Identity Privacy 2009

Uploaded on

Presentation delivered at Identity Privacy 2009 in London on 14th May 2009

Presentation delivered at Identity Privacy 2009 in London on 14th May 2009

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads


Total Views
On Slideshare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide
  • I am a creature of the web and have been for the last 15 years. First as a user, glad of the new ways of doing things, then of doing things I couldn't do before and later as someone trying to make some sense of it all to help others. But only in the last year or so I have started to see as identity as something far more fundamental to the various web phenomena than it might appear at the first glance.
  • Many buzzwords today on the web, so why talking about identity? Because I believe that what is happening on the web, underpins the social web development, collaboration, sharing etc – it has to do with the ability to have impact, a fundamental human drive, self-determination. In the process, people are discovering their identity as defined by them
  • There are roughly two perspectives to take when thinking about identity:
  • The systemic view, which involves institutions such as government & centralised systems where the debate revolves around privacy, or efficacy of technology to main it, rights of the individual and (in)efficiency of bureaucracy in managing identity.
  • Then the individual view, which is mostly provenance of philosophy and psychology where the discussions are about meaning of life and our place in the scheme of things and questions such as 'who am I?' and 'what forms me?' etc.
  • There is another distinction that has become obvious in the last few years... Off-line:
  • Offline identity is system-centric – it is third party-driven, centralised, read-only, and static
  • We are what our papers say we are: Our passports and driving licence are treated as our 'identity'. They are also used for authentication, which is in theory separate from identity, if not in practice. - driving license is a authorisation to drive - to drive on the roads is a privilege - the driver number is an identity, not the same as you
  • There is a good reason for it and that is the hierarchical organisation of the offline world. Definition of the hierarchy: objects are directly linked to immediate superiors or to subordinates, no direct links to peers. This means that all our transactions depend on third parties higher in the system – your credit card, driving license, various Ids etc. Perhaps the only non-hierarchical transaction offline is barter and family.
  • Online has changed that and... or at least provided an alternative
  • We are what we say we are I chose the example of geriatric1927, 81 year old Peter who decided to share his life with his audience on YouTube. [ 26s into the video for about 3 minutes he talks about himself and why he feels compelled to explain to people who he is and where he is coming from]. It is not just silly teenagers, but anybody and everybody can experience the sense of defining and driving their identity.
  • And how others see and relate to us - important part of our identity is relationships with other people.
  • This is much closer to my real identity. As close as an individual without access to the media or a public platform could get. I am what I say, how I behave, and how others see me and relate to me. It is the sum over all of my online presences.
  • Online identity is individual-centric – it is self-driven, distributed, read-write, dynamic
  • In short, it is a network and a heterarchy: definition - each element sh ares same horizontal position of power and authority, playing theoretically equal role That is why such network seems to be an ideal environment for maintaining the balance between defining myself and letting others defining me too. What happens when hierarchical models are imposed or introduced into a network? Just look at what's happening online... dis-intermediation, in business and media, by passing of authority, the nature of credibility has expanded.
  • The fundamental shift is that what has been seen as the end users, the audience, the consumer, the destination for products and services have become part of the process; media and information distribution – your audience is your distribution (search audience images)‏ - the consumer no longer consumes but creates and produces - the audience no longer watches but passes on and distributes - it is not that the players in the process are equal, but that the balance of power has been shifting - (I want to talk about how this can be to the benefit of both sides)‏
  • I can drive my own ‘identity’.
  • Most of the time, online Identity seems to mimic the offline approach in considering our logins and passwords to various sites and platforms as our identities. I think of them NOT as my identity, but as something I currently need to access bits of my ‘real’ identity. They are shortcuts to my identity and, just like my passport or business card, they are, at best, my meta-identity.
  • There are two kinds of personal data
  • One kind of personal data is mostly static, your address or phone number can change from time to time, and although it is possible to change your name, the date of birth or your mother’s maiden name is unchangeable. xxx This is the *last* kind of information I would share online, usually if it is required for a transaction, and even then I think twice.
  • The other kind, proliferating with the advent of the social web, is the 'data pertaining to a person'. This data is dynamic, at any time only a snapshot of the person and the more data can be created and captured, the more granular and valuable it can become. On the web such flows of data often act as a proxy for a relationship. People subscribing to my blog, Friendfeed, Twitter, Facebook updates etc. perceive such data as personal, as in related to my person and yet, its existence revolves around sharing it with others. As a result, we have few means of harnessing the dynamic data i.e. making it work for us further, though we have many ways of generating and communicating it.
  • On the social web, the number of third-party defined spaces designed to ‘contain’ bits of my data - photos, content, relationships, transactions, purchase history, locations, knowledge, privacy requirements - - - grows by the week. They allow me to create stuff and share it with others online. This is all good and empowering. But over time, my fractured existence across various platforms becomes evident. Currently, I lack the means to perform three simple functions - capture, manipulate and share my data on the web before and above anyone else and on my own terms. I believe that being able to do this consistently over time will enable me to establish and drive my own identity.
  • I want to take charge of my stuff and play with it - analyse, mash-up and otherwise manipulate it according to my needs and preferences, then share it as part of my relationships on the web. I want a place where my data lives in its raw unrefined form and is under my control so I can apply functionality that helps me do what I want. The idea is to put a Chinese wall between those who provide functionality and those who store data. Mine! is predicated on separation of the two.
  • . ..via feeds. Currently the most common uses of feeds are either public ones (e.g. a blog) or private / semi-private data streams requiring basic authentication to access (e.g. facebook, twitter) publishing one set of data to all who choose to subscribe. As the publisher of data I have no real control over who subscribes to it. Mine! is designed so that feeds can flow from it and maintain my autonomy as far as possible. Hence the condition that I can cut off the feed at will. The Mine!feed is to Mine! what RSS or Atom feed is to a blog. The crucial difference is that I decide not only what gets published but also who gets to see it, at least with regard to the “first order audience”.
  • Through controllable Mine!feeds my data can be used to maintain and enrich my relationships. Mine! allows me to audit and cut off my data flows. There is a difference between one-off sharing of static data - data dumps - and continuous data flows. Mine! gives users ability to retain fundamental control over the latter. By control, I don’t mean ‘DRM on your data’, I mean ability to be granular with your data-sharing according to relationships, exposing that data via “feeds”. Feeds are designed for distribution of data and objects that I create and want to share.
  • My approach to Identity (and by extention to Data and Privacy) presumes the user to be ready to take a role as an equal participant in the web. As a user I do not want to be a profile page in someone else’s silo, I want to be an autonomous node able to directly participate in web protocols. I want to be enabled, not provided for.
  • owned identity - data & sharing -> privacy relationships and trust-based identity - transactions transitive identity - scale that beyond first level or direct relationships do all this in a networked environment that is not a priori hierarchical
  • the questions are, given that Identity is in fact, meta-identity what can be done? - keep it separate, don’t confuse the two - empower individuals where possible to own and drive their own identity - outsource data management to customers, users, individuals


  • 1. Identity & VRM Adriana Lukas VRM Hub & The Mine! Project @ Identity and Privacy 14 May 2009
  • 2. Why identity?
    • self-determination
    • impact
  • 3. What is identity?
  • 4. Systemic view
    • governments
    • centralised systems
    • privacy
    • rights of individual
    • bureaucracy
  • 5.
    • philosophy
    • psychology
    • meaning of life
    • “ who am I?”
    Individual view
  • 6. Off-line
  • 7. System centric
    • third-party driven
    • centralised
    • read-only
    • static
  • 8. We are what our papers say we are
  • 9. objects are directly linked to immediate superiors or to subordinates, no direct links to peers Hierarchy
  • 10. Online
  • 11. We are what we say we are geriatric1927 = 79 year old Peter
  • 12. And how others see us and relate to us
  • 13. Social identity
  • 14. Individual centric
    • self-driven
    • distributed
    • read-write
    • dynamic
  • 15. Network
    • heterarchy: each element shares same horizontal position of power and authority, playing theoretically equal role
  • 16. “ Consumers” create, produce & distribute
    • People formerly known as audience
  • 17. ‘ Self-driven’ identity
  • 18. Identity = meta-identity
  • 19. Two meanings of personal data
  • 20. date of birth address phone number passport number social security number mother's maiden name Personal data
  • 21. created, collected and shared by a person activity streams Social data
  • 23. My data
  • 24. Mine! feeds
  • 25. Feeds = Relationships
  • 26.
    • R elationships on
    • I ndividuals’
    • O wn
    • T erms
  • 27. Individual as IdP
    • digital detritus
    • self-driven identity
    • owned identity
    • relationship & trust-based identity
    • transitive identity
  • 28.
    • web
    • social web
    • VRM & the Mine! project
    • ?
    • ?
  • 29.
    • [email_address]