At ReplaceGoogle.com, Trey Tomeny outlines a very interesting approach to challenges such as personal health care data control (discussed over here). It’s a “private identity network” or PIN. Here’s what it does:
1. Provision our identity across the Internet so we don’t have to remember and enter countless user names, passwords, and captchas.
2. Filter our data both downstream and upstream so our surfing experience is less interrupted by undesirable intrusions.
3. Provide us with absolute anonymity at those sites that allow it
4. Provide us with convenient, repeatable pseudonymity at the sites that allow that
5. Certify our identity off line as enabled by off line partners
6. Provide single sign on to any device, anywhere
7. Provision our identity to access non-PC machines like locks and ticket acceptors
8. Provide a secure repository for our lifetime of data, while allowing limited access for limited purposes by parties we authorize
9. Provide a trusted way to manage intellectual property so creators and users are protected
10. Do all these things at no cost to the user.
I like where he’s going here, a lot; and I think it makes great fodder for discussion, as well as a challenge for developers. I hope Trey can make the next Internet Identity Workshop (IIW) in December, where folks doing good work on Identity already can bat it around, have fun with it, and maybe take it somewhere.
I also think it has the makings of a VRM system. I only have two concerns, both minor.
One is that Trey positions the idea as a “replacement” for Google as “the dominant force” on the Net. I think this characterizes both the Net and Google too simplistically. That Google dominates search and advertising as both now stand is a Major Fact, but not cause for added characterization. I think Google could actually be of assistance here.
The other is that it proposes to replace or supplant the Google advertising model (and all advertising models, for that matter) with one that is more direct and efficient, as well as accountable. Regardless of the characterization, it would be make money on the sell side. I think there is much more, and better, money to be made by assisting the buy side in building an intention economy around actual buyer wants and needs. In VRM circles we talk often here about the need for “personal RFPs” or “fractional horsepower purchase orders”. By any name, this kind of thing, would, I think, be supported by Trey’s PINs.
I think the work you’re doing here is so important. As I interview CEOs of Facebook, BEBO, etc the more I become concerned about the portability of my data and the agreements I have signed in order to use them. I think Trey has some good comments about, but I don’t see how point 10 is going to work. Archiving in any business (and I’m coming from the broadcast biz) costs money, mostly in tagging it in sensible ways. So I would be happy to pay a small fee to someone (just like renting out garage space) if I knew my data was safe, not eroding, and that I could drop by and pick it all up sometime. In 15 years time will I be able to export the metadata from Flickr as well as the photos? Frankly I have been crafting most of my comments and tags in Flickr rather than some desktop program because it is easier to do, and infinitely easier to make useful collections I want to share. Because I keep back-ups of the photos, frankly if Flikcr crashed tomorrow, it would be the comments and tags that I would cry about, not the loss of the photos.
So I agree with points 1-9. I just think there has to be an option for people to pay, if they choose, and get portability in return. At the moment, transparency is the big problem. I have no guarantee that my metadata is safe from a changing business model. Or have I missed something?
I think private date should be protected by any means. Providing more health care info be a good thing.