGREE” to all uses of the brand. In fact THE BRAND IS ABOUT THE COMMITMENT TO COLLABORATION and sharing along with a “meta’ out there future vision we do agree on but as we struggle to get there we KNOW we will might not agree. What we do agree on is a shared set of VALUES that are striving to be part of the technologies being built along with a recognition that as technologists that there is a scope and dimension of identity that goes well beyond “tech” because it is about people and our social nature.

Identity Commons was founded to provide this kind of support for a community of collaborating projects across a range of disciplines and not to be an industry trade association or a technical standards body.

You know your conference is to cheap when…

You know your conference is to cheap when other conferences offer you $200 discounts to register EARLY and yours only costs $200.

In case you missed it the Internet Identity Workshop has an announcement up and registration is open. Phil and I implore you to PLEASE register early so we know how many of you are coming.

We subtly softened our language about “user-centric identity” to take into account that there is some concern that this might be going to far in one direction and it may be that the parameters of the relationship in the middle is where the focus needs to be.

The Internet Identity Workshop focuses on what has been called user-centric identity. Basically asking the question how can people manage their own identity across the range of websites, services, companies and organizations that they belong to, purchase from and participate with. IIW is a working meeting for a range of groups focused on the technical, social and legal issues arising with the emergence identity, relationship and social layer of the web.

I think this year Identity as a service will make a strong appearance. Companies like Symplified are doing interesting things that have application in the enterprise market first but could have usefulness on the consumer side maybe sooner then we think.

More from the announcement:
As a community we have been exploring these kinds of questions:

  • How are social networking sites and social media tools applying user-centric identity? (this is the question I am interested in knowing more about. How is it working now that you can actually implement some of this stuff – it is not just big ideas any more)
  • What are the open standards to make it work? (identity and semantic)
  • What are technical implementations of those standards?
  • How do different standards and technical implementations interoperate?
  • What are the new social norms and legal constructs needed to make it work?
  • What tools are needed to make it usably secure for end-users?
  • What are the businesses cases / models that drive all this?

Our event is highly participatory anyone who wants to present can do so. The agenda is made all together on Tuesday morning. We do this unconference style – for those who have not yet been you can read what community leaders have said about the effectiveness of the format.

If you are NEW please come to Monday’s introductory session starting at 1pm. If you have attended before it is worth coming to get the latest updates on where things are.

Yes it is CHEAP – $200 if you are an independant, and $350 if you come from a corporateion. You get all your meals paid for (healthy food – some say the best ever conference food).

If you want to come and you can’t afford it – talk to us – we want you there if you want to be there.

If you are an Identity blogger and have been to IIW PLEASE blog about this one coming up. We also have a blog sidebar logo you an put up.

border=”0″ hspace=”3″ vspace=”3″ align=”left” title=”IIW2008 Registration banner”alt=”IIW2008 Registration banner” />