Another Bill of Rights

I did a collection called the Bill o’ Rights o Rama. 

Here is a new proposed one a Gamers Bill of Rights  based on another gamers bill of rights (this one looks beautiful)

Preamble
Gamers are customers who pay publishers, developers, and retailers in exchange for software.

They have the right to expect that the software they purchase will be functional and remain accessible to them in perpetuity.

They have the right to be treated like customers and not potential criminals.

They have the right to all methods of addressing grievances accessible by other consumer.

They have the right to the game they paid for, with no strings attached beyond the game and nothing missing from the game.

Gamers’ Bill of Rights
I. Gamers shall receive a full and complete game for their purchase, with no major omissions in its features or scope.

II. Gamers shall retain the ability to use any software they purchase in perpetuity unless the license specifically and explicitly determines a finite length of time for use.

III. Any efforts to prevent unauthorized distribution of software shall be noninvasive, nonpersistent, and limited to that specific software.

IV. No company may search the contents of a user’s local storage without specific, limited, explicit, and game-justified purpose.

V. No company shall limit the number of instances a customer may install and use software on any compatible hardware they own.

VI. Online and multiplayer features shall be optional except in genre-specific situtations where the game’s fundamental structure requires multiplayer functionality due to the necessary presence of an active opponent of similar abilities and limitations to the player.

VII. All software not requiring a subscription fee shall remain available to gamers who purchase it in perpetuity. If software has an online component and requires a server connection, a company shall provide server software to gamers at no additional cost if it ceases to support those servers.

VIII. All gamers have the right to a full refund if the software they purchased is unsatisfactory due to hardware requirements, connectivity requirements, feature set, or general quality.

IX. No paid downloadable content shall be required to experience a game’s story to completion of the narrative presented by the game itself.

X. No paid downloadable content shall affect multiplayer balance unless equivalent options are available to gamers who purchased only the game.

The Trouble with Trust, & the case for Accountability Frameworks for NSTIC

There are many definitions of trust, and all people have their own internal perspective on what THEY trust.

As I outline in this next section, there is a lot of meaning packed into the word “trust” and it varies on context and scale. Given that the word trust is found 97 times in the NSTIC document and that the NSTIC governing body is going to be in charge of administering “trust marks” to “trust frameworks” it is important to review its meaning.

I can get behind this statement: There is an emergent property called trust, and if NSTIC is successful, trust on the web would go up, worldwide.

However, the way the word “trust” is used within the NSTIC document, it often includes far to broad a swath of meaning.

When spoken of in every day conversation trust is most often social trust.

[Read more...]

Personal Data Ecosystem talk at Digital Privacy Forum, Jan 20th, 2011 in NYC

This is my talk presented to the Digital Privacy Forum produced by Media Bistro, January 20th, 2011 about Personal Data Ecosystem and the emerging consortium in the space.

Thanks for inviting me here to speak with you today.

The purpose of my talk is to share a new possibility for the future regarding users’ personal data that most have not yet explored. It sits between the two extremes of a familiar spectrum.

On one end, “Do not track” using technology and a legal mandate to prevent any data collection.

AND

On the other end, “Business as usual” leaving the door open for ever more “innovative” pervasive and intrusive data collection and cross referencing.

There is a third possibility that aligns with peoples’ privacy needs as well as offering enormous business opportunities.

A nascent but growing industry of personal data storage services is emerging.  These strive to allow individuals to collect their own personal data to manage it and then give permissioned access to their digital footprint to the business and services they choose—businesses they trust to provide better customization, more relevant search results, and real value for the user from their data.

With other leading industry thinkers, I have come to believe that there is more money to be made in an ecosystem that allows users to determine which businesses have access to what data,and under what terms and conditions, than there is under present more diffused, scattershot, and unethical collection systems. Today I will articulate the broad outlines of this emerging “personal data ecosystem” and talk about developments in the industry.

Those of you who know me will find it unusual for me to have such a keen focus on making money on user data and emerging business models.

I am, after all, known as the “Identity Woman – Saving the World with User-Centric Identity”. Since first learning about issues around identity technologies online in 2003, I have been an end user advocate and industry catalyst.

[Read more...]

Online Eviction – a new challenge in this recession?

This post was on slashdot today

Protection From Online Eviction?
from the our-data-our-selves dept.

AOL has been shutting down its free Web services, in some cases with little or no notice to users, and they are not the only ones. This blog post on the coming “datapocalypse” makes the case that those who host Web content should be required to provide notice and access to data for a year, and be held strictly accountable the way landlords are before they can evict a tenant. Some commenters on the post argue that you get what you pay for with free Web services, and that users should be backing up their data anyway. What do you think, should there be required notice and access before online hosts take user data offline for good?

Here are some interesting comments from it.

http://tech.slashdot.org/comments.pl?sid=1079453&cid=26315101

Why now with the Data Sharing Workshop/Summit?

Link to the Data Sharing Workshop and Summit.

There is a lot of energy right now around different ideas on how to share data across social media sites. Based on current discussions on the dataportabiltity.org lists and other places, it is clear that a range of potential standards and approaches are emerging.

The energy feels a lot like it did when Phil, Doc and I called the first Internet Identity Workshop – at that time there was a cluster of people thinking about and working on different technologies around user-centric identity. We had been meeting other conferences, but we had not spent time together to really hear different proposed approaches. They all had similar ideas. We recognized this and realized that if we brought them together, it would lead to the emergence of shared understanding and interesting alignments.

At IIW 1 the first day involved participants presenting their different approaches to user-centric identity. The second day was open space – an organized way to support critical conversations that emerged out from listening to all the presentations the day before. It was on that day that the serious conversation between Brad Fitzpatrick & David Recordon’s OpenID(1), Johannes Earnst’s LID, Drummond Reed’s xri/inames all had a conversation that lead to a commitment to meet up a month later and that conversation became Yadis – a group that was joined by SXIP a few months later and then a few months later this was all folded in and became OpenIDv2.

Another outcome of the Internet Identity Workshop has not matured yet but it is coming along. The card selector metaphor, interfaces and client code to do it are starting to be tested and deployed. The cooperate between Kim Cameron and his Microsoft team with IBM and the Higgins & Bandit open source projects has been fostered at these events. The OSIS (Open Source Identity System) Project and Concordia projects are both doing workshops interoperability testing at the forthcoming RSA conference. OSIS has over 200 test in their Interop. The range of actors (standards efforts, open source projects, commercial projects and companies) collaborating is impressive.

Phil, Doc and I didn’t know that these would be an “outcomes” of the event and certainly did not have it as a “goal.” What we did know was that by getting people together to share their ideas, technology approaches and standards, some good would happen – that is, collaboration, synergy and actual investment in and diffusion of user-centric technologies. We also chose a format with open space that left an open playing field – we were not deciding who got to talk, about what or when. This explicitly neutral unpolitical way of organizing also facilitated the collaborative environment.

My goal for the 2nd Data Sharing Summit is to bring together participants from

1) the large companies with 10s of millions of users like Microsoft, Google, Yahoo!, MySpace, Facebook, AOL, Amazon, eBay etc.

2) Small and Medium sized ‘web 2.0′ sites like LinkedIn, RapLeaf, Eventful, Dopplr, Linquia, Dabble, 30Boxes, Magnolia the whole range of Web 2.0 startups that are focused on services for people that involves peoples data.

3) The Standards Guys (Both adhoc and formal) Those putting forward a range of different approaches being proposed for managing the personal data/social network problem. This includes people from the user-centric identity efforts, semantic web standards and tools,

4) Social/Legal/Policy Implications Those thinking about and addressing the social and legal implications of the emerging technologies.

Bringing this range of people together will be key ingredient to getting this gathering be fruitful – I know because of who they are and the passion they have for the topic it will be. I am not going to define ahead of time “what the fruit looks like”

My hope is that there are some similar approaches that can discover each other “now” rather then a year from now when they are ‘going to market’ and decide to cooperate and merge efforts sooner rather then later (like happened with OpenID).

I asked two colleagues who will be attending what he thought the goals were:
* To establish shared consensus about the meaning of data sharing and portability for Internet users.
* To articulate a roadmap for how this can be achieved (and for determining “when we are there”).
* To understand what parts of this roadmap are technical and which are business/social/political/legal.
* To understand which technologies are available and which are emerging to achieve the roadmap.
* To determine how to move forward on the business/social/political/legal challenges.
* get disparate orgs ot work together
* get consensus on standards – and feedback
* identify missing standards
* get testing and compatibility labs -set up!
* and from an evangelistic POV – get Opt-In include din all systems

I think all of these will move forward in the format of Open Space and the collective participation and discernment at the beginning middle and end of the conference.
You can add goals here.

When I think about this gathering the big questions include:
* how do people link their information together across platforms with different services?
* how are permissions managed?
* what are the policies that apply?
* what standards exist?
* what code / frameworks are available to do this?
* what does it mean when my blog is the center of my network?
* is there a standard way to update presence?
* how do the identity tools (openID, oAuth, card selectors, data linking) apply?
* how do semantic web frameworks apply?

I hope to create a high-level professional community that is very engaged with these issues because they want to empower their users to have a copy of their data, to be aware of how it is used and to be able to use their data in interesting ways.

I also hope that a community will emerge that will work together, compete over different options and in the end solve the challenging set of problems that need to be addressed to get data sharing to work.