We had an amazing group that gathered for the Data Sharing Workshop April 18 and 19 (Our Summit is coming up May 15th). It was as we had envisioned - a range of people from large portal companies, device manufactures and small startups.
We had 5 great sponsors Vidoop, Plaxo, BBC, Twine, and Broadband Mechanics. We met at the SFSU Center for the Next Generation Internet and collaborated with the dataportability.org community.
Attendees included those new to the space and veterans who have been working on the issues involved for years. We invited 9 different industry people to open our morning by sharing what they saw as the problem and where we were at.
Everyone introduced themselves and then we dove into making a really great agenda wall.
We also had a Wall of Results. Each session was asked to out put an 11×17 piece of paper what they got done.
Here are some notes from those summaries and the wiki. (please feel free to add more to the wiki if you were in a session and took notes)
How to help you help yourself? was one of the opening sessions lead by Angus Logan of Microsoft. This was really focusing on how to get away from the give us your password and we will scrap your data for you method of users getting their data out.
* User Experience is Hard
* HOw do we get sites to adopt new methods?
o Make sure API’s are truly functional equivalent to scraping
o try to make the UX work well
o Get good PR and Goodwill from getting off passwords
o provide libraries, sample code tutorials
o Host hackathons
o be patient - everyone’s really busy
Being careful with the word own was a session lead by Gabe Wachob
The words we choose when talking about these topics because of the unintended consequences:
* if we define in terms of rights?
* frame the term for the public policy discussions that will come
* “control” has similar issues
We need Creative Commons like understandable controls for your data
We need to initiate conversations
Examples
* who “owns” your bank account balance
What is Identity Commons?
This covered a bit of the history and an explanation of our loose community structure. It is outlined on our wiki. We have 12+ community groups
The ecosystem conversation was interesting - the sense that people had was that we are in the age of “data sharing” similar to the time before cel phone number portability. Marc Canter highlighted formats that have become normative and should be abstracted out.
* Social Graph
* Contact list
* Media Gallery
* Ubiquitous Content
* ID - persona’s and groups
* LIVE WEB events
* Feed Actions
* Blogging - Regular and Micro
The following is needed: Marketing of what the benefits are to relying parties and to vendors. Turning the customer acquisition budget.
Questions were raised about what standards are in this space. There were some that were articulated Note that this list is not comprehensive. Please feel free to add more.
Feeds and OAuth:
* Start by trying to access feed as if it were public:
o username -> profile -> feed url
* Get 401 with auth resp. header if it’s only private, or 200 + link_rel to private version
* Do OAuth discovery or the profile/feed URL
* Perform OAuth -> Get token
* ask for feed with token in authorization headers
* SUCCESS!!
WHAT IS DATA PORTABILITY?
This was an interesting rambling conversation for 2.5 hours.
Clarity emerged around stakeholders and means of engagement. concerns were expressed about improving communication.
* Are data portability and OpenID apples and oranges? there was a healthy debate
* Where is the consensus -Today?
* Terminology heard in the converstaion
RSS, APML, i-card, Open Stack, Identity, Permission, Attention, Container, OAuth, owner, viral, openID, FUD, Interoperability, data sharing, data portability, OSIS.
* Means of Engagement
o specs-style reporting
o bi-weekly outreach
o more blogging
o pull input + commentary
o Don’t ask for comment
o date v. marry
* Concerns/ Threats / Challenges
o Hype v. Beef
o What is the story?
o Is DataPortability THE umbrella phrase?
o Politicizing + Emotion
o Lack of clarity on Scope
* Where is the consensus today?
This was not fully clear but there was a good conversation.
URLs are People too…Social Graph API
* Links are relationships
* Rel=”me” connects ourselves
* rel=”friend” etc. connects to friends
Social Graph API is a cache of the distributed social graph of the public web.
Open Social Q & A
- Portability by moving Apps to where the data is or bringing the apps to the users contexts.
- Networks as different countries * friends may be hidden * technology: 1 Google, 3 apis (people, friends, activities) — Not as border controls but to extend websites to where users are now
- Data: person info; viewer friends; page owner (can be viewer); page owner who’s not a person ; not relationships or thoughts but correlations between what people have already created
- User Experience: Apps centric, not in terms of google’s functionality or assumptions
- Container determines contxt when linking people and because the user builds the container(s), control is appropriately there
- Apps: Most successful will be basic data sharing that have universal applicability; word-of-mouth / engagement viral v. demographic targeting or size-of market targeting; to focus on mail functions is to serve the disease, which will eventually develop immunity
- Enables data portability by bringing the applications to where the data is.
OpenSocial — A foundation
* openID based
* Opensource problems
* myspace, orkut, are shipping now
* make doing social stuff easier
What is XDI ?
XDI = XRI data Interchange
XRI = eXtensible Resource Identifier.
- XDI is a “PDF for Data” - a portable format for sharing data across applications and services
- XDI is also a simple RESTful protocol for sharing data using XDI documents
- XDI includes portable permissions called XDI Link contracts
An Open Address Book - we had several folks in attendance telco’s and handset makers. they talked about the big idea - ” We need a single schema for person information” then asked Is this realistic? Finally concluding Death of the phone address book? (Long live the phone address book!)
Semantic Web and Data Sharing
Native
* rich
* low interop
* links internal/proprietary/ not at all
HTML
* LCD
* Highly interoperable
* standardized links
* semi-structured
RDF
* rich description
* ? interop
* no links other then correlation
* not structured
XDI
* Rich
* High Interop
* Fully Linked
* Fully Structured
LLLI/Kintera Use Case and Solution:
In this session we explored the OpenID, XRI and XDI solution deployed to satisfy the Le Leche League International distributed data requirements. The software solutions provider Kintera has been a partner with ooTao in this effort. Kintera hosts 128 Million individual profiles so can help create significant adoption figures on its own.
We saw how each individual member and every system component was given an XRI identifier. In the case of individuals the XRIs - i-names were associated with OpenID services for authentication and in the case of system components the XRIs were given public/private key pairs in order to authenticate to other system components.
The result of the LLLI work is a WORKING distributed data management system that leverages distributed identity for its authentication and authentication mechanisms. For more information contact Andy Dale via his iPage at =andy
Restful Data Addressing
Mike Mell Led this session articulating a proposed syntax for Restful data addressing. He articulated these goals:
- pure HTTP requests
- UserAgent to server
- server to server
- secure
- Fine grained addressing and permissioning of any data node
The wiki outlines specific elements in the syntax along with Response and Authentication Modes.
Doable Now and Soon
This was one of the sessions on Saturdays - with a calm group that had been through a really intense day Friday. There was agreement on the ‘dobale now’ and likely doable soon if the right conversations were had.
Dobale Now
* Portable Identities (OpenID, LiveID, FB-ID)
* OAuth (sever to server) delegated auth.
* Contacts Portability (FOAF, XFN, Microformats, like MicroID)
* Sync (feed sync)
* Social Network Portability (Open Social FB platform)
* Social Application Portability
Doable Soon
* Standard Schema for Profile
* Standard Schema for Address books
* Media portability + metadata + permissions
* Linking ID’s of different ecosystems?
OVERALL
The event was full a success. Many people travelled on planes just to be at this event. Some even from Europe. Since the last summit a lot of clarity emerged around what the problem space was and how different approaches could work on addressing the issues.
Key Areas to be addressed at the Summit on May 15th include:
* more conversation about the business value to vendors to allow user-data out of their systems.
* We want to focus on schemas for profile data and address books, not as much on the social graph at this point.
* Demo’s likely we will have speed geeking at lunch.
* Work is happening on an ‘alpha’ version of an executive briefing . Some thoughts: We are moving in to an interconnected world where implementation decisions are not tied to the technologies. That is, how you participate is not tied to the technologies. We are not just talking about future proofing, but about providing a relatively easy way to give yourself options to work in the various scenarios that analysts are already saying are happening. You can increase the value of your offerings by building on offerings provided by others without needing to throw a lot of money at bringing it together. The objective is to make things easier to interconnect. In part by just defining the nature of the interactions that you want.
* We also need to consider targeting legal and policy decision makers. Perhaps from the EEF? other organizations. We don’t necessarily want to target legal departments in large organizations, but different external bodies involved in policy-making.
* We want to gather a larger group from the different companies involved, especially more product managers and other decision makers from companies such as AOL, Microsoft, Google, Myspace (if possible), etc.
* We welcome further input into the goals and outcome for the Summit - the agenda will be determined by the people who attend. Please contribute on the wiki to the Proposed Topics page.
We had a quite closing on Saturday and people were asked what the got out of the event and what their next actions were. You can click through to see what they answered.
I am really looking forward to the Summit following the Internet Identity Workshop - it is going to be even more amazing then this event was and move the whole field forward.
Anybody following Identity/Privacy today is rooting for 
![[info]](http://p-stat.livejournal.com/img/userinfo.gif){kind=small}
is the new data portability logo of course.
