Personal Data Stores

From Project VRM
Jump to navigation Jump to search

Drummond Reed’s – Personal Data Store With Iain Henderson to address as well

On Board:


What should be in it? (at a minimum) and (ideally) What’s it for?

What is its essential characteristics/components

Where does it reside?

Where does it fit in the overall OSI Model and the VRM architecture

Why is it important?

When is it deployed?

How is it managed – what policies apply?

Does it have to be standard? Cabn there be many types?

What are the points of failure?

Drummond – the concept of PDS has been central to VRM

This is to talk about why? And to look specifically at the PDS

One starting point is “Why is it important”/

Another is “what is essential?”

When we wrap up, we ask – On what points are we not in agreement?

Iain describes myDex though Slide show

Observation – Enterprise CRM architecture have multiple attributes but only store data for a year. If well designed, “important data” will be stored in Analytical System and data warehouse. Which holds the atomic level of data and stores it for the duration of a decisionmaking cycle.

Analytical systems tracks who bought what, where and why?==> to anticipate what to do next

First order concern is quality – meaning completeness, accuracy and several other attributes…

Evidence is that “CRM Needs to be fixed” – spending 200 bps is not enough to fulfill requirements. Okay at collecting info on customer. Not so good on tracking customer/product/outlet info in a usable fashion

Definition of “Personal Data Store – (admittedly not a helpful term) A generic term to “source, store, enhance and selectively disclose my personal information”

Needs to run on the same principles as the CRM… Systems will do the doing….

The personal data warehouse is the missing element.

In CRM the identity layer is at the top end PDS resides on top. With the sources

Sees 3,500 attributes over 70 years (is what each individual has)

(Thematic) Individuals have less tools, more attributes to control, fewer resources to monitor and track.

Craig Burton – it is important and extensible as well. A: So you need to identify the important attributes versos

To determine what’s important, just identify what info you might need to get your life started again.

Next slide depicts Interactions and transactions with all sorts of businesses and gov’t entities. With the Identity Layer at the core.

  • No CRM database can handle persona so you go about creating multiple ones to transact and interactx in the world.

Important – This is a logical design, not a physical design…

It has been posited that Interactions are what’s being monitored and that Transactions are a type of interaction.

Joe Andreiu – says we can get to the Model T version that does okay

Next slide – Current state of Who has what data…

Was My Data, Your data, Everybody’s Data, “Their Data”

Everybody’s data = public domain – all sorts of data that’s avaialbe. “Their Data (or parasitic tailings) – what Experian, Acxiom etc, collect about you

Your dat – include a vendors products /services, policies, prices… And guesses regarding view of a customers preferences, requirements…

Our Data – identifiers, clams,/Assertions and transactions…

MY DATA – is stuff known only to me… Circumstances, Assets, Liabilities, preferences…

There are also back channels which are interactions between the parasites, vendors, and the publicly available stores.

At Liberty Alliance they have been discussing “Volunteered Information”

Finally, There’s the Target State

In 10 years time 80 percent of customer management prcesses will startywith “MYDATA” (me)

So the customer will be in more control and overt interactions will be between the vendor

Toxic will be bad for both vendors and customers – they destroy trust.

Drummond – 3 times I’ve heard that “The customer is the point of integration” (which originated from Joe Andrieu)

“Customer as Point of Integration”

Joe says “Analysis and Insight” revolved around the vendor data… It is the source of Google’s competitive advantage …

Craig Burton – but Google’s source of distrust was doing personal data storage for Google to tag and index

PDS has “roots in two places”

1) Doc Searls – personal experience with the medical treatment across several care givers and each introduced errors in their systems so that they could not reconcile or synchronize… The conclusion is that it would have been more efficient and less dangerous if Doc had been the single repository providing to access to the data on an as needed basis.

2) The other side is “Stymergy” which is the general term for how ants find the shortest path to food. It is also the answer to a distribution problem for multiple trucks between warehouses. They send out ants randomly, the one that comes back first, his trail is doubled.

Balance between exploration and exploitation. They mark their environment. Joe articulates that the data should be stored centrally and when multiple companies or individuals want access, they should not seek out things from one another. They should get it from the individual’s data store

Stuart- Why wouldn’t you just ask or Google to do a better job of making your information accessible to other apps. So I can assemble it at my command from the multiple sources.

Joe’s answer – you’re asking about data portability. Iain says (it’s because you’d be operating under their terms and conditions)

Joe says it is because personal data store is not just “the data” it is about setting up mechanisms for permissioning information in, out based behind your own front end (called identity)

And you’re going to have all sorts of front ends or “Service Specifications” (Liberty calls them Service Interface Specification)

Status updates Addresses Music ratings Search Activities Personal RFPs Personal Healthcare records SMTP/POP

And it’s all under your control

Sop the question is whether the hub is about authentication (identity layer) And permissioning

      • so there is a multi-billion battle raging over control of permissioning for status updates.

Iain – you’re still missing the link between doing data and planning data.

Doc sees the user as the point of integration and also origination.

Else – a problem solving thing which gets brought up.

That is the ossified way that existing systems work In medical system, f’rinstance… there is a kiretsu of equipment providers, suppliers etc where it is hard to get data from individuals or companies. Incompatibility between media, age of PC, etc.

You are going to have this architecture work better in some cases rather than others.

Iain, where there’s failure in ERP or CRM it’s because the system is trying to do too much and gets clogged up.

So you need to make the distinction between getting stuff done and when you have to do long-term planning.

Per Drummond – don’t you end up answering the question by establishing the framework for these the service interfaces service provier (Facebook, Myspace, Plaxo)…. And those service providers would manage one or more of the service specification intervfaces.

Joe is saying that it is easier to solve and optimize the “shortest path” solution for specific tasks then to define the personal data store that does it all.

Iain is saying that it will have to do the analytics earlier and constantly.

Architecturally you sidestep it by providing a service that’s operational and do it in a way that is consistent with doing the analytical and do it in a way that’s consistent with identity based permissions.

So you don’t have to do them all if you can solve one of them seamlessly.

Drummond will explain what XDI is all about as a protocol:

The idea of getting all sorts of schemas to talk to one another is a real probalem. HtML can’t. XML cannot.

About trusted Data sharing. And it’s about permission

Craig says that XDI is not a protocol. It is a language structure

He wants to know “what does it resolve to” if I write a command and it gets abstracted to something that then resolves to the data and its location. So if you want to share some of your data that resides elsewhere, like in multiple banks…

The Data doesn’t have to live at the hub… But control does

Craig – it resolves around a URL and then I can react to it based on a structured card

Card Rule Set Data set

Resolved to a URL and it gives permission to access to where that data can be found. And enable data set mashup.

E.g. iphone with a GPS Google Map moment. “Tell me where the lone palms hotel is in relationship to me” tell me where I am and where I go.

It’s mashup that needs to include all that data.


Ad active rules to operate on your data store, and the mashup of all the services

I just want to get this group to define the architecture to put it into the hands of the developer community./

E.g.’s EC2 setting up all sort of things (like 30 years of census data)

Q: When you say “rule sets” do you just mean permissions?

A: (using the MyDex example - ) as a proof of concept, no browser is required. Any program and any entity can subscribe to the other info an dlocation and all or part be “in the cloud”

Switchbook has all the info distilled on the hard drive, there is a copy in the cloud for back up purposes. It doesn’t have to be in the cloud. And there’s code in the client to handle I/O

When you get to rules… You put functionality in the cloud that handles services and can find them in the cloud.

Customer write the rules.

Stuart… Example is embedding a twitpics or a URL in a twit… I’m publishing something that can then be seen by anyone or everyone. Or how do I add a “smart URL” to a tweet so that I can publish to everyone, but the URL has a set of criteria behind it or around it that is controlled by the higher order infrastructure.

Can use a medium like Twitter to infect the world with XDI and XRI

If all or portions of your data are addressable, it can be made accessible to the rest of the world. If you make it abstract. If it’s inside the “Identity Layer” it can be under the control of the user. One of the key purposes of the next step, which is XDI… The same format says that I can store the “permissions” (sometimes called “rules”) so that I can access the Link contract. So that the read/write instructions can attached to another set of rules to do something like letting the gas company

Go To (it explains the rules that Phil Wendly has developed)

Joe says that Grease Monkey does it as well. But Craig Burton says that kinetics… is what we should be interested in.

Joe says HTML 5 is being deployed now in browsers.

Craig: I would strongly recommend that we do this in a way that is somewhere between Wiki-based and Selecter-based that is Strong foundation for VRM.

Joe, part of this is about deployment… “I hate JaSon because it is inherently insecure” but they have ways to do secure parsing of Jason… But it was adopted because it provided trivially easy way to do it insecurely and native to JAVAscript.

We want to play friendly with them.

Question, gas company needs employment data about me. 1 to 1 federation on their own terms. VRM way. Passport agency acts as a node and permissions allows Gas company to get info from passport agency.

Data liquidity is what it’s all about.

Read it as “permissioned” or “unpermissioned” and the reason that there is so much unpermissioned is because “there’s no technology in use” to support permissioned. Which is an argument for Portable Permissioning.

Joe-looking at Switchbook in this context is that your identity is stringly around what you give permission for.

Switchbook defines you by your “search map” it’s a file that is orthogonal to all your other identifiers. It’s Switchbox has a “SearchMap” document at its core. It is the context where your current browsing shows where you’ve been and what you’ve done and all that.

Idea is that we shouldn’t get hung up on the protocol right now. Just define how entities interact and figure out the mesh points.

In the IDWSF model, how you talk to the gas company is permissions based. They may send you an email or something and you set it up with your IDWSF model.

Drummond: Now we talk about our questions.

1) Why is it important?

Initial – The thing that will put the individual back in control of personal information. Meaning the information that is important to the person.

It’s the store that you personally have control of, it could be anything.

Will allow us to be more promiscuous with our data because we know it will be stored in a trusted way.

It is a context for control.

Because if you abuse it, I know your pheromone trail?

Benefit is that it will improve my quality life, based on my decisions.

It’s important because it is valuable? It can be bartered>

It is economically transformational>

Jim – Like credit cards, this lowered the friction and reduces guesswork and waste from the vendor side. Which increases value.

Best case you provide the best possible outcome for both parties.

It is more efficiently economically. (the economy will operate more efficiently)

It enables what we’re calling the fourth party services (what VRM is promising).

Mark’s point – It’s a way to organize VRM.

What we’re talking about as the personal data store is to create a better marketplace by providing the way the individuals are regarded by buyers/sellers/governments.

It helps people organize their lives. It enhances efficiency and productivity.

Framework for new use conventions that we don’t foresee right now (think of browsing… or logging onto the bank)

It’s implementable

Now let’s look to points of failure:

Adriana would say that there are point-to-point identity free interactions that don’t require this.

Aside – Kim Cameron says that “Identity” is not an identifier. It is just a set of claims that require context. You can have a claimless set of claims in a container.

It is about 4 different identifiers:

Authentication Presentation Reference ID (how to be reached email address) Internal ID

This is your identity online

Are there VRM-y things that don’t have a personal data store as part of it… The answer is no…

You need a place for your stuff…

Q: Where does it have to reside… It could be anywhere as long as it’s accessible by the applications

Q: Isn’t really a permission and control hub? Answer is “no” it is still about the data with rules established as to the permission and conditions under which

We’ve gone in circles around what is a relationship manager as opposed to a relation service.

Iain says, it’s all about how you operate around the data… Need to clarify how to source, store, enhance and selectively disclose data.

Drummond – the other place the Identity comes in is that the idea of the role of the user in terms of control is akin to the control they have over their bank account. But the bank has authority.

The relationship someone has with Equifax, for instance, is Massively Passively

Another parallel is like the spam filter, where we have passive benefit but virtually no control.

Jim Morris asked what this would be like if it were Communist China and there was an argument for centralized … Drummond, from the point of view of market (as opposed to moral), this is the mechanism for giving user control.

This is about distributed planning.

Has anyone looked at giving control of the personal ID store to a centralized trusted entity…

Bullets for tomorrow:


  • IP addresses are they tracked…
  • I’m worried about Google tracking activity

User Experience

  • complex
  • could create opportunity for errors
  • Mashing on toes

Conformance and compliance (if I share data, how will I know if people abide) a Reputational authority (how do I know you are who you say you are)

Service dependability Business dependability

Portability? Inadequate choice of SPs

Data Breach and fear of data breach (Honey Pot)