Dataportability officially endorses the Health Data Bill of Rights

We previously wrote in regards to the Dataportability Healthcare Taskforce endorsing the Health Data Bill of Rights.  We are now pleased to announce that the Dataportability project is officially endorsing the Health Data Bill of Rights as stated below ….

In an era when technology allows personal health information to be more easily stored, updated, accessed, and exchanged, the following rights should be self-evident and inalienable. We the people:

• Have the right to our own health data
• Have the right to know the source of each data element
• Have the right to take complete possession of a complete copy of your individual health data, without delay, at minimal or no cost; if data exists in computable form, they must be made available in that form
• Have the right to share our health data with others as we see fit

These principles express basic human rights as well as essential elements of health care that is participatory, appropriate and in the interests of each patient. No law or policy should abridge these rights.

The Dataportability project is officially endorsing these bill of rights because it focuses on the core problem of granting consumers both access and control to their data. This belief is completely in-line with the Dataportability view on consumer empowerment.   More so, we also believe that thus far there has been a missing piece of the discussion on practice to consumer interoperability.

Additionally, the Health Data Bill of Rights focuses not on any particular solution or specific implementation. In fact, it stresses that consumers be granted access and control to their data even if it only exists on paper.  This focus on the root problem independent of technology is critical as it sets the necessary foundation.  From this foundation the market can then build solutions.

With the ever increasing role portability is playing within healthcare, it is with great excitement and enthusiasm we endorse these rights.  We strongly encourage you endorse these Health Data Bill of Rights as well.

Lobby against the password anti-pattern

Back in January, I wrote how it’s time to criminalise the password anti-pattern. The password anti-pattern is where service A requires you to enter your service B username and password so service A can act for you with your B service. It teaches you how to be phished, and the only way to resolve it is to change your password. It’s also no longer necessary as lots of sites now have OAuth support, including Twitter.

For example, popular service TwitPic requires you to enter your Twitter username and password in order to access the service. This is an example of the anti-pattern that needs to be lobbied against.

A service that does it right is 140 Mafia, that uses the Twitter implementation of OAuth – it allows you to link the two services together with your permission without having to give over your service B password to service A.

Tom Morris now maintains a list of services on Twitter that catalogues services that continue with this anti-pattern. Encourage them to switch to the open standard OAuth or just avoid ‘em. For Data Portability to exist, service providers have a responsibility to be mindful of your privacy – and they should not insist on you handing over your password to other services.

DataPortability Project Plenary Quarterly Meeting – Q2 09 July 21st 16:00 – 17:00 UTC

FROM: Daniela Barbosa, DataPortability Project chair,
TO: DataPortability Project Members and Supporters
RE: Quarterly Plenary Meeting- Q2 09

As per our 2009 strategic goals, the Steering Group of the DataPortability Project will be responsible for quarterly plenary meetings to engage the community more with what we are doing. The plenary is an important part of the DataPortability Project’s governance framework, which among other things, elects the Steering Group and holds it accountable.

All members of the plenary are invited to this meeting, where the Steering Group can explain how we are tracking against the goals and question Steering members on the DataPortability Project’s future direction and the relevance of work being performed. It also is an opportunity for the community to make binding decisions on behalf of the Project, despite being removed from the day to day operation of it. As with all DataPortability Project meetings, this is open to anyone to participate.

The meeting will take the place on July 21st at 16:00 – 17:00 UTC. As decided in our last plenary meeting meeting hours will rotate quarterly to accommodate our global plenary. Please refer to the meeting agenda page for details about your region, and feel free to add an agenda item.

To be a member of the plenary, all you need to do is “opt-in” into the vote mailing list, by stating your intention to be a member.

We love forward to your participation.

- DataPortability Project Steering Group

POWER.COM Serves FACEBOOK a PR HEADACHE, Thrusts DATA PORTABILITY into LEGAL Spotlight

Yesterday, social aggregator POWER.COM filed a countersuit against Facebook that raises some thorny issues for Facebook and adds some interesting defenses for the case of data portability and personal data ownership.  It is not yet clear from reading the pleadings whether either party will win in this escalating case (there are some key issues and concepts on both sides that a Court will have to wade through), but it is clear the issue of Data Portability comes center stage.

Jason Kincaid over at TechCrunch released an interesting article on the subject, “Power.com Countersues Facebook over Data Portability,” along with a copy of the counter-suite.

In their opening salvo, Power steps up to the soap box and discusses “a borderless Internet where users have the right to own and control their own data” and goes on to present their recently adopted “Internet User Bill of Rights:”

This is great stuff for users and data portability, and in many ways mirrors much of our work over at the Data Portability Project (http://www.dataportability.org), however it has little to do with what Facebook is doing in the context of their site or their lawsuit. It does, however, place Facebook in a position of having to answer why it does not agree with these principals.

Thus far, Facebook has tread cautiously as it relates to user data and rights therein. They do not wish to give away the store or proprietary and competitive advantage, nor do they wish to (further) incur the wrath of its users by inflicting too many restrictions. Many of us hoped that a number of Facebook’s recent initiatives signaled their willingness to explore a leadership role in this highly important area. Unfortunately, the pleadings conflict with this hoped for direction.

From Facebook’s perspective, Power.com violated Facebook’s stated terms and conditions; the contract that establishes the relationship between the parties for the use of the site.  Every Facebook user has agreed to this (or they wouldn’t be using the site), but, like virtually every other “terms and conditions” document, it is overly broad, highly protective, filled with legalese, and generally ignored by most actual users.  It is merely the lack of enforcement by the provider (in this case Facebook) that keeps these things out of court more often. (The standardization and simplification of this topic is also the subject of much work over at Data Portability and other advocacy organizations).

Power.com counters by saying they are doing nothing that Facebook isn’t already doing themselves, and, besides, theirs (they believe) is the right way anyway. It is clear that Facebook does not agree with this position but now is in the difficult position of explaining why many of the good points that Power.com raises are not valid within Facebook.

Still, Facebook is a privately held company and they get to decide what is allowed or not. No court, other than the one of public opinion, can force them to do what they do not want to do – unless the legal line is crossed.

And while I do not believe that Power.com has a leg to stand on when trying to win based on how much “screen scraping” of data is allowed (Facebook’s terms and conditions say none), they have raised some interesting issues that could inspire both the court of opinion and the hollowed halls of justice.

At the very least, Facebook is highly conflicted. It does not own the copyrights associated with all of the information available on its site; it does use some of the very techniques with 3rd-party sites that it accuses Power.com of using against Facebook; it has moved in the direction of providing greater access to its data; and it is party to litigation that potentially represents a PR quagmire.

More significantly for Facebook, Power.com raises the issues of “Restraint of Trade” and “Restraint on Competition” regarding data portability which both lead to the dreaded “M” word: MONOPOLY. Specifically:

“Facebook’s conduct restricting users’ ability to access their own data constitutes an unlawful restraint of trade under Section I of the Sherman Act.”

“Facebook’s conduct constitutes monopolization (or attempted monopolization, ed.) of the market for social networking website services in violation of Section 2 of the Sherman Act.”

With all of the issues at hand, I predict that there will be chest banging and posturing by both sides, some “interesting” press conferences, followed by a negotiated settlement that washes the issue aside and lets both parties (partially) save face. Regardless, Facebook will likely take a PR “black eye” over this.

But I submit there is another, better, solution: Facebook should not only continue its current efforts of data portability and accessibility, but become the leading player on how to do it right!  Users would benefit, Facebook would be crowned a friend to all proponents of Data Portability, and the lawyers would find something else to do! In absence of such, Facebook risks becoming the view in the rear view mirror for the company that actually does get it right.

IMHO.

Steve Repetti

www.radwebtech.com

Improving portability between the practice and the patient

Dataportability has been focusing on Healthcare for almost a year now with its Healthcare Taskforce. Recently, this taskforce came across the Health Data Bill of Rights.  In summary, the rights are as follows

In an era when technology allows personal health information to be more easily stored, updated, accessed and exchanged, the following rights should be self-evident and inalienable. We the people:

1. Have the right to our own health data
2. Have the right to know the source of each health data element
3. Have the right to take possession of a complete copy of our individual health data, without delay, at minimal or no cost; if data exist in computable form, they must be made available in that form
4. Have the right to share our health data with others as we see fit

These principles express basic human rights as well as essential elements of health care that is participatory, appropriate and in the interests of each patient. No law or policy should abridge these rights.

What makes these bill of rights so critical, and why it’s gathering so much momentum with others, is that it focuses on the core problem of granting you the patient access to your data.  Currently, your data is stored in silo’s at many of the different practices you visit and is extremely difficult for you, or other practices to access. However, the conversation in regards to access thus far has been monopolized by standardizing the digital format to increase interoperability between practices.  Practice to practice interoperability is a very important problem to solve.  However, it completely misses the data portability between the practice and the patient.  This bill or rights brings much needed focus on the patient.

I’ve asked the Steering Group of the DataPortability project, to follow the recomendation of the Health Case task force, in fully endorsing these principles

DataPortability Community Invited to Semantic Technologies Conference in San Jose, CA June 14-19th, Free and Discounted Options

We are hosting a DataPortability get-together at SemTech 2009, the Semantic Technology Conference, at the San Jose Fairmont on Monday, June 15, 2009, 6:00pm – 8:00pm.  As an added bonus, when you register to attend this meetup, you will get access to Chris Saad’s conference session which takes place immediately prior (5:00pm-6:00pm)!

You need to register so to register for both opportunities, please use the link below:

https://www.regonline.com?eventID=677058&rTypeID=142122

FREE Access gets you:
–5:00pm – 6:00pm It’s Time for Social Media to Become Personal Media
with Chris Saad, JS-Kit
–6:00pm – 8:00pm Community Discussion : Data Portability and The Semantic Web with Daniela Barbosa DataPortability Project/Dow Jones
and Chris Saad  among other DataPortability Project members
–Ability to network with Semtech attendees!

If you would like to see other attendance options, including tutorials and over 220 hours of educational content, please visit: http://semtech2009.com/2009/registration/

Interested in attending the full conference? Use the DataPortability Discount code: ST9DP
It will give the user $200 off a “full event” or “conference only” registration fee and $100 off a “tutorial day only” fee.

For example: If you are also interested in attending a full Semantic Search Day on Wednesday. Use the code to get you $100 off the day price of $195! http://www.semantic-conference.com/2009/semsearchday/

Questions? What to host a conversation during our community discussion? Please drop me a line at danielavbarbosa [@} gmail.com .

Thanks and see you in San Jose!

Open Arms: a data portability approach

Caveat Lector: this is a rough draft of my thinking on what a Portability EULA/ToS should say/do/include. Please comment. In the EULA/ToS task force, we are exploring ways of explaining portability with simple analogies. - Phil

We’ve discussed Graceful Exit, the ability for people to control their departure from a site or service.

Open Arms starts at the beginning of your relationship with a service. Let’s summarize it, break it apart, and explain why this is a powerful way to do business.

Open Arms is a combination of policy and technology.

The policy says:

When you come to our site,
bring all of yourself.
We’ll help you put it to use
in our context.
We’ll make it easy to come.
We’ll keep it safe.
We’ll respect ownership as you see it.

What you add while you are here
will join your collection
and be portable in turn.

The elements.

All of yourself.

Bring your identity, your contacts, your history with your contacts, your photos and videos, your playlists, everything digital.

We’ll ignore what we cannot use.

Put it to use in our context.

Every site has a context.

• Things it does
• Purposes people share
• Community standards of behavior.

For example:

• Monster brings work and workers together.
• Flickr helps people manage what comes out of their cameras.
• YouTube is a community of video.
• QuickBooks helps you manage your business.
• Chemistry helps you find true love.
• Amazon and eBay bring buyers and sellers together.

We need your data. These sites could help you do more and do it smarter with more and fresher and truer information from you. Monster could create team job search features if it knew your social graph. Chemistry could be more accurate if it had your music and video playlists.

Our sites are verbs. We do things. The more data you bring, the richer the data, the fresher and more standardized the data, the more we can do, the more creative we can be.

Most people don’t try new sites because it’s hard to recreate data. Especially for every site you visit.

Easy.

So for Open Arms to work,  bringing your onlife to each site you join must be fast, simple, easy, and obvious. And correct.

Safe.

We will protect everything you share. We will protect it from damage, theft, natural disaster, financial ruin, legal physical threats, from legal threats, from Martian invasion. As best we can. And we’ll explain the threats we perceive and how we’re protecting you and your onlife from them.

Ownership as you see it.

“Ownership” is a tricky word: it means one thing to lawyers, something else to most people. Our online and mobile social experiences are a little ahead of the law. So all we can do is try to the right thing for you and for all of our guests.

We’ll respect that your stuff is only “mostly” yours and that you may not have permission to share them with strangers. You may not have permission from the subject of a photo, or their parents. You may have clipped a blog post to share under fair use, but not for general distribution. You may have a confidential email that could endanger lives if leaked.

We will assume everything you bring is private to you and that you will tell us what can be shared, with whom, and under what conditions.

We’ll make it easy for you to re-use your choices, so you don’t have to explain yourself everywhere you go.

Portable in turn

Reciprocity works. So we’re going to share with other sites the part of your onlife you spend with us, as you see fit. So you never feel we’re holding your data hostage.

What’s next?

So, we’ve “Open Arms” at the start of our relationship and “Graceful Exit” at the end. Next up “Ever Fresh” in between.

“Open Arms” written by Steve Perry and Jonathan Cain, Journey (1982)

Lying beside you, here in the dark
Feeling your heart beat with mind
Softly you whisper, you’re so sincere
How could our live be so blind
We sailed on together
We drifted apart
And here you are by my side

So now I come to you, with open arms
Nothing to hide, believe what I say
So here I am with open arms
Hoping you’ll see what your love means to me
Open arms

Living without you, living alone
This empty house seems so cold
Wanting to hold you, wanting you near
How much I wanted you home

But now that you’ve come back
Turned night into day
I need you to stay.

(chorus)

So what has the DataPortability Project been doing?

Tomorrow, we will be holding first quarterly plenary meeting – where the community at large can question the DataPortability Project’s leadership. As a member of the plenary (membership is free – contact the Steering Groups Secretary Steve Repetti for more information), you can make binding decisions as well.

So since this is our first meeting, here is a summary of what we have been working on; what we are working on; and what we will be working on. Feel free to  look also at our weekly Steering meeting minutes if you wish to dig into the detail.

Governance and workflow taskforce
- Time frame: May 2008 – July 2008
-Purpose: to reboot the Dataportability Project, and convert it from a mailing list that generated discussion, into a structured organisation focused on deliverables. While the output looks small, it required over 50 man hours to determine it.
- Status: Completed
- Task force homepage: http://wiki.dataportability.org/x/EgsR
- Final output: http://wiki.dataportability.org/x/ooUj

Governance task force
- Time frame: August 2008 – September 2008
- Purpose: to revise the governance framework with subsequent issues identified and rewrite it with a fresh perspective looking at it as a whole
- Status: Completed
- Task force homepage: http://wiki.dataportability.org/x/OIEt
- Final output: http://wiki.dataportability.org/x/OIAt

Vision and mission
- Time frame: August 2008 – October 2008
- Purpose: to provide a policy DNA for the organisation that would allow subsequent work to be built on
- Status: Completed
- Task force homepage: http://wiki.dataportability.org/x/XIAt
-Final output: http://wiki.dataportability.org/x/SoA0

Logo and branding task force
- Time frame: August 2008 – March 2009 (scope of work was extended in November 2008)
- Purpose: to create a logo and associated branding for the DataPortability Project, including an upgrade of the website. On two previous occasions,we have received law suits due to our logo, so this third time, we had a much more robust process
- Status: Completed.
- Task force homepage: http://wiki.dataportability.org/x/XYUj
- Task force output: Everything (literally) that can be seen on http://dataportability.org as of today

Legal entity taskforce
- Time frame: Started November 2008, still open
- Purpose: Investigate and prepare for the incorporation of the DataPortability Project as a non-profit entity
- Status: Work completed, documents signed, waiting for clearance
- Task force homepage:  http://wiki.dataportability.org/x/JoBE

EULA and ToS task force
- Time frame: Started November 2008, still open
- Purpose: to create a set of outputs that can be incorporated into legal documents, reflecting the vision of the DataPortability Project
- Status: draft report will be available in April 2009
- Task force homepage: http://wiki.dataportability.org/x/mIRE

Standards landscape task force
- Time frame: Started March 2009, still open
- Purpose: to create an analyst report that can contextualise all the standards that advance data portability, with recommendations to improve identified weaknesses as well how they all fit together
- Status: recruiting for contributors, work has not begun yet
- Task force homepage: http://wiki.dataportability.org/x/BgJg

Healthcare taskforce
- Time frame: started November 2008, still open
- Purpose: To provide analysis on how data portability will impact the health sector
- Status: Use cases have been identified, currently assigning work for more focused research
- Task force homepage: http://wiki.dataportability.org/x/C4A8

Service provider grid tool
- Time frame: August 2008, still open
- Purpose: An API enabled web service that allows the community to monitor what companies/web services use what standards
-Status: Prototype done. Delays due to required developer staff to complete version one.
Task force homepage: http://wiki.dataportability.org/x/YIAt

Volunteer positions task force
- Time frame: November 2008, still open
- Purpose: to recruit, train, and fill open positions for a community manager and a set of analysts
- Status: have recruited a community manager, currently training a half dozen “analysts” around the world on a variety of topics in different jurisdictions
Task force homepage: http://wiki.dataportability.org/x/P4I0

Other activities not reflected in the task force work above.
Believe it or not – talking and meetings take up a lot of time!
- discussions over IDTBD membership
- discussions over creating the W3C Social Web incubator group
- discussions over Identity Commons membership
- first actual elections (for vacancies) since the enactment of the governance framework
- podcasts, regular reports, blog (you’re looking at it!), RSS feed of the best data portability posts on the web (note: due to the Magnolia crash, we lost all our bookmarked items. However we have now started a new friendfeed room as a temporary way to share links), and conferences (upcoming ones available here)
- as part of the new website, we have also recently (this month) done a massive reorganisation of the wiki which took 20-30 people hours to do
- we also have three “unofficial task forces” which will emerge when/if they are ready: one on publishing, another on business models, a third on market research.
- We are about to create a dedicated group that can focus on governance, with its first task to determine a more efficient voting system

As you can see, we’ve made a heavy investment in the administrative side of things to prepare us, which is why we are now emerging and reaching out again to the community. We are now embarking on work we have been wanting to do for months, and hope to get a lot achieved this year in output, to be ready for 2010.

We are focused this year on a set of strategic goals, and our core activities going forward are on policy formulation and communications (which includes education).

Facebook and Lumpy policy decisions

Rethinking your TOS/EULA is a pain in the neck. Nobody wants to divert attention, money or energy thinking about it. It seems like a serious distraction from making money and serving customers.

Looking at the 2009 Facebook policy hubbub, it’s a big deal. It sucks up attorney fees, management, press, even engineering into a big, risky, bothersome pile of unhappiness.

So a reasonable company wouldn’t volunteer for exercises like that. Maybe, at most, an annual review. It might look like this.

Lumpy.

Huge piles of politics.

What if you smoothed it out?

Would that reduce the icky parts of policy review and enhance the charming parts?

Because policy review has its charming parts.

• It lets you re-engage your customers on what matters to them.
• It helps you restate what you need from customers their language.
• It helps turn your policy from a just-click-through-it to a loyalty building selling opportunity. Maybe even a competitive advantage.

And a smoother, more continuous approach has its tasty bits too.

• Fewer surprises.
• More continuity, less forgetting of why.
• Less distraction, cost, effort.
• Smaller changes, more easily absorbed.

Smoothing might have parts like:

• An internal TOS/EULA lmailing list that any employee can join.
• Annual policy summit. A little bit of briefing. A few workshops. A lot of Open Space unconference.
• A public TOS/EULA listserve/bbs for policy advocates, concerned citizens and partners.
• Ongoing communications (blog posts? videos?) about the state of your policy thinking, inviting participation in that thinking.

Should DataPortability.org help companies engage in that conversation? To move from lumpy to smooth. To avoid the icky bits. To enjoy the tasty and charming parts of policy definition. We already are – join us!

Special Election results

FROM: Elias Bizannes, DataPortability Project vice-chair, election
returning officer
TO: DataPortability Project Members and Supporters
RE:Special Election results

Voting for the Special election of the Steering Group has closed.

A total of 30 votes were cast, of which 28 that were recognised. Two votes were disqualifed for Givotovsky as the voting member had not fulfiled the requirement of joining the plenary one week before voting per section 4.16 of the by-laws.

The results were as follows

Dan Brickley: 8
Anthony Broad Crawford: 7
Nicholas R. Givotovsky: 5
Willem Kossen: 3
Jeremy LeBard: 2
Chris Lunt: 2
Mark Lizar:1

Congratulations to Dan Brickley and Anthony Broad-Crawford who have been elected by the DataPortability Project’s plenary as the two newest Steering Group members.

These positions are to fill the vacancies left by J.Trent Adams and Brett McDowell, who had resigned due to roles taken in other organisations that presented a conflict of interest.

A full election of the 12 person Steering Group will occur at the end of this year.