Essentially its fine tuning the DataPortability vision - it got
started with a discussion on policy (as you will note) but it's
evolved to the vision and bigger picture thing. Given some recent
developments and things that will be occuring in the next few weeks
(ie, the governance taskforce's proposals), I think this is a
conversation we need to start having.
---------- Forwarded message ----------
From: Steve Holcombe <steve.h...@pardalis.com>
Date: Mon, Jun 2, 2008 at 1:51 AM
Subject: Re: Data Protection Law & Policy - invitation to write
To: Elias Bizannes <elias.b...@gmail.com>
Actually, Elias, I simply agree with you when you say that "control
over the benefits of it's usage" is preferred.
Possession is not what I am arguing for though I can understand why
you might think so because the use of the word 'ownership' carries
with it a myriad of meanings. In fact, I am arguing against data
possession and advocating for overcoming the fear factors which keep
trustworthy information from being made available to the Internet.
But more to the point, from a sociological standpoint it's really not
important how ownership is legally defined, or otherwise contractually
defined by a third-party company like Google Health. All is trumped by
how ownership is sociologically defined. That is, by how comfortable
or how fearful one feels about putting personal health information 'on
the internet'.
I have found the monetary banking industry to be a helpful metaphor
for me in terms of understanding how and why people are comfortable
with placing their hard-earned money into the hands of a third-party
institution. If you have a moment, see Banking on Granular Information
Ownership -
http://www.pardalis.com/assets/pdfs/Pardalis%20WhtPaper-Granular%20Banking.pdf
There will always be people who will prefer to hide their money under
a mattress or bury it in their back yard. But a critical mass of us
are very comfortable with the monetary banking system. Likewise, data
ownership is defined by fear factors that I believe can be largely
overcome by providing more technological control over, as you say, the
benefits of usage.
You may well find ironic that though I am an attorney in the U.S. I am
suggesting that Dataportability.org should not get bogged down in
legally defining ownership and privacy. (Heck, even the U.S. Supreme
Court has a difficult time deciding what privacy is or isn't!).
Dataportability.org should be focused instead on defining standards
for facilitating "control over the benefits of usage" that will be
exciting to a critical mass of Internet users.
The wheel does not have to be recreated to do so.
Within the realm of product supply chains, EPCglobal.org is even now
designing an architectural framework, and identifying relevant
intellectual properties, for standardizing the tracking of uniquely
identified products along supply chains. See
http://pardalis.squarespace.com/blog/2008/3/31/epcglobal-prescription-drug-tracking.html
The opportunity for Dataportability is to design an architectural
framework, and identify relevant intellectual properties, for
standardizing the tracking of uniquely identified informational
objects that provides those who post their information with control
over the benefits of usage.
The excitement for me will come when I can go to my computer and bring
up an easy to comprehend visualization of how my personal health
records are being accessed and shared within a healthcare network
according to my specific - even granular - permissions.
This is the opportunity that may be seized by Dataportability.org.
I am willing to help.
--
Elias Bizannes
http://liako.biz
Great, sounds like a good approach. Question is - how do we do this framework?
Sounds hard!
Elias,
The beginning is always a good place to start.
The mission, philosophy, approaches and principles of
Dataportability.org are a very good start (though there is a
misspelling in 'determing' in the mission on the homepage).
In the development of any such guiding language, there are hours and
hours spent on getting it right. I want to acknowledge that up front.
The following is offered in the context of 'fresh eyes' and not in any
way to speak against or be disrespectful to what has been already
created, and upon which any changes I offer must foundationally stand.
From my perspective, what I have noticed is that these guiding
statements are limited to to social networking, and further limited by
avoiding something called 'legal-precision'.
PROPOSED 'MISSION' CHANGES:
The DataPortability Project is a group created to promote the idea
that individuals should have greater technological control over the
usage of their data within networks , even when those networks are
under the control of one or more other entities. This control over the
usage of data may include determining
how they can use it,
how they can track it, and
who else can use it.
PROPOSED 'PHILOSOPHY' CHANGES:
You should be able to decide what you do with that data and how it
gets used by others
Within social networks, Open Source solutions are preferred to closed
source proprietary solutions
Within social networks, bottom-up distributed solutions are preferred
to top down centralized solution
Within supply chains, closed source proprietary solutions may be
preferred to Open Source solutions
Within supply chains, closed source proprietary solutions may be
preferred to Open Source solutions
PROPOSED 'APPROACH' CHANGES: [No changes recommended. Looks good.]
Promoting the philosophy and data portability ethos in the marketplace
Promoting the use of existing standards that enable data portability
Encouraging the development of those standards in ways that facilitate
data portability
Engaging with individuals, services and standards bodies with similar
views where their scope is relevant
Identifying new standards that are required to fulfill the data
portability vision
Making the output of the DataPortability project freely available to
anybody and everybody that wants to make use of it
PROPOSED 'PRINCIPLES' CHANGES:
To be open to anyone, whether individuals, companies or organizations
To reach resolution by consensus
To have transparency in decisions
To prefer collaboration of existing efforts over invention of new
technologies. [ I would strike this bullet point as unnecessary and
perhaps even counterproductive. It is already a given that any
organization like Dataportability will gravitate toward existing
collaborations. Explicitly stating so and then adding a preference
against new inventions is essentially - as a practical matter -
creating a chill against new ideas. I would hope that this is not the
image that Dataportability.org wants to project, or a practice that it
wants to codify.]
PROPOSED 'WHAT DATAPORTABILITY IS NOT' CHANGES:
We are not a group focused on creating new technologies.
DataPortability intends to work with tools that already exist today.
[Again, I would strike this bullet point for the reasons stated above
under proposed 'Principle' changes.]
The group is primarily focused on consumer facing technologies and not
those aimed at corporate internal use.
We are not an organization that mandates single solutions. We
recognize that there are multiple solutions and standards that can be
used to create data portability.
We are not going to push approaches that force data into the public
that shouldn't be. The owner of the data should control what parts are
made publicly available, to whom, and how they are used.
A legal entity providing legal-level precision.*
* I'm not sure what this bullet means but here is my reaction to it ....
Our consumer markets are regulated by laws. I have been pleased to
join this discussion because of issues revolving around the legal
definitions of data ownership and privacy vis-a-vis consumer markets.
Whether or not Dataportability.org becomes a legal entity or not, it
cannot avoid dealing with legalities to a certain degree. One of those
legalities that Dataportability.org cannot avoid is that of IP.
Proactively, Dataportability.org might consider taking on this issue
directly by building a database of relevant pending and issued
patents. It may do so not by making legal pronouncements as to whether
a certain intellectual property is a 'winner' but merely as to whether
certain IP may be relevant and its categorization (document
management, object authoring, XML sharing, security, etc.).
Dataportability.org, no matter how much it philosophically leans
toward Open Source, cannot ignore the legal physics of our
marketplaces that recognize that IP is not just limited to a developed
software design, method or tool but it is also the patent or pending
patent upon which software has been developed, designed or methodized,
or will be developed, designed or methodized.
This does not have to be an expensive process. The process can begin
with the formation of a Dataportability.Action.Patent group made of
members who are truly interested in rolling up their sleeves, actually
reading some patents top to bottom, and making helpful comments. This
is one of the principle reasons for the creation of the Pardalis Data
Ownership Blog - to build a Patent Library and a Reference Library.
See http://pardalis.squarespace.com/blog/. The blog's Patent Library,
for instance, currently holds about 30 'interesting' patents relevant
to data ownership and the emerging semantic web. Two of those patents
are held by my company but my point is that all of the patents
(including my company's patents) are subject to comment by visitors to
the blog. This is an 'open source' approach to soliciting comments
upon the relevancy (or not) of IP. You can't go to the United States
Patent and Trademark Office at http://www.uspto.gov and comment on
issued or pending patents. The Pardalis Data Ownershp blog offers a
way to respectfully do so.
Will look forward to hearing back from you, Elias.
Best regards,
Steve
From: "Elias Bizannes" <elias.b...@gmail.com>
Sent: Monday, June 02, 2008 5:47 AM
To: "Steve Holcombe" <steve.h...@pardalis.com>
Subject: SPAM-LOW: Re: Data Protection Law & Policy - invitation to write
Great, sounds like a good approach. Question is - how do we do this framework?
Sounds hard!
On Mon, Jun 2, 2008 at 1:51 AM, Steve Holcombe
wrote:
---------- Forwarded message ----------
From: Elias Bizannes <elias.b...@gmail.com>
Date: Tue, Jun 3, 2008 at 9:30 AM
Subject: Re: Data Protection Law & Policy - invitation to write
To: "st...@pardalis.com" <st...@pardalis.com>
Cc: "<chris...@gmail.com>" <chris...@gmail.com>
> Hi Steve, some quick points sorry I can't be more detailed.
Sent from my iPhone
On 03/06/2008, at 2:27 AM, "Steve Holcombe" <st...@pardalis.com> wrote:
Elias,
The beginning is always a good place to start.
The mission, philosophy, approaches and principles of
Dataportability.org are a very good start (though there is a
misspelling in 'determing' in the mission on the homepage).
In the development of any such guiding language, there are hours and
hours spent on getting it right. I want to acknowledge that up front.
The following is offered in the context of 'fresh eyes' and not in any
way to speak against or be disrespectful to what has been already
created, and upon which any changes I offer must foundationally stand.
>Understood. Let's go! My only request is that there is no reason to have this discussion >privately and would rather it in the steering action group mailing list.
From my perspective, what I have noticed is that these guiding
statements are limited to to social networking, and further limited by
avoiding something called 'legal-precision'.
PROPOSED 'MISSION' CHANGES:
The DataPortability Project is a group created to promote the idea
that individuals should have greater technological control over the
usage of their data within networks , even when those networks are
under the control of one or more other entities. This control over the
usage of data may include determining
how they can use it,
how they can track it, and
who else can use it
>I have issue with using the term technological control - would rather keep it broad for now. I >also am not sure that a definition of control is to be contained with the mission but rather >an appendix or glossary. Networks I'm 50/50 but refer to my other comments below
PROPOSED 'PHILOSOPHY' CHANGES:
You should be able to decide what you do with that data and how it
gets used by others
Within social networks, Open Source solutions are preferred to closed
source proprietary solutions
Within social networks, bottom-up distributed solutions are preferred
to top down centralized solution
Within supply chains, closed source proprietary solutions may be
preferred to Open Source solutions
Within supply chains, closed source proprietary solutions may be
preferred to Open Source solutions
>Whilst we may promote open royalty free standards, that doesn't mean proprietory closed >solutions can't fulfil our mission or that we are open source.
>Whilst I agree distinguishing supply chain from social network is a good move albeit not >quite a consistent approach given social networks are a product and supply chains a >process I am a bit nervous about what you've suggested. With all due respect and I don't >say this with any malice, but this favours the Paladis business model from what I >understand without clearly explaining why we need to go with that approach.
>My preference is that we drop this altogether. It is certainly a change that requires a full >meeting to discuss. I much prefer a broad approach that can be applied to multiple sectors. >Exceptions only when necessary (ie, specific industries may have unique characteristics)
PROPOSED 'APPROACH' CHANGES: [No changes recommended. Looks good.]
Promoting the philosophy and data portability ethos in the marketplace
Promoting the use of existing standards that enable data portability
Encouraging the development of those standards in ways that facilitate
data portability
Engaging with individuals, services and standards bodies with similar
views where their scope is relevant
Identifying new standards that are required to fulfill the data
portability vision
Making the output of the DataPortability project freely available to
anybody and everybody that wants to make use of it
PROPOSED 'PRINCIPLES' CHANGES:
To be open to anyone, whether individuals, companies or organizations
To reach resolution by consensus
To have transparency in decisions
To prefer collaboration of existing efforts over invention of new
technologies. [ I would strike this bullet point as unnecessary and
perhaps even counterproductive. It is already a given that any
organization like Dataportability will gravitate toward existing
collaborations. Explicitly stating so and then adding a preference
against new inventions is essentially - as a practical matter -
creating a chill against new ideas. I would hope that this is not the
image that Dataportability.org wants to project, or a practice that it
wants to codify.]
>This is actually an important point and changing this is going to be difficult as this is what >was agreed a long time as to the image we want to project. Just flagging this - can explain >why if need be.
PROPOSED 'WHAT DATAPORTABILITY IS NOT' CHANGES:
We are not a group focused on creating new technologies.
DataPortability intends to work with tools that already exist today.
[Again, I would strike this bullet point for the reasons stated above
under proposed 'Principle' changes.]
>As above.
The group is primarily focused on consumer facing technologies and not
those aimed at corporate internal use.
>This is existing and I think it needs to change.
We are not an organization that mandates single solutions. We
recognize that there are multiple solutions and standards that can be
used to create data portability.
>Maybe. Not sure if this is existing, but requires discussion. For the record this is my >current view, but I just mention that this has not been always the case.
>Interesting. I agree about the point that it doesn't make sense. But your interpretation is a >point in itself.
---------- Forwarded message ----------
From: Steve Holcombe <st...@pardalis.com>
Date: Tue, Jun 3, 2008 at 11:19 AM
Subject: Re: Data Protection Law & Policy - invitation to write
Sorry, Elias. Not trying to communicate off the grid. Apparently his
'Reply to Author' instead of just 'Reply'. You are welcome to repost
my communications and your responses as unabridged. Steve
________________________________
From: Elias Bizannes <elias.b...@gmail.com>
Sent: Monday, June 02, 2008 6:39 PM
To: "st...@pardalis.com" <st...@pardalis.com>
Subject: RULEONE Re: Data Protection Law & Policy - invitation to write
Hi Steve, some quick points sorry I can't be more detailed.
Sent from my iPhone