Identification and social justice

transcript

Identification and �Social Justice �

Bob Blakley�

Kaliya “Identity Woman” Hamlin��

Cloud Identity Summit July 19 2012�

��

Identity is socially constructed and contextual.

R�I �S�K�

IDENTITY INFORMATION �

NO IDENTITY �=�

NO ACCESS �TO JUSTICE �

OR SERVICES�No rights�or redress �

R�I �S�K�

BIRTH AND CITIZENSHIP �RECORDS �

SUBSTANTIALLY DECREASE �CITIZENS’ RISKS�

Access to rights �and legal system�

R�I �S�K�

BUT MORE IDENTITY �INFORMATION �

IS NOT �NECESSARILY BETTER�

R�I �S�K�

IDENTIFICATION TRANSFERS RISK �FROM THE IDENTIFYING PARTY �

TO THE IDENTIFIED PARTY�

Identifying party avoids risk by denying service if identity information is adverse �

Identified party bears risk of being denied service if identity information is adverse �

Each party’s initial risk�

R�I �S�K�

SOCIETY USES IDENTIFICATION �TO TAKE RISK FROM �

INSTITUTIONS �AND GIVE IT TO INDIVIDUALS�

Business or agency has resources;�may require identification�

Individual citizen needs resources; �must submit to identification�

Information Asymmetry

and Power Asymmetry

R�I �S�K�

BUILDING DOSSIERS INCREASES RISKS �TO IDENTIFIED PARTIES �

BY APPLYING INFORMATION � TO MANY TRANSACTIONS�

Business or agency�

Individual citizen �

Risk in current �transaction�

Risk in future �transactions �

R�I �S�K�

ADDING FAVORABLE INFORMATION �TO AN IDENTITY DOSSIER �

CAN DECREASE RISK �TO IDENTIFIED PARTIES A LITTLE… �

Benefits granted�based on history�

Personal Cloud

PersonalData

Analytics

INDIVIDUAL

ContextShared & PersonalDevices

Roles/Persone

What if we collected our own data in our own dossiers?

R�I �S�K�

BUT ADDING ADVERSE INFORMATION �TO AN IDENTITY DOSSIER �

CAN INCREASE RISK�TO IDENTIFIED PARTIES A LOT�

Benefits denied�based on history�

IDENTITY DOSSIERS�DO NOT ALLOCATE RISKS�

EQUALLY TO RICH AND POOR�

No history or bad history =�Few service providers =�Little access to resources =�Few opportunities �

to build good history�

Good history =�Many service providers =�Easy access to resources =�Many opportunities � to build good history�

Services �

R�I �S�K�

THE POOR ARE MORE LIKELY �TO HAVE ADVERSE �

INFORMATION �ADDED TO DOSSIERS�

Low access to �resources �and legal �services �

R�I �S�K�

THE RICH ARE �MORE LIKELY TO HAVE �

ADVERSE INFORMATION �REMOVED FROMDOSSIERS�

High access to�resources �and legal �services �

Personal Cloud

INDIVIDUAL

Context

Shared & PersonalDevices

Roles/Personae

Social ProfitOrganization

Local Retailor

Product Producer

Utilities

Service Provider

Vendor Relationship Management

Infomediary Markets

Individual Business

AgentService Provider

Vendor Agent

Retailer

Market Place

DataAggregation

Services

Service Provider

Vendor Agent

Retailer

Market Place

Data Aggregation Markets

NO PII

R�I �S�K�

DOSSIERS TEND TO �ALLOCATE RISKS TO �

THOSE LEAST ABLE TO �ABSORB THEM �

Rich�

Poor �High Risk�

Low Risk�

R�I �S�K�

CITIZENS OPT OUT OF OR �SUBVERT IDENTITY SYSTEMS�

WHICH CREATEEXCESSIVE RISKS�

C �O �O �P �E �R�A �T�I �O �N �

R�I �S�K�

WELL-DESIGNED IDENTITY SYSTEMS COLLECT, MAINTAIN, �AND USE THE SOCIALLY OPTIMAL AMOUNT �

AND TYPEOF IDENTITY INFORMATION �

Maximum identity�information�

Optimal identity�information�

No identity�information�

R�I �S�K�

IDENTITY INFORMATION PREFERENCE �

FINDING THE OPTIMAL RISK/BENEFIT TRADEOFF �REQUIRES CAREFUL STUDY AND CITIZEN INVOLVEMENT�

Police �

General Public �

Felons�

Banks �Tax & �welfare �cheats �

Persecuted�minorities �

Privacy�advocates �

Liberals � Conservatives �

? Anonymous ?

? ? Per-Post Per-Session

Anonymous

? Anonymous

ü Verified

ü ü ü

Verified

ü ü ü Documentation In Person

Verification Biometric Capture

? Anonymous

One Site Multi-Site

Verified ü

Pseudonymous

? Anonymous

One Site Multi-Site

Self-Asserted Verified Socially Validated

ü Pseudonymous

Planning Considerations �for Identity Systems �

•  Involve the citizens meaningfully in the system’s design

What are the different contexts that you navigate in your life?

Partner Spouse Wife Wife Wife Wife Wife Wife Wife Europe Family

Mother Mother Mother Mother Mother Mother-in-Law Mom Parent Parent Parent

Friend: Confidante, Encourager, Fun, Listener, Confider

Pet Sitting Dog Lover Dog Owner Dog Owner/Companion

Daughter Daughter Daughter Daughter Sister Sister Sister Sister Sister-in-Law Aunt Cousin

Great Friend Friend Friend Friend Friend Friend

school volunteer Volunteer at the Space and Science Center Volunteer at the Animal Shelter Volunteer at Community Outreach Member SVForum Tech Women Book Club: hostess, humorous, well read, insightful Meetup Organizer Organizer President (club) Secretary of School Club A School Club Member

Girl Scouts Girl Scouts Soccer School Soccer Team Member NCAA Fencing Team School Newspaper Energy club Leader

Student Student Student Student Student Student

Work: Mentor, collaborator, driver of work, Innovator Project Management Professional at ____ Airline Industry Expert Technologist Anthropologist International Artist Director in my Company Finance Executive Sales Director Sales Enablement Manager International Project Manager Program Manger Organizational Planning Meeting Design Thinker Connector

LinkedIn - Professional Online LinkedIn: professional Executive At work- OnlineID

Mentor for Startup Cultural Mentor Mentor Mentor Mentor

Employee Co-Worker Colleague Employee Intern

Facebook: Funny, Wry posting links about tech, politics, humor, family Face to face: Celebration Party Dancing: Free in the Flow Moose

Creative Piano Artist Artistic

Online: get educated review before purchase Online: Research, Learn Online: Buy/place orders

Arabic Language Learner Walker Cyclist Formulal Fun Sports Car Enthusiast

Contrarian pain in the side Movie Addict Inspiration Energetic

Photographer Blogger Social Media Personal

Chef Traveler

How do you manage persona’s and your identities with different contexts and social roles?

I handed out paper and invited the women to draw their own map of how they do this and then to share it with their neighbor.

•  Make social justice an explicit design goal o  Carefully balance stakeholder interests

•  Consider a system of loosely-linked special-purpose systems o  Instead of a single centralized system o  Design systems that inherently don’t link personas

together - Example: LLP

? Anonymous

One Site Multi-Site

Self-Asserted Socially Validated

Verified ü

Pseudonymous

Verified Anonymous Attributes

Over 18 years Woman Voter

CA District 9

Ms.Sue Donna DOB = 1/21/1982 1823 6th Ave. Alameda, CA

? Anonymous

One Site Multi-Site

Verified ü

Pseudonymous

? Anonymous

One Site Multi-Site

Verified ü

Pseudonymous

? Anonymous

One Site Multi-Site

Verified ü

Pseudonymous

Limited Liability Persona

•  Design the system to forget history information after a while o  Or not to compile dossiers at all

•  Legally enumerate permitted and forbidden uses of identity data o Forbid secondary uses and establish sanctions

•  Regulate use, not collection (per danah boyd)

o  Explicitly enumerate permitted uses in the data itself o  Using context metadata�

What would it look like have citizens meaningfully involved?

http://farm5.staticflickr.com/4132/5010483557_3869b9f716_z.jpg http://farm5.staticflickr.com/4132/5010483557_3869b9f716_z.jpg

http://farm4.staticflickr.com/3532/4015256985_b13d64c6f3_z.jpg

taoofdemocracy.com

co-intelligence.org

http://www.identitywoman.net/insight-for-governance

Tom Atlee

Kaliya’s NSTIC – Governance NOI Response

The Core Principles for Public Engagement 1.  Careful Planning and Preparation 2.  Inclusion and Demographic Diversity 3.  Collaboration and Shared Purpose 4.  Openness and Learning 5.  Transparency and Trust 6.  Impact and Action 7.  Sustained Engagement

and Participatory Culture

High performance collaboration amongst industry stakeholders is needed for NSTIC to succeed.

Shared Understanding

Shared Language

http://www.identitywoman.net/ ecosystems-collaborate-using-shared-language-nstic

alignment-of-nstic-stakeholders

ncdd.org

groupworksdeck.org

A Pattern Language for Bringing Life to Meetings and other Gatherings

Inviting community engagement on NSTIC Charter & Bylaws

Mailing List: http://lists.idcommons.net /l ists/subscribe/nstic-idm

NSTIC.US

nist.gov/nstic/notices.html idecosystem.org/

Bob Blakley�http://notabob.blogspot.com/

Kaliya “Identity Woman” Hamlin�http://www.identitywoman.net �Cloud Identity Summit July 19 2012�

��

Find a resource list and reference links on our blogs