Re: [projectvrm] John Naughton on VRM in The Guardian

[James Pasquale < >]

And so goes the notion of having a mixing board to control all that data on the individuals terms along with the ability to management the signal to noise ratio when sharing that data.  Not everybody need to know what kind of underwear one prefers… do they?

/jp

Thank you Les my basis is XDI to.

On Feb 2, 2015, at 11:24 AM, Phillip Windley < " class=""> > wrote:


I concur strongly here. While I love the idea of having a personal box
with my stuff on it under my control, I’m never going to have all my data
in one place. These aren’t competing ideas, but complimentary ones.

On 2/2/15, 7:55 AM, "Chasen, Les" < " class=""> > wrote:

Yes freedom box is an example of maintaining your data in a box that you
control but that is not the only way.  It could also be a hosted service.
The main point is that it is a point where people can own and control how
their data is used.  What i like about freedom box is that i could also
have a hybrid solution.

I think in order for you to control how your data is used first you need
to be able to map it or somehow put a boundary around it.  It will never
be physically aggregated into one centralize place.  But it can be mapped
into a datagraph.  Yes, my bias is towards XDI for this.

From there it can be authorized for use.  UMA is a perfect mechanism for
this step.  I agree with all the sentiments on that.



-----Original Message-----
From: Doc Searls < " class=""> >
Date: Sunday, February 1, 2015 at 2:17 PM
To: Les  Chasen < " class=""> >
Cc: StJ Deakins < " class=""> >, Reuben Binns < " class=""> >,
John Harrison < " class=""> >, ProjectVRM list
< " class=""> >
Subject: Re: [projectvrm] John Naughton on VRM in The Guardian

I don¹t think it is.

The Freedom Box proceeds from the assumption that the individual should
have full control over a box in their possession, and what happens to the
data on it. It¹s context is not the marketplace but the original
peer-to-peer end-to-end Internet. So, while it can be used in the
marketplace, it doesn¹t start there.

The original links for Freedom Box are pretty stale (from 2011):
https://urldefense.proofpoint.com/v2/url?u=http-3A__freedomboxfoundation.
o
rg_&d=AwIFaQ&c=MOptNlVtIETeDALC_lULrw&r=GmIkFYB5mJUePL-AjY1Dc16uEHcEGn7Vg
N
AWW67Dwz0&m=jQEDjAVkk9MCKiTphB7KFfCw6tBtK4L_Es6Itz_QrKU&s=nRJSTy5QsBYndZU
q
hw9-uHoA4uL002eHVvG-bjcSsWU&e=
https://urldefense.proofpoint.com/v2/url?u=http-3A__www.nytimes.com_2011_
0
2_16_nyregion_16about.html-3F-5Fr-3D0&d=AwIFaQ&c=MOptNlVtIETeDALC_lULrw&r
=
GmIkFYB5mJUePL-AjY1Dc16uEHcEGn7VgNAWW67Dwz0&m=jQEDjAVkk9MCKiTphB7KFfCw6tB
t
K4L_Es6Itz_QrKU&s=Q4a4FLMGv-6YFEITa7bPAMxXxC7_nEDmYAxgEo5z4H8&e=

But Markus has been active in a variety of ways:
<https://urldefense.proofpoint.com/v2/url?u=http-3A__iiw.idcommons.net_ID
-
5FThings-5FYou-5FCan-5FDo-5FWith-5FA-5F-25E2-2580-259CFREEDOM-5FBOX-25E2-
2
580-259D&d=AwIFaQ&c=MOptNlVtIETeDALC_lULrw&r=GmIkFYB5mJUePL-AjY1Dc16uEHcE
G
n7VgNAWW67Dwz0&m=jQEDjAVkk9MCKiTphB7KFfCw6tBtK4L_Es6Itz_QrKU&s=kLzynm232k
C
ENQ6f4Pp2U64HJJUwTx_vHCnRkodqkqg&e=

<https://urldefense.proofpoint.com/v2/url?u=http-3A__blog.gmane.org_gman
e
.linux.debian.freedombox.user_day-3D20141228&d=AwIFaQ&c=MOptNlVtIETeDALC
_
lULrw&r=GmIkFYB5mJUePL-AjY1Dc16uEHcEGn7VgNAWW67Dwz0&m=jQEDjAVkk9MCKiTphB
7
KFfCw6tBtK4L_Es6Itz_QrKU&s=me1CnZVaRkIT98XQEEdqoB-uZdAYBmKGpKZk34uk2kI&e
=

One of those is from IIW. We should talk about it some more there.

As for Databox, this, from
https://urldefense.proofpoint.com/v2/url?u=http-3A__arxiv.org_abs_1501.04
7
37&d=AwIFaQ&c=MOptNlVtIETeDALC_lULrw&r=GmIkFYB5mJUePL-AjY1Dc16uEHcEGn7VgN
A
WW67Dwz0&m=jQEDjAVkk9MCKiTphB7KFfCw6tBtK4L_Es6Itz_QrKU&s=-WUwqeV50oq9YA4w
m
dcfJwzx28jGb9h7fVFm4eh9TIk&e=  sounds similar...

We propose there is a need for a technical platform enabling people to
engage with the collection, management and consumption of personal data;
and that this platform should itself be personal, under the direct
control of the individual whose data it holds. In what follows, we refer
to this platform as the Databox, a personal, networked service that
collates personal data and can be used to make those data available.
While your Databox is likely to be a virtual platform, in that it will
involve multiple devices and services, at least one instance of it will
exist in physical form such as on a physical form-factor computing
device with associated storage and networking, such as a home hub.

But this from
<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.technologyreview
.
com_view_534526_how-2Da-2Dbox-2Dcould-2Dsolve-2Dthe-2Dpersonal-2Ddata-2Dc
o
nundrum_&d=AwIFaQ&c=MOptNlVtIETeDALC_lULrw&r=GmIkFYB5mJUePL-AjY1Dc16uEHcE
G
n7VgNAWW67Dwz0&m=jQEDjAVkk9MCKiTphB7KFfCw6tBtK4L_Es6Itz_QrKU&s=xIN8J7fGgz
j
IQIS_vslGjDKOpvhh3Pm-bgIbFDNQ2EI&e= > lays it in a commercial context:

The basic idea behind the Databox is that it is a networked service
that collates personal information from all of your devices and can also
make that data available to organizations that the owner allows. This
piece of software must have a number of important attributes.

First, it must be trusted by the individual who uses it. That¹s a big
ask. The Databox will gather information about browsing habits, buying
behavior, financial details such as bank statements, e-mail and social
media contacts as well as calendar entries and so on. To allow all this
all to be stored in a single online repository will require remarkable
act of faith for most people. Ensuring the security of a Databox is
therefore a crucial requirement.

But the owner of the data is not the only one who needs to share this
trust. Any company or organization that accesses the data must also have
faith that it is reliable, something that will require third-party
auditors who can verify that the system is operating is expected.

As well as gathering personal information, the Databox must allow
controlled access to it. So third parties must be able to selectively
query any information that the user allows them access to. At the same
time, the user must be able to control how this data is accessed and be
able to change the settings when necessary.

Finally, there must be incentives for all those involved to use the
Databox. For example, ordinary people may be more likely to use the
service if it contains a mechanism that allows third parties to pay for
using the data.

It may also provide an incentive for third parties by reducing their
exposure to sensitive data, such as health records. For example, an
organization may need access to health data but not want the cost and
responsibility of storing it securely. ³An analogy might be the way
online stores use third-party payment services such as PayPal or Google
Wallet to avoid the overhead of Payment Card Infrastructure compliance
for processing credit card fees,² say Haddadi and co.

This is also consistent with the full .pdf of the Databox report:
<https://urldefense.proofpoint.com/v2/url?u=http-3A__arxiv.org_pdf_1501.0
4
737v1.pdf&d=AwIFaQ&c=MOptNlVtIETeDALC_lULrw&r=GmIkFYB5mJUePL-AjY1Dc16uEHc
E
Gn7VgNAWW67Dwz0&m=jQEDjAVkk9MCKiTphB7KFfCw6tBtK4L_Es6Itz_QrKU&s=LuUh29U1s
8
fd-aEtkvbo3zKyDMr__k7gmZLz5rXF6sM&e= >. The authors have also not
designed the platform. They have just outlined the need for one and how
it might work.

Like John Naughton's Guardian piece, the Databox writeup ignores work
already happening in the world, including the Freedom Box, abundant work
going on in the U.K., notably all the PIMS followed by Ctrl-Shift, plus
other efforts such as Aral Balkan's
<https://urldefense.proofpoint.com/v2/url?u=http-3A__ind.ie&d=AwIFaQ&c=MO
p
tNlVtIETeDALC_lULrw&r=GmIkFYB5mJUePL-AjY1Dc16uEHcEGn7VgNAWW67Dwz0&m=jQEDj
A
Vkk9MCKiTphB7KFfCw6tBtK4L_Es6Itz_QrKU&s=ip4l3fhdnXFAaRPYKzwZ9OsPuCrVXKs-g
Q
lNszS1ZN0&e= > ‹ and work happening around the world and listed
(incompletely) here at ProjectVRM:
<https://urldefense.proofpoint.com/v2/url?u=http-3A__cyber.law.harvard.ed
u
_projectvrm_VRM-5FDevelopment-5FWork&d=AwIFaQ&c=MOptNlVtIETeDALC_lULrw&r=
G
mIkFYB5mJUePL-AjY1Dc16uEHcEGn7VgNAWW67Dwz0&m=jQEDjAVkk9MCKiTphB7KFfCw6tBt
K
4L_Es6Itz_QrKU&s=LfSXHshYNY9CIpDb_078ri1vyJiDfz30xTmPN5wFOjs&e= >.
(Ind.ie and Databox are both there, among much else.)

Doc

On Feb 1, 2015, at 10:52 AM, Chasen, Les < >
wrote:

Sounds like the freedom box that markus works on.

From: StJ Deakins < >
Date: Sunday, February 1, 2015 at 9:17 AM
To: Reuben Binns < >, John Harrison
< >
Cc: " " < >
Subject: Re: [projectvrm] John Naughton on VRM in The Guardian

Nice spot Reuben. Will go buy the paper :)

John H, is DataBox linked to your initiative?
StJ

On Sunday, February 1, 2015, Reuben Binns < > wrote:

I was leafing through the Observer (the UK Guardian's sunday edition)
and found this nice little piece from John Naughton which refers to
Doc
and VRM. It's on the front page of the paper's 'Discover' supplement
on
science and technology.


https://urldefense.proofpoint.com/v2/url?u=http-3A__www.theguardian.co
m
_technology_2015_feb_01_control-2Dpersonal-2Ddata-2Ddatabox-2Dend-2Dus
e
r-2Dagreement&d=AwIFaQ&c=MOptNlVtIETeDALC_lULrw&r=GmIkFYB5mJUePL-AjY1D
c
16uEHcEGn7VgNAWW67Dwz0&m=jQEDjAVkk9MCKiTphB7KFfCw6tBtK4L_Es6Itz_QrKU&s
=
oyOJY-G9fs3UQjOhZ6HOtDSGBzEFsxqGsLl20M9NANc&e=