Category Archives: identity

Taming Gorrillas

My thoughts keep turning to this effort by the publishers to update the robot exclusion protocol, i.e. ACAP. The current situation with the robot exclusion protocol certainly doesn’t look stable. We are going to get a revision, or substitute to that protocol. But who has the market power, the legitimacy, the technical and legal chops to create one? It just makes your brain hurt!

I think you could say … the current protocol is works. But why? A combination of factors? A gentleman’s agreement (that doesn’t sound stable). A concern that failing to conform would blacken your spider’s reputation. Why wouldn’t search engines wouldn’t associate with such spiders? That the protocol appears to work is surprising. These are very weak drivers.

It’s a great edge case in the world of protocols. It isn’t technically or legally enforced. It is impossible to enforce it technically; and any attempt to enforce it legally would rapidly bring a lot of issues out from under the rug.

It is a case study in the general problem: how to tame a pure public good. In this case information. So the usual circus of issues come to play. “Pee in the pool.” “Information wants to be free.” Copyright. Trade secrets. Privacy. Good manners. I guess it’s possible to imagine a perfect descendant of the robot exclusion protocol what would all me to mark a communication with some metadata that states exactly what purposes I license it for going forward.

Marking pages with permission metadata is exactly what the robot exclusion protocol is doing. Off to one side it says “sure index this” v.s. “no peeking!”. In that way it is almost identical to a copyright license, plus the convention that spiders tend to know where to look for it.

I suspect that something like ACAP is inevitable. I suspect it’s inevitable that the tie to copyright licensing will be strengthened. Spiders can look forward to some regulatory arm twisting.

With the big wealthy content owners on one side and the big wealthy search engines on the other it’s going to be fighting gorillas. That can’t be avoided. A shame really, given the ties to the privacy problem. Since it is tempting consider using copyright law as a lever in licensing limited use of one’s personal data.

Update: Andy Oram offers an interesting perspective.

The Wrong Default

End to end encryption should be the default, but it’s not.  So, I find it interesting to look for the drivers that might change that.  What will create strong enough demand that it will become unacceptable to ever allow any data to move thru public networks in the clear?

Fear of identity theft is one such driver.  A significant portion of the public lives in fear that their identity is at risk because we regularly hear reports of data that has gone missing in transit.  Public fear raises the temperature; but it is a very diffuse driver.
Recently the US congress has been rushing to pass a bill that might create another driver.  Unlike the fear of the general public this bill should scare all of us who move bits around.  Who are these intermediaries?  Well of course it’s the telecommunication companies and the internet service providers.  But, it also all of us who kindly let random visitors use our internet connections.  So if you ever let a visitor to your house use your Wifi you are at risk.  The stick in the bill is a huge fine; 150 thousand dollars for the first offense, and 300 thousand dollars for the second offense.

The kindest way to describe this bill is that if you witness a crime and then you fail to report it you maybe fined.  For example say you glance at your logs and you see some suspicious behavior.  The bill requires that you report that suspicious behavior.  It’s slightly more specific, having a focus on child porn, but it’s also extremely weak on exactly what amounts to suspicious.

My point is not to point out what a obnoxious law this is, but rather to point out how this creates demand for better encryption.  I want a toggle I can throw on my wireless access points that says “Pass no data in the clear.”  Since with such a toggle I can then assert there is zero chance I even had the opportunity to observe the crime.

I think that’s neat.  A driver for a better safer default that targets the intermediaries.  Since I think they are the folks likely to be able to change the default I think this law offers up an interesting class of moves in the game we are playing.    It leads me to a more general question.  What can we do to create incentives for intermediaries to drive the defaults toward safer settings?

Secret of Productivity

housearrest.jpgEvery since reading Ainslie‘s “Breakdown of Will” I’ve be thinking and reading a lot about what might be called self management. I’m currenly reading “Ethics, Law and the Exercise of Self-Command.” There is a delightful quote in this essay:

Social controls play a role; the Times Literary Supplement for January 22, 1982, contained a splendid example, a review article by George Steiner on the life and work of the Hungarian radical Georg Lukacs. “When I first called on him, in the winter of 1957-8, in a house still pockmarked with shellbursts and grenade spliters, I stood speechless before the armada of his printed works, as it crowded the bookshelves. Lukacs seized on my puerile wonder and blazed out of his chair in a motion at once vulnerable and amused: ‘You want to know how one gets work done? It’s easy. House arrest, Steiner, house arrest!'”

That example is splendid, but exceptional and extreme. The student of this stuff should, I think, pay more attention to more pedestrian social controls; e.g. voluntary membership in groups who’s habits we admire and aspire to. The rough edges of voluntary are far more interesting than the strong arm example of house arrest.

housearrest2.jpgThe essay appears in “Choice and Consequence” by Schelling. The topic of this essay is the ethical puzzle of what society can and can not do to help individuals keep their promises to themselves. This is an extended discussion of the curious fact that you can’t make contracts with your self and then go to the court to have them enforced. Schelling’s other essay in this arena “The Intimate Contest for Self-Command” also appears in this book.

Schelling also reached the conclusion I got from reading Ainslie; that the individual is a group of interests who’s governance has so much in common with the governance of other groups that it becomes useful to treat the individual as just like any other hard to manage group.

Meanwhile there is little concensus on what the secret of productivity is.

Regulatory Information Friction

Information is the gold standard of an economic public good, but here we mean good as in trading-good rather than the black and white of good-vs-evil.  There are plenty of examples (personal information, credit card numbers, passwords, trade secrets) where the flow of information drifts quickly into the gray areas.  The physical world used to be a lot more helpful in keeping information flows in check; the clay tablets got broken, the papers could be burnt, the walls contained the whispers.

There is nothing inherently immoral about creating regulatory barriers to increase the friction of information flows.  We do this a lot: copyright, patent rights, privacy laws, gambling, pornography, restrictions on free speech, digital rights management.  Questions about what we want from such regulatory mechanisms do, of course, need to be balanced off against questions about what can be effectively implemented.

Recently in my town private emails between some town employees were publicly revealed.  Many people seem to feel that these emails are should be public record since government mail servers were involved in the exchanges.  My reaction: “Wait till it happens to you.”  This lack of sympathy for other people’s privacy seems widespread.    Along these same lines I’m quite quite sympathetic to the lame attempt of these workers to limit the extent that workplace monitoring has on their privacy.

The means they chose is bogus, since it’s not implementable; but I’m entirely comfortable with the idea what we need to find ways to limit the flows of this torrent of information we are creating which enables pervasive monitoring of our every moment and action.  I’m not terribly sanguine that we can find such regulatory frames; but we should be looking hard.  That each time somebody attempts to find one we all make fun of them isn’t really terribly helpful.

Identity is a Story

I like “Identity is a Story“. Story is a very nice metaphor for what most people mean when they talk about some thing’s identity. He quotes:

Rorty says in her introduction:

“Why are we interested in someone being the same person, and not merely the same human being or physical object? One reason is primarily retrospective: we need to know whom to reward and whom to punish for actions performed when “they” were acknowledgedly different in some respects from the present population. But we have more forward-looking reasons as well: we want to know what traits remain constant so that we can know what we can expect from the persons around us. We assign crucial responsibilities to individuals, assume important continuing relationships to them in the belief that certain of their traits are relatively constant or predictible.”

and then goes on to suggest that the useful definition of identity is as a story.

The story metaphor is very nice. It’s very rich and complex. Stories have chronology, characters, statements, a story teller; and often a hero. The story creates an identity for the hero. Which is just one of many such stories. The story teller is sometimes omniscient; and this is how some people view the modern state, but sometimes he’s just another protagonist.

Implementors of simple identity systems often mistake account relationship for identity. In the story model of identity we don’t need to call it a mistake because it is just a particular kind of story.  One with only two characters, and usually the story teller is the implementor and his product manager.

gaze at the moon till I lose my senses

Digital identity systems have a natural progression. They are introduced first in applications where the individuals being identified are weak and powerless. That pays for the first copy costs, creates an installed base of craft knowledge, debugs the technology, clears questions about how to use the system in practice, sets standards. It is then resold to communities where the identified individuals are, at least going in, less powerless; but yeah it’s a cheap proven system. So if you want to see the future you need to look at how industry solving identity problems for the powerless, e.g. cattle, prisoners, children, shipping containers.

Here’s an example that’s actually a bit different. The start up costs of this system were paid to identify one largely powerless population, i.e. prisoners, but it’s moving not toward a more powerful one; but toward a less powerful one, i.e. cattle. Virtual Fencing for cattle. It’s an obvious idea of course. Each animal wears a collar and with the help of GPS tracking they are taught to remain within the bounds of the virtual fence, and then you can move the fence around to manage your pastures. (Great, we are back to the turf maintenance and ground-cover problem again.)

I am reminded of the cowboy’s lament

I want to ride to the ridge where the west commences
And gaze at the moon till I lose my senses
And I can’t look at hovels and I can’t stand fences
Don’t fence me in.

Appalachian for OpenID

The group I’m involved with, as my job, has released some software: Appalachian, an OpenID add-on for Firefox 2.x. It’s under a BSD style license. It helps you manage multiple OpenID, and smooth the process of logging into sites using OpenID.

OpenID is a good example of a solution that has lots of benefits and lots of risks. It sits in that part of the risk/benefit plane where our brains don’t like to sit.

It’s great because it has strong adoption drivers: not to hard for web sites to use, not too hard for users to understand, and easy for lots of identity providers to add to their offerings (and more importantly it’s very good for them). So, it’s very likely that OpenID will get a slew of adoption.

It’s risky because it encourages people to adopt a single global identifier; and that’s bad because it makes it easy for arbitrary 3rd parties to aggregate data about them.

The global identifier problem in internet identity systems is a puzzle. If you hang out with Semantic Web people for a while you begin to see a picture of the future were by giving every entity it’s only URI we can then casually make statements about those entities. How many URI denote the same entity quickly becomes a problem to which all the social sciences have something to contribute.

I have a strong opinion about this. I think entities should have more URI, not less; but that it is the nature of our technology that we are likely to rapidly head in exactly the opposite direction. I.e. what I want is entirely in conflict with what I believe very strong forces are going to deliver.

So I’m curious about how to fight back. For example how could we enable users to have billions of OpenID, rather than one (or a handful)? Appalachian is, among other things, a step in that direction.


Dick Hardt from Sxip Identity draws our attention to a new light weight identity solution from, your not going to believe this, 3M! I agree with Dave Wiener’s point that the emerging Internet generation treats identity in fundimentally new ways, so while this solution is not conformant with standards, on many levels, it is both long tail, user centric, and quite sticky. Update: you may need to widen to get the big picture.


Today I noticed this ad offering to reimburse you for getting a passport.  $157 per adult.  I felt some sympathy for the advertiser, an island in the Caribbean.  A place people go for the weekend; well they used to.  The island tourism folks woke up recently to discover that numbers where down and they have discovered that the newly increased tedium of getting a passport has caused huge numbers of idle travelers to decided to, well, just go someplace else.

When my 1st son got his learner’s permit it took us three trips to the registry before we managed to accumulate enough documentation to convince them to let him have the learner’s permit.  My 2nd son submitted his first pay check’s stub rather than the check and the bank called to correct the error.  A bit got set on his account that didn’t get cleared.  So the ATM ate his bank card.  It took months to get a replacement card since his school was yet to issue the ID card they required.  All N of my financial institutions have recently insisted that I add four security questions, including one involving a photograph; which is a pain since I share access to these accounts with my spouse so all 30 odd questions and their answers all have to be in some shared location.  We recently got new passports, a project that was at least a dozen times more expensive and tedious than doing my taxes.

I once had a web product that failed big-time.  A major contributor to that failure was tedium of getting new users through the sign-up process.  At each screen they had to step  through we lost of 10 to 20% of our customers.  Reducing the friction of that process was key to our survival.  We failed. It is a thousand times easier to get a cell phone or a credit card than it is to get a passport or a learner’s permit.  That wasn’t the case two decades ago.

The Republicans have done a lot of work over the last decade to make it harder to vote; creating additional friction in the process of getting to the polling booth.  The increased barriers for getting a drivers license, passport, etc. are all part of that.  This make sense because now, unlike 30 years ago, there is now a significant difference in the wealth of Democratic v.s. Republican voters.

Public health experts have done a lot of work over the decades to create barrier between the public and dangerous items and to lower barriers to access to constructive ones.  So we make it harder to get liquor, and easier to get condoms.  Traffic calming techniques are another example of engineering that makes makes a system run more slowly.

I find these attempts to shift the temperature of entire systems fascinating.  This is at the heart of what your doing when you write standards, but it’s entirely scale free.  Ideas like this are behind the intuition of some managers who insist on getting everybody in the team working in the same room with no walls between them.

In the sphere of internet identity it is particularly puzzling how two counter vialing forces are at work.  One trying to raise the friction and one trying to lower it.  Privacy and security advocates are attempting to lower the temp. and increase the friction.  Thus you get the mess around the passport, real-id, and the banks.  Wearing that hat it seems perfectly reasonable that one should present photo id when you vote, or have your biometrics captured if you cross a boarder.  On the other hand there are those who seek in the solution to the internet identity problem a way to raise the temperature and lower the friction.  That more rather than less transactions would take place.  That more blog postings garner good coments, that more wiki pages will be touched up, that more account relationships will emerge rather than less.

Of course the experts in the internet identity space are trying to strike a balance.  It’s clearly one of those high-risk high-benefit cases that people have trouble holding in their head.