Wednesday, October 19, 2005

Easy is Hard

I got this quote at the bottom of an email from Luke Kanies of reductivelabs; I love it.

I conclude that there are two ways of constructing a software design: One way is to make it so simple that there are 'obviously' no deficiencies and the other way is to make it so complicated that there are no 'obvious' deficiencies.
-- C.A.R. Hoare, Turing Lecture "The Emperor's Old Clothes" CACM
February 1981, pp. 75-83.

It makes me wonder; I have long loved the quote:

I would not give a fig for the simplicity this side of complexity, but I would give my life for the simplicity on the other side of complexity.
- Oliver Wendell Holmes

And have long strived for, and I believe periodically found, the simplicity on the other side of complexity. But, did I, or is it that if you stare at the same complexity long enough it starts to LOOK simple to you. When people tell me some of my work is too complex, I have to believe them, not discount their opinion because it LOOKS simple to me.

let them go, and if they love you...

I talked about this in the interview but for my own sanity need to get it down on paper. One of the arguments against giving users control of their data and control of their relationships is that businesses and organizations would ‘lose control’. There is a fear that all of an organizations members (customers) would cut them off and they would be left high and dry with no affiliations left.

First let me tell you what I mean by ‘giving the user control’:

I am using a very simple use case; rather than the organization keeping my name and my email address, they just keep my i-name. Whenever they want to contact me they look up my email address, it doesn’t matter how many times I change it, as long as I don’t revoke their permission to see it, they can get my current email. I do have the right, and the ability, to revoke permission (as I should).

Here is why I think the fear is fallacious:

The ADMA (American Direct Marketing Association) says that mailing address data ages, becomes bad, at a rate of 15% a year. I couldn’t find statistics on email address aging but you have to assume that it ages faster than mailing addresses given how much easier it is to change email address than move house. So lets assume that email data ages at a rate of 20% ( and I think that is low). So, today, an organization can expect to lose 20% a year of their relationships simply due to the inefficiencies of the infrastructure. By adopting an identity centric architecture (ICA) an organization can eliminate this attrition completely. So what about the people that ‘opt-out’; well, they weren’t interested in your stuff anyway, clearly. If over 20% per year of people that have established relationships with you jump ship; you have a deeper problem that needs to be addressed. So, the net is, you have more people, more relationships, and they are known to be of a higher quality.

I think this is profound; by respecting your constituents, and empowering them, you end up with better relationships with more people. So you save above the line because you have a more efficient information system and you make more below the line because you have more, better qualified, relationships.

Tuesday, October 18, 2005

Sound Byte

Aldo CastaƱeda interviewed me yesterday for his new series “The Story of Digital Identity::AudioArchives”. You can check it out here. I don’t think I ramble TOO much.

Friday, October 14, 2005

horse and car

I had the opportunity to spend some time at the N-TEN conference in DC this week. It was very interesting getting immersed in the world of the people that we want to adopt the stuff we are working on.  I was amazed at the ‘state-of-the-art’ that was being presented; they have a long way to go. My analogy for the day was:

They are all talking about how to better tether their horses to their carts. I tried to tell them about cars… They wanted to know how you tether a horse to a car.

The experts that were speaking were introducing the concepts of Web Services and Messaging (Pub/Sub).  I was trying to tell them that those are the OLD answers to their problems. There needs to be a real paradigm shift. It’s going to take some time, and a lot of work. The glimmer of hope; there were a few people there that really got it. Together with those few people I think we can move this stuff forward by leading by example.

Monday, October 03, 2005

Do you respect me?

As a follow on to the previous post; an interesting thing happens as the ecology evolves. When a vendor chooses to accept a given level of DSA (Data Sharing Agreement) they can (they don’t have to!!) register the fact with IDC(Identity Commons). This would enable them to get informed if that DSA was changed. It would also enable IDC to, with the vendors permission, publish a registry of vendors, or service providers, that accept that level of DSA. I could therefore choose my service provider, for any service, by searching the list of providers that are going to give me the highest level of control over my data. I think that’s cool!

Do you trust me?

I have talked a lot about Link Contracts lately, so why stop now. As I have said, Link Contracts are composed of several, signed, parts. Some of the parts are network enforceable and some are not. The non-network enforceable bits are meant to be enforced in some social system of accountability. These non-network enforceable bits are what I refer to as the ‘Terms and Conditions’ of the data sharing. The bit that says “You may not sell my data. You may not use my data for any purpose other than the original purpose of this agreement”, that kind of stuff. The problem with these terms and conditions is, they aren’t meant to be network enforceable or, therefore, machine understandable.

So if we don’t do this right this is what happens:

I address an email to you with your i-name. My email client asks your authority for your current email address. Your authority returns a response that says; you can have that info if you agree to these terms and conditions. My client is meant to sign these terms and conditions and return them to your authority in order to get the data I require. SO, the problem is; I don’t want to read some terms and conditions every time I do anything that involves someone else’s data. You know I’m not going to read it anyway, but I don’t even want to have to do that extra click. I mean, who knows what’s in those terms and conditions? What’s to stop you from adding some line 20 pages down that says “By signing this agreement you agree to pay me $500”. If this is how it worked, the Dataweb would be broken before it even started.

So… what do we do?

Rather than us all writing and using our own DSA (Data Sharing Agreements; terms and conditions) we will use ones provided by ‘trusted third parties’. I can read IDC (Identity Commons) Standard DSA #5 once and setup a preference that I am always willing to accept data under those terms. So in future when I ask for your email, you will say “under IDC DSA #5 (version 1.3)” my email client will simply sign the contract and send it back.

Now, the reality is, I’m probably not even going to read the IDC DSAs but that’s the point of having it provided by an organization that is ALL about trust. I know that if IDC publishes this DSA under their name… it must be ok. Ultimately there may be other organizations that provide DSAs that we can all trust, or at least use; Visa, HIPAA, SEC, etc…

For now we need to bootstrap this ecosystem. I have worked with Owen of IDC to outline three basic DSAs that can get us started;-

1. Basic – This one will put some simple constraints on the consumer of the data to ‘respect’ the owner’s privacy. This is the first real step toward giving the individual some control over their virtual self. It will include:
    • No selling my data
    • No giving my data away
    • Only use my data in the context in which this agreement was forged
    • Upon request or discontinuation of this agreement you will anonymize or remove my data, remove all PII (Personally Identifying Information) and any contact channel information (address info). I call for anonymization as an option as companies must have the ability to execute their operational reporting and auditing.
2. Wild West – This is for the organization that wants to take advantage of the higher quality data source that the Dataweb provides, but cannot, for technical, business or other reasons, conform to the restrictions of the Basic DSA. Accepting this agreement would be no different from filling out a registration form at a service today, just easier for all concerned.

3. Full Empowerment – This agreement is for the truly forward thinking organization. Under this agreement the requester of the data offers reciprocation. They say they will give you a copy of your transaction records in exchange for having access to your data. In practice this would mean that I give netflicks access to my contact info and they will, automatically, programmatically, give me a copy of the list of movies I have rented ( and how much I spent, and how long I kept them and all that good stuff). When the contract ends, I still have a copy of that information that I can take with me to my new movie rental provider.
I characterize option 1 as individuals having privacy statements instead of organizations. Option 2 as, status quo and option 3 as the next step in the evolution toward a fully empowered consumer.

Ultimately, I believe, option 3 evolves to a point where vendors simply use our repositories as the place that they keep the data about us. By giving us that level of control, and trust, and respect; why would we go to another vendor?

Please let me know if you think we need another DSA, or that I am totally off base!!

Saturday, October 01, 2005

Under Contract

A key component of XDI is the Link Contract. The Link Contract is a digitally signed document that specifies the details of the data sharing agreement between the owner and the consumer of a set of data.  There is various network enforced aspects to the contract but there are also social aspects of the contract. Lets break it down a bit.

If you look up Contract in the dictionary you get something like:

An agreement between two or more parties, especially one that is written and is subject to a system of accountability.

In most cases the system of accountability is the legal system. While Link Contracts could be written to be legally binding, we are still a long way from digital signatures being broadly accepted, especially automated ones. It is my belief that we are going to be much better served grounding our accountability in a reputation system. A mechanism by which quantifiable feedback is routinely provided when transactions end (or fail to end). The reputation system will have to be subtle and flexible. If I say something bad about you that might have implications on you, me, your community and my community. If I go around bad mouthing people all the time people need to have the queues to stop listening to me. Or, am I the people’s advocate who goes around outing bad guys, so people assign a good reputation to my negative opinions… ah, so much to work out :-)


Have you seen the ACLU Pizza movie? It’s funny. However, it paints a picture of how the world might be if ‘we’ (all the people I am working with) fail. As a counter point I wrote this story; how things might be if we succeed. It’s just a bit of fun.