Stream of Consciousness

I just saw Howard Dean speak, and though I’ve liked him - and have planned to vote for him - for some time now, I’m finally jazzed enough to start telling people about him. He spoke on the economy, foreign policy and education, and then answered questions. No notes, all off-the-cuff, and he was well poised, had the facts, and really answered questions put to him.

I’m sorry I don’t have a transcript, as I can’t remember his exact words, except for one quip about Bush: he said that in Texas, they call guys like Bush “lots of hat but no cattle.”

I’ve just added Blog for Dean to my links, and plan to check it regularly - and it has quick links to lots of other useful sites and info. I also signed up for his mailing list: he promised not to spam us until a month before the election. (I have previously done a bit of work on the unofficial Hack for Dean site.)

He said that though Bush would probably out-spend him, but that he planned to win by bringing 3 million new voters to the polls - that’s where we (you and me) come in. Tell your friends, check out the the meetups, and (again) tell your friends.

Regime change begins at home!

Finally signed on to Henri Poole’s excellent Affero service - check it out (and if you’re glad I sent you, let me know).

Lots going on, and there’s always so much more to do. I’ve been considering Kerberos using public key crypto for initial authorization for top-level ID brokers and SDSI/SPKI for managing local realms, but I’m still far from being an expert in these areas, and I feel I need to know so much more.

In between my research I’ve been getting out to play with Steven - we just took him to a baseball game (Giants won!) and he had a great time.

Just came back from a great three-day Identity Commons workshop in Sebastopol. Lots of great people, and five main projects were defined as essential to getting things rolling:

1. Marketing/Outreach
2. Open Source Technology
3. Fund raising/Revenue
4. Greenhouse/Project Interface
5. Legal/Org./Constitution

I’m heading up the technology project - gotta set the single sign-on distributed authentication / XRI-lite / profile access management all set up in three months. Sounds crazy, but for some reason I think it can be done.

Much more came together than I had expected, and now it’s up to Owen & Company to see if the big players are going to pony up the big $$.

Too wasted to write much more now - more soon!

In a recent blog posting, Joi Ito wrote:

You don’t care if my real name is Joi Ito or where I live exactly. As a blog reader, you probably care if it is the same blogger that has posted all of the other blog entries on this blog.

Precisely - for reputation to accrue and be trustable, all you need to know is that it is the same identity/actor as the last time. The ability to make and test such an assertion becomes increasingly important as reputations grow and become themselves a mechanism for choosing what to read, who to trust, etc. I continue to be amazed that the blogging community doesn’t seem to care about it enough to add a field to a newly proposed standard (e.g. Echo) to enable a signature on a post (more on this) though I hope I am wrong.

The identity framework I’m currently working on may not have any strong authentication (beyond names and passwords) in the initial release. However, the system will support the ability to sign and even encrypt messages, authenticate sources (e.g., assert “same as last time”), make secure introductions, and spawn anonymous child nyms that can, if desired, be later authenticated or left to build their own reputations as independent identities with the privacy-protected parent pulling the invisible strings.

BTW: I’ve always talked about an orthogonal set of identities to those very practical ones posited by Eric Hughes, namely: my family ID, my work ID, and the ID that I don’t tell the others about.

PS: this is my first attempt at at trackback…

Haven’t blogged in a while - I’m just getting used to this - and I feel I need to practice…

It strikes me that the Democrats seem to be so incapable of mounting an offensive against a president that clearly fabricated evidence to pull this country into a costly (in many ways) war, while the Republicans never seem to be at a loss to take a simple issue (like a President’s mistress) and blow it up into an impeachable offense.

Another sad thing to watch is the trouble the Dems have in raising money. After all, they simply want to better the environment, help our schools, lower the deficit and generally create a better world.

Meanwhile, when a Republican buys a candidate, er, makes a contribution, he can be sure that it will result in profits for their business - an immediate financial ROI. In other words, it’s a no-brainer for anyone with a large and growing asset base.

Now, I can’t say I really like either party - but doesn’t anyone in the Democratic party get that they have to be mean to play in this game?

In talking to colleagues about how one can market their data successfully and still remain in complete control of it, I see that there are areas that could use some clarification, or at least some use cases. Here are a couple of example areas designed to show how money can be made in an customer-centric Identity Commons profile economy.

Safeway

It’s a little known fact that when Safeway installed point-of-sale card readers in the 1980s that this move was funded by Nielsen (of TV ratings fame) who collected the purchasing information and sold reports and services back to Safeway based on this information - a brilliant win-win marketing move. Ditto the “Safeway Club Card.” Suffice to say, Safeway has collected scads of valuable purchasing information on its customers.

Now let’s say that I have a Safeway Club Card with no connected identity - all it carries with it is a unique number that is attached to all the purchases I have made. Let’s pretend that I use cash as payment so there is no connection to my credit card information either. Still, Safeway can now offer several new services:

Personalized Special Offers

Since Safeway knows the aggregate buying habits of its customers, it can work with suppliers to create special offers to people who match a particular consumption profile. For example, an offer for a special price on a new soft drink could be made to all people who buy a six-pack or more of soda a week. This offer could be presented on a personalized Safeway Web Page where the customer types in the number on their Club Card and transacted by swiping the card at the check-out stand. No coupons - great deals.

Purchase Authentication

Back in 1999, RJ Reynolds paid a marketing company the equivalent of $20 per head to reach smokers in New York City who smoked more than 2 packs a day. Rather than sending junk mail to all NYC residents, a smart e-broker could be used instead. An ad appears on my personal e-broker home page that says it will pay me $10 if I can prove that I buy two packs a day or more. If I bought two cartons a week from Safeway, I could enter their authorization page, and have it cryptographically sign a note authenticating that fact (which again, can be done without revealing my true identity, or even my Club Card number). Note that Safeway may charge me $1 for this service - a new revenue stream - but that’s OK, as I still clear $9. I supply this authentication to the e-broker which sends me the ad. It collects $12 per head from the marketing company (a 40% savings) of which $10 goes to me, and it’s a win-win-win-win.

Book Buying Agent

While Amazon can (and does!) deduce a lot from what I have bought and/or browsed on their site, they still do not know what books I buy from e.g. Barnes and Noble or other book stores, what magazines I subscribe to, what movies I watch, and other criteria that could be used to make better, more accurate book suggestions.

Imagine a book buying agent that accumulates the reading habits of its customers. Similar to the Safeway model described above, one can use a pseudonymous ID, and if one desires better security, onion-routed anonymous remailers can be used to protect the customer’s identity. When in use, such mechanisms promote good behavior on the part of the agent, as if it misuses the customer’s data in any way, she can simply stop receiving email from that particular pseudonymous ID, leaving the agent with data with no connection to a user.

Now the agent, with millions of customers can present aggregated anonymous data to book sellers and cut deals that are beneficial for all. Another win-win-win situation.

Lexus

Back in the latter years of the last millennium, I heard that it was worth $1200 to Lexus to have a qualified buyer step onto their showroom floor. Using blinded signature technology, one could present credentials that my net worth is over $100K, that I generally buy a new car every 2-3 years, and that it’s been 30 months since my last car purchase. Upon presenting such a credential, the Lexus dealership might pay me $500 cash to take a test drive - everyone wins!

For more on this form of “anonymous digital bearer instruments”, see e.g., Lucrative’s Perspective. More links with theory, etc. are here.

(These ideas are condensed from the Broadcatch CDML and Lumeria SuperProfile concepts.)

Thought for the day: The value of customer data is immense, and actually increases when in the hands of the customer.

Just found this thread over at BurningBird. It appears Baldur Bjarnason is also pushing for signed weblogs - very cool!