Archive for the ‘Privacy issues’ Category

Multiple personas (people and businesses)

Monday, June 8th, 2009

I believe we should have the ability to have multiple personas on the internet.

Who am I?  is an incredibly complex question… one that philosophers have trouble answering.  What hubris allows us to think that we can create some simple core identity view that will express it all.  It is impossible.  We change we evolve.  We have diverse reactions to different contexts.  We express often what sociologists call “deceptive” practices.

The funny thing here is some of the time that “deception” sociologically speaking is actually good – since it shows us as evolved past animalistic urges.  And yes don’t even get me started on how stupid I think that loaded terminology is.  And what it expresses to me about sociology’s self absorption to use such a loaded term.  but I digress…

I view us as complex beings that scatter little pieces of ourselves around the universe.  Different people have different interpretations (sometimes loaded by their own biases and insecurities.)  Those interpretations is a child of our interactions.  Yes both contribute – it is the way our brains work.  Paying attention itself is a filtering process.  We interpret everything we notice. We make that data our own by subtly changing it through our cognition process somehow – think of the game “telephone.”

We change our personal internal identity story just like that game of telephone.  Memory is not exact.  We change.  Our personas change.  Hopefully, we evolve (though I know some that devolved.)  We need the net to be just as flexible for growth to occur.  There is a reason young people switch social networks often… they are forming themselves and often welcome the opportunity to shed “friends” in a socially acceptable way.  They want to reinvent their personas.  many have multiple persona on the same network.  And they are certainly nervous about Great Aunt Bertha joining facebook and seeing aspects of their persona that they certainly aren’t that ashamed of (or else they wouldn’t have posted) but certainly don’t want seen out of context.  As I like to say we all know Silona wears a bikini but a google search puts Silona in a bikini at the office.

I like the think of these little pieces of us that we shed around the interwebs as being little lego pieces.  I want to be able to assemble those little lego pieces as I see fit to create diverse personas.  I want a “Silona open Gov persona” that I could assemble from my ACLU, EFF memberships, my past and present directorships on TANO and EFF-Austin, my founder of LOTV status, my past jobs on LinkedIn, etc.  I do not want my livejournal with my lovelife posts that I locked to be friends only.

I DO NOT want to be forced to merge all my shards of persona and be taken out of context.  I want to decide what each lego persona I create looks like.  Now because data is shared, I don’t have complete control over what every lego looks like.  And someone else can certainly go out there and create a drunken/dorky picture high drama lego person out of me if they choose. Though you know the parent SN could prevent that if they want since they also own the data… hint hint this becomes important later.

Forced merging of personas is both of sociological and security nightmare for me.  Sorry but I don’t complete trust all those groups in regards to merging my data (actually our data but data that isn’t completely THEIRS either.)  I mean look at the big oopsie facebook did with Beacon and they had nothing but the best intentions of helping (and making a buck – who can blame them.)

And to be honest… businesses aren’t going to like that forced merging either.  If other groups, businesses and social nets also become participants, they won’t play in the forced merger world.  So I ask for another perspective from the Developers out there…  Ok so the individual doesn’t matter as much to you… but if you think about it groups and businesses would also like similar methods of control.  Many would like to be brokers of a lego but also want a bit of control in regards to how that lego is used with “OUR” data.  Does that help integrate it better into your business model?


Ownership and responsibility in Identity relationships

Monday, June 8th, 2009

So I guiltily admit I finally read Bob Blakley’s paper on Identity relationships today.  This is particularily neglect of me considering not only is Bob on my board of directors… but also a dear friend that I discuss these topics often with.   And of course I am in awe.  Bob is really good at laying out the reasoning for things I can only see intuitively.  We of course have had many discussions about the essential nature of relationships to identity.  Obviously I am biased because it is key to a Federation of Social Networks.  I mean what are social networks but a grouping of relationships!

But I would like to add an additional aspect here… that of ownership.  Because of those relationships, that data is never owned by one party or another.  That relationship data is the child of both (or multiple) entities.

With that ownership also comes responsibilities, for both parties and I think that is where the essential aspects of privacy become relevant and addressable. Most in this space think of those relationships as only being in the context of individuals… but I would argue the issues are the same in social network to social network sn2sn style relationships.  Especially since I envision purposely fragmenting social networks instead of people only using one or maybe two.  I actually would like to redefine CRM to include social nets that each can be a “lego” in the construction of a persona.  Rather similar to the new information card but with a more distributed flair rather than being centralized on a desktop application.

For example, say I want to do some documentation on the Transparent Federal Budget.  I would prove my validity by linking to various personas that show appropriate reputation such as the ACLU validating that I was a Legislative Liaison in Texas, that I was on the board of EFF-Austin, that I am currently on the board of TANO, and that I am the founder of the League of Technical Voters, and finally my LinkedIn profile that also has links to people I worked with.  These would hopefully illustrate to readers of my documentation that I am knowledgable in regards to technical issues while documenting those aspects in the Budget.

It would be up to me to create and update those personas.  I have a pretty good reason to manage those relationships with those org’s social nets now because they are part of my reputation.  So the key part is how to get people to be willing to do this in the first place… one key here is trust…

This is the big HINT HINT to businesses out there.  If you wanting to create a social net to help keep your CRM database up to date, this is the value you can give.  But even more than that – how to get customer to share is where relationships REQUIRE TRUST.  To get trust, you need to SHARE ownership of data.  True a business style social network will not get updated all the time but if you aggregate with others… people will have incentive to maintain that relationship. Look at the success of facebook apps.  Now dear business folks imagine not being beholden to one entity…

For example, I don’t go to Yelp everyday. But when I want to tell everyone about a neat restaurant,  I’ll do a review on yelp which then automatically puts it on my facebook and friendfeed.  That is an incentive to me.  It makes it really easy to tell evveryone and I don’t have to try and move all the info to yelp (which by the way I don’t own outright – remember it’s shared.)

It creates a responsibility for both individual and business to maintain the relationship.  It also creates a responsibility between businesses.  Yelp expects that facebook and friendfeed won’t “steal” data (since that data remember isn’t purely Yelp’s either.)  The interesting side effect I believe this could have… is it could become easier and more effective way to handle all this relationship data.   I easily see data brokers evolving…


Ownership of data

Thursday, June 4th, 2009

Rarely does one entity (person for simplification purposes) OWN data. Most data is relational or is only useful in the context of a relationship. So most data is owned by at least two parties.

Consider “friending” on a social network. That “friendship” is actually a child of your relationship. You have BOTH claimed it as true so therefore you BOTH own that “child.”

This makes relationship data and its ownership a complex but not impossible setup.

We just have to create a system that acknowledges that dual ownership.

This is difficult because people are used to “OWNing” traditional objects. I think the closest and most emotional analogy i can use is children. A blending of DNA, that is of both and of neither… does it deserve to live on it own?

To take things a step further… same with most data in your life. Who owns your banking data? you or the bank or the credit union or…

Who owns your credit card transactions?

Who owns your GPS information?

super simple – ultracomplex


quantifying evil

Saturday, April 4th, 2009

Can you quantify evil or corruption?  is it an absolute number?  can it be a singular metric?

ummm no it can’t

we all have different values and perspectives.

What we might be able to do is quantify based on information given the chance or percentage you might think something or someone is corrupt or evil.

But really… this all come down to time and transparency.  If we give all the information and if you have the time/intellect does our stuff seem right to you?

or you could trust “experts” and perhaps also be “corrupted” by influence…

The reality of that transparency without “expertise” is actually useless and a form of overload.  For it to be useful, it must be interpreted… that means bias.  I prefer to know where my bias comes from.  I trust in bias :-)

I find it interesting in so many groups currently the end goal is transparency.  And for me transparency is simply a neccessary description of a process.  I do not find it to be good or evil simply necessary.

Why I decided to do Open Source code was not a question of morality.  It is a practical question.  If you want me to trust your code, I want to see it.  I want to know I have the ability to fix your mistake (even if honestly I might not be smart enough.)

The other business models out there are not “evil.”  They are what they are.  I just think with today’s online toolset and ability to crowdsource; they are outdated.  They require a different kind of trust.  That trust is “I paid you money I expect your software to work. ”  There is no evil there.  There is no evil in bartering.  You can walk away from a deal.  You can choose not to use a product.

evil I believe lies in purposeful deception…  and then um yea…


Microsoft’s outdated business model and how they can redeem themselves

Tuesday, March 31st, 2009

So I was talking the other day to Mark Hindsbo, the GM of Evangelists at Microsoft. He was basically wanted to talk about healing rifts with the OpenSource community. I was a bit blunt and brutal (but in a gentle way :-))

I said it is impossible for the OSS or FOSS communities to ever believe MS. I said the OSS shouldn’t and that MS should quit trying. The MS business model is broken in regards to OSS. The only way to change that trust is to change the business model.

The way to do that is focus on services. But maybe not services the way the FOSS community does…

I said if MS wants redemption it should look to the clouds…

hehehe or “the cloud.” One thing MS has always respected is the automony of its business clients and developers. I mean that is the point for such products as Small Business Server. Business clients are responsible for their own data and can act autonomously. This is NOT a stretch for people to believe in when it comes to MS’s reputation.

With the cloud’s current state, Data/autonomy is being taken away from people and businesses. Years ago I registered the URL when I realized this was happening.  Though understand,  I have a gmail address. I am as guilty as the rest. But, at least I understand the tradeoff of convenience to secrecy.

So what can MS do? instead of Open Source… they should give people back their data. On MS cloud, Azure, they should do it right. Charge for services. Encrypt the data so the Feds can’t raid MS to get YOUR company/ind data.

and here is the BIGGIE


Let people SEE the data can be gathered and decide if they want to SELL it back to you for “free” services. This will KILL google. When people realize the scary psychometric data being gathered and presented back to them ESP companies… I think they will find it worth while to pay for services.

I mean most companies don’t even realize that they void NDAs when using gmail addresses. Make that transparent to them. Create accountability.
This isn’t just about security… it is about another form of transparency and that is about data.

People as a whole don’t care about code… they care about themselves and their data is a reflection of that.

yea… sometimes I’m evil. But they loved me at the Microsoft VIP party at SXSW.

At the very least we will be able to check the anonymizing functions the data is being put through… and make up our own minds as to what monolith to support.

Personally this gal with a libertarian bent likes it better when the monoliths are fighting it out.


misquoted – yargh the frustration of public life

Sunday, March 22nd, 2009

I just love it when I get misquoted… First a Wired magazine article that caused strain with my favorite party planner, Doryan Rice. Luckily, a close friend was standing beside me as I did the interview and cleared things up with him. And geez it didn’t even sound like me.

Also someone said that I said “Privacy is dead.” People so often hear what they want to hear or make it simpler because it is easier to remember. I went and even checked my writings and blog posts… I have said and I will say again “Privacy as secrecy is dead. We need to start talking about privacy as a RIGHT and Social Construct.”

This is not so simplistic as “privacy is dead.”

You can have privacy. My favorite example was sitting in a cafe in NY w a friend at a table w 4 seats. Two Japanese (I assume) gals sit down at our table and start talking – completely ignoring us. Now to this southerner, this is completely rude to not ask permission. But to them it is polite and respecting our privacy and it is normal to take extra seats in a crowded cafe.

To ignore us is to not intrude on our privacy. A necessary social construct in an extremely crowded country.

We need to evolve more social constructs like this. We also need to start thinking about RIGHTS. We need rights for when social constructs are not enough. The most obvious example I can think of is when someone is stalked and needs to lock down all information for safety reasons.

Software needs to be able to account for scenarios like this.

I am not transparent out of naivete. I was stalked. I found ways to protect myself. And that needs to be available to everyone.


Identity theft

Tuesday, February 24th, 2009

I received an email today that is the perfect example of why I created this site.

“Thank you for using Stimulus.Virginia.Gov.

Your submission, confirmed below, has been received.

Giving Back

Project ID # – 3460 : Giving Back

Give the money back….don’t spend a dime. Just give it back to the Federal Government and our children.

Please save this email for your records or to submit another proposal

More information is available on the Reports Page  ”

I obviously did not submit this proposal nor did I misspell Government.  And yet, now I am on a governmental record for doing so.  It seems like this group – of all groups should understand more about checking and verifying posts and identities before adding me to  spreadsheet.  I suppose at least they sent me a copy of the email.  I sent an email complaining to the contact listed.  I’ll keep you posted.

UPDATE: UGH they responded but now I get one of these one an almost weekly basis.  I think they have something major screwed up in their database system.


Reputation and your past

Friday, February 13th, 2009

So when do you get the “kill off” one of your personas?

They should get to at least expire.  Just as people should be allowed to grow past their mistakes.  Though past mistakes are important information when judging a persons character.  Is it not?  I care more about how you solved your mistake than the fact you made one.

I think I like the idea of saying – this persona doesn’t really apply anyone and having society make up its mind.  For example, I was supposed to be the “child prodigy.”  I started working in a lab when I was really young.  I did live baboon operations, AIDS research and helped setup a protein core facility in 86.  I learned to take that off my resume.  It was hurting my job prospects.  This all happened before the web – so if I chose it could die.  Younger people don’t have that option anymore.

I am putting all of my stuff up – all of it.  On so that we can have a discussion about these issues.  I have tried to have them intellectually… but it just isn’t interesting enough until I make it personal.  Well… I can’t get much more personal than this.

I was contacted recently from someone in my past that had found a blurb about them on line on my new lifewiki (  while he agreed that it was accurate at the time.  It was no longer accurate of him now and reflected poorly.  So I softened the wording of it.

He asked that I not use his full name. I do have issues with that.  I don’t believe in privacy thru obscurity.  After all as “Silona” I was never given that option.  Even if I created a “Mary Smith” persona – in this day of others tagging data for you on facebook, I know it would not last long.  I watch it happen frequently in the burningman community.  Where someone takes a pic at an event and then tags it for the person – much drama ensues.

I may shorten his name.  Haven’t decided yet.  I mean things are never truly erased.  But I suppose if that makes it blunter and transitions him more easily….  hmm i’ll think about it.  What do y’all think?


reputation and anonymity

Wednesday, February 4th, 2009

I don’t believe reputation and anonymity are mutually exclusive.

I believe as we get closer to quantifying relative reputation (because reputation is just as much your profile information merged w other profile information)  we will watch “reputation brokers” emerge.  People that will act as third party validation mechanisms.

I also believe that those 3rd party brokers if THEY have a good reputation with you can serve as anonymity brokers.  Such like reporters had to do in the day w their “sources”


Why do you do what you do? WDYDWYD part 1

Monday, January 26th, 2009

Well,  I know much of my work seems very philanthropic.  And in many ways it is (like how little money I make in comparison to the old days.)  But it really has evolved from my sense of identity – so in its own way – it is quite self oriented…

I started creating databases while I was still in college for political campaigns (1988-1992.)  I was jokingly called “Big Sister” by peers as a reference to Big Brother from the novel “1984.”  I could easily see the power in these lists of lists.  I created a special direct mailing in 92 where I did targeted direct mail pieces to neighborhoods.  Each person received a personalized letter  with their neighbor’s name and address so they could ask them directly why they were supporting us.  (Yes, I got everyone’s ok before I sent their contact info in a mail piece.)

In fact, I did a business proposal to the DNC about creating a master database for the Democratic party.  Back then you could buy magazine lists for a song.  Imagine the targeted mailer you could write if you knew someone subscribed to “Field and Stream” vs “UTNE Reader.” The Democrats weren’t interested but the Republicans were… So I walked away from it at that point.  Though as history shows certain Republicans in Austin, Texas created a similar list for the RNC.

I started doing large database systems on the internet.  In 1995, some dirty jokes I made on usenet suddenly showed up.  And at the moment I realized that not only would things not go away but soon… very soon… anyone would be able to find them.  My name is a unique identifier.  I was also dating an AI programmer that did datamining and realized soon everyone (not just me) would be identifiable.  I decided to hide more.  At the same time I was torn, I need to protect my “brand” of “silona.”  Wether I liked it or not most people assume if there is a “silona”  it is me.  I focused on creating large Database systems on the internet and ignored the signs for awhile…