Identity Futures Dec 16 08 Conf Call
- Call on Tuesday December 16th at 9AM Pacific
- 1 (906) 481-2100 - Access Code 942276
Kaliya Hamlin John Kelly Jeff Stollman Nicholas Givotovsky
Here are some thoughts on the two topics that we discussed on the call today: potential scenarios and potential endorsers.
SCENARIOS Scenario preferences of the sponsor paying for the Futures Mapping will vary based on the sponsor. But, by creating a range to pique their interest, we can hope to entice a sponsor.
I can conceive of several categories for which we should create illustrative scenarios (some of which we discussed today). These include the following:
- Dollar cost of data breaches
- Human cost of identity theft (individual scenarios on reviving a stolen identity; groups that include celebrities protest publicly)
Cost of malware spread because of a user's inability to identify its source (e.g., email that appears to be from a friend or trusted vendor)
- Opportunity cost of no identity solution (users -- individual and/or corporate -- fearful of identity theft avoid the use of the web, limiting the ability of businesses to exploit the full promise of eBusiness)
- Cost of no solution on national security (dollars and/or vulnerability)
- Cost of regulation (reactive over-regulation curtails business)
- Impacts of particular regulatory scenarios on personal freedom (both "freedom from" and "freedom to")
ENDORSERS The security/identity/privacy arena is littered with tiny organizations all trying to make the world a better place. IIW doesn't have much visibility outside of our small community. Identity Commons is equally anonymous. Because of this, our proposal may be viewed askance because of our lack of a credible, "trusted identity" recognizable to potential customers. This could relegate our proposal to the circular file regardless of how useful they view our proposed research.
There are many non-profit organizations whose focus aligns with our concerns over identity. Some of these may have funding and may be potential clients for our work. Others may not have funding, but gaining their endorsement may elevate the value of our proposal in the eyes of other potential customers -- establishing a higher level of trust as well as a broader constituency that they could claim to be benefiting by funding this work. Highly visible organizations may provide our proposal with some caché, but even gathering the support of a number of smaller organizations will enhance our credibility by the shear weight of numbers.
A few such organizations whose endorsement may be of benefit off the top of my head include the following:
- Freedoms Foundation
- Electronic Frontier Foundation
- Privacy Rights Clearinghouse
- Electronic Privacy Information Center
- Center for Digital Democracy
- Computer Professionals for Social Responsibility
- Privacy International
- US Public Interest Research Group
- Center for Strategic and International Studies (the group that just published, "Securing Cyberspace for the 44th Presidency")
Nick attended IC Stewards call December 3, mentioned our group’s activity briefly
Nick G. and John Kelly spoke since the last call about
- How to get to these scenario’s that are relevant to the near future. Real world not to far out there.
- Communication back to the implementers of the technologies and influence their implementation.
- Tactically understanding the broad range.
- Engagement “at the business level”
- Oriented towards priorities around implementation.
Blue sky is fun (grey sky when cloudy – this stuff is not all clear).
John: When thinking about this – in history of scenario planning company. Most of the time they had some houses on fire. If they didn’t we would develop some teaser scenario’s – make slightly more dramatic. These are the scenario’s are troubling enough – we want to do the real one’s + the signs that the future scenarios are unfolding.
Where are the flashpoints of digital identity technology are right now – as starting point.
Motivations – persistent leading to the event. Getting to the driving force.
Events that we developed Social/Policy/Business level
Policy-Business & hits on a personal level. Fuel and context.
Sew together non-uniform legal president. Compelling business reason to use identity information for consumers.
An example - Propagation with social media + single sign on + rise in data breaches.
Entities should be interested in solutions, or advanced planning for this set of outcomes.
N major breaches – corporate databases Initially – in and out of news
Continuing on example - 15 major celebrities and 2 hollywood agencies – complain that their clients and their fans. Financial impact - Stalkers involved – it is process.
Kaliya: At FOSI recenly I overheard this narative OpenID was built to track people around the internet and particularly children and give them an identity and sell information back to the sites they go to and the advertising.
All kinds of legitimate activity is prohibited
Being someone you are not on the internet is now “illegal” based on the current ruling.
Prohibit all non-personal Obligation to disclose as much as possible. Self substantiated information – leakage of multiple peroni. Professional and personal reputation. Responsibilities across communities.
Getting regulated. Cost & benefit.
Teaching the reader there is a rich interconnectedness. More worth their while to persue
A couple of key scenario’s – priorities – negative and positive perspective outcomes – instructive – No oversite, self regulation, regulation
How to certify or validate identity methodology.
Support – more produce communication – Foundation + another couple of people interested in this. + create a communications.
Large number of foundations present themselves as interested in Future of Democracy and Equity – on and offline. Convey output. Retention of participation sponsors. Interested in results. Entities out there –
Ponoman Institute - digital identity technology per-se
Jim Harper at CATO –
- social media site – Hahnan Monatan set.
Sony just got a million dollar fine.
Center for Stratigic and Information Studies
Exposure: Bad publicity followed by inappropriate regulation.
Behavior Targeting Standards consortium “revenue science”
off loading PII and data to Network Advertising I
web-usage and offline demographic data.
Pseudo anonymous online activity
Data portability world – technical implementation of profile data across social media services. More uniform terms of services and uniformity of policy.
Next step – John and Nick meet and write a proto-scenario or two. Next – a format + sample and circulate and get inputs.
1/2 page to a maximum of a page.
Kaliya: Major natural disaster and legislation that creates “fraud” in government money dispursal for relief – and legislation is passed requiring biometric capture for being able to receive relief.
Mike Osterlink – Liberty coalition Susan Crawford – Obama Transition Team
Models for legislation – caring about what happens from a political point of view.
Or they will run away with the argument.
- We need to be defining what an endorsement looks like.
- What does it look like for Burton Group to be involved.
- Lucy Lynch – seed funding? Links to what we are doing with ID-Legal
Float it by – Research labs offices of big-co’s IBM, MSFT (danah boyd) CEO offices at companies Kim Cameron.
CCC upcominc conference – Eric Preston – asking him to keep his eyes open. Europe – tracking and stuff