Appendix 11 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

Excerpted from Protocol: how control exists after decentralization, by Alexander Galloway, MIT Press, 2004. Page 245-246.   (I first mentioned book on my blog in 2005)

Protocol is that machine, that massive control apparatus that guides distributed networks, creates cultural objects and engenders life forms.

This is an excerpt of about 1/2 of the authors summarizing moments selected from previous chapters:

• Protocol is a universalism achieved through negotiation, meaning that in the future protocol can and will be different.
• The goal of protocol is totality. It must accept everything, not matter what source, sender, or destination. It consumes diversity, aiming instead for university.
• Internet protocols allow for inter-operation between computers.
• Protocol is a language that regulates flow, directs netspace, codes relationships, and connects life forms. It is etiquette for autonomous agents.
• Protocol’s virtues include robustness, contingency, inter-operability, flexibility, heterogeneity, an pantheism.
• Protocol is a type of controlling logic that operates largely outside institutional, government and corporate power.
• Protocol is a system of distributed management that facilitates peer-to-peer relationships between autonomous entities.
• Protocol is synonymous with possibility.

Protocol then becomes more and more coextensive with humanity’s productive forces, and ultimately becomes the blueprint for humanity’s inner-most desires about the world and how it ought to be lived.

This makes protocol dangerous - ....A colleague Patrick Feng said recently: “Creating core protocols is something akin to constitutional law,” meaning that protocols create the core set of rules from which all other decisions descend. And like Supreme Court justices having control over the interpretation of the American Constitution, whoever has power over the creation of such protocols wields power over a very broad area indeed. In this sense protocols is dangerous.

....

It is important to remember that the technical is always political, that network architecture is politics. So protocol necessarily involves a complex interrelation of political questions, some progressive some reactionary. In many ways protocol is a dramatic move forward but in other ways it reinstates systems of social and technical control that are deserving of critical analysis.

This post is part of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

This is the section before: Who is Harmed by a “Real Names” Policy?

This post is Appendix 10 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

Who is Harmed by a "Real Names" Policy?

This is a reformatted version of http://geekfeminism.wikia.com/wiki/Who_is_harmed_by_a_%22Real_Names%22_policy%3F - please go to that wiki for the most recent version of that document.

From the Geek Feminism Wiki:

The groups of people who use pseudonyms, or want to use pseudonyms, are not a small minority....However, their needs are often ignored by the relatively privileged designers and policy-makers who want people to use their real/legal names.

For the groups listed below the costs for using a real name can be quite significant, including:

• harassment, both online and offline
• discrimination in employment, provision of services, etc.
• actual physical danger of bullying, hate crime, etc.
• arrest, imprisonment, or execution in some jurisdictions
• economic harm such as job loss, loss of professional reputation, etc.
• social costs of not being able to interact with friends and colleagues
• possible (temporary) loss of access to their data if their account is suspended or terminated

Privilege is described as a set of perceived advantages enjoyed by a majority group, who are usually unaware of the privilege they possess. A privileged person is not necessarily prejudiced (sexist, racist, etc) as an individual, but may be part of a broader pattern of *-ism even though unaware of it. A good article to understand this is  "Check my what?" On privilege and what we can do about it."

http://blog.shrub.com/archives/tekanji/2006-03-08_146

This lists groups of people who are disadvantaged by any policy which bans pseudonymity and requires so-called "Real names" (more properly, legal names).

Read the rest of this entry »

This post is Appendices 8 and 9 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

Anti-pseudonym Bingo

Wanting to and being able to use your legal name everywhere is associated with privilege.

The geek feminism blog published Anti-pseudonym bingo where the the idea is to play it against a commenter or a comment thread who is against pseudonymity.     A full row or column wins! (The free square is a giveaway.) 

Read the rest of this entry »

This post is Appendix 7 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

Resource Guide on Public Engagement 
Created collaboratively by the dialogue & deliberation community.

From NCDD’s October 2010 Resource Guide on Public Engagement:

Careful Planning and Preparation
Through adequate and inclusive planning, ensure that the design, organization, and convening of the
process serve both a clearly defined purpose and the needs of the participants.

Inclusion and Demographic Diversity
Equitably incorporate diverse people, voices, ideas, and information to lay the groundwork for quality
outcomes and democratic legitimacy.

Collaboration and Shared Purpose
Support and encourage participants, government and community institutions, and others to work
together to advance the common good.

Openness and Learning
Help all involved listen to each other, explore new ideas unconstrained by predetermined outcomes,
learn and apply information in ways that generate new options, and rigorously evaluate the process.

Transparency and Trust
Be clear and open about the process, and provide a public record of the organizers, sponsors, outcomes, and range of views and ideas expressed.

Impact and Action
Ensure each participatory effort has real potential to make a difference, and that participants are
aware of that potential.

Sustained Engagement and Participatory Culture
Promote a culture of participation with programs and institutions that support ongoing quality public
engagement.
In spring 2009, the National Coalition for Dialogue & Deliberation (NCDD), the International Association of Public Participation (IAP2), and
the Co-Intelligence Institute engaged practitioners and scholars in the creation of these 7 Core Principles for Public Engagement, aimed at
creating clarity for practitioners, public managers, and community leaders about the fundamental components of quality public engagement.
Visit www.ncdd.org/pep to download the full 12-page Principles document, which details what each principle looks like in practice and what
practitioners and leaders should avoid.

Descriptions of Processes
Intergroup Dialogues are face-to-face meetings of people from at least two different social identity groups. They are designed to offer
an open and inclusive space where participants can foster a deeper understanding of diversity and justice issues through participation in
experiential activities, individual and small group reflections, and dialogues.
www.umich.edu/~igrc/ and www.depts.washington.edu/sswweb/idea/
National Issues Forums offer citizens the opportunity to join together to deliberate, to make choices with others about ways to approach
diffcult issues and to work toward creating reasoned public judgment. NIF is known for its careful issue framing and quality issue guides
which outline 3 or 4 different viewpoints.
www.nifi.org

Open Space Technology is a self-organizing practice that invites people to take responsibility for what they care about. In Open Space,
a marketplace of inquiry is created where people offer topics they are passionate about and reflect and learn from one another. It is an
innovative approach to creating whole systems change and inspiring creativity and leadership among participants.
www.openspaceworld.org

The Public Conversations Project helps people with fundamental disagreements over divisive issues develop the mutual understanding
and trust essential for strong communities and positive action. Their dialogue model is characterized by a careful preparatory phase in which
all stakeholders/sides are interviewed and prepared for the dialogue process.
www.publicconversations.org

Socrates Cafés and other forms of Socratic Dialogue encourage groups inside and outside the classroom to engage in robust philosophical
inquiry. The Cafés consist of spontaneous yet rigorous dialogue that inspires people to articulate and discover their unique philosophical
perspectives and worldview. They don’t force consensus or closure, but are open-ended and can be considered a success if there are more
questions at the end than there were at the outset.
www.philosopher.org

Study Circles enable communities to strengthen their own ability to solve problems by bringing large numbers of people together in
dialogue across divides of race, income, age, and political viewpoints. Study Circles combine dialogue, deliberation, and community
organizing techniques, enabling public talk to build understanding, explore a range of solutions, and serve as a catalyst for social, political,
and policy change.
www.everyday-democracy.org

Sustained Dialogue is a process for transforming and building the relationships that are essential to democratic political and economic
practice. SD is not a problem-solving workshop; it is a sustained interaction to transform and build relationships among members of deeply
conflicted groups so that they may effectively deal with practical problems. As a process that develops over time through a sequence of
meetings, SD seems to move through a series of recognizable phases including a deliberative “scenario-building” stage and an “acting
together” stage.
www.sustaineddialogue.org

Victim Offender Mediation is a restorative justice process that allows the victim of a crime and the person who committed that crime to talk
to each other about what happened, the effects of the crime on their lives, and their feelings about it. They may choose to create a mutually
agreeable plan to repair any damages that occurred as a result of the crime. In some practices, the victim and the offender are joined by
family and community members or others.
www.voma.org

A Wisdom Circle is a small group dialogue designed to encourage people to listen and speak from the heart in a spirit of inquiry. By opening
and closing the circle with a simple ritual of the group’s choosing, using a talking object, and welcoming silence, a safe space is created where
participants can be trusting, authentic, caring, and open to change. Also referred to as Council process and Listening Circles.
www.wisdomcircle.org

Wisdom Councils are microcosms of larger systems like cities and organizations that engage in a creative, thoughtful exploration of the
issues affecting the system. A specialized facilitation process is used called “Dynamic Facilitation” - a nonlinear approach for addressing
complex issues that allows shared insights and aligned action to emerge. The outcomes of the Wisdom Council, which are reported back to
the community, can catalyze further dialogue, self-organizing action and change throughout the larger system.
www.wisedemocracy.org

World Cafés enable groups of people to participate together in evolving rounds of dialogue with three or four others while at the same time
remaining part of a single, larger, connected conversation. Small, intimate conversations link and build on each other as people move between
groups, cross-pollinate ideas, and discover new insights into questions or issues that really matter in their life, work, or community.
www.theworldcafe.com

This post is Appendix 7 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

This is the section before: Reboot: Deliberative Democracy

This is the section after: Anti-pseudonym bingo

I was asked by Allison Fine to contribute to the Personal Democracy Forum  Rebooting America anthology.

This article looks at three leading edge deliberative methods that engage small groups of citizens representing voices of the whole.  They all were invented before personal computing and all could be augmented. You can see the methods outline in a chart in Appendix 6 and the eight steps of the processes are described in this article.

This post is Appendix 5 and 6 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

This is the section before: People Diversity

This is the section after: Resource Guide on Public Engagement

This post is Appendix 3 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

Lifecycle perspectives

• being born
• being adopted
• being a child
• being a teenager
• being a foster child
• being a proto-adult (college)
• adult
• partnership/marriage
• having children
• retiring
• dying
• being dead

Rights/needs of particular constituencies

• Women
• Domestic Violence Victims
• Ethnic Groups - African American, Latino, Asian, Native American,
• Mental Health and Physical Disease Groups
• Religious Groups
• Disability (Physical and Intellectual)
• Sexual Minorities

Civil Society Groups

• Environmental
• Social Service
• Schools
• Sports Teams and other Civic Leagues
• Trade Associations
• Technology Types (Smart Cards)
• Industry Sector (Hospitals,

Academic Researchers

• Sociologists
• Legal Scholars
• Computer Scientists

Advocacy Groups

• Privacy Industries
• Banking
• Data Brokers
• Telecommunications
• Web Services (google, yahoo, twitter)
• Internet Service Providers
• Cable
• Health Care
• Electric Utility
• Gas Utility

Governments

• National
• State
• County
• Municipal
• Neighborhood
• Tribal

International Standards Development Organizations (W3C, IETF, OASIS, ISO, ITU-T)

International Nonprofit and Government Organizations (OECD, WEF)

This post is Appendix 3 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

This is the section before: The Augmented Social Network:  Building identity and trust into the next-generation Internet

This is the section after: Reboot: Deliberative Democracy

This post is Appendix 2 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

The Augmented Social Network: Building identity and trust into the next-generation Internet

The need for a civil-society, not just commercial, solution.

PAPER by Ken Jordan, Jan Hauser and Steven Foster (bios at end)

Original full text available at: http://www.firstmonday.org/issues/issue8_8/jordan/index.html

Could the next generation of online communications strengthen civil society by better connecting people to others with whom they share affinities, so they can more effectively exchange information and self-organize? Could such a system help to revitalize democracy in the 21st century? When networked personal computing was first developed, engineers concentrated on extending creativity among individuals and enhancing collaboration between a few. They did not much consider what social interaction among millions of Internet users would actually entail.  It was thought that the Net’s technical architecture need not address the issues of "personal identity" and "trust," since those matters tended to take care of themselves. This paper proposes the creation of an Augmented Social Network (ASN) that would build identity and trust into the architecture of the Internet, in the public interest, in order to facilitate introductions between people who share affinities or complementary capabilities across social networks.

OBJECTIVES AND ELEMENTS

The ASN  has three main objectives. 

1. To create an Internet-wide system that enables more efficient and effective knowledge sharing between people across institutional, geographic, and social boundaries.
2. To establish a form of persistent online identity that supports the public commons and the values of civil society.
3. To enhance the ability of citizens to form relationships and self-organize around shared interests in communities of practice in order to better engage in the process of democratic governance.

In this paper we present a model for a next generation online community that can achieve these goals.  In effect, the ASN proposes a form of "online citizenship" for the Information Age.

The ASN weaves together four distinct technical areas into components of an interdependent system. The four main elements of the ASN are: Persistent online identity; interoperability between communities; brokered relationships; and, public interest matching technologies. Each of these is discussed in a separate section in detail.

The four main elements of the ASN are:

1. Enabling individuals online to maintain a persistent identity as they move between different Internet communities, and to have personal control over that identity. This identity should be multifarious and ambiguous (as identity is in life itself), capable of reflecting an endless variety of interests, needs, desires, and relationships. It should not be reduced to a recitation of our purchase preferences, since who we are can not be reduced to what we buy.
2. Interoperability Between Online Communities. People should be able to cross easily between online communities under narrowly defined circumstances, just as in life we can move from one social network to another.
3. Brokered Relationships. Using databased information, online brokers (both automated and "live") should be able to facilitate the introduction between people who share affinities and/or complementary capabilities and are seeking to make connections . . . Such a system of brokered relationships should also enable people to find information or media that is of interest to them, through the recommendations of trusted third parties.
4. Matching technologies need to be broad and robust enough to include the full range of political discussion about issues of public interest. They should not be confined to commercial or narrowly academic topics; NGOs and other public interest entities need to be represented in the process that determines these matching technologies.

The ASN calls for a public interest approach to online identity that enables individuals to express their interests outside contexts determined by commerce. This approach would include a digital profile that has an "affinity reference" that would facilitate connections to trusted third parties.

Aspects of the implementation could be undertaken by for-profit companies that respect these open standards, just as companies today profit from providing e-mail or Web pages. But to insure that the ASN meets its public interest objectives, participating organizations would have to agree to abide by the ASN’s principles of implementation.

The "next generation" of online community should be a manifestation of flourishing, innovative democracy that encourages the active participation of its citizenry. Asking for any less would be a betrayal of our highest ideals.

In this new world, you will have an online identity that remains constant, allowing for continuity between your experiences in separate online environments.  Well conceived, and done in the public interest, persistent identity could enhance interpersonal relationships and social organizing just as powerfully as the PC has extended personal creativity.
THE CONSUMER / BUSINESS INITIATIVES AND NEED FOR CIVIL SOCIETY TOOLS

Two business-based initiatives — the Passport initiative that is part of Microsoft’s .Net architecture and the Liberty Alliance — are deliberate efforts to create de-facto standards for personal identity online. Unfortunately, these are primarily focused on how you behave as a consumer, rather than as an independent citizen apart from the commercial arena; their intent is to privatize this information, and then manage it in a way that gives them a share of every financial transaction you make. Current trends are pushing the Internet to become a closed, controlled, commercial space that most resembles a shopping mall. Certainly these initiatives show good business sense, but are they sound public policy?

But as the online social network grew from a few hundred to the many millions — becoming, effectively, many different, overlapping social networks — the ability to identify affinities and establish trust through the Net withered. And perhaps most importantly, a myriad of online communities — both commercial and not-for-profit — have emerged with little to no interoperability with one another. They exist as separate, isolated islands of discourse, unable to exchange meaningful information, leverage their accumulated knowledge, or connect with other communities that share their concerns.

Without trusted relationships, civil society comes undone.  In effect, the ASN promises new tools that will support citizen involvement in governance. Already de facto standards for online identity and trust are being established. But where is the voice of civil society in these discussions?  The intention is for the ASN to become the de facto standard for Internet-wide online community interactions — the functionality described in the scenarios above should be the norm. But it is important to understand that the ASN can be effective if used by only a fraction of the Internet’s community members. The ASN can be launched as a sub-set of all online community activity. Then, over time, as it proves itself to be valuable, the ASN’s applications, protocols, and standards can be adopted by a growing number of Internet communities.

TECHNICAL DESCRIPTION

The essential technical elements of the ASN are as follows:

1. Persistent Identity. As federated network identity becomes ubiquitous on the Internet, spearheaded by industry initiatives such as the Liberty Alliance and Passport, civil society organizations will need to articulate a public interest approach to persistent online identity that supports the public commons. As one aspect of a public interest vision of persistent identity, we propose (a) a civil society digital profile that represents an individual’s interests and concerns that relate to his or her role as a citizen engaged in forms of democratic governance. One aspect of this civil society approach would be to provide a working model for persistent identity that gives individuals a high level of control over how their profile is used. In particular, the digital profile should include the ability for each individual to (b) express affinities and capabilities, and to list or assist in the discovery of other trusted individuals who share these interests. The purpose of this functionality is to enable automated agents or third party brokers to access this data in a digital profile, through a series of (c) introduction protocols, in order to provide connections between individuals who share affinities or have complementary capabilities. In this way, the ASN is able to introduce those who have shared affinities or complementary capabilities, including those who are members of wholly distinct online communities, based on the recommendations of trusted third parties. These recommendations might either be fully automated, in the case of less valuable or less sensitive relationships, or take place through a brokering service, when privacy, trust, and stakeholdership is of the highest concern.

2. Enhancements to Online Community Infrastructure. Some "walled garden" online communities have begun to implement ASN-type functionality within the confines of a single community infrastructure. With the implementation of the ASN, automated ASN interactions will take place across existing online community environments. In order to support this activity, modularized enhancements to the technical infrastructures of separate online communities will need to be developed and adopted. These enhancements are essentially of two types. The first is the writing and adoption of (a) interoperability protocols that will enable communication between the membership management databases of distinct online community infrastructures, so that ASN-related data can flow between separate online communities. The second is the development of modularized applications that enable (b) the pre-processing and post-processing of e-mail communications on online community infrastructures, as well as the ability to compose, address, and tag ASN messages appropriately. These applications would facilitate three types of activity. First, they would enable ASN users to (c) receive specially tagged automated introductions to others with whom they share affinities or have complementary capabilities.

3. Matching Technologies. For the ASN to be effective, the civil society issues addressed within the system have to be easily identified by searches, with matches made even when exact use of language does not correspond. To facilitate high quality searching which supports online discourse and networking in the public interest, there is a need for an initiative to develop (a) matching technologies for topics relevant to civil society, including public interest ontologies and taxonomies. Focused efforts must be established to insure that ontologies and taxonomies developed with standards such as XML, RDF and topic maps include consideration of those issues relevant to civil society. In addition, the ASN would develop (b) protocols for the interoperability of online ontological frameworks, so that the same set of data could be encountered through multiple perspectives, enabling comparisons of diverse viewpoints, which in itself would lead to new connections between disparate social networks.

4. Brokering Services. In instances when personal relationships are highly prized and carefully guarded, though still available through the ASN, an automated introduction system would not be advisable. In these cases, ASN users would engage a third party brokering service to carefully analyze potential affinity or complementary capability matches, and to provide (a) a brokered introduction. These interactions would not necessarily take place only within existing online community infrastructures, but also through the auspices of a brokering service that exists as a separate entity, designed to facilitate these more sensitive introductions. In these special cases, (b) context specific introduction protocols would be developed, allowing each social network to establish the terms through which introductions are made at a highly granular level, perhaps including intermediaries in the process in order to facilitate the initial person-to-person interactions.

THE PROBLEM OF SITE-BASED IDENTITY

. . . [W]hile the Web has developed a sophisticated system for the creation of "sites," there has yet to appear a good means to represent each of us as individuals in cyberspace. Every time we visit a new Web site, we enter as an anonymous person. Then, with our own labor, we create an identity within that specific site, following the rules as they are presented to us (For example: "Please click here to register ..."). Once we establish our identity on that Web site, it effectively becomes the property of the Web site owner. For this reason, URL-based communities are like walled castles with one-way doors; once you have created an identity on that Web site, it is only of use on that same Web site; it can never escape.

Shouldn’t we ask: in an ideal world, what kind of online identity would we want?

Many will protest that they do not want any form of online identity to be put in place. But the commercial sector is already creating the infrastructure that will support it, and there is nothing illegal about aggregating the information about what you buy that the system is being based upon. The challenge is not to stop this process, but rather to engage with it and influence it in order to insure that personal identity is implemented in the public interest, so that the system enhances, rather than detracts from, the public commons.

See: http://www.xns.org Also: http://www.identitycommons.net

THE CONCEPT OF FEDERATED IDENTITY

In recent years, online businesses began to see the advantages of a persistent identity that could be maintained by an individual as she surfs from site to site. A persistent identity would combine the aggregated information about a person that sophisticated Web sites currently collect with the verification feature enabled by digital certificates — so that a user’s digital profile could be shared by websites who choose to federate with one another. One of the major initiatives to establish such a form of federated network identity is the Liberty Alliance. In the introduction to the Liberty Alliance specifications document, the objective is succinctly expressed:

"Today, one’s identity on the Internet is fragmented across various identity providers — employers, Internet portals, various communities, and business services. This fragmentation yields isolated, high-friction, one-to-one customer-to-business relationships and experiences.

"Federated network identity is the key to reducing this friction and realizing new business taxonomies and opportunities, coupled with new economies of scale. In this new world of federated commerce, a user’s online identity, personal profile, personalized online configurations, buying habits and history, and shopping preferences will be administered by the user and securely shared with the organizations of the user’s choosing."

The challenge is to establish a form of federated network identity that is an appropriate representation of the self, one that is flexible enough to provide a range of "public faces," depending on context. Certainly, information that facilitates commercial transactions should be a part of this identity — but only part. Defining the full potential of online identity, and pushing for the actualization of that vision as part of the development of the "next generation" Internet, deserves to be a public interest priority.

While there are several independent initiatives focusing on persistent identity, the field is being paced by two large scale efforts that, because of their access to resources and their position in the market, dominate discussion of the issue — and will likely determine the system everyone else will ultimately use to implement federated network identity. These are the Liberty Alliance, which was mentioned above, Microsoft’s .Net identity system, named Passport.

Liberty’s architecture calls for a variety of identity providers from whom consumers could choose, depending on personal needs and proclivities. Their intent is to create a market for online identity, just there is a market today for Web services (like online auction houses, stores, games, specialized information services, and newspapers). It is conceivable that the public interest sector could collaborate with one or several identity providers to develop digital profiles that reflect the needs of civil society, and not only those of business.

The not-for-profit initiative XNS.org has completed the first iteration of a civil society approach to building identity into the Internet’s architecture. This work show great promise. In 2002, XNS.org worked with members of the standards body OASIS [6] to form a technical committee so they could agree on, discuss, and publish a standard for persistent identity and related data exchange. A specification for the persistent identity standard was published in 2002, and is now making its way through the OASIS approval system. A related specification for data-exchange, using the Security Assertion Markup Language, or SAML, is being developed following the same procedures, with an eye toward ultimate ratification by OASIS.

Underlying this report is the assumption that every individual ought to have the right to control his or her own online identity. You should be able to decide what information about yourself is collected as part of your digital profile, and of that information, who has access to different aspects of it. Certainly, you should be able to read the complete contents of your own digital profile at any time. An online identity should be maintained as a capability that gives the user many forms of control. Without flexible access and control, trust in the system of federated network identity will be minimal.

BEHAVIOR AS CITIZEN, NOT CONSUMER

As Liberty Alliance and Passport documentation suggest, most of their resources will go toward the capture and distribution of information about you that relates to your behavior as a consumer. They give little regard to information that could enhance your behavior as a citizen.

Once digital profiles include expressed affinities, the potential for networking through the Internet around common interests becomes significant, because it is a simple technical matter to connect individuals to others based on their shared affinity with a third party.

The wheels are already in motion to digitize some of the most sensitive personal information imaginable — including your finances, work history, and health care records. . . . Certainly, everyone needs to maintain a vigilance regarding the security of their personal data. This will be one of the touchstone civil rights issues of the digital era — who gets to know what about you, and how is it protected . . . The greatest danger to civil society is not that the data associated with digital profiles is open to theft and illegal activity, but rather the real possibility that a system of federated network identity that erodes civil liberties and the public commons comes into being — while following the letter of the law.

The ASN should be embraced by existing online communities, because its intent is not to replace them, but rather to offer additional functionality that enhances their value. Just as commercial content sites came to appreciate the additional traffic that targeted links to "competitors" brought them, online communities will be glad to see the added traffic that comes with tactical interconnection between social networks . . . Most importantly, the ASN will not "break down the walls" between online social networks to create a single, global online community. Rather, the ASN calls for strategically placed doors that allow people and information to pass from one distinct online social network to another under certain, limited circumstances.

Persistent identity will enable people to present a consistent set of personal data as they go from one Web site to another. The technical infrastructures of online communities may well adapt to the emerging environment, and add functionality that can leverage persistent identity data into new services. For instance, once this new functionality is in place, after you review a Grateful Dead album on Amazon.com, you may find yourself greeted with a link to a Grateful Dead discussion page when you enter AOL.

COMMERCIAL RELATIONSHIPS WILL DRIVE GROWTH OF ASN

Given the current state of software development and the way new functionality is now being added to the Internet, the interoperability likely to emerge between communities — if it comes about at all — will be limited, and driven by commerce.

Of course, there is nothing wrong with commerce-driven interoperability between communities. But a great opportunity to strengthen the public commons could be lost without a deliberate effort to develop community interoperability for non-commercial purposes.

We believe it to be of the utmost importance that ASN interoperability protocols give individuals the broadest possible range of options regarding how they represent themselves in online environments.

In the preparation of this paper, while looking for potential partners in the development of the ASN, we identified 11 community-ware efforts that provide well-considered suites of tools to support communities of practice. We deliberately did not include the efforts of the software Goliaths, like IBM or Microsoft. Rather, these efforts are being spearheaded by smaller, independent companies, in some cases by not-for-profits. Several of them have a strong commitment to serving the public interest. They are:

• Real Communities/Mongoose
• Communispace
• Community Zero
• Tomoye
• Plumtree
• Living Directory
• Friendster
• Plaxo
• Spoke
• LinkedIn
• Ryze

NEW APPLICATIONS AND FUNCTIONS

Bringing ASN activity to online community infrastructures will require additional applications beyond those online community systems provide today. New applications that enable enhanced search features, as well as the pre-processing and post-processing of e-mail communications, need to be available to users of the ASN in order for the system to work. These applications would be developed as free-standing modules that can be "plugged-in" to existing online community infrastructures. They will need to allow ASN users to identify their messages properly when they are written, address messages in the appropriate manner (so that they are sorted and distributed by the ASN system), and send and receive messages in a way that distinguishes them from other e-mail (so they are recognized as ASN messages when they arrive in an "in box").

Among the functionality that these applications would provide are the following:

• ASN Search Interface. Users of the ASN need to be able to access its distributed database of affinity and compatibility profiles through their online community tools. An ASN search feature is essential, in order for users to find others with whom they share affinities or have complementary capabilities.
• ASN Composition and Addressing. When creating an ASN message, users will need to designate the message as an "introduction," "forwarded media," or an "ad hoc social network." Properly designated and addressed, the message can be sorted by the ASN system, and sent to the appropriate recipients.
• Tag Incoming ASN Messages. When ASN messages appear in an "in box," they should be tagged in a manner that distinguishes them from other e-mail.
• Filter Incoming ASN Messages. When an incoming ASN message arrives, it should be checked to make sure that it has a header that identifies its subject as a relevant affinity, and that it indeed came through a trusted third party. A filtering mechanism is necessary to eliminate spam within the system.

The "next generation" of online communities now being developed have begun to add elements from the list above to their infrastructures. But by no means has a standard community "tool kit" to support matching technologies emerged. Moreover, little attention has been paid to how the knowledge created inside each "walled castle" community could be exchanged with those outside its walls. The exponential benefits of connectivity (remember the discussion of Reed’s Law) will be realized when the matching technologies allow focused interconnectivity between community groups. One of the purposes of the ASN is to make this kind of interoperability commonplace on the Internet — and to raise the bar of expectations for what online communities serving the public interest ought to deliver.

THE BROKER FUNCTION

The essential activity of the ASN is that it brokers introductions between people across social networks, based on expressed affinities and capabilities, through trusted third parties. In order for those introductions to take place, there have to be rules that guide when introductions can be made and how they are facilitated.

Clearly the ASN needs to provide a range of introduction options, so users can choose what is right for them. These options, and the rules they would follow, would be determined by a set of "introduction protocols" — explicit instructions about the sequence of actions that would automatically take place before an introduction is facilitated through a trusted third party.

What would this protocol do? It instructs an automated agent (or "broker-bot") to follow a sequence of actions that would lead to relevant introductions. It tells the broker-bot to read the "affinity reference" in a user’s digital profile, and then match those expressed affinities or capabilities to others with complementary interests, based on links through trusted third parties. The broker-bot would be instructed to use ontological frameworks as a guide to determine meaningful matches. At the end of this sequence, the broker-bot would send a specially tagged ASN Introduction e-mail to the match that it found, without copying the person who made the original request. That "discovered match" can then decide whether to reply to the introduction, or not. If the "discovered match" does not reply, the person who made the initial inquiry would never know, and so would not feel slighted by the rejection.

These customized introduction services, among many others, would be offered by independent brokers, which would mix and match protocols, shaping them to meet the needs of their constituents. Brokering services could either be for-profit companies, or not-for-profit civil society initiatives. A brokering service could be hosted on a single destination Web site (like About.com, where you go to their online "front door" to use their services), or it might syndicate its services on many other sites (like Amazon.com’s Affiliates program, which allows a multitude of Web sites to create their own e-bookstores by linking into Amazon’s backend). Our interest is in allowing for the widest possible variety of these services to take shape — which means that the basic introduction protocol has to be written to facilitate this wide range of customization while maintaining interoperability.

IMPLEMENTATION CHALLENGES

Suffice it to say that the ASN is unlikely to become an industry priority. It does not offer immediate avenues to profitability.

The ASN could be achieved in an incremental manner, with software and protocols developed among a relatively small group of participants, and gradually adopted by larger online community systems as they see fit. The development of the software and standards would best take place as part of pilot projects that introduce ASN functionality to a small group of online communities that can participate in working kinks out of the system, preparing it for a broader launch. These online communities could be either not-for-profit initiatives or for-profit companies, or a combination of the two.

But once the ASN is in place, it offers a range of opportunity for companies that could generate revenue by providing features of the overall system. These include:

• Community sites that have incorporated ASN functionality;
• Personal identity companies that offer identity services that cater to specific communities;
• Boutique brokering services that charge for specialized introductions; and;
• Specialized search services that use customized ontological frameworks.

IMPLEMENTATION PRINCIPLES

The intent of the ASN is to increase interconnectivity between people by enabling them to more easily find and share relevant relationships and information. Clearly, engendering trust in the system is critical to its success. To that end, it is necessary for the implementation of the ASN to be guided by principles that support such an environment of trust. These principles include:

• Open Standards. For this system to be broadly adopted, it must be transparent so that all of the entities that participate in it are reasonably assured of its trustworthiness. This means that the software code that enables the system should be non-proprietary and freely available, and that the process by which the software is written and the standards enacted should be open to the highest levels of scrutiny.

• Interoperability. Our vision is of an Internet with more bridges and fewer walls, where the individual can travel easily between communities. To enact this vision, online communities need to consider ways of being open to one another. Interoperability between diverse environments and ontological frameworks is central to this effort.

• Inclusivity. For the system to successfully draw in the largest possible number of participants, and to enable free connection between potential correspondents, it must be designed to embrace every online community that agrees to its standards and principles. In this regard, the ASN must be value-neutral, open, and inclusive, not unlike the open connectivity of the underlying Internet protocols.

• Respect for Privacy. The ASN should be a galvanizing force for the strengthening of privacy protections online, in support of a thriving civil society. Every person online must be certain that private information remains private, and that neither governments nor commercial interests will use this information in any way without the individual’s knowledge and expressed permission.

• Decentralization. The Internet works best when systems are not commanded from the top down, but rather emerge from the bottom up — and are then adopted on a voluntary basis, in a manner that best suits the specific needs of the distinct communities that together comprise the Net’s totality. We are in favor of an "opt-in" system, rather than one commanded by a government or commercial authority. For that reason, our approach is to develop software and standards that can be added to existing community operating systems in a modular fashion — so they do not have to rewrite their software from scratch, but rather can "plug-in" these modules to their existing infrastructures. Similarly, the ASN would support decentralized structures for the maintenance of persistent identity and ontological frameworks.

RECOMMENDATIONS

In the near term, there are a number of practical steps that should be taken to bring the ASN into being. While some of this work could be pursued as for-profit/not-for-profit hybrids, our inclination is to support this work strictly through grants, and to make the fruits of these efforts (the software and protocols they lead to) freely available to the public through GPL (and other similar) licenses. These steps include:

• Establishing an ASN coordinating body.
• Convening a board of technical advisors.
• Providing a dedicated engineer to represent the public interest at standards bodies working on persistent identity.
• Co-develop basic ASN functionality with select online community companies.
• A dedicated team would coordinate implementation of matching technologies for the public interest sector. The ASN effort should act as a catalyst to bring attention and support to the development of ontologies and taxonomies for the public interest sector. A pilot project to begin this work should be initiated in collaboration with one or more NGOs.

About the Authors

Ken Jordan is one of the pioneers of Web-based multimedia. In 1995 he led the development and served as founding editorial director of SonicNet.com, the first multimedia music zine. SonicNet was named best Web site of 1995 by Entertainment Weekly and won the first Webby award for music site before becoming a property of MTV. In 1996 Mr. Jordan became creative director of Icon New Media, publisher of two seminal, award-winning online magazines: the general interest zine Word.com, and the action sports site Charged.com. In 1999, he co-founded the public interest portal MediaChannel.org, in partnership with Globalvision and the international civil society network OneWorld.net; it was OneWorld’s first U.S. based project. He is currently a writer and digital media consultant based in New York, and Director of the Art and Culture Network.

Ken is co-editor of Multimedia: From Wagner to Virtual Reality (New York: W.W. Norton, 2001), an anthology of seminal articles that trace the "secret" history of digital multimedia; the book is widely taught at colleges and universities around the world. Outside the digital realm, he collaborated with the playwright and director Richard Foreman on the book Unbalancing Acts: Foundations for a Theater (New York: Pantheon, 1992). Web: http://www.kenjordan.tv / email: ken@kenjordan.tv

Jan Hauser (http://www.janhauser.com) is currently a Business Development Manager at Science Application International Corporation (SAIC) and is also a visiting professor at the Naval Postgraduate School, in Monterey California. At SAIC Jan focuses on business development of SAIC’s Latent Symantec Indexing Product (LSI). This product is capable of discovering and matching "concepts" which it discovers in unstructured text. LSI functions independent of what native language these concepts are expressed in and also works independent of the various terminologies used by individuals to express their concepts.

Jan was formerly principal architect at Sun Microsystems where he was responsible for Sun’s membership in the Santa Fe Institute (SFI). Jan has been a catalyst for the application of Complexity Science to business, social, and environmental problems. In this pursuit he co-organized a workshop with the Institute For The Future (IFTF) — Growing At the Edge: The New Corporate Structures for Innovation and the Challenge of Governance.

Jan has worked on the development of Sun’s architecture for automated markets, Electronic Trade Exchanges, and principals that lead to the emergence of "communities" of trading partners. He currently spends much of his personal time working on problems of "Global Sustainability."

Jan has also worked with Dee Hock, founder of VISA International, in the development of new organizational models and implementations of so called "Chaordic," or self-organizing institutional forms, which were included in Sun’s Jini community, design. This work led Jan to focus his energies on promoting the development and adoption of technologies that would support the emergence of "Chaord Light," a means of exploiting the internet in catalyzing latent "Social Networks" based on shared or complementary interests and capabilities combined with the transitive nature of trust amongst people who know each other indirectly through our "six degrees" of our personal knowledge and connectivity. He can be reached through his Web site at http://www.janhauser.com.

Steven Foster was a pioneer in Internet resource discovery. His Veronica project, the first comprehensive Internet search engine, was the paradigmatic resource harvester which established many precedents for succeeding search engines. Veronica was the most active service on the Internet in 1994 and was awarded the American Library Association’s award for "most valuable research tool."

Steven has worked in development of software for taxonomic crosswalks and presently is focused on creating concept-based matching technologies for interpersonal brokering.

Steven also has a long term interest in problems of "global sustainability" and was an initiator of the first Planetwork conference.

This post is Appendix 2 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

This is the section before: Planetwork Link Tank

This is the section after: People Diversity

This post is Appendix 1 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

From: http://www.planetwork.net/consortium/textpages/background.html

The first International Planetwork Conference was held at the Presidio in San Francisco in May 2000. Soon after that conference an informal group calling itself the Webcabal started meeting to discuss various possibilities and potential implementation strategies. In 2001 this process became LinkTank, operating as a fiscal project of Planetwork, Inc. LinkTank is officially a network of twenty three voting participants, from a variety of professional backgrounds, largely in the Bay Area and New York, with a nine member board. However, the conversation expanded to include participation by more than fifty people spanning many organizations in several counties. The Link Tank process distilled the following statement of purpose:

We are dedicated to the creation and maintenance of a digital communications platform, operated as a public interest utility, that will strengthen civil society by enabling people to connect, communicate, make transactions, and self-organize in a manner that is consistent with the highest principles of democracy and reflects an enlightened understanding of the fragile beauty of our planet. We will bring together, develop, promote, and hold as a global public commons, software tools and infrastructure that facilitate the emergence, growth, and vitality of networks of individuals and organizations who share ecological and social justice values, as articulated in the Earth Charter.

Read the rest of this entry »

I answered these questions at the very end.They do not reflect my response because the governance NOI and questions made a lot of assumptions about what the right next step is, namely spinning up a steering group even when there is no shared language or understanding among the community of identified stakeholders. Without this, collaboration will be impossible and the group will struggle politically with “language” and questions about its “authority”, and likely fail. It is essential to take a few more months to strategically weave the community, facilitate a lot of map making, much sharing of ideas and visions,and by January it will be quite clear what the form of governance should be, because it will be clear what problems need to be solved and how the community of stakeholders wants to work together effectively to build an Identity Ecosystem. The methods outlined in the Insight for Governance section above stshould be used in an ongoing way to bring feedback into the system.

Structure of the Steering Group

1.1. Given the Guiding Principles outlined in the Strategy, what should be the structure of the steering group? What structures can support the technical, policy, legal, and operational aspects of the Identity Ecosystem without stifling innovation? 

Answered on Page 41: Structure of the Steering Group

A systems approach must be taken, using methodologies for structure and process that are holistic and adaptive over time.  They must provide insight into the overall function and health of the ecosystem and give people who are leading organizations within the ecosystem a clear picture of where to intervene, how to adjust their behavior/actions relative to the players and for the overall good of the system. It must support new innovation while at the same time addressing new security threats and risks, and be adaptive to social and cultural changes.

Answered on Page 46

If the purpose of the group is to hold space for the broad range of stakeholders to share insights then it will be a far less “political” body. It is important to have a body that is diverse, but the mandate to listen and respond to the overall ecosystem makes it not “about” the members having the power to decide how to steer for all the stakeholders of the ecosystem because they were elected as their “representatives”, but rather their mandate is to convene periodic stakeholder conversations with well-tested proven methodologies and to act on the recommendations and insights they generate.

Answered on Page 47

The power held by the steering group is real, but limited by the conversational context of its operations. The ability of any one entity in the ecosystem to skew outcomes is limited by the equalizing and randomizing factors put in place.  In the system as set up, there is FAR more motivation to seek solutions that integrate one's own needs with those of others than there is to seek solutions that benefit oneself at the expense of others.

1.2. Are there broad, multi-sector examples of governance structures that match the scale of the steering group? If so, what makes them successful or unsuccessful? What challenges do they face? Answered on Page 39: Effective Information Sharing

Identity Commons was originally founded in 2001 by Owen Davis and Andrew Nelson to foster a user-centric identity layer of the web that the people “owned”. In 2007 the communities that gathered at the Internet Identity Workshop retained the purpose and principles of Identity Commons but transitioned to become a 501(c)6 organization linking and connecting efforts across a range of different communities and organizations.  Groups working on issues touching on user-centric identity did not have to leave their respective standards body or academic institution in order to join. Totally independent organizations could also join, and groups that had not yet formed their own organization or subsection of another organization could also join.

Identity Commons focuses on information sharing and playing a loose coordinating role as a form of providing relevant information to groups, to support informing their governance and decision-making relative to other groups, communities and organizations. It has a purpose and 7 principles that provide guidance for its community governance.

Above all else, they share a purpose; this links them together across their diverse approaches and foci. There is a subtlety to these principles and how they helps groups collaborate and share. The transparency principle is not about opening all information of all groups , but rather asking groups to be clear about how they operate and work, to be transparent about the level of transparency.  Groups fill out a “charter”, meaning they answer some key questions about what they do, why they do it, what they do and how they do it (their governance, and transparency level). Because all groups do this in the same format, it is easy to compare and understand the function of groups and the role or purpose they play.

Open information sharing like Identity Commons aspires to provide is a public good but essential for ecosystem health. Identity Commons has always had a vision of supporting the collection and aggregation of RSS news feeds from groups and relevant efforts. It also does share some information about events focused on key issues across the groups. There is a community call once a month where the stewards of each group share an update about their past and upcoming activity.

To date this organization has been led by volunteers and what funding has come in has been very small contributions from the main community event, the Internet Identity Workshop. This has limited its ability to fully build out the technical infrastructure and people resources needed to curate this flow of information. To date it has been challenging to find funding mechanisms for organization networks and forms like  that allow them to thrive and fully for fill their purpose.

The NSTIC national program office should consider how information sharing networks systems like this are robust enough to support the level of information sharing and coordination needed for a thriving ecosystem. It may be that the program office can fulfill this role, particularly if also hosting the stakeholder wiki/list. Collecting and aggregating and organizing information flowing to and from these organizations is not governance, but a key public-good role appropriate for government to play in facilitating the emergence of an ecosystem.

Another Answer not in the response above: 

The Internet Identity Workshop is an excellent example of distributed community governance. The community that attends is very aligned around a common purpose making identity technologies that work for people.  The event is the center of innovation around user-centric identity. New ideas are floated there and common problems identified, analyzed and then solutions proposed, refined, often taken to appropriate standards bodies. Code is built and interoperability achieved. Real problems are solved it; is a self-organizing system where good ideas have space to surface, and because of the public open nature, all who have concerns can share them and have them addressed.  It is governed in a peer-to-peer way by the people who attend.  Anyone can post a session, and then people choose which sessions to go to or not. Ideas and technologies that get momentum coming out of the event do so because of their merit, their ability to solve problems.  The community has learned a lot about how to work together effectively and the relationships among the people provide a human fabric of trust that speeds innovation.

1.3. Are there functions of the steering group listed in this Notice that should not be part of the steering group’s activities? Please explain why they are not essential components of Identity Ecosystem Governance. 

According to the NOI, the steering group has many different responsibilities that seem to conflicting (see page 17).  The group must focus first on creating consensus amongst diverse stakeholder groups on the nature of the ecosystem, both how it is now and key aspects of the a future vision that are agreed upon and can be worked towards.

1.4. Are there functions that the steering group must have that are not listed in this notice? How do your suggested governance structures allow for inclusion of these additional functions? 

The steering group should be holding space to support emergence of the ecosystem. The precise role and function of the group will become clear in time as it engages the stakeholders. Both developing shared language and understanding along while mapping a consensus map of the ecosystem. , Stakeholder engagement with World Cafe, Open Space Technology and Creative Insight Councils twill make it clear how the steering group can best serve the emergence of the Identity Ecosystem.

1.5. To what extent does the steering group need to support different sectors differently?

If the initial consensus process is done with many different industries participating both “as a sector” and in multi-sector meetings, then the answer will emerge from those processes.

1.6. How can the steering group effectively set its own policies for all Identity Ecosystem participants without risking conflict with rules set in regulated industries? To what extent can the government mitigate risks associated with this complexity? 

The answer to this question is best dealt with by community of stakeholders using the processes outlined in this response. The community of stakeholders this affects will be able to navigate through this problem if given the chance with the right process and facilitation.

1.7. To what extent can each of the Guiding Principles of the Strategy–interoperability, security, privacy and ease of use—be supported without risking “pull through”1 regulation from regulated participants in the Identity Ecosystem? 

The answer to this question is best dealt with by community of stakeholders using the processes outlined in this response. The community of stakeholders this affects will be able to navigate through this problem if given the chance with the right process and facilitation.

1.8. What are the most important characteristics (e.g., standards and technical capabilities, rulemaking authority, representational structure, etc.) of the steering group? 

Are you trying to support an truly diverse Identity Ecosystem emerging, or build a command and control structure for verified identities?

If you just want the latter, then let the private sector have at it with the “captain of the ship” who will “steer” industry in the right direction. This will lead to a very unbalanced system and strong negative public reaction.

To support the emergence of an ecosystem using structures and processes that are proven to enable self organizing, co-intelligent systems as outlined in the above document are what is needed to cultivate a diverse ecosystem.

Technical standards are made at technical standards bodies very well today this should continue in the future

1.9. How should the government be involved in the steering group at steady state? What are the advantages and disadvantages of different levels of government involvement? 

The government will have an ongoing role to act as an advocate for consumers. It should be supporting the ongoing engagement with people about how the system is serving them.  The advantage to using the methods outlined in the Insight for Governance section is that people from various levels of government can participate in the process.

Steering Group Initiation

In its role of supporting the private sector’s leadership of the Identity Ecosystem, the government’s aim is to accelerate establishment of a steering group that will uphold the Guiding Principles of the Strategy. The government thus seeks comment on the ways in which it can be a catalyst to the establishment of the steering group.

The government should focus its convening power to developed shared language and understanding among stakeholder groups.

2.1. How does the functioning of the steering group relate to the method by which it was initiated? Does the scope of authority depend on the method? What examples are there from each of the broad categories above or from other methods? What are the advantages or disadvantages of different methods? Answered on Page 41

This question leaps to forming a steering group before what is being “steered” is clear to those who have a stake in they system and before they are given time/space to figure out how it should be stewarded.

Understanding the current system(s) is a key first step to understanding how to spin up, to initiate systems to “steer” towards greater interoperability and more coherence across a broad range of identity providers, attribute providers, relying parties and other diverse players while meeting the needs of individuals to manage their context and presentation of self (personae).

Polarity Management and Value Network Mapping and Analysis are two processes I use in my workshop design and facilitation practice. These methods can foster consensus about the current state of the proposed systems that should converge into an ecosystem. participating Stakeholder groups will gain insight into the “goal”: the eventual structure and quality of a thriving Identity Ecosystem. This shared vision will allow many organizations to take their own action appropriate for them based on shared systems insight, and need not involve checking in with the “steering group” to see if they are going the right way.

The steering group by convening these systems level mapping efforts for all to see can “steer” towards the goal without necessarily needing a “steering group” to take that action.

Value Network Mapping and Analysis can address these kinds of questions:

• How do the systems that are envisioned to work together in a broader ecosystem articulated in NSTIC work today?
• What are their roles in these systems?
• How does value flow between roles in the system?
• Do these roles and value flows look very different in different industry sectors?
• What would be needed to make non-interoperable systems more interoperable?
• Is the picture of value flow in a larger, more interoperable ecosystem sustainable?

Polarity Management can address these kinds of questions:

What are the inherent tensions present when doing identity management for people and organizations?

How are these tensions managed today and how could they be effectively managed on a systems level within an identity ecosystem?

2.2. While the steering group will ultimately be private sector-led regardless of how it is established, to what extent does government leadership of the group’s initial phase increase or decrease the likelihood of the Strategy’s success? Answered on Page 47

If government leads by convening conversations of stakeholders rather than by designing the steering group, the creativity and relevance of those conversations will determine NSTIC’s success.

2.3. How can the government be most effective in accelerating the development and ultimate success of the Identity Ecosystem? Answered on Page 47

The NSTIC NPO should, as soon as possible, host a space online where all known/participating stakeholders who want to be listed can be listed.

The starting point for this could be the list that came out of the MIT workshop and the Wikipedia book could be a starting point for their basic information. There should be a simple standard set of information on each organization, including how they see themselves as a stakeholder in NSTIC, what they hope to contribute to it, what they are most concerned about, and what they want to collaborate with other stakeholders on. There might be a matchmaking role that the NSTIC NPO could play, proactively introducing stakeholders to one another so that potentially synergistic collaboration is enabled.

Supporting the stakeholder groups in learning more about one another is very important. One way to do that would be via a 2-3x weekly podcast, perhaps increasing it to a frequency sufficient to interview all known stakeholders.

All major industry conferences that are related to the industry or focus of the organization should be listed on a calendar that has some sophisticated search with queries on cities, dates and industry.  This will help with cross-pollination which is essential right now for the proactive development of shared language and understanding.

There should also be a way for people who are actively working to collaborate to find one another both online and off.  NSTIC can use the list of all the conferences in all industries that are significantly touched by NSTIC as a starting point to encourage/enable “meet-ups” amongst professionals to connect around NSTIC.

• Having a way for people going to a conference to find other interested people on your site, and from there self-organize.
• Contact the program organizer and see when it works to have a meet-up and get it on the program even if Jeremy isn’t going.
• Give people who want to have a BOF at a conference a package of study materials for professionals that the leader can hand out, following with a discussion. Jeremy could also make a video inviting people to participate.
• Encourage cross-pollination between industries. One way might be to pick a conference in a particular city. Organize the professionals from within the conference and the local interested professionals from a broader range of industries to meet up (perhaps for dinner).

If this sort of informal connecting, socialization and learning is happening, then there should be a way for interested professionals to report back from the meeting, post notes, record a video, send in a diagram.  This could create some interesting cross-stakeholder conversations.

Socialization of NSTIC in IT professional communities is very important right now, because they are going to need to know something about this when it becomes time to socialize NSTIC with the public.  They also can be a pool of not-directly-involved stakeholders to be tapped to participate in things like the Community Insight Council.

Answered on Page 47

By quickly convening stakeholders in the mapping processes and in parallel, hosting-well designed, adequately inclusive, and wisdom-generating conversations using the methods outlined in this section.  It must ensure that the charter that creates the steering group    does not just articulate how it is formed, but also that it must convene regular meaningful stakeholder engagement processes to ensure broad public confidence, legitimacy, and ultimately trust in the Identity Ecosystem.

2.4. Do certain methods of establishing the steering group create greater risks to the Guiding Principles? What measures can best mitigate those risks? What role can the government play to help to ensure the Guiding Principles are upheld? 

Answered on Page 47

Failure to engage all parties in productive conversations will endanger the Guiding Principles, because all the interacting factors will not be sufficiently taken into account, increasing the chance that blind spots and biases will shape the outcomes.

2.5. What types of arrangements would allow for both an initial government role and, if initially led by the government, a transition to private sector leadership in the steering group? If possible, please give examples of such arrangements and their positive and negative attributes. Answered on Page 48

Government-convened conversations will enable a transition to private sector leadership, making sure that this includes an institutionalized principle of inclusion that reduces the chances any sector will unduly bias the evolution of the ecosystem.

Representation of Stakeholders in the Steering Group

3.1. What should the make-up of the steering group look like? What is the best way to engage organizations playing each role in the Identity Ecosystem, including individuals?  

As I said in the above response the most important take away is defining the role of the steering group to be one of stewarding and holding space for the broader range of stakeholders to feed back into the system and take action based on their recommendations. With this structure, the group itself does not “hold power” and the organizations and individuals playing a role in the ecosystem participate in those processes.

3.2. How should interested entities that do not directly participate in the Identity Ecosystem receive representation in the steering group? 

The most important take away is defining the role of the steering group to be one of stewarding and holding space for the broader range of stakeholders to  feed back into the system and take action based on their recommendations. With this structure, the group itself does not “hold power” and the organizations and individuals playing a role in the ecosystem participate in those processes.

3.3. What does balanced representation mean and how can it be achieved? What steps can be taken guard against disproportionate influence over policy formulation?

From Page 47

Of course, the number of sectors, organizations and reps could be adjusted in a variety of ways.  My effort was to limit the size of the steering committee to increase its efficiency, while making it hard for adversarial power centers to battle and dominate, due to the open nonlinear (and thus hard to control) elements I've injected into the voting process and the subsequent conversational protocols.

The power held by the steering group is real, but limited by the conversational context of its operations. The ability of any one entity in the ecosystem to skew outcomes is limited by the equalizing and randomizing factors put in place.  In the system as specified here, there is far more motivation to seek solutions that integrate one's own needs with those of others than there is to seek solutions that benefit oneself at the expense of others.

I think these are better questions to ask and they are on page 44

How does the steering group incorporate a broad range of stakeholder perspectives? In particular, how does it incorporate the perspectives of regular people from very diverse backgrounds and life stages who are doing transactions in the Identity Ecosystem as it evolves?

How is legitimacy earned from the many organized stakeholder “groups”? but also from regular people?

Legitimacy of the NSTIC steering group will emerge when a broad range of stakeholders, even those with “opposing” views, are following recommendations and working together towards the development of a coherent Identity Ecosystem. How can this happen? What processes could significantly increase the likelihood of this emergent property of legitimacy emerges?

The answer lies in not having the members of the “steering group” itself (using a combination of their points of view) be the origin of the “steering”. It should be a group that serves as a steward of and coordinator of proven systemic dialogue processes that regularly engage a wide range of stakeholders.  The steering group takes action and makes recommendations based on the clarity and wisdom surfaced via regular, systematized stakeholder engagement online and offline. This section outlines a proposal of how this could work.

3.4 Should there be a fee for representatives in the steering group? Are there appropriate tiered systems for fees that will prevent “pricing out” organizations, including individuals?

The steering group should be funded by the government and by companies in the ecosystem. Individuals and nonprofits should be active participants in the community.

3.5. Other than fees, are there other means to maintain a governance body in the long term? If possible, please give examples of existing structures and their positive and negative attributes. One could charge nominal fees to recover costs at participatory events.

3.6 Should all members have the same voting rights on all issues, or should voting rights be adjusted to favor those most impacted by a decision? Answered on Page 36

Voting is not really the right process to get consensus. Instead we can ask: are there ways to understand and know system health that support self-regulating, distributed decision making by a range of stakeholders to achieve the goal of making an ecosystem with the qualities articulated in NSTIC real?

From Page 46

How is the Steering Group Composed?

If the purpose of the group is to hold space for the broad range of stakeholders to share insights, then it will be a far less “political body”. It is important to have a body that is diverse, but the mandate to listen and respond to the overall ecosystem makes it not “about” the members having the power to decide how to steer for all the stakeholders of the ecosystem because they were elected as their “representatives”, but rather their mandate is to convene periodic stakeholder conversations with well tested proven methodologies and to act on the recommendations and insights they generate.

The power held by the steering group is real, but limited by the conversational context of its operations. The ability of any one entity in the ecosystem to skew outcomes is limited by the equalizing and randomizing factors I've put in place.  In the system as set up, there is far more motivation to seek solutions that integrate one's own needs with those of others than there is to seek solutions that benefit oneself at the expense of others.

3.7. How can appropriately broad representation within the steering group be ensured? To what extent and in what ways must the Federal government, as well as State, local, tribal, territorial, and foreign governments be involved at the outset?

The suggested structures and processes in this response can be very inclusive of a broad range of stakeholders, including running sessions about the issues faced in ecosystem evolution by state, local, tribal, and territorial governments.

International

4.1. How should the structure of the steering group address international perspectives, standards, policies, best practices, etc? 

The suggested structures and processes in this response can be very inclusive of the international community of stakeholders, including running sessions about the issues faced in ecosystem evolution in other countries.

4.2. How should the steering group coordinate with other international entities (e.g., standards and policy development organizations, trade organizations, foreign governments)? Yes. Standards should be developed in the appropriate international standards bodies.

4.3. On what international entities should the steering group focus its attention and activities?  IETF, W3C and OASIS.

4.4. How should the steering group maximize the Identity Ecosystem’s interoperability internationally?  It should use international standards.

4.5. What is the Federal government’s role in promoting international cooperation within the Identity Ecosystem?

It should be a leader in convening the necessary community engagement to develop shared language and understanding leading to cooperation. If it does this, then share maps of the ecosystem landscape of challenges and opportunities reflected in the role/value and polarity maps. These will naturally lead to increased potential for collaboration because there will be a shared picture on which to build effective cooperation.

This post is from pages 57-66 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

This is the section before: Structure of the Steering Group

This is the section after: Planetwork Link Tank

1.1. Given the Guiding Principles outlined in the Strategy, what should be the structure of the steering group? What structures can support the technical, policy, legal, and operational aspects of the Identity Ecosystem without stifling innovation?

A systems approach must be taken using methodologies for structure and process that are holistic and adaptive over time.  They must provide insight into the overall function and health of the ecosystem and give people who are leading organizations within the ecosystem a clear picture of where to intervene, how to adjust their behavior/actions relative to the players and for the overall good of the system. It must support new innovation while at the same time addressing new security threats and risks and be adaptive to social and cultural changes.

Read the rest of this entry »

Many questions were missing from the governance NOI. I answered the first three ones explicitly in my response.

Is there currently shared language amongst the identified NSTIC stakeholders?

Answered on Page 12

No. I participated in both the NSTIC governance and privacy workshops in June and did not find there was shared understanding or language amongst stakeholders gathered. I did experience shared language and understanding with the people who I knew from the user-centric identity community (and its neighbors) but there are many new stakeholder groups that I was unfamiliar with and I found in many conversations that people were talking past each other constantly.  This experience of not having shared language was one of the reasons the breakout group conversations were not productive and many experienced frustration.

Is there currently shared understanding and alignment amongst the identified NSTIC stakeholders? Answered on Page 18

No. I often find myself squirming while listening to fellow NSTIC stakeholders articulate their ideas about what we are doing with NSTIC. I imagine with all the comments I have made from a user-advocacy perspective that others have squirmed when I have spoken. Because I feel myself squirming often and I see others squirming too, I know there is limited shared understanding amongst NSTIC stakeholders.

What processes and structures are needed to meet the goals of NSTIC? 

Answered on Page 19

Governance structures, process and methodologies developed in the last 25 years that use  whole-systems sensing, listening, insight and direction finding, will be needed to meet these requirements and make the NSTIC vision real. Some of them are outlined in the Insight to Governance section below.

How does the steering group incorporate a broad range of stakeholder perspectives? In particular, how does it incorporate the perspectives of regular people from very diverse backgrounds and life stages who are doing transactions in the Identity Ecosystem as it evolves?  

How is legitimacy earned from the many organized stakeholder “groups”? but also from regular people? Answered on Page 44

Legitimacy of the NSTIC steering group will emerge when a broad range of stakeholders, even those with “opposing” views, are following recommendations and working together towards the development of a coherent Identity Ecosystem. How can this happen? What processes could significantly increase the likelihood of this emergent property of legitimacy emerges?

The answer lies in not having the members of the “steering group” itself (using a combination of their points of view) be the origin of the “steering”. It should be a group that serves as a steward of and coordinator of proven systemic dialogue processes that regularly engage a wide range of stakeholders.  The steering group takes action and makes recommendations based on the clarity and wisdom surfaced via regular, systematized stakeholder engagement online and offline. This section outlines a proposal of how this could work.

How can the NSTIC NPO facilitate the emergence of consensus amongst stakeholders?   

The initial consensus can be developed among diverse stakeholders using the systems mapping tools described in the previous section. Consensus will not be on “the solution to the problems”, but on the polarities inherent in the system and a shared map of the roles and value flows in the existing and in the proposed ecosystem.  These will support effective dialogues that don’t just go in circles but actually get at how the system is not working from the perspectives of various stakeholders as it evolves and provide some tools to discern actions to improve the situations arising.

What processes and structures are not likely to achieve the goals of NSTIC?

Top down, hierarchical, mechanistically understood systems and processes. There can be no “captain” of the ship. The web and the identity system with in it are complex adaptive systems and processes and structures that are in alignment with that form of organization.

How can shared language and understanding be developed by such a wide range of stakeholders?

This process can be largely organic and “naturally organizing” as it was with the original Identity Gang (although certain people did play a catalytic role like myself, Doc Searls, Phil Windley, the guys at Digital Identity World and Kim Cameron).

It can also be speeded up with the strategic choice of tools that engage the community in exercises that build shared language and lead to understanding.

Is there really private sector motivation to implement privacy processing technologies like U-Prove and IDMix that provide verified anonymity?  

Currently I don’t think so. Tools that are good for people when they don’t want to have activity linked together  are not being supported in the market. This is because they use the same OpenID URL or e-mail address all over the web and the sites can then find other sites they have used. None of the large identity providers or web browsers have any tools that help people manage de-linking of activity. The current proposals for BrowserID would broadcast an e-mail address of the user to all sites they visit.

How nature “governs” thriving ecosystems of diverse organisms?

How are the services that we think of as “identity management” done in nature? 

How are networks facilitated so that information flows in trusted ways?

These should be answered in collaboration with natural systems and biomimicry experts (see Appendix 4).

This post is from pages 73-76 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

This is the section before: Summary of NSTIC NOI response

This is the section after: Structure of the Steering Group

The authors of the NSTIC document went to great lengths to get input form a wide range of stakeholders. The draft document they released last summer provided an opportunity to give feedback, giving an excellent starting point to bring people with very different core motivations and concerns together. The choice to name the big picture vision an Identity Ecosystem informs the choice of processes and structures appropriate to govern it.

User-Centric Community Success

In 2005-6 the Identity Gang /user-centric identity community was one tenth the size of the current NSTIC stakeholder community. It took us a year of active grassroots effort to develop the common language and shared understanding necessary to collaborate. NSTIC doesn’t have 5-10 years to coalesce a community that can collaborate to build the Identity Ecosystem Framework. To make the vision real, people who are from these different points of perspectives must become more aligned, to have a shared understanding.

How to Create Shared Language and Understanding

The NPO should continue using its convening power (both online and face-to-face) to keep fostering the dialogues necessary to have shared language understanding emerge.  That will create a momentum to create the conditions for high-performance collaboration amongst the stakeholder community.

Using methods such as Value Network Mapping and Polarity Mapping will increase the shared language and understanding. With just a few staff, the NPO could host many focused meetings with stakeholders around the country and at industry events throughout the fall.  The community of NSTIC stakeholders will be able to organize a thriving ecosystem because there will actually be shared language, understanding amongst NSTIC stakeholders by January.

Help Stakeholders Learn About and Find One Another

The starting point for this could be the list that came out of the MIT workshop and the Wikipedia book. There should be a simple standard set of information on each organization, including how they see themselves as a stakeholder in NSTIC, what they hope to contribute to it, what they are most concerned about, and what they want to collaborate with other stakeholders on. There might be a matchmaking role that the NSTIC NPO could play, proactively introducing stakeholders to one another so that potentially synergistic collaboration is enabled.

Supporting the stakeholder groups in learning more about one another is very important. One way to do that would be via a 2-3x weekly podcast, perhaps increasing it to a frequency sufficient to interview all known stakeholders.

All major conferences within the stokehold industries should be listed on a searchable calendar.  This will help with cross-pollination, which is essential right now for the proactive development of shared language and understanding.

There should also be a way for people who are actively working to collaborate to find one another both online and off.  NSTIC can use the conference calendar to encourage/enable “meet-ups” among stakeholders.

Socialization of NSTIC in IT professional communities is essential. These people need to understand it when it becomes time to socialize NSTIC with the public.  They also can be a pool of not-directly-involved stakeholders to be tapped to participate in things like the Community Insight Council.

Measure Shared Understanding

When a diverse group of NSTIC stakeholders are passing the squirm test (page 15), then real collaboration is possible and it will make sense to “spin up” a steering group because there will be broad alignment within the group.

Foster Accountability Frameworks

Trust is absolutely essential in the Identity Ecosystem. People must trust that the information they share will be handled with care, respect and human dignity. This is achieved by having real accountability in the system around the user’s rights. When the system is functioning well and accountability frameworks are followed, then overall systems behavior of the Identity Ecosystem will be trustworthy.

Public Legitimacy is Key to Success

The processes around ecosystem development must also be very open to engender public trust. The NPO must work with industry to develop a strategy for public engagement and socialization.

Release Control to a Diverse Stakeholder Group

If the NPO rushes to set up a steering group before this kind of shared understanding is present in the private sector, large companies who host or provide the identifiers on digital networks used by millions of people (in the US and around the world) will lead it in their own way, primarily as a vendor driven trade association. They have no inherent incentive to create inclusive space, or incorporate key aspects of the strategy like maintaining civil liberties that seem difficult or expensive.

The NPO needs to lead in creating the space for:

• The private sector with the many different industries
• Nonprofit and advocacy groups
• Small and medium sized businesses
• Most importantly, the average citizen

Once the the stakeholders are collaborating using the shared language and understanding,  the government can “let go” and just be a participant in evolving the Identity Ecosystem.

This post is from pages 51-54 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

This is the section before: The Importance of Public Legitimacy

This is the section after: Missing Questions about NSTIC Governance

The importance of regular people feeling heard and that the processes are broad and inclusive should not be underestimated. A trip to Marin last month made this particularly apparent to me. I stopped at a “groovy organic grocery store” to pick up a snack for the long ride I had ahead of me. Outside were two women with a table of stickers and literature about various progressive causes and issues. They had a sign on a chair saying “STOP THE SMART GRID”. I was interested what their concerns were. Why did they want to stop it.  They were concerned about many things, but in particular the data collection from houses, the use of the data, who had the ability to see the data and what it would be used for.

I founded the Personal Data Ecosystem Consortium because I believe that people should have the tools to collect, manage and get value from their own data (including electricity use). I challenged some aspects of their assumption when I put forward the idea that getting more data, more information about the electricity use in their houses could be a good thing. It was information that could empower them to know more, save money and conserve energy.  They just didn’t buy it - they were very concerned about being exploited by the corporate power company and spied on by the government.

This was a reaction to changes in the way electricity is tracked and metered. NSTIC is about “identity”, and broadly defined identity in digital forms touches on a vast array of personal information. This diagram below is from the World Economic Forum Rethinking Personal Data Project:

Source of data types from the Rethinking Personal Data Pre-Read Document published by the World Economic Forum written by Marc Davis et al. published in June, 2010.

It illustrates the vast amount of personal data that exists on people.  Iain Henderson, founder of two startups in the nascent personal data banking space, has a taxonomy of 4500 attributes that are found across a range of CRM (Customer Relationship Management) services that companies use to manage their relationships with existing and potential customers.

The Smart Grid Interoperability Panel was spun up by NIST a few years ago and they are, as an industry, a few years ahead of this industry in terms of rollout and adoption of common standards and pilots being spun up. This private sector led ( with government participation) structure is being suggested as a potential model on which to base the Identity Ecosystem Framework Steering Group.

I figure that the negative public reaction to the Identity Ecosystem will be even greater then the the one happening to the Smart Grid right now.  The concerns and issues of regular individuals (the users of the Identity Ecosystem) from all walks of life must be surfaced and addressed earlier rather then later in the evolution of the ecosystem.  This can be done with systemic processes that are clearly organized and that really listen to concerns and take action to incorporate feedback.  I think there are still many legal and organizational innovations needed to make a network of accountability frameworks address the full spectrum of identity.

If these are not developed, then I don’t think the overall system can succeed.  It will be very important that when the public can begin to use strongly verified identities within the Identity Ecosystem there is also the choice to use pseudonymous identifiers linked to accountability frameworks as a viable option.

Unless the stakeholder engagement processes focus on broad inclusion and the results are made public, not just posted on a wiki but proactively distributed to foster public discussion, the public socialization and cultural conversations needed for the Identity Ecosystem to succeed won’t happen. It is vital to remember that this is NOT about technology and standards; it is about human beings, living in social systems. An effective strategy for socializing NSTIC with the public will be key to success.

This post is from pages 51-52 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

This is the section before: Insight for Governance [not posted yet..coming in next day]

This is the section after: Summary of NSTIC NOI response [not posted yet..coming in next day]

Stakeholder Engagement with Dialogue and Deliberation

Co-Authored with Tom Attlee, Director of the Co-Intelligence Institute 

The NSTIC governance NOI highlights the government’s role should be in an ongoing way to protect people’s interests. I invited Tom Attlee to co-author this section with me because of his 10+ years of research into a whole range of inclusive citizen engagement processes. The Tao of Democracy is his book that looks at how the best of them effectively synthesize the people’s perspective on whether their interests are being protected well enough.

I worked with Tom Attlee in 2006 to explore which emerging electronic collaborative tools (blogs, wikis, online forums etc.) could be used to augment and complement proven deliberative processes that were developed before the web existed (chart in Appendix 6). They have proven very effective, but also expensive and labor intensive. Based on this work with Tom, I wrote a chapter in the Personal Democracy Forum book Rebooting America on how these methods could be used to gain democratic insight that is deeper then from voting or polling. (text Appendix 5)

The authors of NSTIC did a good job of bringing forward clear overarching principles and guidelines for the development of an ecosystem.  Naming these guidelines and principles is a great starting point; they are in alignment with citizen’s people’s interest. Turning to the “private sector” (inclusive of advocacy groups and civil society) to encourage the further development of accountability frameworks and networks is good.  Clearly there are many private sector uses for more trusted identities, and the government can make use of them too.

There are currently many uncertainties about the market viability of technologies that provide verified anonymity. Dr. Stefan Brand’s U-Prove technology has been around so long that the patent has almost expired. It has been involved with four startups before it was acquired by Microsoft. They have opened up the technology under the Open Specification Promise, even releasing code.  The OASIS IMI standard is based on the work of Kim Cameron and the ideas of Information Cards being tokens for individuals to manage the sharing of claims using software agents on their machines. It looks like none of these technologies will get commercial support or be deployed.

The private sector has found that these technologies either reduce costs or increase revenue. In fact they increase costs (user ID systems and logins must be changed at great expense) and reduce revenue. For example, a publishing site not knowing a user’s ID (e-mail address or URL) that can be looked up at Facebook, Twitter, LinkedIn, Google, Yahoo!, etc. means they can’t know enough about the user to effectively target ads at them.

To make the vision presented in NSTIC real, deeper insight, consensus, collaboration and innovation is needed.

However taking on the responsibility of a whole ecosystem requires this group having broad insight into how the ecosystem is growing, evolving, working and earning legitimacy from stakeholder groups and the people with identities who are using the system.

As highlighted above, the number of self-identified stakeholder groups already exceeds 75 and could conceivably include every individual on the planet that uses digital networks.  So the questions are:

How does the steering group incorporate a broad range of stakeholder perspectives? In particular, how does it incorporate the perspectives of regular people from very diverse backgrounds and life stages (see Appendix 3) who are doing transactions in the Identity Ecosystem as it evolves?

How is legitimacy earned, from the many organized stakeholder “groups”, but also from regular people?

Legitimacy of the NSTIC steering group will emerge when a broad range of stakeholders, even those with “opposing” views, are following recommendations and working together towards the development of a coherent Identity Ecosystem. How can this happen? What processes could significantly increase the likelihood of this emergent property of legitimacy?

The answer lies in not having the members of the “steering group” itself be the origin of the “steering” from their perspective. It should be a group that is serving as a steward of and coordinator of proven systemic dialogue processes that regularly engage a wide range of stakeholders.  The steering group takes action and makes recommendation based on the clarity and wisdom surfaced from regular, systematized stakeholder engagement online and offline. This section outlines a proposal of how this could work.

What does the Steering group do?

1. convenes periodic (at minimum every 6 months) stakeholder conversations (which include but are larger than the steering group) to get input on how the Identity Ecosystem Framework is working,
2. publicizes the recommendations and their status to the stakeholder community using online tools and collaborative platforms that invite response from stakeholder individuals and groups.
3. adopts the recommendations of those conversations (or explains in detail why they cannot).

The steering group ensures that participants in subsequent periodic stakeholder conversations have read or are adequately briefed on the previous period's comments in the online stakeholder forums.

We suggest a twice-a-year Creative Insight Council (CIC) of 36 participants with six members randomly chosen from selection pools of each of the six primary stakeholder groups: government, business, academia, standards development and technical organizations, consumer representatives, and privacy and civil liberties advocates .

Ideally, from the CIC on alternate quarters there would be

• a open World Cafe of all stakeholders (potentially up to 450 people) who wished to participate
• an Open Space unconference (similar to the Internet Identity Workshop) of all stakeholders who wished to participate, with the results of both posted for public/stakeholder review.

These three processes (CIC, OST, TWC) allow both a 2x/year rigorous microcosm conversation with coherent recommendations AND two broadly participatory creative conversations open to any and all interested people that allow for innovations to surface, provide systems, and create coherence.

With some experimentation, these methods could be complemented with some online components; however at their core, they must remain face to face processes. To ensure their legitimacy and the inclusion of a broad range of perspectives (diverse geography, financial ability, etc.) compensation could be provided to regular citizens for participation in, for example, an Insight Council or Citizens Jury.

Engaging international stakeholders and people in the Identity Ecosystem living outside the United States may involve hosting or convening dialogues outside the US. There are efforts that are somewhat similar around the world and it may be possible for those efforts to also adopt these processes, and results could be shared.

Assumptions in this proposal:

1. The best way to (a) formulate and administer good evolving policy and standards for the ecosystem and (b) engage the voluntary cooperation of all players in the ecosystem on an ongoing basis is to periodically involve the full spectrum of stakeholders in co-creating each iteration of that policy and those standards.
2. Effective co-creation requires conversation among a full spectrum of the players to ensure all angles are adequately addressed and to stimulate creativity to deal with divergences among their diverse interests and perspectives.  To the extent this inclusive conversational work is not done, whatever was not adequately addressed in the policy and standards formulation will come back to disrupt the ecosystem.

1. Each iteration of policy and standards will produce unexpected consequences and opportunities which will need to be collectively noticed and dealt with in a timely way for the ecosystem to thrive; thus the need for iterative engagement of all the players.  This is a form of collective intelligence to monitor the ongoing evolution of the Identity Ecosystem.

• To accomplish these ends, the conversational processes and facilitation used must move beyond simply allowing all participants to speak but must also

1. successfully engage the creativity of the group and all its members;
2. successfully use differences and conflicts as grist for that creativity; and
3. help the group satisfy its goals and expectations without controlling the conversation or pre-determining outcomes.

These requirements allow unforeseen problems, solutions, and possibilities to emerge and be addressed by the group, thus further reducing the chance of ill-conceived or inadequate policy results.  Among the processes that serve this purpose well are Dynamic Facilitation, Open Space, and The World Cafe.

How is the Steering Group Composed? and What Processes does it use 

If the purpose of the group is to hold space for the broad range of stakeholders to share insights, then it will be a far less “political body”. It is important to have a body that is diverse, but the mandate to listen and respond to the overall ecosystem makes it not “about” the members having the power to decide how to steer for all the stakeholders of the ecosystem because they were elected as their “representatives”, but rather their mandate is to convene periodic stakeholder conversations with well-tested proven methodologies and to act on the recommendations and insights they generate.

Since the NSTIC NOI asks respondents to directly answer this question, I am sure there will be many answers. Any number of steering group formations could work for this proposal to have its main function be effective stakeholder convening that surface issues.

Our proposal for a steering group is a stakeholder body made up of two representatives from each of the six main stakeholder groups elected by members of their stakeholder groups by nomination, instant-runoff voting, two-year terms (with the highest initial vote-getter in each stakeholder category having a 3-year term so that annual turnover is not total) and recall elections.

The primary stakeholder categories are:

• government,
• business,
• academia,
• standards development and technical organizations,
• consumer representatives, and
• privacy and civil liberties advocates
• other additional appropriate groups

The steering group also includes two members chosen at random from a pool of public volunteers.  Their decisions should be by supermajority. The relatively small size of the steering group (14 people) increases their operational efficiency, while the conversational and input systems described below maximize the inclusivity, depth, and effectiveness of their management capacity.

Other Possible Options for the Steering Group

Suppose each time a vote is taken, only half of the 14 people vote , picked from the group by random selection immediately before the vote is taken. In other words, only seven of the members (in my existing model) would vote on each decision, and it would be a different (unpredictable) seven each time. (This is similar to the story of the mother dealing with her kids arguing over who gets the biggest piece of pie; she has one kid cut the pie and the other one pick the first slice.)  Since none of them know which of them is going to be empowered to vote next time, it is in their interests not to screw each other this time, and to support a process that helps them find solutions they can all buy into (like dynamic facilitation or a process that focuses on explicitly asking for and handling concerns).

Processes and Structures for Distributing Power and Ecosystem Evolution

Of course the number of sectors, organizations and reps could be adjusted in a variety of ways.  My effort was to limit the size of the steering committee to increase its efficiency, while making it hard for adversarial power centers to battle and dominate, due to the open nonlinear (i.e., hard to control) elements I've injected into the voting process and the subsequent conversational protocols.

The power held by the steering group is real, but limited by the conversational context of its operations. The ability of any one entity in the ecosystem to skew outcomes is limited by the equalizing and randomizing factors put in place.  In the system as specified here, there is FAR more motivation to seek solutions that integrate one's own needs with those of others than there is to seek solutions that benefit oneself at the expense of others.

Some Answers to NSTIC governance NOI Questions

2.2. While the steering group will ultimately be private sector-led regardless of how it is established, to what extent does government leadership of the group’s initial phase increase or decrease the likelihood of the Strategy’s success?

If government leads by convening conversations of stakeholders rather than designing the steering group, the creativity and relevance of those conversations will determine NSTIC’s success.

2.3. How can the government be most effective in accelerating the development and ultimate success of the Identity Ecosystem?

By quickly convening stakeholders in the mapping processes outlined in the prior section and in parallel hosting well designed, adequately inclusive, and wisdom-generating conversations using the methods outlined in this section.  It must ensure that the charter that creates the steering group    does not just articulate how it is formed but also that it must convene regular meaningful stakeholder engagement processes to ensure broad public confidence, legitimacy and ultimately trust in the Identity Ecosystem.

2.4. Do certain methods of establishing the steering group create greater risks to the Guiding Principles? What measures can best mitigate those risks? What role can the government play to help to ensure the Guiding Principles are upheld?

Failure to engage all parties in productive conversations will endanger the Guiding Principles, because all the interacting factors will be insufficiently taken into account, increasing the chance that blind spots and biases will shape the outcomes.

2.5. What types of arrangements would allow for both an initial government role and, if initially led by the government, a transition to private sector leadership in the steering group? If possible, please give examples of such arrangements and their positive and negative attributes.

Government-convened conversations will enable a transition to private sector leadership, making sure that this includes an institutionalized principle of inclusion that reduces the chances any sector will unduly bias the evolution of the ecosystem.

Processes to be utilized by the Steering Group 

Dynamic Facilitation (DF)

Dynamic Facilitation (http://tobe.net) is a powerful nonlinear creative process designed to use the group's diversity, conflicts and potential co-creativity and sense-making capacities to generate breakthrough solutions to intractable problems.  It is based on several deep dynamics of individual psychology and group functioning:

• a.  When people feel truly and fully heard, they tend to become less defensive, less assertive, and more open to the views of others and to novel possibilities.
• b.  When all perspectives are respectfully collected into a whole, a picture of the situation is revealed that is both more messy and more comprehensive than the initial perspective of any individual participant.
• c.  If all participants have been truly and fully heard, their collective response to the messiness of their collective "map" of the situation is to try making collective sense of THAT -- i.e., to find a solution that includes or transcends all their individual perspectives.

As part of the DF process, disagreements and conflicts are legitimized as "concerns" and are duly heard and recorded by the facilitator.  Furthermore, any statement of a concern or articulation of the problem, once fully heard, is followed by a question like "What do you think should be done about that?", giving the whole process a solution-seeking vector.  Taken as a whole, the entire process constitutes one of the most powerfully creative conflict-digesting processes available.

Creative Insight Council (CIC)

A Creative Insight Council (http://www.tobe.net/DF/DF/page52/page52.html) is a small, legitimately representative microcosm of a community or stakeholder system that uses Dynamic Facilitation to help participants and others grow toward a more systemic understanding of the issues involved, by listening deeply to the various perspectives reflected in the group.  As needed, a Creative Insight Council can draw upon the specialized knowledge of experts, outside stakeholders or leaders. However, instead of “lecturing,” these experts present their views within the context of a dynamically facilitated conversation.

Open Space Technology (OST)

Open Space Technology (http://www.unconference.net) is a simple process through which a gathering of people passionate about some subject or concerned about some situation can self-organize to talk about and/or take action on that topic. It is the main process used in the Internet Identity Workshop. Participants originate, announce, and post breakout sessions with titles of their choosing and, when all sessions are announced, work out their own individual participation schedules.  Session times and locations are standardized but fully flexible, and participant meandering among sessions or not attending any sessions at all is fully legitimized (deemed productive).

Session conveners take responsibility for making sure some notes are taken and turned in for publication to the entire group.  The whole group gathers at the beginning and end of each day's activities for sharing news and experiences.  The chaos that results from this process is, in fact, surprisingly orderly and, perhaps most importantly, very energized and productive, regularly producing significant insights, new collaborations, and unforeseen possibilities.  It is a potent tool for "covering the ground" of a complex topic, evoking useful responses to a shared inquiry, and assisting the players in a complex situation to self-organize into more productive roles.  If done over multiple days, the iterative dynamics (issues arising in one day being addressed during subsequent days) tend to process the material at an increasingly deep and creative level.

The World Cafe (TWC)

The World Cafe (http://www.theworldcafe.com/) can engage dozens or thousands of people in productive conversation on a topic of shared interest over several hours or days.  TWC is set up like a cafe with 3-5 people at each of many small tables, usually with paper tablecloths and writing materials for taking notes, sometimes flowers.  This familiar setting itself facilitates the desired spirit of conversation.

The shared topic is framed as a question (powerful question design being a specialty of TWC practitioners) which participants discuss with each other for 20-60 minutes in each of several timed conversational rounds.  When each round ends, participants mix and move to other tables so that in each round they are talking with different people.  As each round starts, participants are encouraged to share with their new tablemates highlights from their conversation in previous rounds.  Their question may remain the same in subsequent rounds, or change to guide the conversation to new or deeper territory.  In final rounds, participants are usually encouraged to seek together deeper patterns in the topic being explored.

TWC concludes with a "harvesting" process in which individuals can share insights or developments with the whole group.  TWC by design provides each member of a large group considerable airtime and opportunity to interact in a small group, while simultaneously ensuring that good ideas get spread around and processed by the whole group.  Quite often significant new ideas and possibilities emerge out of TWC's complex, randomly organized iterative dynamics.

Using These Processes

Dynamic Facilitation, Open Space and The World Cafe can all be convened outside of any decision-making process, simply as powerful forms of public/stakeholder engagement.  However, within the context of a decision-making effort, all three are best viewed not as decision-making processes themselves, but as forms of dialogue that facilitate deeper group understanding and creativity prior to the formal decision-making process (e.g., voting).  That said, good solutions often become so obvious in the dialogue process that voting becomes a formality to record the emerged consensus.

There are many other processes that could be used to gain insight from the community of directly engaged stakeholders and engage the larger public. The National Coalition for Dialogue and Deliberation Resource Guide on Public Engagement is one of the best resources for considering options (several pages from this guide are excerpted in appendix 7) .

Knowing what groups are in an ecosystem is a key first step but information sharing and coordination between organizations and communities who are participants in an ecosystem is key to making it real.

I have heard it said more than once by those seeking to develop tools and systems for this emerging identity ecosystem, that they wish there was just “one place” where it all could be found, where all the technology would be developed.  Given the vast number of organizations, this is never going to be the case, but what we can facilitate is much more robust information sharing systems across technical standards development organizations and communities focused on solving key challenges for a real ecosystem. The NOI asks this question:

1.2. Are there broad, multi-sector examples of governance structures that match the scale of the steering group? If so, what makes them successful or unsuccessful? What challenges do they face?

Identity Commons was originally founded in 2001 by Owen Davis and Andrew Nelson to foster a user-centric identity layer of the web that the people “owned”. (They founded the organization partially in response to the formation of Liberty Alliance which was developing “open standards” for identity, but from a large enterprise perspective rather then a grassroots people’s perspective. They drew inspiration from Dee Hook who grew the the Visa network using innovative organization principles.  They were active in the Planetwork Link Tank discussions (See Appendix 1) that lead to the writing of the ASN paper - an excerpt of this is in Appendix 2.)

In 2007 the communities gathered at the Internet Identity Workshop retained the purpose and principles of Identity Commons but transitioned to become a 501(c)6 organization linking and connecting efforts across a range of different communities and organizations.  Groups working on issues touching on user-centric identity did not have to leave their respective standards body or academic institution to join. Totally independent organizations could also join and groups that had not yet formed as their own organization or subsection of another organization could also join.

Identity Commons focuses on information sharing and playing a loose coordinating role as a form of providing relevant information to groups, to support informing their governance  and decision-making relative to other groups, communities and organizations. It has a purpose and 7 principles that provide guidance for its community governance.

Above all else, they share a purpose; this links them together across their diverse approaches and foci. There is a subtlety to these principles and how they help groups collaborate and share. The transparency principle is not about all information of all groups being open, but rather asking groups to be clear about how they operate and work, to be transparent about the level of transparency.  Groups fill out a “charter”, meaning they answer some key questions about what they do, why they do it, what they do, and how they do it (their governance, and transparency level). Because all groups do this in the same format, it is easy to compare and understand the function of groups and the role or purpose they play.

Open information sharing like Identity Commons aspires to provide, is a public good but essential for ecosystem health. Identity Commons has always had a vision of supporting the collection and aggregation of RSS news feeds from groups and relevant efforts. It also does share some information about events focused on key issues across the groups. There is a community call once a month where the stewards of each group shares an update about their past and upcoming activity.

To date, this organization has been led by volunteers and what funding has come in has been very small contributions from the main community event, the Internet Identity Workshop. This has limited its ability to fully build out the technical infrastructure and people resources needed to curate this flow of information. To date, it has been challenging to find funding mechanisms for organization networks and forms  that allow them to thrive and fully fulfill their purpose.

The NSTIC national program office should consider how information sharing network systems like this can be robust enough to support the level of information sharing and coordination needed for a thriving ecosystem. It may be that the program office can fulfill this role, particularly if also hosting the stakeholder wiki/list. Collecting and aggregating and organizing information flowing to and from these organizations is not governance, but a key public-good role that would be appropriate for government to play in facilitating the emergence of an ecosystem.

This is from pages 50-53 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

This is the section before: Who are the Stakeholders?

This is the section after: Insight for Governance

The Scope of People

The vision of NSTIC touches all sectors of US society and extends beyond the US because of the international nature of cyberspace. The protocological (from  Alexander Galloway's Protocol: "The limits of a protocological system and the limits of possibility within that system are synonymous.") landscape (the range of options enabled by the protocol stack choice) and policy frameworks must be very broad to meet the needs of US citizens and global netizens. Protocol is political because it shapes what is possible in the network (Appendix 11 goes into greater detail).

The number of individual stakeholders for systems of identity online stretches to everyone who uses network systems, and with there now being five billion phones on the planet, that is fast approaching every person on the planet.  The diversity of the world population in terms of life experience is huge (see Appendix 3: People Diversity) . The vast majority of people are not privileged in one or more aspects of life and the freedom to participate in cyberspace with anonymous and psuedonymous identifiers that enable them to transcend or set aside “real world identity” is a key freedom that must be maintained even as more systems-level accountability is developed (To understand these issues please see Appendixes 8: Anti-pseudonym bingo  9: On Refusing to Tell You My Name  and 10: Who is Harmed by a “Real Names” Policy?)

Organizational Stakeholders

I have compiled a list of types of stakeholder types in Appendix 3 representing various interests and points of view in society that are essential to include early on.

Identity Commons leaders Mary Ruddy and Kaliya Hamlin worked with other participants at the NSTIC Privacy and Usability Workshop at MIT to brainstorm and then cluster over 50 organizations who are directly participating in and paying attention to NSTIC developments because they have some explicit focus or sub- group focused on “identity”. They were subsequently made into a Wikipedia Book: NSTIC Stakeholder Organizations.  NSTIC is not just about the identity of people and their identifiers in cyberspace, but also the identity and identifiers of organizations. The range of associations and businesses is also vast.

2.3 How can the government be most effective in accelerating the development and ultimate success of the Identity Ecosystem?

The NSTIC NPO should, as soon as possible, host a space online where all known/participating stakeholders who want to be listed can be listed.

The starting point for this could be the list that came out of the MIT workshop and the Wikipedia book could be a starting point for their basic information. There should be a simple standard set of information on each organization, including how they see themselves as a stakeholder in NSTIC, what they hope to contribute to it, what they are most concerned about, and what they want to collaborate with other stakeholders on. There might be a matchmaking role that the NSTIC NPO could play, proactively introducing stakeholders to one another so that potentially synergistic collaboration is enabled.

Supporting the stakeholder groups in learning more about one another is very important. One way to do that would be via a 2-3x weekly podcast, perhaps increasing it to a frequency sufficient to interview all known stakeholders.

All major industry conferences that are related to the industry or focus of the organization should be listed on a calendar that has some sophisticated search with queries on cities, dates and industry.  This will help with cross-pollination which is essential right now for the proactive development of shared language and understanding.

There should also be a way for people who are actively working to collaborate to find one another both online and off.  NSTIC can use the list of all the conferences in all industries that are significantly touched by NSTIC as a starting point to encourage/enable “meet-ups” amongst professionals to connect around NSTIC.

• Having a way for people going to a conference to find other interested people on your site, and from there self-organize.
• Contact the program organizer and see when it works to have a meetup and get it on the program even if Jeremy isn’t going.
• Give people who want to have a BOF at a conference a package of study materials for professionals that the leader can hand out, following with a discussion. Jeremy could also make a video inviting people to participate.
• Encourage cross-pollination between industries. One way might be to pick a conference in a particular city. Organize the professionals from within the conference and the local interested professionals from a broader range of industries to meet up (perhaps for dinner).

If this sort of informal connecting, socialization and learning is happening, then there should be a way for interested professionals to report back from the meeting, post notes, record a video, send in a diagram.  This could create some interesting cross-stakeholder conversations.

Socialization of NSTIC in IT professional communities is very important right now, because they are going to need to know something about this when it becomes time to socialize NSTIC with the public.  They also can be a pool of not-directly-involved stakeholders to be tapped to participate in things like the Community Insight Council.

Stakeholder Insight Combined with Ecosystem Maps

Because these processes are public and the outputs published on the web, they create a level of systems accountability and increase the likelihood of earning legitimacy in the eyes of a vast majority of United States citizens and residents along with international stakeholders.

The initial consensus can be developed amongst diverse stakeholders using the systems mapping tools in the previous section.  Consensus will not be on “the solution to the problems” but on the polarities inherent in the system and a shared map of the roles and value flows in the existing and proposed ecosystem.  These will support effective dialogues that don’t go in circles but actually get to real conversations about system needs from the perspectives of various stakeholders. Shared understanding with the maps as a common ground means that stakeholders with very different perspectives can agree on key pulse points to measure to see if the ecosystem is working in balance.

I believe the systems insight provided by the dialogue processes outlined in this section combined with a steering group whose mandate is to respond to the outputs of those regular stakeholder dialogues relative to the shared maps will be effective, within a few years, of a thriving Identity Ecosystem.

This is from pages 48-49 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

Accurate Assumptions in the NOI

An assumption that the NSTIC governance NOI gets right is that all relevant and affected parties (see note) must be involved or at least represented in the emergence and ongoing governance of an Identity Ecosystem.

“Representation of all stakeholders is a difficult but essential task when stakeholders are as numerous and diverse as those in the Identity Ecosystem.”

It accurately names the challenge that comes with the number of parties involved. With this vastness, it can become overwhelming to think of systems and processes that will be effective and inclusive on this scale. I have articulated in Appendix 3 a list of many different types of stakeholder groups representing a diverse array of interests.

Limiting Assumptions in the NOI

Given the need to meet the broad and potentially conflicting criteria to be successful, there are two assumptions embedded within the governance NOI that could limit the ability to find solutions that meet these criteria.

Voting as a Way to Govern Decision Making

3.6 Should all members have the same voting rights on all issues, or should voting rights be adjusted to favor those most impacted by a decision?

Voting is not really the right process to get consensus. Instead we can ask: are there ways to understand and know system health that support self-regulating, distributed decision making by a range of stakeholders to achieve the goal of making an ecosystem with the qualities articulated in NSTIC real.

A Steering Group as THE Governance Structure

The establishment of this steering group will be an essential component of achieving a successful implementation of the Strategy.  (page 4 of the NOI)

Can a “steering group” really govern an Identity Ecosystem with the scope articulated in NSTIC? The challenge with defaulting to conventional systems like selecting representative stakeholder groups (say 150 of them) and then having an election of a “group” (10 of them) to carry out the above, is whether this form can hold enough space to truly govern with consensus at least about its legitimacy.  Voting in modern elections is a 300 year old social technology; Roberts Rules of Order are over 100 years old; neither will successfully meet the challenge of creating an responsive Identity Ecosystem steering group. Neither was designed to foster consensus, but rather majority rule. The needs of the many groups who represent less then 1/2 of all stakeholders must be met in this system.

The Internet itself is governed by a multi-stakeholder approach, with different organizations having different authority, capacity and recognized field of governance.  Clearly greater information sharing and coherence across a diverse range of industry sectors is needed for an ecosystem of interoperable identities to emerge.

Natural systems do not govern themselves with steering committees and voting. The practice of looking at biological systems science for inspiration for technology and systems development is called Biomimicry (see Appendix 4). We can look to this body of work to consider how nature “governs” thriving ecosystems of diverse organisms. How are the services that we think of as “identity management” done in nature? How are networks facilitated so that information flows in trusted ways?  I think it would be valuable to convene a diverse ad hoc group of stakeholders in an exploration of these kinds of questions with a biomimicry expert.  The outputs and key highlights should be made public and might inform other big systemic cyber beyond NSTIC issues. It makes sense to look to nature for inspiration in solving the complexity of developing truly interoperable Identity Ecosystem.

Stakeholder Insight Combined with Ecosystem Maps

Because these processes are public and the outputs published on the web, they create a level of systems accountability and increase the likelihood of earning legitimacy in the eyes of a vast majority of United States citizens and residents along with international stakeholders.

The initial consensus can be developed amongst diverse stakeholders using the systems mapping tools in the previous section.  Consensus will not be on “the solution to the problems” but on the polarities inherent in the system and a shared map of the roles and value flows in the existing and proposed ecosystem.  These will support effective dialogues that don’t go in circles but actually get to real conversations about system needs from the perspectives of various stakeholders. Shared understanding with the maps as a common ground means that stakeholders with very different perspectives can agree on key pulse points to measure to see if the ecosystem is working in balance.

I believe the systems insight provided by the dialogue processes outlined in this section combined with a steering group whose mandate is to respond to the outputs of those regular stakeholder dialogues relative to the shared maps will be effective, within a few years, of a thriving Identity Ecosystem.

From the End Notes: 

Note: Dee Hock, the founder of VISA international, helped develop this method to create organizations that work on biological metaphors rather then mechanistic ones.  Having space for all relevant and affected parties is a term of art from the process of forming Chaordic Organizations - see the  Chaordic Design Process.

The chaordic design process has six dimensions, beginning with purpose and ending with practice. Each of the six dimensions can be thought of as a lens through which participants examine the circumstances giving rise to the need for a new organization or to reconceive an existing one.

Developing a self-organizing, self-governing organization worthy of the trust of all participants usually requires intensive effort. To maximize their chances of success, most groups have taken a year or more on the process. During that time, a representative group of individuals (sometimes called a drafting team) from all parts of the engaged organization or community meet regularly and work through the chaordic design process.

1. Develop a Statement of Purpose
2. Define a Set of Principles
3. Identify All Participants
4. Create a New Organizational Concept
5. Write a Constitution
6. Foster Innovative Practices
7. Drawing the Pieces into a Whole

This post is from pages 36-37 and 50 and Appendix 4 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

This is the section before: Value Network Mapping and Analysis

This is the section after: Who are the Stakeholders?

Section Co-Authored with Verna Allee, ValueNet Works

Living systems require exchanges with the environment in order to continually renew themselves. These exchanges are of two basic types: matter and energy and (or) cognitive exchanges that express the intelligence of the system.

From a living systems perspective, the molecular level of business economic activity also is the exchange. In traditional business thinking we have thought of economic exchanges only in terms of goods, services, and revenue – the “value chain” transactions. One can think of resources and money as roughly equivalent to the living systems exchanges of energy and matter in living systems.

In addition, as living networks, communities, companies and business webs engage in more than material exchanges -  they also engage in cognitive exchanges. Sustainable business success depends on exchanges of information, knowledge sharing, and open cognitive pathways that allow good decision making. These exchanges not only have value, but are essential for the success of the enterprise, so they must also be considered as economic exchanges.

The Identity Ecosystem, as a human techno-societal system, operates as an ecosystem that has many roles. Between these roles value flows that is both tangible and intangible (things that are recognized but not easily quantified) deliverables.

The value network modeling approach would model this ecosystem as a value network of roles and interactions that are involved in specific system-level outcomes. Roles can be played by organizations or individuals. In value network modeling, specific deliverables between roles are defined as a way of describing the creation and dissemination of value, and to understand how the innovative exploitation of technology and knowledge take place. When the interaction between the different players works well – new, valuable knowledge is generated which is quickly put to practical use. This creates the foundation for innovations and attracts investments.

Any Value Network ecosystem analysis typically addresses three levels of assessment:

• The roles, products, services and knowledge – including data flows – that work within the value network.
• The enabling technologies that support role execution and deliverables.
• The conditions, enablers, and constraints that influence the ecosystem

It is a proven method for mapping diverse industry network ecosystems with decades of practice and application. It provides a visual model and analytical structure as foundation for defining the emerging identity ecosystem and exploring possible scenarios and policy models. It is a dynamic approach to business modeling that scales from shop floor to industry ecosystems.Before sharing how I think this process can be used as part of speeding up the time it takes to make the NSTIC vision real, I want to share an example from where I applied this process to build shared understanding between two very different professions developing a map of the traditional industry and look at how the whole system shifted when the future was envisioned together.

Example of Applying VNA to the Changing Journalism Ecosystem 

I (Kaliya) was invited to join the facilitation team for an interactive ongoing series of conferences called Journalism that Matters for their 2008 conference Silicon Valley event. They were interested in my expertise convening interactive conferences for professional technology communities because they wanted technologists and journalists to consider how new technology tools and new journalist roles were emerging in journalism. When the other facilitators talked about the ins and outs of journalism they kept mentioning “the news room.”  It was clear to me that if technologists were coming to this meeting that they would need more background about the ins and outs of what happened in Journalism. But there was no clear ecosystem map or picture for this core activity of the news room.

To bridge this gap I brought in Value Network Mapping as a process to both map out the roles and value flows in the existing ecosystem.  It gave all who had never worked in the journalism industry a clear picture of how journalism happens via the various roles and value flows centered around the news room. Here is the map we collaboratively created with journalists.

* Intangibles play such a big part of the overall value flows a choice was to make  intangibles are solid lines and make tangibles are dotted lines.

Value Network Mapping gave us a process to consider how roles from the traditional journalistic  roles changed when new value flows enabled by new technologies happened. Below is the map of the future that   was put forward as a straw man at the event for all to consider and contribute to.

Applying VNA to NSTIC Vision for an Identity Ecosystem Framework

For a future Identity Ecosystem as envisioned by the NSTIC document to emerge it is vital to gain a clear present state understanding of the many industry ecosystems and consider how they can converge into a more integrated Identity Ecosystem Framework.  Just as the polarities in an ecosystem can be named and mapped collaboratively by diverse stakeholder groups,the roles in the ecosystem and the value flows between them can be mapped collaboratively by diverse stakeholder groups.

Stakeholder groups have very different points of view about what is most important to them. A collaboratively developed Value Network Map can provide a common visual and analytical tool to talk about issues as they are expressed in the real flow between entities rather than just abstract ideas. A range of use cases can be explored and different constraints could be applied, including using the maps to develop regulation and liability scenarios.

The risk for not doing this kind of foundational work is high. Most ecosystem models do not address the gap between a high level landscape view (such as a few PowerPoint slides of stakeholder groups), typed lists of issues and proposed solutions or policies.  The risk of jumping from high level views into policies or accountability frameworks without actual models of those policies as implemented is very high, particularly in the case of NSTIC.

Further, NSTIC must be inclusive about shaping the conversation around models and standards or regulators can easily fall into knee-jerk policy making that will constrain the market in unhealthy ways. With private sector leadership driving NSTIC it is vital that viable market models exist for services that choose to adopt enhancing technologies for verified anonymity. However, this conversation needs to include a diverse range of stakeholders, not just large companies. This means engagement conversations needs to include multiple stakeholders at a level that avoids insider jargon and engages people in pragmatic models of how proposed changes would actually work in implementation.

As a stakeholder engagement activity, the process of developing value network maps of present and future potential Identity Ecosystem states with a range of stakeholders can foster a much higher level of support and agreement amongst stakeholders with interests. Diverse stakeholders with seemingly unresolvable points of view could collaboratively work to find value flows that bring value to business (they make money) and protect people’s by limiting the flow of personally identifiable data and sensitive metadata and data sets.  It may be that new roles are needed in the ecosystem for these two goals to be achieved.  Any proposed roles, new services and regulations needs to be understand in terms of their systemic impacts on the existing system to manage both risks and opportunities. One thing all stakeholders share is a goal for the overall system and individual identities within it to be trusted. Trust is an emergent property  of a healthy ecosystem that serves all stakeholders:  individuals, organizations, businesses and government that  play different roles in the system.

There is widespread agreement that new accountability frameworks are needed to grow trust.  How these get accountability frameworks are created, listed, complied with and audited is still being worked out. This issue area is an ideal “test” scenario for using the value network as a common analytical framework. Using Value Network Mapping and Analysis in a collaborative process to understand how these new frameworks fit in at a system level could increase understanding of their uses and the roles associated with them, illuminate risks and implementation issues and increase trust in them through this higher level of transparency. The mapping and engagement process can be done periodically as the ecosystem evolves to ensure that value and trust are growing.

Value Network Mapping and Analysis is an invaluable tool to clarify specific roles, value flows and key activities within the ecosystem. It will provide a way for people to contribute coherently to the larger conversations about the ecosystem as a whole. The value network models will provide a common visual and analytical language to integrate discussions that will take place in meetings across different jurisdictions and industries and increase transparency for critical decisions.

Applying VNA to the Personal Data Ecosystem

The first Industry Collaborative Project of the Personal Data Ecosystem Consortium (which Kaliya founded and serves as the Executive Director for) is using this method to gain shared insight into the overall market model and consider how it will evolve differently in different industries.

Here is part of an initial map from the first collaborative mapping session Personal Data Ecosystem Map that took place June20-21, at the Cloud Identity Summit. This section of the map shows the flow of implicit (blue dotted lines) and explicit (green lines) value flow between an Accountability Framework Creator, Accountability Framework Auditor and an Attribute Validator. This very early view illustrates how important it is that these roles and flows be integrated into the larger Personal Data Ecosystem mapping effort.  See an example of a map in progress around Accountability Frameworks.

Maps collectively made by stakeholders from particular industries that are involved with NSTIC could be developed and then shared with other industries who also made maps. In sharing maps of existing industry value flows. Insights into how things could work in the future when two industries work more closely together.

This map in progress for the Personal Data Ecosystem Consortium focuses on how value flows between Accountability Framework Providers, Accountability Framework Auditors and Attribute Verifiers.

Benefits of Systems Mapping Processes

Section by Kaliya Hamlin

Value Network Mapping and Polarity Mapping and Management are system level sense making and future insight.  These processes give vastly different stakeholder groups the opportunity to come to broad agreement, consensus if you will, about the nature and shape of the ecosystem. What organisms are in the ecosystem? How do they interact? What are the inherent tensions that need to be managed for the ecosystem to thrive?

They are complementary because early warning signs for the down side of polarities could be identified for particular roles in the ecosystem defined in the value network mapping process. action steps for particular roles could be anticipated and put into action when particular warning signs emerged in other roles.

Stakeholders with seemingly opposing points of view or with very different emphasis of what is important can see how their perspectives fits with others in a holistic way. They can also come a shared understanding of overall ecosystem health and work together to proactively maintain it. These maps should be updated regularly and remapped every 3 years.

Having shared maps of the roles and polarities will go a long way to having productive dialogue between all the ecosystem stakeholders.  The next section goes on to cover options for having effective systems level dialogue among self identified stake holders and perhaps most importantly regular people who are doing transactions in the ecosystem.

Value Network Maps and Polarity Maps are not the only to process tools that could be used to help bring shared language and understanding to the NSTIC stakeholder community.

This post is from pages 30-35 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

This is the section before: Ecosystem Maps - Present, Evolving, Future

This is the section after: Questions of Governance

Polarity Management:

Section co-authored with Barry Johnson and Jake Johnson

Polarities

Natural systems thrive when polarities are in dynamic balance - breathing in and out is a polarity humans leverage moment to moment. At the same time, we must attend to more than our Inhaling and Exhaling. We must attend to where the oxygen comes from and where the carbon dioxide goes. Paying attention to polarities within a part of the system is important to sustain life and, it is not enough. The part must also pay attention to the other parts and the whole for its own survival.With any polarity, it is always in the long-term interest of each pole to take care of both poles.

The Part and Whole polarity is available to be leveraged at every level of system. The individual cell in an organ; an organ in an organism; or, an organism in a larger community. We are talking about the development an Identity Ecosystem as a human techno-social systems ecosystem where polarities need to be leveraged. It seems appropriate as a way to gain insight and agreed upon signs of systems health to identify key polarities with stakeholders and monitor how well they are being leveraged over time. This ongoing assessment allows for informed self-correction as part of the dynamic balancing of the polarities in response to changing circumstances.

Polarities in the Strategy

The NSTIC Document clearly articulated many inherent tensions - polarities that exist when considering the formation of an identity ecosystem. This expression of polarities was one reason it was so well received by such a broad range of stakeholders. These stakeholders reflect different points of view relative to some key polarities. Those with perspectives that are on opposite ends of a polarity could see their point of view reflected in the outline of the broad vision. To make a ecosystem function the vision must be grounded and the tensions leveraged in service of each stakeholder group and the whole ecosystem.

Mapping the key polarities and getting broad stakeholder agreement on how to leverage them creates a process and structure to successfully negotiate the tensions between “opposing” stakeholder groups. It is also possible to assess how effectively a list of key polarities are being leveraged. This can be done by an unlimited number of people who only need to have access to the internet. The results can be broken down by any combination of demographics built into the assessment at the front end. The assessment also includes “Action Steps” and “Early Warnings” created with the stakeholders which support the effective leveraging of the key polarities.

When a polarity that we actually need to leverage, is instead treated as if it is a problem that we need to solve, those favoring different poles get into a power struggle over which pole will dominate. This leads to a vicious cycle in which everyone looses. The system looses first as energy is wasted in the either/or fight between the two poles. The system looses, again, when one side wins, because the result is to also get the downside of the “winners’” pole. Then the system looses, yet again, when it actually finds itself with the downside of both poles.

On the other hand, when a polarity is identified as a polarity, it is possible to leverage both poles in a way that creates a virtuous cycle supporting both poles and the system as a whole. This is why it is important to be able to identify and leverage key polarities in the systems we want to work.

Here is a list of Polarities reflected in the NSTIC document and named in the governance NOI:

Developing Polarity Maps work for the Identity Ecosystem 

Proven Process for Leveraging Polarities: See, Map, and Tap.

A sub set of stakeholders would be involved in each step of the process. Once a draft assessment has been developed by the sub set of stakeholders, a much broader group of stakeholders will have the opportunity to experience and modify the draft assessment as a final step in confirming the final assessment.

See: The sub set of stakeholders gather and identify 4-8 of the most critical polarities that need to be managed for a healthy identity ecosystem.

Map: Each of the identified polarities are mapped which is a values and language clarification process. Agreement is reached on the positive (upsides) of each pole and the negative (downsides) of each pole which occurs when you over-focus on one pole to the neglect of the other pole. A Greater Purpose Statement (GPS) is agreed upon which responds to the question: “Why should groups invested in one pole generate a shared polarity map with groups invested in the other pole?” Then a Deeper Fear is also identified which a common fear of something advocates for each pole want to avoid. This completes a polarity map.

Tap: Ideas are generated for how to gain or maintain the upsides of each pole. This is done through Action Steps in support of each upside. Ideas are also generated for Early Warnings that let you know when you are getting into the downside of a pole so that you can self-correct early.

The objective is to create a virtuous cycle between the two poles in which you maximize the upsides of each pole and minimize the downsides. When this is done well, the system is more likely to thrive and move toward the Greater Purpose agreed to by all stakeholders.

Example of leveraging a polarity with the Deputy CIO at the DOD:

When Dave Wennergren was the CIO for the Navy, he learned about Polarity Management® through Frew and Associates working with Barry Johnson. When he moved to the position of Deputy CIO for the DOD, he noticed a chronic tension everywhere he went as he was exploring information issues within the DOD. Some were strong advocates for Information Security. Others were strong advocates for Information Sharing.

See: Wennergren saw this tension as a polarity he could leverage rather than a problem he needed to solve. The polarity is Information Sharing and Information Security.

Map: He invited Barry Frew and Barry Johnson to map this polarity with him and his executive team.

Tap: After completing the map, they created Action Steps and Early Warnings in order to be intentional about going after both upsides and minimizing both downsides. The office of the CIO of the DON also looked at the draft and enhanced the map, action steps, and early warnings.

Below is an example of their work:

It is very efficient. This is especially true if you contrast this process with not seeing this tension as a polarity and getting into a chronic power struggle between those wanting Information Sharing as a “solution” and those wanting Information Security as a “solution.” It does not matter who “wins” in an either/or power struggle, our country loses. Information Sharing without Information Security makes our country vulnerable because of access to information by those who would harm us. Information Security without Information Sharing makes our country vulnerable because of lack of needed and coordinated information throughout the DOD.

All polarities work in very predictable ways allowing us to be both strategic and tactical in leveraging them within the Identity Ecosystem.

Real Time Strategic Change

There are six polarities, the Real Time Strategic Change Principles that support system identity and improvement.  These principles have been tested and proven effective in field settings around the world.  Pay attention to them in systems work and your desired future is more attainable, faster and more sustainably.  Each is defined as a key polarity – a tension between two elements that need each other over time to ensure greater system health.

Making Reality A Key Driver

Know the inside of your system and also know the outside too. Put together what you learn and you’ll make informed decisions and take strategic actions.

Engaging and Including

Provide clear direction and invite participation. Lead in both ways and you’ll make smarter choices and create the commitment needed for useful continuity fast and lasting change.

Preferred Futuring

Combine the best of your past and present and compelling visions for your future. Build this picture and you’ll create your best future.

Creating Community

Ensure you focus on both the system as a whole achieving its full potential while at the same time finding ways for each part of the system and people in it to achieve their full potential.  Do this and people achieve peak performance by becoming part of something larger than themselves that they have created and believe in.

Thinking and Acting in Real Time

Be in your future and plan for it at the same time. Learn to do them equally well and your desired future will happen faster.

Building Understanding

Stand up for what you believe in and be curious about what others think.  Support both interests and you will continue to learn and develop – individually, in your teams and as an entire system.

We have repeatedly witnessed the magic of what happens when you bring disparate ideas, intentions and hopes together. People yearn to be heard. They want to be part of solutions to problems that affect them. Skilled design and facilitation make it possible to tap into this common human desire.  Shared trust between consultants, clients, and participants is the second ingredient that helps make this happen. It is through the ideals and values of Real Time Strategic Change that we continue to hold hope for the world and for our chances of having a positive impact on it.

Benefits of Systems Mapping Processes

Section by Kaliya Hamlin

Value Network Mapping and Polarity Mapping and Management are system level sense making and future insight.  These processes give vastly different stakeholder groups the opportunity to come to broad agreement, consensus if you will, about the nature and shape of the ecosystem. What organisms are in the ecosystem? How do they interact? What are the inherent tensions that need to be managed for the ecosystem to thrive?

They are complementary because early warning signs for the down side of polarities could be identified for particular roles in the ecosystem defined in the value network mapping process. action steps for particular roles could be anticipated and put into action when particular warning signs emerged in other roles.

Stakeholders with seemingly opposing points of view or with very different emphasis of what is important can see how their perspectives fits with others in a holistic way. They can also come a shared understanding of overall ecosystem health and work together to proactively maintain it. These maps should be updated regularly and remapped every 3 years.

Having shared maps of the roles and polarities will go a long way to having productive dialogue between all the ecosystem stakeholders.  The next section goes on to cover options for having effective systems level dialogue among self identified stake holders and perhaps most importantly regular people who are doing transactions in the ecosystem.

Value Network Maps and Polarity Maps are not the only to process tools that could be used to help bring shared language and understanding to the NSTIC stakeholder community.

This post is from pages 25-29 and 35 of Kaliya's NSTIC Governance NOI Response - please see this page for the overview and links to the rest of the posts. Here is a link to the PDF.

This is the section before: The Trouble with Trust & the case for Accountability Networks

This is the section after: Value Network Mapping and Analysis