Beyond Data Ownership to Information Sharing

The question of who owns our data on the Internet is a challenging problem. It can also be a  red herring, distracting us from building the next generation of online services.

I Can Haz Cheezburger?The term “ownership” simply brings too much baggage from the physical world, suggesting a win-lose, us-verses-them mentality that retards the development of rich, powerful services based on shared information.

Anyone up for sacred cow cheeseburgers?

I’m a member–and a big fan–of Steve Holcombe‘s “Data Ownership in the CloudLinkedIn group and I love the efforts of the Dataportability guys and am a big supporter of the Privacy and Public Policy work group at Kantara. There is a lot of good work being done by folks trying to figure out how to give people greater control over the use of data about them (privacy) and gain access to data they use or created (dataportability).

Unfortunately, sometimes the arguments behind these efforts are based on who owns–or who should own–the data. This is not just an intellectual debate or political rallying call, it often undermines our common efforts to build a better system.

Consider this:

  1. Privacy as secrecy is dead
  2. Data sharing is data copying
  3. Transaction data has dual ownership
  4. Yours, mine, & ours: Reality is complicated
  5. Taking back ownership is confrontational

Privacy as secrecy is dead

zippered lipsFirst, the data is pretty much already out there. The issue isn’t “How do we keep data from bad people,” it’s “How do we keep people from doing bad things with data?” DRM and crypto and related technology as the sole means to prevent data leakage and data abuse are failures. Sooner or later, the bad guys break the system and get the data.  Sure, there are smart things we can do to protect ourselves. Just like we wear seatbelts and lock our front doors, we should also use SSL and multi-factor authentication, but we can’t count on technology to keep our secrets. We need solutions that work even when the secret is out.

In fact, privacy isn’t about information we keep secret. It is about information we have revealed to someone else with expectation of discretion, e.g., when we tell our doctor about our sexual activities. It’s no longer a secret from the Doctor, but because it is private, we have rules that keep the information from being used inappropriately. Most of the time, with most doctors, it works. Those few who break those rules are dealt with through legal means, both civil and criminal, as well as social approbation. So, because we inherently need to release data to different parties at different times, we can’t control it through secrecy alone. Instead, we need to build a framework for preventing abuse when others do have access to sensitive information. Like in the case with our doctor, we want our service providers to have the data they need to provide the highest quality services.

Data sharing is data copying

blurry green bitsSecond, in the world of atoms, there can only be one of a thing, which is the reverse of the world of bits. With atoms, even if there are copies, each copy is itself a singular thing. Selling, transferring, or stealing a thing precludes the original owner from continuing to use it.

This isn’t true for information, which can easily be sold, transfered, and stolen without disturbing the original version. In fact, the entire Internet is basically a copy machine, copying IP packets from router to router, as we “send” images, web pages, and emails from user to user and machine to machine–each time a new copy is created whether or not the originating copy is deleted. To think of bits as if they were ownable property leads to attempted solutions like DRM that try to technologically prevent access to the information within the data, which is only good until the first hacker cracks the code and distributes it themselves. Instead, if we build social and legal controls on use, we can give information more freely, but under terms set by each individual when they share that information. Enforced by social and legal rather than purely technological means, this makes the most of the low marginal cost of distributing  online, while retaining control for contributors.

Transaction data has dual ownership

Fast Times at Ridgemont High

Image via Wikipedia

Third, much interesting data is actually mutually owned… which means the other guy can already do whatever the heck they want with it.  Consider web attention data, the stream of digital crumbs representing the websites we’ve visited and any interactions at each: all our purchases, all our blog posts, all our searches. Everything. Some folks argue that we own that data and therefore have the right to control the use of it. But so too do the owners of the websites we’ve been visiting. We don’t own our http log entries at Amazon. Amazon does. In fact, in every instance where two parties interact, where we engage in some transaction with someone else, both parties are co-creating that information. As such, both parties own it. So, if we tie the issue of control to ownership, then we’ve already lost the battle, because every service provider has solid claims to ownership over the information stored in their log files, just as we, as individuals, own the browsing history stored on our hard drive by Firefox, Internet Explorer and Chrome.

In the movie Fast Times at Ridgemont High, in a confrontation with Mr. Hand, Spicoli argues “If I’m here and you’re here, doesn’t that make it our time?”  Just like the time shared between Spicoli and Mr. Hand, the information created by visiting a website is co-created and co-owned by both the visitor and the website.  Every single interaction between two endpoints on the web generates at least two owners of the underlying data.

This is not a minor issue. The courts have already ruled that if an email is stored for any period of time on a server, the owner of that server has a right to read the email.  So, when “my” email is out there at Gmail or AOL or on our company’s servers, know that it is also, legally, factually, and functionally, already their data.

Yours, mine, & ours: Reality is complicated

Fourth, when two parties come together for any reason, each brings their own data to the exchange. We need a framework that can handle that. Iain Henderson breaks down this complexity in a blog post about your data, my data, and our data, talking about an individual doing business with a vendor, for example, someone buying a car.

our data

“My data” means data that I, as an individual have that is related to the transaction. It could include the kind of car I’m looking for, my budget, and estimates of my spouse’s requirements to approve of a new purchase.

“Your data” means data that the car dealer knows, including the actual cost of the vehicle, the number of units in inventory, the pace of sales, current buzz from other dealers.

“Our Data” means information that both parties have in common. That could be Shared Information, explicitly given by one party to the other in the course of the deal, such as a social security number so the dealer could run a credit check. It could be Mutual Information, generated by the very act of the transaction, such as the final sale price of the vehicle. Or, it could be Overlapping Information, which each party happens to know independently, such as the Manufacturer Suggested Retail Price (MSRP) of a vehicle (which we found online before heading to the dealership).

The ownership of “your” and “my” data is usually clear. However, ownership of the different types of “our” data is a challenge at best.  To complicate matters further, every instance of “my data” is somebody else’s “your data”. In every case, there is this mutually reciprocal relationship between us and them. In the VRM case, we usually think of the individual as owning “my data” and the vendor as owning “your data”, but for the vendor, the reverse is true: to them their data is “my data” and the individual’s data is “your data”. Similar dynamics occur when the other party is an individual. I bring my data, you bring your data, and together we’ll engage with “our” data. We need an approach that respects and applies to everyone’s data, you, me, them, everybody.

In these complex Venn diagrams of ownership, it is more important who controls the data than who owns it.  We’ve already lost the crudest form of control–secrecy–and we are going to continue to lose more as we opt-in to seductive new services based on divulging more and more information: our purchase history, browsing activity, and real-world location data. But we still need to control how all this data is used, to protect our own interests while still enjoying the benefits of the great big copy machine that is the Internet.

Taking back ownership is confrontational

confrontation

© Regien Paassen | Dreamstime.com

Fifth, we don’t need to pick a fight to change the game. There is a lot of data out there that many of us believe we should have control over. I agree. A lot of people argue that we should have the right to exclude other people’s use because we own the data, because it’s ours in some legal, moral, or ethical framework. The problem is, those other people already have it, and they also believe that they are legitimate owners. In fact, many of them paid for that data, buying it from data aggregators who compile all sorts of things about people, from both public and private sources. This entire ecosystem of customer data is a multi-billion dollar business and every single player “owns” the data they are working with. So if we focus our energy in claiming ownership over that same data in order to take control, we are framing the conversation as a fight, a fight against a powerful, well-healed, well-funded, entrenched bunch of opponents.

Most of these “opponents” are the very people we are trying to win over to our way of thinking. These are the vendors we want to embrace a new way to do business. These are the technologists we want to transform their proven, value-generating CRM systems to work with our data on our terms, instead of their data on their terms. Arguing over ownership puts these potential allies on the defensive, when what we really want is their collaboration.

From Ownership to Authority, Rights, and Responsibilities

parchment and quill

Rather than building a regime based on data ownership, I believe we would be better served by building one based on authority, rights, and responsibilities. That is, based on Information Sharing.

  • Who has the authority to control access and use of particular information?
  • What rights does a party have in using and distributing a piece of information?
  • What responsibilities does an information user have to others with respect to that information?

Let’s stop arguing about who owns what and start figuring out how we can share information in ways that allow everyone to win.

When we collect all of our information into a single conceptual repository, and then share access to it with service providers on our own terms, we create a high quality, highly relevant, curated personal data store. This allows us to bootstrap a control regime over all of our data in a way that creates new value for us and for our service providers. Now, instead of iTunes Genius or a Last.FM scrobbler only having access to our media use with their service, they can provide recommendations based on all the information stored in our personal audio data store. We get better recommendations and they get better data to drive their services. This personal data store is entirely under the authority of the user, sharing information with service providers according to specific rights and responsibilities.

man with gift

The Information Sharing approach neatly sidesteps the complexities involved in privacy and dataportability issues of the information already known by service providers. These remain serious issues, worth addressing. Resolving them will require long term investment in the legal, regulatory, moral, and political systems that govern our society. Fortunately, sharing the information in our personal data store can begin almost immediately once we have working specifications.

This controlled sharing of information will dramatically increase our comfort level when revealing our intentions and interests. We would have control over the use–and would be able to prevent abuse–of that information, while making it easy for service providers to improve our lives in countless ways.

At the Information Sharing Work Group at the Kantara Initiative, Iain Henderson and I are leading a conversation to create a framework for sharing information with service providers, online and off. We are coordinating with folks involved in privacy and dataportability and distinguish our effort by focusing on new information, information created for the purposes of sharing with others to enable a better service experience. Our goal is to create the technical and legal framework for Information Sharing that both protects the individual and enables new services built on previously unshared and unsharable information. In short, we are setting aside the questions of data ownership and focusing on the means for individuals to control that magical, digital pixie dust we sprinkle across every website we visit.

No-Spam logo

Image by hegarty_david via Flickr

Because the fact is, we want to share information. We want Google to know what we are searching for. We want Orbitz to know where we want to fly. We want Cars.com to know the kind of car we are looking for.

We just don’t want that information to be abused. We don’t want to be spammed, telemarketed, and adverblasted to death. We don’t want companies stockpiling vast data warehouses of personal information outside of our control. We don’t want to be exploited by corporations leveraging asymmetric power to force us to divulge and relinquish control over our addresses, dates of birth, and the names of our friends and family.

What we want is to share our information, on our terms. We want to protect our interests and enable service providers to do truly amazing things for us and on our behalf. This is the promise of the digital age: fabulous new services, under the guidance and control of each of us, individually.

And that is precisely what Information Sharing work group at Kantara is enabling.

The work is a continuation of several years of collaboration with Doc Searls and others at ProjectVRM. We’re building on the principles and conversations of Vendor Relationship Management and User Driven Services to create an industry standard for a legal and technical solution to individually-driven Information Sharing.

Our work group, like all Kantara work groups, is open to all contributors–and non-contributing participants–at no cost.  I invite everyone interested in helping create a user-driven world to join us.

It should be an exciting future.

This material is based upon work supported by the National Science Foundation under Award Number IIP-08488990. Any opinions, findings, and conclusions or recommendations expressed in this publication are those of the author and do not necessarily reflect the views of the National Science Foundation.

Reblog this post [with Zemanta]
Posted in Information Sharing, Intention Economy, Personal Data Store, ProjectVRM, Shared Information, User Driven Services, Vendor Relationship Management | Tagged , , , , , , , , , , , | 22 Comments

Digital cleansing

Several folks (Matt Cutts and John Meyer, among others) have called for a break from our social networking, online everything world.

Sure.

It’s about time.

kool-aid man

I sated myself long ago on the digital high of social networking, whether you call it Twitter, Facebook, or something else. We, the Kool-Aid drinkers, will try just about any new technical gadget if it promises us a richer, more immediate advantage… in life, work, whatever.

But even digital fanbois cannot live on Kool-Aid alone.

We are weaving a new social tapestry. Home pages, blogs, tweets, profiles, these are all part of something bigger co-created in bits to replace and augment our traditional social ties in the world of atoms. As we discover new toys, they’ll grab our attention, until the glow of novelty fades. “Shiny” wins for the moment. Then, those with enduring value find a place in our daily lives.

Blogs, for example, dramatically transformed as Twitter took over for real-time tidbits and pointers. Blogs stopped being the most frequent vehicle for self-published contributions to the global conversation, and instead settled in as a long form context for engaging dialog. While Twitter satisfies the instant gratification of the exclamation, blogs allow a more durable appreciation and digestion of complex ideas. Blogs moved from the reactive, real-time driver of the echosphere to a more natural role, aligned with its form and function a medium for deliberative discussion and debate, tirades and manifestos.

So, for those of you still running high on your first rush with Twitter or Facebook… I agree with Matt & John.

Take some time off.

Reconnect with your work and your passions offline and in other media. It may well highlight what is magical in social networking and what is just flavored sugar-water. It may even allow you to reconfigure your online social network as a more durable, value-creating contribution to your life.

That would be an excellent way to start the second decade of the millennium.

Posted in Uncategorized | Tagged | Comments Off on Digital cleansing

A fresh breath

This last year (2009) was the most challenging ever for me, both personally and professionally. Good times, tough problems, people that transformed my heart, and ideas that changed my perspective. It wasn’t always easy, but each challenge had its own reward.

I’m looking forward to writing a bit more this year, opening the conversation up about portable contexts and user driven services. My work with Project VRM and the Kantara Initiative‘s Information Sharing and User-Managed Access Work Groups will continue to be a big part of that.

I’m also looking forward to some interesting new product and service releases, from SwitchBook, MyDex, The Mine!, and others in the VRM community, as well as updates and innovations from ScanarooKynetx and Azigo and others. Also, Doc Searls‘ upcoming book on the Intention Economy promises to be an intriguing read. It should be a good year for VRM.

Best of luck to you and for your own plans for 2010. May it be a stand-out year for all of us.

Posted in Uncategorized | Tagged , , , , , , , , , , , | Comments Off on A fresh breath

Ephemera and Permanence — Tweets for Life

Respectfully, Doc, I think you underestimate the value of the permatweet.

I’m still haunted by hearing that users get a maximum number Twitter postings (tweets) before the old ones scroll off. If true, it means Twitter is a whiteboard, made to be erased after awhile. The fact that few know what the deal is, exactly, also makes my point. Not many people expect anybody, including themselves, to revisit old tweets.

The flow-by web is great for sampling the current pulse of selected friends, an ephemeral dipping of the news ladel into a current river of updates. Yet it is also a place where people share things they often don’t share elsewhere, which makes it a great fishing pond for lightweight pointers to interesting media.

I have often used my own tweet stream–or others’–as a reference point when looking for websites or YouTube videos I first saw in the update stream. This happens consistently with media that’s fun enough to tweet but not important enough to blog. Often, in ordinary conversations, I find myself referring to resources I linked to in a prior tweet. Sometimes I just piont them to my Twitter account. Other times, I look it up myself and email the link.

Perhaps that works for me more than most because I don’t tweet that frequently, so my history is relatively compact. However, everyone’s tweets stick around, see My First Tweet as a case in point. In fact, it is perhaps more problematic that people consider these tweets gone, when, in fact, they are not.   Even though it is possible to delete your tweets from you stream history, it doesn’t remove them from all the downstream syndicators and third-party clients.

People should have more control over the lifetime of our shared information. In particular, it seems to me that people should be able to share information in one of two modes: at-will and on-the-record.

At-will posts can be erased by the owner at will, whenever they want, thus avoiding those embarrassing photos–and the resulting oppression from the future that keeps us from living fully in the present.

On-the-record posts are taken to be additions to the permanent record, with all parties understanding that they will be (or should be) always accessible. This allows for statement by officials operating in their official function, statements of policy, contractual agreements, and similar permanent records.

Everyone should be able to decide in which mode they want to share information, just as we can select a Creative Commons license as an alternative to copyright.  A simple microformat-style tagging system would go a long way to enabling a self-asserted, voluntary compliance approach.  Even better would be a data sharing protocol that could actually assure that compliant parties erase the at-will data when we no longer want those hot tubbing photos shared publicly.

Instead, we currently have a lot of frustration and surprises when people share information in one context only to find it appearing in another, undesirable one, some unpredictable time in the future. SMS messages, emails and Facebook photos, all show up in the most inopportune places and times. Managing these contexts–and the information we share in each–is vital in a world where we fluidly flip contexts as quickly as kaleidescopes change color.

As a co-proposer of the User Managed Access working group and acting co-chair of the User Driven & Volunteered Personal Information workgroups at Kantara, I am hoping we can find a way to make this new model work. Because the current model is too fragmented to be managed reasonably, and it is only going to fragment further unless we start to unify around user-driven principles or something similar.

Reblog this post [with Zemanta]
Posted in Shared Information | Tagged , , , , , , , , , , , , , , , | 3 Comments

User Driven Services: 10. Duty of Care

10. Duty of Care

User Driven Services look out for their users’ well-being.

Lifegaurd on DutyIf a service is truly acting in our best interests, it will take appropriate measures to protect us from dangers resulting from our use of the service. User Driven Services continually work to minimize user exposure to liability, risk, and potential harm.

Minimal identity information should be acquired and what is acquired should be retained for a minimal period of time, to help reduce the possibility of inappropriate identity correlation and theft. Services should acquire and maintain a minimum amount of confidential data—identity or otherwise—and where feasible, should store that data in an encrypted form. Services should also endeavor to minimize the possibility that their system becomes as vector for attacks of any kind on users, including phishing, viruses, Trojans, and malware. User Driven Services should also expend appropriate duty of care in protecting their systems from hacking and attacks, not simply out of self-interest, but to protect their users’ interests as well.

Examples

Google and Firefox help prevent users from unwittingly visiting potentially malicious websites, working with the StopBadware program at the Berkman Center for Internet and Society. The PCI Security Standards Council oversees payment card industry (PCI) data security standards designed to protect credit card data. Classically, Doctors adhere to the Hippocratic Oath, with its essential commitment to “Do no harm“. Attorneys and accountants have strict ethical and legal obligations to see to the welfare of their clients.

Questions

  • Does the service take precautions to prevent potential risks to its users?
  • Does the service have adequate security and monitoring in place to effectively identify potential risks and active incursions?
  • Does the service manage its data so as to minimize the exposure profile for potential users, both in minimal data acquisition and in timely deletion?

This article is part of a series. It is the tenth of ten characteristics of User Driven Services:

  1. Checklist with Silver UserImpulse from the User
  2. Control
  3. Transparency
  4. Data Portability
  5. Service Endpoint Portability
  6. Self Hosting
  7. User Generativity
  8. Improvability
  9. Self-managed Identity
  10. Duty of Care
This material is based upon work supported by the National Science Foundation under Award Number IIP-08488990. Any opinions, findings, and conclusions or recommendations expressed in this publication are those of the author and do not necessarily reflect the views of the National Science Foundation.
Posted in User Driven, User Driven Services | Tagged , , | Comments Off on User Driven Services: 10. Duty of Care

User Driven Services: 9. Self-managed Identity

9. Self-managed Identity

User Driven Services let users manage their own online identity.

Name tagUnless we control our identity online, we risk unnecessary exposure to identity theft and unwanted correlation of online activity. At the same time, online services increase the risk of attacks when using the same identifier for multiple functions.

User Driven Services allow users to be in maximum control of their identity by distinguishing between the four different types of identifiers used online:

  • Authentication IDs
  • Presentation IDs
  • Reference IDs
  • Internal IDs

Users should be able choose their own third-party identity service and have complete control over the three external identifiers used by any User Driven Service: their authentication IDs, their reference IDs, and their presentation IDs. The internal ids relating these external identifiers should never be exposed. Identity Providers should operate in non-correlation modes—so that different services providers automatically receive different authentication tokens, and all presentation IDs should be hand selected by the user for each service whenever possible.

The ideal service will enable intentional correlation only upon user directive, allowing individuals to claim blog posts, social profiles, and microblogging accounts as their own, after initially anonymous or psuedonymous use. Services are also more flexible when they allow users to use multiple distinct identifiers within a given class, e.g., having more than one email address or online chat handle. Finally, when possible, services should allow for anonymous and anonymized use.

Examples

OpenID allows users to use a third party service for Single Sign On at millions of websites, bypassing potentially millions of usernames and passwords. Information Cards allow “clicking in” to relying websites rather than logging in, using the credentials and authentication of third party Identity Providers. Azigo’s RemindMe service allows users to selectively activate membership credentials, such as AAA or AARP affiliation, on specific websites for special offers and discounts—without divulging such affiliations to the website in question.

Questions

  • Does the service allow third party identity providers for managing authentication?
  • Does the service fully distinguish all four identifiers used in online identy:
    • Authentication ID–used for logins
    • Presentation ID–used for labelling authorship and ownership
    • Reference ID–used for referring to specific users, e.g., for sending messages
    • Internal ID–used internally to link the other three IDs to each other and to appropriate privileges.
  • Does the service allow users to modify and manage the three exposed identifiers: Authentication, Presentation, and Reference?
  • Does the service allow users to have multiple identifiers in the same class, such as two email addresses or multiple chat handles?

This article is part of a series. It is the ninth of ten characteristics of User Driven Services:

  1. Checklist with Silver UserImpulse from the User
  2. Control
  3. Transparency
  4. Data Portability
  5. Service Endpoint Portability
  6. Self Hosting
  7. User Generativity
  8. Improvability
  9. Self-managed Identity
  10. Duty of Care

One more to go…

This material is based upon work supported by the National Science Foundation under Award Number IIP-08488990. Any opinions, findings, and conclusions or recommendations expressed in this publication are those of the author and do not necessarily reflect teh views of the National Science Foundation.
Posted in Identity, User Driven, User Driven Services | Tagged , , , , | 1 Comment

User Driven Services: 8. Improvability

8. Improvability

Wall PainterUser Driven Services can be improved by users.

A closed system can’t predict and satisfy all the needs of all its users, all the time. Sooner or later, someone will eventually desire a new feature or capability beyond the resources or interest of the service provider. User Driven Services take advantage of that motivation, allowing users to directly improve the service itself, both for themselves and others.

Through source code modifications, plugins or extensions, API calls or webhooks, or client-side scripts or macros, users should be able improve the real-time experience of services, without breaking the services and without violating their Terms of Service. Mechanisms should also exist for developers to contribute to improving the standard specifications upon which interoperability and portability rely.

Examples

CGI scripts enable custom code to generate web pages for webservers such as Apache. Open Source projects provide full source code so users can directly modify a service application. Excel macros let users define sophisticated data operations across spreadsheet data. Facebook’s FBML and OpenSocial allow customized widgets integrated into web pages at social networks. The iPhone lets users download and install new applications. Internet Explorer and Firefox allow users to write or install custom plugins like Google Toolbar, Acrobat Reader, Flash, and Quicktime.

Questions

  • Can users add functionality to the service through custom code, plug-ins, or extensions?
  • Does the service allow interactive access via APIs so that third party applications can provide enhanced, wrap-around or integrating functionality?
  • Does the services support webhooks or other callbacks for integration with other online services?
  • Do client-side applications allow for client-side scripting or macros?

This article is part of a series. It is the eighth of ten characteristics of User Driven Services:

  1. Checklist with Silver UserImpulse from the User
  2. Control
  3. Transparency
  4. Data Portability
  5. Service Endpoint Portability
  6. Self Hosting
  7. User Generativity
  8. Improvability
  9. Self-managed Identity
  10. Duty of Care

More soon…

This material is based upon work supported by the National Science Foundation under Award Number IIP-08488990. Any opinions, findings, and conclusions or recommendations expressed in this publication are those of the author and do not necessarily reflect teh views of the National Science Foundation.
Posted in User Driven, User Driven Services | Tagged , , , , , | Comments Off on User Driven Services: 8. Improvability

User Driven Services: 7. User Generativity

Piling boxes (tight)7. User Generativity

Users contribute to User Driven Services.

User Driven Services build on active, engaged participation in value creation. Users should be empowered to augment, annotate, and contribute to the underlying service as much as possible. By enabling users to pro-actively co-create the service experience—and to share that co-created value with other users—services tap into the most motivated, qualified source of content and innovation in their product.

Examples

User profiles, pictures, and status updates make Facebook and MySpace highly personalized digital expressions of personal identity. Flickr lets users load photos to share with others. Facebook, MySpace, and Flickr let users tag and comment on other people’s content as a distributed worldwide dialogue in shared social spaces. Twitter integrates web and SMS updates from, and to, select lists of users to dynamically generate a real-time ambient, global conversation. GetSatisfaction and other online help forums allow users to post questions and get support from others using similar products. IRC is a global distributed chat system.

Questions

  • Can users create new content within the service that contributes to value received by other users?
  • Can users provide feedback that improves the flow of experience for others?
  • Is user input a driver of system value?

This article is part of a series. It is the seventh of ten characteristics of User Driven Services:

  1. Checklist with Silver UserImpulse from the User
  2. Control
  3. Transparency
  4. Data Portability
  5. Service Endpoint Portability
  6. Self Hosting
  7. User Generativity
  8. Improvability
  9. Self-managed Identity
  10. Duty of Care

More soon…

This material is based upon work supported by the National Science Foundation under Award Number IIP-08488990. Any opinions, findings, and conclusions or recommendations expressed in this publication are those of the author and do not necessarily reflect teh views of the National Science Foundation.
Posted in User Driven, User Driven Services | Tagged , , | Comments Off on User Driven Services: 7. User Generativity

User Driven Services: 6. Self Hosting

6. Self Hosting

monitor faceUser Driven Services can be hosted on users’ own machines.

If we can’t host our own services, we become beholden to those who can. This creates an artificial barrier to portability, limiting user choice and allowing service providers to charge unnecessarily high costs for their services.

User Driven Services assure users credible alternatives to traditional hosted services. This means that there exist multiple, independent options for users to host their own service running on their own machines, and there also exist hosting solutions that allow users to run their own service on hardware at a co-location facility or running the service on a generically available website hosting provider. These options may be commercial or free, proprietary or open source. Preferably there is at least one open source, free option. It is even better if there are multiple such implementations for different platforms, different programming languages, and different storage and network technologies.

Examples

The LAMP (Linux, Apache, MySQL, Perl/PHP) stack allows anyone to host and run their own advanced web service with custom capabilities. If you own your own machine and have a connected IP address, you can host your own server for email, FTP, gopher, website, Jabber, MUD services, etc. You can host your own blog, fully integrated via pings and trackbacks into the global conversations occurring throughout the blogosphere.  Free and commercial software enable you to host any number of services, either on your own hardware or hosted at standard hosting providers online.

Questions

  • Can users host their own implementation of the service on their own hardware?
  • Can users host their own service at third party hosting companies?
  • Are there free or low-cost licenses available for self hosting?
  • Can users host on a variety of hardware and operating system platforms?

This article is part of a series. It is the sixth of ten characteristics of User Driven Services

:

  1. Checklist with Silver UserImpulse from the User
  2. Control
  3. Transparency
  4. Data Portability
  5. Service Endpoint Portability
  6. Self Hosting
  7. User Generativity
  8. Improvability
  9. Self-managed Identity
  10. Duty of Care

More soon…

This material is based upon work supported by the National Science Foundation under Award Number IIP-08488990. Any opinions, findings, and conclusions or recommendations expressed in this publication are those of the author and do not necessarily reflect teh views of the National Science Foundation.
Posted in User Driven, User Driven Services | Tagged , , , , , | 1 Comment

User Driven Services: 5. Service Endpoint Portability

5. Service Endpoint Portability

People can painlessly switch between User Driven Service providers.

returned to send rubber stampHigh switching costs create a barrier to choice and freedom; we should be able to move our services seamlessly from one provider to another without unnecessary interruptions, hassle, or frustration. Transitions between service providers should occur without significant downtime or loss of capability.

While service providers compete by distinguishing themselves with unique features, standard features should be well documented and provisioned in such a way as to be easily moved. Services which allow third party access via APIs should be tested for interoperability so that client software continues to work smoothly with new service providers. When possible, services should use open standards to assure the greatest flexibility when users choose new service providers.

Examples

Mobile phone number portability allows users to take their phone number with them when changing phone companies. Websites and email can be hosted at a new provider, as long as one owns their own domain name. Service discovery allows identity providers to direct incoming service requests to appropriate service endpoints in realtime, even when those endpoints change. The United States Postal Service provides mail forward services for patrons who relocate.

Questions

  • Can users transition from one service provider to another without significant loss of service or hassle?
  • Can new services be provisioned and established in a timely fashion?
  • Can existing users of a service endpoint automatically reach the correct endpoint without human notification and intervention?

This article is part of a series. It is the fifth of ten characteristics of User Driven Services:

  1. Checklist with Silver UserImpulse from the User
  2. Control
  3. Transparency
  4. Data Portability
  5. Service Endpoint Portability
  6. Self Hosting
  7. User Generativity
  8. Improvability
  9. Self-managed Identity
  10. Duty of Care

More soon…

This material is based upon work supported by the National Science Foundation under Award Number IIP-08488990. Any opinions, findings, and conclusions or recommendations expressed in this publication are those of the author and do not necessarily reflect teh views of the National Science Foundation.
Posted in User Driven, User Driven Services | Tagged , , , , , , , , , , | 1 Comment