Skip to content →

Category: identity

Ah Sxip, We Hardly Knew Ye…

Published April 4, 2011 by cgerrish

It was Dick Hardt who got me interested in user-centric identity with his great presentation on identity 2.0. It was funny, wise and asked some very intriguing questions. Dick recently announced he was pulling the plug on Sxipper, his ground-breaking “identity” product, that operated as a Firefox browser plugin. Dick doesn’t much like to use the word “identity” when discussing “identity.” He prefers to talk about identifers, the tokens we trade in authentication, authorization and other kinds of networked transactions. As a veteran of the Internet Identity Workshops, he knew that the word “identity” is overdetermined and tends to overflow the kind of boundaries required for productive technical discussions.

The difficulty of user-centric systems has always been the contradiction at their core. The user doesn’t own the technical infrastructure to support an identity system, so systems that pretended to be outside of the system of systems provided the third leg of the triangle of “user-centric” authentication. This system multiplied the number of players in the game—supposedly in order to shift the balance of power back to the user. From the user’s perspective it merely complicated something that was too complicated to begin with.

Sxipper took a different approach, one that is gaining some popularity now in the form of the personal data locker. Sxipper looked at every form a user encountered on the web as an opportunity to learn something new. If Sxipper already understood a form, it would ask you how you wanted it filled out. If you’d populated your persona bank, you could select the appropriate data set, and Sxipper would automatically fill out the form for you. Once you’d trained Sxipper to understand a form, you were all set. Sxipper users also benefitted from the community of users, if someone else had trained the form, you were also ready to go. Web transaction forms used by large populations were almost always already trained, at the margins you’d have to do the training yourself. But rather than assume all forms at a Network level (commercial transaction, web site sign up, authentication, etc) needed to be accounted for, Sxipper focused by design, on what people actually did. Translating transaction difference in the trenches. As you used Sxipper, the amount of transaction friction you experienced on the web was continuously reduced.

With all this personal data and preference information in a persona bank, you might get the idea that your data might be worth something—that you could trade it for valuable gifts, discounts and prizes. While this model does work, it only works for celebrities. The network celebrity hub with high numbers of links gain even more links through the phenomena of preferential attachment. Value flows to these hubs by virtue of their potential distribution power. For example, in Hollywood, if a star can ‘open a movie,’ they’re compensated for it.

The big networked systems derive value from their scale and the correlation data they unearth from the big data they custody. The patterns they produce through statistical analysis can be sold under various schemes. Primarily, target groups are sold to advertisers. For most members of the target set, their data is commodity. Subtract a member from the set and the pattern remains. Your personal data only has value in concert with all the other members who make up the set. As a single point on a graph, your data doesn’t describe a trend.

With all this data flying around, it would seem that personalization of user experiences would naturally follow. And to some extent, a form of this is happening, but it’s through common patterns, not through deep insight into personal data. Augmented reality (the normalization of reference delusions) attempts to personalize the physical space you move through by superimposing targeted advertising-sponsored hypermedia publications on the smear of spatio-temporal location coordinates surrounding you. Reality becomes shelf space, with brands fighting the visual merchandising war for a home in your selection set.

Back to Sxipper: In order to provide personal data from a persona bank to domesticated web forms and transaction interfaces, Sxipper had to sit in a particular spot on the Network. As a browser plugin, or App, as we call them these days, Sxipper could send and receive form training data to a central cloud; and combine that formal data with a user’s locally-stored encrypted personal data to fill in forms across many different sites. Rather than harvesting correlation data, Sxipper had no access to it’s user’s personal data stores; because of this it had no target audiences to sell.

The value of identity and gesture data has been an ongoing discussion in the internet identity community. It seems like there must be a business model in there somewhere. The digital deal, the gesture bank, the attention economy, root markets, vendor relationship management, and now personal data lockers have all explored the system (bank) and account model. Anonymized central bank data can still yield correlation data, the patterns, but it forgoes the regular distribution model except through a user opt in. It’s a business model that makes sense and honors user privacy, but has yet to be successfully implemented.

The Selector, along with the information and action card had a similar, but more general structure, as Sxipper. Essentially, it was a client-side application development environment. Information cards were the equivalent of personal data personas, and action cards extended the capability to run a much wider variety of personal scripts across data from multiple sources. But like Sxipper, Microsoft recently put the final nail in the Selector and information card.

There are a couple of ideas from Sxipper that I’d like to see survive its demise. The first is focusing on difference rather than identity. Sxipper used the crowd to build bridges between different interfaces and systems. The diversity of the Network environment is one of its strengths. Sxipper preserved the diversity, but made the complexity disappear. The other idea is, rather than generating personalization from a central data bank, create personalization from the user’s side of the glass. Think of personalization as emanating from the person, rather than the system.

One Comment

Delusions of Reference: They’re Not Talking To You

Published March 14, 2011 by cgerrish

It was the most plausible explanation for the banal content of many of the tweets flowing through the real-time stream. As Clay Shirky explained, in his book Here Comes Everybody, it’s simple, they’re not talking to you.

And it’s easy to deride this sort of thing as self-absorbed publishing—why would anyone put out such drivel in public. It’s simple. They’re not talking to you.

The confusion comes from the mash-up of personal communication systems and broadcast systems. It’s like mixing up the radio and the telephone. In this new hybrid medium, person-to-person, or person-to-group, messages are generally broadcast, but specifically targeted. While you can hear them if you eavesdrop, they’re not talking to you. Lacking the context, relationship and history, the 140 character revelation about what someone had for lunch appears to be pure drivel. But why should I care? You shouldn’t, they’re not talking to you. You’re just within earshot.

Shirky’s explanation seemed to make the world safe for drivel, even un-targeted drivel is an act of production rather than one of passive consumption. Saying anything at all appears to be better than consuming mass quantities in silence.

In the mash up of radio and telephone, each has taken qualities and capabilities from the other. So while we may now safely disregard random comments about lunch, we still have a creeping feeling that maybe they are talking to us. At least someone, or something, seems to know an awful lot about us. And they say they’ve put together a special message just for us.

Avitel Ronell, writes in The Telephone Book, about technology, schizophrenia and electric speech — The telephone rings and creates a debt of obligation. The sound of the bell has a sense of urgency, it asks you to get up out of your chair and pick up the receiver. Now broadcast systems seem to ring: it’s for you…

…And yet, you’re saying yes, almost automatically, suddenly, sometimes irreversibly. Your picking it up means the call has come through. It means more: you’re its beneficiary, rising to meet its demand, to pay a debt. You don’t know who’s calling or what you are going to called upon to do, and still, you are lending your ear, giving something up, receiving an order. It is a question of answerability. Who answers the call of the telephone, the call of duty, and accounts for the taxes it appears to impose?

In the new radio-telephone combined medium, the Network is placing a call to you. Is that what that ringing sound is? Is that why we feel an obligation to process the overwhelming torrent of the real-time stream? The meme of floods of information engendering paralysis and unhappiness is at its zenith. Your voice mail is full and the phone keeps ringing. All the lines in the system are ringing, impatiently waiting for you to meet your obligation.

Walking down the candy aisle in a chain drugstore, the selection is immense. Are all the candy bars placing personal calls to me? What do my augmented reality goggles say? What about the people in my follow cloud, can they provide a reference for any of these candy bars? Let me check my personal data locker, have I tried and liked any of these treats before? Do I qualify for any discounts if I check in and register my location? Candy bar selection is just a matter of having the proper filters in place for the real-time stream of information that encloses the world.

In the real-time, always-on Network, there’s a simple test we can take to see if we’re operating normally and optimally in the new environment.

1. Have you ever heard voices or other sounds when no one is around?

2. Have you ever heard voices commenting on what you are thinking or doing?

3. Have you heard two or more voices talking with each other?

4. Has anyone been watching or monitoring you?

5. Have you seen things in the media that seem to refer to you or contain a special message for you?

6. Have you ever felt your thoughts were broadcast so other people could hear them?

7. Have you ever felt thoughts were being put into your head by some outside force?

You might recognize some of these test questions. They’re from the Scale For The Assessment of Positive Symptoms. The scale is designed to assess positive symptoms, principally in schizophrenia. Prior to the advent of the real-time multi-touch ubi-comp Network, positive responses to these questions may have been considered a sign of illness. Now they’re common user experiences for those operating within social network hubs.

In fact, as Jeffery Sconce notes, we may soon be given thorazine if we believe that the world isn’t broadcasting special messages just for us. What was once called a delusion of reference is the new normal.

We walk around with an entourage and the world organizes itself to flatter our egos. We are celebrities of the Network, everyone and everything wants just a moment of our time. They’ve given our thoughts and desires special attention and have a special offer to give us at just the right moment. Because, you know, it’s not advertising if its the right offer at the right time. It’s simply the fulfillment of a desire. And if it’s a desire you didn’t know you had, so much the better. The Network knows what you want before you do. Just because celebrity is now a commodity doesn’t mean that you’re any less special.

One way to manage the vast expanse of this new personalized Network is to apply Sturgeon’s law. The law simply observes that 90% of everything is crap. Even a filter that randomly deleted 90% this new wave of information would probably improve its overall quality. Since we publish everything and edit later, perhaps we’ll just hang up on nine out of ten callers and see what happens. If it’s important, I’m sure they’ll call back.

Of course we could just flip the model on its head, rather than accepting any incoming calls, I could only place outgoing calls to the things that match up with my true desires. Of course, this assumes that I am the author of my own desires, and that I know what I want.

Slavoj Žižek, in an analysis of Donald Rumsfeld, comes up with the crucial observation here:

In March 2003, Rumsfeld engaged in a little bit of amateur philosophizing about the relationship between the known and the unknown: “There are known knowns. These are things we know that we know. There are known unknowns. That is to say, there are things that we know we don’t know. But there are also unknown unknowns. There are things we don’t know we don’t know.” What he forgot to add was the crucial fourth term: the “unknown knowns,” the things we don’t know that we know-which is precisely, the Freudian unconscious, the “knowledge which doesn’t know itself,” as Lacan used to say.

The name space of the Network seems to put everything on equal footing. Everything has a unique identifier, a phone number you can call. Everything is illuminated, everything is a known known. But in fact, the reason we can’t simply place calls to satisfy our true desires is because our desires are not perfectly illuminated. We are filled with unknown knowns. How do we place a call to fill an unconscious desire? Once we’ve checked everything off our list, how is it that there’s still a longing for something more?

We exercise a form of blindness as we categorize the Id as just another special interest group in the long tail of the Network—another keyword, another search term. While Google’s SafeSearch plays the role of the Super Ego, cordoning off the Id from children and polite company, the Network fills up with our unconscious desires. The calculated self, the simulacra derived from the patterns of our information exhaust, misses the dangerous, passionate undercurrents that flow beneath our rational conversations, negotiations and transactions. Some see the Network as a global mind, but they never speak of, or to, its unconscious.

We’ve passed from delusions of reference to personal phone calls from the Network. Yes, they really are talking to you. But like the alien characters in the science fiction film Forbidden Planet, we misunderestimate our own unconscious (beware the monsters from the id).  We’ve gone from the delusional idea that the world is sending us special messages to an augmented reality where the world really is sending us special messages. We’ve undergone a strange normalization to schizophrenic reality. The unconscious writing on the world is replaced with a system printout. And yet there still seems to be a problem with the messages. They only coordinate with the gadget in us—the part that can be fully expressed with a database entry—never taking into account the darkness at the edge of town.

2 Comments

Sense and Nonsense: You are not the User

Published February 28, 2011 by cgerrish

Thought I’d engage in a little dancing about architecture, a pursuit that has been compared by some to writing about music. But to get to architecture, and here I’m really referring to networked computational communications systems on whatever technical stack, I’ll make an initial move toward the user. And in particular, some thoughts about the practice of user-centered design.

Just as with the concept of ‘usability,’ the words ‘user-centered design’ now simply mean ‘good.’ As in, ‘For this project, I’m looking for a usable web site created through a user-centered design process.’ The user is the customer and the customer is always right. You might be given to think that the user is a person, a human being—someone like you and me. But you’d be wrong. Users are constructs of the system of use, they have no existence outside of the system.

The user experience (UX) world is beginning to realize that while it may seem like they’re crafting experience for humans, networked business systems don’t actually care about humans. Frankly, they don’t know what a human is. On the other hand, they have well-defined formulas to compute return on investment. If there’s ever a question between achieving a business goal and a human goal, UX designers are learning the issue will always be decided in favor the the business. In a sense, there’s not even a decision to be made.

Why then, do we hear so much about user-centered design in the world of corporate web site construction? Putting customers first seems like the right thing to do. And, of course, they do it because they care. The question is, what do they care about?

When a system refers to ‘user-centered’ design, it’s really asking for an optimization of what the system defines as a user. On its surface it sounds like a transfer of authority from the system to the user, but ‘user-centered’ simply means that friction in the transaction interface should be reduced to the point that the user’s inputs are within the range of responses the system can accept as parsable. The system isn’t actually able to respond to the what the user, as a human, wants.

In some sense, the goal of user experience (UX) design is to limit the incidents of users speaking nonsense to the system. In the old days, users could simply be rounded up and sent to re-education camps where they would study thick manuals that would instruct them on how to stop speaking nonsense to computer systems. These days the system must provide immediate feedback and a short learning curve to move the user from spouting nonsense to crafting inputs that are parsable by the system. These small corrections to the user’s behavior makes the user a more efficient gadget, as Jaron Lanier might say.

If enough users speak the same nonsense to the system, a pattern is recognized and the system is moved to assign this new nonsense to a well-defined function of the system. But, in general, it’s the system that will train the users to utter the appropriate nonsense. As David Gelernter notes in an interview with Der Spiegel about the Watson system, all human input into computerized systems is nonsense. These patterns of nonsense are assigned meanings within the system of relations of the machine. The system doesn’t know who you are, doesn’t know what words are and doesn’t know what you mean by them.

SPIEGEL: But let’s assume that we start feeding Watson with poetry instead of encyclopedias. In a few years time it might even be able to talk about emotions. Wouldn’t that be a step on the way to at least showing human-like behavior?

Gelernter: Yes. However, the gulf between human-like behavior and human behavior is gigantic. Feeding poetry into Watson as opposed to encyclopedias is not going to do any good. Feed him Keats, and he will read “My heart aches, and a drowsing numbness pains my senses.” What the hell is that supposed to mean? When a poet writes “my heart aches” it’s an image, but it originates in an actual physical feeling. You feel something in the center of your chest. Or take “a drowsing numbness pains my senses”: Watson can’t know what drowsy means because he’s never fallen asleep. He doesn’t know what pain is. He has no purchase on poetry at all. Still, he could win at Jeopardy if the category were English Romantic poets. He would probably even do much better than most human contestants at not only saying Keats wrote this but explaining the references. There’s a lot of data involved in any kind of scholarship or assertion, which a machine can do very well. But it’s a fake.

If computer systems don’t understand humans, how do humans have an influence on systems? The humans who program the systems have a big influence prior to the point where the system is embedded in a business model. The other point of influence is via the system of laws in which the computer system is embedded. For instance, there are laws about security breaches, the use of social security numbers and zip codes.

And so we come to the dancing about systems architecture. The big corporate backend systems that have been exposed to the Network weren’t conceived as occupying a connected space. It was the rise of Java, XML and web services that created the connectors to put the big iron on the Network. The fact of connection changes the system at the margins, but not in its core.

The big web systems like Google, Twitter and Facebook have built big data repositories that allow them to rent out the correlation data. Google and Twitter in particular have simplified user interaction to the point that there’s basically one action—type and submit.  But the center of power remains with the data correlation store. That’s what makes the train go. Doctors are beginning to look at the big data available about their patients and wondering whether they’re treating the data or the patient. Of course, the data will survive regardless of the outcome with the patient.

Changing the balance of power may be a long time coming, and as some have noted, it will need to be baked into the architecture from the start. There are a few new approaches that begin to move in a new direction. Jeff Jonas’s G2 rig combines elements of John Poindexter’s original design for Total Information Awareness, the Privacy by Design principles and Jonas’s own previous systems that do sensemaking on big data in real time. Particularly notable is the system’s ability to course correct based on every new piece of data and to hide the human-readable facet of data through anonymizing and encryption. Other architectures move toward establishing the user as a peer (P2P), in particular Searls’s VRM, Windley’s KRL, Bit Torrent and the recently departed Selector.

A true user-centered design practice will probably have to start on the user’s side of the glass, establish the user as a peer, and not be architectural in the way we’re used to. It’s only in this environment that a possible economics will take root. It’s also here that a developer and designer would finally have standing to do user-centered design. We might hope that such a move would happen because it was right, true and good, but this kind of dance may require a platform that isn’t a platform.

Comments closed

Barriers, Membranes and What We Agree to Keep Silent About…

Published January 24, 2011 by cgerrish

There are certain animals that have survived, flourished even, through the use of camouflage (a form of crypsis). They blend into the background so well they become invisible. Predators haven’t cracked the code, camouflage works at the level of the species. Now and then it may fail in individual cases, but on the whole it’s been a successful strategy in the game of natural selection.

In the murky waters of the Network, the visibility is nil. It’s only through the hyperlink that a sense of visibility is created— although visibility is probably the wrong word. Following McLuhan, we should acknowledge the Network as an auditory/tactile space. The nodes of the Network are linked by touch. The hyperlink is activated by touch, it’s a flicking of a switch that opens a door to a hidden hallway. We feel our way through the dark until we emerge into the light on the other side. (This is another reason that the multi-touch interaction mode has spread so quickly).

Imagine a location on the Network that was completely devoid of hyperlinks to foreign sites. You’d have to imagine it, because unless you knew the precise incantation to call it into your browser, it would lay perfectly camouflaged within the darkness of the Network. Sometimes this is called security through obscurity—a kind of blending into the background.

This imaginary location might have an infinite number of internal hyperlinks between the locations within its interior. It could be a whole world, completely unknown to the rest of the Network, a veritable Shangri-La. Because this place is unknown and without hyperlinks, there would be no commerce, no trade of bits between this isolated location and the rest of the Network. Of course, if a single hyperlink was formed, this imaginary location would change forever. To stop outside influences from overwhelming this world, a barrier would have to be built and its integrity enforced.

If we adjust our angle a little bit, we’ve just described the state of the modern Corporate Enterprise with respect to the rest of the Network. The fabric of the external Network has been used as the material for the internal Network—the protocols are identical. Keeping these identical twins apart is called security. Of course, twins have a mode of communication, cryptophasia, not available to others.

Hedge funds are beginning to monitor Twitter to evaluate their portfolio holdings and trading opportunities. The public stream is analyzed in real time for sentiment and triggers to put into their trading algorithms. Enough value has accreted to the stream that there’s an advantage to be gained from taking it into account.

In addition to its presence in the public stream, the Corporate Enterprise has begun to launch private public streams meant to reside securely within the friendly confines of the firewall. The purpose of the private public stream is to create more visibility within the Enterprise—although the metaphors have become crossed again. Traditional corporate reporting provides visibility—a kind of linear numeric business intelligence. A real-time micro-message stream with hyperlinked citations transmits auditory and tactile signals. We hear what people are saying about how things are, and by following the hyperlink we can get a deeper feel.

If the public stream, outside the firewall, has enough juice to merit monitoring, the private public stream has even more. And there’s no skill or guile involved in finding it, it’s a busy public thoroughfare accessible to everyone on the inside.  If we adjust our angle a bit more, we can see the private public message stream as a series of diplomatic cables. The diplomatic corps of the United States uses these cables to update the status of the system to the Secretary of State. Private internal message streams can develop a value outside the barriers erected by the native tribe. When the value grows great enough there will be motivation to enable a leak. What at first appears to be a barrier, reveals itself as a membrane. The modern worker is a member of many tribes with many, and sometimes competing, allegiances.

Perhaps we might think it’s just a matter of stronger barriers, a matter of winning the arms race. But as Bruce Sterling notes in his assessment of the Wikileaks Affair, these kinds of cracks are going to get easier, not harder over time. Even the system that we might expect to be the strongest no longer operates on the basis that a war over barriers can be won. Here’s Deborah Plunkett, head of the NSA’s Information Assurance Directorate, on the state of their internal network:

“There’s no such thing as ‘secure’ any more,” she said to the attendees of a cyber security forum sponsored by the Atlantic and Government Executive media organizations, and confirmed that the NSA works under the assumption that various parts of their systems have already been compromised, and is adjusting its actions accordingly.

To preserve the availability and integrity of the systems it has the duty to protect, the NSA has turned to standardization, constant auditing, and the development and use of sensors that will be placed inside the network on specific points in hope of detecting threats as soon as they trigger them, reports Reuters.

In the end, we seem to be transported back to days of the tribe and our allegiance to it. In an age where the barriers around systems have become a Maginot Line, it’s down to what we agree to keep silent about— what we don’t share outside the circle. Our public and private faces will grow farther apart, and the innocent and authentic gestures we contributed to the public stream will now be a matter of show. The backchannel that was brought to the fore will require a backchannel of its own. Somewhere out of the glare, where we can have a private conversation— security through obscurity.

One Comment