Questions around data ownership
unodewaal
group could answer. As an aside - we're working on a cross-site
identity platform - something that would allow you to login to
multiple sites with a single login and pass information around. It
sounds exactly like OpenID, which we are definately using, but it's a
bit different as it uses some Auth stuff and handing over data. I'd
love to hear what you guys are thinking.
I really liked the post on <a target="_blank" href="http://
www.readwriteweb.com/archives/wheres_our_real_world_data_portability.php">RWW
today about dataportablity</a> by Josh Catone. It's something that I'm
struggling to get my head around - who owns that data?
I'm a believer that while you own the data, the activity, i.e. what
you did on the site and what you put on there, is partially owned by
the site. Just because you uploaded a photo to Flickr, and you used
all the cool nifty uploading, tagging, rotating, sorting, organizing
tools that Flickr offers, you should now be able to port all of that
to Facebook? Same, Facebook has friend tagging as a feature, and it's
a piece of technology that they pioneered, and now you want to take
that over to Flickr?
That part doesn't sit well with me. I feel that the services/sites
have invested quite a lot of R&amp;D time into building these
features, and for you to now be able to up that data and take it
somewhere else...
The example Josh used is quite a good analogy - can I take my data
from Store 1 to Store 2?
Store 1 has brilliant data capturing, sorting and customer research.
Store 2 is a mom and pop shop, no technology, but they can tailor a
lot of niche services to you, if they can get that data. Yes, I would
like that data portable, but Store 1 has heavily invested in that
data, and it would not have been possible to get to that data without
the infrastructure that they built.
Now, with some dataportabilty chucked in, we can quickly take the
attention data from Store 1 and plug it into Store 2?
Is that attention data owned by Store 1? Yes, I believe it is. Unless
they agree to making that Attention Data public, it would be a breach
of service to take that data out. Unless there are laws governing it.
<a target="_blank" href="http://www.privacy.org.nz/privacy-principle-
six">Principle Six</a> in New Zealand does exactly that embodies what
I want to happen.
Why do I say "Yes, I would want that"? It means that I don't need to
input that data again, and the new service would just start working
automatically.
This is something I'm struggling with so far - I know it's a good
thing. But how do you keep the technologies safe that companies have
invested in, and promote more research and innovation? No site would
like their users to be able up and off to another site.
Should I be able to select what data I want, send that over to the new
service? I believe so. oAuth is going to help me.
Post originally here:
http://www.unodewaal.com/2008/04/16/questions-around-dataportability/
unodewaal
Elias Bizannes
1) Think about cash. You store your money at a bank. They've invested
infrastructure, security, and extra features like a virtual savings
account. What keeps you from moving your cash to another bank, because
you are sick of them? So think about data like money; data being the
currency of the information economy. It's yours; there is absolutely
no obligation for you to have to give up ownership to a web service.
How would you feel if your bank screwed you over, and to take it out,
you paid a penalty of 50% of your savings?
2) Data Portability, in the view of several of us, is not necessarily
about you having to export your data. It's about data access (try
dataaccessibility.org - see where they redirects to...). Portability
means moving something in context and why we chose the word. Think of
the value chain of web services, where storage now is not the only
part of the value chain now (as it was) and instead things like
community have now extended the market. If I can store my photos in
SmugMug, but still use Flickr to get the community aspects of it, and
be able to access them on Photoshop online - I couldn't care less
about SmugMug still hosting my photos. As a user, the economic benefit
of controlling your data is not is moving it around, but it's being
able to use it where you want.
...and a final concluding thought. Data, by definition, is
meaningless[1]. It has no value. Information, is when you connect
different data objects - the relationships. So to generate more
information, you need to encourage more linkages between data
objects.
The motivation for webservices, is the innovation they can do with
your data. Going back to the photo example: if one site allows you to
organise your photos into sets; if another allows you to create
hologram versions of your photos; if another allows you to do facial
recognition - these companies have access to the same data, but their
advantage is in their innovation & capability. By having
DataPortability as the defacto way of doing things, it's going to
raise the bar for innovation, because companies are no longer
competing on acquisition of people and locking them in.
[1] http://wiki.dataportability.org/x/RgkR
unodewaal
I like your Bank analogy - And I think what I'm thinking about it is
the information gathered from your data - all that extra stuff that
services build on top of your current data sets. Data is what's
portable, not the information on top of that.
Ryan Parman
They're YOUR tags. They're YOUR favorites. They're YOUR friends/
buddies/relationships/whatevers. You should be able to take it without
question.
As we move into a world where value comes from the the traffic and the
data exchange, where will these silos of information be left? Behind,
that's where.
There was recently a discussion -- I can't remember where online --
where somebody was talking to the people behind the New York Times
website who, like most websites, try to keep people inside it's walled
garden to generate page views and click-throughs. Then it was pointed
out that there was one company that had made 10 times that by
constantly sending people *away* to other websites. Their name? Google.
The value of data is not in the warehousing of it, the value is in the
exchange.
Mark Neely
Your article cite raises a good question:
>>The example Josh used is quite a good analogy - can I take my data from
Store 1 to Store 2?
Store 1 has brilliant data capturing, sorting and customer research.
Store 2 is a mom and pop shop, no technology, but they can tailor a lot of
niche services to you, if they can get that data. Yes, I would like that
data portable, but Store 1 has heavily invested in that data, and it would
not have been possible to get to that data without the infrastructure that
they built.<<
The online version of this is often quite different.
With the store example, XYZ Retailer's investment in an infrastructure
solution usually results in a physical card which is presented during the
purchase process - this is how they extract + tie your purchase history to
you. As a general rule, some incentive is offered for presenting the card -
discounts, frequent purchase points etc. This incentive may be viewed as the
'consideration' (i.e. compensation) paid by the store in 'acquiring' your
data.
Look at the online example - in many cases, you, the user, does all the
'hard work' in enabling the site operator to store the data (you manually
enter your profile detail etc.). The site's investment in being able to
extract and tie your site usage history to you is, in essence, just a
cookie. Furthermore, receiving an incentive in return for allowing the site
to capture your usage data is the exception rather than the rule, so in most
instances there is little or no 'consideration' given for your data.
Yes, the site owner invests in infrastructure, but this is more
appropriately viewed as a cost of doing business, rather than a payment made
to justify ownership of your data.
There is no clear answer (yet), but the issue warrants more discussion.
Regards,
Mark
-----
Mark Neely
Master Strategist
Infolution Pty Ltd
e: m...@infolution.com.au
m: +61 (0)412 0417 29
skype: mark.neely
Read my blogs --> www.infolution.com.au
www.neelyready.com
Connect on LinkedIn --> www.linkedin.com/in/markneely
Julian Bond
of an SN and as a member of lots of SNs, so here's some personal
opinions.
Let's say: I post a blog entry on a site and make friends with a hundred
people on that site.
- I own that blog entry. It should be reasonably easy to extract it from
the site and post it elsewhere. The site should not be able to stop me
and should actually make it easy for me to do this.
- To some extent, the site owns the blog entry too. By using their
service I'm giving away some rights to it. So if they wanted to publish
a collection of the best blogs posted on their site in a book, I don't
think I should be able to stop them. It would be common courtesy for
them to ask or at least inform me but I'd be happy with a ToS that
didn't require them to do that.
- I've built up a contact list on their service. I should be able to
reasonably easily extract that list and use it elsewhere (like in my
Outlook). But it now it gets hard. Have those people agreed that I
should have access to *all* their data? Is the only thing I get, the
pointer to their profile page? Or should I be able to get anything I can
see on their profile page in structured form?
- Who else owns that contact list? Should the site be able to make use
of it? For money? If it's visible to the world in html, should they make
it accessible in structured form?
- At this point things begin to get murky. Additional metadata is
generated by the community and the system and layered on top of what
we've had so far. Now we're into Facebook Beacon and DoubleClick cookie
territory.
My view of data portability is that all of the above is going to happen
anyway. In almost every case, the more data you give away, the more APIs
you put in to make it easy to take away, the more you link to externals,
the more you push people away, the faster they come back.
--
Julian Bond E&MSN: julian_bond at voidstar.com M: +44 (0)77 5907 2173
Webmaster: http://www.ecademy.com/ T: +44 (0)192 0412 433
Personal WebLog: http://www.voidstar.com/ skype:julian.bond?chat
For Home Or Office Use
unodewaal
I think that's where we are on the same page. The sites add
information and context to the data, and as you say, just because I've
signed up to the service doesn't mean I've given you access to extract
my e-mail address.
I also believe your last statement - the more you allow yourself to be
woven into the fabric of other sites, the more you'd get people coming
back to your site.
There is another space though: as Ryan pointed out, it is actually
still YOUR data (i.e. YOUR blog post). You consent to the site using
it to generate advertising. You should also be able to revoke that
right.
Murky....
Iain Henderson
Elias Bizannes
The problem we have is one of language[1]. Why must we insist on a
user "owning" their data? This whole concept of property ownership
over something virtual is not necessary. And we really should
understand the consequence of the word 'control'. What we want is for
a user to get the BENEFITS, and you don't need ownership for that. We
are trying to climb Everest by trying to determine who owns what, when
all we need to do is a lot easier.
And quite frankly, I don't think anyone actually owns "data".
Information yes, but not data using the definition of the word. No one
owns air (data); but you can own the air of a restaurant as you own
the property (usage of the air -like usage of data to generate
information).
So to respond to Julian who wants some application:
"Blog entry"
- if you were a journalist for 'The Economist', you would be getting
paid to write articles. Your employment states you get paid money, and
in return, you generate content. There is an agreement with the
publisher, and you are remunerated for your services
- if I was to post a blog entry on wordpress.com, we are talking about
something completely different. *You* are the publisher; wordpress is
simply the technology platform. It's almost like you are trying to say
Microsoft Windows should own articles generated from the Economist,
because their technology was used to produce the content. Wordpress's
business is in utility computing, not content[2].
- Just because wordpress.com is free for you to publish your content,
that doesn't mean they own anything. It's their choice to determine
how they monetise things - they may require ads to appear on content
for free accounts, but at the end of the day, its your content. With a
free account, you are willing to let them get economic benefit fro
your content so you can get the benefit of their service, but it
doesn't mean they can control that - that's your decision.
"contact list"
- an e-mail address is an identifier, like a name. You can associate
identifiers to identity(s) to make representations. What a person has
the right to, is WHO can make those connections.
- Just because you have my e-mail address doesn't mean anything. There
is no data beyond that. The fact you might use the facebook
friendfinder to identify potential connections with people, you
actually require facebooks knowledge that a persons profile is
associated with a certain e-mail. Ultimately, the person who
associates an e-mail with their facebook identity, owns that
association.
- I own my e-mail address, in the same way I own my name. Rather, I
have the right to determine how it is used. If I was to print a
newspaper that said Julian Bond is a queen, you could sue me under
defamation laws for making a wrong representation of you. It's not
that you can stop me from publicising that, but you can enforce your
rights through the equity courts to get damages or an injunction. You
own not the physical e-mail, but you can control the economic benefits
surrounding it - you have the right to determine what data is
associated with your identity (and that's not something the
dataportability project needs to advocate, but existing government
regulation with privacy and beyond).
- so applying that in practice, if Robert Scoble wishes to import his
social graph into Plaxo, by all means he should if he has access to
identifiers. But the individuals in question need to confirm their
relationship on the new sites, because Scoble hasn't got their actual
permission to make a representation that they are friends on this new
site (someone on a porn social networking site might not want to be
associated with any real people for dear of being identified)
- again to make the point: you don't need to export data from facebook
to get the benefits from it. The data on someones profile should stay
in Facebook, like a data bank. But an application should be able to
query facebook to extract some of that data, as determined by the
user, with the master copy of that dataset on facebook still - and a
users whos profile that data resides on is controlled by granular
permissions similar to how apps can access your information). So for a
user to get the benefits, they just need facebook collaborating
through interoperability. Facebook makes money on content they can
tailored based on your profile data as you visit the site, so allowing
other sites to use that data doesn't hurt them (because if a user
isn't on facebook, that data is now useless - unless facebook intends
to sell your information).
[1] http://liako.biz/2008/03/dataportability-is-about-user-value-fool/
[2] http://liako.biz/2008/04/how-business-is-done-on-the-internet/
Aaron Cheung
> Information yes, but not data using the definition of the word. No one
> owns air (data); but you can own the air of a restaurant as you own
> the property (usage of the air -like usage of data to generate
> information).
Quite debatable.. owner of data is normally defined (might not be very
well defined) in the legal works (ie., legislations), though, yes, usually
with reference to the provider/container of the data, and the use of it..
Mark Neely
>>The problem we have is one of language[1]. Why must we insist on a user
"owning" their data? This whole concept of property ownership over something
virtual is not necessary. And we really should understand the consequence of
the word 'control'. What we want is for a user to get the BENEFITS, and you
don't need ownership for that. We are trying to climb Everest by trying to
determine who owns what, when all we need to do is a lot easier.<<
I have problems with this line of thought.
Granted, 'ownership' can be an ambiguous concept, but without some form of
'ownership' of data, there can be no right to privacy.
Beneficial rights to data are not sufficient to protect privacy, as such a
position necessarily assumes multiple rightsholders. Privacy (or, rather,
the enforcement of privacy) requires the ability to exclude all others (or,
put another way, insist on exclusivity of access).
Elias Bizannes
benefits. Think about how businesses can capitalise leases for
machinery - they don't physically own the machines - yet for all but
the legal title those machines are effectively their own. They can use
them how they want; they can recognise them as assets on the balance
sheet; they can make modifications in some cases. They are not the
legal owners - they are the 'economic' owners. That's a view of the
international financial reporting standards, things that national
governments are adopting worldwide as actual law (Europe, Australia,
NZ and eventually the US) to standardise regulation for the capital
markets.
Specifically with privacy, you don't need to own the data, but it's to
have the right to determine how certain information is used. Your
definition claims the right to exclude other parties to information.
Why do you need ownership to do that? What is privacy - try google to
define it, or Aaron perhaps tell me specific government regulation
that defines this. I've spent a lot of time on this, and part of the
problem, when privacy is thrown in, is that we don't have a working
definition that is consistent *anywhere*.
My definition of privacy[1]:
“Privacy is an individual’s right to determine what information they
would like others to know about themselves; which people are permitted
know that information; and the ability to determine when those people
can access that information”.
If I "own" information (again - note I don't use the word data, which
is meaningless as it's like a noun no one owns the English language,
only the information generated which is the association of different
data like a noun to another bunch of data like your identity), to get
all those above benefits, I need control. But how does ownership mean
I can control it? Ownership does not give you assumed rights over
that type of ownership or access. A relationship on facebook for
example - you own 40%, the friend owns 40% and facebook owns 20%. You
have a dominant ownership, but if your friend never replied and
facebook doesn't want you to take that relationship, what value does
enforcing your ownership bring? It's your information, and you can't
do anything.
When we talk about data ownership, we need to break down what benefits
ownership gives us, and to me that is the ability to govern usage.
Which again ties with privacy and the right to control how information
is used. Establishing legal title is not necessary. Facebook can "own"
my data and fill their data centres about crap that I am interested
in; but they sure as hell can't use that information without my
permission outside of their entity, because that's my right to
privacy.
http://liako.biz/2007/04/define-privacy-what-does-it-mean-to-you/
Aaron Cheung
we're usually faced with is, law'wise, if a user give a piece of data to
entity A, entity A cannot pass the piece of data (value added or not)
onto entity B, and particularly so without the user's permission. Your
points of argument are the kind of great minds at constitutional level ;-)
Julian Bond
say what those ToS *ought* to be.
Elias Bizannes <elias.b...@gmail.com> Sat, 19 Apr 2008 09:19:52
>The problem we have is one of language[1]. Why must we insist on a
>user "owning" their data? This whole concept of property ownership
>over something virtual is not necessary. And we really should
>understand the consequence of the word 'control'.
Unfortunately Copyright, Trademark, Data protection and the whole area
of IP gets in the way. You're right that it's really about control, but
the industry does talk (far too much) about ownership. "Ownership"
becomes short hand for a whole spectrum of control.
>So to respond to Julian who wants some application:
>
>"Blog entry"
>- if you were a journalist for 'The Economist', you would be getting
>paid to write articles. Your employment states you get paid money, and
>in return, you generate content. There is an agreement with the
>publisher, and you are remunerated for your services
>- if I was to post a blog entry on wordpress.com, we are talking about
>something completely different. *You* are the publisher; wordpress is
>simply the technology platform. It's almost like you are trying to say
>Microsoft Windows should own articles generated from the Economist,
>because their technology was used to produce the content. Wordpress's
>business is in utility computing, not content[2].
>- Just because wordpress.com is free for you to publish your content,
>that doesn't mean they own anything. It's their choice to determine
>how they monetise things - they may require ads to appear on content
>for free accounts, but at the end of the day, its your content. With a
>free account, you are willing to let them get economic benefit fro
>your content so you can get the benefit of their service, but it
>doesn't mean they can control that - that's your decision.
Don't focus too much on the content being a "Blog". I used that as a
shorthand for user generated content and to provide an example. And the
example I was thinking of was something like LiveJournal or a Drupal
installation. Wordpress.com is more in the hosting game where ownership
is less of an issue. And anywhere money exchanges hands (eg Economist)
there's likely to be formal contracts. It's a Blog on a community site
where the issues get murky. Or a posting in a web discussion forum. In
that case the value of the community is made up of the sum of the value
of the individual posts. Which means there are some implied rights that
the community or Community management have in the individual posts as
well as the implied rights of the person who posted it. Or to put that
another way, because the poster is not solely responsible for obtaining
an exclusive hosting service but are sharing it with others, they give
up some right over the content they post.
If in a fit of pique, a user demands that all their content is removed,
the community loses. That one can be a real problem in community
management especially where removing the content leaves holes in threads
or can result in the wholesale destruction of threads were other people
have contributed.
If value is created by aggregating the posting from lots of people, who
has control over that value and what say do they have?
>"contact list"
[snip]
There's a whole range of issues that arise here depending on the
circumstance.
- Linkedin -> Outlook
- Linkedin -> Plaxo
- GMail -> YASN du Jour
- HotMail -> Facebook
- BlockBuster -> Facebook
- Tribes -> FOAF -> FOAF Aggregator
I think this splits into three pieces
- My Profile, who can see it, how much they can see, and how much they
can take away
- My list of contacts, what data I can extract from that list and what
can I do with it
- What the business that hosts that contact list data can do with it.
--
Julian Bond E&MSN: julian_bond at voidstar.com M: +44 (0)77 5907 2173
Webmaster: http://www.ecademy.com/ T: +44 (0)192 0412 433
Personal WebLog: http://www.voidstar.com/ skype:julian.bond?chat
Screw Cap On Tightly
Bhupinder Singh Sethi
Elias Bizannes
Julian Bond
data ownership. Just maybe, the journalists will pick up on it, but
frankly they're too busy framing this as a war.
It's this privacy debate that is central to the whole data portability
drive as it relates to your list of friends. You have a claim on your
own profile data. You have a claim on your list of friends. But you
*don't* have a claim on your friend's profile data. And in that context
Facebook looks like it's trying to do the right thing while also using
it as a core part of their business model. Google is also trying to do
the right thing from the opposing public access point of view. Actually
your friend's profile data is public information. And public information
wants to be free.
So Facebook via their API are giving you access to the following about
your friends
- A Facebook ID, the identifier
- Today's profile information on each friend, restricted by today's
privacy settings for each friend
And then using their TOS to tell you not to store today's public
information. And of course using this approach to support their business
model of not letting you see all the real information without signing
up.
For DataPortability, this cuts to the core of privacy as it relates to
your social graph/Friends list. If you have a claim to your list of
friends then somewhere in there has to be an identifier. But if there's
an identifier, we can conflate the data with identifiers held on other
sites. If we have any claim to real data about each friend we can smush
that data across other sites to build up a bigger picture of each
friend. But without that real data the list is really pretty useless.
Even if we allow the friend to control what data about them we can
access, they have little control over what we do with the data
afterwards. The data constantly wants to leak out and the drive of the
technology is towards increasing open-ness.
Which is why I take a fairly harsh view about the privacy debate that is
happening here. "There is no privacy here, get over it" is really short
hand for saying that in the longer term there are only two choices; be
completely open or don't play at all. If you think you can be partially
open, you're deluding yourself.
--
Julian Bond E&MSN: julian_bond at voidstar.com M: +44 (0)77 5907 2173
Webmaster: http://www.ecademy.com/ T: +44 (0)192 0412 433
Personal WebLog: http://www.voidstar.com/ skype:julian.bond?chat
To Be Human Is To Communicate
Elias Bizannes
while ago, one of our brains in the Policy Action group.
- Ownership is relevant when there is scarcity. (He pulls that from
Karl Marx if I recall correctly. And that’s not an issue in the
virtual world.)
- Ownership is the ability to deny someone else’s use of the asset.
- So, if data is shared and publicly available, it is a practical
impossibility for me to deny use
- and if data is available in a form where I can’t control others’ use
of it, I can not really claim to own it
My own interpretation about data is based on the definitions: If you
own data, you need to define "own" and "data".
Ownership implies complete control, which can be problematic. What a
user wants, is rights over that data. This enables multiple parties to
use the same data, not dealing with the complicated issue of
ownership, but instead framing it with what rights a user has over
their data, what rights a vendor has. The reason a user wants control
over their data is not so they can amass a title deed, but so they can
get 'value' over that data. They want economic ownership, not legal
ownership - with the former being more in line with a user getting
economic value out of the data, But I shy from calling economic
ownership "owning" because it implies legal ownership - hence I prefer
the word control
Data, depends on how you define it. I've researched this, and using
the definition I extracted from a subject I did at university on
database theory, datum is an object that is inherently meaningless,
whereas information is the connection of different data to generate
meaning. The value of data comes from the ability to connect it with
other data to generate unique information.
So with the above, what essentially a user wants is accessibility of
that data - which is about being able to use that data in different
contexts - without necessarily having to export and import. It also
recognises in the value chain, raw data is useless but it only
valuable when used in a certain way - I've recently written about the
value chain of information[1]. Therefore, companies competitive
advantage is not on how much data they store, but how much innovation
they generate by using different datasets
Again - using the above definition of data, which is supported in
multiple places, no one can actually "own" data. It's like someone
owns the noun "year". Information is when you connect "1960" "year"
"birthday" and "John" - different data objects connected together to
generate meaning. No one owns that data, but a person has rights over
the usage of that data, as it is a form of information - it is data
used in a way to make a representation of someones identity. Users
control their identity, and under the protection of privacy regulation
which is adopted by countries worldwide, a person has the rights to
determine how that information is presented to other people. But the
actual data itself - without context - is useless.
[1] http://liako.biz/2008/05/the-value-chain-for-information/
Aaron Cheung
- Ownership is the ability to deny someone else’s use of the asset.
- So, if data is shared and publicly available, it is a practical impossibility for me to deny use
- and if data is available in a form where I can’t control others’ use of it, I can not really claim to own it
Would that disrupt the copyright system?
If not, then it's (still) the laws (or the civil contracts) that bring practical impossibilities to point 2 above?
Or do you mean, we don't consider that aspect (of the legal systems), just philosophical/metaphysical?..
Another way put, so you just wrote this post.. so can i just copy and paste it verbatim onto my blog
and claim that i wrote it? (while also true that you also wrote it, despite first).. Or another way put, are
words data? If not, is there a thing called information ownership?
In fact before the rise of the data portability buzz, people talk more about information portability, eg.,
as in "health information portability", as in the U.S. for quite a while... ;-) /ac.
----- Original Message -----
From: "Elias Bizannes" <elias.b...@gmail.com>
To: "DataPortability.General" <dataportabi...@googlegroups.com>
Sent: Friday, May 16, 2008 9:55 PM
Subject: [DataPortability-Public] Re: Questions around data ownership
Christian Scholz / Tao Takashi (SL)
Surely there will be always way to retrieve data, esp. if it's send to
your computer but I want at least try to come up with a solution which
ensures as much control for the user as possible.
As for policy I would think like this: I own all the data I produce
but I can give out licenses to services and users to use it in some
way. Like I can agree that my comments can be used with that picture
on every other site. I can agree that my contact details can be
exported as CSV or can be used to find me on another service (maybe on
a per-user level). So having some sort of licensing options like
Creative Commos has would probably be good (wasn't something like this
discussed?).
On the technical side it of course looks not that easy. I was thinking
about some user scenarios and need to write something down. The
problem it might come to though is more a performance problem if you
need to ask every user endpoint for permission (and maybe use OAuth to
do that).
Right now at least Second Life residents usually manage to keep their
SL identity private. But that means to signup everywhere twice. But
maybe that's the only way anyway. OTOH it might be nice to be able to
allow some close friends to see you with both identities on some
networks. But in general I think we nevertheless need use cases for
this type of things to define better what we are actually talking
about.
And as you know, I hope that not only academic discussions will take
place but also such about concrete examples of a certain area (like
social networking) ;-)
Christian
--
Christian Scholz
Tao Takashi (Second Life name)
taota...@gmail.com
Blog/Podcast: http://mrtopf.de/blog
Planet: http://worldofsl.com
Company: http://comlounge.net
Tech Video Blog: http://comlounge.tv
IRC: MrTopf/Tao_T
Aaron Cheung
"own" data, as he's said it already it depends on the definitions.. and if I could
add, it also need to have some scope, or realm, or boundary, or domain, or
level of abstraction, when talking about "data" ownership..
Say, the "cloud", as in cloud computing or cloud architecture, obviously we've
restricted our definition to exclude the sense that we're talking about the
clouds in the sky that cause the rain.. and therefore, concrete as it is, google
owns the google cloud, microsoft owns the microsoft cloud, amazon owns
the amazon cloud, and so on and so forth.. there's boundary and ownership
can be clearly defined..
Or, the level of abstraction.. say, if you ask me, what "race" I am of, expecting
that I'll give answer of caucasian, or negro, or asian, or white, whatever.. but
I'll just say, human, ie., the human race, and I already gave you the answer
without loss of the general meaning in context in your original question.. at
least I'm not saying, arms, or arms race, or horse race, whatever..
So when we talk about "data", we need some scope we can work with, in
particular, we can define ownership with.. not whether data can be owned
or cannot be owned in philosophical terms, but that we need to define data
in such a way that it can be owned, so that laws and contract terms (say TOS)
can be applied in such a way that such applicability is helpful to maintain order
and keep the (imperfect) system(s) running...
Or like "money".. we don't want your boss to tell you at the end of the month,
that, sorry, you don't own money, what salary are you talking about :-) /ac.
Elias Bizannes
With regards to your other comments about copyright
1) We are forcing our thinking to be restricted to current laws, which
are not necessarily correct. In some, they've been written in a time
that bears no resemblance to our current world. We should use current
laws for inspiration, not boundaries
2) Copyright is a separate area and I think it applies at the end of
the value chain: application of information which is knowledge (check
my blog post above where I explain this). I think data itself can't by
copyrighted (can you copyright Hong Kong the noun?) but when it
evolves to something more it may apply (copyright, privacy - lets just
use the word control). So Aaron Cheung, who lives in Hong Kong and is
a participant of DataPortability - I think you have some right to
control the usage of that language. In Australia, we have defamation
law whereby you can claim damages or seek an injunction of
representation of a person. This is different from the USA with the
bill of rights, but I think the right to privacy is something that
should be law and if people make representations of you should have
some control over that. People can argue this is not freedom of
speech, but we need to consider this with a zero sum benefit -
something saying something you don't like costs you so you should have
just as much right to restrict that.
We need to talk about control over the benefits. So copying my words,
which is not data but knowledge application that I unique generated,
is not fair. You copying it and getting the benefits is prevented
through copyright, through plagiarism social rules, etc. But you
copying bits of what I say - just the data - then you can do what you
want, because that data has no inherent value.
Aaron Cheung
Yes it is fair.. but then it would be confusing if we keep on using the "data"
term referring to its layer-1 nature, while discussing the layer-3 ("knowledge")
ownerships and rights... thus formulating that "data cannot be owned" -- in
that sense, you're right, but that would be confusing.
To the information scientists, sure there's this data vs. information vs. knowledge
distinction... but to the layman they're all the same.. for example, people use
the term database, sometimes knowledge base, very rarely information base...
if data cannot be owned, can a database be owned (yes i know here's again
issues confused.. because it is, in that respect..)
Meaning, if data is so rudimentary to the notion of information and knowledge,
in the sense that the alphabets so rudimentary to the English language -- in the
sense that you cannot own the alphabet, then perhaps we should not even use
the "data" moniker while talking about matters of its higher value chain... for
example, the users profile, we should not call it a data-whatever issue... but
rather, information-whatever or knowledge-whatever issue.. in the sense that
where there's meaning in the terms of like "data portability" and "data tranfer",
it has no bearing to the rights and ownerships at the user profiles level, because
they are at a higher level in the value chain.. meaning, we should talking about,
say, "information portability", "information transfer", "knowledge portability",
"knowledge transfer"... and hence, "illegal knowledge transfer" for plagiarism?
OMG.. :-) /ac.
----- Original Message -----
From: "Elias Bizannes" <elias.b...@gmail.com>
To: "DataPortability.General" <dataportabi...@googlegroups.com>
Sent: Saturday, May 17, 2008 1:34 PM
Subject: [DataPortability-Public] Re: Questions around data ownership
>
Phil Wolff
You might give your phone number to that hot someone you meet at a party, but not expect that number to be posted on a blog the next morning.
Giving someone at a conference a business card, only to have the recipient sell that card to a contacts aggregation service.
Sharing with a colleague the contact details of a mutual acquaintance, without sharing the content or metadata about your relationship (a string of emails and IMs and private mesages) with that colleague.
Identity conflation/consolidation comes into this too. Sometimes you want faceted identity, keeping the different food on your plate from touching. My bondage folks not mingling (as far as I'm concerned) with my political, religious, work, and PTA circles.
- I may trust fellow parents with my children's names and ages, assuming they will only use this information to our mutual benefit and that it will be conveniently forgotten after a while.
- I will share that information with the benefits manager at my employer on the provision that that it is only being used in a benefits context and that I have expectations of privacy assured by employment law.
In both of those cases I'm relying on pacts of forgetfulness and conservative sharing of my data within a circle of trust.
I think the identity folks call the propagation of expectations that comes with data "transitive trust". You may find prior art on this subject there.
The Plaxo folks make a distinction between "address book portability" which they think of as ID and contact vectors and maybe company affiliation as in business card data, and other data. They see address book data as more socially acceptable for exchange than, say the content of your phone bill (who you talked with, how often, and for how long).
I would take an aim of data portability that a person should be able to make use of "their" data on multiple sites with clarity about the visibility, persistence, and ability to withdraw (age/retire/delete) data.