Subscribe: Napsterization
Added By: Feedage Forager Feedage Grade B rated
Language: English
consent receipt  consent  data  ebay  graph search  information  legal  people  personal data  personal  privacy  receipt  seller 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Napsterization


Published: 2014-04-01T13:51:00-08:00


Imagine We Had No Transaction Receipts...


So, imagine you go to the store, you ask to buy a coffee, there is no cash register, no transaction receipt it given to you, but you are handed the coffee. They don't say anything. You payment is invisible. You don't know how much it will be but you agree to the opaque terms. If you get food poisoning later, it's going to be a huge hassle proving you where there, but it's possible. However, the authorities in charge of checking out food poisoning issues would need some proof. Maybe you threw away the cup, maybe you still have it. Maybe there is video surveillance and maybe not. No receipt for tax purposes, or proving the cost from the vendor, or your expense report, or documentation about what you purchased.. no warranty or food safety proof, no date or time or place or anything. You just have a cup of coffee. That's what it's like to go to a vendor online or on your phone, make an account and share some data. You do get something, but you don't really know what you "paid," you have no receipt after you agreed to get the service, and you have nothing from the vendor, other than maybe the confirmation email you received. Now imagine the opposite: You go to a digital vendor, you see the service's rating on the crowd sourced or professional review of the way the company will treat your personal data, and you see a comparison of how other similar services would treat your data. You pick one, and "consent" to share your information. A consent receipt is built, that shows you the vendor's TOU and Privacy Policy, the Consumer Report's style rating and comparison, from the consent date, the Date, Time and Jurisdiction you are in, your identifier, you terms such as a DNT signal, and the Jurisdictional requirements for treating personal data and consent. And your receipt is sent to you, and the vendor. Some statistics hit the public website, depersonalized but showing the world how vendors are doing with personal data consents. And you have a tweet that thanks the vendors doing good with your data, and asks the ones doing poorly why they aren't doing better. That is the Open Notice and Consent Receipt system from the user perspective. Think something like this:

"Big Data" if Unspecfic, is Ridiculous


Here is a more specific look at what Big Data means, as a term: There is your data, there is "little data" where when you share it, it's wrapped around you as the user, centralized. And that's "Big Data" that is really a large amount of "Little Data." Then there is Big Data that you as a user co-create with a vendor or service, that is relatable back to you but it's wrapped around objects, data models and identifiers that are first about the object and not about you. And then there is aggregated data that is depersonalized .. though it may still be possible with some detective work to find you. My point in making this distinction is to note that talking about Big Data in an unspecific manner is a great opportunity to misunderstand, to miss potential solutions that apply to parts of this scale, but not all, and to talk past each other when we are discussing problems and solutions in the privacy arena.

Who says kids don't value privacy? And who says they won't pay for it? WhatsApp and Privacy


One of the interesting elements for me here is that kids were okay giving WhatsApp their data, for then (for now?), knowing there would be no ads, because it created "parent privacy" though the app, and reduced their costs sending TXT messages through the telcos. I pay $20 a month for a flat rate of unlimited TXT msgs, SMS, *and* unlimited free cell-to-cell calls. I did it for the calls.. which anytime are 10cents during the day. I moved my plan from the 4th highest minutes, to the lowest, because almost all my calls are to other cells. However, because I went from 500 texts (and 25cents for each additional) to unlimited, I now use about 2k texts. But every text is listed, time, date, phone number, on my bill, and that's easily sortable online if you log into the cell company's website. And my telco and many other apps have access to those messages. Parents that want to track their kids, just sort the calls, track the times, etc. Kids are paying $1 to both stop any additional costs for texting, and to stop the tracking. I think this is a very interesting development. What data does WhatsApp see in your phone? Your phone has more intimate data about you than Facebook, in many ways because it's implicit, not explicit. WhatsApp doesn't need you to tell them your favorite movies or where you live; they know through the discussions, they know your real friends list based upon contacts and activity in your phone. Here is the list of the data you agree to give WhatsApp for an Android install: Your SMS messages Storage -- contents of your USB storage System tools: all shortcuts -- plus modify shortcuts including installing them and uninstalling them Your location: AGPS and GPS Microphone: record audio Camera: take pictures and video, see your photos and video Your application information: retrieve any running app, find all apps Your personal information: read your own contact card Your accounts: add or remove accounts, create accounts and set passwords, use accounts on the device Network communications: connect and disconnect from wi-fi, full network access Phone calls: direct call phone numbers, read phone status and identity of phone Your social information: modify your contacts, read your contacts Sync settings: read sync settings, read sync statistics, toggle sync on and off System tools: modify system settings, test access to protected storage Affects Battery: control vibration, prevent phone from sleeping Your applications information: run at startup Network Communications (a second listing): Google play billing service, receive data from Internet, view Wi-fi connections, view network connections Your accounts (second listing): Find accounts on device, read Google service configuration That's a lot of info. I would argue that this is more personal information that what you post voluntarily on FB. But I think the kids were looking for Parent-Privacy, not Privacy from Telcos, the government or data aggregators mostly. And WhatsApp gives it to them, and reduces the costs of text messaging on the phone to $1 year. Brilliant, and worth every penny of the $16-19b Facebook paid, What'sApp is reported to have 450m active users.. divide that into 19b and you get $45 a user.. or $16b is $35 a user. When Flickr was bought, Yahoo paid $111 a user. With revenue of $25 a person x 60,000 paid users. Myspace was $36. Instagram was $28. Skype was a whopping $264. See more at Statista. I don't know how many paid users WhatsApp has, but the service is free the first year, then $.99 a year after that. I suspect we'll find out how many at the next quarterly call Facebook has, because I can't find anything with that number out there now. But WhatsApp sold for an amount that is comparable for a "consumer" service. And reasonable, even if $19b is a mind-blowing number in the scheme of things.

Data Privacy Legal Hack-A-thon, Day 2: Projects


UPDATED: As we get down to the wire on presentations tonight at 5pm, the room is quiet and everyone is working hard. One of our judges, K. Waterman is walking around, conversing with whomever has a minute. And we have settled out to these project teams: Safe Sign-up: This will encrypt volunteer signups for events, especially protests, so that there is not one place that would have all the people at the event. Event organizers would have 5th Amendment protection for this information. By: Zaki Manian, Restore the Fourth, SF. Bring your Own Chat: A secure zero-knowledge chat application using only Drop Box. By: Daniel Roesler, Restore the Fourth, SF. The project can be found here at Github: Privacy Enhancing Toolkit: A toolkit for encrypted communications, file storage and sharing. By Judi Clark & Jenny Fang. Visual Privacy Policy: Creating a culture of informed consent by visualizing privacy policies. By: Dan Garen, Puneet Kishor, Nick Doty, Lysle Buchbinder, Beth MacArthy, Herrick Fang, and yesterday, Nancy Frishberg. Bitcoin Privacy Documentation: Developing a framework for thinking about the privacy of financial transactions using Bitcoin. By: Alice Townes, Richard Down. Mobile Privacy Shield: Intercept and display all the async calls for websites using a Firefox add-on. By: @nyceane. However, there is a chance that the Visual Privacy Policy group, which includes a browser extension, will split into two groups to present. Stay tuned. I'm working on a presentation for tonight at the closing for the ON project and consent receipt.. not to be judged... just to show the concept to the room.

Data Privacy Legal Hack-A-thon, Day 1


We have five (5) projects going in San Francisco at the Data Privacy Legal Hackathon. After an initial introduction phase, and discussions, teams broke out and are all quietly working away. We have 3 groups and 2 individuals who are working on projects.. The largest group is leading group interested in privacy icons and terms and data policies work on his part, which is to make a privacy policy generator and some icons that represent what the then-structured policy would represent to make it easy for users to see what a privacy policy says and does to the user. After we talked a bit, he realized the value of the parts I'm working on with the Consent Map, Consent Receipt and various tools to make that happen, like the API project to the map. We went over the whole ecosystem we all propose and he sees the complementarity. Here is a diagram of that shows some of the different products that we discussed above: But that group is more interested in getting privacy policies structures and visualized than the other side of the transaction which would look at terms an individual would submit, like Do Not Track. However, they recognized that there is a need for a consent receipt at the end of either side setting a term. There is also a bitcoin thing for more private transactions for identity privacy (ie, taking things outside the financial networks, where you still have some kind of identity inside bitcoin, to taking things outside the identity systems in bitcoin..). I don't totally understand it but that's what they are talking about and trying to figure it out. There is an https server project, and another individual project that I haven't yet discussed with the maker. I'm working on the consent receipt. Other groups are likely want to hook into the consent receipt when they have their pieces.

The New American Radical: Upholding the Status Quo in Law (IE the Constitution)


So what does that mean... the Status Quo? What I mean by that is the body of law we count on, that we base everything on, already in place: the Constitution, the Bill of Rights (amendments 1-10) and the rest of the Constitutional Amendments. That status quo. And wanting to just maintain the Status Quo, uphold and use it, as our standard of law, as the basis for what we do in the US? Yea, supporting that is the New American Radical act amongst the New American Radicals (you can count me amongst them as that's the system I signed up for... the one with the Constitution). How can this be? Asking for such should be a traditionalist thing, leaving the radicals to ask for new amendments, change 'you can believe in' yada yada and other controversial innovations to the law? But no.. it's a radical act in America these days to just ask that we uphold the Constitution, the Bill of Rights and the Amendments. I realized this is true, the other night, when I went to hear Daniel Ellsberg speak, along with Cindy Cohn of EFF, Shahid Buttar and Norman Soloman, along with Bob Jaffe moderating. And yes.. Ellsberg's an American Radical, but not just because he got the Pentagon Papers out 40 years ago. It's because he believes in the Constitution, the Bill of Rights, our other Amendments to be the rule of law. He had some very interesting things to share as well. Ellsberg talked about how years ago, "Richard" Cheney (as he called him.. I'm so used to "Dick") communicated a desire to change the constitution because he thought it was wrong, and that it should be different. Ellsberg said that that's okay, but then you have to change things through the system. Instead, Cheney and Bush and others have been corrupt, because they got elected, swore an oath to "defend the Constitution of the United States against all enemies, foreign and domestic" but then subverted the rules they swore to uphold. (I knew they weren't honorable men, but I never thought about it in these terms.) So in this case, they are the enemies, these corrupt parties, who subvert the Constitution, by taking, ".. your tax dollars, taken in secret, and spent in secret, to spy on everyone." Ellsberg's example of a founding father who parallels the whistleblower / leaker of today is Nathan Hale, the man who was caught by the British and hanged in 1776 for trying to share information with his own countrymen, Americans, about what the British were doing. Hale's famous line is: "I only regret that I have but one life to give for my country." What if we hanged people like that today, the people who leaked the full breadth of what was happening at Abu Ghraib instead of the public just seeing the sanitized, reduced version that claimed it was just a few isolated incidents, when in fact the torture at Abu Ghraib was huge and widespread and very shameful for us and our government? Or the Extraordinary Rendition program? Or Warrantless Wiretapping? All these secretive activities changed when they became public. And they changed as a result of whistleblower-leakers sharing information the government didn't want to get out, with the exception of Congress legalizing Warrantless Wiretaps once that activity became public. And now things are changing again because of Edward Snowden and the NSA surveillance information he let out. Ellsberg said, "To have knowledge of every private communication, every location, every credit card charge, everything.. to have one branch have power over the other two (executive, over legislative and judicial).. Snowden has confronted us with something that we could change.... But Obama is part of the problem. He just assures us that there is nothing to worry about. But who is to be trusted? The people who kept the secrets and lied to us? Diane Feinstein? Or do we trust Snowden? Snowden has done more to support the Constitution than any Senator, Congressman, the NSA ... " Ellsberg also talked about how when he was [...]

Data Privacy Legal Hack-A-thon


This is an unprecedented year documenting our loss of Privacy. Never before have we needed to stand up and team up to do something about it. In honour of Privacy Day, the Legal Hackers are leading the charge to do something about it, inspiring a two-day international Data Privacy Legal Hackathon. This is no ordinary event. Instead of talking about creating privacy tools in theory, the Data Privacy Legal Hackathon is about action! A call to action for tech & legal innovators who want to make a difference! We are happy to announce a Data Privacy Legal Hackathon and invite the Kantara Community to get involved and participate. We are involved in not only hosting a Pre-Hackathon Project to create a Legal Map for consent laws across jurisdictions, but the CISWG will also be posting a project for the Consent Receipt Scenario that is posted in on the ISWG wiki. The intention is to hack Open Notice with a Common Legal Map to create consent receipts that enable ‘customisers’ to control personal information If you would like to get involved in the hackathon, show your support, or help build the consent receipt infrastructure please get involved right away — you can get intouch with Mark (dot) Lizar (at)gmail (dot) com, Hodder (at) gmail (dot) com, or join the group pages that are in links below. Across three locations on February 8th & 9th, 2014, get your Eventbrite Tickets Here: * New York City * London, UK * San Francisco * This two-day event aims to mix the tech and legal scenes with people and companies that want to champion personal data privacy. Connecting entrepreneurs, developers, product makers, legal scholars, lawyers, and investors. Each location will host a two-day “judged” hacking competition with a prize awarding finale, followed by an after-party to celebrate the event. The Main Themes to The Hackathon Are: Crossing the Pond Hack Do Not Track Hack Surveillance & Anti-Surveillance Transparency Hacks Privacy Policy Hack Revenge Porn Hack Prizes will be Awarded! 1st Prize: $1000 2nd Prize: $500 3rd Prize: $250 There are pre-hackathon projects and activities. Join the Hackerleague to participate in these efforts and list your hack: A Consent Legal Map & Schema Project to create a legal map of the consent laws as a legal hackers tool for the event and projects posted at the event (many volunteers needed) Brainstorming List of Hacks - Add your ideas Share Tech and Links Page – Share your Knowledge Hacks (Project) Page – Propose or Join a project IRC Channel for Discussion Sponsorship Is Available & Needed Any organization or company seeking to show active support for data privacy and privacy technologies is invited to get involved. Sponsor: prizes, food and event costs by becoming a Platinum, Gold or Silver Sponsor Participate: at the event by leading or joining a privacy hack project Mentor: projects or topics that arise for teams, and share your expertise.   Contact NYC sponsorship: Phil Weiss email or @philwdjjd Contact Bay Area sponsorship: Mary Hodder – Hodder (at) gmail (dot) com - Phone: 510 701 1975 Contact London sponsorship: Mark Lizar – Mark (dot) Lizar (at)gmail (dot) com - Phone: +44 02081237426 - @smarthart

Thoughts About the Value of My Personal Data


Financial Times has a calculator for the value of your personal data. The numbers they use to calculate this are old, but even if the numbers were new and fresh, this is the wrong discussion. I don't care that my data isn't worth that much on the open market or that in many ways, because my data leaks everywhere constantly and therefore many can aggregate and sell it, the market is commoditized and my data is in this market, worth very little. My data is worth a lot to me, and it's worth protecting to me (as in, I'm willing to go to a lot more trouble over just my slice of data, than any of these companies are to protect *my* data). In this way, the tragedy of the commons (the personal data aggregation commons) may be turned around from the old version, where individuals didn't do anything about the commons but those with monetary or other big interest cared about protecting something did take action (think , but my single interest in copyright law might not be worth my spending a lot of time on the other side, fighting their lobbying efforts, because to the average person, big copyright isn't that big a deal.. hence, the tragedy of the copyright commons). The shift in the personal data commons that we have now, where companies just hoover up everything in order to sell your commoditized data reflects a situation where the individual is highly motivated to protect their little mini-garden slice of their own data, to control the inputs and outputs, if the proper tools are in place to help us do it. I think the FT calculator reflects the tragedy of the personal data commons model where Big Personal Data Aggregators attempt to sell our data in a commodity market, typically for a few cents, to less than a buck (I came in at $ .9792 or just under a dollar -- but over what period.. I don't know. Is this for each request for my data? That could be a lot of dollars over a year, I suppose). If I stop some of my data going to the big aggregators, I can't imagine they would notice or really care, if one person has some data missing from their profile, within the gigantic aggregation system. But my little garden, well tended and organized, becomes much more valuable to me than $1 a hit. Now if someone wants the well tended accurate stuff, fully fleshed out, they will have to "pay" a lot, or a little for a small slice. That payment may come in the form of a trade, a discount, or a better deal, if I'm buying, or the ability to, say, read the whole New York Times site unencumbered if I share my data with them. Or it may be that I just don't share.. pay cash for what I use online, and then I'm much less a part of the commons, as my data isn't shared out in the marketplace. But now you see, I've created choice for myself, control, autonomy, and transparency over my transactions. I think folks at the VRM list, and in a few other places looking at this problem. know that it's my little garden that is well tended that will be far more valuable over time, against the old style, hoovered commodity world. But for now, all the FT can see is the old model. Rear view mirror. And that's fine. Just more motivation to bring the tools online for me to collect and organize my own info, and stop the leaks of our data, from getting to the big hoovering agents. Also.. T.Rob has a great post that also reacts to the FT article -- he too rejects the premise of the argument FT makes: "The personal data to which the FT article refers is like crude oil. The personal data which we should be worried about is like premium unleaded gas. Either way, it's about you, directly impacts you and has market value to everyone but you. Don't let anyone tell you it has no value. Even the Financial Times."

Graph Search and the Like.


The question the new Graph Search at Facebook continually elicits in me as I've discussed it on various lists, as well as read a couple dozen articles on it, is: Do I really need my whole graph to find what I need? First.. how much and what do i need? Advertisers, marketers, graph search makers, all operate on the assumption that we all need much more than we do.. and if the last 5 years had taught us anything, it's that a lot of people borrowed a lot of home equity to buy crap they later dumped at Goodwill.. In other words.. yes.. we do need some things, a plane ticket, rental car.. a new laptop.. etc. But I do think many know how to get those things.. without necessarily getting all that much input from others. And that leads to my other point: how many others do you need, and how much of their input? This weekend I had a guest here.. who rented a car from Avis.. and it's the third time she's signed up for the lowest level car and then been given a 3-series BMW or a Mini.. for $25 a day. That's a nice to know factoid.. but if everyone coming to SFO knew it.. she would never get a BMW for a tin can on wheels price.. we talked about whether she would share this anywhere.. and she said no.. she would not share it. Though she's very active on many social communities. Another angle: about 7 years ago, I was in a book club with Jerry Michalski and about 5 others.. and we would read books on ants and viruses and ecosystems.. trying to apply those understandings to what was going on online.. we did it for a couple of years and it was very helpful. But one of our conclusions after talking through two dozen books and working through the logic of different takes on systems and people and flows of information was that in the end, you only need the right 5 people to help you find the things you need, get the right ideas, advice, etc to make good choices.. and these were verbal conversations because most often, even if these people were highly active online, they wouldn't necessarily share certain information online, for various reasons (it took too much time, there were consequences for having those opinions, they didn't want to be bugged, etc). In fact, much of the time the good intel didn't make it to the searchable web for months or a year or two later.. and I still find that true today, even with Twitter, FB, quora, tumbler, etc. People who really know stuff don't want or need to show it off.. and there is downside for sharing the data. So these questions linger for me.. as I think about Graph Search.. which may have some value.. but I am highly skeptical of what, how much, etc. There will be some value.. but I think maybe it will be comparable to the kind of "lift" that an Ad gets, when some new technology is added to the Ad selection or whatever.. often that lift is just a couple of percent better than before but to Ad people.. that's great.. because they are doing something at scale. For us.. for individuals.. if Graph Search got us 10% better intel over what we could otherwise find using existing search systems.. would that be worth the increased personal exposure and loss of control over our data we give away in a system like this... And lastly, I'm skeptical because I do believe Facebook's biggest issue is trust -- people withhold information intentionally. It's not a safe place and most people know it. Graph Search makes Facebook a lot less safe. Which leads also to the question: do I need to know who in my graph likes something salacious? Really, does this help us develop better relationships or just make our current relationships a bit more unsavory? So if people search, see what's exposed, and cut down their sharing even more, then the effectiveness of Graph Search goes way down. That 10% bump in quality information you got with Graph Search could turn out to drop 20 po[...]

Likes, and the Like.


Last week, I went through my whole Facebook list and undid things that "seemed" like they might be an issue if they came up in FB's new Graph Search. But it's hard to know what could be an issue.. I will say that the way i see the "like" button being used it multifaceted. People like things for many reasons: * to acknowledge receipt or that they've seen something * to thank someone for remarking * to thank someone for taking an action or sharing something * to show laughter * to acknowledge understanding the item or page * to promote a comment so other's see it * to help a friend who asked you to like something * to comment without commenting * to show the poster that you are "there" in their world * to make it so that you will keep seeing the poster's facebook stuff * to start receiving the "RSS" feed in your news feed of a page, person, or thing * to get access to coupons, deals or a contest * to make the liker noticeable to someone they aren't "friends" with.. * to cause a post, photo or page to show up in their feed to promote it (without actually liking the thing) * to pee on the item to "aggregate it" in your list of items you want to keep a link to and it may not be because you like the actual thing in the page, photo or post * to give more happy birthday comments or appreciate other's HBs because the birthday person is close to the liker (a spouse, perhaps) *and* it's also done to actually "like" something in the traditional sense. I can even see people "liking" likes (not functionally possible.. but it's done in a way by liking a comment that says something in the above list of ways of paying attention.) The problem is, most of what I see as "likes" aren't about liking something, as in " I like it !! ". They are about the fact that there is no other way to do something to something on FB in any way, with the exception of commenting which isn't always possible, because you may not have rights to comment due to your relationship with the poster and the privacy settings the poster has set on FB. Those likes are about attention to something with a variety of meanings. I'm sure there are more reasons to "like" that aren't about actually having a favorable thought about an item, post, update, photo, page, etc.. But you get my point. And so Graph Search is silly.. when the search results assume the "likers" all have affection or agree with the item and weren't doing something for some other social reason out of expediency. Update 4/2/2013: Here are a couple of example screengrabs from my own feed that show this is something others are becoming more and more aware of as they try to make sense of the "like" and the like:

SOPAPIPA: Why we need to consider Compulsory Licensing Once Again


Paul Tassi over at Forbes has a great article titled You Will Never Kill Piracy, and Piracy Will Never Kill You. He talks about now Hollywood is trying to drive Netflix out of business by increasing the fees they receive, when in fact Netflix is the lifeboat Hollywood needs. But Tassi isn't going far enough, I believe, in looking at Netflix as an example of a Silicon Valley lifeboat for Hollywood. Netflix is a microcosm of what could happen, across the internet and all users, if we looked at compulsory licensing for all media and users, and not just Netflix customers. Netflix is a great model for what could exist across the internet. Denise Howell invited me to This Week in Law (TWiL 146: Mary Hodder and the Lifeboat of Fire) and of course, the SOPA PIPA thing came up.. and I referred to Terry Fisher's Compulsory Licensing ideas (though several others had other versions of compulsory licensing too...). He was at the Berkman center at the time, and still is, and lots of folks commented (like Ed Felton, Ernie Miller and Derek Slater back in the day ...this link goes to a page listing a year's worth of CL discussion in 2003). At the time, in 2003, I advocated against compulsory licensing, in favor of a P2P system that would pay artists and end the copyright wars from Hollywood. Well, that was wishful thinking and never happened, and in the meantime, we have loads of Hollywood payola flooding WDC looking for even more draconian laws than what we have now, which will be quite harmful to the internet as an ecosystem. So as the world has shifted over the past 10 years, I realize we need to revisit compulsory licensing, with built in privacy so we maintain our "right to read anonymously" (per Julie Cohen.. an amazing thinker) and deal with other issues like counting, watermarks and tracking (guess what, 10 years later, we all realize that thousands are tracking everything we *each* do online everyday.. so while I want my clickstream, etc to be private and user-controlled, I'm less concerned about this now as far as compulsory licensing is concerned than I was in 2003). So my thought is, why not collect a fee at the front end of each month, across internet service points, from users. If no one uses any media, the funds stay put in escrow with the ISP and non-users don't pay. But if media is used in a given month, downloaded, etc, moneys are distributed to copyright holders. And if works are in the public domain? No payments would go out either. Yes, it would require a giant copyright registry, and ISPs to track (let's say, for 90 days, before dumping a user's media list) what anyone on an ISP provided connection used, in order to distribute fees. And it would require a giant fight in Hollywood about who gets paid what, for what, at what time, etc. Hey, maybe that will mean you can watch a first release movie on opening day, on your ipad, where a larger share goes to that copyright holder because of the timing of your consumption? In my view, figuring out how to solve the Hollywood problem with compulsory licensing is worth doing, by getting all the smart people who understand networks, and licensing, and all the other hairy stuff that will come up in a room and working it out. It would get artists paid, and it would get the users whatever they want in terms of media, and it would get Hollywood into the lifeboat that Silicon Valley offers, finally. Finally.

DRM and Control Over Our Own Computers is a Human Rights Issue


... If we lose the ability to completely control computers we own, these machine can, and will, be used to put us under constant surveillance. If that happens, computers will have completed a trajectory from contributing to human freedom and making the Iron Curtain look like a rusty sieve, to fulfilling the 1984 telescreen vision of pervasive monitoring of every activity of every person. DRM isn't just a copyright issue, it is a human rights issue. -- Zigurd Mednieks in response to BoingBoing about the Coming War on General Purpose Computing referencing a talk by Cory Doctorow. BTW.. why can't we deep link to a person's post in Google+ ? If we can, it's not obvious.

Resigning my Post as Chairman at PDEC


Effective immediately I'm resigning from the Personal Data Ecosystem Consortium's board after nearly 14 months as Chairman. As many of you might have seen, we accomplished a lot in the last twelve months, written up in our Part I, II and III end of year summary newsletters (at our blog here, here and here). In this first year of PDEC, we published papers, spoke at events and contributed to various endeavors in the personal data discussions happening on the web and in person around the world. I'm personally very committed to a world where individuals drive their own data and I'm very proud of the work we did at PDEC, which is focused on companies and how those companies can build for a personal data ecosystem. In the past couple of months, I've also worked to create a new org: Customer Commons, with about eight other folks, where the org is for Individuals only, no companies may join. Customer Commons looks at markets and data from a strictly individual point of view. I believe that it's a conflict of interest to work on both organizations (which represent either individuals or companies). Therefore, I want to see Customer Commons get up and running, and I realize I can't remain at PDEC, which represents the company perspective on the personal data ecosystem. So for the foreseeable future, I'll be working on the same personal data issues, but from this Individual perspective, at Customer Commons. I wish Personal Data Ecosystem Consortium all the best. ~ Mary Hodder

Personal Data Ecosystem Consortium 2011 Recap, Part III


Personal Data Ecosystem Consortium, or PDEC, is an org I've been involved with for a year. I'm chairing the Board. We just sent out a Year in Review recap of our activities for 2011, Part III (PDEC Recent News and Specific Topics). My involvement in PDEC included items (quotes from our newsletter -- to read the whole newsletter see our PDEC post here our link): Forrester Research Report covers Personal Identity Management The Forrester Report releases a report on Personal Identity Management. PDEC was among 14 organizations/companies interviewed for the report including other startup circle members: Azigo, Singly/the locker Project, Personal. Read the report here, or download it from Personal's website. I spent a lot of time with Forrester on important aspects of the report and was really pleased to see that they groked these ideas yet formed their own conclusions about what is happening with personal data and control over ones identity. (L-R: Kaliya Hamlin - Executive Director PDEC, Markus Sabadello - Project Danube, Drummond Reed -, Mike Shwartz - Gluu, Michelle Chibba - Director of Policy with office of the Privacy Commissioner of Ontario, Ann Cavoukian - Privacy Commissioner of Ontario (standing), Jason Cavnar - (standing), Shane Green - Personal (standing), Henrik Biering - Peercraft, Joe Andrieu - Switchbook, Mary Hodder -- Chair PDEC, Iain Henderson - The Customer’s Voice. Missing from picture Lindsay Crittendon – who also attended.) Ann Cavoukian is well known for her Privacy by Design initiative and was in San Francisco to speak at Web 2.0 Summit, held concurrently with IIW. PDEC arranged a dinner with the Startup Circle companies and Cavoukian for the Sunday prior to the conferences. The conversation was wide ranging and those present had a chance to share how they were building privacy-by-design into their core business and technical architectures. We also discussed the challenges in the ecosystem and how she would support privacy-by-design initiatives. World Economic Forum update: October 4-5, 2011 - NYC The Rethinking Personal Data project of the World Economic Forum telecommunications group continues to work toward understanding how the market will develop for personal data. WEF group members are actively working on developing a potential framework of how personal data can be shared when derived in different forms. PDEC members, along with Kaliya Hamlin and Mary Hodder, continue to work on the monthly calls with WEF toward a report release in the Spring, 2012.

More on EBay Seller Misrepresentations -- EBay Backs Sellers Up Regardless


Yesterday I talked about how eBay has backed up a seller who sold me a Size LARGE coat which tied closed with a belt in the photos.. except that the belt is Size SMALL and won't actually close the coat on a size LARGE person: me. Interestingly, EBay's phone reps said that it was my fault, that I didn't ask if the belt was a size large, even though the first and subsequent photos show the coat with a belt tied around it and the listing said the Coat was a Size LARGE. Any reasonable person would assume the WHOLE coat was a size LARGE.. not just parts of it. So in thinking about this, I was reflecting back on an in-person interview eBay did with me this summer, as a regular customer. Basically, they wanted help figuring out what was working with eBay and Paypal, and what wasn't. And they wanted to talk about how to make eBay more like Amazon. One of the things I commented on was that while I buy a lot from eBay, it does happen about 5% of the time that a seller misrepresents the item. They didn't seem to flinch over that figure. But I said "...EBay makes it safe to shop there, because they protect buyers with "buyer protection" where you immediately send the item back to the seller..." (i did in the coat case, send the item to Boca Raton, FL, and in fact in past cases eBay has scolded me for not sending the items fast enough back to the seller.. as in, when I call eBay, the item should already be in the mail back to the seller, with tracking and insurance... I shouldn't wait for eBay to tell me to send the item back.. I typically use FedEx ground for returns). I did in this case immediately return the item to the seller, and told eBay in writing as i described the problem, as well as over the phone. What's interesting though is that based upon the user interviews they did with me this summer, they would like to compete with Amazon. Amazon has a seller's program and my response to this was as follows: If eBay wants to do what Amazon does, have a fleet of sellers with high volume sales, then eBay will have to create a lot more consistency with returns for misrepresented items (again about 5% of items I've purchased are misrepresented.. this coat thing is the first time though that eBay has refused to honor buyer protection and told me the seller's misrepresentation was the buyer's (my) fault). I also said that eBay would have to get much more consistent on requirements for the listings from sellers, that sellers would have to be held to better account as Amazon does for items and descriptions, because eBay sellers routinely try to hide things. For example, i purchased a new La Perla bra from someone two months ago. The seller managed to only photograph part of the bra and left out the flaw. The flaw was that the straps were sewn on backward and therefore didn't lay flat, but instead were twisted. It cost $10 to have it repaired at a tailor, or $10 to return it. The seller didn't care and refused to do anything about the problem and frankly it wasn't worth the fight, even though i sent photos to the seller of the flaw. So I took it to the tailor and ate the $10 fix. But in that case, the seller clearly photographed out the very top if the straps so that the twisted nature of them could be hidden from buyers. That would never fly on Amazon, as Amazon would require the item be returned and refunded, no questions asked. In this case, I did pay 50% of full retail for the bra, a price very much in line with Amazon sellers. But given the fix verses send back prices, it wasn't worth the fight with the unscrupulous seller. You can bet that from now on, anything like that I'll be buying at Amazon, not eBay. There is no way eBay is going to enc[...]