3PHealth Blog

My Identity Wallet

Friday, March 23rd, 2012

 

These days everyone is talking about my “Online Identity” and lots of big companies are trying to be the first to deliver their vision of an Identity Wallet.

So I thought about what I would want in such a wallet. My starting point is my current real life “Identity Wallet”. I’ve included a picture of it above. It’s pretty cool – it fits in my pocket, has a “transparent” protector on one side so that I can show people my drivers license, and then it has “convenient” holders for credit cards and business cards. Best of all it comes in a color of my Choice.

Notice how I used three key words:

1. Transparent
2. Convenient
3. Choice

These attributes are really important to me. I want a simple convenient, adaptable solution that I can customize based on what I want to carry with me on any given day.

And that is what is going to be required of any Online Identity solution. It must be simple, convenient, easy to use and Privacy enhancing. It should work seamlessly with the other item I carry in my pocket, (my smartphone) and I should be able to add anything I want to it. Then when I interact with Web sites online I should easily be able to send that data to them (securely).

Anything less than the above is not innovation and I doubt will lead to adoption. By the way the electronic equivalent of my regular wallet is a customizable secure database. It just needs to be integrated into the browser for easy online use.

Simple and it “Just Works”.

 

 

---

The Value of “Me” (Part V of the series)

Wednesday, March 21st, 2012

 

Well in the last post I promised that I would make the jump to a solution that increases the value of Internet, and gives me a choice in how and what I share on the Internet. So lets get straight to it.

First a recap. the solution will have four key attributes that promote the following: Confidence, Privacy, Choice and Innovation. In addition it must support the following features:

1. It will be privacy enhancing and voluntary
2. It will be cost effective and easy to use
3. It will be secure and resilient
4. It will be unambiguous
5. It will be interoperable
6. It will be transparent

We’ve decided that we’re going to use a Web based solution and add something to the HTTP protocol that increases the opportunity for greater choice, trust and respect. So why not add an Identity wallet to the browser. (that wasn’t so bad was it). Ok, so what would be in this identity wallet. “Stuff”… (just kidding). It would be very like the wallet you carry on you. It could include personal information, device information (whether you’re on a Mobile phone or not) and it could have location information.

Nothing that is not doable with off the shelf technologies. Simply create a secure database, allow the user to customize it with data, allow it to “talk to the operating system” and collect device information and then protect it all. So far it’s meeting features 2 – 6 above (because I have control over the database). But what about #1? How do we make it privacy enhancing – well by sharing that data. You see unlike DNT which doesn’t allow me to add anything to the Web conversation I now have my real identity that I can add to the transaction. All I have to do is figure out a way to get the data to the content provider.

Well fortunately the current HTTP spec shows us exactly how we can do that. We simply add the data as a “Header” to the request going to the Web server. Returning to my analogy of the train leaving the station with just a flag set (indicating that I don’t want to be tracked) this time I’m attaching additional information that I’m prepared to share “as long as you respect my privacy”.

Now lets re-examine item 1. The solution has to be privacy enhancing. To me this implies that you actually have to share something over and above what you would normally be sharing. DNT has no effect on the browser or what gets sent to the server (other than the single header). There’s no way other than conventional means (filling out a form) for me to communicate additional information which can be used to “increase the value of the transaction”.

And that’s the crux of the argument. The goal here is to increase the value of the transaction, the level of trust, and the level of privacy. Remember I still have NO control over what happens when my data arrives at the Web server. So both methods (DNT and this) are in the same boat here. The difference is that by offering more information to the content provider maybe he can deliver more value to me without the need to compromise my privacy.

Think of this secure database as a “Context Manager”. I add and subtract information, I can choose who I want to share it with, and everything is convenient, easy to use and efficient. While in transit the data is secure and if I feel that the content provider is misusing my information then I can stop him seeing my data by simply unchecking a box.

This Context Manager in essence becomes the “over drive gear” for the Internet. It allows for the following:

• Additional privacy protections for individuals who can use it to gauge if their personal data is being handled fairly and transparently
• Convenience for individuals who can use this Identity “Contextual Manager” (aka wallet) to manage fewer passwords
• Efficiency for content providers – they get to unlock additional value in the transaction by knowing more about me in return for a greater respect of my privacy
• Ease of use by automating the deliver of the contextual data over an approved and accepted standard
• Security by not only securing the data on the device but also in transit even over an unencrypted HTTP session
• Confidence that my digital identity’s are adequately protected
• Innovation, by lowering the risk associated with sensitive services and by enabling providers to plugin in their own wallets for your use with their services.

And finally the biggest feature of all…Choice, as service providers offer individuals different – yet interoperable – relevant media services.

 

 

---

Me, My Privacy, Security and Identity on the Web – Part IV

Wednesday, March 21st, 2012

 

 

In this blog post we’re going to make the transitional jump from the current Internet, to one that offers more of a choice when it comes to privacy. However before we make the leap it’s important to note – there’s no solution to privacy without trust. The second you share something with somebody else then trust has to be involved. The goal of any solution should be to offer increased levels of privacy based on increased levels of trust. And if the trust is abused, then provide a way for the user to restrict what they share.

Before we make the jump let’s revisit the issues with the current DNT standard. The goal is admirable – provide increased levels of privacy. As we will have to do with any “client – server” solution, we’ll have to rely on the trust worthiness of the content provider, be it a consumer Web site or an Enterprise portal. So by checking the box marked DNT in the browser we’re sending a message to the content provider that we do not wish to be tracked and that we trust that you’ll respect our wishes.

That’s all we’re doing – we have no control over any other aspect of the data that leaves the browser. Think of it like a train pulling out of the station – everything is the same except there’s a little flag hanging off the last coach that says to the next stop please don’t track me. We have to “hope” that the content provider will do the right thing. But what if they don’t? What’s our recourse – can we change anything about the data that was sent to them – to decrease the value of it? Nope. We can’t do a thing. We have no control and we lack a choice in how we want our browser data (fingerprints and cookies) to be respected.

If DNT was to stand a real chance of winning in the marketplace as a standard then the second we turned it on it would disable ALL third party cookies that come down to the device. That would be a huge step in the right direction because it starts to give us a choice in what goes on. So you have to ask yourself why isn’t this being done?

And in those immortal words “Follow the Money” you find the answer. The Internet is a business and in return for providing services for “free” there must be a way to re-coup the expenses. If DNT was to instantly block those 3rd party cookies there would be mayhem – companies have been built on access to customers data and disabling those cookies will collapse their businesses. So the DNT standard has been “engineered” so that this can be handled by the content provider and not the user. And as the Bard said – therein lies the trust, choice and privacy issue.

Without the ability for transparency then I have no way of verifying that there’s compliance. Try opening up your browser and figuring out which is a 3rd party cookie? You have no idea. And there’s absolutely no incentive to let you figure that out. On the contrary there’s a great incentive to “game the system” and not respect your privacy.

Think about it for a moment – if you had to spend thousands or millions of dollars to re-write how you Web server supported this new standard, and by doing so you stood to loose a lot of money, how fast do you think it would get done. (Especially if all it was, was a recommended spec).

At the root of the DNT standard is good old fashioned “Money”. I understand and respect that. After all you’re giving me something for free and in return I should give you something – right? Well yes, but wouldn’t be better if we could actually make the whole experience better? Sort of like adding an overdrive gear to the Internet. I’ll increase the value of what I share with you, if you increase the value of what you share with me and in doing so give me a better experience.

That seems like a far better use of my Privacy than the current approach.

Well I’ve run out of time on this post so in the next blog we’ll make the jump to offering something new for the Internet, something that allows you a choice and allows both you, and the content provider, to share in the value created by increased levels of trust.

---

Me – The intersection of Privacy, Security and Identity on the Web – Part III

Wednesday, March 21st, 2012

 

In my last post (link) I discussed the current proposed DNT standard and why I have serious reservations about it’s viability. At the end I mentioned that this would provide an opportunity for innovation to occur – so lets take a look at what something would/could look like.

To recap. First and foremost the solution will have four key attributes that promote the following: Confidence, Privacy, Choice and Innovation. In addition it must support the following features:

1.    It will be privacy enhancing and voluntary
2.    It will be cost effective and easy to use
3.    It will be secure and resilient
4.    It will be unambiguous
5.    It will be interoperable
6.    It will be transparent

I have to state first that there’s no silver bullet/one sized fits all solution. No matter how many virtues this solution has it will not be perfect. That said we should be able to, within the scope of the four attributes outlined above, be able to build something that’s better than what we currently have.

I’m going to start with Interoperability. To me this is where the foundation for any solution will be built. And there’s only really one place to look at that’s RFC 2616 which is the foundational document for the Internet. It alone provides the scope of the HTTP protocol that joins everything on the planet. It truly is the “One Ring that Binds us All”. So this becomes are foundation which means that the application that sits on top of it is going to be where the solution will be found – the browser. The other ring that binds us all – everybody knows how to use a browser and they work on every device connected to the Internet.

So now we have the foundation and the building blocks of our solution – the Internet and the browser. What’s missing? – Data. Well that comes from databases that tie into existing Web services which in turn connect to the Web so we can access them via a browser.

So lets summarize what the solution will look like:

1.    One Platform – the Internet
2.    One Interface – the Browser
3.    Multiple data sets – online databases which provide the context

So far so good. People have confidence in the Internet, they have a Choice in what they want to see and hear. However we haven’t met the Privacy and Innovation standards yet. Yes we have some privacy namely SSL when it comes to ecommerce, but that’s not really privacy because I still have no control over what data is shared – just that it’s encrypted. As for innovation – the HTTP protocol has been “fixed in stone” since 1999 when the comments or suggested improvements were closed. For all intents and purposes we’re still at version 1.1 and I don’t see it changing anytime soon.

So what do we do about the Privacy and Innovation attributes? Well fortunately there’s a section in the current HTTP 1.1 spec that allows us to “Innovate” and here it is…

It is a generic, stateless, protocol which can be used for many tasks beyond its use for hypertext, such as name servers and distributed object management systems, through extension of its request methods, error codes and headers. A feature of HTTP is  the typing and negotiation of data representation, allowing systems to be built independently of the data being transferred.

HTTP is an extensible protocol so that you can take advantages of new ideas, new innovation and extend it beyond it’s original design scope. So if we’re going to meet the Innovation requirement that’s exactly where we’re going to start. Why – because it’s an approved, standard way of doing things that everyone has already agreed on.

So what is a header? It’s actually a little piece of data that gets sent to the Web server. It can be any type of data and it can be compressed and encrypted to save space and preserve “Privacy”. This is good news is as we are now focusing in on our four required attributes: Confidence, Privacy, Choice and Innovation.

Now lets check back and see if we’re still meeting the features guidelines?

1.    It will be privacy enhancing and voluntary
2.    It will be cost effective and easy to use
3.    It will be secure and resilient
4.    It will be unambiguous
5.    It will be interoperable
6.    It will be transparent

So far so good. We haven’t yet described how we improve #1, #2 is fine, #3 is also fine (it works and we can safely use encryption) #4, #5 and #6 are also met – it’s the Web. We all take it for granted and it just works.

What we really haven’t yet described is a solution to #1 – we have to enhance my privacy and we have to ensure that it’s voluntary i.e. we offer the consumer a choice in how they use the solution.

And that’s where the next blog will pick up – Adding Privacy to the Internet.

---

Me – The intersection of Privacy, Security and Identity on the Web – Part II

Wednesday, March 21st, 2012

 

 

In this post we’ll take a look at how the current Do Not Track standard compares to the viable solution list from the last post.

To recap. First and foremost the solution will have four key attributes that promote the following: Confidence, Privacy, Choice and Innovation. In addition it must support the following features. Please note that I added two more, unambiguous and transparent.

1. It will be privacy enhancing and voluntary
2. It will be cost effective and easy to use
3. It will be secure and resilient
4. It will be unambiguous
5. It will be interoperable
6. It will be transparent

So lets go down the list:

 

Wow, that’s pretty bad. So what if I’m wrong (I can imagine the DNT advocates are shouting at me now). Well how wrong can I be?

• Confidence
  • For something to have value you have to believe that it works. If you read the “proposed standard” you’ll see that it has been “engineered” to allow for the status quo to continue. There’s no enforcement – it’s just a recommended practice. Think of it in terms of going through Airport Security – that’s mandatory vs… recommended
• Privacy
  • Show me in the spec where it protects my data. In essence it shares all of my data with the content provider and then I have to trust they don’t share that with a 3rd party. So my data is still out there and I cannot verify that it hasn’t been shared
• Choice
  • The default is ??? well I’m not sure because they haven’t decided yet. It should be “On” so that it benefits the consumer, but what are the financial incentives for that to happen. The best bet would be “No Preference” which means in the USA – tracking is allowed and in the EU – tracking is not allowed. Of course you just have to figure out where the Mobile user is so you can make the appropriate response. But that’s tracking right?
• Innovation
  • Nothing here. I cannot change anything in the browser. In fact I “may” have to make a lot of changes to all my server scripts. That’s expensive and time consuming. Remember every script or Web page “should” be modified to exclude 3rd party cookies and content if the header is set
• Privacy enhancing
  • Again it hasn’t enhanced my privacy, it has enhanced my ability to not have my data shared. For large content aggregators this means nothing as they never share the data anyway with a 3rd party (just themselves)
• Voluntary
  • This gets a tick box but is actually a fail. Again this is a recommended practice not a mandatory practice. If it was a lot of content providers would go out of business because the ONLY way they can make money is to scrape Web sites looking for personal data that can be shared with 3rd party vendors
• Cost effective
  • Only for sites with good data privacy policies. However because there’s no legal compliance here there’s no need to rush to support a recommended practice. For those sites that do have to change the costs can be enormous. Every script has to be updated to support new information arriving at the server
• Easy to use
  • Only for the consumer. For the content provider there’s a big cost involved in programming time, server loads, and increased bandwidth
• Secure
  • There is no security involved in this standard
• Resilient
  • I think of this as adaptable or extensible. As I can’t innovate around it I don’t see it surviving. How would I differentiate my Web service by improving this standard. You can’t.
• Interoperable
  • Well for this one I give it full marks – but not for awhile because every browser will have to be updated to support this spec. Currently no browser is capable of sending the required data (e.g. 1, 0 “Null”)

For something to be worthwhile, the general rule of thumb is that you must give more value than you extract. As long as consumers believe that DNT offers more value than it extracts then they’ll be willing to go along with it. However the second they discover that selecting the check box offers no value, then the standard collapses.

DNT is not about privacy – that’s just the magicians illusion – it’s really about Do Not Share my data with 3rd parties – unless I give my permission (which in its self opens up another huge can of worms. Think about the User Interface issues). And that’s something completely different.

So it also fails the tests of being unambiguous and transparent. The good news is that it opens up the chance for new innovation to succeed because believe it or not people really care about their privacy and they want a choice in that process and we’ll talk about that in the next post.

 

 

---

Search

Email Subscription

Email Subscription

Subscribe

Categories

Categories Select Category #Choice  (49) #mobile  (87) #privacy  (30) #webperf  (62) #wpo  (28) APM  (2) BYOD  (6) Care Delivery  (7) Choice  (25) connected health  (4) Context  (30) digital health  (13) e-health  (7) Enterprise Mobility  (9) EUE  (4) Health IT  (5) healthcare delivery  (8) Hospitals  (3) Identity  (7) Patient Engagment  (12) Performance  (42) Personalization  (23) Privacy  (81) Quality of Experience  (16) Telemedicine  (2) Uncategorized  (30) User Experience  (26) Virtual Care  (3) WCO  (2) Web Standards  (1) What: Device Information  (9) Where: Location Information  (9) Who: User Information  (7)