Ok, now we know what is wrong Google is on the [autism] spectrum.

"The obstacles primarily exist in the realm of social interaction. The fundamental problem is akin to blindness, as the term social blindness suggests."

They keep doing well meaning but awkward feeling things because well they know how to technically but it isn't how human beings act or want to be treated.

The complexities of communication can pose significant problems, especially since people with Aspergers are high functioning. Others do not readily recognize Asperger details and are unable to understand some responses, or lack thereof." - Love to Know Autism

• IT's Dark Secret
• the geek syndrome"
• qualities having auspergers

This might be the deeper underlying reason they don't get the issues with having "Real Names" only on G+. Google just needs help growing self awareness and gaining greater awareness of the impact they have have on others particularly Neuro-Typicals (people not on the autism spectrum).

The video highlights that data can be creepy if we don't have agency and control over who, collects it, how they collect it, for what purpose they collect it for, what they can infer from it. This is why we have to grow the personal data ecosystem for people to be at the center of their own data lives.

I wrote the original post after watching the Bradley Horwitz (@elatable) - Tim O'Reilly (@timoreilly) interview re: Google+. I found Tim's choice of words about the tone (strident) and judgement (self-righteous) towards those standing up for their freedom to choose their own names on the new social network being rolled out by Google internet's predominant search engine disappointing.  His response to my post was to call me self-righteous and reiterate that this was just a market issue.

I myself have been the victim of a Google+ suspension since July 31st and yesterday I applied for a mononym profile (which is what it was before they insisted I fill out my last name which I chose to do so with my online handle and real life identity "Identity Woman") 

In the thread this morning Tim said that the kind of pressure being aimed at Google is way worse then anything they are doing and that in fact Google was the subject of a "lynch mob" by these same people.  Sigh, I guess Tim hasn't read much history but I have included some quotes form and links to wikipedia for additional historial context.

Update: inspired in part by this post an amazing post "about tone" as a silencing/ignoring tactics when difficult, uncomfortable challenges are raised in situations of privilege was written by Shiela Marie.  

I think there is a need for greater understanding all around and that perhaps blogging and tweeting isn't really the best way to address it.  I know that in the identity community when we first formed once we started meeting one another in person and really having deep dialogues in analogue form that deeper understanding emerged.  IIW the place we have been gathering for 6 years and talking about the identity issues of the internet and other digital systems is coming up in mid-October and all are welcome.  The agenda is created live the day of the event and all topics are welcome.

Here's the thread... (oldest tweets first)

 Note all the images of tweets in this thread are linked to the actual tweet (unless they erased the tweet). 

Steve, thanks for highlighting the bizarre choice to use a "lynch mob" as the metaphor to describe what is happening to Google around this issue.

From Wikipedia: Lynching is an extrajudicial execution carried out by a mob, often by hanging, but also by burning at the stake or shooting, in order to punish an alleged transgressor, or to intimidate, control, or otherwise manipulate a population of people.... Lynchings have been more frequent in times of social and economic tension, and have often been means used by the politically dominant population to oppress social challengers. 

The article on Lynch Mobs is part of the Discrimination set of articles in Wikipedia. Within sociology, 'discrimination' is the prejudicial treatment of an individual based on their membership in a certain group or category. Discrimination is the actual behavior towards members of another group. It involves excluding or restricting members of one group from opportunities that are available to other groups. An individual need not be actually harmed in order to be discriminated against. He or she just needs to be treated worse than others for some arbitrary reason.

 

From the Wikipedia article on Oppression: Indirect oppression is oppression that is effected by psychological attack, situational constraints or other indirect means. It has been a popular tactic practiced in single power, power monopoly or other authoritarian or totalitarian regimes.

The point I was making with my previous post Google+ says your name is "Toby" not "Kunta Kinte" is that Google is being discriminatory and oppressive towards people who refuse to use their "wallet names" and who choose to go by pseudonyms.  Which party in this situation is really acting like a lynch mob?

As I said in my previous post the tone of those who are suffering at the hands of this policy implemented by THE dominant search utility on the web are loud, shrill, piercing, high-pitched and rough sounding and I imagine are heard by those within Google who are receiving them as grating and obnoxious. Rather then empathizing with human pain and suffering that is reflected in the tone, Tim and others are just dismissing them and their concerns.  Here is one of the clearest posts by someone very affected by what Google is doing: To those who say they "don't get it"...(Google, G+, etc) 

Really? Google+ is effectively lynching, that is killing the digital persona's of people who's names don't conform to its policies. So what is not extreme about that? is there a middle ground when you feel your digital life is threatened? Of course the reaction of people has some edge to it because people feel that the digital identifier that is the anchor for their "digital body" could be terminated and thus puts their digital lives are at risk.  They are being a bit shrill when the talk about the issues because they are deeply personal and have real impact on their lives because it impacts their ability, their freedom to communicate.

To close, Doc Searls has a great post up about what this might all really be about Circling Around your Wallet.

  Note all the images of tweets in this thread are linked to the actual tweet (unless they erased the tweet). 

This whole line of thought to explain to those who don't get what is going on with Google+ names policy arose yesterday after I watched the Bradley Horwitz - Tim O'Reilly interview (they start talking about the real names issue at about minute 24).

More on my personal Google+ suspension that continues to Day 29.

Tim is struck by the Steve Jobs element of how Bradley and Google is talking about designing for the way the world will be not how it is....implying and even explicitly saying that in the future we will just all use our real names for everything so lets get started doing that now.   - you know happy future vision of benevolent design choice by humans of large corporate controlled digital systems.  Yes, many Googlers like Chris Messina who used to have a handle online "Factory Joe" made the conscious choice to bring it together with his "real name". For him the cost-benefit trade of for this and decided that for him it was no longer worth it. Totally fine choice for him. What is at issue is when his choice becomes all of our choice because he and others like him have the power to decide for all of us.

Young men like Chris have a lot of privilege in the world and they can do things/make choices that others have less freedom (privilege) to make without those choices affecting their lives in material ways (chances of employment, social acceptance between different contexts with different norms, having accepting family members who are not bigoted against their personal life choices).  I thought that one of the things Chris got form his years dating Tara Hunt was more of a clue about the issues that women and others who are not young white straight monogamous men living in western liberal democracy, liberal metropolises face. His posts on the topic include the following but some how...I guess he still doesn't get this issue in relation to Google (maybe he does but it seems like people who work at Google stop blogging upon their date of employ and Google employees who have spoken up on the issue have been gagged).

* Kirrily Robert: Standing out in the Crowd where he highlights these posts

• Recruit diversity
• Say it. Mean it.
• Tools. (Tools are easy.)
• Transparency.
• Don’t stare.
• Value all contributions.
• Call people on their crap.
• Pay attention.

* Future of the White Boys Clubs

* Future of White Boys’ Clubs Redux #fowaspeak

Fundamentally technology systems and techno-social systems are created by people making choices AND it is at this time in the history of the web we get to as a culture and society choose the range of options available for human expression of identity online.  IF THE PEOPLE WHO HAVE ALL THE POWER to make this choice in these digital systems have the demographic profile of Brad and Tim then we will get one outcome - it will favor them and their world view and exclude others who are different (ala the very long list of people negatively affected by real names policies). It is an abuse of power as danah boyd eloquently explains on her blog.

Tim goes on to say (at min 28) that his own reaction to "some of the strident calls for you guys [Google+] to change what you are doing" lead him to the conclusion "give me a break, lets try some different things lets figure out what we learn from them..the market will tell you what it really demands"

Lets look at this more deeply - Tim's specific labeling of the resistance to the policies as "strident" is coming from a position of power and privilege that is judging these people in a way that demeans, what they are saying.

From Wiktionary: Strident

1. Loud; shrill, piercing, high-pitched; rough-sounding

   The trumpet sounded strident against the string orchestra.

2. Grating or obnoxious

   The artist chose a strident mixture of colors.

Because the opposition is so sharp and clear - people are speaking up in shrill, piercing, "high-pitched" ways because they are being hurt so badly and deeply by requirement for real names and how suspensions are being handled.  The words of these people are being heard by Tim and others in power as grating and obnoxious because they aren't supposed to speak up...they should just accept what is happening to them right?

One response of Google+ leadership and technology leaders like Tim O'Reilly could have is to be to be empathetic, to look inward and connect to the human beings speaking and say something like:

Wow, we had no understanding of how "unfree" some people feel online and in our society broadly.

We had no idea about how many different kinds of people (who are not like us) are affected real names policies.

We didn't really realize existed, or had any needs different then ours and how can we struggle with them to make a more just society so they are not affected negatively if they were out/public about those things.

In the meantime lets really listen and get that they have real and valid needs for safety and the right to express themselves and lets and not ban them from our services for their choice not to use use their real name.

Instead Tim and others are dismissing the real hurt and anguish being felt by people saying they are being "strident" for speaking up for their right to pick their own name and to be for Google's continued insistence they have the right to decide what an acceptable name is for people.

This is about power and those who speak up to it being judged and labeled negatively for doing so. I asked in twitter yesterday if women suffragettes were strident, and were the stonewall rioters and the subsequent movement for gay rights strident? Yes they were! They were standing up for what was right and against and unjust social system that was harmful to people.  I am concerned about the rights and freedoms of nyms both because people have personal life issues they want to be free to create accounts to express/deal with AND because they have political beliefs they want to share.

Imagine if the people who were standing up and organizing for gay rights in the 60's and 70's had digital tools to do so and imagine all the major places were public discourse about this happened were in online social spaces where "real names" were required and imagine that all of their families and employers would therefore know about their status as a GAY  (LTBTQ) PERSON. Do you think we would have had the gay rights movement? Do you think it would have been possible? Do you think that enough people would have stood up knowing they would be laid off, fired, black balled, told their kids couldn't play with neighbor kids.

Many groups who are systemically and socially oppressed (yes in our modern liberal democracy there is lots of oppression going on) fear to speak up TODAY about the issues going on in the system that affect them.  Many people have ideas that would transform the social order but challenge power will fear speaking up about these new ideas if all speech in online public fora must be linked to real names seen by their real employers who could really fire/let them go.

Unless we embed the freedom to have pseudonymous speech in major online social spaces where serious public/political dialogue occurs then we risk not having a free society any more.  Free meaning the freedom to challenge injustice the freedom to seek greater accountability by those in power (government and corporate), to open up the systems that run our society.

Over the course of yesterday I continued to think more about the deeper nature of the issues going on and the fundamental nature of the power we have to name ourselves and what it means to have this freedom.  I remembered the series Roots  and suggested that young Googlers rent it from/watch it on netflix and then have dialogues about privileged and oppression.

For those of you who didn't watch it in the 70's (I was born in the 70's do didn't watch it then either),  it is the story of a Alex Haley's black family descended from a man who was stolen from his village in Africa and brought to America as a slave. He is very clear on his identity, who he is, he is a Mandinka warrior and his name is Kunta Kinte,.  One of the first things his white slave owner Master Reynolds does is rename him Toby.  He refuses to accept this new name, this identity that they have said he must take on...he does accept the name but only after great human suffering inflicted by his master to get him to comply with his wishes.

This is the sort version:

"Bonus suppression" Google runs YouTube and they took the clip of the movie scene down for "inappropriate nudity or sexual" - it has neither, it just made a dramatic point and made them look bad. In the clip Kunta Kinte is facing the camera with part of his chest showing being whipped from behind by a white man who is working for the slaveowner until he breaks. After repeating his name is Kunta Kinte when asked what his name is, he finally says... it is Toby. 

For slightly more context for the scene this is 8 min.

I highly recommend watching the WHOLE movie if you haven't seen it.

Just to be really clear for those of you who might not be tracking the point I am making. I and the other people in Google+ who choose to have handles/nyms that are persistent and that we are known by but are being rejected by Google+ are Kunta Kinte and the Google+ name police is the slave owner whipping him until he submits to calling himself Toby.

Metaphorically this IS what is going on.  "Yes" I and other people who use handles and use nyms have a choice "not to use the service" - we are technically "not slaves" like Toby is. However we have already been using Google e-mail and other services for years with the names we chose - in changing the rules on the Google plantation they have undermined the social contract that it had with existing users. Google is a major forum for expression of ideas and is THE dominant search engine (one could argue monopolistic search engine). It will be using people's +1's to determine search results and these will shape public discourse.

Many different people are now fearful of speaking up in Google+ about these issues (even if the are not affected) because they fear the will be affected (having their access to their accounts turned off). Just look at what has happened Google+ turned off Violet Blue's profile knowing full well it was her real name and people rightly so imagine this is because she was speaking out for those who were suspended and could not speak.

Back to what Tim said above - he says that "the market will decide" these things. The core issues here are freedom of speech and power within the social sphere not about "the market". It is about what is right and just in a society. The market decided that it was ok to do slavery for hundreds of years, the market decided that it was ok to discriminate systematically against black people with Jim Crow laws and the market decided it was ok to discriminate against women in professional fields like law and medicine until things changed in the 60's.

Continuing the quotes from Tim "lets the arguments be from efficacy not from self righteousness"

Let me ask you this Tim: Was Kunta Kinte being self righteous to insist on his own choice of his own name?

Update:

Tim thinks that I am being self-righteous for even asking this question. He agrees with me that Kunta Kinte is not self righteous to stand up for his name but adds that that I am self-righteous to ask this question which in this post was explicitly drawing the analogy between Kunta Kinte's struggle for his right to assert his own identity and mine along with others with handles and Nyms in relationship to Google+. The fact that he is judging us as being "self-righteous" kinda proves my point that we are challenging the the power and authority of the system and being judged negatively by the powers that be for for doing so.

Tim thinks that this issue is just a matter for the market to decide. Sadly he doesn't see it as the silencing of voices and the inability for those who are not as privileged as he is to speak with their own voice on the Google platform the dominant search utility for the web.

In the morning there was a whole much longer set of twitter responses kicked of by Kevin Marks and going back and forth with Tim O'Reilly and others.

Update: inspired in part by this post an amazing post "about tone" as a silencing/ignoring tactics when difficult, uncomfortable challenges are raised in situations of privilege was written by Shiela Marie.  

I decided to go in and change my profile basically back to what it was before all this started.  I put a  ( . ) dot in the last name field.  In my original version of my google proflile my last name was a * and when they said that was not acceptable I put my last name as my online handle "Identity Woman".

So just now as I did put a ( . ) for a last name I was told that a ( . ) didn't meet the real names policy and I could appeal so I did. There is no text field where you can explain yourself -  you can only submit your "Identification Documents" and "Links" to prove your identity.  This lack of ability to actually communicate/talk in a human way with the people who are making these decisions is really alienating. I did put a link to this blog post so we shall see.

I really don't want to use or need a last name. I have yet to meet any one with my name IRL (In Real Life) and it is very uncommon. If you search for Kaliya in Google. I am all over the front page as Identity Woman along with the mythical Hindu sea serpent that I share a name with.

I refuse to headline my "real" last name it is not "mine" and identify with it as an "other" name.  I am fine with it being on my drivers license and passport but it is not what I want at the top of MY PROFILE in Google at the heart of the social web as it relates to "me" the "real me" not the one on my legal paperwork.

At the heart of User-Centric identity is the freedom to choose one's name and this choice of mine is mine to make not Google's. We shall see how this goes over.

Here is my next posts about:

1) the broader political meanings of all of this: Google+ says your name is "Toby" NOT "Kunta Kinte"

Here are the previous posts about interacting with the Google+ name police:

* Google+ and my "real" name: Yes, I'm Identity Woman August 1

* Nymwars: IRL on Google's Lawns. August 5th

* Google+ Suspension saga continues. August 9, 2011.

WHY:  Even women with privileged access to Google insiders and who have real name handle combinations are not getting reinstated.

Yesterday, my friend Joseph Smarr put me in a circle - he works on Google+ and so I decided to e-mail him and ask if He could restore my account. I hadn't really tried to use my privileged access to him because of being in the identity community with him for the last 5 years. I actually met him at Mashup Camp in 2006 or 2007 where he was leading a session about his ideas on identity. Johannes Ernst and I were both there and told him he absolutely must participate in the next IIW.

He came and was an amazing contributor to the community proactively developing open standards for social networks and identity - so much so that he landed a job at Google... building Google+. What I don't get is what he doesn't get about people and their real names. I do appreciate very much what he said in his interview here with Digiphile at OSCON.

Smarr had one other comment on identity that goes to the difficultly of creating social networks in domains that may be hostile to free expression: "It's not just enough to offer the ability to post under a pseudonymous identifier. If you're going to make the commitment that we're not going to out your real identity, that actually takes a lot of work, especially if you're using your real account to log in and then posting under a pseudonym. We feel a real responsibility that if we're going to make the claim to people 'it's safe, you're not going to get outed,' then we really need to think through the architecture and make sure there aren't any loopholes where all of a sudden you get outed. That's actually a hard thing to do in software … we don't want to do it wrong, and so we'd rather wait until we get it right."

This comment is right on. Google knows it doesn't have the sophistication to have the two different kinds of "states" within these same accounts and guarantee to users that they won't be linked to each other, so that if you had a Google account with the "Identified" state using your real name, and then also had within that same account a "pseudonym" that was linked to some sensitive topic/issue/hobby, that it wouldn't link or leak this correlation. I actually respect them very much for this clarity.

What Joseph Smarr, Chris Messina and others clearly don't get is that most people who are managing pseudonyms do it today by having the anchors for each of those nyms be TOTALLY SEPARATE accounts, so this assumption that there is one Google account for each person is false. I think Google should be doing user education about how electronic systems work and how if you use the same e-mail address then everywhere you use that, it is linkable back to you. They should help users know the best practices and patterns for maintaining separate personas. One you learn early on is to have a separate e-mail account for the persona on a different service (mine is on Yahoo for example). Fundamentally it seams the engineering culture at google doesn't get "names" or people and social difference.

I'm still suspended from Google+ - it is frustrating to have an account, to be "in it", to see things go by and be silenced because of the suspension. I am in a position much like Skud. We have handles we are well known by and also immeshed with our "real names". She worked at Google so clearly knows folks there and I, having worked around issues of user/peoples' identity online for 7 years now know four people in leadership at Google who do identity (at Google+ and other sections of the company). Even we with connections to REAL people who work at Google, a very privileged position, can't get our names.

There is great organizing going on "online" about petitioning and telling stories ala - http://my.nameis.me/ I knew there would be a lot of amazing activity in this realm, I am totally going to chime in get involved in this way....and this is an online struggle that is becoming know as the nymwars (BTW who coined that, its genius).

danah boyd did an amazing post today naming the issue that forcing real names is an abuse of power.

The people who most heavily rely on pseudonyms in online spaces are those who are most marginalized by systems of power. “Real names” policies aren’t empowering; they’re an authoritarian assertion of power over vulnerable people. These ideas and issues aren’t new (and I’ve even talked about this before), but what is new is that marginalized people are banding together and speaking out loudly. And thank goodness.

This states very clearly what I was getting at in my post about my own personal suspension and the deeper issues Google+ and my "real" name: Yes, I'm Identity Woman

I don't think things will change until this fight shows up on google's door.

How:

I think to "win" this the profile of the issue has to be raised

It needs to have a "press event" IRL (In Real Life)

The goal is to shift the story/tone momentum our direction.

This is the image that I didn't actually detail when I wrote the Million Personal March idea..so here it is...

Imagine people "protesting"/carnivalling in front of Google's campus with Google signs visible in the background.... and if we organize it right, it will be VERY picturesque. So my thinking was a minimum of 100 people dressed as their "real life" alternative persona ... just imagine getting 10 folks from 10 of the following groups: (scroll down and you can imagine folks from all the images below mixed together).

• TAZ Spaces - SCA/Renaissance Fair, Burners,
• SciFi and other Movie Fans (Star Trekkers, Star Wars Fans, Battlestar Galactica, Harry Potter)
• Alternative sexuality community members (think gay pride parades including Radical Fairies, Furries, Our Ladies of Perpetual Indulgence), Religious communities (Buddhists, Sihks, muslims, jews,  Mennonites(do they use computers?), Quakers etc.
• Activists behind particular issues - Enviro, Justice (e.g. Oscar Grant), labor etc.
• Dancing troupes including ethnic dancers from around the world like Bhangra and Morris Men
• Musicians, drummers etc.
• Critical Mass cyclists

I'm totally open to more ideas for the colorful side.... imagine the scene in this video, but on Google's lawn.

A good percentage of the folks should have protest signs... we can do some work on figuring out good suggestions. The one I keep seeing is "Personas are People Too".

We should organize this across the country/world at Google facilities, call local television and newspapers to come and take photos,and also figure out a set of clear talking points for the movement.

I thought it inappropriate to use Google Groups to organize (that would normally be the first tool I went to but no longer, Google) . She's Geeky, a women's only technology conference I run, has had a lot of discussion about identity and persona management. We have an NPO Groups listserv we pay for so... let's use that to "organize" and I know there are IRC back channels going about this which will also be key.

I also set a MailChimp for those who just want updates when we figure our more of the logistics and could join it but don't want to actively organize. - click here to join the list..

Happy to hear your thoughts, comments, suggestions below.

Below is pictures that are all Creative Commons Licensed from Flickr... just imagine all of these kinds of people mixed together on Googles lawns, in front of Google signs, with protest signs and good talking points for the press that show up to get the snapshots for the newspapers and videos for the evening news.....

You know IRL (in real life) when people kill you they suffer legal consequence, here with real persona it's open season.  Its not right.  (Just read Raef's Declaration of the Rights of Avatars - among the many bills of rights re: online identity and privacy I have collected).

So lets organize a March on Google for the rights of people with Persona's.

As I outline in this next section, there is a lot of meaning packed into the word “trust” and it varies on context and scale. Given that the word trust is found 97 times in the NSTIC document and that the NSTIC governing body is going to be in charge of administering “trust marks” to “trust frameworks” it is important to review its meaning.

I can get behind this statement: There is an emergent property called trust, and if NSTIC is successful, trust on the web would go up, worldwide.

However, the way the word “trust” is used within the NSTIC document, it often includes far to broad a swath of meaning.

When spoken of in every day conversation trust is most often social trust.

Trust in a social context: The typical definition of trust follows the general intuition about trust and contains such elements as:

• the willingness of one party (trustor) to rely on the actions of another party (trustee);
• reasonable expectation (confidence) of the trustor that the trustee will behave in a way beneficial to the trustor;
• risk of harm to the trustor if the trustee will not behave accordingly; and
• the absence of trustor's enforcement or control over actions performed by the trustee.

When discussing digital systems there is another meaning for trust related to cryptography and security and other policy enforcement.

Computational Trust - In Information security, computational trust is the generation of trusted authorities or user trust through cryptography.

Trusted Systems - In the security engineering subspecialty of computer science, a trusted system is a system that is relied upon to a specified extent to enforce a specified security policy. As such, a trusted system is one whose failure may break a specified security.

The choice of one individual to trust another depends on who they are, depending on the context, relationship and other factors. This can change and perhaps be tracked.

Trust Metrics -In psychology and sociology, a trust metric is a measurement of the degree to which one social actor (an individual or a group) trusts another social actor.

Trust Operates on Different Scales

In The Speed of TRUST: The One Thing That Changes Everything, Stephen M.R. Covey articulates 5 different ones. I think this model is helpful because it highlights how much trust means and how it operates differently at different scales.

Covey starts with people trusting themselves: SELF TRUST

Are we credible to ourselves?

• Do we have integrity are we congruent inside and out and walking our talk, living in accordance with one’s own values and beliefs?
• What is our intent when interacting with straightforward motives based on mutual benefit?
• What are our capabilities? Do we have the ability to establish, grow, extend and restore trust? What abilities do you have that inspired confidence, talents attitudes, skill, knowledge, style.
• What are our results? Do we get the right things done, are they done well and what is our consistency of results or tack record?

People in the Quantified Self movement are actually using digital devices and sensors to track themselves. They are using data analysis tools to see how fast they ran or what their caloric intake was. One of the reasons people track themselves to work on improving themselves, set goals and measure achievement over time. As they achieve results towards a goal they increase their credibility - their self trust.

Covey moves on to people trusting each other: RELATIONSHIP TRUST
One cultivates this kind of trust with others when one behaves consistently in ways that build trust. People are biologically wired to track behavior of others and form opinions about trustworthiness in real time, all the time balancing a wide array of variables. One way to simplify this is to imagine that with every person you interact with you have a “trust account”. The way you make deposits “In” to someone’s bank account is to have consistent behavior. Deposits are withdrawn from the “account” when someone is not consistent in following agreements.

Behaviors he believes generate trust:

• Create Transparency
• Demonstrate Respect
• Practice Accountability
• Deliver Results
• Get Better
• Extend Trust
• Talk Straight
• Listen First
• Show Loyalty
• Confront Reality
• Clarify Expectations
• Keep Commitments

People are really different: different kinds of behaviors matter more or less to an individual, and therefore a behavior’s meaning affects the current balance on any person’s given trust account account differently.

The Identity Ecosystem is an online environment where individuals and organizations will be able to trust each other because they follow agreed upon standards to obtain and authenticate their digital identities and the digital identities of devices. The Identity Ecosystem Framework is the overarching set of interoperability standards, risk models, privacy and liability policies, requirements, and accountability mechanisms that govern the Identity Ecosystem.

This quote from NSTIC makes a big assertion that trust is going to flow between people because they followed agreed-upon standards to obtain and authenticate their digital identities.

The implicit use case might be an individual, lets say her name is Jenna, goes to an attribute verifier service provider like her retail branch bank with attributes like drivers license, latest utility bill and her record showing she has also had a bank account with them for 5 years. The bank checks Jenna’s physical world credentials and then issue a digital token she can use to do 2-factor authentication online. The digital token, when she goes online, presents Jenna’s name as written on her driver’s license.

I see three behaviors in this use case:

Confronting Reality - there is a reality for most people in western liberal democracies that the government of the county or province you were born issued you a paper saying so, and this ironically named breeder document begets you more forms of identification. If a user has not been using their real name, they will now be forced to do so. The reality is, birthplace can have a huge effect on a person’s legal and identify reality.

Creating Transparency - Jenna has linked her “real legal name” to an account which that when she uses it will be transparent about who she is and let everyone know. This means people who look her up online can find her street address in real life. Well, it turns out this creates a vulnerability because others can find where her house is, stalk her or make threats against her.

Practicing Accountability - The ability to be accountable. If Jenna choose a criminal action online, others would be able to trace her by the real name she was using. But so too if she was mildly socially rude, people would know to withdraw from her “trust account”.

There are nine other behaviors really matter in human to human trust relationships but which are not covered in any way by the standards for obtaining and authenticating digital identities - the so-called trust frameworks.

There are other aspect that are not comparable about this scenario when you map them to how people trust one another in everyday life. I don’t trust people because I know their legal name because I checked it on their drivers license. In physical space, I see someone I know and I know it is them because they are in the same body form they were last time I saw them. This verisimilitude to the mental picture I have of them allows me to authenticate36 them visually. When I see them, I can pull up my mental trust account and see how much I have deposited in their account.

In the digital realm, I anchor my mental trust account to identifiers I hold for people in my mind. I need to have confidence that the system they use to authenticate (using a user name and password) is secure, that it isn’t someone else logging in and “being them” because they control the identifier.

When people interact with businesses, they use similar mental models for judging trustworthiness based on observed actions and experiences. The use of the phrase “trust framework” by its very name implies that those who have complied with its requirements are trustworthy because they had a standard way to obtain a digital identity and authenticate. There is a great diversity of particular behaviors that people use to make trust judgements. If people want to use one trust framework or another because they judge one or another ratings agency assesses it to be more “trustworthy” we have a very messy, convoluted conversation.

In groups of people working together: ORGANIZATIONAL TRUST
This mode of trust is about alignment of the structures, systems and symbols of organizational trust. If trust is low in an organization, then to compensate, certain behaviors or systems patterns emerge that are costly: Redundancy, Bureaucracy, Politics, Disengagement, Turnover, Churn and Fraud.

For organization there is: MARKET TRUST
The perception of a business entity in the market place is where there are all kinds of services that help consumers navigate what products to buy. Market trust is developed by repeated activity observed over time.

Beyond the business or nonprofit is: SOCIETAL TRUST
This is about giving back and contributing to the society and the commons. It is particularly important to give back to society trust assets one owns but everyone benefits from. It is vital that societal trust be maintained because other scales for trust operate at this level as a support structure. This is where there is backup when other forms of trust fail and you can trust the court system to give you fair treatment when seeking redress.

“If NSTIC is successful, trust on the web would go up, worldwide.” The trust in this sentence is at the societal level scale and I believe it is true. However the way to succeed in achieving this level of trust is not to name policy-tech frameworks throughout the system “trust frameworks”. I am very keen on NSTIC succeeding, however I am concerned that naming this critical part of the proposed ecosystem “trust frameworks” will actually generate mistrust of the system. If the term “trust framework” is the way policy-technology frameworks within the ecosystem are named and explained to the public, but people find those frameworks untrustworthy, they will suspect anything self labeled with “trust”. People will ask themselves: why should we trust a Trust Framework? Who made up the trust frameworks? Individuals will think to themselves: I am the one who decides what to trust...don’t tell me to trust something just because you call it a “Trust Framework.” Given the recent large scale institutional breakdown in trust in the banking system, consumers are skeptical of large publicly traded companies saying “trust us” we have a “trust framework” to protect you.

I highlighted the challenge with using the word, trust, for policy-technology frameworks at the NSTIC governance workshop at the beginning of June where Jeremy Grant asked me if I had a better name. I do have a better name for trust frameworks:

Accountability Frameworks.

Here is some of my reasoning:

• It is 2 words.
• It captures the heart of the intended purpose: Accountability
• Accountability is achieved in these frameworks via both technology standards and policies that are adopted and audit-able.
• Trust remains an emergent property of these accountability frameworks.
• There can be real conversations by various stakeholders who may have different needs and interests about the nature of the accountability in different frameworks. They can look to see weather particular accountability frameworks are trustworthy from a particular point of view.
• It avoids the problem of talking about the "trustability of trust frameworks".

Trust is absolutely essential in the Identity Ecosystem. People must trust that the information they share will be handled with care, respected and that human dignity is maintained by the individual actors within the Identity Ecosystem. This is achieved by having real accountability in the system around the user’s rights to use their data being respected. When the system is functioning well and accountability frameworks are followed then overall systems behavior of the Identity Ecosystem will be trustworthy.

This post is from pages 20-24 of Kaliya's NSTIC Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

This is the section before: Alignment of Stakeholders around the many NSTIC Goals

This is the section after: Ecosystem Maps - Present, Evolving, Future

The Many Goals for the Identity Ecosystem & NSTIC Governance

The NSTIC governance NOI articulates many key activities, qualities and goals for a governance system for NSTIC. NSTIC must:

• convene a wide variety of stakeholders to facilitate consensus
• administer the process for policy and standards
• development for the Identity Ecosystem Framework in accordance with the Strategy’s Guiding Principles
• maintain the rules of participating in the Identity Ecosystem
• be private sector-led
• be persistent and sustainable
• foster the evolution of the Identity Ecosystem to match the evolution of cyberspace itself.

Achieving these goals will require high-performance collaboration amongst the steering group and all self-identified stakeholder groups. It will also require earning the legitimacy from the public at large and using methods that surface their experience of the Identity Ecosystem Framework as it evolves.

Its a Wicked Problem

The problem of planning, catalyzing the emergence of and then governing an Identity Ecosystem  is a “wicked problem”, characterized by the following:

• The solution depends on how the problem is framed and vice-versa (i.e. the problem definition depends on the solution framing).
• Stakeholders have radically different world views and different frames for understanding the problem.
• The constraints the problem is subject to and the resources needed to solve it change over time.
• Every implemented solution is consequential, it will leave a trace and can not be undone.

It follows that ecosystem problems are so complex they never can be solved definitively. This is true for “identity” one example being. Is it (identity) fully defined by the individual? Or defined by the social context the individuals finds themselves?  Well, it’s both.

To achieve the goals above alignment around how to achieve all of these goals needs to be cultivated amongst stakeholder groups and shared language and understanding is key for that to happen.

Alignment

Alignment is congruence of intention, whereas agreement is congruence of opinion.

Alignment as congruence of intention is congruence of resolution for the attainment of a particular aim. An aim being in and of the future, unknown or unpredicted variables inevitably enter the generative equations for its achievement. Inherent in alignment, therefore, is the spirit of quest.

The spirit of quest generates open and evolving dialogue-in-action. Participants of a quest bring in diverse points of view while remaining united in the same quest. When they jointly choose a course of action, they know that the choice is a tentative mutual agreement, to be modified, altered, or even discarded along the way. The question is not "who is right" but "what is best" for the fulfillment of the intention.

In an alignment-based organization or movement, disagreement among participants does not diminish but rather enhances the power of the alignment and its synergetic impact. Plurality and diversity of ideas and views, united in a shared intention, mutually enrich one another toward the achievement of an end. In an agreement-based organization or movement, on the other hand, disagreement among participants often leads to internal strife, divisive politics, splitting into cliques, or eventual demise.

An agreement-based organization can transform itself to an alignment-based organization by shifting its value focus from agreement to alignment, from opinion to intention. Alignment is not a static state; it is a dynamic process of constant aligning and realigning in the continual movement of time through the timeless commitment to an intention.

People who differ in their opinions can align in their intentions. No more do we need the usual politics of opinion-domination...What we need instead is a new politics of intention-alignment... beyond agreement or disagreement.

A set of critical challenges that face humanity today includes the challenge of whether or not we can shift our value focus from opinion to intention, whether or not we can affirm common intentions, whether or not we can transcend differences of opinion and unite in common intentions, whether or not we can forge a planetary alignment for the achievement of our common intentions, and whether or not we can reconcile seemingly conflicting or misaligned intentions.

From: Alignment Beyond Agreement

By Yasuhiko Genku Kimura

Shared understanding arises from shared language. When groups collaborate effectively together, a recognizable pattern emerges for shared understanding.  This means unifying a goal/mission/vision so that the question "what are we trying to do" doesn't continually to come up. Within this pattern collaborators aren’t in group think but agree about their disagreements and understand what they are trying to do together.

Eugene Kim, along with some colleagues, created The Squirm Test to measure the level of shared understanding in a group:

The Squirm Test is performed on a group of people collaborating on something together. You get all of the people in a room, seated in a circle, and sitting on their hands.

The first person then stands up and spends a few minutes describing what the group is working on and why. No one is allowed to respond except to ask a clarifying question.

When the first person is done, the second person stands up and does the same thing, articulating the group's goals and motivations in his or her own words.

Everyone in the circle speaks in turns.

You can measure the amount of shared understanding in the group by observing the amount of squirming that happens during the process.

The squirm test is qualitative as a repeatable, measurable and visible to the whole group that does it.

Is there currently shared understanding and alignment amongst the identified NSTIC stakeholders?

No. I often find myself squirming while listening to fellow NSTIC stakeholders articulate their ideas about what we are doing with NSTIC. I imagine with all the comments I have made from a user-advocacy perspective that others have squirmed when I have spoken. Because I feel myself squirming often and I see others squirming too, I know there is limited shared understanding amongst NSTIC stakeholders.

--------

This post is from pages 17-19 of Kaliya's NSTIC Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

This is the section before: Proactive Development of Shared Language by NSTIC Stakeholders

This is the section after: The Trouble with Trust

This diagram is from the Unisys Security Index Survey.

I am also very conscious of the implications of doing so and how public things are when I do. I manage my public persona - the parts of myself that I share publicly on the web associated with my professional work and personal passion - User-Centric Digital Identity.

Today I saw a friend share via Facebook that they were attending a cool panel at SXSW - Demystifying Online Privacy and Empowering the Digital Self

I went over to Plancast where it was listed and also signaled that I would be attending THEN it asked me if I would like to share via Facebook. "sure" I think that makes sense - I learned about it there why not, it is part of my professional public life online.

So then the Terms of Use show up...and you know they are just too extensive. Why to post that I AM going to one event must I give all this information away. It is also a go-no-go proposition. I can't "Uncheck" things I don't want to let plancast do. THIS IS really broken. It needs to be fixed. I need to be able to use applications AND have control over how much they can do with my data and how much freedom they have to post.

I ONLY want to give them permission to post this one item...maybe in time I might trust them enough to have full access but that will come in time as I grow to know their service and trust their business practices.

Plancast is requesting permission to do the following:
Access my basic information
Includes name, profile picture, gender, networks, user ID, list of friends, and any other information I've shared with everyone.
Send me email
Plancast may email me directly at kaliya@mac.com ·
Post to my Wall
Plancast may post status messages, notes, photos, and videos to my Wall

Access my data any time

Plancast may access my data when I'm not using the application
Access my profile information
About Me, Events, Current City and Website

This conference is the brain child of Natalie Fonseca who has run the Tech Policy Summit for several years.

I am speaking at the event on a panel about personal data stores (a new project I will write more about here soon).  I am really proud to be amongst many other women industry leaders speaking. I know Natalie took proactive approach to recruiting women to speak and voila - their are women speakers at this technology conference.

Denise Tayloe, CEO of Privo
Marie Alexander, CEO of Quova
Linda Criddle, CEO of Reputation Share
Fran Maier, President of TRUSTe
Anne Toth, Chief Privacy Officer for Yahoo
Michelle Dennedy, VP at Oracle
Judith Spencer of GSA
Christine Lemke, CTO of Sense Networks
Betsy Masiello of Google
Heather West of Center for Democracy and Technology
Eve Maler of PayPal
Susan Lyon of Perkins Coie
Deborah Estrin of UCLA

It should be a great event - the guys on the program are equally cool.

The woman writing the article is very clear on the identity "creep" that happened and got to the point of requiring users to use the Real ID account within the system to post on forums and EVEYWHERE they interacted on company websites.

She articulates clearly why this creates an unhealthy climate and a chilled atmosphere for many users.

She articulated why she chose initially to sign up for the service using her "Real Name"

When Real ID came out a few weeks ago, I threw caution to the wind. Although my name is fairly uncommon, I immediately added everyone in my guild. I did this mostly because I like my guildmates, I trust them, and I’m an officer of our guild; it would be strange for me to not use this service. We killed heroic Lich King together, we make all kinds of obscene jokes, and although I’m one of two females in the entire guild of forty or so people, harassment is never an issue. I’m an equal. I’ve been here for over a year, and as such, giving these players my real life name wasn’t an issue.

Listen to her language carefully - she says "in this context" I trusted sharing my real name and my gender which is likely given away by her real name.  She knows her guild mates and they don't harass her.

there was a smaller problem. The guildmates I’d friended had friends who could see me as well because of this. For some reason, Real ID came with the feature that everyone can view other people’s friends–that is to say if I friend Joe, I can then see Joe’s friends and Joe’s friends can see me.

In the process though her "real name" was leaked beyond this trusted group to their friends.  Some of whom may not have known her gender.

Now their "Real ID" system is being extended farther.

Blizzard announced today that all posts on their forums will be now using Real ID. This is mandatory–if you want to post, you have to post this way....real life names will be next to those who post. This will affect everyone, even Blizzard employees. They are also adding a karma feature that will be a lot like Reddit or Digg.

You think why is this "so bad" we should all just be comfortable being "out" about our gaming life or what we say online.

1st she highlights why anonymity is good:

The internet is largely what it is because of its anonymity–for better and for worse. Many great discussions have been had solely because someone could submit their words without worry of being judged.

She acknowledges "greifing" happens because of this but that this is mitigated by moderation.

She says those who really do want grief other people are being given more tools to do so with by actually revealing people's real life names, and addresses (in physical or online space).

by using a full name, players are tied to their real life persona and unable to separate themselves from their online one.

Taking away the freedom to "disaggregate" yourself is where the issue is.  People need to be able to be gamers and NOT have it leak into their real lives where it could affect their livelyhood or standing in a totally different community.

In this system, it becomes linked forever in search engines. This means potential employers could find out if a player was a World of Warcraft fan and even the characters they have with a simple search.

If you don't think it is an issue perhaps you are not in a minority or in a "target population"

Women might find it harsher with new avenues of harassment opened. Transgendered people could be inadvertently outted when someone sees Sally, the friendly Paladin chick, posting under the name Steve. Someone could have a distinctive name and be disregarded solely because their name sounded like a person of a certain background, race, religion, or otherwise. And if someone’s a minor–or even major–celebrity, having their name exposed could be damaging.

Those in charge of and designing systems need to think twice before making changes.

Like I said, there were options. Unfortunately it seems Blizzard executives chose not to look into them and then turned a blind eye. It’s just a shame that this lack of foresight will probably at the very least result in the harassment of many thousands of individuals–if it doesn’t end up causing something worse for a select few.

As for me, I haven’t forgotten about the person from France who spent over six months to track down and attempt murder on a guy who fragged him in Counter-strike (NY Daily News). Call me pessimistic all you want, but I have to wonder if Blizzard’s marketing department even thought about it.

..we decided that these would be the social norms now and we just went for it.

When I first heard it in the interview in the video I did a major double take - "we decided" ?? seriously? The we in that sentence is Facebook and clearly with Zuckerburg is at the helm - He could have said "I decided" and he as the CEO of a social network has the power to "decide" the fate of the privately shared amongst friends in the context of this particular social network for millions of people (see my post about the privacy move violating the contract with users). It makes you wonder if this one platform has too much power and in this example makes the case for a distributed social network where people have their own autonomy to share their information on their own terms and not trust that the company running a platform will not expose their information.

It is clear that Zuckerberg and his team don't get social norms and how they work - people create social norms with their usage and practices in social space (both online and off).

It is "possible" to change what is available publicly and there for making it normal by flipping a switch and making things that were private public for millions of people, but it is unethical and undermines the trust people have in the network.

I will agree there is an emerging norm that young men working building tools in Silicon Valley have a social norm of "being public about everything", but they are not everyone. I am looking forward to seeing social tools developed by women and actual community organizers rather then just techno geeks.

I will have more to say on this later this week - I was quite busy Saturday - I ran the Community Leadership Summit, yesterday I flew to DC and today I am running the Open Government Directive Workshop. While I am here I hope to meet with folks about Identity in DC over the next 2 days.

Fed Up with Facebook Privacy Issues? Here is how to End it All.

It highlights two different Web 2.0 suicide machines; one is an art project called Seppukoo.com .

The service creates a virtual memorial for you and posts you on a suicide wall & they give you points for how many friends you had and how many of them choose to follow you to the "after life". The leader board is here.  You can see the RIP page for one of the creators of the service - Gionatan Quintini here.

It received a cease and desist from Facebook and responded.

The response is not covered in the article (it wasn't out when I wrote it). It has some great quotes that sound like language coming from the user-centric identity community.

5. My clients have the right to receive information, ideas, and photographs from those people whom are the legitimate proprietors of this data and can decide to share this data or to store it, with the prior consent of its respective owners. All of this is freedom of expression and the manifestation of thought and free circulation of ideas that is accepted and guaranteed in Europe and in the U.S.A.

6. Facebook cannot order the erasure of data that does not belong to it, acting against the free will of the owners of such data. This is not protection of privacy, but rather a violation of the free will of citizens that can decide freely and for themselves how to arrange their personal sphere.

Web 2.0 Suicide Machine is more comprehensive - covering LinkedIn & Twitter as well.

Here is the previous Read Write Web post on the changes in what is and is not public.

Facebook's Privacy Move Violates Contract With Users

Your name, profile picture, gender, current city, networks, Friends List, and all the pages you subscribe to are now publicly available information on Facebook. This means everyone on the web can see it; it is searchable.

This represents just the latest instance of Facebook violating the contract it holds with its users. This is no small matter, either. Lots of people will have very real and valid objections to this arbitrary change to what's public and what's private on Facebook.

....an articulation of the nature of the social contract sites with social features have with users....

I wonder how many more times they will get strip us down, leaving our familiar social clothes and underware on the floor, and leaving us socially nude.

I think it is unethical and I agree with the concern that Jason Calacanis raises about how this will affect other Internet companies. "Facebook's reckless behavior is... simultaneously making users distrust the Internet and bringing the attention of regulators." This change will affect all of us working on building the new techno-social architecture of our society via the web.

When everyone has a cell phone, everyone is a photographer, when everyone has access to YouTube, everyone is a filmmaker, and when everyone is a blogger everyone is a newspaper.

When everyone is a photographer, a newspaper and a filmaker everyone else is a public figure. Tell your kids ok,  be careful every move they make is now a digital footprint. You are on candid camera and unfortunately the real message to young people from all these incidents... (he says holding his hands closely together) is really keep yourself tight - don't say anything controversial, don't think anything controversial, don't put anything in print - you know what ever you do just kind of smooth out all the edges (he says moving his hands in a streamlining motion down) and maybe you too - you know when you get nominated to be ambassador to Burkina Faso will be able to get through the hearing.

What does this capacity to document "everything" digitally mean to free thinking, and free speech? It seems that is having a quelling effect.

I have written about the participatory panopticon several times, a term coined by Jamais Cascio.

* Participatory Panopticon strikes Michael Phelps

* We Live in Public – a movie

* “sousveillance” coming to NYC and Big Brother coming to NYC

* Participatory Panopticon tracking the CIA’s Torture Taxi

* Condi Caught by Emerging Participatory Panopticon

* Accelerating Change Highlights: 1 (Jon Udell)

The first time I spent a whole day with technologists working on the identity layer of the web in 2003 I asked publicly at the end of the day - how do we forgive in these new kinds of tools in place? How do we allow for people to change over time if "everything" is documented?

I hope we can have a dialogue about these kinds of issues via the blogosphere and also face to face at the 9th Internet Identity Workshop coming up in November.

The picture pretty much sums the conundrum up.

Is it ok for individuals to promote pot on these social networking services?

Should social networks allow marijuana dispensaries to have organizational presences?

(from an e-mail from Fast Company promoting this article)

The question is, whose laws do social networks have to follow? The Web may seem borderless, but as companies like Google and Yahoo have found in China and, more recently, Twitter and Facebook found in Iran, virtual boundaries do exist. So what's a company like Facebook or Twitter to do? It will be interesting to see how Silicon Valley finesses this one, particularly because the companies are based in California where the dispensaries are considered legitimate enterprises (at least in the eyes of the law).

I poked around on twitter and found a whole Marijuana movement

along with the Stoner Nation Facebook page and Stoner Nation Twitter and on Blogger and their own site.

Interestingly I searched in Facebook to find the stoner nation page and it was not listed when typed as two words but was when I typed it the way their name is listed as one word - StonerNation .

It is not a surprise to see seems there are many fans of Stoner Nation who are using Facebook accounts without their real names. Like Oregon Slacker , Stoner Stuff, and Drink Moxie.

I think this liminal space between the legal and illegal (at least this is factually the case in california) is quiet interesting. The freedom to express oneself and organize around change is something that is important to maintain on the web - clearly these three people have chosen to weave a line - expressing their opinion and support and involvement around marijuana online and not releasing their "real names" on facebook or twitter where they are expressing support and involvement in movement organizing but making the choice that saying who they are may negatively affect them in their 'daily life' - whether it be a small town where they live that would be unaccepting or a profession they hold that would not be understanding. I think these rights and issues go beyond "just" drug use but also extend to sexual and other minorities. The marijuana community is activating right now because there is a ballot initiative here in 2010 to legalize pot and tax it (potentially generating 1.2 billion dollars in revenue annually for the state).

I think a question we all have in building the evolving open and social web is how do we support citizens having the freedom to express themselves online and in social contexts. What are the particulars of online identity that enable this as a possibility and don't rule the fundamental right of freedom of expression out? I am specifically thinking about the equivalent to anonymously joining a social movement march in the physical world.

As a prominent privacy advocate, Timothy Sparapani, former senior legislative counsel for the American Civil Liberties Union, argued that Internet companies have too much control over consumers' data. The self-described "privacy zealot" didn't join Facebook until seven months ago because he was uneasy about revealing personal information on the site.

He joins 24-year-old Adam Coner for the last year who has had as his main job "educat[ing] members of Congress and Capitol Hill staffers about leveraging Facebook to reach constituents."

The current Chief Privacy officer Chris Kelly will be going on a leave of absence in September to focus on running for Attorney General of California.

EPIC has a very detailed page about Facebook Privacy. It is an impressive page that will give you pause. It outlines all the major features of the service it has concerns about. It has a list of all the EPIC Actions related to Facebook too.

This week Facebook is taking some steps to improve privacy from its website:

The power to share is the cornerstone of Facebook. Privacy and the tools for tailoring what information is shared with whom are at the heart of trust. Over the past five years, Facebook has learned that effective privacy is grounded in three basic principles:

• Control. When people can easily control the audience for their information and content, they share more and they're able to better connect with the people who matter in their lives.

• Simplicity. When tools are simple, people are more likely to use them and understand them.

• Connection. With effective tools, people can successfully balance their desire to control access to information with their desire to connect – to discover and be discovered by those they care about.

That's why in the coming days, we'll be improving privacy on Facebook by launching a series of tests that guide people to new, simpler tools of control and connection.

I wrote about some of the issues I have with Facebook when I heard Dave Morin talk at SXSW "Am I to "old" to get Facebook - or do they not get it?". I highlighted 3 different issues:

• What Blane Cook describes as "being in a room with everyone you ever met all the time": all my friends from different contexts of my life get all the same 'status' updates and I don't use them cause I feel like it is social spam to speak to them with the same voice and same frequency. I also don't like that it broadcasts everything I "do" in the network to everyone.

• "Real Names" vs. handles online - their belief they have "everyone's real name in facebook"

• The difference that women experience in online space and how they manage and protect their identity and what information is online.

Here is what they are saying about how to address this issue:

They are introducing a Publisher Privacy Control so that on a per-post basis users can control who sees each post. Friends, Friends and Family etc. On the other end of the spectrum, you can also share with "everyone" now.

They are simplifying their privacy settings. Hopefully this will make it more usable.

They are figuring out how to gracefully help people transition between the old settings and the new way.

They are asking everyone to revisit their settings...because:

We think Facebook is most useful when people can find and connect with each other, which is why this tool will enable you to make available those parts of your profile that you feel comfortable sharing in order to facilitate better connection. You will have the choice of being as open or as limited in the sharing of this information as you want.

The byline on the post is cute:

Chris Kelly, Facebook's chief privacy officer, is glad to be offering you more control.

Read Write Web goes into their understanding of the announcement and user experience. This is a long, good piece.

I actually found this a bit surprising - remember the big debate on the Social Web TV I had with Josh Elman about "real names." He was against handles completely and felt that the big value facebook brought was "real names". I argued for handles and the freedom to choose one's "identity" on the web. I made the point that free society - having the ability freedom to have the option to have and use handles on the web NOT linked to our given/ in real life names. Another thing is that handles help us navigate namespace clash from regular names. Max from MySpace is 8bitkid not some other Max in a sea of Max's.

I ran into Josh Elman at the Building43 party and we agreed I kinda won the debate with this latest development. It seems that having peoples pages rank higher in google is helped by having readable URL's.

They of course "strongly encouraged" people to just pick a URL with one's real name and did so by "suggesting" names that were derivatives of one's name. You could override this and type in your own name choice (however defaults matter so most people will end up with names similar to their real name - rather then being asked to think up one). They give users an addressable identity.

Max Engel of MySpace became /8BitKid - his handle "everywhere"

David Recordon surprisingly didn't go with DaveMan692 - his handle most places - he is /DavidRecordon

My friend Jennifer became /dangerangel as she had originally signed up for in Facebook but they disallowed her to have it.

I just became /Kaliya (I am hoping I can get enough fans to claim /identitywoman for that persona)

What is particularly interesting is the layers of identity in Facebook.

With a Facebook URLFacebook has the one's username is not one's e-mail address as it is with Google profiles and one also has a common name (or as they say "real name") that is presented to throughout the system.

Google ironically enough they ask if you want a "contact" me button on your page that does not give away your e-mail address when the profile URL gives away your e-mail address.

Twitter has /usernames AND another display name of your choosing that is changeable (the /usernames are not). However most twitter clients display one or the other. If you are used to seeing the display name and then are on your phone that is only showing @handle /username then you don't know who is talking.

Facebook usernames is another example Twitter feature adoption by Facebook others being activity streams becoming much more like twitter streams.

I said when I first "got" twitter about 18 months ago - a big part of the value it provided was its namespace. It gave me a cool anchor on the web that allowed communication between me and others via the web.

So how is it going so far? Inside facebook reports that over the weekend 6 million folks - 3% of their userbase gut URLs. 500,000 in the first 15 min, 1,000,000 in the first hour and 3 million in the first 14 hours.

There were several examples of FaceSquating. Mike Pence took Obiefernadez's name.

Anil Dash has the funniest post ever about the whole thing. Highlight the point that users don't need facebook URL's they can just get their own domain name. He repeats this throughout the post about what these services are not telling you:

None of these posts mention that you can also register a real domain name that you can own, instead of just having another URL on Facebook.

I completely agree with him - he also misses a key point the usability of facebook is vastly higher then the usability of domain name registration, cpanel management and other things involved in getting ones own personal web presence going. DiSo isn't hear yet so we can't link to our friends without linking capability that a facebook provides. I suppose Chi.mp was trying to

He links to a post of his from December 2002 called privacy and identity control.

I own my name. I am the first, and definitive, source of information on me.

One of the biggest benefits of that reality is that I now have control. The information I choose to reveal on my site sets the biggest boundaries for my privacy on the web. Granted, I'll never have total control. But look at most people, especially novice Internet users, who are concerned with privacy. They're fighting a losing battle, trying to prevent their personal information from being available on the web at all. If you recognize that it's going to happen, your best bet is to choose how, when, and where it shows up.

That's the future. Own your name. Buy the domain name, get yourself linked to, and put up a page. Make it a blank page, if you want. Fill it with disinformation or gibberish. Plug in other random people's names into Googlism and paste their realities into your own. Or, just reveal the parts of your life that you feel represent you most effectively on the web. Publish things that advance your career or your love life or that document your travels around the world. But if you care about your privacy, and you care about your identity, take the steps to control it now.

In a few years, it won't be as critical. There will be a reasonably trustworthy system of identity and authorship verification. Finding a person's words and thoughts across different media and time periods will be relatively easy.

What people don't quite get is that if they anchor their whole online life around someone else's domain they are locked in. When I first started paying attention to user-centric identity online this was one of the meta-long term issues that the first identity commons folks (Drummond Reed, Fen Lebalm, Owen Davis, Andrew Nelson, Eugene Kim, Jim Fournier, Marc Le Maitre, Bill Barnhill, Nikolaj Nyholm, etc).

A few of them wrote a paper about it all - THE SOCIAL WEB - Creating an Open Social Network with XDI.

They liked the XRI/i-names architecture because it addressed the URL recycling problem with a layer of abstraction. All i-names also have linked to them a conical identifier - an i-number. This number is never reassigned in the global registry. However one could "sell" one's i-name (mine is =kaliya) and that new person could use it but it would have a different i-number assigned to it for that person.

This past week at the Online Community Unconference we were talking about the issue of conversation tracking around blog conversations. How an one watch/track the conversation about one's work if it is cross posted on 10 different sites OR if it is just posted in one place and one is distributing a link through 10 different channels? We never did get to an answer - I chimed in that the web was missing an abstraction layer - that if one could have a canonical identifier for a post that was up in 10 different places this would make it easier to track/see conversations about that post. What we do have now that we didn't have 3 years ago for helping track conversations across multiple contexts is OpenID at least so you can see if someone commenting in one place is the same as someone commenting in another.

There is an additional layer of abstraction in the XRI architecture that supports several things are key to helping people integrate themselves and information about themselves on thew web.

One is cross referencing - so I could have have two different (URI) addresses for the same information (in the identifier - not just mapped over one another leaving me with one address OR the other) and also have one version of my profile be the one I controlled and a different be a version that appeared in a certain social context.

There is also a concept of much finer grained data addressability and control - so I could have my home address in one place and instead of entering this into each website/services/company portal that I want to have this information - just hand them a link to the canonical copy I manage and then I don't have to change it everywhere. This is of course where the VRM folks are going with their architectures and services.

We shall see how it all evolves. That is what we do at the Internet Identity Workshop is keeping on working on figuring this all out.

Individual-i stands for:

* Freedom from surveillance
* Personal privacy
* Anonymity
* Equal protection
* Due process
* Freedom to read, write, think, speak, associate, and travel
* The right to make your own choices about sex, reproduction, marriage, and death
* The right to dissent

The next few posts are what I transcribed as best I could while he talked.

TSA had promised it would only use the limited information about passengers that it had obtained from airlines. Instead, the agency and its contractors compiled files on people using data from commercial brokers and then compared those files with the lists.

The GAO reported that about 100 million records were collected.

The 1974 Privacy Act requires the government to notify the public when it collects information about people. It must say who it's gathering information about, what kinds of information, why it's being collected and how the information is stored.

And to protect people from having misinformation about them in their files, the government must also disclose how they can access and correct the data it has collected.

Before it began testing Secure Flight, the TSA published notices in September and November saying that it would collect from airlines information about people who flew commercially in June 2004.

Instead, the agency actually took 43,000 names of passengers and used about 200,000 variations of those names - who turned out to be real people who may not have flown that month, the GAO said. A TSA contractor collected 100 million records on those names.

It brings up some serious concerns about how information collection and validation is done by the TSA for airline passengers. How can we trust governments to collect this much information about us just because we travel.

This week I wonder why care about airlines passengers because security is so tight that airlines do not seem to be a place where the next round of attacks will be. If London is any indication it will be on mass transit. Given the level of police/security presence on the transit systems in the Bay Area this week is certainly seems like there is some concern that mass transit will be attacked. They have started random searching of bags to get on the NYC subway. One wonders if they will start issuing 'identity passes' to get on such systems.

On the city subways, which are used by 4.5 million people on the average workday, the inspections started on a small scale Thursday afternoon and were expanded Friday.

The New York Civil Liberties Union opposed the searches, saying they violated the Fourth Amendment. Mayor Michael Bloomberg said he hoped the NYCLU would recognize that the city had struck the right balance between security and protecting constitutional rights. He said the bag-checking program is part of a policy to "constantly change tactics" and "may, or may not, be there tomorrow."

Tourists visiting Disney theme parks in Central Florida must now provide their index and middle fingers to be scanned before entering the front gates.

The scans were formerly for season pass holders but now everyone must provide their fingers, Local 6 News reported. They have reportedly been phased in for all ticket holders during the past six months, according to a report.

I think it's a step in the wrong direction," Civil Liberties Union spokesman George Crossley said. "I think it is a step toward collection personal information on people regardless of what Disney says.

I think this is self explanatory in terms of why it is concerning. It seems to goes along with what is now happening with FastTrack passes (automatic toll readers) that I heard about last night at the Hillside Club CyberSalon where Esther Dyson was speaking. I googled the phenomena and here are some excerpts of what I found.

In New York State, readers have been multiplying ever since September 1997, when the New York Police Department (NYPD) used E-Z Pass toll records to locate and track the movements of a car owned by Nelson G. Gross, a New Jersey millionaire who had been abducted and murdered. The NYPD had neither a subpoena nor a warrant to obtain those records; the police simply asked the Metropolitan Transportation Authority (MTA), and the MTA complied. This set a very bad precedent. Though Gross wasn't alive to complain about it, his privacy had been violated. Access to those toll records also permitted access to all sorts of sensitive information, including his billing address, his credit card number, his license plate number and his Social Security number.

In February 1998, the MTA announced that -- near the Tappan Zee Bridge (the site of the first reader in New York State, installed in 1993) -- it had just concluded a successful "experiment" with readers that could detect and extract information from transponders even though the cars to which they were attached didn't slow down. These "high-speed readers" were only three-feet tall and could be placed just about anywhere. As a result, they permitted the ETC system to do something it was never intended to do: namely, collect truly huge amounts of information about such non-toll related phenomena as traffic flows, speeds, densities and delays (all of which, incidentally, can be videotaped by either flow monitoring or security cameras that have been automatically activated by the readers).

Since then, high-speed readers have been installed along a great many State-owned roads and highways; they've also been installed atop many residential buildings in New York City.

Opening - Sermon on Laws

Laws of Planetary Motion
Kim's Laws what happens to Identity if you make stupid or subtle mistakes
Newtons Law - gravity
Why things happen
Introduction - Looking Back Digital Signatures

A while back we decided we needed non-repudiation and did digital signatures by issuing certificates.
We forgot to figure out why do signatures work in the real world.
So, we got how they worked wrong in the technical world.
Having signatures not work is bad looking forward having privacy not work is bad.
Body of Talk
Definition:
Identity is a collection of attributes by which a person or thing is generally recognized or known
Identity Relativity
The Identity of X according to Y: The set of attributes believed by Y to be true of X.
Axiom: Utility
An identity attribute has value if and only if knowing that attribute reduces risk for some party
Reducing one party's risk often creates risks for other parties.
Consequence: Identification is Power
Identity allocates risk.The ability to create or eliminate a risk for another confers power over the other.

Axiom: Contention
Because identity claims allocate risks, they will be disputed.
Identity Attributes

• Commercial Interest - Convenience
• Government Interest - Security
• Individual interest - Privacy

Definition
Privacy: is the ability to lie about yourself and get away with it.

Axiom: Subjectivity
People disagree about one anothers identity attributes
In general, there's now easy way to tell who's right and who's wrong
Axiom: Temporality
The name that can be named is not enduring and unchanging name. All identity attributes change over time.

• Prince -> symbol
• Michael Jackson Black -> Plastified

Axiom: Obscurity
Identity attributes can be

• what you know - you can lie
• what you have - loose / leave
• what you are - alter disguise

Axiom: Publicity
Identity attributes cannot be secret
By definition attributes aren't observable can't be used to use attributes
Axiom: Contextually
Identity is inherently subject to effect of scale.
Brandon Mayfield - guy who did not blow up trains
His finger print matched one at Madrid Bombing (it was not an accurate assertion)
Large databases -> not completely reliable
To scale identity information one needs to collect -- more information

Consequence: Powerlessness
Identity is in they eye of the beholder - subjectivity.

• You can't control what other people think or say about you.
• You can't even know who knows what about you.
• Can control what you tell people but not what people find out

Consequence: Privacy Erosion
Scale requires distinguishing between lots of individuals which requires lots of information.
In a sufficiently large population the commonly agreed to be public attributes will not distinguishing individuals well enough.
So information about sensitive attributes will be collected.

In the UK they are look at putting in scanners (QinetiQ) while entering the subway to detect knives but what about creep in the use of other things identifying tatoos?
People push back against government identification.

Consequence: Due Process
Because identity is subjective, contextually, contention and obscurity and temporality.

IDENTIFICATION REQUIRES DUE PROCESS

But due process undermines the business case for identity. Due process requires transparency. Transparency reveals how identity attributes are collected and synthesized to make judgment. Collection and Synthesis are the only sources of completive value.

They do it because they like costumer intimacy.

Supply and Demand mismatch between favorable and unfavorable information.
Favorable information is easy to get.
The subject is happy to give it to you and the subject is happy to help you authenticate it. Therefore the supply is large and the value is low. But it's worse: Demand is also low! Because favorable information is less likely to reduce another party's risk. Especially the case when the other party has lots of potential customers.

The business case fore identity service provider infringes privacy.

The business of identity service providers is risk reduction withholding adverse information decrease the value of business.
Collecting more adverse information makes more.

Identity and Privacy are Incompatible.
Adverse information has positive identity value but negative privacy value.
Favorable information has zero identity value and zero privacy value.

Fable about MARIA

Recent guatemalan immigration
she has AIDS and she doesn't want anyone to know. The health insurance company wants to know this information because it is a $180,000 not to know this.

]]> http://www.identitywoman.net/catalyst-logic-of-identity-bob-blakley-chief-scientist-ibm/feed 0 http://www.identitywoman.net/meta-data-collaborative-filtering-and-identity#utm_source=feed&utm_medium=feed&utm_campaign=feed http://www.identitywoman.net/meta-data-collaborative-filtering-and-identity#comments Sun, 10 Jul 2005 22:32:12 +0000 Kaliya Hamlin, Identity Woman http://www.identitywoman.net/?p=28 Collaborative Filtering and Identity from John Udell. A use case we should be thinking about.

What if one would create a crawler application that, using all of these sources, could compine a complete "view" of my digital online self?

The problem though, is that "social" internet tools, that effectively visualize this stuff, are not all that common yet. Bloglines, Del.icio.us, and Flickr, and a few others, are still few and far between.

And then there is privacy. Now personally, I have no problem sharing all this metadata about myself. I would not even mind my browsing habbits being monitored to service the "social" metaspace like I do with the above-mentioned services, provided I had complete and transparent control over when what was monitored.

Wouldnt it be kinda creepy, once we indeed had a centralized match-and-compare system for all of this data, if you where to run into another person online that mirrored you and your interestes in every way? And online doppelganger, so to speak.

Before privacy laws or the Charter, there was little if anything to stop police or national security operatives from cajoling or coercing information from private sector organizations. A civic-minded government department or company could blab all it wanted about its customers or employees.

Our privacy laws changed this, although they didn't really try to put a stop to it. In BC, our public sector privacy law gives public bodies discretion to disclose personal information for law enforcement purposes, without warrant, but there are (some would argue, weak) constraints on this. The same can be said for our private sector privacy law. Still, these laws, together with the Charter, have until recently insulated against over-enthusiastic private sector co-operation with all and sundry state inquiries. Is this still true? If it is, how long will this last?

After the 9/11 attacks, governments everywhere felt compelled to act, and to be seen to act. This was in an important sense responsible of government. It was also mandated by political Darwinism. But a profoundly important aspect of the post-9/11 changes is the blurring of lines between collection and use of personal information for law enforcement purposes under criminal and other penal laws and use for national security purposes. A defining characteristic of police states is the blurring of distinctions between law enforcement and national security functions, the danger being that the rule of law eventually gives way to arbitrary decision-making by law enforcement authorities and the rights of ordinary citizens lose meaning. Democracies depend on clear and effective rules suited to the state activities that the rules are intended to govern and that reflect the essential values of a free society.

In Canada, post-9/11 amendments to the Customs Act and regulations authorize officials to require private sector organizations to provide border officials with extensive advance information about arriving passengers. These changes expanded the federal government's ability to use and share that information, not only for national security purposes, but also for ordinary law enforcement and other purposes, including (according to government statements in 2002) public health surveillance. The information-sharing authority includes a broad ability to share personal information about Canadians and others with foreign governments. The amendments don't restrict information-sharing arrangements to national security uses they could easily include ordinary law enforcement or other purposes defined on a case-by-case basis or in an agreement with another nation.

Also, Public Safety Act amendments to the Aeronautics Act allow the RCMP Commissioner to require any air carrier or operator of an air reservation system to, for the purposes of transportation security, disclose specified information in its control to any person the Commissioner designates. Despite the Public Safety Act reference to transportation security, the amendments allow this data to be matched with other data and to be disclosed to assist in executing certain outstanding arrest warrants. This effectively compels the private sector to assist the state, in the absence of a warrant or court order, in surveillance of all air travellers for the broader general purposes of both national security and ordinary law enforcement.

Consistent with these powers to conscript the private sector into both national security and law enforcement activities, Public Safety Act amendments to the Personal Information Protection and Electronic Documents Act (PIPEDA) permit private sector organizations to collect personal information without an individual's knowledge or consent in circumstances that amount to an invitation to, and in some cases compulsion of, the private sector to assist the state in surveillance for both general national security and ordinary law enforcement purposes.

The Public Safety Act also amended the Proceeds of Crime (Money Laundering) and Terrorist Financing Act to authorize the Financial Transactions and Reports Analysis Centre of Canada to collect information it considers relevant to money laundering or financing of terrorist activities from publicly available information, including commercially available databases. FINTRAC is also authorized to obtain, under information-sharing agreements, information maintained by federal or provincial governments for law enforcement or national security reasons.

FINTRAC expanded powers point to the fact that, when it comes to co-opting the private sector, 9/11 can't be blamed for everything. Laundering of dirty money was of sufficient concern before 9/11 to lead to extensive transaction-reporting requirements for banks and others. You can easily find other examples of legislative responses to individually pressing policy challenges that draft private sector organizations into state service in the name of public safety or order. One example is the current federal government lawful access proposals, some of which would apparently require ISPs to hand over at least identifying customer information and perhaps more on simple request by state officials, and for a pretty broad range of uses.

Also, at the local level, at least in BC, we see more and more local government bylaws compelling businesses to hand customer information over to police for a variety of reasons. Pawnshop reporting requirements have been around for a long time, but now were seeing bylaws requiring businesses to regularly give police information, without request, in a variety of situations (such as information who's been buying pepper spray, hydroponic supplies or chemicals that could be used to make drugs and who's been renting mailboxes at commercial mailbox centres).

And governments are now large purchasers of personal information from the private sector. So far this is being seen mostly in the US think of Total Information Awareness, MATRIX, Secure Flight and so on but to think that our own governments will ignore the expanding private sector trove of electronic personal information much longer.

As databases proliferate, become more comprehensive and become lifelong, it'll be harder and harder to resist those who say that, since the information is out there, the state should be able to use it. Time and time again over the last six years I've been told by middle-aged, middle class Caucasian males that they have nothing to hide, so why should anyone else feel differently? Let the government have the information it needs to protect us, they say.

Now, I don't doubt the good faith of BC's police agencies not for a minute. But, thinking thirty or fifty years down the road to a time when the lines between national security and law enforcement have blurred to vanishing, will there be any meaningful rules? If not, will our belief in the good faith of state officials, set adrift without guiding rules, be enough to sustain our privacy and other rights?

The card provides strong security against traditional outsider attacks, but unfortunately has not been designed with privacy in mind. In fact, it features one of the worst privacy designs imaginable. Two glaring problems:

The citizen certificates on each ID chipcard contain the cardholder's name and RRN (the œrijksregistratienummer," a single government-wide identification number for each natural person). The name and RRN are disclosed whenever a card is used at a relying party. The RRN (which has a simple structure based on the citizen's birthday) serves as the key to numerous databases containing citizen information; on the basis of this number, all cardholder actions and movements with the eID chipcard can be electronically traced and linked (not merely by the government itself!).

The eID card specifies the following information, both visibly on the card itself and stored within the card's chip: cardholder's photo, surname and first names, gender, nationality, place and date of birth, signature, RRN, and the validity period of the card. In addition, the chip also stores the cardholder's current address. Some of this information is privacy-sensitive, yet the cardholder has no control over its disclosure. (Historically, this is the same information as has always been on Belgium identity cards, and so arguably this does not constitute a reduction in privacy; however, in most countries around the world an information-rich national identity card would not pass in the first place.)

The privacy problems do not stop here. Each eID chip contains two X.509v3 identity certificates (each specifying the citizen's name and RRN number, one for authentication and one for digital signing), as well as a basic signature key to authenticate the card with respect to the RRN. The certificates and public keys, which are assigned by the central issuing authority, by themselves serve as "omni-directional" identifiers that are globally unique. For a detailed account on the various privacy problems caused by this use of PKI, see, for instance, here.