My friend Allen who was at Brookings got a job with NTIA to figure out what issues to focus on and how to get multi-stakeholder collaboration on cyber security issues. Because he asked me to respond I took the time to give him my thoughts and input drawing on my experience with the attempts by NSTIC to do this same thing. Here is the PDF document. IPTF-Kaliya-2
I will in time work to publish it in blog sized sections online so it is more internally linkable (starting with an index from this post). Until then enjoy.
Collaboration
Info Sharing Agreements! Support it! Make it Real!
Joe Andrieu and the Information Sharing Working Group has put a lot of work and effort into creating a Standard set of Information Sharing Agreements represented by a standard label. They want to invest in user -research to make it really work.
I am putting in $100 and I encourage all of you to do the same. They need to raise $12000 in the next 8 days.
See the Kickstarter Campaign here.
Recent Travels Pt1: IIW
IIW is always a whirlwind and this one was no exception. The good thing was that even with it being the biggest one yet it was the most organized with the most team members. Phil and I were the executive producers. Doc played is leadership role. Heidi did an amazing job with production coordinating the catering, working with the museum and Kas did a fabulous job leading the notes collection effort and Emma who works of site got things up on the wiki in good order.
We had a session that highlighted all the different standards bodies standards and we are now working on getting the list annotated and plan to maintain it on the Identity Commons wiki that Jamie Clark so aptly called “the switzerland” of identity.
We have a Satellite event for sure in DC January 17th – Registration is Live.
We are working on pulling one together in Toronto Canada in
early February, and Australia in Late March.
ID Collaboration Day is February 27th in SF (we are still Venue hunting).
I am learning that some wonder why I have such strong opinions about standards…the reason being they define the landscape of possibility for any given protocol. When we talk about standards for identity we end up defining how people can express themselves in digital networks and getting it right and making the range of possibility very broad is kinda important. If you are interested in reading more about this I recommend Protocol: and The Exploit. This quote from Bruce Sterling relative to emerging AR [Augmented Reality] Standards.
If Code is Law then Standards are like the Senate.
Alignment of Stakeholders around the many NSTIC Goals
The Many Goals for the Identity Ecosystem & NSTIC Governance
The NSTIC governance NOI articulates many key activities, qualities and goals for a governance system for NSTIC. NSTIC must:
- convene a wide variety of stakeholders to facilitate consensus
- administer the process for policy and standards
- development for the Identity Ecosystem Framework in accordance with the Strategy’s Guiding Principles
- maintain the rules of participating in the Identity Ecosystem
- be private sector-led
- be persistent and sustainable
- foster the evolution of the Identity Ecosystem to match the evolution of cyberspace itself.
Achieving these goals will require high-performance collaboration amongst the steering group and all self-identified stakeholder groups. It will also require earning the legitimacy from the public at large and using methods that surface their experience of the Identity Ecosystem Framework as it evolves.
[Read more…] about Alignment of Stakeholders around the many NSTIC Goals
Proactive Development of Shared Language by NSTIC Stakeholders
This is the “punchline section” (in my response it is after what is below…the history of collaboration in the identity community):
Proactive Development of Shared Language by NSTIC Stakeholders
In 2004-5 the Identity Gang (user-centric identity community) was 1/10 the size of the current NSTIC stakeholder community. It took us a year of active grassroots effort to develop enough common language and shared understanding to collaborate. NSTIC doesn’t have 5-10 years to coalesce a community that can collaborate to build the Identity Ecosystem Framework. To succeed, the National Program Office must use processes to bring value and insight while also developing shared language and understanding amongst stakeholders participating.
[Read more…] about Proactive Development of Shared Language by NSTIC Stakeholders
Ecosystems Collaborate using Shared Language – NSTIC
Collaboration is a huge theme in NSTIC. Below is the initial approach to collaboration in the document:
The National Strategy for Trusted Identities in Cyberspace charts a course for the public and private sectors to collaborate to raise the level of trust associated with the identities of individuals, organizations, networks, services, and devices involved in online transactions.
Collaboration, as defined by Eugene Kim, a collaboration expert and the first Chief Steward of Identity Commons, occurs when groups of two or more people interact and exchange knowledge in pursuit of a shared, collective, bounded goal
To achieve the challenging goals set out in NSTIC, such as raising trust levels around identities, high performance collaboration is required. Both shared language and shared understanding are prerequisites for high-performance collaboration.
This is a powerful excerpt from Eugene Kim’s blog about two experiences from technical community participants (including Drummond Reed from the user-centric identity community) that paints a clear picture of the importance of time for, and the proactive cultivation of, shared language:
[Read more…] about Ecosystems Collaborate using Shared Language – NSTIC
What the Heck is Identity Commons?
The purpose of Identity Commons is:
The purpose of Identity Commons is to support, facilitate, and promote the creation of an open identity layer for the Internet — one that maximizes control, convenience, and privacy for the individual while encouraging the development of healthy, interoperable communities.
This one sentence jams a lot into it – we tried to do that so the purpose didn’t go on and on – but was clear, broad and inclusive of the range of issues that need to be addressed and balanced. Jamming so much into that one sentence also creates a challenge – it has to be ‘parsed’ quite a bit to get what it all means. I worked with Chris Allen recently to separate out the values within the purpose and our community. This is our initial draft that is still evolving (wordsimthing suggestions are welcome).
We believe in the dignity of human individual in the context of the digital world.
In order to make this true we strive for a balance of factors and valuesas digital systems and tools evolve:
- Individual control, convenience & privacy
- Sharing of information when participating in community
- Support for commercial and non-commercial exchange
- Interoperability and openness between systems
We work to bring these values into practice by fostering a collaborative a community of individuals, organizations and companies share these values and are working together towards practical technical implementations.
We share a pragmatic idealism.
We work to practice what we preach and have openness and transparency in what we do.
We do know there are a lot of technical social and legal issues that arise and Identity Commons is a space that make it possible to in a non-directive non-hierachical way address them in a collaborative way.
We also have some shared principles mostly concerning how we organize ourselves and work together. Each has a sentence to articulate it further.
1. Self-organization
2. Transparency
3. Inclusion
4. Empowerment
5. Collaboration
6. Openness
7. Dogfooding
What the heck is an “open identity layer” – well we don’t exactly know but we do have a community that has come together some shared understanding and continue to ‘struggle’ with what it means and how it should work. Identity Commons provides a ‘common’ space to work on this shared goal by facilitating dialogue and collaboration.
Kim Cameron introduced the terminology “identity meta-system” and articulated what that might mean. The Laws of Identity were put forward by him along with some additional ideas by other community members.
There is no “decider” or group of deciders or “oversight committee” as part of Identity Commons ‘directing’ the development of the “open identity layer”.
We are a community collaborating together and working to exchange information about our independent but related efforts working towards the vision. The way we do this is via the working group agreement.
- Asking each working group to articulate its purpose, principles and practices by filling out a charter – this helps us be clear about how different groups work and what they do/are planning on doing
- Stewards review proposed working group charters – ask questions, consider were there are synergies, and see if they are aligned with the purpose and principles
- A vote of the stewards council is held
- Working Groups agree to report quarterly on their activities to remain active as groups of the organization – this also is our core ‘inter group communication mechanism – so that you don’t have to be on 20+ mailing lists to know what is going on in the community.
More about Stewards:
Each working group has one steward and an alternate for the stewards council.
The stewards are responsible for the things IC holds in common – the brand and its integrity and common assets (like the wiki and bank account). It does not ‘direct things’.
Stewards have (an optional) monthly phone calls and discuss and make decisions on a mailing list (that anyone can join).
More about Working Groups:
There are working groups within Identity Commons that support the community collaborating – the stewards council does not ‘run’ these groups but they serve the community and our efforts together- The Internet Identity Workshop, IC Collaborative Tools, Idnetity Futures, Id Media Review, Identity Gang, Marketing and Evangelism.
Working Groups come in several forms:
They can be an group of people with a passion to address something they feel needs to be addressed to get to the big vision. They want some wiki space and a mailing list to talk about the issues. Examples include Enterprise Positioning, Inclusive Initiatives, Identity Rights Agreements.
They can be an existing project that are part of a larger organization, Higgins is an example of this – they are a project of the Eclipse Foundation.
They can be something that grew out of conversations in the Identity Commons community and found a home within another organization like Project VRM (charter) has as part of the Berkman Center and will likely become its own ‘organization’ independent of Berkman by the end of the year.
They can be completely independent nonprofit organizations with their own boards, governance, bank account etc. examples include XDI.org and OpenID.
Some just get technical stuff done as part of IC like OSIS (doing its 3rd Interop at RSA in a month), and Identity Schemas.
Benefits to being explicitly a part of the IC Community.
clarity about each groups purpose, principles, and practices – so that collaboration is easier.
sharing of information via the collaborative tools and lists, along with the required quarterly reporting,
We “don’t know” what an identity layer looks like but we do know it needs to have certain properties to make it work for people the extensible nature of IC gives people the freedom to start a new group that addresses an aspect of the vision. This is the page on the IC wiki that explains our organizational structure.
We are a community.
We are a community more then “an organization” and joining does not mean subsuming a group identity under IC but rather stating a commitment to a shared vision, common values and commitment to collaboration.
A touch of formalism can help create great clarity of group pratices (governenace), leadership, intention, and focus. Not needed for small groups of 12 people doing one thing- helpful when you scale to the 1000’s of people working on the big vision. IC through its groups structure has 1000’s of people participating helping to innovate the technology and think about the social and legal implications.
We are not about “a solution” or “a blue print” there will be multiple operators and multiple standards – yes like the web there may one day be ‘standard’ that emerges just like TCP/IP did and HTML/HTTPS – however it is way to early to promote or be behind “one” thing, it is not to early to start collaborating and building shared meaning and understanding and interoperability between emerging efforts.
Identity problems in the digital realm are as much about technical issues as they are about the social implications and legal issues. Identity Commons explicitly makes space for the social and legal issues to be deal with in relationship to the technologies as it evolves.
In closing there is a background (shorter) and a history (longer) written about the community as it evolved.
Data Sharing Summit 2 – questions to figure out
So I am working hard to pull the details together for the 2nd Data Sharing Summit. This is not an easy task given it is a risk to make commitments to venues and vendors – to make it possible to host the event.
This is an option that would give more time to organize and dove tail nicely with related work in the identity community
OPTION 4 – have it begin Wednesday and continue Thursday May 14-15 immediately following the Internet Identity Workshop
There is also the possibility of having something near Web 2.0 Expo the weekend before seems to make more sense to people are not completely wiped out from a weekend of partying and conferencing.
One of the reasons for this is that I know people come from out of town to attend Web 2.0 expo and some for several weeks so that there will be people in town who would not otherwise come ‘just for this event’.
We currently have 2 venue/time/space options
1) in Downtown SF but only can have at maximum 120 people and only 3 breakout rooms beyond the main space – this would be for Friday and Saturday the 18th and 19th. We would be restricted tot use from 8-5 pm.
2) in Mountainview at the Computer History Museum – a beautiful space that we would have to pay for but could hold up to 500 people and would only be for Saturday the 19th. It could go from 8 am to 8 pm+ even. We could feed folks breakfast lunch and dinner along with a barista.
Either way we will be charging money for the event about $100 – and working on raising sponsorship money. I believe events should be funded both by the people who do attend AND by sponsors. This helps create balance and by paying money to come people make a commitment to ‘be there’ for the event and the organize can plan for their attendance.
I am trying to get a read on what will work best.
I am still asking Lucy to put in OpenID for commenting on my blog and she still can’t get it to work even in dialoguing with Pam about it. So if you want to chime in you need to email me kaliya (at) mac (dot) com.
The third option people have put forward it so have it on an ‘large’ tech companies campus and I have said that doesn’t work cause the topic is neutral – so this is not an option in my mind.
The Answer
The Question:
The one question I have about this collaboration announcement why Cordance, NetMesh LiveJournal or of SixAppart were not listed in the announcement.
The Answer:
Every PR department from every company has to get involved. Each has a constituency and message that it wants to be clear. Every time a change is made it has to go everyone else for approval, often provoking a further change, and so it just takes time.
Kim I hear you about this and it is a legitimate explanation if you are dealing with ‘big companies.’ Last time I checked you only had to call two people to check in with NetMesh and Cordance as neither has PR departments. My guess is they would have noded yes to the announcement and would have been very happy to participate without more attention overhead. I think when you are dealing with as tightly knit a community of little companies who are collaborating deeply (perhaps how tightly knit was not obvious to you) it is good to be inclusive. It also seems a bit unfair to highlight those two over the others given the magnitude of this PR (500k people had watched the keynote via the web). Even though you say this “Nor was this meant to be PR as such” the truth is that for companies of the size they are it is a BIG deal in PR terms to be on announcement like the one you released yesterday.
Hopefully things will be smoother in the future with the formation of the Foundation for OpenID more official it will be easy to figure out who to talk to about these sort of ‘announcements.’
No answer to my question yet.
The one question I have about this collaboration announcement why Cordance, NetMeshand other companies who have made major contributions and have critical stakes in the OpenID community were not listed in the announcement. I know it was pulled together very quickly but I think the contributions of those two companies have been extensive and deserved mention (and yes! they do have ‘code’).
There was no mention LiveJournal or of SixAppart or Brad Fitzpatrick the originator of OpenID.
I hope that in the future we can work to be more inclusive and uplift all the main contributors to these efforts.
Heading to SuperNova
I am writing this whole post on the lovely highway style bus that runs a block from my house and takes 1/2 an hour to get into San Francisco. It is free today cause it is a ‘spare the air day.’ I am going to SuperNova and will be blogging on their site today.
I flew back from Boston yesterday even detouring through Long Beach so I could get a 11:30 flight but still be back by 4:45 to make the SuperNova party last night. I went with Brad Topliff from ooTao and we made some great connections. The lightbulbs are going on that tapping into a functioning identity layer and user-centricity would make a lot of sense for there business models. Today at the conference there will be a session called ‘Who owns you” similar to where I just came from – “Who controls and protects the digital me?”
We had a great time on the third day of open space. the venue was not totally ideal. We got to hold sessions outside and we had sessions around tables and in corners of the main lower atrium of MIT media lab. It would have been good to have breakout rooms and I know at the Identity Open Space in Vancouver there will be.
All reports are that launch for i-names went really well.
Citizen Action Team – distributed disaster help matching
One of the most impressive things that I saw at the Organizers Collaborative Conference was the Citizen Action Team. In the wake of Katrina they build a Ruby on Rails Database to match donors offerings of help to groups and institutions who need help. The demoed the database and it was really impressive.
We are a politically unaffiliated, independent group of volunteers that have come together to provide supplies to folks of the hurricane ravaged Gulf coastline. We are serving the least served areas. We are working directly with shelter relief teams in areas such as Lafayette and Baton Rouge, LA, Gulfport and Hattiesburg, MS .
This list will grow as we pin-point and identify needs of other under-served, under-supplied pop-up shelters in the most needy areas. Our campaign begins by establishing need, supplying the basics and then gauging what next will most aid “our” shelters. With efficiency tempered by compassion, we stay in close contact, following donations from collection to distribution. We have established warehouse operations in Lafayette, Gulfport and are now developing other locations.
Hopefully in the next big disaster there will be a real digital addressing infrastructure working to make it even more efficient.
New Newsreader Needed -Help
I have been using NetNewsWire since I began reading blogs. The trouble is that it is WAY SLOW. Does anyone have a not slow client side mac RSS reader they like?
I can’t stand what I have now it takes like 5 seconds to move from one post to the next. I know I have a lot of posts – cause I am keeping way more posts then I actually read. I do this cause so far there are not good engines that let me search small slices of the blogosphere well. So saving them on my computer seems like the way through.