Media Influencer

helping people break out of pigeonholes since 2003

Whose data is it anyway?

TAGS: None

Follow up on previous thoughts on data and ownership… as cross-posted from VRM Hub.

Talking about ownership of data online in terms of control is fairly pointless. Once your data is out, it’s out. So instead of delving into the meaning of ownership and what it means in a decentralised, distributed and open network where sharing and transparency are default, let’s look at how the data is generated by the individual and shared through interactions with others.

Data as generated online is akin to a positive externality for the vendors and platforms that capture our data. Positive externality* is something that is not part of the value traded in market exchanges. It is something one of the parties in the trade benefits from, without having to pay for it. For illustration, pollution is considered a negative externality as it is

a) a by-product of manufacturing processes and,
b) is not included in the cost or price of the products.

So, when I am buying something from Amazon or Virgin Atlantic site, the explicit value exchange is the goods they provide and the money I pay for those goods. My data is external to that value exchange – the vendor is not paying for it and I am not being paid for it. In the current set-up (no pun intended), the vendors benefit by using the data in ways that help their business, from mining to selling it on. I, on the other hand, have scant legal protection against that and even with all the laws in place such as Data Protection Act and other restrictions on those who capture my data, a large portion of data collected from me is for marketing purposes.. and usually way above the threshold of legally required data to complete transactions.

The advent of the ‘free’ web has mightily confused the distinction between data as part of a value exchange and data as a positive externality – simply because most platforms with web services have turned what is essentially an external benefit from other exchanges to foundations of their business models. The ‘free services’ I receive are ‘paid for’ by my attention and/or my data – both eagerly gathered by various platforms. Advertising is a way to monetise my attention aka eyeball and the race to monetising my data (short of crude selling on) is still on.

In this context I own my data (in a way I own my attention) and neither should be considered a payment for the (free) web services unless it is specified in the terms of the exchange or service. It is merely a shift from one business model – online retail such as Amazon – to another where data becomes the value exchanged tacitly and without clear understanding. This is another reason why privacy remains an issue with such web services and platforms. As long as I have to depend on a third party to protect my privacy, it will be exposed by accident (incompetence), force (authorities) or abuse (marketing & advertising).

The tensions between the data created and managed by us and the tools we use belonging to someone else, are becoming obvious on the social web. Mike Arrington’s outrage a few months back when Facebook was turning its back on FriendConnect is justified.

The fact is, this isn’t Facebook’s data. It’s my data. And if I give Google permission to do stuff with it, I’m damned well within my rights to do so. By blocking Google, Facebook has blocked ME. And that, frankly, kind of frustrates me.

Let me put this another way. How dare Facebook tell ME that I cannot give Google access to this data!

Arrington also condemns Scoble’s early attempts at ‘data portability’:

Scoble has been on the wrong side of this issue before, when he tried to scrape his friend’s contact information out of Facebook and export it to Plaxo. In that case, it wasn’t his data and he didn’t have the right to make it portable. It’s MY data, once again, and only I should be allowed to make that decision. He thinks his new position shows that he gets the importance of privacy, but once again he isn’t thinking in terms of who really owns the data and should be allowed to make decisions around it.

Here we go, ownership of data again. So when I add someone to my network, together with his photo and other profile details, I do not ‘own’ that data. It seems pretty pointless to debate that as whenever I sign-up to a social network platform, I am agreeing to the terms and conditions of their relationship with me and to what happens to my data, privacy etc. All my agreements are with the platforms and the way I enter those agreements is definitely lacking in balance of power. We do live in the early days of individual empowerement… but even so, there is a distinct lack of tools that will allow me to be a node in a network independent of someone else’s silo or a platform. I have the same question as Danny O’Brien:

When you want to make a private picture or note available only to your friends, why do you hand it over to a multi-national corporation first?

Moreover, within social networking platforms, there is no corresponding agreement with other users. The terms of service are between me and Facebook, me and MySpace, me and Twitter, me and Flickr, me and Plaxo, me and LinkedIn, me and the socnet du jour… but they do not extend to my relationships with other individuals on the same platform. Relationships are pre-defined, much the same way terms & conditions are, from the point of the platoform, not from the point of the individual. So ironically, social networking platforms designed to help me connect with others, to create and maintain relationships with them, are not allowing me to define those very relationships…

In other words, there is no way to interact with others within the silos based on what I call P2P terms and conditions. These could be privacy agreements, if we so wish, ranging from simply not-bothered-about-what-happens-to-my-contact -details-in-your-social-graph all the way to granulated preferences for different people in my contact list. So just like in the real world – there are people I’d trust with my address book and there are some I wouldn’t trust with my address. Instead of building complicated systems and using technology to make such nuances in relationships explicit, I need tools to help me manage the complexity of human relationships. I need tools to reflect what is already in my head implicitly and defines me as a social animal. Do not tie me up in legal pretzels over various policies, creating permissions and access management nightmares in the process. In the words of Kevin Marks as paraphrased from his Social Cloud talk at Lift08:

Software cannot match out ability to sort out our friends and contact, establish how much we trust them and how we arrive at that trust. No software can fully map the relationships, let alone replace our natural ability to create and maintain them The implication is that therefore software should support the kind of cloud abstraction we have around the internet, also around our social relationships. You can feed it (the social networking app) relationships that are in the ’software in your head’, feed the stuff related to people in your network to software online. Users will assume that your software (this is aimed at developers) will be able to see the information that they have already fed into the software and be able to use it.

Indeed! By I digress. To recap, my data is a kind of externality to purchasing transactions, just like attention is an externality to my reading, watching or listening to something else. Marketing lives off my data, advertising lives off my attention. My data (and by extension me) is not respected because companies can trade it as a commodity without paying for it. The way to address this is not to make them pay for the data (and create many snake oil intermediaries in the process) but to make it possible for companies to enter into relationships with the true owners of the data.

So what is to be done? How to internalise the externality? How do I regain control over something that originates from me and is used in my transactions with others? This is the stuff of VRM.

Broadly speaking, it is about finding tools & technology to give the individual sovereignty over his data, so he can exercise choice over who gets to see it and under what circumstances. This will change the balance of powers and eventually demonstrate to companies that respecting people’s data (and by extension them), they can make more money.

* Definition of externality: Economic theory considers any voluntary exchange to be mutually beneficial to both parties, for example a buyer and seller. Any exchange, however, can result in additional positive or negative effects on third parties. Those who suffer from external costs do so involuntarily, while those who enjoy external benefits do so at no cost. Data is an externality without the third party, where the afffected party is also participating in the transaction. So not an exact theoretical match, but perhaps still helpful in understanding how we got to the point where ‘free services’ feel entitled to their users data.

Signing up with OpenID

TAGS: None

Now and then I give OpenID a go but I do find it cumbersome to say the least. In an experimentation fit I used it to sign in to Plaxo, and every time I log in, it’s a several step process. So much for saving the user time and effort.

MindMeister mindmapping software has an OpenID option for signing in. I thought – ooh, it would be convenient to just put in my OpenID and not worry about yet another username/password etc. Perhaps there is something to this. I even remembered my OpenID URL…

But no luck this time, this is what I got.


Additional Information: Because your OpenID provider didn’t send all the information we need in order to create your account please fill out the fields to the left.

Arrgh! Why put an OpenID sign-in option on a page, if the website doesn’t actually accept it?! The point of OpenID should be not only about the convenience of signing-in process but also about my ability to decide what information is provided throughout. FAIL.

cross-posted from VRM Hub.

Quote to remember

TAGS: None

When you want to make a private picture or note available only to your friends, why do you hand it over to a multi-national corporation first? What use is a mobile phone running Apache? Does IPv6 really exist? Can we be ecologically-sound and still run our terabyte home servers? Please?
- Danny O’Brien in Living on the Edge (of Network)

Whit Diffie’s honorary doctorate at Holloway College

TAGS: None

Yesterday, I had the priviledge to attend the graduation ceremony at the Royal Holloway College as a guest of Whit Diffie who received an honorary doctorate for his achievements in the field of cryptography, namely, his pioneering work on the public private key. Wired article from 1994 on the topic sums it up:

Whitfield Diffie took cryptography out of the hands of the spooks and made privacy possible in the digital age – by inventing the most revolutionary concept in encryption since the Renaissance.

The ceremony started at 10.30am in the splendid college Chapel. Alas, as my flight from Boston was delayed by 3 hours the night before, I arrived too late to see whole thing. However, thanks to Alec I got there in time for Whit’s award and his acceptance speech and managed to record all but the first 10-15 seconds of it. Apologies for the quality, as this is recorded with my normal camera, from a screen outside the chapel.

…open to the opportunity to take risks and do things in unexpected ways and do what you want to but not what people recommend. On the other hand I think I can be said to have overdone this so they, when they give my resume, they normally, they gloss over details. I managed to graduate from MIT and I was later immatriculated at Standford university. Alumni register very tactfully shows me as having “graduated” in 1987, that is to say that have lost track of me. And I have two doctorates both kindly given by universities, both kindly given by universities that recognise quality of the work. And so, I find myself, you know, my work doesn’t seem that impressive to me, but fortunately it seems to have made a better impression on other people. So I found this eaxmple of the fact that it is possible to have a successful career without following the socially recommended paths. But I can also tell you that it must be much… easier to do it in the standard forms. As I can hardly say, I cannot say I don’t regret not having been more capable of a more sustained study and having been able to learn what I needed to learn rather than any given moment merely what I happened to be interested in. Thank you very much.

Diffie hasn’t just refused to fit into an educational system or innovate in structured ways. It was the thinking, Damned-if-I-follow-some-of-your-stupid-rules. Because some of them are stupid. As Steven Levy puts in his book Crypto:

Ultimately, it was only by questioning the conventional rules of cryptography and finding some of them “stupid” that Diffie made his breakthroughs. A case in point: the belief that the workings of a secure cryptosystem had to be treated with utmost secrecy. That might have held true for military organisations, but in the computer age, that didn’t make sense. There would be unlimited users who needed a system for privacy; obviously, such a system would have to be distributed so widely that potential crackers would have no trouble getting their hands on it and would have plenty of opportunity to practice attacking it. Instead, the secrecy had to rest somewhere else in the system.

The issue of privacy, boiled down for Whit Diffie to: How do you deal with a trustworthy person in the midst of a world full of untrustworthy people?

Diffie also believed in what he called “a decentralised view of authority”. By creating the proper cryptographic tools, he felt, you could solve the problem – by transferring the data protection from a disinterested third party to the actual user, the one whose privacy was actually at risk.

And this, in my view, applies not only to privacy and cryptographic tools but also to all the other tools that have made the web social and empowering to the individual. To that end, I want to look for ways to build tools that transfer the the data created by the individual in pursuit of his own goals (whether it involves conversations, relationships or transactions) from an abusive or exploitative party (vendor, platform and potentially any third party) to the actual user, the one who benefits from the data, communication and relationships directly.

Whit Diffie’s challenging of accepted rules, whether Doctor of Science or not, has been an inspiration to me, which couldn’t have come at a better time as I see several assumptions about the web ripe for such challenge…

Here are more photos from the event.

Whit Diffie in Holloway Chapel

VRM echoes

TAGS: None

Post VRM workshop, conversations and meetings, there is much that I want to capture and blog later. For now, one thought kept going around my head, I twittered it but here it is for the record:

Why do we need 3rd parties? network is node2node, relationships are person2person. 3rd parties are hierarchy hangover.

Planning to do more on this and think about design principles for networked environment as many things we do online are still following mental models from centralised and non-network world.

Quote to remember

TAGS: None

Always code as if the person who ends up maintaining your code is a violent psychopath who knows where you live.
- Code for the Maintainer

via Coding Horror

Humanity Lobotomy

TAGS: None

Net Neutrality Open Source Documentary:

Save the Internet | Rock the Vote

My take on net neutrality from June 2006.

Nostalgic iDial

TAGS: None

iPhone skins.

rotary iphone dial

Looking forward to the 3G version coming out in June. via Boing Boing.

Normal programming will resume shortly.

Models of data imprisonment

TAGS: None

I have been thinking about my data and online data logistics a lot these days in connection with VRM infrastructure as I have been working on (Mine!). As an individual my relationship to my data can be described in matrix of several types of imprisonment. I am interested in building an option where this is not the case.

jail_behind_bars.jpgJail with visiting rights – closed platform a la Facebook, MySpace, Bebo, Flickr, Amazon, Expedia, online bank statements and any site that doesn’t allow export of data in interoperable format. My data is under lock and key elsewhere, and I cannot get more than a view of it through the bars of the jail. For instance I would manually enter my profile or other data into a Facebook applications (and now a few ‘trusted parties’), but there is little or no hope that I could get the data back out again, other to save the JPEGs of the resulting output (screen grabs) – which decimate rather than reflect the value of the original input. Further, my data starts losing weight, as any inmate locked up. As the original data is never at my beckoning, only its representation is what I can play with.

housearrest.jpgHouse arrest – desktop applications for data management, iTunes, Excel spreadsheet, word processing, etc. Example, my music (ripped not bought from iTunes store) is my data is on my computer in a format that is hard to share with anyone. The software is not designed to enable sharing of data – the net result is my data is nominally under my control, but it is just as locked up as Facebook. (No export or no guarantee that exported data is in a mashable format)

open_prison.jpgOpen prison – online data management tools, Wesabe, uploading from iPhoto or Picasa to This means I can share (better than house arrest) but the data is centralised a little like Facebook (almost as bad as jail with visiting rights) and although the rendering tools are more advanced and, being centralised, can be upgraded without user intervention, there is still a big similarity to glimpsing my data which is held within the jail.

out_on_bail.jpgOut on bail – feed readers and online calendars, e.g. OPML, Google Calendar, iCal. The data is more or less yours and mostly under your control for export, import and sharing. But it can’t travel far and there is only so much you can do with it. It certainly can’t be mashed up with data in other formats or on other topics than calendar or feeds. (Dopplr lets you go furthest in combining calendar, Flickr and map data etc).

out_of_jail2.jpgOut of jail – I hold my data on (explicitly) my resource for sharing; I can share my data beyond just what Flickr, etc provide as a tool to render my data, and in more places than just those platforms – for instance with a supermarket or gym or others (vendor?) who could benefit from knowing what I am eating and when I am exercising. In short: the Mine! enables controlled sharing beyond the Mine!’s own rendering itself. The bars are removed and your data can go where you desire it to.

dance_prison_parade.jpgHm, to push the analogy further, doesn’t that make Plaxo Pulse, Friendfeed and other such aggregators a prison parade? :)

In case I haven’t made it clear enough, I want my data out of jail. By that I mean being able to exist online with four requirements met: take charge of my data (content, relationships, transactions, knowledge), arrange (analyse, manipulate, combine, mash-up) it according to my needs and preferences and share it on my own terms whilst connected and networked on the web. That is what the Mine! is designed for.

Disintermediation of minds?

TAGS: None

Commenting on the false rumour that Twitter is going off Rails, Tim Bray hits the nail on the head. Again.

If you want care about Twitter, follow @biz or @ev. If you care about Rails, follow DHH here or here or here. If you care about Sun, read what the people at Sun say. Same for IBM or Microsoft.

The internet is about disintermediation, and about zero distance:

The Net is a giant zero. It puts everybody zero distance from everybody and everything else.

One of the things that underpins what I do is getting across to individuals and companies that they don’t need the media. They can put their side of the story out there and do their best so that people follow them and hopefully trust them. The internet levels the playing field, power law notwithstanding.

One of few things that unites bloggers is linking to others and to their sources. So for any opinion, rumour, news or guess, there should be linkage supporting that view (only rants are excused from this requirement). Even most media commentators – after years of bashing from the blogosphere – are now linking to sources of their stories.

So given that we can follow the source(s), not just be at the mercy of the journalist or the commentator, why don’t we?

If you care about the Big New Thing that’s going to change your life, wait till it comes and touches your life. Then you’ll know what it’s really about, not what some overworked underslept Bay-Area meme-promoter thinks.

Perhaps now that the internet has disintermediated media, we need to disintermediate our minds. We rely on aggregators, top 100 rankings, meme generators and promoters. Sayz Tim:

The other problem with the aggregators is that there are a lot of smart, hungry, imaginative people working really hard to game them and get noticed. Sometimes it works.

Yes, we need to manage the flow of information that is growing by the day. We need some way of filtering the bits that we are interested in from the noise. But aggregation is not the same as filtering. Our way of handling information still dates back to the era where authority and approved sources made it easier, if not better in terms of quality of information and complexity. I have mainly media in mind here. We used a range of sources, not unlike a radar scanning a designated area, to see if anything new came up. The effort was considerable but limited by the scope and number of sources. Once that got out of hand, we started to lose the battle to contain the information – we either keep scanning faster or throw hands in the air saying that there is just too much information.


The internet is a network, so why not use its nature for information handling. Instead of a delineating a radar field, we can build a spiderweb of sources that will ’shake’ the web and alerts me when there is something of interest. Our feedreaders could be constructed that way – the nodes in the web, sources that filter for us and the points in between insider sources that we might be occasionally interested when something happens in their sphere.


There has been a proliferation of tools that help me aggregate but there are still very few tools that help me filter. Part of the reason may be that the human mind is the best filter of all but, surely, there is room for tools that can help me to it easier and better.

Note: I covered this more visually here (about 6 minutes into the video).

Two tales of user-centricities

TAGS: None

I get edgy when I hear people talk about being user-centric. I once fell for it, thinking that they saw users’ wants as their starting point. Well, user-centric is an improvement on the system-centric approach where the top-down design forces users into a slot of whatever is built, no matter whether it works well or not. (Hence the phrase user-friendly applies mostly to things not designed for the user. I don’t talk about as being user-friendly, because its simplicity and functionality allows the user to drive the use, not the designer.)

User-centric says – ‘we are going to build a system, put the user in the centre instead of the system’. So far, so good, but this sits uncomfortably with me as a user especially as one that is used to the online tools that have changed many an old way. The tools – blogs, wikis, feeds and feed readers, BitTorrent, Flickr, Dopplr, Twitter etc – are revolutionary not just because of their functionality, bits of code or their interface, but their design for usefulness, their modularity and constant evolution. There is an element of open-endedness in their design, either accidental or deliberate, recognising that the designers cannot foresee all the uses to which people will put the tools to. The simplicity is the key, the complexity coming from usage rather than the design. In other words, they are user-driven.

A simple test of user-driven design is in the answer to a question – Can the user add value to it? Without users would pointless, BitTorrent empty and Flickr dead, Twitter silent.

Last year at the IIW in Mountain View, I got talking to Bob Frankston about the difference I started to see between the user-centric and user-driven. Bob, in his inimitable fashion, used the tuna salad we were having for lunch during the conversation to coin an analogy. A ready-made tuna salad is user-centric – it has been decided what goes into it, in what proportions and what order. It has been designed around me and for me but I cannot add anything to it.

Giving me ingredients, utensils and a recipe suggestion and letting me get on with it, leads to user-driven design- it can still be meant to become a tuna salad but I get to put it together, determine the proportions, skip or add ingredients. The process is driven by me and the experience makes me (hopefully) better at making the dish.


Of course, there are times for user-centric and there are times for user-driven. Not everyone wants to make everything themselves and neither is it the best or most effective way to design all systems or tools. But there are cases when only user-driven will do. And VRM is one of them.

Quote to remember

TAGS: None

It’s not about the money, it’s about ALL the money.
- description of the entertainment business in Wired article Myka: One Set-Top Box to Rule Them All?

© 2009 Media Influencer. All Rights Reserved.

This blog is powered by Wordpress and Magatheme by Bryan Helmig.