Jabberwocky

Online exposure

Posted in open source, privacy by elisehuard on February 22, 2009

Using the interwebs as they are now I perceive the following tensions.

Online identity:

  • the desire of privacy dictates that we centralize as little as possible: atomize our online presence over the different sites, using a different nick every time, so that none of them is traceable to us
  • convenience dictates that we have use single-sign on to identify ourselves once and for all, but this introduces a single point of failure – as well as making us more traceable if not done right (using different personas under a single identity).

Attention economy:

  • we want to keep control of our own data, keep our cards to our chests wherever possible
  • by using convenient sites like last.fm, facebook, google and yahoo applications, and handling single sign-on through external sites, we agree implicitly to donate our inputs to the site owners, who can sell it (hopefully anonymously) for commercial use.

One partial solution to keeping a hand on our identity and our data is to host most of it ourselves (php-OpenID, hosting own node in decentralized social network like DiSo, our own chat server, our own microblogging node, whatever else).

As the convenience <-> privacy contradiction shows, this is only open to geeks for now – you need your hosting, and some skill at installing all this.

Maybe it would be interesting to create an easy to use version of this for the other people ? Something easy to install – a package, a click-through interface, a customized slice ? what do you think ?

Advertisements
Tagged with:

9 Responses

Subscribe to comments with RSS.

  1. Jean-Etienne Poirrier said, on February 22, 2009 at 10:38 am

    Elise,

    You may find useful to read the Franklin Street Statement on Freedom and Network Services at http://autonomo.us/2008/07/franklin-street-statement/ Their wish list also contains some interesting links to current free implementations of software services. As you wrote, the next step would be the advent of really easy installation interfaces (or open service proviers like laconi.ca)

  2. Jean-Etienne Poirrier said, on February 22, 2009 at 10:40 am

    Addedum to preceding comment: autonomo.us wish list is here http://autonomo.us/wiki/Wish_list

  3. elisehuard said, on February 22, 2009 at 11:03 am

    Thanks for those links Jean-Etienne – I’m not surprised other people have been thinking about this.

  4. Bram said, on February 22, 2009 at 7:38 pm

    I wonder why it actually is that we use different nicks for different websites. Privacy seems like too convenient an excuse. Judging by most citizens’ lack of interest in their own privacy when it comes to governments (and who knows who else) spying on them, I’d have to say that there has to be an other explanation for this phenomenon. Maybe it’s something as simple as not wanting different parts of our lives to mix — the whole eggs and baskets thing. Or maybe we’re worried about what people in Community A will think of us if they find out we’re also a member of Community B. Like the 1337 h4x0r community and the barbie-doll community. Makes me wonder whether these online friendships (do excuse the term, it makes me cringe but it’s the best I can think of) are so very fragile that we have to go through such lengths to protect them?

    Either way, I think that understanding the problem would be a logical first step in solving it. Seeing how I don’t even understand why I do the things I do, I’m afraid I can’t offer a solution 😦

    *goes off to read the franklin street statement*

  5. Pascal Van Hecke said, on February 23, 2009 at 12:45 pm

    Your quote:

    “convenience dictates that we have use single-sign on to identify ourselves once and for all, but this introduces a single point of failure – as well as making us more traceable if not done right (using different personas under a single identity).”

    I would advise here to think about the spheres of life you want to keep separate (geek/professional/family/dating/school/hobby etc…) and construct personas accordingly (different nicknames and _different_ hosted identities (different identity providers for different personas, or at least different accounts at your IP for different personas – Firefox profiles can be handy for that).

    On “single point of failure”: if you need something to be lasting (such as your professional reputation), tie it to your own domain name… You don’t even need to stricly self-host your software, as long as you have it hosted under your own domain (wordpress.com and blogger have that option) you can still change OpenID provider/hoster _without_ having to change your OpenID URL. Which mitigates the “single point of failure” risk (oh BTW I think you know that in the current situation, access to your email account is the single point of failure already?).

  6. elisehuard said, on February 23, 2009 at 12:54 pm

    Pascal: i agree on the use of personas.
    Still, you have to admit that all you just said is latin to the baker around the corner. I’m wondering if it’s possible to allow non-ICTers to have a full set of social networking features without exposing themselves.

    As for email being the single point of failure – that all depends – if you have just one email account, that’s true. I suppose there’s always a single point of failure, if only the person themselves.

  7. Pascal Van Hecke said, on February 23, 2009 at 1:07 pm

    Your quote:

    “Maybe it would be interesting to create an easy to use version of this for the other people ? Something easy to install – a package, a click-through interface, a customized slice ? what do you think ?”

    I’ve lost my belief a bit in self-hosting as a viable option to “digital freedom”… To illustrate my point: the former chair and current vice chair of the OpenID foundation had his self-hosted WordPress blog hacked a while ago… The more valuable your online identity becomes, the higher the risk it gets compromised.

    I don’t have any issue with trusting my identity and/or attention data to some service provider _temporarily_ (i.e. as long as the service is good). But I should have the option of migrate my (attention) data (and have it deleted at the old provider!) at the moment I want to tie my domain (the namespace I’m the legal owner of) to a new identity/service provider.

  8. Pascal Van Hecke said, on February 23, 2009 at 1:11 pm

    (Only now reading your “latin to the baker” comment)

    Summarizing: I believe more in ownership of namespace + dataportability than in self-hosting if it comes to digital freedom for non-geeks.

    Chi.mp comes more or less close… I have invites if you’re interested.

  9. elisehuard said, on February 23, 2009 at 1:30 pm

    Certainly looks interesting !
    I’d like to know about their future business model (a bit vague for now) and about who funded them before giving them all my data, however (and I’ll attempt to read their EULA …).

    I suppose security would be an issue if you don’t know what you’re doing, so you have a point.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: