Personal clouds

You are currently browsing the archive for the Personal clouds category.

Civilization is a draft. Provisional. Scaffolded. Under construction. For example:

DEC. OF INDEP. 1

That’s Thomas Jefferson‘s rough draft of the Declaration of Independence. The Declaration hasn’t changed since July 4, 1776, but the Constitution built on it has been amended thirty-three times, so far. The thirteenth of those abolished slavery, at the close of the Civil War, seventy-seven years after the Constitution was ratified.

Today we are in another struggle for equality, this time on the Net. As Brian Grimmer put it to me, “Digital emancipation is the struggle of the century.”

There is an ironic distance between those first two words: digital and emancipation. The digital world by itself is free. Its boundaries are those of binary math: ones and zeroes. Connecting that world is a network designed to put no restrictions on personal (or any) power, while reducing nearly to zero the functional distance between everybody and everything. Costs too. Meanwhile, most of what we experience on the Net takes place on the World Wide Web, which is not the Net but a layer on top of it. The Web is built on architectural framework called client-server. Within that framework, browsers are clients, and sites are servers. So the relationship looks like this:

calf-cow

In other words, client-server is calf-cow. (I was once told that “client-server” was chosen because “it sounded better than ‘slave-master.’” If anyone has the facts on that, let us know.)

Bruce Schneier gives us another metapor for this asymmetry:

It’s a feudal world out there.

Some of us have pledged our allegiance to Google: We have Gmail accounts, we use Google Calendar and Google Docs, and we have Android phones. Others have pledged allegiance to Apple: We have Macintosh laptops, iPhones, and iPads; and we let iCloud automatically synchronize and back up everything. Still others of us let Microsoft do it all. Or we buy our music and e-books from Amazon, which keeps records of what we own and allows downloading to a Kindle, computer, or phone. Some of us have pretty much abandoned e-mail altogether … for Facebook.

These vendors are becoming our feudal lords, and we are becoming their vassals.

It’s handy being a vassal. For example, you get to use these shortcuts into websites that require logins:

social-signin

To see how much personal data you risk spilling when you click on the Facebook one, visit iSharedWhat (by Joe Andrieu) for a test run. That spilled data can be used in many ways, including surveillance. The Direct Marketing Association tells us the purpose of surveillance is to give you a better “internet experience” through “interest-based advertising—ads that are intended for you, based on what you do online.” The DMA also provides tools for you to manage experiences of what they call “your ads,” by clicking on this tiny image here:

adchoicesbutton

It appears in the corners of ads from companies in the DMA’s AdChoice program. Here is one:

scottrade

The “AdChoices” text appears when you mouse over the icon. When I click on it, I get this:

scottradepopdown

Like most companies’ privacy policies, Scottrade’s says this: “Scottrade reserves the right to make changes to this Online Privacy Policy at any time.” But never mind that. Instead look at the links that follow. One of those leads to Opt Out From Behavioral Advertising By Participating Companies (BETA). There you can selectively opt out of advertising by dozens of companies. (There are hundreds of those, however. Most don’t allow opting out.)

I suppose that’s kind of them; but for you and me it’s a lot easier just to block all ads and tracking on our own, with a browser extension or add-on. This is why Adblock Plus tops Firefox’s browser add-ons list, which includes many other similar products as well. (The latest is Privacy Badger, from the EFF, which Don Marti visits here.)

Good as they are, ad and tracking blockers are still just prophylactics. They make captivity more bearable, but they don’t emancipate us. For that we need are first person technologies: ways to engage as equals on the open Net, including the feudal Web.

One way to start is by agreeing about how we respect each other. The Respect Trust Framework, for example, is a constitution of sorts, “designed to be self-reinforcing through use of a peer-to-peer reputation system.” Every person and company agreeing to the framework is a peer. Here are the five principles to which all members agree:

Promise We will respect each other’s digital boundaries

Every Member promises to respect the right of every other Member to control the Member Information they share within the network and the communications they receive within the network.

Permission We will negotiate with each other in good faith

As part of this promise, every Member agrees that all sharing of Member Information and sending of communications will be by permission, and to be honest and direct about the purpose(s) for which permission is sought.

Protection We will protect the identity and data entrusted to us

As part of this promise, every Member agrees to provide reasonable protection for the privacy and security of Member Information shared with that Member.

Portability We will support other Members’ freedom of movement

As part of this promise, every Member agrees that if it hosts Member Information on behalf of another Member, the right to possess, access, control, and share the hosted information, including the right to move it to another host, belongs to the hosted Member.

Proof We will reasonably cooperate for the good of all Members

As part of this promise, every Member agrees to share the reputation metadata necessary for the health of the network, including feedback about compliance with this trust framework, and to not engage in any practices intended to game or subvert the reputation system.

The Respect Network has gathered several dozen founding partners in a common effort to leverage the Respect Trust Framework into common use, and within it a market for VRM and services that help out. I’m involved with two of those partners: The Searls Group (my own consultancy, for which Respect Network is a client) and Customer Commons (in which I am a board member).

This summer Respect Network launched a crowd-funding campaign to get this new social login button rolling:

respect-connect-button

It’s called the Respect Connect button, and it embodies all the principles above; but especially the first one: We will respect each others’ digital boundaries. This makes itthe first safe social login button.

Think of the Respect Connect button project as a barn raising. There are lots of planks (and skills) you can bring, but the main ones will be your =names (“equals names”). These are sovereign identifiers you own and manage for yourself — unlike, say, your Twitter @ handle, which Twitter owns. (Organizations — companies, associations, governments — have +names and things have *names.)

Mine is =Doc.

Selling =names are CSPs: Cloud Service Providers. There are five so far (based, respectively, in Las Vegas, Vienna, London, New York/Jerusalem and Perth):

bosonweb-logo danube_clouds-logo paoga-logo emmett_global-logo onexus-logo

Here’s a key feature: they are substituable. You can port your =name from one to the other as easily as you port your phone number from one company to another. (In fact the company that does this in the background for both your =name and your phone number is Neustar, another Respect Network partner.)

You can also self-host your own personal cloud.

I just got back from a world tour of places where much scaffolding work is going up around this and many other ways customers and companies can respect each other and grow markets. I’ll be reporting more on all of it in coming posts. Meanwhile, enjoy some photos.

 

This speed test was done in London, but it’s typical of everywhere:
speedtest in london

It shows a Net biased for downstream, and minimized for upstream.

If we’re going to do any serious personal work in clouds, we need better upstream than this.

I wrote about the problem, and the reason for it, in France, four years ago. Not much has changed.

One would think that Amazon, Apple and Microsoft, all of which offer cloud services for people (check those links), would make a stink about awful upstream speeds. But I haven’t heard a peep. Why not?

 

 

rn1There was a time when personal computer was an oxymoron: a contradiction in terms. That ended when personal computing got real in the ’80s.

There was a time when personal networking, where every person has status, reach and power equal to that of corporations and governments, was unthinkable. That ended when the Internet got real in the ’90s.

There was a time when putting both those powers, plus a zillion mobile apps, in everybody’s pocket, was a pie in the distant sky. That pie reached Earth in the ’00s.

There was a time when clouds were only corporate, and personal cloud was an oxymoron — or worse, just a new term for more data storage. That ends today.

Personal clouds level the market’s playing field by giving full agency to each of us: a place to stand where we can deal as equals with companies, governments, health care providers, lawyers, schools and everything and everyone else in the connected world. In your own ways, and on your own terms. They begin what @Petervan calls The Revolution of the Data Slaves.

You can self-host your cloud (which some also call a vault or a store), or use a Cloud Service Provider (CSP) that hosts your cloud it in an encrypted form that even they can’t see. Either way, your personal cloud (hashtags: #pcloud, #TakeBackControl) is an ideal box for any number of current and future VRM tools, including ones for:

Respect Network is has gathered together a bunch of Cloud Service Providers, along with other companies, development projects, organizations and individuals, for a world-circling launch tour that begins today in London. Tomorrow is an Immersion Day, for digging down into how personal clouds solve problems of privacy and personal empowerment. I’ll be at both, and giving the opening keynote tomorrow.

Next stops on the tour:

  • San Francisco — 30 June and 1 July
  • Sydney — 7 and 8 July
  • Tel Aviv — 14 July
  • Berlin — 21 July

The tour is also a campaign to sign up a million members, each claiming their own cloud name — a sovereign identity that’s yours alone. They explain:

The Respect Network is a collaboration of over 70 companies and open source projects from around the world who share this commitment:

  1. On the Respect Network, every member owns his/her private cloud and cloud name (your =name) that is completely portable for life and not dependent on any single CSP (cloud service provider).
  2. On the Respect Network every personal and business member agrees to respect each other’s privacy and digital freedom.
  3. On the Respect Network, you control your digital identity and relationships. You have the right to be forgotten—or remembered—by any other member.
  4. On the Respect Network you control when and where your personal data is shared and benefit directly from the value earned.
  5. On the Respect Network you are not the product, you are the partner—the network is supported directly by members investing in privacy for life.

I’ll add more here as the day goes on. It’s going to be an exciting one.

I’ve been asked how EULAs — End User License Agreements — might affect the Internet of Things, now becoming better known as the IoT. Good question. The topic is hot:

google-iot-trend

Development, however, is another story. There we are headed straight into a log-jam that Phil Windley calls the Compuserve of Things. In the 80′s and early ’90s, Compuserve was as close as any of us could get to experiencing the real Internet (which was available only to a limited selection of governments, universities and big companies). Compuserve’s competitors were AOL (originally America OnLine), Prodigy, MSN and a few others not worth mentioning.

The problem was that all online services were closed and proprietary. Communication between them was difficult or impossible. Your Compuserve email only worked with other Compuserve members. Same with your Prodigy and AOL mail. Same with instant messaging (which retains its old proprietary problems even to this day.)

Where we are headed today is not the Internet of Things, but the Google of Things, the Apple of Things, the Microsoft of Things, and low-effort sports and war stories in the media misdirecting attention away from the real Internet and toward fights between giants.

Also evolving away from the Net will be the Every-BigCo-of-things, and their suppliers of proprietary platforms. (Let’s call that one EBCoT.) Every one of these, of course, will have its own EULA.

The Internet has no EULA. It just has an A, for Agreement. That’s because the Internet is defined by protocols, which are manners — agreements — among the things it connects.

For the trillions of things in the world to work in the actual Internet, they need be subject to that same agreement (and others like it, tuned for things other than computers), but not licenses from controlling parties, because that would not be the Internet.

EULAs suck already anyway, for two legacy reasons: 1) they are one-sided and coercive; and 2) nobody reads them other than the lawyers who write them. Let’s unpack both problems.

Most EULAs are what legal folk call “contracts of adhesion.” That term was coined by Friedrich Kessler in 1943, at the apex of the Industrial Age (when Industry was causing, fighting and winning WWII). Adhesive contracts, Kessler said, were the only way any one company could achieve legal scale with masses of customers and users.

But what worked as an upside for industry had a downside for everybody else, because adhesive contracts came at a cost. Freedom of contract, long a form of vernacular law in everyday life, was shoved aside by industrial expedience.

What Kessler saw as both an efficient hack and a moral drag became more of both in the Information Age in which we live today. And it be a far bigger drag if it encumbers every Thing we want to put on the Internet.

Most of us don’t read EULAs, or the privacy policies that often accompany them, because to do so is both useless and time consuming. They are useless because they exist mostly to scrape off liability and other inconveniences on the customer or user. And they suck up time because they are written in legalese, by and for lawyers, rather than the rest of us.

So: what can we do? I’ll take that up in the next post.

Bonus link: Tony Faddel on Nest’s independence from Google and why he doesn’t like “Internet of Things” as a label.

From Merriam-Webster:

cru·ci·ble

noun\ˈkrü-sə-bəl\

  1. : a pot in which metals or other substances are heated to a very high temperature or melted
  2. : a difficult test or challenge
  3. : a place or situation that forces people to change or make difficult decisions

This is what cars will become.

The difficult decision is where to draw the line between what the owner/driver controls and what the maker/seller controls.

On one side is the owner/driver’s sovereignty over his or her own vehicle (more about this below). This includes the right to hack or customize that vehicle, to obtain and manage data that vehicle throws off, and to relate to other drivers with other vehicles (see Robin Chase), outside the control of the manufacturer or any other commercial “provider.” This is what we get, Cory Doctorow says, from general purpose computers.

On the other side is the manufacturer’s urge to provide that vehicle as a kind of IT service, like Tesla does, and to manage that vehicle much as, say, an iPhone is managed by Apple. This is also what we get from cable company set top boxes.

In the industrial Matrix we have built so far, the latter prevails increasingly, and that is limiting the ability of the former to flourish. For more on why this is a problem, visit the Lessig Library (notably Remix, Code, Code 2.0, The Future of Ideas and Free Culture), Cory Doctorow, Eben Moglen, the EFF and other fighters for personal freedom.

Cars will be crucibles because they have been, for more than a century, instruments of personal freedom and independence. (Not to mention the biggest-ticket retail item any of us will ever buy.) It is not for nothing that we speak of our car and its parts in the first person possessive: my tires, my dashboard, my fender, my seats. We even do this with rental cars, because, as drivers, our senses extend outward through the whole vehicle. In expert use our tools and machines become extensions — enlargements — of ourselves.

There is nothing wrong with having help in this from the Apples, Googles and Teslas of the world, provided our sense of where we end and where those companies begin is maintained, along with our full sense of autonomy and independence as individual human beings who can be social in our own ways, and not just in the controlling ways provided by commercial entities.

But today that line is very blurred, and may not be a line at all. As long as that blur persists, and superior power lies on the corporate side, we will have problems with compromised autonomy for individuals and their things. Those problems will only get worse as cars get “better” the (current) Tesla way. (Tesla can change, of course, and I hope they do.)  And the entire market greenfield that grows naturally on personal independence and autonomy will fail to materialize. We can drive all we want around walled gardens.

Cory calls this crucible a “civil war”. I don’t think he overstates the case.

An early shot fired in that war is Fuse, which plugs into the ODB2 port under your dashboard and gives you data your car throws off, and ways to use that data any way you please. Can’t wait to get mine.

By the way, I believe one reason Mozilla is in its current fix is that browsers and email — its founding apps — were born as instruments of personal autonomy. That’s what Mosaic and Netscape Navigator were: cars on the “information superhighway.” Now, too much of the time, they are just shopping carts. More about that in the next post.

(HT to Hugh McLeod for the car-toon.)

A couple days ago I went to an Apple store with my iPhone 4, which was running down its battery for no apparent reason. I forget the diagnosis, which didn’t matter as much as the cure: wiping the phone and restoring its apps. I would lose settings, I was told, and whatever data wasn’t stored with the apps’ cloud services. There was really no choice. So I did it.

As a result, I seem to have lost at least all of the following:

  • Everything I’ve recorded with the Moves activity tracker since I got it early this year.
  • Every tune I’ve ever tagged with Shazam, going back to 2007. The screen shot on the left are two songs I tagged today. That’s all I’ve got
  • All data from all my games
  • All my settings, whatever they were
  • Other data I don’t even want to know at this point

Why can’t this data be restored? For example,

  • Why will Angry Birds Seasons welcome me back by name and not remember that I had already cleared nearly every game in every season? (Mostly riding in subways, by the way.)
  • What’s the point of having a login with Moves if it’s not to have a cloud that remembers my data? I can’t see data in Moves if I’m not online anyway, so I know the data is in a cloud somewhere.
  • Why should I lose every text and all records of recent phone calls?

I mean, if all this data is kept somewhere, why not in a place from which the data can be recoverad by users?

At this point, far as I know (which isn’t far enough), the only way to get my data back is to do this:

  1. Wipe the phone again
  2. Restore it from the last backup
  3. Take shots of screens with data in them, for every app I care about

Then I’ll have data in screen shots, rather than in a more useful form. But at least I’ll know what I lose when I “restore” the phone completely.

Obviously neither Apple nor the app makers care much about this. But users do. And where there is a will, there should be a way.

I believe the way is personal clouds for users, and APIs for the app makers.

Personal clouds are clouds that individuals have, for their own data. We should be able to make logical connections between our apps, the APIs of the app vendors, and our own clouds, facilitating automatic data backup to our own spaces, rather than just those of Apple, Google or the app makers.

Lots of companies and development projects doing that are listed here. If you know others that belong there, tell me.

[Later (24 December)]… Items:

Fred WilsonI’m bummed that I missed LeWeb, but I’m glad I got to see and hear Fred Wilson’s talk there, given on Tuesday. I can’t recommend it more highly. Go listen. It might be the most leveraged prophesy you’re ever going to hear.

I’m biased in that judgement, because the trends Fred visits are ones I’ve devoted my life to urging forward. You can read about them in Linux Journal (starting in 1996), The Cluetrain Manifesto (1999, 2000, 2011), this blog (starting in 1999), ProjectVRM (starting in 2006) and The Intention Economy (2012). (Bonus links: What I said at Le Web in 2007 on stage and in an interview.)

He unpacks three megatrends, with an additional focus on four sectors. Here are my notes from the talk. Some of it is quotage, but little of it is verbatim. If you want to quote Fred, go to the source and listen.

1) We are making a transition from bureaucratic hierarchies to technology-driven networks. The former is the way the world has been organized for the last two hundred years. Markets, government, businesses are all pyramids. Transaction and communication costs were so high in the industrial era that these pyramids were the best way to organize work and run systems. But now technology-driven networks are replacing bureaucracies. Examples…

Twitter. Replaces the newspaper. The old army of reporters that reported to divisional editors who chose what would appear in limited spaces and distribute through printing mills and trucked to your doorstep was slow moving and bureaucratic. Now all of us are reporters. The crowd determines what’s important. This is an example of a tech-driven network.

YouTube. TV was hierarchical. Now all of us are video creators.

SoundCloud. Anybody can create audio or music. No labels. No radio or music industry required.

We first saw this trend in media and entertainment. Now we’re seeing it in AirBnB, One Fine Stay. Creative industries like Kickstarter and VHX. Learning with Codecademy and DuoLingo for languages.

We are very early with all of these and more to come.

2) Unbundling. This has to do with the way services are packaged and taken to market. In the traditional world, you only got to buy the thing that had everything in it. Now tech is changing that. More focused, best of breed, delivered a la carte. Now on mobile and internet you get better everything. Best of sports, fashion, classified advertising.

Banking is being unbundled. Banks used to do everything. Now entrepreneurs are picking off services. Lending Club. Funding Circle. auxsmoney in Germany. Taking profitable lending franchises away. Working capital. c2fo. Management services. All new, all based on networks.

Education. It’s expensive to put a lot of students in a building with a professor up front of every class. You needed a library. Administration. Very inefficient, costly, pyramidal and centralized. Now you can get books instantly. Research is no longer as highly centralized and capital dependent. See Science Exchange: collaboration on an open public network.  All this too is also early.

Entertainment. Used to be that you’d get it all on cable. Now we get Netflix and YouTube on our phones. Hulu. A la carte. Airplay, Chromecast.

3) We are all now personally a node on the network. We are all now nodes on the network, connected all the time. Mobiles are key. If forced to make a choice between phone and desktop, we go with the phone. (About 80% of the LeWeb audience did, along with Fred.) In the larger world, Android is being adopted massively on cheap phones. Uber, Halo.

This change is profoundly impacting the world of transportation. Rental cars. Delivery. Payments. Venmo, Dwolla, Square. Peer to peer. You can send money to anybody. For dating there’s Tinder. Again, this is new. It’s early.

The four sectors…

a) Money. Not just Bitcoin. At its core Bitcoin is a protocol: the financial and transactoinal protocol for the Net. We haven’t had one until now. As of today it is becoming a layer of internet infrastructure, through a ledger called the blockchain that is global. All transactions are cleared publicly in the blockchain. Entrepreneurs will build tech and services on this. Payments and money will flow the way content now flows. No company will control it. Others’ lock on our money will be gone.

b) Health and wellness. Health care is regulated and expensive. Health and wellness is the opposite. It’s what keeps you out of the hospitals. (QS is here.) The biologies of our bodies will be visible to us and connected. Some communications will be personal and private, some networked, some with your doctor and so on. Small example: many people today gamify their weight loss.

c) Data leakage. When the industrial revolution came along, we had polluting. It took a century to even start dealing with it. In the information revolution, the pollution is data. It’s what allows Google, Facebook and the government spy on us when we don’t want them to. We have no control over that. Yet.

d) Trust and identity. We have allowed Google, Facebook, Amazon and Twitter to be our identity services. It’s very convenient, but we are giving them access to all we do. This isn’t good. Prediction: a bitcoin-like service, a protocol, that is distributed and global, not controlled by anybody, architected like the Internet, that will emerge, that will give us control over identity, trust and data. When that emerges I’ll let you know. I haven’t seen it yet.

Talk to me, Fred. :-)

Fuse is more than a device and a smartphone app to go with it. The world is full of those already.

Fuse is the first product in the digital age that can blow up every one of the silos built to trap personal data and limit personal independence.

Fuse does that by putting you — literally — in the driver’s seat of your life.

Fuse is also the first product to show how your own “Internet of things” can be fully yours — and truly integrated in ways that work for you — without requiring that you become a serf in some company’s castle.

Fuse is an invention of Phil Windley and his team at Kynetx, who are committed to the freedom,  independence and self-empowerment of individuals: to making you a driver of your own life and your own stuff, and not just a “user” of others’ products and services. And to letting you be “social” in your own ways, as you are in your everyday life outside the Web.

This is why Fuse is Net-native, not Web-native (though it uses the Web too). This matters because the Net was created as a decentralized World of Ends, where every node can be sovereign and independent, as well as zero functional distance from every other node. The Web could have been the same, but instead it grew on top of the Net, along lines defined by client-server architecture (aka calf-cow), which makes everything there centralized: you’re always a client, and always at the mercy of servers. This is why the browser, which started out as a vehicle on the Information Superhighway, turned into a shopping cart that gets re-skinned at every commercial site you visit, and carries tracking beacons so you can be a better target for advertising.

Fuse drives under and away from that model, which has become terribly corrupted, and toward what Bob Frankston (sitting next to me as I write this) calls the “boundary less” and “permissionless” world.

If Fuse succeeds, it will be a critical first step toward building the fully independent vehicle for the fully independent human being on that same old Information Superhighway. And it will do that that by starting with your own car.

There are only a few hours left for the Fuse Kickstarter campaign. The sum required is only $60,000, and contributions have passed $50,ooo already. So help put it over the top. It could be the most leveraged investment you’ll ever make in the future of personal independence in the networked world.

More background in my first post on Fuse.

[Later, same day...] Goal reached:

294 backers
$63,202 pledged of $60,000 goal
Looking forward to seeing Fuse’s pudding prove the headline above. :-)

silosThe Forrest of Silos problem I describe in the last post is exactly what Josh Marshall of TPM is dealing with when he says (correctly) “there’s no single digital news publishing model” — and what Dave Winer also correctly talks about here.)

Every publisher requiring a login/password, or using ‘social logins’ such as those provided by Facebook and Twitter, is living in an administrative hell that burns no less because it’s normative in the extreme. That every pub has its own login/pw, subscription system and/or social login is a perfect example of centralized systems failing to solve the problems of centralization.

We need decentralized solutions: ones that work first at the personal level and after that at the social and organizational ones. Only by starting with the individual will we get:

  • One standard way that any one of us can subscribe, and manage subscriptions, for any number of publications, using tools and services that any variety of providers can offer, but any one of us can leave for other tools and providers.
  • One standard way that we can change our address, phone number, email, last name or other personal data, for every publication we deal with, at once. We can do that, for example,  in our own personal cloud — a standards-based one that’s ours alone, using open code at the base level. (A bonus link about that.)
  • One standard way we can advertise our own wants, needs and other intentions to the marketplace, securely, with minimized fear of surveillance or other offenses to our privacy.

None of that can be done with yet another centralized private service such as we get today from Apple, Google, Facebook and Twitter.

I’ve believed since long before I co-wrote Cluetrain that distributed and decentralized personal tools were the only way to solve the problems of centralization and create countless new opportunities for personal, social and economic growth in the world. It’s why I started ProjectVRM, and why we have a growing list of developers working to liberate individuals and prove that free customers are worth more than captive ones.

I believed in this work because we already see it proven in the world by personal computers, the Internet and its liberating standards and protocols. Those are decentralized too. All I’m talking about here is standing new solutions on top of those old shoulders.

This is not to knock anything social, by the way. Of course we are social beings. But we are also, as individuals, decentralized, except to ourselves. That’s what I (and others, such as Devon Loffreto) mean when we talk about (for example) sovereign identity.

None of us will solve the Forest of Silos problem by creating bigger and better silos, or by making them ore “centric” toward individuals.

In , opens with this sentence: “On any person who desires such queer prizes, New York will bestow the gift of loneliness and the gift of privacy.” Sixty-four years have passed since White wrote that, and it still makes perfect sense to me, hunched behind a desk in a back room of a Manhattan apartment.

That’s because privacy is mostly a settled issue in the physical world, and a grace of civilized life. Clothing, for example, is a privacy technology. So are walls, doors, windows and shades.

Private spaces in public settings are well understood in every healthy and mature culture. This is why no store on Main Street would plant a tracking beacon in the pants of a visiting customer, to report back on that customer’s activities — just so the store or some third party can “deliver” a better “experience” through advertising. Yet this kind of thing is beyond normative on the Web: it is a huge business.

Worse, the institution we look toward for protection from this kind of unwelcome surveillance — our government — spies on us too, and relies on private companies for help with activities that would be a crime if the  still meant what it says. ( more than two years ago.)

I see two reasons why privacy is now under extreme threat in the digital world — and the physical one too, as surveillance cameras bloom like flowers in public spaces, and as marketers and spooks together look toward the “Internet of Things” for ways to harvest an infinitude of personal data.

Reason #1

The was back-burnered when  (aka ) got baked into e-commerce in the late ’90s. In a single slide  summarizes what happened after that. It looks like this:

The History of E-commerce
1995: Invention of the cookie.
The end.

For a measure of how far we have drifted away from the early promise of networked life, re-read ‘s “Death From Above,” published in January 1995, and his “Declaration of the Independence of Cyberspace,” published one year later. The first argued against asymmetrical provisioning of the Net and the second expressed faith in the triumph of nerds over wannabe overlords.

Three years later  was no less utopian. While it is best known for its 95 Theses (which include “” and ““) its most encompassing clue came before of all those. Chris Locke wrote it, and here’s what it says, boldface, color and all:

if you only have time for one clue this year, this is the one to get…
we are not seats or eyeballs or end users or consumers. we are human beings and our reach exceeds your grasp. deal with it.

Note the first and second person voices, and the possessive case. Our reach was everybody’s. Your grasp was companies’.

Fourteen years later, companies have won. Our reach has not exceeded their grasp. In fact, their grasp is stronger than ever.

Another irony: the overlords are nerds too. And  they lord over what Bruce Schneier calls a feudal system:

Some of us have pledged our allegiance to Google: We have Gmail accounts, we use Google Calendar and Google Docs, and we have Android phones. Others have pledged allegiance to Apple: We have Macintosh laptops, iPhones, and iPads; and we let iCloud automatically synchronize and back up everything. Still others of us let Microsoft do it all. Or we buy our music and e-books from Amazon, which keeps records of what we own and allows downloading to a Kindle, computer, or phone. Some of us have pretty much abandoned e-mail altogether … for Facebook.

These vendors are becoming our feudal lords, and we are becoming their vassals. We might refuse to pledge allegiance to all of them – or to a particular one we don’t like. Or we can spread our allegiance around. But either way, it’s becoming increasingly difficult to not pledge allegiance to at least one of them.

Reason #2

We have loosed three things into the digital world that we (by which I mean everybody) do not yet fully comprehend, much less deal with (through policy, tech or whatever). Those are:

  1. Ubiquitous computing power. In the old days only the big guys had it. Now we all do.
  2. Ubiquitous Internet access. This puts us all at zero virtual distance from each other, at costs that also veer toward zero as well.
  3. Unlimited ability to observe, copy and store data, which is the blood and flesh of the entire networked world.

In tech, what can be done will be done, sooner or later, especially if it’s possible to do it in secret — and if it helps make money, fight a war or both. This is why we have bad acting on a massive scale: from click farms gaming the digital advertising business, to the NSA doing what now know it does.

Last month I gave a keynote at an  event in New York. One of my topics was personal privacy, and how it might actually be good for the advertising business to respect it. Another speaker was , a “gentleman hacker” and CEO of WhiteOps, “an internet security company focused on the eradication of ad fraud.” He told of countless computers and browsers infected with bots committing click-fraud on a massive scale, mostly for Russian hackers shunting $billions from the flow of money down the online advertising river. The audience responded with polite applause. Privacy? Fraud? Why care? The money’s rolling in. Make hay while the power asymmetry shines.

Just today an executive with a giant company whose name we all know told me about visiting “click farms” in India, which he calls “just one example of fraud on a massive scale that nobody in the industry wants to talk about.” (Credit where due: the IAB wouldn’t have had us speaking there if its leaders didn’t care about the issues. But a .org by itself does not an industry make.)

Yet I’m not discouraged. In fact, I’m quite optimistic.

These last few months I’ve been visiting dozens of developers and policy folk from Europe to Australia, all grappling productively with privacy issues, working on the side of individuals, and doing their best to develop enlightened policy, products and services.

I can report that respect for privacy — the right to be left alone and to conceal what one wishes about one’s self and one’s data — is far more evolved elsewhere than it is in the U.S. So is recognition that individuals can do far more with their own data than can any big company (or organization) that has snarfed that data up. In some cases this respect takes the form of policy (e.g. the EU Data Protection Directive). In other cases it takes the form of advocacy, or of new businesses. In others it’s a combination of all of those and more.

Some examples:

 is a policy and code development movement led by Ann Cavoukian, the Information & Privacy Commissioner of Ontario. Many developers, enterprises and governments are now following her guidelines. (Which in turn leverage the work of Helen Nissenbaum.)

, the Fondation Internet Nouvelle Génération, is a think tank of leading French developers, scientists, academics and business folk, convened to guide digital transformation across many disciplines, anchored in respect for the individual and his or her full empowerment (including protection of privacy), and for collective action based on that respect.

 is a Fing project in which six large French companies — Orange, La Poste, Cap-Digital, Monoprix, Alcatel-Lucent and Societe Generale — are releasing to 300 customers personal data gathered about those customers, and inviting developers to help those customers do cool things on their own with that data.

The  in the UK is doing a similar thing, with twenty UK companies and thousands of customers.

Both Midata and Etalab in France are also working the government side, sharing with citizens data collected about them by government agencies. For more on the latter read Interview with Henri Verdier: Director of Etalab, Services of the French Prime Minister. Also see Open Data Institute and PublicData.eu.

In Australia,    and  are working on re-building markets from the customer side, starting with personal control and required respect for one’s privacy as a base principle.

In the U.S. and Europe, companies and open source development groups have been working on personal data “stores,” “lockers,” “vaults” and “clouds,” where individuals can harbor and use their own data in their own private ways. There is already an  and a language for “” and “pclouds” for everything you can name in the Internet of Things. I posted something recently at HBR about one implication for this. (Alas, it’s behind an annoying registration wall.)

On the legal front, Customer Commons is working with the  at the Berkman Center on terms and privacy requirements that individuals can assert in dealing with other entities in the world. This work dovetails with , the  and others.

I am also encouraged to see that the most popular browser add-ons and extensions are ones that block tracking, ads or both. AdblockPlus, Firefox’s Privowny and  are all in this game, and they are having real effects. In May 2012,  a 9.26% ad blocking rate in North America and Europe. Above that were Austria (22.5%), Hungary, Germany, Finland, Poland, Gibraltar, Estonia and France. The U.S. was just below that at 8.72%. The top blocking browser was Firefox (17.81%) and the bottom one was Explorer (3.86%). So it was no surprise to see Microsoft jump on the Do Not Track bandwagon with its latest browser version. In sum what we see here is the marketplace talking back to marketing, through developers whose first loyalties are to people.

(The above and many other companies are listed among developers here.)

More context: it’s still early. The Internet most of us know today is just eighteen years old. The PC is thirty-something. Pendulums swing. Tides come and go. Bubbles burst.

I can’t prove it, but I do believe we have passed Peak Surveillance. When Edward Snowden’s shit hit the fan in May, lots of people said the controversy would blow over. It hasn’t, and it won’t. Our frogs are not fully boiled, and we’re jumping out of the pot. New personal powers will be decentralized. And in cases where those powers are centralized, it will be in ways that are better aligned with individual and social power than the feudal systems of today. End-to-end principles are still there, and still apply.

Another reason for my optimism is metaphor, the main subject in the thread below. In , George Lakoff and Mark Johnson open with this assertion: The mind is inherently embodied. We think metaphorically, and our metaphorical frames arise from our bodily experience. Ideas, for example, may not be things in the physical sense, but we still talk of “forming,” “getting,” “catching” and “throwing out” ideas. Metaphorically, privacy is a possession. We speak of it in possessive terms, and as something valuable and important to protect — because this has been our experience with it for as long as we’ve had civilization.

“Possession is nine-tenths of the law” because it is nine-tenths of the three-year-old. She says “It’s mine!” because she has hands with thumbs that give her the power to grab. Possession begins with what we can hold.

There is also in our embodied nature a uniquely human capacity called indwelling. Through indwelling our senses extend outward through our clothes, our tools, our vehicles, to expand the boundaries of our capacities as experienced and capable beings in the world. When drivers speak of “my wheels” and pilots of “my wings,” it’s because their senses dwell in those things as extensions of their bodies.

This relates to privacy through exclusion: my privacy is what only I have.

The clothes we wear are exclusively ours. We may wear them to express ourselves, but their first purpose is to protect and conceal what is only ours. This sense of exclusivity also expands outward, even though our data.

 “the Internet is a copy machine.” And it is. We send an email in a less literal sense than we copy it. Yet the most essential human experience is ambulation: movement. This is why we conceive life, and talk about it, in terms of travel, rather than in terms of biology. Birth is arrival, we say. Death is departure. Careers are paths. This is why, when we move data around, we expect its ownership to remain a private matter even if we’re not really moving any of it in the postal sense of a sending a letter.

The problem here is not that our bodily senses fail to respect the easily-copied nature of data on networks, but that we haven’t yet created social, technical and policy protocols for the digital world to match the ones we’ve long understood in the physical world. We still need to do that. As embodied beings, the physical world is not just our first home. It is the set of reference frames we will never shake off, because we can’t. And because we’ve had them for ten thousand years or more.

The evolutionary adaptation that needs to happen is within the digital world and how we govern it, not the physical one.

Our experience as healthy and mature human beings in the physical world is one of full agency over personal privacy. In building out our digital world — something we are still just beginning to do — we need to respect that agency. The biggest entities in the digital world don’t yet do that. But that doesn’t mean they can’t. Especially after we start leaving their castles in droves.

Tags: , , , ,

« Older entries