Archive for the ‘League of Technical Voters’ Category

Stakeholders in Govt

Monday, August 10th, 2009

The biggest problem I see in Government is that most things are too abstracted in regards to accountability.

Who really do govt workers answer to? Is it really the citizen? we laugh at the crazy person that says to the govt worker “I pay your salary.” But isn’t it true. Doesn’t is illustrated our frustration with government bureaucracy in general?

Who do bureaucrats really answer to? Well unfortunately the 3 main groups are legislation, lawsuits, and sometimes the press. Wow… no wonder their metrics are broken and most processes involve so much CYA.

We need to instead have customer (citizen) satisfaction have a more direct role and impact on their budgets. Maybe I suggest some kind of role for getsatisfaction style feedback? maybe even a game where citizens get so many reward points to give out so they can rate their interactions.

Woah before going nuts, I am not suggesting direct democracy. I don’t think we can handle that! But at least look at a few options to give citizens more direct sayso than just who they elect? That is not direct feedback and is inherently broken.

It prevents rapid development and in a world of rapid development is means govt will rarely solve problems like the banking industry in time.

Share

Transparent does NOT mean OPEN or ACCESSIBLE

Monday, August 10th, 2009

So had an interesting discussion with Gina Cooper at Transparency Camp West yesterday that I thought I should post.

She was getting a bit frustrated at people’s misuse of vocabulary and I have to agree with her.  People were throwing around terms like Govt2.0, egovt, transparent govt, opengov as all meaning the same thing.  They don’t.

I guess my layman style definitions would be:

Govt 2.0 – uses social media aspects which may or may not be transparent.  I can easily create a walled off garden that only a certain group of govt can use and call it govt 2.0

E-Gov – gosh this has been in existence for a long time.  it is basically moving govt from paper to electronic documentation and optimization on efficiency.   Probably some of the leaders are United Arab Emeritus and Singapore which I do not view as very open or transparent government but they are efficient!

Transparent Govt – basically show me everything. give me all the raw data etc.  Okay this is nifty BUT can involve information overload.  My best story in regards to this is a rather loud argument I had with an IRS employee at a recent security conference.  He argued that the bidding process for contracts with the IRS is completely transparent.  You only have to gather information and documents from 15+ sites (scattered at different levels) to create a bid.  But the whole process is there for anyone smart enough to figure it out.  He said it was on purpose to filter out the “less committed” ones.  I had to admit… it is transparent… just not accessible.

OpenGov – this is accessible government.  I believe it should be built upon transparent govt so that we can fact check it.  but if we want normal citizen engagement and not just us geeks… this is the direction we will need to go.  The biggest problem here?  METRICS and stakeholders. (see stakeholders in govt post)  This is my goal in regards to Citability.  I like to think it achieves those goals.  Now if we can just put it to the test!

Share

FOSS can lead to more secure software for Government

Monday, July 20th, 2009

Security issues with…

1) Open Source (community created) – Open Source Communities don’t always focus on risk analysis.  This is a paper tiger since typically FOSS programmers are not paid to care about security as top priority.  If compensated properly, they can and will implement proper security procedures.  I do not know anyone that views this as “FUN” programming.  However the source code can be viewed and therefore fixes can be made by anyone that is paid to do so.

2) Proprietary – Typically proprietary software results in a single point of failure in regard to code being fixed.  That singular point of failure is the vendor.  All the insane governmental contracting regulations are created to try and prevent that vendor based failure from happening.  Much of this is CYA dumping on the vendor in the attempt to create an equitable relationship.  Often times this also results in software being unreasonably expensive.  These CYA attempts are a smoke screen however because you never really know if the software is secure without the visible code and all its inner workings.

3) Homegrown – If done in house, you have the ability to see all code and do proper vetting procedures.  But hiring upper echelon programmers is difficult.  The vetting process is one that most programmers are not typically willing to go through just because of basic creative personality characteristics.  A top programmer can make more money with less hassle in the business sector.

So I suggest a melding of all three.  If you can’t see the code is it ever going to be truly secure?  Instead have internal teams focus on proper security vetting.  Create good release procedures about security information and adding back working fixes to the FOSS community.  And if necessary (typically I see this as a failure of timing) do not release security information until internal teams have created a fix that is ready for the public.  Also use those third party outsiders to do security testing of the FOSS products.  It doesn’t matter if their source is open or not.  They just have to inform you of the vulnerabilities they have found.

I think Government could perform an amazing community service that is a win/win solution for the public by focusing purely on the Customization and Security of FOSS projects with their internal teams.  This way they can be suitably vigorous without significantly increasing the barrier of entry to contractors and  FOSS communities.  And they could save money but not having such convulted contracting procedures.

Also Proprietary companies that help with security processes of risk analysis and risk management and can help supply warranties.  After all why would anyone undertake risk without compensation?  Otherwise it is an inequitable relationship that cannot be trusted.

Let us not forget the change management aspect of adopting a new methodology.  Working with open source code AND open source COMMUNITIES is going to require some serious change management for current government employees.  There is a HUGE cultural break because so much in resources is currently used for CYA. We have to retrain them in regards to open processes.

Also recognize with being so integrated with FOSS there may come a time for the project to fork because of security issues.  This is extremely difficult and political and must be managed properly.  This will require serious training in typical FOSS community culture and processes.  For example govt employees should understand the basic stages of FOSS development and the different risks that each stage poses.

We also need to prep FOSS vendors on how to integrate with government processes as well.  There is a middle ground here.  We need to define it for the barriers to be broken down successfully.  We have to be ready to help gently educate them as well (instead of being self absorbed self righteous a$$#&& – you know who you are…)

You can see from the need for security, risk analysis, risk management, and change management that FOSS does not reduce costs.  But it can result in better software for the money spent with less flamboyant failures that seem inherent to the current high risk bidding procedures in government.

Some good reference materials:

http://www.finance.gov.au/Publications/guide-to-open-source-software/risk-analysis-management.html

http://razor.occams.info/pubdocs/opendataciviccapital.html

Share

must read post by Ben Werdmuller

Monday, July 6th, 2009

http://benwerd.com/2009/07/building-the-user-centered-web/

Ben has put into words so many of the discussions I have been having for the past several years!  So good to see such common vocabulary.  And so glad to see things building to a proper implementation.

I cannot express how happy this makes me!

I will referring to pieces of this posting for awhile…

Share

How to save the world in 3 easy steps

Tuesday, June 30th, 2009

This is the 10 year plan I created in 2004

1) transparent govt
2) transparent business
3) introduce checks and balances in behavior
and create legal constructs when social norms fail

I started on all this because I am “Silona Bonewald” the only one in the world and I am a database geek. So I realized with the nature of things as they become electronic – privacy thru obscurity is gone. We needed a new (might I say better) type of checks and balances. And decided to start making govt and businesses more transparent.

When I started I didn’t talk much about business – everyone thought I was crazy enough in regards to govt. But now with the crash and such… I am not looking as crazy.

This is why I do allllll the crazy projects I do…
this is my theme!

Share

Big pink elephant in the room of transparency

Friday, June 26th, 2009

or is it that bigggg overhanging rock in the background that everyone knows if gonna fall but no one wants to admit it?

I am talking about the complete lack of change management in government for all this “transparency.”  Okay so in my little echo chamber all we ever hear about is how awesome and easy transparency is.  Well guys, I am from Texas.  I have relatives and friends that are from that other side…  remember them?  the 46% that lost?  well many of them aren’t so sure about this “transparency thing.”

The Texan presenters at the transparency conference we did in Austin Texas on May 15th (with Vivek Kundra and Bill Bradley) were a good illustration of this divide.

All the other side sees is a bunch of reckless change happening. They are all just sitting around wondering when they are going to get hurt by this.  They express concerns over privacy and security.

And they are all waiting for us to screw up so they can say we told you so.  And um I can’t blame them…

I mean where is the training?  Where is the change management?  We are doing some big stuff here and we are poised to make serious mistakes and I see no prelim work being done to prevent this.  Where are the best practices in open govt documents?  All I see are “I want” lists.  I have not seen us doing anything serious to ally their fears.

Do not get me wrong, I am seriously happy about all the change that is happening.  I mean I was wanting it 5 yrs ago when that 46% was 51% and everyone told me I was nuts (even those that are on our side now.)

But I am frustrated that I can’t get support on the change management side of things.  The training that all the normal people in govt need to adapt to the new way of things.  All the bureaucrats and such the “webees” as in we be still here when you be gone (because your candidate is no longer in office.)  These people are typically nonpartisan at heart and we need to win them over.  But we won’t until we adapt to their language. We need explain our new processes and why they exist and how they work and why they are so darn nifty.

oh yea and um at least publically defining those processes would be a good starting point (hint hint.)

I know budgets are tight.  Mine is too (since I have been unemployed since Feb.) but we need to prioritize better.  And if we don’t “sharpen the saw” we will all lose!  I want this change to be permanent something that does not unravel at the next changing of the guard.  If that means spending a bit extra to do it properly… let’s do it … please?

Share

Mutual ownership of data – B2B B2C P2P O2O O2P

Monday, June 15th, 2009

So how did I get here?  this concept of mutual ownership of data.  To be honest I did not get there from the perspective of the individual.  I got here because I wanted to figure out how to create a mesh of social nets so that I could have multiple personas.

The big piece is getting groups that control the Social nets to share the data.  I had to create something so that competitive groups would share data.  That is when I realized

business 2 business

org 2 org

business 2 client

and org 2 patron and even person to person

were all the same issue.  Setting up a TRUST relationship and keeping that balanced.  To do that mutual ownership must be acknowledged then maybe we can begin to negotiate what might be an equivalent relationship to create that trust.

Trusting without recourse… isn’t very smart in business though as people we do it naturally (and I think it is why we are losing our data left and right and suffering the advertising overload consequences.)  good fences make good neighborhoods.  good contracts make good business partners just by SETTING EXPECTATIONS.

I honestly believe that a mesh of Federating Social Nets cannot exist without this mutual ownership of data.  How else do we get Businesses and organization to share data?

Mike Neuenschwander wrote an awesome blog post about the equivalence issue – and explains it better than I in business terminology.

He calls it the law of relational symmetry.  I should state here too that one of my top five movies is “Brazil.”  Also Princess Bride, Dune (6hr version NOT TV), Willie Wonka and the Chocolate Factory, and The Fifth Element.  But that did not bias me to his article :-)

Sometimes I am upset that we do not learn to barter in this country.  I think this aspect of figuring out the relational symmetry of ownership of data would be more intuitive if we realized – Data is money therefore negiogate cash for its release!

Share

CrisisCamp

Monday, June 15th, 2009

Crisiscamp was big fun but now my brain is full of interesting projects.

Some possible ones are:
Crisispreparedness Badges for Facebook
1) It would inspire people to become educated in regards to crisis preparedness. Perhaps even having them fulfill specific tasks.
2) it would educate people’s friends and hopefully inspire them to train or do preparedness tasks
3) it would provide a list of trained people and their contact info to the crisis organizers

Creating an Emergency Tech Corp of responders
w Google, Microsoft and Yahoo and Burners without Borders.
The head of the LA fire Dept invited them down in the Fall for first hand training and use cases.

Codeathon
doing FOSS software for crisis handling and preparedness

and the craziest one…
Traveling Instant WIFI
like an RV w a gennie that has a satellite hookup that could provide instant wifi to all wifi enabled phones and computers.

a dictionary of crisis terminology
seeded with folkonomies from google or amazon
since common vocab seemed a severe issue (to me at least)

Yep it was a fun weekend!

Share

Ownership and responsibility in Identity relationships

Monday, June 8th, 2009

So I guiltily admit I finally read Bob Blakley’s paper on Identity relationships today.  This is particularily neglect of me considering not only is Bob on my board of directors… but also a dear friend that I discuss these topics often with.   And of course I am in awe.  Bob is really good at laying out the reasoning for things I can only see intuitively.  We of course have had many discussions about the essential nature of relationships to identity.  Obviously I am biased because it is key to a Federation of Social Networks.  I mean what are social networks but a grouping of relationships!

But I would like to add an additional aspect here… that of ownership.  Because of those relationships, that data is never owned by one party or another.  That relationship data is the child of both (or multiple) entities.

With that ownership also comes responsibilities, for both parties and I think that is where the essential aspects of privacy become relevant and addressable. Most in this space think of those relationships as only being in the context of individuals… but I would argue the issues are the same in social network to social network sn2sn style relationships.  Especially since I envision purposely fragmenting social networks instead of people only using one or maybe two.  I actually would like to redefine CRM to include social nets that each can be a “lego” in the construction of a persona.  Rather similar to the new information card but with a more distributed flair rather than being centralized on a desktop application.

For example, say I want to do some documentation on the Transparent Federal Budget.  I would prove my validity by linking to various personas that show appropriate reputation such as the ACLU validating that I was a Legislative Liaison in Texas, that I was on the board of EFF-Austin, that I am currently on the board of TANO, and that I am the founder of the League of Technical Voters, and finally my LinkedIn profile that also has links to people I worked with.  These would hopefully illustrate to readers of my documentation that I am knowledgable in regards to technical issues while documenting those aspects in the Budget.

It would be up to me to create and update those personas.  I have a pretty good reason to manage those relationships with those org’s social nets now because they are part of my reputation.  So the key part is how to get people to be willing to do this in the first place… one key here is trust…

This is the big HINT HINT to businesses out there.  If you wanting to create a social net to help keep your CRM database up to date, this is the value you can give.  But even more than that – how to get customer to share is where relationships REQUIRE TRUST.  To get trust, you need to SHARE ownership of data.  True a business style social network will not get updated all the time but if you aggregate with others… people will have incentive to maintain that relationship. Look at the success of facebook apps.  Now dear business folks imagine not being beholden to one entity…

For example, I don’t go to Yelp everyday. But when I want to tell everyone about a neat restaurant,  I’ll do a review on yelp which then automatically puts it on my facebook and friendfeed.  That is an incentive to me.  It makes it really easy to tell evveryone and I don’t have to try and move all the info to yelp (which by the way I don’t own outright – remember it’s shared.)

It creates a responsibility for both individual and business to maintain the relationship.  It also creates a responsibility between businesses.  Yelp expects that facebook and friendfeed won’t “steal” data (since that data remember isn’t purely Yelp’s either.)  The interesting side effect I believe this could have… is it could become easier and more effective way to handle all this relationship data.   I easily see data brokers evolving…

Share

Social networking and Govt 2.0

Thursday, June 4th, 2009

This is my favorite presentation i have given so far and wanted to see how my new slideshare.net widget was working… so here we go

I can’t believe it is 2 and half years since I gave this presentation!

Share