Wednesday, March 16, 2016

Posting on Medium now

I've started to post on Medium and will update this blog when I post something new there.

Posts can be found at this link.  The main one is There's a Hole in the Internet, from March 16, 2016. A different angle was covered in Facebook’s strategic plan is working brilliantly. That’s really bad for humanity., from August 10.  The original essay is The cloudspace solution: Let's fix the Internet, which was posted on November 15, 2015, adapted from a post that appeared here last July.

Thanks for reading!

Art

Monday, June 8, 2015

The Cloudspace Solution: An Internet White Paper


I've written a White Paper describing my proposal to fix the Internet.  In this version I introduce the term "cloudspace" to describe the personal data stores we need so we can stop giving our data away on the Internet.

Here's the link to the file on my Google Drive (PDF, 10 pages):
http://bit.ly/1T84DUh

Saturday, April 11, 2015

Flip the data model

I've written before about how we can permanently fix the Internet.  But those posts kind of jumped right to implementation and adoption, without ever really focusing on the basic principle that makes the theory work.  To fix the Internet, all we really need to do is flip the data model.

The data model we use today is as precisely screwed up as it can be.  Here's what we do: we take our most personal and private data and we hand it over to strangers.  That's insanity, because the moment we do that, we surrender any claim to equality in the relationships we conduct.  The entirely predictable result is the exact types of abusive behavior we're seeing.  And the calculus is that it only gets worse over time, as we keep feeding the machine.

It makes far more sense to adopt a data model where we hang on to our stuff, and then share only what we want to.  This ridiculously simple concept changes everything 180 degrees.  That's what I mean by "flip," because we go from a state where we have absolutely no control, to one where we're in complete control.

This basic thought was made clear to me recently when I read "Data And Goliath: The Hidden Battles To Collect Your Data And Control Your World" by Bruce Schneier.  This deeply insightful, fastidiously researched, and thoroughly depressing book documents the many ways our personal data is exploited by privacy abusers, spy agencies, censors, and cybercriminals.  But all of it is only even possible because we willingly give everything away in the first place.

In my prior posts I focused on social and collaborative data -- the Facebook posts and emails and IMs and file shares.  That's where your average end user feels the most pain.  We all know that our stuff is being harvested and misused by people we can't trust, for purposes we don't like.  But we're all under the collective illusion that it's the price we have to pay to participate in the digital era, so we hold our noses and accept this Faustian bargain.

The truth is, it's not necessary at all.  In fact, it's suboptimal in many ways beyond just the loss of private data.  To touch on one, having your data scattered across all these different repositories makes it far less useful to you.  Putting it in one place allows you to search and manipulate and control in ways we can't even dream of now.  That's another example of the "flip": as your data accrues, its value increases to you, instead of feeding the privacy problem that Schneier documents so clearly.

And that personal data corpus is going to grow exponentially either way.  Think of all our Fitbits and Nests and the emerging Internet of Things.  Shouldn't all that data be retained for your exclusive benefit?  Your browsing history, your GPS data, your medical records, your commercial interactions -- these are all examples of data that are specifically tied to you as a human being, yet are stored in places you have absolutely no control over.

I still believe that social/collaborative tasks are where people will get the most immediate benefit, and drive adoption of private, encrypted personal cloud spaces.  With open identity and communication APIs on top, anything that now requires a service can be achieved with a simple app.

But here's the biggest thing.  With this new model in place -- one that's just better in every meaningful way -- we'll have a powerful, universal mechanism to administer our rights to privacy and dignity.  In the commercial space, we'll be able to favor companies with business models that don't rely on exploiting our personal data.  And in the legislative space, we'll have a data destination that enables laws designed to protect our privacy.

Anyway, I wanted to note the basic principle embedded in my prior posts, because it's the essence of the permanent solution available to us.  Put your feet up on your desk and think through it yourself.  As before, I invite you to have this conversation, with me or with others who are working on the problem.  Whether it's the free and open solution I've proposed, or another approach I haven't considered, we need to flip the data model.  Because once we achieve that, we'll take back the Internet.

Sunday, December 7, 2014

A simple proposal to fix the Internet

I've developed a really simple theory about why the Internet is so messed up, and how we can fix it.

The Internet is fundamentally broken because all the power is held by the services you use.  And that's working out about how you'd expect, with this asymmetric control leading to all kinds of nasty problems -- for example, privacy abuse, mass surveillance, and censorship.

But what's the source of that power imbalance?  It's your identity.  Specifically, it's the fact that the Internet is designed so that user identity is owned by the service provider, not the user. And it's what drives the bizarre condition where you need to give your stuff away to strangers for it to be useful to you.

My theory is that's all you need to fix.  Below I will propose a free and open cloud service that lets you manage your own identity, and keep all your stuff private.  That fixes all the problems above instantly.  More importantly, you'll discover that your stuff is waaaay more valuable to you when you don't give it away.

Imagine this simple cloud widget:
This service empowers you to manage your OWN identity on the Internet, instead of letting strangers do it for you. Let's call it a cloudspace. It's completely free, and works exactly like all the cloud services you use today, except it's all in one simplified place.

The key difference is that, when you sign up, instead of adding your stuff to some big shared database, the service creates a private database just for you.  That's your cloudspace.  It's where you stash all the digital stuff you now scatter all over the place. And since the cloudspace is also your communication app, it saves data from all your interactions going forward.

Your cloudspace is completely private; it's encrypted with a key only you possess, so even your cloud service provider can't see anything inside.  You own this database -- both legally and administratively -- so you can move it anywhere you want, including to competing services.  And since everyone's cloudspace is encrypted separately, there's no central point for anyone to spy on, censor, or attack.

Today most of your digital stuff is generated by interactions.  Therefore your cloudspace acts as your personal interface to the Internet -- to other cloudspace users, as well as the Web. It's designed so you can explicitly declare your identity for any interaction; you can even have multiple identities, or remain completely anonymous.

Cloudspaces can "friend" each other, permitting people to self-assemble into any (private or public) networks they choose. All the social/communication modalities you use today are supported, only better, because (among other things) all interactions between cloudspace users are encrypted. And organizations and businesses can also participate, so your cloudspace enables you to manage all those relationships in one place.

Your cloudspace is radically programmable, which is what enables it to perform any social or collaborative function, including future innovations. Anyone can write a Facebook-like or Twitter-like app, for example.  What's different is that apps can only read/write to your cloudspace, not take your data away to some place you don't control. Rich open APIs, and the breadth and depth of your data, will drive amazing solutions, all for your sole benefit as data owner.

The cloudspace software uses existing cloud technology.  Its core design is open source and open standard, so no one can ever own or control it. Economically, it removes all those perverse incentives that have screwed up the Internet, all while keeping it free for you and me.

But most importantly, it restores privacy as the default condition for human identity on the Internet.
----------------------------------------------

The narrative above is derived from a simple insight I had in late 2013, when I was thinking about all the bad things we suffer on the Internet today.  Instead of viewing these problems separately, I scanned for a common weak link, and it kind of jumped right out. The age-old identity weakness -- represented by the humble login/password paradigm -- drives everything from privacy abuse, surveillance, and censorship, to cybercrime, to everyday pains like password management and data backups.

In May I wrote this idea up and published it here on the blog, where nobody would see it.  I’ve had opportunity to refine and update that piece since.  That's the definitive document with the white paper-y treatment, including the technical specifics (spoiler alert: it's a standard JSON database with an API wrapper).

Below I will summarize the main points of the theory; this should enable you to start seeing the world as it would be with a user-centric identity model in place.  If you are like me, you will have a moment every day that proves the value in fixing identity.

-----------------------------

Here’s the opportunity, in a nutshell:

Instead of accepting a state where our identities are created and managed by others, we simply need to claim control of our own.

As I noted above, the root problem is the login/password paradigm.  It’s a model that dates to the earliest mainframes.  It’s been that way for so long that we simply don’t question it: our presumption is that the host is responsible for the creation and management of its users and identities.

But that model means that, once we create an account and start putting our data somewhere, it becomes impossible to move or in many cases even retrieve our data.  And if our friends have accounts with the same services, that raises the exit cost substantially too. And in cruel irony, this multi-account complexity is so painful, it's sparked the emergence of the "Login with Facebook/Google" buttons... quite possibly the worst idea ever, since it merely grants more data to the corporations that represent the biggest problems already.

That's why these services can continuously turn the screw on us in their Terms of Service (ToS) updates.  Facebook, for example, now tracks you across the Web and by your physical location.

But does it have to be this way?  Actually, not at all, especially in the era of the API Economy, Semantic Web, and Internet of Things.  With Cloud Composable Apps, that's not even a very hard technical problem anymore.

The cloudspace represents a new class of Internet “endpoint,” one that exists solely to represent the interests of the end user.  (You and me.)  The cloudspace is designed with two major concepts in mind:
  1. It’s a single place to store your “stuff” -- everything from files and videos, to your social interactions, to the data generated by your Fitbits and Nests and the coming Internet of Things.  It's completely private, except for the things you explicitly and precisely share.
  2. It’s your entry point to the Internet, where all interactions with others, and with companies and services, and any digital artifact, can be done in context of your own definition of who you are, not someone else’s (partial/corrupt) image of you.
The changes from adopting this model are instantaneous and dramatic:
  • Nobody can see your stuff anymore except you, and even your interactions with others can only be seen by participants.  That kills privacy abuse, surveillance, and censorship in one shot.
  • You no longer rely on third parties to facilitate interactions; these happen directly between users, with complete privacy. The result is a new “atomic Internet,” where you're logically equal to every user, and to the services you choose to use.
  • With a framework in place that supports authenticated, secure interaction between any two parties, you gain abilities to dramatically improve everything from commerce to content rights to legal arrangements (e.g., no more “contracts of adhesion”).
  • Because only a free and open source approach can deliver this framework, it insures against anyone having the ability to ever again assert control over your identity.
We've all heard the experts say "there's no technical solution to these problems."  I call BS.  As a product guy, I know you've just got to find and exploit your natural leverage.  In this case the end user has it, as the creator of the data.  The cloudspace simply asserts this leverage, and puts it to work for the benefit of the end user.

I know that a lot of people -- I'd say most people I know -- would love a solution to the Internet's problems of privacy abuse, surveillance, and censorship.  I think I've envisioned one that works, and actually does a lot more than that.

But as I also stated in my earlier post, my sole objective is to initiate this conversation and drive people to recognize the root problem of digital identity.  If we can fix that, I am convinced we can literally fix the Internet. I'm happy to hear any thoughts that help us toward that outcome.

Sunday, May 4, 2014

Identity 2.0

Is it just me, or has the Internet been turning into a really awful place?  The privacy abuse, surveillance, and censorship alone make it painful to contemplate the future, or even envision solutions.  We're like the proverbial boiling frogs, and the heat's turning up so high we can't help notice it, but yet we still don't jump out of the pot.

I was thinking about how ridiculous and depressing this was, when I suddenly realized that maybe we're not looking at the right problem.  The real root problem -- for all of it -- is identity.  And that's actually much easier to fix.  And we can do that ourselves.

See if this makes sense.

In the digital world, we’ve been split into a zillion shards of data, which are stored and traded by people we don’t know, and who continuously harvest it in pursuit of profit.  Our personal data has literally become the raw material for the bad behaviors we see.  We've lost control of our identities.

But maybe the problem isn’t that anyone is taking away our identities.  Maybe the problem is that we’re willingly giving them away... to strangers.  And when you put it that way, it's obvious that cannot ever end well.

So... What if all our stuff just remained private?  What if it were visible only to ourselves and those we choose to share it with?  What if all our interactions took place directly between us and our network, without the need for any third party services at all? 

Well, we could have social networks without Facebook, tweeting without Twitter, photo sharing without Instagram, email without Gmail, and IMing without, well, whatever multiple networks we all use today.  There’d be no need for YouTube or Tumblr or Pinterest or WhatsApp or SnapChat or Dropbox or any of it.

What if we could simply bypass these services altogether, and do all that creating and sharing privately amongst ourselves?  What if it was just… us?

I’ll tell you what would happen.  We’d take back our digital identities.  With this simple flip in perspective, we'd gain active command and control of our digital lives.  At the same time, we'd end all of the problems that result from giving our most personal and valuable stuff away to strangers.

We’d each retain ownership of everything we create, and be in precise command of what is shared, with whom, and under what terms.  Since we’d possess all our data (both things we create and things that are shared with us), we’d gain the ability to view and search and present everything in ways that simply don’t exist today.  And as an incidental outcome, we’d collectively create a whole new identity framework, one that would drive major innovation anywhere security and privacy are important.  Which is everywhere.

In this post I will propose a model that, I believe, can achieve this vision.  Its core component is a new atomic element for the Internet, the cloudspace.

The cloudspace interoperates seamlessly with today’s Internet, while adding a missing layer of personal privacy.  It supports every feature of every cloud service or social network, yet improves upon all of them in fundamental ways.  And like the World Wide Web, it’s free (free as in beer, and free as in open), so there's no owner, and no one can ever extract a tariff from the people who rely on it.  At the same time, it provides vast opportunities for innovation and even monetization -- just not in any way that involves seeing our private stuff.

And because it must be, Digital Identity 2.0 is a model that’s completely opt-in, at the beating heart level.  Anyone can join, and nobody can stop anyone else from joining.  The benefits start the moment there are two participants, but grow exponentially, in proper network effect fashion, with each person who adopts it.

To understand the proposal, first you need to understand how badly digital identity is screwed up today.

Identity 1.0

In a nutshell: the world has completely botched the implementation of identity in the digital world.  We're still using the same login/password model, unique to each service, that predates the Internet.  Is that really an accident?  Think how far we've come in so many other areas.

This seemingly prosaic annoyance is actually the root cause of many of our biggest problems.  Because we accept a 1960s-era identity model, control has been effectively surrendered to the people who provide these Internet services -- even though we instinctively know that they are more dependent on us than we are on them.

Because it seems out of our individual control, we accept all these awful problems as the price of creating and sharing content.  Every day we suppress this resentment as we spray many shards of data across multiple apps and services, where we explicitly give strangers control over our content, and allow them to monitor our actions.  (Prime example: Facebook has been able to track us across the Internet since its last terms of use update; in 2015 they'll be able to track us physically 24/7 via GPS.) 

When you consider all this, it becomes obvious that the only real solution is to stop letting those apps and services see what we do in the first place.  But clearly that won’t happen if it means foregoing all the things that these services enable us to do -- all the posting and tweeting and sharing and IMing and emailing.

Here's the dirty little secret.  None of that stuff we sell our souls for is magical, or even remotely hard, from a technical point of view.  Virtually all of it is defined by open standards and/or established conventions.  The only leverage is our need to hang where our friends are hanging, and our collective illusion that we need Facebook (or whomever) to do that.

Drop that illusion and things change in an instant.  For the people violating our privacy, spying on us, or trying to control what we see (hi Zuck), the nightmare scenario is a simple one.  If we grab control of our own identities, we will starve the Internet of the very content that it needs in order to abuse us.

And let me be crystal clear about this.  Once a cloudspace framework is in place, Facebook is obsolete.  Nobody needs it any more, and I suspect most people will be more than happy to escape its clutches.  In fact, obsolete is ANY service that relies on user data to profit: Gmail, Twitter, LinkedIn, Dropbox, Instagram, SnapChat, YouTube, Tumblr, Pinterest, Uber, etc., etc., etc.

Because, when we can do all this stuff ourselves, privately and securely, what's the value of those services going forward?  If they adapt fast enough, there may be a way to retain some partial value in directory or orchestration services, but good on them if any can make it worth our money.  On the other hand, any profit model built solely on seeing our private stuff is well and truly borked.  And that's a good thing.

Identity 2.0

To visualize the changes described above, consider this simple diagram.  (Click to embiggen.)


Today is Digital Identity 1.0.  All interactions take place between us and some cloud service, which then completes a corresponding transaction with our intended party.  That’s what lets these services see what we do -- they insert themselves as middlemen.  Then, through contractual terms of use, we are rendered subservient.  And we must remain that way to keep using those services.

With Digital Identity 2.0, everything transacts directly between the parties, with no middleman required.  The difference is the green circles, which represent each user’s cloudspace, and automatically handles all interactions without compromising privacy or security.

Technology Architecture

The model requires three primary components; all three are net new solutions, but are built on existing technology -- some of it only recently available with the emergence of the "API Economy."



The main component is the cloudspace, which is simply a digital identity database -- a private “lockbox” for all the content you create, and where you manage sharing when you choose to do so.  It's a personal data vault: it's like your Documents folder, plus your social interactions, plus everything you generate in the future.

Once the cloudspace is in place, two new categories will complete the picture: cloud hosting to handle the database interactions; and apps to manipulate and present the data.

1. Cloudspace
The primary component is a standard JSON database -- a modern, cloud-aware database, to be sure; and we’ll take full advantage of its capabilities.  But it’s just a data bucket, like your device hard disk or Dropbox or Google Drive.  And since it’s just a single computer file, it’s compatible with any technology or platform.

Each user instantiates his or her own cloudspace; the signup requires only an email address.  What happens behind the scenes is what's different. 

The service creates a private data store for each user, encrypted so only the user can see.  Everything inside is manageable, via any tool written to the APIs.  This becomes your personal filespace, for all the things you currently store locally or on a network drive -- files, photos, videos, music, etc.  It also houses all the social or collaborative content you create -- your posts, tweets, IMs, email, etc. -- and orchestrates all the stuff that is shared by other users.

Perhaps most importantly, it's the destination for the coming explosion in personal data that will be generated by the "Internet of Things" -- all the GPS, Fitbit, Nest, home automation tools, etc. that will proliferate in the next few years.  That stuff is now scattered everywhere and it's growing worse; shouldn't it all be someplace only you can see?

Unlike all the drives and backups we need today, this single data repository can grow with you over your complete lifetime, since it’s cloud hosted and managed.  And because the cloudspace is standardized and self-contained, moving between cloud hosting services is easy and fully automated.

Through your content and interactions, your cloudspace forms the authoritative digital representation of your identity.  It grows and changes with you -- just like a real identity.  It's a single place to manage your digital identity; you're in complete control.

The database itself contains no application logic; it really is just a container.  But it has some quite useful data features, including the ability to sync efficiently/differentially across multiple copies, and a rich API set to expose its contents securely to other databases and applications.  It will have a radically extensible schema to support virtually any data type, now and into the future.  And it will have a ridiculously long private key that will prevent its encryption from getting cracked by anything short of a future quantum computer -- yet still be upgradable to keep up with such advances over time. 

There are a couple other critical elements to the design of the identity database.  First there’s a certificate that identifies you as the owner of the database, to other users and to applications.  It requires no third party certificate authority, because like your offline identity, its validity is proven over time based on your activities and relationships (e.g., a cloudspace that pays all your bills is pretty sure to be you).  It works because it always represents you -- just as a real-life identity does.

The other critical element is your contact list, which in this model becomes your social network.  Much like getting “friended” on Facebook, someone can request to be added to your contact list.  Since this is an automated process between the two users’ cloudspaces, the contact can be stored (and continuously synched) complete with metadata describing membership in public/private groups and other unique constructs, as well as preferences concerning communication and sharing.  And since your social network is now in a place where it’s completely under your control, it’s easy to fine-tune your personal groups for easy sharing, in a way that works the same across the different interaction modes. Because of these factors, the cloudspace model will peg the EFF’s Secure Messaging Scorecard.

The database itself must be open source, perhaps derived from Apache CouchDB or another mature player in that space.  Open source code is critical for this component, to eliminate the possibility of “back doors” that can hide within closed source software, and to assure that all APIs are known.  Its open source nature keeps the critical storage component of the cloudspace from ever falling under the control of anyone who can extract tariffs.

With this infrastructure in place, other opportunities to improve digital interactions appear.  For example, if you are like me, today your electric bill appears as an email notification, and you go to the company’s site to pay.  Then you get an email confirmation.  The transaction takes place fully on the company’s site, and they retain all the information, not you.  Sure you can always go and review your records there, or save the emails, but you'd need to do the same for your car payments, mobile phone, and for all other specific customer relationships you’ve accreted over the years.

With your cloudspace, the electric company could simply share the bill with you (companies can have identity managers too), and you could review and push payment in your cloudspace's UI -- theoretically the vendor wouldn't even need your payment account info.  Then everyone has a verified and complete record.  On your side, you could view all your bill payments in one place, or even integrate with financial apps automatically.

2. Cloudspace Hosting Services
For your cloudspace to be useful, it must communicate with other cloudspaces, and that can only take place in the cloud.

It will require the development of a new service type, but one that’s little different from Dropbox or Google Drive.  The big change is these cloud services mimic a file system, but your cloudspace does that for you.

The host only knows you have one file, and must simply support the API orchestrations.  This is how cloud is changing technology, as today leading cloud services handle billions of API calls every day.  It’s all about making the authenticated connections, at speed and at scale.

Like the cloudspace database, there will be an open source cloud hosting app, probably based on OpenStack and Docker, so anyone could offer it.   Service options could range from fee-based to ad-supported to free, but will compete on the speed and reliability of their API processing.  A power user might happily pay a modest price for high performance.  A casual user might accept more latency, or (non-profiling) ads, for a free service, while still gaining all the identity benefits.

In some cases the APIs will be used to actually deliver data (e.g., email and IM), where in others they might use links or pointers (e.g., video and file sharing).  The critical part is that all of these activities take place within the context of each user’s authenticated identity and assigned permissions, and are encrypted end to end.

Imagine one big change: with some simple directory/aggregation services (an opportunity vector for ecosystem players), Youtube would be obsolete. People would just post their videos to their cloudspaces and specify the sharing as public, and the cloud service does the rest.  This would be especially attractive to bands or other organizations, who could decide how their content is presented (e.g., with/without ads), and establish direct relationships with their viewers.

That’s the primary role of the cloud hosting services.  Note that most services will also play in the app component space, discussed next, with device and/or browser-based capabilities for both content management and administration.  Notably, this will likely become your browser home page -- a highly customizable aggregation of everything important to you personally.

3. Apps
Equipped with this private digital space, you will need apps to manage all the posting and sharing and IMing and emailing -- equivalents to tools and services you use now on the public Internet.  Since the cloudspace really only has storage capability, the operational capability must be provided separately.  As you will see, this is a strength of the model, as it allows for universal platform support, and provides dramatic differentiation possibilities.  What now requires a complete service, with redundant database/hosting/sharing capabilities, instead only requires an app -- because the hard part is already done.  It’s especially appropriate for the mobile device space, where rich native client apps are in high demand.

It’s through apps (including the hosting service app discussed above) that you will interact with your cloudspace.  Apps may also range from free to ad-supported to commercial.  Like the cloud hosting component, if someone delivers value that people are willing to pay for, there’s a well-understood business model to use.

When you log into your cloudspace, your app(s) will interact with the content according to specific permissions you grant.  Apps provide the user interface, and abstract the functionality inherent in the cloudspace APIs.  In this way, you could choose an app based on lots of different factors and preferences.  For example, you might want an app that comprehensively manages your identity across different modalities (e.g., social, email, IM).  Or you might prefer targeted apps for a particular function (e.g., editors for files you create and store in your database).  Or you might want different apps doing the same things across mobile and desktop devices.  Since they’re all using the same data source, it’s completely flexible.

Similarly, the cloudspace also contains APIs and other constructs that are especially useful in its role as an identity management tool.  For example, it contains the aforementioned certificate services for authentication and encryption.  It also has a live friend/contact list, to richly manage relationships and groups.  And it has a facility for managing multiple aliases, so we may present as different users to the Internet (or as anonymous), yet see everything in one view on our side.

Other innovation opportunities open up simply because the data is in one accessible place.  For example, instead of being stuck with whatever sorting algorithm a service wants to force on its users  (“Top Stories,” anyone?), you could filter and tweak your social feed based on an app’s innovations in this area (please a “mute user” button!).  Or you might use an app that combines all content into one feed, creating a truly “universal inbox.”

Because all the components are cloud-aware, apps have a lot of flexibility.  For example, an email app may request a local copy of all email content, while a social network app might prefer to leave its data in the cloud and access it remotely, allowing the cloud service to pull all the data together for presentation.  That option exists in the cloudspace's APIs, which can create and sync subset copies of content based on the data requested.

The cloudspace also delivers state-of-the-art security, supporting multiple levels of permissions.  The ability to read or post something, in a specific app, could be controlled by a simple password (or fingerprint).  Escalated rights, perhaps with 2- or even 3-factor authentication, might be required for full data views, configuration changes, or content deletions.  These capabilities are also built into the cloudspace, not the apps you use, but would create great flexibility in app design.

Finally, since the apps can surface any data stored in the cloudspace, you gain capabilities you seldom see now on any public service, let alone all the services in one view.  It's the personal panopticon.  You will finally be able to find that old post that you made and want to comment on again.  And the ability to do personal analytics across your complete data set, privately, can deliver personal value without the profiling you get on the public Internet.

You could even apply digital rights management (DRM) to the content you share, something that's loathsome in the way the DMCA defines it, but extremely valuable when everyone's an equal.  You could delete something in your cloudspace with the assurance that it will be deleted everywhere, or you can prevent forwarding/resharing, etc.

Conclusion

If this post contains one insight, it's this: the only way to keep our identities from being abused is to keep our identities private.  But to do that, we need to change the fundamental nature of digital identity.  Fortunately, that may be relatively easy to do -- at least when compared to individually addressing all the identity-based problems we suffer today.

With the cloudspace, I have attempted to describe one possible solution to the digital identity problem -- one that, if it actually works, will truly restore power to the user, and solve most of our privacy and surveillance problems.  That's huge by itself.  But it will also greatly mitigate other issues like censorship (everything is encrypted), spam (every user is authenticated), passwords (you only need one), platform inconsistencies (native apps can all use the database), and system crashes (all your data is in the cloud, backed up).

I wrote this because, like many people, I am extremely troubled -- no, offended -- by these basic, but seemingly intractable Internet problems.  I just feel that there’s got to be a better way.  To me, the technical challenges seem solvable -- although like all product managers I have at times been guilty of underestimating development complexities.

I also understand that there are powerful corporate and government interests who don’t want all your stuff to “go dark” to them.  And I don’t underestimate just how hard they would fight.  Just the disruption to existing advertising and monetization frameworks would be huge.  But I also think that, with this approach or any other that enables direct, private, encrypted interactions, there’s not much anyone could do to stop it. 

And really, if Facebook or any of the other disintermediated companies were to be smart about it, they’d leverage existing skills and insights to profit from the app and/or cloud hosting opportunities, conceding that their business model must pivot away from profiting from our personal information.  But if I was to bet, they'd probably be outmanoeuvred by someone who does it better, and/or gets there faster.

So that's my simple proposal to fix the Internet.  I do hate to appear un-humble, but in this case, yeah, the ambition is that big.

I published this as a blog post for peer review -- the foundation of science, even among crank bloggers.  But even if this approach is proved unworkable, I’d like to hear what people think -- either publicly here, or privately via links at the top.  Most of all, I want to contribute to the discussion that we need to have about how identity should work in the digital era.

Arthur Fontaine
May 2014

Sunday, February 23, 2014

General Systems Theory

Introduction

General Systems Theory (GST) has been called "the skeleton of science." That's pretty apt, because GST illuminates the scaffolding upon which the universe is built. 

In its simplest formulation, GST states that everything is a system. Once you realize that, you begin to see behaviors and characteristics that are common to everything in the universe. These simple concepts ease the process of understanding anything -- from the simplest physical structure to the most complex conceptual construct.

GST was developed by Austrian biologist Ludwig von Bertalanffy starting in the 1930s, culminating with the 1969 publication of his "General System Theory: Foundations, Development, Applications." In his lifetime, Von Bertalanffy was probably better known for his mathematical model of an organism's growth, but GST was what he considered his legacy.

At the time, GST was hailed as a major scientific framework, considered one of the best unifying theories since Darwin's Theory of Natural Selection (with which of course it is 100% consistent). Anthropologist Margaret Mead was among system theory's proponents, applying its concepts to the development and disintegration of societies and civilizations. In fact, over the past 50 years systems theory concepts have become core elements of many specialized disciplines – most notably the psychic and social sciences, where systems theory is applied across a range of pathologies. 

But General Systems Theory is the meta version of systems theory, "zooming out" to encompass the entire universe and everything in it. So really, when you're talking about something that seeks to be the unifying theory of everything... well, the fact that you've probably never heard of GST says it's fallen short of its ambitions.

My awareness can be traced to a philosophy course I took in 1978 with one of GST's adherents, T. Downing Bowler, Ph.D., at the now-defunct Bradford College. It was an 8 AM class so my recall of the details was never that great, and I only got a C.  But I always remembered the concepts as being pretty cool to my 18-year-old self. A few years ago I tracked down a copy Dr. Bowler's 1981 book, "General Systems Thinking: Its Scope and Applicability," the draft of which had been the source of our (mimeographed) course content.

I found it as interesting as I remembered, and after reading the book I discovered that GST is just, well, a damn handy thing to have in your life toolkit. If you're puzzling through a problem, running it through the GST engine will almost always make things clearer. Having lived with this for a while, I felt compelled to share it.

I tried to boil this document down to as few words possible; in fact, my small contribution to the discipline may be in the application of the "80/20 rule." If you understand the 20% represented in the following core concepts, I believe that you'll get 80% of GST's practical benefit. Of course, if you find it interesting, you can go as deep as you like in the literature, discovering many concepts I will intentionally omit here.

We'll first discuss the core GST concepts, (mostly) without the use of examples; in writing this I discovered that you really have to "load the whole thing into memory" before you can start effectively using it. After outlining the framework, we'll go ahead and explore a few examples to illustrate how GST applies to our universe of disparate things. Then you're equipped to start using it on your own stuff.


What is GST?

GST works by flipping a simple mental switch. Instead of focusing on the vast and wonderful variety of the universe, GST restricts its focus to a few mechanical elements that are common to everything. Then there's no longer an infinite number of differences, but a small set of simple concepts, which are realized by our world in an infinite number of ways.

Consider that the default unit of our world is a "thing." The human mind has evolved to organize our perceptions around things, and for good reason: our ability to distinguish one entity from another is what enables us to understand and interact with our world. Thus we evaluate our entire existence through the infinite differences that distinguish our universe of things from each other.

GST is also based on things. But von Bertalanffy's insight was that there's a system to even being a thing. And that part is 100% consistent, no matter how many differences may otherwise exist between specific things. GST works by exploiting the fact that systems reliably behave as systems will.

Carving away the complexities can be wonderfully clarifying. GST is very good at resolving differences between expected and actual behavior (troubleshooting). As importantly, GST can often predict how things will behave or change in the future. 

Here are the core components of GST:
  • System -- This is the basic unit of GST, and what makes it so broadly applicable. In GST, everything is a system, and there are no exceptions. Since the universe is comprised of things, it is comprised of systems; this equivalence dictates that everything you can perceive is subject to the logic and rules of GST.
  • Equilibration -- This is the key process in GST, because it incorporates the concepts of time and change. Unlike equilibrium, which is a (theoretical) state, equilibration is the perpetual process of seeking equilibrium. Equilibration is necessary because of continuous exposure to impacts (stressors) originating from other systems. The primary types of equilibration are accommodation and adaptation. The effects of equilibration are manifested as change in the system over time.
  • Relations -- The primary dynamic in GST is how systems relate to other systems. The sum total of all a system's relations constitutes its environment. The reasons specific systems relate, the specific manners in which the systems are related, and the strength of these relations, are all central to the nature of each system, and how it behaves and evolves. A system's relations can be very complex and involve multiple elements of competition, cooperation, and control.
And here are some of the core concepts:
  • Boundaries -- The ability to distinguish where one system ends and another begins is dependent upon boundaries, defined by an observer's perception as something unique and independent. System boundaries exist because of constrained variety -- that is, faced with the limitless system relations available in the universe, each specific system exercises constraints in its relations that, in total, define its essence.
  • Stressors -- A system equilibrates in response to stressors presented by other systems. While there's an element of strict stimulus/response in GST, stressors are quite rich and varied – what’s important is that they apply pressure in ways that challenge system equilibrium, and they generate equilibration responses.
  • Polarities -- Implicit in the idea of stressors is the concept of polarity. As the stressor affects the system, a polarity is created between the system's (theoretical) equilibrium and the stress being applied between the two. That's not to say that all polarities exhibit the same range, but the poles always represent 100% of the difference, and define the range of possible equilibrations.
  • Hierarchy and Matrices -- The universe itself is a system, and everything it contains is a participant in that system. This organization means that every system is also both a supersystem to its component systems, and a subsystem component to some larger system(s). The principle of layered organization addresses the way that systems are naturally built upon simpler systems. In highly layered or matrixed systems, it's not uncommon for two systems to relate in very specific ways, but otherwise have very little interdependency.
  • Autonomy and Dominance -- Systems are autonomous by nature. However, a system may be controlled by another system, and take on the role of subsystem. As there are typically many subsystems in every system, this introduces the dynamics of subsystem competition and cooperation, as well as the command of the controlling system. These relationships can be strong influencers of system behavior across multiple levels.
  • Bonds -- Relations are comprised of bonds; in fact a core GST variable is the type and strength of bonds between two systems. Bonds are subject to selectivity and discrimination. As discussed, no system could accommodate every possible relation. What happens is that systems tend to develop relations with beneficial impact, and avoid relations with destructive impact.
  • System State -- There are two types of system state: stable state and steady state. A stable state system is consistent at the molecular level, and will change little in the absence of extraordinary stresses. A steady state system is typical of a living entity, characterized by intense, continuous equilibration, and a finite, relatively predictable term of existence.
  • Mapping -- Mapping is how systems integrate through the exchange of information. Mapping can be ad hoc but is commonly driven by existing models. This is one topic where an example is edifying, so I’ll use it: DNA is the mapping mechanism for living organisms on Earth. The capability to map is typically a higher-order characteristic, relying on pattern recognition and learning as important processes.
  • Crisis and Transformation -- A system may experience a stressor for which it has no effective equilibration option available. This system will experience a crisis and must transform -- either disintegrate or synthesize. Disintegration means that a system ceases to be, and relinquishes claim over any component systems and participation in any supersystems. Synthesis occurs when two systems combine into something that is recognizably different than either was before; implicit to the concept of synthesis is novelty, or new characteristics that fundamentally change the nature of the systems from which it was derived.

 

Practical Application

Some of those concepts might seem a bit academic. But the beauty of GST is that it’s just logic. You’re applying GST concepts every day, without realizing it. Think about the elements that go into judgment, analysis, and troubleshooting. GST simply identifies and describes the tooling, and pulls it all together into a formal framework.

The first principle in applying GST is to make sure you’re examining the right system. We’ve all made the mistake of assuming one thing to be the problem, only to discover it was actually something else. With GST, often you will realize you are dealing with stressors and equilibrations involving different systems, or additional systems, than the one you started with.

Next you focus on the equilibrations. In GST, the equilibrations are the symptoms of the stressors causing them, so matching equilibrations and stressors is key. Commonly you will find that there are multiple equilibrations and stressors in play. In this case, polarity can be a useful tool – since paired equilibrations and stressors are at polar opposites of their specific spectrum. Importantly, this exercise will often alert you to future possible equilibrations, should particular stressors increase or change.

Lastly, much can be gained by examining the relations between various systems.
  • What are the dynamics of control, competition, and cooperation between systems? In one common scenario, two systems may be acting in cooperation for the benefit of a controlling supersystem, while simultaneously being in competition for resources within that system. Or a system may try to attain dominance itself.
  • What are the bonds between systems? Are they appropriate or complete? If bonds persist after they are no longer useful, this can cause unhelpful equilibrations. If bonds are quite strong, that can cause individual systems or even supersystems to fail unexpectedly when relatively small stressors are experienced.
  • What are the system biases in play? Remember, bonds are subject to selectivity and discrimination. It’s often just as clarifying to examine places where no bonds exist – and why – as to study the bonds you see.

Examples
Let’s walk through a few broad examples to see GST in action. This high level treatment leaves opportunity to drill much deeper using GST principles; of course you can also choose to start exercising your new GST skills on your own life and environment.

  • Rocks -- You might say, "That's no system, it just sits there. It’s a rock." But it really does follow all the GST rules. A rock is a stable system, so it maintains a high degree of overall equilibration. But as with all systems, its stability is directly related to the stressors to which it is subjected. While a child sitting on the rock may elicit no equilibration response, a stick of dynamite certainly could, and quite possibly cause disintegration. And you may not see that rock equilibrate much in your lifetime, but over geologic time, equilibration will show clear effect.
  • People and Societies -- If you're like me, it feels dubious -- and a little insulting -- to posit that any scientific system could address the infinite variability of the human psyche. Well, it turns out that GST is especially useful when analyzing psychic and social systems, which are absolutely subject to the process of equilibration.
         Psychologists derive insight from the impacts of various external and internal stressors on a psyche, e.g., social/family pressures or mental illness. Sociologists can use GST to frame the evolution of social groups -- even civilizations -- over time, based on stressors imposed by environmental and cultural systems. Cultures themselves are examples of GST’s elements of selectivity and discrimination, creating powerful mappings shared by the people and groups that comprise the society -- which might be very different from other cultures, creating an opportunity for conflict.
  • Freakonomics -- The popular Freakonomics books are regarded as insightful application of economic theory, specifically focused on incentives. But incentives are just stressors, so systems indeed respond as GST would predict. Consider a core Freakonomics example, in which Chicago teachers responded to incentives when they cheated to help students score highly on standardized tests. Freakonomics and GST agree that the situation was caused by an incentive/stressor -- performance evaluation and compensation – and drove the cheating behavior. GST goes a step further to explain why, with identical incentives, only some teachers cheated; the teachers who didn’t were able to equilibrate through adaptations and accommodations that didn’t involve breaking rules. Perhaps they had different cultural mappings, or for any number of other psychic, financial, or emotional reasons the stressor simply didn’t have enough impact to cause the cheating equilibration.
  • Atoms and Energy -- To be universal, a theory has to work with the basic building blocks of the universe, and GST does.  The hierarchical nature of systems is eloquently expressed in the model of particles, atoms, elements, and molecules. These building blocks form the basis of our natural world. In biology, you see similar hierarchies of cells, tissue, organs, and organisms. This speaks to the concept of layered complexity, as systems become ever-larger aggregations of subsystems, leading to more and richer relations, as well as greater interdependency expressed as system cooperation, competition, and control.
  • Politics -- I'll use the US example here, but I'm certain it translates to any political system. Many hierarchical systems make up government, from local to state to national and (nominally) world organizations such as the United Nations. At each level there are candidates, committees, and political parties. Each acts in its own interest but participates in multiple supersystems, with a set of consistent stressors (money, power, service) as well as a set of ever-changing stressors (economic, cultural, political). In one cynical but obvious example, the equilibrations (behaviors) of politicians can often be seen in clear relief by observing the stressors (lobbying and money) imposed by the economic systems whose interests are affected. And we see examples of subsystem control hazards, for example when one wing of one party of one house of congress shut down the US Federal Government in October, 2013.
  • Ecology -- Nature is a beautiful example of GST forces at work. In the big picture, the earth’s ecology is a massive and stunningly complex interconnected system that equilibrates pretty well to sustain an overall balance. And that’s a good thing, because without these equilibrations our world could not exist, at least in a way that we could be here to perceive it.
         However, we’re all well aware of how relatively minor stressors can create crisis across the planet’s entire ecosysytem. Humans have caused many extinctions through destruction of habitat. Air and water have become polluted with toxins and even hormones. And the release of
    CO2 into the atmosphere is driving higher average temperatures that the earth is struggling to equilibrate against.
  • Music -- The highly mathematical structure of music is one strong indicator of GST at work. All music has systems of notes and scales and chords – the mapping music uses to impart meaning to sounds. Genres tend to embrace certain combinations of instruments that yield the optimal sound. And arrangements tend to follow well-developed sequences.
         But what’s most notable about music is its infinite variety, and the creativity that goes into it. A relatively small set of common elements generates amazing variety. The resulting sounds create stressors against the part of the human psychic system that selectively relates to music’s beauty. And if you’ve ever gotten lost in a symphony or found yourself pogoing to a punk rock song, you know how powerful those bonds can be.

 

Conclusion

That’s the basics of GST. As an all-encompassing theory of the universe, of course there’s lots more. And I think that’s all valuable at an academic level, but I just like the way it can alleviate the messiness of the world, and reduce the noise.

I mentioned that I learned about this in a philosophy course. There’s definitely an element of that in there – certainly there are world views that would philosophically disagree with such a stripped down approach to understanding. But GST is ultimately about logic and rationality. In the end, the benefit is whatever you get out of it. To me, it’s just a few handy tools that can help you see what’s really going on, and perhaps make the world itself a little simpler to navigate.

Sunday, August 25, 2013

Things I don't understand

Thanks for bookmarking my new blog.  So far it sucks but I'm gonna keep after it. :)

I'm going to change a few things right off the bat, using my reserved right there in the fine print.  I do have more long-form things to post -- the General Systems Theory piece will be at minimum fun, and a bit mind-bending, if you're into that kind of thing.

But I'm not sticking to just long-form stuff, because I realized the advantage of a blog is its clear ownership. On public media, you risk looking like a dork if you stand on a soapbox.  But a personal blog is a place you can try that stuff, especially if you invite discussion, as I always try to do.  So that's the criterion: stuff I wouldn't post on Facebook between the food porn and puppy pix.

To sum up: I'll keep bloviating here about things I believe I understand, and be open to reasons to rethink these beliefs.

But there's another category of things, ones that I admit I simply don't understand. I invest time in trying, because logic and evidence seem to dictate that they should be different from the way they actually are.   My brain glitches when I see these incomprehensible things, and it turns out there are a lot of them.  So maybe "Things I don't understand" can be a regular blog topic if people find it interesting.

First off, I accept that there are things I'm just not wired to understand.  For example, over-the-air television feels exactly like magic to me.  But there are people who do understand it, so I don't actually need to.

No, I'm talking about things I actually have tried hard to understand, but simply cannot reconcile to logic.  Some of them are kind of strange, ok.  Many are in the areas of economics or politics, which makes sense; there are also a lot of them in the areas of roads and transportation.

For example, this one has bugged me for decades.  You see a lot of dented guard rails, smudged jersey barriers, and scarred trees, but you don't see that many accidents or dented vehicles, do you?  Even considering many vehicles over time, that doesn't quite reconcile to me. I know the math must work, based on the evidence.  But it just feels that those numbers don't match, you know?

Ok, that's a silly example.  Here's another -- one that I actually know something about and have thought through, yet still can't reconcile.

In 1988, New England Telephone was running out of numbers in the 617 area code, which covered central and eastern Massachusetts.  They were faced with two choices:
  1. They could institute 10-digit dialing, and the new 508 area code would overlay 617
  2. They could split 617 apart, and assign everyone outside of the Boston metro area to 508
If you think about that for even a second, you realize that overlaying the numbers is better because:
 a) Everything about 617 continues to be true
 b) 508 just extends 617 capacity
 
So with overlay, anyone with an existing 617 number (which was everyone) would see no change.  New numbers would be assigned to 508, but be in the same well-defined geographic area as 617.  Essentially, 508 and 617 become the same thing as 617 always was by itself, so your explanation is very simple.

One more critical piece of data: Overlay had the disadvantage of forcing everyone from 7-digit dialing to 10-digit dialing, but it was mathematically certain that 10-digit dialing was coming anyway.  The explosion in first, fax numbers, and then mobile numbers, was well understood by everyone in the industry.  10-digit dialing was inevitable, and it was going to be soon.

You know what happened.  They chose to split 508 out from 617.  This forced millions of people -- from Provincetown at the tip of Cape Cod, to the Quabbin area where I live (one town from area code 413), to Salisbury on the New Hampshire border -- to change the way EVERYBODY contacted them.  They needed to print up new forms, cards, stationery, etc., and change the way they were listed in myriad places (remember, no internet listings in those days).

I remember the arguments at the time.  There were sweet old ladies with rotary phones, who would be horribly inconvenienced by dialing three more numbers every time they wanted to call their families.  I'm not kidding, that was the argument against all technical and logical counterarguments.

Folks, all those old ladies are DEAD now.  And we are stuck with a completely unintelligible area code system in Massachusetts.

To make it worse, they kept doing it.  In 1997 (less than a decade later), 617 was overloaded and they split out 781 (suburban Boston ring), and 508 was overloaded and they split out 978 (northern towns).  So again, they made everyone change everything.  Those in 978 got to change for a second time.

But the final irony is that, by 2001, they apparently had somebody in charge who could grok this concept.   Overlays were added to 617 (857), 781 (339), 508 (774), and 978 (351).  Presumably it will operate this way going forward.  But who knows?  Maybe phone numbers go away altogether, subsumed by the much more flexible and comprehensive identity models of today's systems.

Anyway, those are some examples of things I don't understand.  I have some more I'll add in future posts (political primaries WTF?).  I welcome your comments or corrections.