Tuesday, February 25, 2014

Aargh! Yet another Raised Bed/Silo in my Walled Gardens

The Internet of Things will hold far less promise if everyone follows the Hive path that British Gas have chosen.

For those that do not know "Hive" is a means of controlling your home heating, and hot water if you have an old fashioned water tank! It comes with a very nifty and useable App, and it can be controlled via the HiveHome website. A word of warning don't forget that you are in Demo mode, I can vouch for the fact that it is very annoying to find you have programmed your whole system in Demo Mode!

The Bottom Line...
British Gas have apparently licensed the AlertMe hub, but taken the Zigbee protocol and made it their own (ie Proprietary Protocol!)

Grrr,  my Home Automation Agency is already under attack! I started looking up "Hive API" as soon as it was installed, by a very kind British Gas engineer named Josh who explained that I could get it done for £179, as he was already here servicing the boiler. I was hooked. I failed to do my normal due diligence!

No APIs currently available or planned. (Though they have been hinted at) :-(
I checked IfThenThat.... nope Hive is not present? :-(

Apparently I can use SMS as an API interface, thanks for that British Gas!

So now to follow my own advice, after the fact, what data/control have I just given up, and can I get it back?

Watch this space... I am still pondering that question. 

We are likely to see many more examples of Walled "Internet of Thing"s Gardens
In fact my Internet of Things garden is starting took like my own garden, a hodge pudge of poorly connected raised beds, think silos of things. 

The X10 System 
The Withings Scales
The Weather Station
The Blood Pressure Monitor
The Heart Rate Monitor
The Mac based Indigo Home Automation System
The Hive
The Solar Panels
The OWL Electricity usage Monitor
The Electric-Save Electricity usage monitor (Don't ask!)
The X10 Secure Alarm System
The Phillips Multifunction Remote
The Apple TV
The TiVo
The PS3
The Samsung Smart TV
The Airport Expresses (iTunes)

My iPad Mini with
   Withings App
   Hive App
   Apple Remote
   Indigo X10 App

No prizes for guessing that they are NOT fully integrated! Yes all of them can connect to the Internet!

I want my IoT Agency to be simple to manage and easy to integrate!

Some Hope!

Dear British Gas,
 You do not understand the power of co-creation. You have treated me just like the crab in my prior blog post. Please reconsider your stance!


PS I am off to read the Terms and Conditions, I really was badly hooked !!

Dear Satya

I am looking for a cyber knight, some one who will bring "Human Agency" to the internet and protect it. By Human Agency I mean the capacity to control one's environment, when the environment is the internet, it might be called Cyber Agency.

To give an Entity (Government, Organisation, Person or Device) Agency, there are three things that must be sorted:-
1) The ability and capacity to trust the identity of remote entities,
     whether Anonymous (but same) or Named (and verified)
2) The means to transact in a trusted manner, ie negotiate, contract, commit, deliver, and pay in whatever persona we chose.
3) The opportunity to collaborate in a trusted environment

For me the current manner of attempting to achieve this with secrecy is doomed to failure.

We need an open trustworthy ecosystem, to accomplish the above.

I believe Microsoft can be one of the reasons that this ecosystem can come into being.

Please help us move from the "Agency Free" Enterprise/Network space through the "Agency Impaired"(App/Service)^2 domain to the "Agency Enabling" Entity/Device/Data Nirvannah

Is it just me?

I get the sense that we are sleep walking into a world devoid of human agency, a world where the machines are talking to machines, and corporations are taking the profits.

Human Agency defined previously here; is something that we innately desire, but are too often giving up in exchange for mere fripperies. A free game gets access to our location, our friends, and all their details and even the right to change our address books, without any further input from us, and often with not even a tiny shiver of fear.

Many moons ago I was advised to cook a crab by placing it in cold salt water and slowly bringing the temperature up, as it would not notice before it was too late, that it was in "hot water".

The water is getting warmer, and yet we still do nothing but click on anything that gives us "something for nothing". Except, it is our "Agency", it is not nothing! If we give it away it will be very hard to get back. Atfer all the web never forgets...

If Religion is the opiate of the People, then Apps are the Designer Drugs, and Devices are the Syringes!

Inject them into your life at your peril!

At least think before you click...
"What am I giving away control of, and why, and can I get it back?"

Remember: We are the Crabs!

(With thanks to the Orrinjohnson.com blog)

Organisations that understand these issues will be empowering us to be in control of our cyber selves, there will be a new breed of corporations that understand that e-trust is something hard to acquire and easy to lose. Which is the best type of Competitive Advantage there is! 

As the Internet of Things takes off, there are likely to be two sorts of organisations, those that seek to lock us in, and make us the product, and those that seek to "Co-Create" with us and make us their loyal partners and customers.

What to do...

Enterprises should ask:
How to invest in a Collaborative Future?
How to avoid cooking your customers? 
How to compete in ways that develop Human Agency?

Governments should ask:
How to legislate to protect Human Agency?
How to achieve compliance?
How to punish the theft of Human Agency?
How to empower the populace? (Education?)

Individuals should ask:
How can we (Co-)create our future?
How do we get out of the pot?
How to support organisations that protect our agency?

For the machines might get to ask; "What benefit do these fleshy things bring to our world?"

Deep down it is about Trust and Values, ours and theirs,
and the ecosystem that will support Human Agency.

Some might call this Freedom, which is surely worth fighting for!

Monday, February 03, 2014

The Missing Commandment

Having been intimately involved in the development of the original Jericho Forum Commandments, https://collaboration.opengroup.org/jericho/commandments_v1.2.pdf there were a lot of hours spent in many fuggy rooms, with drained coffee flasks more often than not, with some very impressive individuals.  It is only now many years afterwards that I realise that we missed a key commandment, arguably the most critical of the commandments.  

Happily there are a number of precedents, for missing a keystone Commandment, the fundamental principle, the prime rule, or key law.  Jesus in John 15:12 did this when he gave us an additional commandment, "Love they neighbour as I have loved you", presumably because he recognised that the original commandment covering this area, relied on human foibles; "Love thy neighbour as you love yourself."

My favourite example of realising a "law" was missing and adding the missing law was achieved by Isaac Asimov after his Three Laws of Robotics:

"1. A robot may not injure a human being or, through inaction, allow a human being to come to harm.
2. A robot must obey the orders given to it by human beings, except where such orders would conflict with the First Law.
3. A robot must protect its own existence as long as such protection does not conflict with the First or Second Law."

After Asimov started to have robots, like Daneel, have impact on humanity, he recognised the need for a Zeroth Law:

"0. A robot may not harm humanity, or, by inaction, allow humanity to come to harm."

Some apparently establish the prime law in their initial attempt, in 2009, Robin Murphy (Texas A&M) and David D. Woods (Ohio State) proposed "The Three Laws of Responsible Robotics" 

The laws are as follows:

  1. A human may not deploy a robot without the human-robot work system meeting the highest legal and professional standards of safety and ethics.
  2. A robot must respond to humans as appropriate for their roles.
  3. A robot must be endowed with sufficient situated autonomy to protect its own existence as long as such protection provides smooth transfer of control which does not conflict with the First and Second Laws.
I suspect that even this set of laws could be manipulated in true Asimov style to posit the need for a Zeroth Law "A Robot may not deploy a robot without embedding these laws within it."

However I digress, and am in danger of starting to explore the areas of ethics and trust, so back to the missing Jericho Forum Commandment. When we created the original 10 Commandments we added an Eleventh to ensure that Secure was the Default position.  At the time we coined the Deperimeterization word, it was clear that we had information security at the fore front of our thinking.   (I got over the 's' vs 'z' spelling tension after I learned that 'z' was originally used in Olde English.) We saw the term had two fundamental meanings, the first to imply that it was a natural entropic force that impacts all information, resulting in reduced integrity and data spread.  The second to imply the existance of a set of external negative forces attacking the structure and value of the data.  Both of these meanings could arguably be covered with what I have recently identified as Anti-Clockwise Security. (Shorthand for having a largely Information Risk Reduction mindset)

The 11 Commandments were split into 5 areas:
  1. Fundamentals
  2. Surviving in a Hostile World
  3. The Need to Trust
  4. Identity, Management, and Federation
  5. Access to Data

So what is the missing Commandment?

The fifth area; "Access to Data", arguably signals that we were discussing the underlying concept of the Zeroth Law in those fuggy rooms.  I posit the Zeroth Law should cover the basic concept that data should not be stored, by interested parties; rather, the relevant information should be accessed.  As an example; an entity should not need to transfer their precise date and time of birth, arguably a critical identifier, to a third party who simply wants to know that they are over 18.  Another example would have the reader, listener, viewer or player being trained to understand that they are no longer acquiring full rights to a physical asset, but they are being given licensed access to digital assets, the two books that I just connected to my Kindle account are such examples.  We are in a transitional era moving from physical to digital, paper to silicon, silo to network, moving from egosystem to ecosystem.

In this transitional era, we are in an age of the "big data grab", whole industries are seeing it as their right to insert themselves into our data streams and hoover up all our data.  See my Samsung & LG TV blog posts.  In the prior "Physical" era we had got used to being able to "own" the intellectual assets of others, and felt we had the right to share the physical instantiation of their efforts, either an Vinyl LP or a Book, with others as we saw fit.  The creation of the Philips Cassette, and latterly Video Casettes even allowed us to make physical copies of such intellectual property, while it was being broadcast by radio and TV.  The artists or authors involved thus lost control over their assets in the physical era, and are still doing so in the transitional era.  Apple with it's iBeacon technology are rolling out a technology that has been architected not to share vast mounts of data, but arguably could be part of a huge hoovering effort, or the start of rolling out the solution, something to keep an eye on!.  As individuals we would do well to consider our digital address books, do we own the rights to all the data in our digital address book?  To this day, I still feel guilty about allowing Plaxo a look at my address book, apologies to any impacted by my faux pas! Hopefully no more than an increase in Spam!

As I have previously stated we need to shift from a privacy focus to an agency focus.  In order to achieve that shift and maintain control over our assets we need a new approach, a new mindset, a prime commandment?

"Owning entities should not allow their data to be uncontrollably stored by others"

Remember In the Jericho Forum we included the following as entities:
    People, Organisations, Devices, Code, and Agents.
We recognised that Agents were a special form of Entity that could be any of the five!

In the address book example implementing such a prime commandment would have the benefit of my address book always being up/to date, and not containing the addresses of folks who no longer want a Christmas card from me! Exploring the other examples I can only see positives, of course we won't be able abuse the assets of others, but surely that would be a good thing?

Oh yes the e-Trust ecosystem that enables this Prime Commandment is yet to be built, so until then consider carefully who you chose to give your data to.

To be clear the above is not the final wording of the Zeroth Commandment, simply my first crack at it...

Improvements welcome.

Aside: Before the Jericho Forum quiesced, we posited the need for a set of Jericho Forum Data Commandments, this would surely be one of the first of these?