[projectvrm] Re: Identity and the NTK protocol (was Deep learning access to personal data)

[Kevin Cox < >]

Thanks Doc for explaining it so well.

One critique and fear about the "downgrading" of ownership is that everything becomes community property.  Community property is still ownership so it does not solve the problem; just makes it worse.  A better way to think about it is custodianship. We become custodians, not owners.  As custodians, we have a responsibility to the thing over which we have custody and in turn, it may "promise" to provide us with something in return. So as shareholders in a Company we make a promise to the Company to make sure it is governed well and in return, it provides a return on our investment.  Companies work because the Company makes promises and while ever enough of the shareholders and other parties in the company collectively follow through on their promises others can deal with the Company as though it is a stable single entity.  Thinking of things this way does not diminish the benefits of buying shares; in fact, it makes the shareholder promises more likely to be kept.

With electronic identities (which are administrative identities) we promise to look after and protect our electronic identities. When we make a  connection with another identity the other identity makes a promise to look after itself.  We mutually agree that it is in our best interests for both of us to protect the connection and the identity of the other.  This means the building blocks of administrative identities can be the connections we make with other individual identities. We have greater trust in an identity that has many other active connections.  If we now think of a connection as being to a thing, we now have even more connections we can use to confirm our identity.  For example, our devices, our houses, our fridges.  (I like the idea that you prove your identity by getting people to ask your fridge:).

Why this has a lower cost is explained by Burgess in his book "In Search of Certainty: The Science of our Infrastructure". Trying to protect an individual electronic identity proves to be expensive.  It is lower cost (effort) to protect a pair of identities because a mutual promise has to be broken. We can only promise that the pair as a single unit is protected because we have no control over the other party.  However, our building block of a connection is more likely than not to hold. This enables us to scale identity because it is lower cost (effort) to protect pairs than to protect single identities.

Kevin

On Tue, Jul 19, 2016 at 1:36 AM, Doc Searls < " target="_blank"> > wrote:

I’m breaking this off to a new thread, because what Kevin is trying to get at in the last thread is important stuff we’re still not talking about. Here’s his gist:

> Electronic Identity is a Commons.  It does not exist until entities​ ​mutually recognise other entities.  Our electronic identities are made up of sets of peer to peer mutual identifications.  This is a Commons.  We can manage the Identity Commons cooperatively without resorting to​ ​restrictions caused by ownership of our electronic identities.
>
> What applies to Identity applies to all other transmitted data. Ownership of data is expensive to enforce.  Ownership allows the owner to restrict access. But, as soon as we transmit data​,​ ownership enforcement costs a lot.  Instead of restricting access through ownership what we can do is to restrict access through agreement. We can do this through principles we have worked out for regulating other commons.

This is a deep and essential challenge to assumptions on which we build both our concepts of identity, and our identity systems, whether we are “providers” or individuals trying to operate as sovereign entities. It also points toward solutions. But those solutions lie outside the conceptual frameworks in which we remain trapped.

Just as nearly all of us can easily see the commons as tragic when it doesn’t have to be (a topic in the prior thread), we also easily see identity as both personal and owned. In fact we can’t help it, because we think and speak of identities with possessive pronouns: “their,” “theirs,” “our,” “ours,” “my” and “mine.”

Think about it: possession isn’t “nine tenths of the law,” it’s ten tenths of the three-year-old. She can yell “It’s mine!” because she has opposable thumbs, and because she thinks and talks metaphorically, as do we all.

Hands provide us with essential metaphors. We grasp ideas, throw them around, and catch their drifts. We hold on to beliefs, or throw them away. We say lives are “full,” “empty,” “hollow” or “overflowing.” We get “into” and “out of” situations. We are “captured” by beliefs, and “escape” them as well. None of those may be true in a purely physical sense, but we are physical beings with bodies operating in the physical world, and that’s where we get our concepts, metaphors and languages.

Note that in the last sentence I used the verb “get,” which means to obtain. <http://www.merriam-webster.com/dictionary/get>. Try to separate that one from possession.

Prepositions locate the subjects and objects of the sentences we put together. They require that we think, believe, act and describe in terms of locations — and types of locations, such as containers and conduits <http://www.reddyworks.com/reddy-writes/the-conduit-metaphor/133-evidence-for-the-conduit-metaphor?showall=&start=1>.

There are only a few dozen prepositions in English. Here’s the Wikipedia list: <https://en.wikipedia.org/wiki/List_of_English_prepositions>. All require that we locate.

Lots of words also require prepositions. Here are some of those: <http://ontariotraining.net/wp-content/uploads/2014/12/Tip-Sheet-Prepositions.png>.

My point here is that we can’t help thinking and talking in terms of possession and ownership. So, naturally, we think, talk, and feel about our identities as things we own and control.

And yet it should help us to realize as well that we use our identities, and our identifiers, in contexts — and that the contexts we use may have no location, no container, no conduit. Such is the case with the Internet.

The other day I participated in a Skype session that involved people in Canada, Australia, Scotland and the U.S. Though we were “on” the “call,” it had no location. Though we saw each other and talked “through” or “over” the Net, by design the Net eliminates the need to conceive what happens there in terms of locations, containers or conduits, even though at a technical level all three are involved. (This is why we have “pipes” through which “packets” of data are “sent,” “routed” and “received,” as if all of it were a container cargo system, which in a way it is.) Yet we can’t help thinking there is a “there” there.

In the physical world it is easy to constrain contexts. Sound and light fades over distance. No two things can be in the same place at the same time. The networked world, however, challenges nearly all prepositions and possessive pronouns.

But we can meet that challenge.

Here is one way we can make full sense of what Kevin says, in both the physical world we know too well and the virtual world we’ve barely begun to understand (even though we’ve already made it): we tend to deal with each other on a need-to-know basis. Let’s call it NTK.

Think about walking down a busy sidewalk. Or sitting in a crowded bus. Or standing in a crowded store. There is no need in any of those places for any one of our names to be known to anyone else, except when that name is required. And even then it can be a pseudonym. The name you give a barista at a coffee shop doesn’t need to be yours. It just needs to be the name they call when your drink is ready. NTK is the social protocol that applies in all those ases.

Identifiers are social tokens that comply with the NTK protocol. And, in most cases, those tokens only need to be shared with one other party. And, if that party is a system instead of a human being, it can obey Kim Cameron’s Laws of Identity <http://www.identityblog.com/stories/2005/05/13/TheLawsOfIdentity.pdf>. Here are the first three of those, which I believe are also the most important:

1) User control and consent
2) Minimal disclosure for a constrained use
3) Justifiable parties

On the Internet, all three of those are wantonly disregarded and violated by countless parties we depend on, including the largest “identity providers.” (Note: they don’t provide identities, but rather administrative identifiers.) The sovereign and private nature of individual human beings inconveniences those systems, to say the least. Even Apple, which is breaking from the pack with its approach to privacy<http://apple.com/privacy>, remains a royally f’d up provider of administrative identities: <https://duckduckgo.com/?q=apple+IDs+are+fucked+up>.

As the status quo stands today, we can no more depend on Google, Facebook and Apple to change what they do with identity than we can ask the Moon to move to Mars. Asking governments to solve our identity problems will inevitably require them to think, argue, legislate and regulate within the conceptual frameworks that produced those problems in the first place.

Our identity problems can only be solved at the most local scale: with (and by) each of us, interacting with each other, on a need-to-know basis. That’s what Kevin proposes here.

I submit that what he proposes is (or could be) consistent with what Devon and others say about sovereign source identity and what Adrian says about personal authorization servers. All employ NTK principles that are well understood already in the physical world.

Creating identity solutions that start with each of us is also what IIW <http://iiworkshop.org> has always been about, and why, if you want to work on those solutions, IIW is still the best (un)conference for doing exactly that.

Finally, if we do solve those problems, VRM becomes a lot easier to make happen.

Doc

--

Contact 0413961090