Do you remember enterprise application integration? Those were the days.  First you paid to bury your information in someone’s proprietary silo, then you paid to excavate it from there, then you paid again to bury it again in someone else’s silo. Everybody was happy. Except for the guys paying the bills.

I went to see the guys in Osmosoft yesterday, it’s always a pleasure visiting them. At BT Design, our approach to innovation has a significant community focus: Web21C, now integrated into Ribbit, was formed on that basis; both Osmosoft as well as Ribbit  are excellent examples of what can be done with open multisided platforms.

While I was there, I spent some time with Jeremy Ruston who founded the firm and leads the team. Incidentally, it was good to see Blaine Cook there, I hadn’t seen him since he joined BT. Welcome to the team, Blaine.

When it comes to opensource, Jeremy’s one of the finest brains I know, we’re really privileged to have him. We got to talking, and somehow or the other, one of the topics that came up was the ways and means we have to figure out if someone’s any good, in the context of hiring. After all, there is no strategy in the world that can beat the one that begins “First hire good people”.

When you’re hiring people with experience, the best information used to come from people you knew who’d already worked with her or him. Nothing beats a good recommendation from a trusted domain. You can do all the interviews you want, run all the tests you can find, do all the background searching you feel like; over time, the trusted domain recommendation trumps the rest.

Now obviously this does not work when the person has not worked before, where there is no possibility of a trusted domain recommendation. Which is why people still use tests and interviews and background checks.

Which brings me to the point of this post. Jeremy brought up an issue that he’d spoken to me about quite some time ago, something I’m quite keen on: the use of subversion commit logs as a way of figuring out how good someone is.

And that got me thinking. Here we are, in a world where people are being told: Don’t be silly and record what you do in Facebook; don’t tell people everything you do via Twitter; don’t this; don’t that; after all, the bogeyman will come and get you, all these “facts” about your life will come back to haunt you.

As a counterpoint to this, we have the opensource community approach. Do tell everyone precisely what you are doing, record it in logs that everyone can see. Make sure that the logs are available in perpetuity. After all, how else will people find out how good you are?

Transparency can and should be a good thing. Abundant transparency can and should be a better thing, rather than scarce transparency. Right now we have a lot of scarce transparency; people can find out things about you, but only some people. Which would be fine, if you could choose who the people were. Do you have any idea who can access your credit rating? Your academic records? Do you have any idea who decided that?

Scarce information of this sort leads to secrets and lies and keeps whole industries occupied. Maybe we need to understand more about how the opensource community works. Which, incidentally, is one of the reasons why BT chose to champion Osmosoft.

An aside: David Cushman, whom I’d known electronically for a while, tweeted the likelihood of his being near the new Osmosoft offices around the time of my visit, so it made sense to connect up with him as well. It was good to meet him, and it reminded me of something I tweeted a few days ago. How things change. In the old days relationships began face to face and over time moved into remote and virtual and electronic. Nowadays that process has been reversed. Quite often, you’ve known someone electronically for a while, then you get to meet them. Intriguing.

Finally, my thanks to gapingvoid for the illustration, which I vaguely remembered as “Excavation 47″. It was a strange title so it stuck. Which reminds me, I have to start saving up to buy one of his lithographs, they’re must-haves.

Last week, it was reported that the Advertising Standards Authority had decreed that the word “bespoke” could now be used to describe suits that weren’t entirely handmade.

Moustache quivering in indignation, I went over to Wikipedia to see what it said about the word “bespoke”:

Bespoke is usually a British English term for tailored clothing made at a customer’s behest, and exactly to the customer’s specification. Bespoke clothing is created without use of a pre-existing pattern, differentiating it from made to measure, which alters a standard-sized pattern to fit the customer.

I’ve known a number of bespoke tailors over the years; one of them, Thomas Mahon, even has his own blog. I count him as a friend, so I thought I’d go and check him out, see if he had anything to say about the subject. And this is what I found:

A lot of people use the terms “bespoke” and “made-to-measure” interchangeably. They are mistaken.

‘Bespoke’ is actually a term which dates from the 17th century, when tailors held the full lengths of cloth in their premises.

When a customer chose a length of material, it was said to have “been spoken for”. Hence a tailor who makes your clothes individually, to your specific personal requirements, is called “bespoke”. This is unlike “made-to-measure”, which simply uses a basic, pre-existing template pattern, which is then adjusted to roughly your individual measurements.

What the ASA has done is in effect allowing the nice distinctions between phrases like “bespoke” and “made-to-measure” to disappear, and for no good reason. Language does evolve, and we need to be adaptable about it. But that does not mean we have to do stupid things with language. Allowing “made-to-measure” and “bespoke” to be used synonymously is inaccurate and unnecessary. It is the equivalent of allowing yogurt to be called vegetarian while containing beef gelatin. Strange world we live in.

Even more strange when you consider the other craftsmen that use the word “bespoke”. Software engineers. Ironic, isn’t it? People buy software they call “off-the-shelf”, then mangle it amazingly beyond recognition. This happens constantly in the ERP and SCM markets.

But they don’t dare call it bespoke. Because their CFO knows that “bespoke” is also a synonym for “expensive.” They might as well call the software bespoke, given the level of changes they tend to make, but they don’t.

One group of people who use patterns when they shouldn’t, and they want to call a suit bespoke when it isn’t.

Another group of people who don’t use patterns when they should, and they don’t want to call software bespoke when it is.

Go figure.

First, a few disclaimers.

One, I am not against cyberlibertarians. I count many cyberlibertarians as my friends. In fact I’d even let my daughter marry one. Some people think I am a cyberlibertarian. And I don’t argue with them.

Two, despite all that, I signed up with the UK Border Agency IRIS scheme as soon as I could, use it regularly, and will probably sign up with its equivalent for the US and Europe as soon as I can. So I am not against the technology.

Three, I like what Bruce Schneier has to say about many things, and particularly about things to do with security. This liking predates (by a long way) and is completely unconnected with, our becoming colleagues much later. [Incidentally, we have never met, either as colleagues or before then, although we've been in the same room quite a few times. Maybe this will change, we're both at Supernova.]

Having said all that.

There’s identity and there’s identity. “Identity” covers things I assert about myself, things that only I can assert about myself. It covers things that others assert about me, things that only others can assert about me. It also covers things that I assert, but where my assertion is weak unless it is backed up by someone or something else.

When I say that I like Grateful Dead or Traffic or Crosby Stills Nash and Young or John Mayall or Jim Croce, I am asserting something about myself. A last.fm audioscrobbler attached to iTunes can see whether my listening habits match my stated likes, but it cannot say what I like. That is for me to say. When a bank says that I have a credit rating of X, they are asserting something about me that I cannot assert about myself. When a government gives me a token to help me assert who I am (such as a passport or a driving licence), the government is doing something I couldn’t do as well.

So there’s identity and there’s identity. It’s all the rage, it’s the happening thing, there are now more people working in the identity space than in call centres worldwide. [Doesn't it feel like that to you?].

And, as Chris Skinner says, it looks like biometrics will become more important, more dominant, more pervasive. Shivers down spine. Collywobbles. Paroxysms of sweat. I begin to get a teensy weensy bit concerned.

Why? Not because I think someone’s going to gouge my eye out and re-use it. Not because I think that someone’s going to chop my finger off. [Yes, there are times and there are places where this can and probably will happen, but in this conversation I consider the Chopping Off argument to be a Red Herring.]

I’ve been concerned about the use of biometrics in everyday life for a few decades now. Nearly 30 years ago, when I worked for Burroughs Corporation, we had a division that manufactured ATMs. And I remember seeing a presentation where people queued up to a hole in the wall to draw money, presented their eyeballs to an even smaller hole in the wall, had their retinas scanned before the hole vomited out cash. And I thought to myself, who designs these things? Who imagines that someone would actually do this? Did they talk to anyone, any would-be customers?

If you want to understand the pros and cons of biometrics, you must read this article in ACM by Bruce. So what if it’s almost a decade old, the points he makes still hold true. It’s an expansion and improvement on an another note by him, written a year earlier in his Crypto-Gram newsletter.

Here are some excerpts:

[B]iometrics work well only if the verifier can verify two things: one, that the biometric came from the person at the time of verification, and two, that the biometric matches the master biometric on file. If the system can’t do that, it can’t work

Biometrics are unique identifiers, but they are not secrets. You leave your fingerprints on everything you touch, and your iris patterns can be observed anywhere you look.

Once someone steals your biometric, it remains stolen for life; there’s no getting back to a secure situation.

Biometrics are powerful and useful, but they are not keys. They are not useful when you need the characteristics of a key: secrecy, randomness, the ability to update or destroy.

[B]iometrics are necessarily common across different functions. Just as you should never use the same password on two different systems, the same encryption key should not be used for two different applications. If my fingerprint is used to start my car, unlock my medical records, and read my electronic mail, then it’s not hard to imagine some very unsecure situations arising.

As a frequent traveller, I am happy to use biometrics-based processes when it mean my immigration and security queues are shortened significantly. IRIS has been a boon for me.

But if my bank asked me to start using iris recognition based schemes, I would probably change bank.

Why?

Now you must be used to people tritely asking you “So what does good look like to you?” [What an appalling question. Why can't they ask you what you want? I'm old and patient now, so I forgo the temptation to "throw them under that question", a la that other appalling phrase "throw them under the bus". Who thinks this unadulterated crap up anyway?]

So humour me for a second and allow me to use the phrase “What does bad look like?” When I use IRIS, “bad” means that someone has managed (a) to get a copy of my iris as stored in some humongous central database somewhere (b) convinced some hardware and software in a booth that he/she is me returning to the UK. Depending on my actual travelling status, that may throw up some conflicts and errors, and the worst that could happen is that I spend some time sorting out the mess when I next pass through. But the facts will be on my side, and I don’t live in a police state. People may be appalled by CCTV Britain, by Guantanamo Bay, by 42 day detentions, but none of that is as scary as The Emergency was to me in 1975-77. Not even close.

It’s not as if someone can leave my iris behind at a crime scene. If someone finds my eyeball rolling around alongside a corpse, the chances are the corpse is me. if someone leaves a photograph of my iris behind as a calling card, not even the Keystone Cops will assume that I’m the likely perpetrator.

So bad doesn’t look too bad in many of these cases.

When it comes to banking, it’s a different story. Bad can look bad. If you’d like a humorous way of finding out why, listen to this clip by Mitchell and Webb. [Oh the humanity. Worth listening to for that line alone.]

We already use biometrics for banking, the common-or-garden signature is a biometric, particularly if you start analysing pressure and time and emphasis and all that jazz. People have tried to forge signatures, and if electronic signatures become more common, then I am sure that people will try even harder to forge signatures.

I try and adapt to changes in the environment around me. For example I think about where I want to use my credit or debit cards so as to minimise the risk of cloning, and avoid the places where I think the risk is high. If my bank said I could use iris recognition in order to withdraw cash, I wouldn’t sign up. I would use other ways. if they said that it was the only way, I would use other banks. Simple as that.

It doesn’t mean that I am against the use of biometrics. Rather, I am against the use of biometrics in environments where the weaknesses of biometrics overwhelm the strengths. As stated before, I use biometrics to enter the UK. And I would be happy to use biometric locks in my front door, as Xeni Jardin refers to here.

As Bruce says in that article, if someone wanted access to my house, they can make a surreptitous copy of my key or throw a rock through my window. They don’t have to cut my finger off.

Biometrics aren’t bad. Biometric banking is already here, as in the use of signatures. But we need to think hard about allowing increased use of biometrics in banking. Because bad could then look very bad.

Let’s be careful out there.

The first thing I try and figure out, the first gate I put the request through, is a “trusted domain” one. Do I personally know that A and B are themselves friends? If this is the case, then, most of the time, I will pass the information on. The exception is when I know that B has a different preference, explicitly shared with me, saying “Do not, under any circumstances, give my number out to others. Period.

If I am not aware of A and B themselves being friends, I do not give the information out. I offer to get in touch with B and to pass A’s contact details to her.

Wasn’t life easier when we had telephone directories and listed/unlisted numbers? Perhaps. Because now we still have the directories, but they’re personal. We still have the unlisted numbers, but they’re personally protected.

I am responsible for the contact information I hold. I am accountable for that information. Accountable to friends who have trusted me with that information. And if I pass that information on without their implicit or, in some cases, explicit, permission, I am breaking their trust in me.

This, to me, is issue number one to do with any debate on information “ownership”.

Trust.

And it’s a biggie.

When I hold information that has been given to me by someone, and where that information is “privately” held by that someone, then I am given it within a trust relationship. It is not mine to do with as I please.

That’s the simple part, when I am dealing with information as a steward, when “ownership” is clear. So let’s try a case where there is no such clear ownership. Let’s take, as an example, the record of my purchases at Amazon. Now I would argue that it is my information, and that Amazon should let me move that information around as I please. In fact, this sort of thing is one of the premises of VRM, a project you should all get to know, a project you should all get involved in.

So where was I? Oh yes, Amazon. Wanting to move “my” information around. Wanting to share information to do with Amazon purchases with others. Others like Barnes and Noble and Abebooks and Borders. As you can imagine, Amazon aren’t likely to be greatly enamoured of this idea. But it will happen. In the same way as cellphone numbers became portable across networks, in the same way as avatars are becoming portable across virtual worlds, in the same way as Sony joined the crowd and said “No DRM” today. Information portability is no longer an “if”, it’s a “when”.

But hang on a second, I hear you say. Surely that’s unfair on poor Amazon. After all, they’ve spent real money building all this infrastructure and developing all this software to track you and your purchases. How is it fair on them? Surely it’s reasonable for them to insist that the information, information they invested time and money to create, that information cannot go to their competitors?

No.

It’s not their information. Whatever the ToS says. It’s only a matter of time before that wall comes crumbling down.

So what’s going to happen next? I guess that “vendors” that act as information stewards will go one of three ways:

• Privacy Premium: This is where the ToS agrees that it’s your information, but indicates that you have to pay a small fee for private use. They don’t claim any right to sell on the information, but ask for costs to be met when they have to package it for your (external) use. They still have complete internal rights for using the information they hold to “sell” to you, to “cross-sell” you, to “target” you, and do all sorts of weird and nasty things to you. But that’s normal.
• Advertising Allowance: Here they won’t charge you for “your” information, provided you don’t mind receiving it in a corrupted form: the primary form is where you get the information for free, but it’s embedded with advertising; the secondary form is where you get the information clean, but they’ve got your permission to sell your details to others.
• Service With A Smile: It’s yours to do with it what you want, completely liquid. But there’s a transaction fee any time you want to do something with the information.

All that’s fine, I hear you say, but that’s information shared between vendor and vendee. Caveat emptor. What about the cases where it’s even more complex to work out ownership? Like Friend Wheels? Where someone spends time and money creating relationship diagrams and graphical representations of all the people you know and they know and they know and and and? Who owns that?

There’s a lot for us to work out, for sure. We’re still in early days as far as information ownership is concerned, but the direction is clear.

Information is going to be like money. And we’re going to move it around like money. [We already are.] Institutions that hold information are going to be like banks. With a variety of services, and with rights and duties associated with our information, varying according to the service we sign up for.

• Safety deposit boxes for information. They hold it, they can’t touch it, we pay a fee.
• Current or checking accounts for information: They have limited rights to doing stuff with the information, and in exchange they pay us peanuts for it; but they don’t charge us for moving the information around.
• Information deposit accounts: Here they pay us a lot of “interest” for the information they hold on our behalf, but we don’t have the freedom to move it around willy-nilly without penalty; there are also transaction fees.
• Managed investments: Here they are able to give us even higher rates of “interest”; they not only pay us for the information they hold on our behalf, but beyond that, they also create new things as a result of “investing” that information, and share some element of the proceeds with us.

And guess what? In order to do all this, we’re going to have to solve two other things. Identity. Trust. Both of these are problems we have already sought to solve before. In the banking world.

Banking is about information. Markets are digital.

I’m currently reading a 1938 Gregg pamphlet titled What is The Matter With Money? It’s a reprint from the Modern Review for May and June 1938. In it, Gregg spends a lot of time looking at trust, and some of the things he says jell with me.
I quote from Gregg:

…A money economy makes security depend on individual selfish acquisitiveness instead of on trust. Trust grows when men serve first and foremost the community and the common purpose. There has sometimes been an element of service and community purpose in the making of private fortunes, but it has not often been predominant. Money splits up community security and plays upon men’s fears, — fears of the future and of each other’s motives, fears that compel them to compete with one another to a harmful degree.

Gregg concludes the paragraph with an interesting assertion:

Money has worked on us so long that it is now hampering the further development of science, art and technology.

At reboot last year I spoke about the things that had to die before we can regain some of the things we’ve lost, in keeping with the conference theme of renaissance and rebirth. [Hey Thomas, what's happening with reboot this year?]
Gregg’s words have served to remind me that concepts like identity and trust are fundamental parts of community and not individuality; culture too is a community concept, be it about arts or sciences or even forms of expression; community itself is a construct of relationships at multiple levels. Maybe the reason why much of what is now termed IPR (and its cater-cousin DRM) is abhorrent to me is that these things focus on the individual and not the community.

I am all for making sure that creativity is rewarded, in fact I believe that any form of real value generation should be rewarded; but not at the price of stifling the growth of culture and of community. This, I believe, is at the heart of what Larry Lessig speaks of, what Rishab Aiyer Ghosh speaks of, what Jerry Garcia believed in, what opensource communities believe in, what democratised innovation is about.

Culture and community before cash.

I recently bought a book by Gregg called The Power Of Nonviolence. When describing the book, the bookseller noted that it [the particular copy I was buying] was signed by Gregg; unusually, the recipient’s name had been erased and carefully at that; the bookseller surmised that it may have had to do with fears about McCarthyism.

You know something? At the rate we’re going, the battles about IPR and DRM are going to get uglier, to a point where we’re going to see something none of us wants. Digital McCarthyism. What we’re seeing in the software and music and film spaces already begins to feel like that.

We need to find a better way to work it out. And it makes me wonder. What’s the digital equivalent of Gandhian Nonviolence?

The squares marked A and B are the same shade of grey.

I won’t spoil it for you by giving you the proof here. Instead, why don’t you go visit the original site and see for yourself? There are a number of really worthwhile illusions there. I first saw it maybe ten years ago. Like you, I’ve seen many such illusions in my time, but none of them has had the same impact as this one had. Some of you may not have seen it, so I thought I’d share it with you while musing about context.

I think context is the key differentiator for Web 2.0; whether you look at it from the viewpoint of Four Pillars: Publishing, Search, Fulfilment and Conversation, whether you’re one of those people really into the Semantic Web, whether you’re more of a Mashups person using GPS or other location-sensitive tools, whether you’re into deep dialogues and arguments about microformats or identity… it’s all about context.

Hold that thought for a minute and come for a tangential wander.

In the past, I’ve had my rants about e-mail, about spreadsheets and about presentation tools. Like with most other things, these have good uses and bad uses. For some reason, the bad uses seemed to proliferate. I like working with you so much that I’m going to copy your boss in to this conversation. I like working with you so much that I’m going to copy your boss in to this conversation and not tell you I’m doing it. I like spreadsheets and presentations so much I insist on reading them on my BlackBerry. I trust everyone so much that I’m going to keep online and offline copies of every version of every spreadsheet and presentation I’ve ever come near. I like you so much I’m going to show you a draft of something and then use something completely different at the meeting a day later. Recognise any of these?

Enterprise collaboration tools are by themselves fairly useless unless people actually want to collaborate, unless people want to share, unless people want to work together. E-mail and spreadsheets and presentation tools are by themselves not evil, but can be subverted into bad uses.

For many years I wondered why people did this, why people misused the tools. And I’ve only been able to come up with one logical explanation, one that fits with my belief that people are intrinsically good. You see, many of these tools came out during the 1970s and 1980s; during that time, many of the basic tenets of enterprise employment were being turned upside down; security of tenure went flying through the window; downsizing and rightsizing and wrongsizing were all the vogue; outsourcing and offshoring were being discovered; the war for talent had not yet begun.

Now the primary and secondary sectors had already been through all this, but not the tertiary sector. And within the tertiary sector, the term “knowledge worker” was just beginning to emerge. Maybe, just maybe, it was all a question of timing. Insecure people were learning that knowledge had power, while being presented with tools to protect, fortify, even submerge, that knowledge. Are they to be blamed for using the tools selfishly?

Okay, back to the context argument. Tools like e-mail and spreadsheets and presentations, because they were so individual and stand-alone, could be manipulated. And could be misinterpreted.

They did not come with context.

What we are seeing with Four Pillars tools, with Web 2.0 tools in general, is the very opposite:

• The way that conversations persist allows context to be captured and shared, whether in IM or wikis or blogs
• Modern tools for archival and retrieval, via the use of tags and non-hierarchical processes, allows context to be enriched
• The availability of location specific information, of tags and microformats, of semantic web concepts, all coupled with better identity and authentication and permissioning, allows the enriched context to be made more relevant and timely

Context. Captured and shareable. Enriched and made available. At the right time, in the right place, to the right person.

I wish it were all that simple. Whenever I see the sheer power of the tools today, I also see the stupidities. Stupidities in the context of DRM and IPR and The Series Of Tubes and and and, which have the capacity to kill this goose before any golden eggs are laid.

• what you stand for
  
• what you belong to (both blood as well as thunder)
• what you like (and what you dislike)
• what you’ve done (and what you’d like to do)

Sure there are many other things. Ways to contact you. The size of your wallet. All kinds of things that other people use to “define” you: your age, gender, marital status, number of dependents, address.

Interestingly, these mattered when “socio-economic groupings” meant something, when “marketing” could predict your propensity to buy something based on all the boxes they put you into. [If you're interested in hearing a worthwhile rant on this subject, try and spend some time with Professor Richard Scase, "Futurescase" as he gets called. I've relished the privilege.]

Today, the marketers are in trouble. Socio-economic groupings mean jack when it comes to predicting purchase propensity. Long tails weave their equalising ways across class and gender and hirsuteness, or lack of.

In the meantime, everyone else (bar the marketers) is into biometrics. And maybe that’s acceptable. Was a shibboleth an early form of biometric identification? Well, at least the shibboleth identified someone as a member of a group (or not, as the case may be). You see, one of the problems we face with modern definitions of privacy and confidentiality is deeply connected to this need for a protected need for individuality.

No man is an iland.

We are going to have villages and towns and cities where the computing device is communal. Where that communal device uses opensource software and open standards and open platforms and open open open.

And we’re going to have to work out what identity means there. Not identity from a narrow financial-transaction point of view. But identity in the context of sharing information. Digital information. Letters. Photographs. Films. Music. Books. Whatever.

Communal devices. Communal devices that work when the local power grid goes down. Communal devices that don’t go obsolescent in 18 months. Communal devices that do their bit about global warming.

Communal devices.

Hey, let’s be careful out there. This is why I am so concerned about the garbage that gets one in the name of DRM and IPR. Have you really tried to use a “family” PC after Windows 95? One that three or four people use regularly, who are happy to share their files. If only they could.

An aside, still about identity. When I look at startups, one of the things that I check out very carefully is how the core team got together. Did they grow up in the same neighbourhood? Hang out in the same places? Know the same people? Go to the same university?

I’ve always felt this is important. Unless the core has some independent grounding, some reason to be together, they’re going to come apart when trouble comes their way. And every startup will hit trouble sometime in the early years.

In similar vein, I tend to check out what makes a group come together. Take America. The folk rock band, I mean, the ones who gave us Don’t Cross The River and Ventura Highway. [And Horse With No Name and Sandman, but those are not my favourites...].

Do you know how they got together? They were all sons of US GIs stationed west of London, in Ruislip, Middlesex. Their mothers were all British. They attended the same school. They broke up before they really got started, in 1969. And then came together in time to savour their success.

Just goes to show.

As with search and with syndication, we can get as technical about it as we want, and there are many places you can go to for the technical bits. Not here, I’m afraid. I still want to get through some first-principle thoughts, get some things clear in my head. Part of why I blog is to articulate nascent thoughts and opensource them in order to improve them.
Apologies if all this sounds like going over someone else’s well-trodden ground; it is exactly that; but I have found that many of these debates founder on semantics and terminology and definitions, and as a result I prefer a first-things-first approach. Please feel free to criticise or trash it. [In fact I would expect this post to attract more flames than any other I’ve done ]
The identity debate seems to encompass many disparate things, either directly or indirectly, so I’m going to just list them to begin with:

• Ecce Homo: A means of identifying who I am, with some other relatively static data, eminently suitable for “microformat” treatment, and probably needing to be combined with some other way of confirming who I am, “two-factor authentication”. Like having a card and a PIN or signature. This is as permanent as can be, a metaphorical passport or fingerprint or iris pattern or whatever. This probably includes all the numerical tags I collect like frequent flyer and affinity memberships. It can include my credit cards and accounts. It is the same regardless of the specific relational or transactional conversation I happen to be in. My gut feel is that each person should have only one of these, and that it should be “small but perfectly formed”. And that it has to exist and be verifiable in a dotorg state.
• Letters of Intent: A means of letting people know about my intentions, what I’m interested in or looking for. I make known my preferences and interests. Some of them are temporary, some of them are permanent. I choose who I want to tell. As in Doc looking for rental cars. As in my signalling to individuals in my social network that I will be within n miles of where they are at a given time. My information. Signalled to whom I want to. When and where I want to. Giving the listener an opportunity to converse with me and relate to me. Even things like last.fm are variants of this.
• Tell them Phil sent ya: A way of associating other people’s perceptions of me with me, both qualitative as well as quantitative. This is trust that I can acquire but not control. Ratings I have, whether credit or eBay or college scores or whatever. Variable over time. Not suppressible by me. But challengeable by me, so that dispute or contention can be flagged. I may have many such ratings, used for different purposes, but inspectable at the behest of the requestor. And changed as a result of the conversation.
• Trust me, I’m a doctor: A way of telling other people my own perception of me. Kitemarking my sites and blogs and articles and photos and quotes and whatever. Here what I am doing is endorsing stuff in the public domain about me, indicating (a) this came from me or (b) even though it does not come from me, I nevertheless approve it, I endorse it. This is like a great seal, a way of stamping that something is Orl Korrect. Or that Kilroy was Here.
• My name is Bond, James Bond: A licence to do something. Granted by someone else. Usually not transferable. Usually not permanent either.
• Come up and see my etchings: My choosing to expose things I have done, expired and executed letters of intent. Pictures of my activity with others. Kiss-and-tell. My information. My choice as to whom I share it with. And I can make this choice single-use or temporary or permanent. Probably even includes financial transactions and medical history.

These things by themselves are not complicated. They become complicated when people try to lock you in, to their walled gardens, their products, their platforms, their parlours. Everything here is a key to something.

And the tendency of the walled-gardeners is to force these keys to behave as if they were physical. And we need to move into the 21st century and push back. Hard. Like we had to push back on being able to choose our PINs and change them. Like we had to push back on being able to keep our phone numbers regardless of carrier or provider. Can you imagine a mail provider telling you that you couldn’t redirect mail either from or to the mail account they provide to you?

And intuitively (I may be completely wrong here) I think that the trick is to keep each of these pieces small and loosely joined a la Weinberger meets Hardt meets Sifry while Searls referees. As soon as we try to architect a humongous reference model we lose, because it’s a bit like industry standards bodies. Before you know it they get packed with people who have different agendas and the time and energy to deflect you ad infinitum and ad nauseum.

I’m also hunching that we need to prevent anyone owning this. That this whole space has to be opensource. Otherwise it will become a corrupt core.

Everything we believe is possible in terms of collaboration and co-creation and innovation at the edge, everything in my four pillars,  needs this problem to be solved.

Doc Searls was talking to me about a conversation he had with George Lakoff; somewhere out of that conversation, they defined blogging as rolling snowballs downhill in comparison with prior forms of multiperson live conversation which sometimes felt like rolling boulders uphill. Doc commented about the way the snowball has no “ownership” by the time it gets downhill.

This too is an important aspect of blogging, the co-creation of value. But the value that is co-created is not ownable in the traditional sense. There is a delayed gratification aspect to blogging, a Goleman-like emotional intelligence; you have to do what you feel is right rather than work out how you will “monetise” what you say. Ideas are free, it’s what you do with them that may be monetised over time.

Talking about Lakoff, I found his work on anchoring and framing very interesting; the subject was introduced to me some years ago by a colleague, James Montier, and also touched upon by Barry Schwartz. Lakoff’s point that framing is about ideas and values sits bang in the middle of this conversation. ]]> http://confusedofcalcutta.com/2006/03/13/blogging-value-and-vulnerability-a-postscript/feed/ 0 http://confusedofcalcutta.com/2006/03/13/blogging-value-and-vulnerability/ http://confusedofcalcutta.com/2006/03/13/blogging-value-and-vulnerability/#comments Mon, 13 Mar 2006 00:05:31 +0000 JP http://confusedofcalcutta.com/?p=155 Anyone who blogs must be prepared to be:

• flamed or otherwise criticised
• splogged or similarly left with some form of comment spam
• ridiculed for actions or omissions

It goes with the territory, and I should not be surprised to face all three within a fortnight of going public. The flames have so far been incidental, largely on other sites that link to me. But they are flames nevertheless. The splogs have also been irrelevant so far, all I have needed to do is to moderate them away. And I am sure the ridicule will come.

This brings me to a point which I feel is material to bloggers in general, and I’d love to hear opinions from people “out there”. Can a blogger create value without making herself or himself vulnerable? Isn’t being vulnerable actually part of the process of creating value?

My guess is yes. In this respect I am reminded of the work of Professor Michael Power at the LSE. Some time ago he wrote a pamphlet called The Risk Management of Everything which you can find here. He’s a very interesting guy, I arranged to have lunch with him shortly after reading the document.

While he made many good points, the one that stood out for me (in the context of information) was his assertion that second-order risk management, itself often caused by post-facto regulation in an increasingly litigious society, was creating an environment that was driving out “valuable, yet vulnerable, professional opinion”. These are my quotes, and my apologies for not guaranteeing their accuracy, it has been a while since I read it.

Vulnerability is an essential part of any professional or personal opinion. It comes from not having certainty about the opinion expressed. Opinions presented with certainty must be one of two things: not opinion but fact; or, bigotry and propaganda.

I’m also reminded of another piece of apocrypha, one I really liked. Apparently Justin Hawkins of The Darkness was being interviewed somewhere, sometime and the DJ commented on how the band was perceived as enjoying themselves despite their meteoric rise to fame. And Justin is meant to have said “We take our music very seriously, we just don’t take ourselves seriously”.

There’s something in that for all us bloggers.