My friend Allison Fine finally got her book published – Momentum: Igniting Social Change in the Connected Age. On her blog she writes about engaging with the digital world. Her perspective is great because she is relatively normal. Living outside New York with her husband and three sons. She understands the power of the web to transform things but also isn’t technical enough to deal with all the usable stuff that some how we here in the Valley think is usable.
I got to talk with her while she was writing her book and she included a section on Digital Identity along with giving me the closing quote of the book.
Here is the Digital Identity section:
I must preface this by saying that when I was talking to her about 9 months ago it was not clear that OpenID was coalescing the way it has. I am going to work with Allison to see if we can get an update on her blog saying that YADIS is really receded into the background and OpenID is where it is at.
The Internet has grown up in such a topsy-turvy manner that there have not been any standards for protecting the identity of users. Even though we may try to opt out of potential spam, almost every Internet user has made the mistake and logged into the wrong site, one that didn’t care about privacy. The result was a flood of e-mails opening up an astonishing world of genitalia enlargements and enhancements. You may have devised your own pass codes but the companies you logged into own them, and by logging into their systems you have given them the right to use that information for their own purposes even if they do not sell it to others.
According to a paper released in 2005 by Microsoft, “Online identity theft, fraud, and privacy concerns are on the rise, stemming from increasingly sophisticated practices such as ‘phishing.’ The multiplicity of accounts and passwords that users must keep track of and the variety of methods of authenticating to sites result not only in user-frustration, known as “password fatigue,” but also insecure practices such as reusing the same account names and passwords at many sites.” (the term phishing refers to the practice by scam artists of sending out official-looking messages in an attempt to trick people into giving them their pass codes and other digital-identity information.)
My digital identity is the information that others know about me through my online interactions. I keep a folder on my computer that contains the different pass codes and registrations I have online. It is an ever-growing list that includes news sites, travel services such as Amtrak and airlines, memberships for activist groups and products and services such as recipes and Amazon.com. All these sites have at least my e-mail address. And these are the logins and information that I know about. Who knows what permissions I have given to companies by clicking on various end-user licensing agreements for various software and websites! Susan Crawford , an expert on digital law and privacy, has written, “Some part of identity is controlled by the individual, but most of the identity is crated by the world in which that individual operates. We can think of identity as a streaming picture of a life within a particular context. Each of us has multiple identities. The sites we click on, whether a link on an e-mail or a page on a website, are carefully registered, analyzed, and sometimes even sold by companies trying to capitalize on and profit from where our eyes have gone.
Attention Trust, an activist organization in San Francisco Bay Area was created to counter this trend. Attention Trust advocates that any site we, as customers and citizens are looking at is our ‘attention,’ and that this attention is both valuable and private. The organization is pressing for increased disclosure by trackers of data they are collecting and how they are using these data. Attention Trust wants to shift the ownership of our attention away from companies towards individuals.
Worrying about spam and feeling the need to constantly invent and reinvent pass codes and new online identities are taxing our imaginations and patience. In the absence of face-to-face contact, you cannot know who you are interacting with online and what their intentions are. A push back on digital identity has begun. For instance, decoupling cell-phone numbers from cell phones was a victory for individual users over the telephone companies.
But, what would happen if we flipped the digital identity equation and required service providers to ask permission to user our identity only in certain preferred ways? This is where Identity Commons, YADIS (Yet Another Digital Identity System), and similar efforts come in. Digital Identity efforts, sometimes called user-centric efforts, are building rules, tools and frameworks for open, trusting online networks. The internet has developed in stages. The first stage, when the internet was still a project of the Defense Department, established an open electronic network relaying information quickly and safely between scientists. The second stage when the World Wide Web was introduced in the early 1990’s opened the Internet up to users who were not techies – both individuals and businesses, both legitimate and nefarious.
The next stage of Internet development is combining the best of the first two stages: the open trusting connections formed in the first stage and the usability and scale of the second. Digital identity is a critical aspect of this third stage of development. The responsibility for creating new identities to access information or sites now resides entirely with the user or customer. But now efforts are being made to develop software tools, including new universally unique identifiers (UUIDs) that can be used instead of e-mail addresses. UUIDs are like Social Security numbers; users can choose whether to share them with others. These new systems allow you, the owner of the identity, to create a profile of yourself once, and allow to use parts of it on request. So, for example, I might give the New York Times permission to use my e-mail address but for one year and for updates only. I might also choose to give the Red Cross my e-mail and home address and my telephone number so that they can alert me to emergency situations and let me know how I can help locally.
The next generation of digital-identity systems returns control of information to individuals and away from companies and spamers. New digital-identity systems represent a gigantic shift from the way the internet currently works. It reverses the polarity from crating numerous identities that go into sites never to be seen again (And potentially sold or shared unwittingly with others) to sites’ coming to you and asking permission to use parts of your identity that you control. The new way is back to the future, back to the way the original architects of cyberspace envisioned relationships being formed and information being shared online.
The Book Closing:
As long as we have social problems to solve, we need to keep searching for a better way. This need has been urgent for some time, and with each passing day of government inaction it becomes more so. As we have seen in Momentum, such broad, positive and sustainable change is possible in the Connected Age.
Kaliya Hamlin, an activist, advocate and blogger perhaps put it best when she said, “Social change is happening. People are exchanging ideas, learning from one another and learning to trust one another in new and different ways, particularly….strangers. This process will lead to new and different ways of tackling existing problems — we don’t have to come up with solutions, we just have to get out of the way of passionate people and good ideas will emerge.’