2010 DPP Steering Committee/Board of Directors Announced

The Data Portability Project is pleased to announce the election of its new board for the 2010 term. Election and participation in the Steering Committee and Board of Directors is pursuant to the in-force governance charter of the organization and subject to certification by the DPP Corporate Secretary.

The charter provides for the participation of no less than four and no more than twelve members. Nine individuals were nominated and subsequently ratified as the new board for the 2010 term beginning January 1st, 2010. The new board is: Daniela Barbosa, Elias Bizannes, Dan Brickley, Brady Brim-Deforest, Anthony Broad-Crawford, Willem Kossen, Drummond Reed, Steve Repetti, and Phil Wolff.

The Data Portability community would like to welcome the new board and extend a heart-felt thank-you to the 2009 board and everyone that helped contribute to the cause of Data Portability over the past 12 months.

Steve Repetti
DPP Corporate Secretary

Still Looking for that Special Gift? Give them some DataPortability

See all available gear at our DataPortability Project CafePress store.

What’s on the cool kids list this year?  They want to show their support for data portability with some of the following gear:

1.0 L Sigg Bottle Ringer Tshirt

Trucker hat Cap

Spaghetti Tank Baseball Jersey

Holiday Image background by: TeaBass

Our comment to the FCC on “Data Portability and its relationship to broadband”

Today we officially sent comment to the FCC on “Data Portability and its relationship to broadband“. The team laboured hard over the weekend as we only found out about this late last week, but we managed to get something together that I hope will be of value to the FCC.  (You can check the filing status here.)  Below is a copy of the PDF we submitted.

———————–

TITLE: Comments – NBP Public Notice #21

Docket: GN Docket Nos. 09-47, 09-51, and 09-137

This has been submitted on behalf of the DataPortability Project: www.dataportability.org

Submitted by:

• Elias Bizannes, Acting Chair of the Board of Directors, DataPortability Project
• Alisa Leonard, Head of Communications, DataPortability Project

Additional content contributions from the following people:

• Steve Repetti, Board Member (Secretary), DataPortability Project
• Brady Brim-DeForest, Board Member (Treasurer), DataPortability Project
• Anthony Broad-Crawford, Board Member, DataPortability Project
• Phil Wolff, Board Member, DataPortability Project

1.    Government data transparency. Data transparency refers to making data public and easily accessible over the Internet. There are many pieces of legislation requiring the publication of Federal government information. This legislation typically requires the publication of data on an agency’s website. One recent initiative seeks to establish a central repository of government data. We seek comment on the potential benefits and pitfalls of increased data transparency.

a.    What efficiencies can be gained through easing accessibility to public government information?

• Reduced administrative hurdles. Having data readily available will reduce the perceived effort to leverage that data, and allow innovators to react more immediately and quickly

• Decreased administration. By encouraging a more direct relationship between the data source and the end user, it reduces government resource to administer the data.

• Faster turnaround. By making the relationship between a developer and the data more direct, it means things that need to be changed can occur much faster. Rather than relying on a third party (in the form of an agency official), the developer can work directly with the data to enact changes

• Increased accuracy. The direct relationship with data sources means dependent applications of the data will react in real time. For example, if emergency data is made available that has some inaccuracy, the update can be propagated across constituents that leverage that data quicker.

• Reduced redundancy and increased normalization of data. Multiple agencies may have their own copies of data that often fail to consistently reflect changes and newer information as it becomes available.  The principal concepts of data portability can be used to minimize and mitigate the issue by providing a common format and exchange mechanism for the integration, dissemination, and normalization of data, often in real time, such that the cumulative information resources are accurate and timely.

• Increased utility of data. The more data exposed for public consumption the more insights and analysis that can be drawn from it. The ability to easily ingest and manipulate data from government sources increases the inherent value of the information that it contains.

• Increased assimilation and extension of data.  The more accessible the data is to third parties the easier it is to extend and remix with proprietary data.  This allows third parties to improve their offerings as well as increase the potential for the insights and data to return to the public sector.

b.    Are there examples of innovative products or services provided by the private sector that rely upon the use of easily accessible government information?

• Phone applications that can inform people of public transport information. In San Francisco and in many other cities, buses can be tracked along a map in real time, with estimated times of arrival on Google Maps for the iPhone. The scheduling information as well as the GPS of the buses allows for better planning and decision making by residents.

• The New York Times last year announced a set of API’s (their first one being campaing finance data: http://open.blogs.nytimes.com/2008/10/14/announcing-the-new-york-times-campaign-finance-api/),that allow people to access data about a variety of issues. Developers can then query this API, and generate unique information. The increased availability of open data reduces the reliance on the mass media who have traditionally held the position of public “watch dog” that keeps governments and elected officials accountable. Now, web applications can leverage public data which allows for the same the public usefulness, allowing for more transparency and engagement.

• Mashup Platforms. An entire support infrastructure has emerged that facilitates the combination of multiple data sources in innovative ways to produce value beyond any single data source. Aggregator sites, such as programmableweb.com (and even “app stores” and “object repositories”), provide access to resources that can be combined in numerous useful ways.  Beyond that, independent advocacy groups, such as the OpenAjax Alliance, provides specifications, protocols, and core software components whose sole purpose is to provide application and data integration in quantifiable and secure environments.  In this fashion, the diversity and volume of government data becomes a valuable resource for the creation of useful mashups and meta-applications. It also empowers individuals, companies, educational and governmental organizations to utilize the information in advanced, timely, and innovative ways.

• Non-profit information. The IRS makes available an Exempt Organizations IRS Master File Data service (http://www.irs.gov/taxstats/charitablestats/) available to the public. This data set, available in simple ASCII and proprietary Excel formats, powers a number of private sector database services, such as GuideStar and Charity Navigator, that track the activities and status of non-profit corporations.

• The very successful Evertblock: http://everyblock.com/ (previously chicagocrime.org) tracks events that occur in people’s neighborhoods. To quote the service: “In many cases, this information is already on the Web but is buried in hard-to-find government databases.”

• Health and Life Science information.  The National Library of Medicine makes available several data sets in multiple formats such as CSV, XML, and JSON for consuming applications to include, extend, and enhance.  This includes but is not limited to national Clinical Trail information, publication databases, semantic ontology’s, and genomic information.

c. Federal government data are available in many formats. In what formats should this data be made available over the Internet? How should open data standards inform policy for data transparency?

• Standards are constantly evolving and the government should be aware that supporting one particular technological solution is a mistake. In the two years the DataPortability Project has been formally monitoring and advocating Open Standards (and popularised the phrase ‘data portability’ in order to simplify market perception about existing solutions) we have witnessed dozens of changes in this landscape. Fortunately for the purposes of government data, there are relatively simple solutions such as XML and now increasingly JSON. We highly encourage the government support structured data formats such as the technically superior RDF, as well as the more popular microformats.

• Government data just as effectively could be made available via API’s, which reduce the need for storing the data in a specific format and allow developers to programmatically access the data remotely (or even export the data in a desired format based on the API). However API’s should never be the only solution: if a service goes down, that data becomes inaccessible. It is therefore important that standards for data export are also available.

• Open Standards provide a common format for the interchange and interoperability of information. Market evolution in open formats constantly filters out the extraneous and focuses and enhances best practices.  Numerous existing open formats provide efficient distribution of data, such as XML, RSS, and initiatives involving the semantic web – even the upcoming HTML version 5 has embedded functionality for data discovery, distribution, and utilization. More so, the prevalence of APIs (via Ajax, RESTful interfaces, etc.) provide abstraction layers between data providers and data consumers, all of which facilitates the efficient integration and consumption of data.

• It is imperative that federal government data be made available via a variety of open standards and open source formats. Non-proprietary standards allow for the interoperability of information and prevent data from being unnecessarily siloed — increasing efficiency of data consumption and manipulation.

d.    How does data transparency relate to application development? Are there potential efficiencies to be gained through an increase in government data transparency?

• Data ultimately is at the core of every application, and the Federal Government is arguably the largest provider and consumer of information. Timely access of this data is inherently useful to government, business, academia, consumers, and even our world partners. Understanding the structure, organization, and accessibility of information radically increases the ability to build robust, and often real-time, applications in efficient, timely, and cost-effective ways. Data Portability makes it easy to access and utilize information without direct knowledge of the underlying mechanisms and methodologies required to create and maintain the information.

• The more data that is made publicly available by the Federal government, the more applications utilizing those data sets will be developed. This not only increases efficiencies across the marketplace, but will also result in unique and potentially very valuable discovery of trends and assumptions based on the combination of multiple data sets that were previously segregated.

e.    To what extent would increased data transparency affect intra-agency processes, intergovernmental coordination, and civic participation?

• Increased data transparency has the ability to empower both the private and public sectors to more accurately engage elements of the population in civic participation.

• Two issues that constantly affect process, coordination, and participation in data transparency and data portability are data discovery and data normalization. Discovery addresses the idea that there can be no sharing of data if the interested parties are unaware of data availability or its underlying structure and access methodology. Normalization is a larger issue and it relates to data replication and maintenance. For example, simple contact information for an entity could exist in numerous locations, making it easy to access and utilize the information. However, the very fact that it is replicated in multiple locations increases the likelihood of incorrect information being stored. The more replication sites, the more difficult it is to make sure the data always stays in sync whenever a change is recorded.

• Data transparency would enable greater intra-agency collaboration and the dissemination of insights and information across multiple, and sometimes seemingly unrelated agency constituents. This reduces latency in knowledge gathering and increases the collective usefulness of agencies, enhances their perceived value to the public, and invites greater civic participation.

f.    To what extent do existing regulations inhibit or promote government data transparency?

• The scope of data created, consumed, and distributed by the US Government is broad in nature and ranges from highly secure to freely accessible. Many different regulations govern the access and interaction of such data, and, while broad-scale regulations such as FIPS 199 and those of NIST and the OMB apply globally, often individual agencies provide their own unique requirements and regulations. The combination of all of this provides a layer of complexity that injects confusion into current data transparency policies, clouding the ability to actually use valuable data. Data transparency within government would greatly benefit from clarity in defining the requirements for data use.

g.    What impact do developments in data transparency have with respect to broadband

deployment, adoption, and use?

• Increased data transparency, portability, and availability impacts broadband from both the demand and utilization perspectives. On the one hand, it provides a compelling reason for the availability and use of broadband. Rich data exists, including: text, images, imaging, video, audio, animation, modeling, live content, teleconferencing, remote access, and more, that becomes accessible through data transparency policy. Simultaneously, it is ubiquitous access to these very rich data types that quickly fill the existing data pipeline.

• Data transparency and accessibility will significantly benefit from an aggressive broadband policy. Currently, only 50.8% of US households are served by broadband, and in terms of Internet speed the US lags significantly behind such countries as Latvia, Romania, and South Korea (see Scientific American, Nov 09, pgs 76,77,79). Even the definition of broadband is somewhat nebulous. The current US definition of broadband is a download capability of at least 0.77 Mb per second. This pales when compared to the average advertised broadband download speed of 92 Mb per second for Japan.  The recent allocation of $7.2 MM to the infrastructure issue is set in the right direction, however, like data transparency, more needs to be done to maintain global competitiveness.

h.    What are the potential benefits to making data more accessible?

• Innovation. Data are objects that lack meaning, whereas information are simply relationships between data objects. By contextualizing data together, it generates new value (ie, “1248″ is data as is the English word “year” – together however, they give meaning to each other). Similarly, knowledge is derived through the application of information – and the more information that can be applied, the more knowledge it generates. It’s logical to assume then, that the more data is accessible, the more opportunity for value in the form of information can be generated.

• Responsiveness.  The world exists in real-time. Huge quantities of data are captured every second on a global basis, and complex decisions increasingly rely on such information. This is above and beyond the vast existing stores of information currently residing within government databases. Sound data transparency policies and methodologies radically enhance the ability and timeliness in interacting with this data.

• Discovery and Openness. The government maintains a huge store of information that is readily available intra-agency as well as to business and individuals. However, you cannot use information that you do not know about – or do not know how to interact with (i.e. data structure and access methodology).  A concerted effort to make data more accessible benefits all and provides access to useful resources that may otherwise be lost or go unnoticed.

i.    What potential pitfalls exist when increasing data transparency?

• Increased initial cost to transform systems and serving costs to allow other entities to use data either through data downloads or API access.

• Ongoing cost to support existing and new data and services in formats that are acceptable with current, emerging, and deprecated industry standards.

• Not adopting current spectrum of standards and resolving to only support a limited sub-set.  For example, electing to only support a RESTful JSON API for access of data could prohibit consumption from both private and public sectors.

j.    What privacy and confidentiality concerns might arise due to an increase in data

transparency and what, if any, privacy safeguards are needed to protect against the

misuse of personal information?

k.    What types of personal information should be protected from disclosure?

• Public data that is identifiable to a specific person. Key to the vision of data portability, is that it is privacy-respecting interoperability. If the data does not make a claim about a specific person, then such data should remain transparent and public. (Although care should be taken when combining data as gender, zip code and birthday which is unique for 87% of the US population: http://www.eff.org/deeplinks/2009/09/what-information-personally-identifiable

• Protection of personal information that can unintentionally disclose a user’s identity is paramount. Even if social security numbers are not unique, they should always be protected as simply narrowing down a subset due to location, does end up being unique.

Cloud computing. When considering the portability of data, we also consider the processes through which data are moved. In this context, we seek comment on how to identify and understand cloud computing as a model for technology provisioning.

a.    The National Institute of Standards and Technology defines cloud computing as “a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”    Does this definition accurately capture the concept of cloud computing?

• That is an appropriate definition. Although like democracy, it can mean many things to different people. The key point of cloud computing is “ubiquity”. It is the ubiquity of three key trends: connectivity, computing and data. It means data can be accessed from anywhere through any device, with computing resources at will.

b.    What types of cloud computing exist (e.g., public, hybrid, and internal) and what are the legal and regulatory implications of their use?

• The Cloud as a trend has slowly evolved in the technology industry and it is only recent that the private cloud has been discussed as a parallel (or sub) trend.

• From the hardware point of view, the key issue is the environment and energy use. Data center’s require a huge amount of energy, and may be the developed world’s next largest driver of carbon emissions.

• From a data point of view, the key issue is privacy. Possession is considered nine-tenths of the law, and so there is a real risk for individuals and enterprises that do not have control of their data in the physical sense. Entities should not feel held hostage just because they choose to store their data remotely.

• Cloud computing provides for an immense amount of resources to be brought to bear on a specific problem set with a minimal capital investment on behalf of the problem solver. This increased convenience carries with it the risk of data lock-in. Portability of data specifically in cloud computing environments is critical.

c.    Can present broadband network configurations handle a large-scale shift in bandwidth usage that a rapid adoption of cloud computing might cause?

• The impact the iPhone has had on 3G networks is a clear example that there is still a lot of investment to be made, even in dense residential areas which are thought to be the best wired. The reality is cloud computing is a long-term investment, and it has coped well enough since the explosion of online media consumption (primarily video) which has been a heavy demand on networks. The issue with cloud computing is less about the technology and more about culture. An entire paradigm shift has occurred in computing, and it is taking the industry, let alone the consumer market, some time to adapt to this new world. So whilst networks configurations still need more investment, we believe that improvements can be made over time as the larger cultural adoption of cloud computing evolves.

d.    How does cloud computing affect the reliability, scalability, security, and sustainability of information and data?

• Cloud computing exposes data to a specific set of risks— but these risks can me mitigated with proper resource provisioning and establishment of adequate security and interoperability standards.

e.    To what extent can the federal government leverage cloud solutions to improve intra- agency processes, intergovernmental coordination, and civic participation?

• Cloud computing allows for a single fact, single place and single service environments.  These cloud environments accelerate speed to market within organizations as well as across government organizations.  Additionally, exposing these clouds externally will allow these same benefits to organizations within both the public and private sectors.

f.    What impact do developments in cloud computing have with respect to broadband deployment, adoption, and use?

• No comment provided

g.    How can various parties leverage cloud computing to obtain economic or social efficiencies? Is it possible to quantify the efficiencies gained?

• No comment provided

h.    To what extent are consumers protected by industry self-regulation (e.g., the Cloud Computing Manifesto), and to what extent might additional protections be needed?

• Traditionally, technology companies have believe that hoarding consumer data was a competitive advantage. We believe this is not correct nor appropriate, and while our advocacy efforts have helped shift the markets perception, we still believe there is considerable risk. In particular, the there is opportunity for a monopolistic environment that makes it difficult for new market entrants to join in once the market has matured.

• While markets naturally self-regulate, the broadband environment has several critical weaknesses that could easily be exploited by the companies that control consumer access to the internet and that have the ability to impose network management policies on their network infrastructures that could adversely affect the free-flow of information. The protection of the neutrality of the ‘mobile internet’ is of specific importance.

i.    What specific privacy concerns are there with user data and cloud computing?

• Who has access to the data is the key, both from a consumer point of view on what they can resuse elsewhere but also on what permissions exist over that data and who else can access it. We believe there needs to be a stronger model that allows consumers to dictate not only the access they have over their data, but over who else has access to it.

j.    What precautions should government agencies take to prevent disclosure of personal

information when providing data?

• To be open-minded with what technologies are used and not get carried away with buzzwords. OpenID is a great identityi solution and are encouraged by the governments adoption; however, we also believe the support for OpenID should come at the expense of other more mature identity solutions such as Information Cards and SAML.

• Government agencies should put measures in place that give consumers access to what data they have. By being aware of what data a government agency stores for a person, it creates more transparency and decisions can be made on how that data is used and what exactly is further stored.

• Government agencies should take the approach of both a centralized and decentralized view on data. It should try to consolidate the personal information records it requires of people independent of any one agency, and apply a fine-grain permissions model that allows a person to dictate how other agencies interact with their data store. Further, government agencies should try to store as little data as possible, and encourage remote access of data.

k.    Is the use of cloud computing a net positive to the environment? Are there specific

studies that quantify the environmental impact of cloud computing?

• We have come across some studies but believe more need to occur. We believe, however, that with a fully functioning emissions trading scheme, like the one being proposed in Australia, will offset the risk of increased emissions as the carbon will be factored into the cost structure of data centers

3.   Identity Management and Government Service Delivery. Data held by the government may be personally sensitive or confidential. In this context, we seek comment on identity management as it relates to the provision of services where individuals either provide data to the government or access data that are personally sensitive or confidential.

a.    What is the current state of identity management in the federal, state, local and Tribal government?

• No comment provided

b.    What is the spectrum of online identity credentialing required for access to online services from the government and non-governmental entities?

• No comment provided

c.    What identity management technologies currently exist and what are their applications?

• There are an entire slate of technologies, but three dominate in our view and have differing strength’s and weaknesses. OpenID is by far the most popular, and it’s a light-weight solution that is good for low-level identity. On the opposite side of the spectrum is SAML which is an enterprise grade solution that is highly complex and secure. Information Cards have really emerged as an interesting solution as they bridge the desktop with the web.

• OpenID provides a compelling solution for identity management online.  It is a registration and single sign-on protocol that lets users register and login to OpenID-enabled websites using their own choice of OpenID identifier. One key advantage of OpenID is that it requires no client-side software—it works with any standard Internet browser.

d.    How have HSPD-12 implementation efforts affected the efficiency of the federal

government?

• No comment provided

e.    What identity management technologies are available in the private sector? What are

their applications?

• No comment provided

f.    What impact do developments in identity management, such as Open ID, have with

respect to broadband deployment, adoption, and use?

• We do not believe identity management has an impact on broadband deployment. Where it does have an impact is in integrating people into this important infrastructure of our society. Identity management is a complicated issue, where no one solution or vendor should dominate.

• Identity management should remain separate and distinct from network management.

g.    What are the potential benefits of a coordinated nationwide identity management

schema?

• Little. Identity is a personal thing, and trying to centralize it too much may cause more harm than good. Instead, where the focus should be for coordination is in encouraging interoperability. Various identity solutions, like what the Internet Society is currently funding, work to make OpenID more compatible with SAML. By encouraging interoperability, the government does not favor one approach but instead sets guidelines for a constantly evolving space. Setting these guidelines also gives more control to people to choose their own solution, and the flexibility to move to other solutions if they so choose.

• The benefits would be out-weighed by the risks. A coordinated nationwide identity management schema would make for one point of failure (the same way that the Social Security Number system has been exploited to engage in fraud) and has the potential to create far-reaching negative implications for privacy and freedom of speech.

h.    What are the potential pitfalls of a coordinated nationwide identity management strategy?

• Technological obsolescence is the biggest issue, as nothing stays fixed and this is a rapidly changing marketplace. There is a considerable risk on infringing on the privacy of individuals, so it is key that a strategy avoids a centralized solution and favors one that mimics the core architecture of the Internet and follows it’s decentralized model.

i.    What specific privacy concerns are there with identity management strategies?

• Not allowing people to control their own identity management means they cannot control how the rest of the world perceives them. Identity should be decentralized; not owned buy anyone; and recognized as an innately personal thing. Just like how some people on the social network Facebook group their friends into buckets like “work” and “close friends” – primarily due to their non-work persona ruining their controlled work persona – we should also recognize other people don’t care and don’t bother. Identity and in particularly privacy, mean different things to different people. So to have an identity-management solution is to ensure is a user-driven one, and not one dictated from above.

j.    What types of personal information should be protected from disclosure?

• Let people decide that for themselves. And if in doubt, protect it. There is no answer that can be reflective of all, and for what some regard as abuse to have disclosed (like the previous criminal history of someone trying to lead a new life), others may believe it is crucial to be publicly available (like the community of people around that person who may deem them a threat). Delegate the decision to individuals to manage.

Data Portability Membership Registration and Board Elections

Since its founding, the Data Portability organization has been fortunate to have had participation from a diverse collection of folks scattered throughout the globe. So much has already be done, yet there is so much left to accomplish. There are exciting things ahead for data portability in 2010, and this is all as the result of the strength and participation of the Data Portability membership.

It is time to elect the leadership for this effort for the upcoming year, and everyone has the opportunity to participate. But first, you need to reaffirm your membership. You do this by posting a message to the “Data Portability Voting Mailing List” stating that you wish to be a member. Even if you are already a member, you must restate the message in accordance with our bylaws.

NOTE: If you have already affirmed your membership to the general mailing list or to the steering mailing list, please also leave a note on the voting mail list.

Here’s the link to post your membership message: http://groups.google.com/group/dataportability-vote

That’s all it takes to be a member for the entire 2010 term! If you also would like to be part of the Data Portability Steering Committee / Board of Directors, then you must also post a message stating that you would like to nominate yourself. You should also post a brief introduction about yourself as well as your thoughts about Data Portability.

Here’s the link to post your nomination message: http://groups.google.com/group/dataportability-vote

Please do not wait to register as a member or to nominate yourself as there are deadlines coming up quickly.

Here’s a link to more detailed information: http://wiki.dataportability.org/display/dpmain/Steering+Elections+for+2010+Term

Thanks for all of your support and consideration, and we all look forward to the fantastic year ahead for Data Portability!

A Shining Example of Great Work in the Open Web!

The web is full of interesting initiatives and exciting efforts by lots of folks and organizations. All too often the results of these efforts are lost in the noise of everything else going on, rendering it virtually impossible to keep up with all of the “good stuff”. Today, one of the good things came into the light, and its synergistic association with the principals of Data Portability compel me to share it with you.

The Open Web Foundation (“OWF”) has a simple but important charter: to be “an independent non-profit dedicated to the development and protection of open, non-proprietary specifications for web technologies.” That concise message has relevance to all of us, but in particular to the developers and innovators of the next greatest things.

A major milestone was accomplished today by the OWF through the release of the “Open Web Foundation Agreement”, an important document in the world of the open web.

“This reusable agreement is designed to be easily adopted by a wide range of specification communities and organizations as an alternative to the challenging — and costly — process of negotiating new licensing agreements every time.” – DeWitt Clinton

This is the kind of effort that benefits everyone in so many ways, and it is a model of how things can be defined, enhanced, and extended by hard working folks seeking a common goal using an open format — for the benefit of all.

In many ways, this effort mirrors many of the things that we are doing here in Data Portability, including commonality of EULA, and terms of service initiatives.

Here’s the entire document: http://openwebfoundation.org/2009/11/introducing-the-open-web-foundation-agreement.html

Kudos to those who assisted in its creation, and to those whose future participation will continue the effort.

Open Identity Pilot For Open Government Announced

Drummond Reed the Executive Director of the Information Card Foundation and one of the DataPortability Project’s early advocates and current Steering Committee member dropped me a note this morning with some great news coming out of Washington DC, in regards to various vendors working together on a Pilot for Open Identity for the Open Government imitative . The full press release can be read here: Yahoo!, Paypal, Google, Equifax, AOL, Verisign, Acxiom, Citi, Privo, Wave Systems Pilot Open Identity For Open Government and Drummond has promised us a post from the ground on this important announcement!

“Open government cannot and will not compromise either security or privacy,” said Drummond Reed, Executive Director of the Information Card Foundation. “By working with private industry, the U.S. government is harnessing the innovation and efficiencies of the open market and letting citizens choose their preferred means of engaging with government agencies.”

Congratulations to Drummond and the rest of the participating organizations, vendors and individuals who are leading this charge!

It is great to see the US government is working towards a user-centric model, one where people are in control of their identities and are not owned by any one organization. Our own DataPortability Project ToS/EULA task force has been busy at work all summer creating a range of standard portability terms and license clauses that will improve communication between people and service providers. Over the next few weeks we will be publishing more information on this and solicit additional feedback to incorporate into the final versions.

Dataportability officially endorses the Health Data Bill of Rights

We previously wrote in regards to the Dataportability Healthcare Taskforce endorsing the Health Data Bill of Rights.  We are now pleased to announce that the Dataportability project is officially endorsing the Health Data Bill of Rights as stated below ….

In an era when technology allows personal health information to be more easily stored, updated, accessed, and exchanged, the following rights should be self-evident and inalienable. We the people:

• Have the right to our own health data
• Have the right to know the source of each data element
• Have the right to take complete possession of a complete copy of your individual health data, without delay, at minimal or no cost; if data exists in computable form, they must be made available in that form
• Have the right to share our health data with others as we see fit

These principles express basic human rights as well as essential elements of health care that is participatory, appropriate and in the interests of each patient. No law or policy should abridge these rights.

The Dataportability project is officially endorsing these bill of rights because it focuses on the core problem of granting consumers both access and control to their data. This belief is completely in-line with the Dataportability view on consumer empowerment.   More so, we also believe that thus far there has been a missing piece of the discussion on practice to consumer interoperability.

Additionally, the Health Data Bill of Rights focuses not on any particular solution or specific implementation. In fact, it stresses that consumers be granted access and control to their data even if it only exists on paper.  This focus on the root problem independent of technology is critical as it sets the necessary foundation.  From this foundation the market can then build solutions.

With the ever increasing role portability is playing within healthcare, it is with great excitement and enthusiasm we endorse these rights.  We strongly encourage you endorse these Health Data Bill of Rights as well.

Lobby against the password anti-pattern

Back in January, I wrote how it’s time to criminalise the password anti-pattern. The password anti-pattern is where service A requires you to enter your service B username and password so service A can act for you with your B service. It teaches you how to be phished, and the only way to resolve it is to change your password. It’s also no longer necessary as lots of sites now have OAuth support, including Twitter.

For example, popular service TwitPic requires you to enter your Twitter username and password in order to access the service. This is an example of the anti-pattern that needs to be lobbied against.

A service that does it right is 140 Mafia, that uses the Twitter implementation of OAuth – it allows you to link the two services together with your permission without having to give over your service B password to service A.

Tom Morris now maintains a list of services on Twitter that catalogues services that continue with this anti-pattern. Encourage them to switch to the open standard OAuth or just avoid ‘em. For Data Portability to exist, service providers have a responsibility to be mindful of your privacy – and they should not insist on you handing over your password to other services.

DataPortability Project Plenary Quarterly Meeting – Q2 09 July 21st 16:00 – 17:00 UTC

FROM: Daniela Barbosa, DataPortability Project chair,
TO: DataPortability Project Members and Supporters
RE: Quarterly Plenary Meeting- Q2 09

As per our 2009 strategic goals, the Steering Group of the DataPortability Project will be responsible for quarterly plenary meetings to engage the community more with what we are doing. The plenary is an important part of the DataPortability Project’s governance framework, which among other things, elects the Steering Group and holds it accountable.

All members of the plenary are invited to this meeting, where the Steering Group can explain how we are tracking against the goals and question Steering members on the DataPortability Project’s future direction and the relevance of work being performed. It also is an opportunity for the community to make binding decisions on behalf of the Project, despite being removed from the day to day operation of it. As with all DataPortability Project meetings, this is open to anyone to participate.

The meeting will take the place on July 21st at 16:00 – 17:00 UTC. As decided in our last plenary meeting meeting hours will rotate quarterly to accommodate our global plenary. Please refer to the meeting agenda page for details about your region, and feel free to add an agenda item.

To be a member of the plenary, all you need to do is “opt-in” into the vote mailing list, by stating your intention to be a member.

We love forward to your participation.

- DataPortability Project Steering Group

POWER.COM Serves FACEBOOK a PR HEADACHE, Thrusts DATA PORTABILITY into LEGAL Spotlight

Yesterday, social aggregator POWER.COM filed a countersuit against Facebook that raises some thorny issues for Facebook and adds some interesting defenses for the case of data portability and personal data ownership.  It is not yet clear from reading the pleadings whether either party will win in this escalating case (there are some key issues and concepts on both sides that a Court will have to wade through), but it is clear the issue of Data Portability comes center stage.

Jason Kincaid over at TechCrunch released an interesting article on the subject, “Power.com Countersues Facebook over Data Portability,” along with a copy of the counter-suite.

In their opening salvo, Power steps up to the soap box and discusses “a borderless Internet where users have the right to own and control their own data” and goes on to present their recently adopted “Internet User Bill of Rights:”

This is great stuff for users and data portability, and in many ways mirrors much of our work over at the Data Portability Project (http://www.dataportability.org), however it has little to do with what Facebook is doing in the context of their site or their lawsuit. It does, however, place Facebook in a position of having to answer why it does not agree with these principals.

Thus far, Facebook has tread cautiously as it relates to user data and rights therein. They do not wish to give away the store or proprietary and competitive advantage, nor do they wish to (further) incur the wrath of its users by inflicting too many restrictions. Many of us hoped that a number of Facebook’s recent initiatives signaled their willingness to explore a leadership role in this highly important area. Unfortunately, the pleadings conflict with this hoped for direction.

From Facebook’s perspective, Power.com violated Facebook’s stated terms and conditions; the contract that establishes the relationship between the parties for the use of the site.  Every Facebook user has agreed to this (or they wouldn’t be using the site), but, like virtually every other “terms and conditions” document, it is overly broad, highly protective, filled with legalese, and generally ignored by most actual users.  It is merely the lack of enforcement by the provider (in this case Facebook) that keeps these things out of court more often. (The standardization and simplification of this topic is also the subject of much work over at Data Portability and other advocacy organizations).

Power.com counters by saying they are doing nothing that Facebook isn’t already doing themselves, and, besides, theirs (they believe) is the right way anyway. It is clear that Facebook does not agree with this position but now is in the difficult position of explaining why many of the good points that Power.com raises are not valid within Facebook.

Still, Facebook is a privately held company and they get to decide what is allowed or not. No court, other than the one of public opinion, can force them to do what they do not want to do – unless the legal line is crossed.

And while I do not believe that Power.com has a leg to stand on when trying to win based on how much “screen scraping” of data is allowed (Facebook’s terms and conditions say none), they have raised some interesting issues that could inspire both the court of opinion and the hollowed halls of justice.

At the very least, Facebook is highly conflicted. It does not own the copyrights associated with all of the information available on its site; it does use some of the very techniques with 3rd-party sites that it accuses Power.com of using against Facebook; it has moved in the direction of providing greater access to its data; and it is party to litigation that potentially represents a PR quagmire.

More significantly for Facebook, Power.com raises the issues of “Restraint of Trade” and “Restraint on Competition” regarding data portability which both lead to the dreaded “M” word: MONOPOLY. Specifically:

“Facebook’s conduct restricting users’ ability to access their own data constitutes an unlawful restraint of trade under Section I of the Sherman Act.”

“Facebook’s conduct constitutes monopolization (or attempted monopolization, ed.) of the market for social networking website services in violation of Section 2 of the Sherman Act.”

With all of the issues at hand, I predict that there will be chest banging and posturing by both sides, some “interesting” press conferences, followed by a negotiated settlement that washes the issue aside and lets both parties (partially) save face. Regardless, Facebook will likely take a PR “black eye” over this.

But I submit there is another, better, solution: Facebook should not only continue its current efforts of data portability and accessibility, but become the leading player on how to do it right!  Users would benefit, Facebook would be crowned a friend to all proponents of Data Portability, and the lawyers would find something else to do! In absence of such, Facebook risks becoming the view in the rear view mirror for the company that actually does get it right.

IMHO.

Steve Repetti

www.radwebtech.com