Stream of Consciousness

At the first CivicActions “off-site” in Amsterdam, we created a vision for ourselves and for the world. As a new father and provider for my small family, and as someone who has unfortunately never broken into the real estate market, I was pleased that this item made the list with general consensus: “every member owns their home or has the ability to”.

It seemed like an impossibility just two years ago, yet today our mortgage on a home in Pittsburgh, Penn. was approved. Granted, we’re not buying a house in San Francisco (where a friend bought a single garage spot for $185,000 to go with his purchase of half of a duplex a few years ago) but we’re exceedingly happy! We extensively researched where to buy over the last few years with three primary criteria:

1. Excellent public schools
• Pennsylvania ranks 10th in the country and Mt. Lebanon, the township where we will reside, ranks fourth in the state
2. Affordable real estate
• for just $50,000 more than that garage I mentioned above, we’re getting a two car garage attached to a four bedroom house with full basement and a yard large enough for badminton on a dead-end road just a two-block walk to school on a tree-lined, quiet street;
3. Proximity to a good sized city/college town for culture, technology, etc.
• Mt Lebanon is six miles south of Pittsburgh, has beautiful, tree lined streets and all children walk to their neighborhood schools;
• Google has opened a research office at Carnegie Mellon University (and has a very cool social media project underway);
• Pittsburgh has more green “LEED-certified” buildings than any other city in the U.S.

I am honored to work with the people of CivicActions as we help our clients create our shared vision of a better world.

I feel blessed that CivicActions’ vision has enabled my family to achieve its dream.

From Ethan Kiczek’s blog:

Cool campaign finance flash thing, via techPresident:

The New York Times has produced a great Flash feature that lays campaign contributions (unfortunately, only those over $200) over a map of the United States, divided by candidate. There are no real revelations here, but it’s a great way to visualize how much money the candidates received, and where it came from.

Phil Windley blogged about FreeYourId.com, a full service OpenId provider that gives you access to services off of a single .name URL. This starts to give a taste of what i-names can do, though it is - while clever - somewhat simplistic. When you give someone a YourId.name email address, they can then email you forever, as long as you keep the email it forwards to current.

When you give your i-name, you can remain in control over what services others can access from it. So if someone - or some company - starts sending you messages that you don’t wish to receive (solicitations, spam, etc.) you can easily shut them off and they no longer can contact you via that vector. Add a layer, and you could allow messages into your inbox that are considered to be of high quality from some group you trust. Or you can provide authentication that you are someone’s “friend” as they move between social networks, but when the go to a network you don’t like, the authentication no longer works.

Such mediated services are a major aspect of what make i-names (and XRI) particularly interesting, and the OpenId folk have (IMO) wisely include XRI service discovery in the OpenId 2.0 specification, which is nearing completion. Because of the complete control i-names give their owners, they provide a simple and natural foundation for creating the next killer app: community mediated reputation services.

Many of us celebrated when it was announced that AOL has embraced OpenID. Does that bring us any closer to the goal of secure, privacy protected user-centric digital identity that empowers users, leveling the playing field between them and service providers to the great benefit of both? (OK, that’s my goal, but maybe some of you may share it.) I say: no. In fact, it can and may have just the opposite effect, providing false security and tarnishing the concept of single sign-on (SSO) throughout the, uh, blogosphere.

What’s missing is the key element that the Identity Commons was originally created to foster: community. If I may get metaphysical for a moment, trust starts by knowing yourself, and then extends tenuously outwards from the mind/heart/spirit to those around us that we feel we know and connect with at some level, in some set context. Let me ask you: does adding 30 million people into your community make you feel all warm and fuzzy?

With the introduction of OpenID/i-name authentication into more community networks/web sites, reputation (and the associated themes of trust, accountability and privacy) is quickly being seen as an important factor in any healthy online ecosystem. It is especially critical when people can join a community anonymously (note that a working email address alone does not provide any useful measure of accountability - see e.g. Mailinator). A network devoid of accountability is of limited - if any - usefulness, for when spammers and trolls can share equal footing with responsible netizens, trust and the all-important feeling of safety and security that a healthy community provides is lost. Further, as the value of reputation grows, people will find it important to protect and grow their reputation, as it will become increasingly common to ignore comments by people with little or no reputation - after all, they could be spam-bots.

So how do you begin to trust people you may never meet? This is a much researched and fairly well understood property of social networks - that you can grow to trust the wisdom posted by Bob simply by the history of his (assuming Bob is a “he”) postings in a particular forum. Thus, Bob earns a certain respect, or reputation, within the community. As the community grows, reputation can diffuse; but too small a community can appear as a conspiracy and also not be trusted. But if one has a normal amount of reputation and is also to be found in multiple communities, this is another way reputation can grow.

With the introduction of OpenID, small communities (such as those I work with at CivicActions) will be able to provide a basic (perhaps “default” may be more accurate) reputation (or rating) service enforced by their society contracts. In our case, we can additionally provide a strong foundation for inter-community reputation growth and management since we foster the growth of several communities a month and have intimate knowledge of how the community sites are constructed (we build ‘em!).

Some Technical Details

To support inter-community SSO, we will create and maintain a centralized, secure repository of user information (a “profile store”) that contains e.g. user names and email addresses. (This is separate from the authenticating I-Broker (or OpenID Provider) that can authorize access to the profile information under user control. And while the XRI technology underlying i-names supports distributed identity and data-brokers with encrypted data stores, these won’t exist in the initial release.) The profile store will also manage data contracts (or “Identity Rights Agreements” (IRA)) that client sites (AKA “Service Providers”) will electronically sign in exchange for profile data (such as an email address). A simple IRA for access to a user’s email address might include clauses like:

We agree to:

1. never sell, rent, trade or otherwise make available your email address to other parties that you have not explicitly agreed to;
2. refresh our cached copy of your email address from the profile store before use, thus ensuring that we always contact you at your current and correct address;
3. remove your email address from our servers should you request this (perhaps as part of leaving our community);
4. …

Since the profile manager (and community I-Broker) are both maintained by CivicActions, and since we will be hard-coding the IRAs and profile sharing protocols, we will be a de facto reputation server as well. Over time, we will implement identity and data portability as permitted by the XRI protocol standards. We’ll do this not only because we are committed to zero lock-in and want to enable our clients and their constituents to move freely, but also because it makes sound business sense to allow the free flow of people and their ideas in - and out - of any space, thus empowering each and everyone to find their spot where they can shine.

Back to Reputation

As peer-to-peer OpenID authentication will enable Single Sign-on (SSO), there will be a much lower barrier to entry (and exit) to (from) our client sites. This will enhance the vitality of each community by enabling members to more easily find where they feel most connected and useful while not being concerned about (re-)joining, who has access to their email address, etc. Yet the use of a single identity across multiple communities will enhance each user’s ability to gain reputation and trust in others that have gained reputation.

The value of CivicActions reputation will have additional use/importance as we start to provide/consume reputation metrics to/from outside communities that we develop peering (trust) relationships with. Note that no centralized or globally defined namespaces are needed - that can all be done the same way we’ve always done it - personal and group-mediated introductions at the grassroots. By providing a sound basis for building trust and accountability, our reputation service can empower a global community that shares our values and helps (us and our clients) move the world forward.

When you log into a community site, say LinkedIn or Tribe, you provide them with information about you which they now control. This is unfortunate because 1) if you want to log into another site, you have to enter similar information again (if you belong to more than one social networking site, you know what I mean!) and 2) if (say) your email address changes, you’ve got to go and change it at every place you gave it to, or else risk missing the messages that you signed up for (which is bad for both parties!).

User-centric identity enables you to be the master of your online digital identity. Once you have that control, the tables turn and instead of giving other sites your data (which can rapidly become obsolete) you instead give them permission to access certain parts of your personally maintained data. As long as you give them access to e.g. your email address, any time that you change it (in just one place) all the sites that have “subscribed” to your email address will get updated. Further, as you build depth as (say) LinkedIn and later want to bring some of your “reputation” over to Tribe, it’s as easy as giving them the right to view whatever portions of your “profile” you choose. And in case you’re wondering, there are some simple procedures, a developing set of “identity rights agreements” (similar in concept to the Creative Commons copyrights) and some fancy mathematical proofs that enable you to protect your privacy and security while doing all this - far better than it is protected now by all those sites storing it “for you”.

But I said above “coming soon to Drupal” and what I really meant was “coming soon to a community near you,” and Drupal just happens to be one of the more common community building tools. A recent announcement from OpenID caught my eye:

From http://iwantmyopenid.org/bounty (Digg it):

In an effort to raise the awareness and increase adoption of OpenID, we are proud to announce the OpenID Code Bounty.

$5,000 USD will be donated to the first ten software projects that meet the requirements of the bounty program. Currently the OpenID Code Bounty is being sponsored by VeriSign, JanRain, Cordance, ooTao, Four Kitchen Studios, Zooomr, claimID, NetMesh, Opinity, Six Apart, Sxip, Zp3, and the International Webmasters Association.

OpenID already uses XRI for discovery; the next step is to get the input form to accept either an OpenID URL or an XRI-based i-name. Turns out that appendix C-1 of OpenID Authentication 2.0 - Draft 5 says that is will do exactly that, and the good folk at JanRain are already working on it. Once there’s an 2.0-enabled OpenID Drupal module you can bet I’ll be incorporating it into CivicActions sites wherever possible.

I came across this today, and really enjoyed it: 95 Theses of Geek Activism.

Perhaps it helps that I identify as a hacker in the manner described in the first thesis. Geek Activism is really all about being smart, thinking for yourself and not simply accepting what others say just because they happen to be on TV or run the corporations or government (the differences between these are fading).

Read them. Follow the links. You’ll learn a little bit more about me - and maybe a little bit more about yourself, too. I’ll end with a quote that comes to mind, perhaps because activists are geeks, too (though they may not know it).

People single me out for being an activist, but I always say that the impulse is inborn - it just needs to be nurtured. It starts when you’re little, and you see some kids being unkind to another kid on the bus. Maybe you do something. Maybe you don’t. But there was that little hint in your brain that something was wrong, that you weren’t comfortable with the situation.

Throughout your life, you have the opportunity to learn from that experience, to react to that little voice inside of you that says something has crossed your moral bottom line, to ignore what others are telling you to do and honor your impulse. The very core of being an activist is being true to yourself.

— Susan Sarandon

My wife and I are eagerly looking forward to seeing the movie An Inconvenient Truth - we’d have seen it already if we had baby sitting lined up, and have arranged for this on the 19th of June. I’m confident that the movie will move us deeply. I just read a colleague’s blog post on the movie, and I received the list of links below from another close friend. (A second post from the same colleague is particularly germane to this topic: see Trees for the future: carbon offset programs. We are planning to participate in this program.)

Please see An Inconvenient Truth and urge your friends and family to see it, too. Visit ClimateCrisis.net, write your senators and representatives, and urge Al Gore to run for president. Something has changed in him since the election was stolen from him - he’s unafraid to stand up and speak what is right. This is what we need now. More importantly, this is what our children need and deserve.

Links from a friend with some comments from me:

• Petition to
  Draft Al Gore for President in 2008 - I’ve signed
• Excellent speech on the Constitutional crisis in this country [16 January 2006] - Al being forceful and eloquent while delivering a powerful message (audio and text versions available, too)
• An interview with Terry Gross from NPR.org [Fresh Air, 30 May 2006] - Al expressed surprise that there hasn’t been more outrage…. we need to assure him that there is, that we are not asleep!
• How to contact Al Gore - Drop him a line and see if there’s something you can do in your spare time to help
• Was the 2004 Election Stolen? [Robert F. Kennedy, Jr., Rolling Stone, 1 June 2006]
• Finally, a little comic relief… - Hilarious!

May we bring honor and hope back to this country!

I’ve just added the Great News Network to my news bookmarks.

What a treat to have some good news for a change!

From the virtual desk of Declan McCullagh: Congress readies broad new digital copyright bill (CNET):

For the last few years, a coalition of technology companies, academics and computer programmers has been trying to persuade Congress to scale back the Digital Millennium Copyright Act.

Now Congress is preparing to do precisely the opposite. A proposed copyright law seen by CNET News.com would expand the DMCA’s restrictions on software that can bypass copy protections and grant federal police more wiretapping and enforcement powers.

This bill likens copyright infringers to terrorists, and would make it a federal offense even to talk about ways of violating copyright. For some background on what the DMCA has done for us so far, see this report published by the Electronic Frontier Foundation.

The idea that such an abomination to free speech could even be considered speaks volumes of the power of corporate lobbiests - when will the American people wake up and demand the end of this crooked institution?

Update: See this coverage at IPac Action.

This is chilling: decisions being made now will shape the future of the Internet for a generation. Before long, all media &mdash TV, phone and the Web — will come to your home via the same broadband connection. The dispute over net neutrality is about who’ll control access to new and emerging technologies.

From http://SaveTheInternet.com:

Congress is pushing a law that would abandon Network Neutrality, the Internet’s First Amendment. Network neutrality prevents companies like AT&T, Verizon and Comcast from deciding which Web sites work best for you — based on what site pays them the most. Your local library shouldn’t have to outbid Barnes & Noble for the right to have its Web site open quickly on your computer.

Net Neutrality allows everyone to compete on a level playing field and is the reason that the Internet is a force for economic innovation, civic participation and free speech. If the public doesn’t speak up now, Congress will cave to a multi-million dollar lobbying campaign by telephone and cable companies that want to decide what you do, where you go, and what you watch online.

Please join and add your voice to help preserve Net Neutrality - don’t let the big telcos determing what information gets to pass through the wires.

For more information, check out Net Neutrality - Not an optional feature of the Internet.