Friday, September 21, 2012

"The Politics of Sharing"

I attended a very interesting discussion this week at Microsoft, about the politics of information sharing. The topic was being explored from a local government perspective. It became clear that under the guise of "we are not allowed to because of the Data Protection Act" many local government departments and services avoid sharing information about citizens with other organisations, often to the disadvantage of the very citizens they are responsible for serving and protecting.  The real reasons for this was far simpler! The seagulls in Nemo are good exemplars!

It became clear that many of the representatives of the various bodies, organisations and advisors had missed two key points!
1) Not sharing causes more harm than good, (though there were some present who understood the dangers of not sharing, and that effective sharing can be good for citizens)
2) The information that they were refusing to share, was owned more often than not, by the very citizens that they were elected or paid to serve!

We had a number of discussions about some important mechanisms that need to be in place to enable sharing, such as the standardisation of definitions and standardisation of API's. We recognised that a more effective means of virtial identity was required, and that asset owners would also need to be able more effectively and efficiently manage entitlement and access to their data. One excellent point that was made involved the "value" flow in the transaction. Individuals would either be paid in cash for giving access to their personal information, or could benefit other ways that they would value. (I would allow the police to have access to my home alarm system information, if that meant they would respond quicker to an incident. I wouldn't expect them to pay me for access to such data!).

There was apparently begrudging agreement in the room around the concept of citizen centric data stores, there were however far too many individuals who preferred the idea of creating Government controlled citizen "Big Data" stores shared across multiple agencies, "All the better to control you with my dear!". The recent World Economic Forum's paper on the subject effectively signals an important shift. 

Imagine a local authority that provides each of it's citizens a personal data store and helps them create wealth from this personal data store (likely taking a portion of the income for providing the service and as a means of reducing local tax,) while at the same time using the data store to enhance the safety and security of those same citizens. Information stored in such local government personal data stores would only be data that relates to the business of local government. Other more sensitive data would be in more 'personal' Personal Data Stores. There are many businesses that would love to gain access to such local government information that for example details which houses have double glazing installed. This data may not always be used for wealth creation, as an example it might also be used in the context of supporting the  infirm and aged.

Imagine the "politics of sharing", in the light of an ecosystem that creates wealth for the individual citizen, reduces their local taxes and gives local business access to accurate and timely data that helps drive the local economy. 

Human Agency can be even further enhanced by the full and complete realisation of exactly whose data it is. Politicians and Regulators will do well to recognise that their focus should shift from being overly concerned about the details of privacy law, to the more fundamental and far more important issue of Cyber Agency.

After all it is the control over the curtain that gives privacy. Privacy is simply the result of being in control. So laws that encourage increasing the control by the citizen over their own data, and the development of Personal Data Stores, will be good for the economy, the individual, and society. So why are we not seeing such laws being enacted. My belief is simply that the power is in the hands of those that currently create wealth from our personal data, citizens rarely pay lobbyists!

What to do? The answer is simple : Ensure value flows to the individuals and organisations that created or own the data. Anything else is Data Usury.
Doing so will involve taking on those that would lose out from such a redirected flow, and remember, voters, the economy and society can all benefit.

The web will finally be able to do what it was designed for, creating a more open and egalitarian society. 

Wednesday, September 19, 2012

Data Entropy, my new battleground

In a recent Blog Simon Wardley was bemoaning the inappropriate use of the terms Structured and Unstructured as they pertained to data, I started writing a comment that turned into this Blog.

I believed the words that he was exploring also pointed to the power Entropy has over data. The simplified post (I didn't see the EP/LP version of his Blog, he had reduced its length b4 I read it) seemed to assume an inexorable flow from Unstructured to Structured. As humans we are in a constant battle to bring structure, order, form meaning to the world around us, this especially applies to data.

History is still only what we believe happened, as we have yet to gain dominion over data. A key difference between energy and data is that data can be destroyed and far too frequently is destroyed, as the non-existance of many historic records can attest!

I was trying to find the word equivalent to exergy, which applies to energy, in the world of data, when it struck me the lack of its existence maybe because that with data there is no "maximal value". Which on reflection is obvious as when one uses data or information and take nothing from it, far from it more often than not combining data can create new data/information plus there is no natural friction in the world of data just entropy. This in itself was on obvious realisation, but then I already knew that the more I knew the more I realised I did not know!

In our journey of transformation, fighting data entropy all the way
- with data (bits) to information (informs) we add form to create new facts or "informs"
- with "informs" to knowledge (knogs) we discover new forms, & meaning 
- to achieve the highest form we make the right use knowledge and attain wisdom!

Aside: It strikes me that with data, entropy reduces the value of data with the square of time, like gravity reduces with the square of distance.

This is shown very well when I look at the graphical data that I have stored about my life, I can readily access images from a month ago, but many of the images taken a decade ago are lost to my iPhoto album, or of they exist in the Album have lost meaning. The majority of images from my childhood are lost with a few hanging on by their finger tips in physical photo albums, the meta data around even older photos makes them all but meaningless; Who is that man in a soldiers uniform in that fading sepia photo?

Thus my final comment after the mind storm that Simon's Blog evoked is:-

Thankyou I created this Blog as a direct result of your post Simon
I enjoyed the journey and find myself even more motivated to fight data entropy, and add or maintain the order, structure/form and meaning of my personal data. 



Which makes me even hungrier for the Linked Data tools I can only envision but have not the skills or time to create. ORAC is sounding more important and desirable every day, Blakes Seven has a lot to answer for! 

Monday, September 17, 2012

Wot d'ya mean "Digital Exhaust", it's gold & Mine!

or "Asserting my Human Digital Rights is pretty hard if they are not defined!"

Sadly no matter how hard I read the Declaration of Human Rights, I can no-where in them find the provision of my Digital Rights. Admittedly Article 8.1 - "Everyone has the right to respect for his private and family life, his home and his correspondence." provides very effective right to Privacy especially if we assume the definition of correspondence, to include all data communicated between myself and others, including machines.  This does not however give me ownership, or control over my data, whether it be the data that I deliberately create and store, or the data deliberately leaked from my devices, often called data exhaust or even data that judges or regulators try and call theirs! The data that defines location of my digital devices is mine, or at least it should be! There should be no doubt that anyone that wants to access and/or use that data should have my express permission to do either. Though there may be just cause to gain a court order to gain access to the data without my permission.

Dear Politicians and NGO bureaucrats,
  Please can you turn your attention to defining the Digital Rights of Individuals, including their agents.

Perhaps our friends in WIPO might see there remit expand to include the Data of Individuals, not just the "Intellectual Property related to Corporations and Artists? There is likely to be a better way, than simply re-purposing a current organisation whose role is becoming greyer as the Internet makes Transparency the new reality.

What that is remains to be seen....

Thank you

A very concerned Cyber Citizen

Tuesday, September 04, 2012

From Paper to Plastic to Silicon based Credentials

Digital Wallets are the new Identity battleground, who can get you to put more of your Identity into their Digital Wallet?... Google's "Wallet" , Apple's Passbook, to be launched in their new iPhone next month, or Microsoft's relaunched e-Wallet with their new Windows 8 Phone this Autumn. NFC will become just the underlying technology.  Mastercard and Visa are both getting in on the act with with Digital Wallets, though mostly payment focussed. 

Initial Reactions

What do you mean I can't get digital receipts? 
How can I stop stores from rifling through my Digital Wallet and harvesting info? 
How do I know what information they did get? 
Can they keep all the info or did they just get a "One Time" glimpse? 

These are just a few of the natural questions people will ask in order to get an understanding of the state of the key elements of Agency, Trust, Useability and Manageability in the Digital Wallet space. It is early days and there is a lot of issues to resolve, barriers to remove and most importantly cash flows to figure out. 

The Bottom Line of the Digital Wallet Service Provider:   Who is going to get paid for what?

Contents of a Leather Wallet

As you can see I had 17 "Paper and Plastic" credentials" in one of my Leather Wallets, that I'd want to include in a Digital Wallet with a few more that I don't normally carry around with me that I would happily include.

My Bottom Line: 

My wallet supports more than simple cash transactions
I don't want a Wallet Service for every Identity I own
I want ONE "Virtual Wallet" that is secure and very easy to control, but I want access to it on every device I own.
A few important architectural questions :

When will Ubiquity occur?
A difficult one to answer!

Are the better solutions Proprietary or Open?
I have my bias!



Can "credentials" be easily moved from one Digital Wallet to another?
Today.. no! Tomorrow.. a must have!

Will users want to trust their device as the sole credential repository?
Would you?

Will digital wallet silos, ie a wallet service that only stores ONE credential, really work?
Some are betting yes, at least in the short term.

Things to watch:

The Trust Nexus A network of cloud based identity repositories

Square & Starbucks An innovative location based Identity approach

Question for Organisations to ask themselves

Will my organisation have the ability to enact transactions with these emerging Digital Wallets?
Will my organisation have the ability to put "credentials" into these emerging Digital Wallets?
What will be the advantages of doing so?
What will be the disadvantages of not being able to do so?
Are the solutions adhering to the Jericho Forum IdEA Commandments?

Question a smart consumer should ask: 

Why didn't the organisations making the shift to Silicon based Identity know about the Jericho Forum Identity, Entitlement and Access Management Commandments or watch the Jericho Forum IdEA Videos?


Identity Video #1 - Identity First Principles.   
Identity Video #2 - Operating with Personas.    
Identity Video #3 - Trust and Privacy.    
Identity Video #4 - Entities & Entitlement.   
Identity Video #5 - Building a Global Identity Ecosystem.   


Is this the beginning of the end of Paper/Plastic Credentials for your organisation, or the beginning of the end of your organisation? For there are some very raw and powerful tectonic identity forces at work under the covers of this simple sounding shift. Do you understand them?