ListenLog Meeting Notes

From Project VRM
Revision as of 09:34, 14 January 2009 by Khopper (talk | contribs) (New page: ===12/12=== ====Parking Lot==== ------------------------ Where is data stored? Does it sync locally? Is there any concern from collaboration stations and partners that there's no exclusive...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

12/12

Parking Lot


Where is data stored? Does it sync locally? Is there any concern from collaboration stations and partners that there's no exclusive access to data / analytics? What do we capture? Application behavior data? Security / encryption on the stored data? Which bits? How best to communicate and promote the ListenLog concept and where the key benefits and differentiators are? How do we address naysayers and differentiate from alternative approaches, e.g. APML? How do we do identity? How do we make it swappable? Do we use icards, openID, Oauth? How do we start the service without identity? (e.g. access to device ID?) Do users have control over what's stored? What's the absolute minimum of device-side functionality? Opt-out(?) Change repository Assign identity Where does legal and TOS come in? (see rights and contracts below) Does anyone enforce standards compliance? Who does the work / coding? PRX+? Do we think about revenue / sustainability? PRX has two roles here - one to build codebase and standards for storage, the other to think about services and how we'd use the data. Do we do opt out for data capture? (probably yes) Do we provide "public by default," e.g. ubiquitious, anonymous access to the data out of the box (probably no) Can we open source iphone bit? Publicly available libraries? What's in the first release? Should we provide ability for users to release data? How and to whom? What capacity for sharing? What terms? Anon vs. nonanon? Does there need to be database legal protection underlying data rights access to drive user terms?

12/13

How do we make the data inherently more anonymous? Match account data between logs Make timestamp and LAT-LONG fuzzy? What data rights can a user authorize for third parties? propagation rights (can I give this to someone else?) public rights vs. directed/assigned rights (e.g. for anyone to use vs. for specific entity to use) anon/non-anonymous Most rights issues/rats nests are associated with assigned rights How long you can use the data for? Keep the data? Rights to cease use, remove data(?) + confirmation(?) Can't use this to try and find/identify someone - reverse-engineering rights commercial/non-commercial? Contact me (e.g. DNC) Compare to IRB Contract rights Investigate proactively - what is it that pandora might want to do? What is reasonable? give me audio recommendations use for product development Don't cross-correlate/aggregate (e.g. social network correlation, Ben Laurie) - piercing identity/privacy data Endorsement / assignment to my identity

Core Requirements

what data is going to be captured where is it stored and in what format how does one identify oneself / assign identity what's the minimum functionality that needs to live on the device what's the minimum functionality that needs to live remotely additional / core functionality to prove value necessary? Determine protections for communication and storage between client app and repository authenticated, encrypted, etc. Draft requirements