honestlyreal

As I write this, I’m sitting on a stationary train. In a station. The rail app on my phone tells me it’s the train I want. But the signs on the platform are totally blank. And the guy in uniform on the train doing the uncoupling says he doesn’t know where it’s going.

So, do I believe what the app tells me? Rather than embark on an exercise in Bayesian conditional probability, it’s making me think about that phrase “digital by default”.

Because I’m still not entirely sure I know what it means. Or, even if I do, that I’m seeing it used consistently.

And this experience with the phone app right now is a good reflection of what I think it should mean: that a service has been built, first and foremost, so that its delivery in digital channels is the way that it works best.

–that information in the digital channel is “the truth”.

–that if the train is switched to another platform, the digital channel will be the first to reflect this.

–that train staff will be looking at their own digital devices for information before they look at platform signs, or paper print-outs of departures, or get on the internal intercom to the driver.

That, to me, is digital by default.

An underpinning design principle that the service is supposed to be like this. Not, as has so often been the case, with digital features as a sort of awkward bolt-on after the fact.

I pointed out to a member of station staff a few weeks ago, who tried to stop me, that I was going through the gates to platform 10 because this device in my hand was telling me my train would be there. And I trusted it, at least enough to wait there.

He looked in incomprehension at this device. It wasn’t part of the script. The situation was the very opposite of “digital by default”.

So, apart from this nice, rosy, optimistic definition, what else have I seen it used to mean?

Well – sadly, sometimes as the Mr Nasty of channel-shift enthusiasts: the reason why counter services will be closed, the hammer that will force people to abandon their Luddite ways, the only real means of forcing out cash savings in this techno-progressive world we were told so much about.

And if people don’t want to shift, then tough. They won’t have the option. Default, innit? Capisce? Ok, if they’re really incapable, because of disability or crap connectivity, there’ll be some sort of stop-gap. A bolt-on, if you like. After the fact.

Now, does that sound somewhat familiar?

Or, for a third flavour, how about Mr Nasty’s gentler cousin: the service redesign that still has the closure of non-digital channels at its heart, but attempts to do so by attraction to a better, digital alternative, rather than brute imposition?

The interpretation you hear is connected to the source you hear it from, I guess. These versions all have different political palatability, and provoke different passions in different audiences.

So which do you a) think it really means now? And b) which one would you like it to mean?

A – a fundamental design principle from the ground up
B – channel shift by imposition and removal of choice
C – channel shift by being more attractive than non-digital

Your answers, below, if you please:

The very fine John the Lutheran has dug out and circulated some guidance that many people find themselves thinking about at this time of year: a few advisory notes from the Information Commissioner’s Office (ICO) on the fraught topic of photography in schools.

What we’re after of course is something “official” that us camera-toting parents can haul out (preferably with a big Her Majesty’s Government crest in the letterhead) and wave at hovering Netmums and headteachers who are getting fretful about all this Internet Paedo Malarkey they’ve read about in their redtops.

Because we all know that deviance involving children increases proportionately with focal length (or indeed aperture size, in its more advanced stages).

Sadly, though it was probably a worthy attempt at the time (December 2005), the ICO guidance falls down in a couple of important areas. [Update: 1713 071211 There is another version of this guidance available, dated June 2010, which is, erm, identical - it's as if Facebook never happened...]

Although it’s a bit useful–in that it basically says “it’s ok for parents to take pics of kids, even in a school, if those pics are for personal use, and nobody should freak if more than the snapper’s own kids are in the frame”–it gets off on the wrong foot by trying to tie everything back to the Data Protection Act. Sure, if you’re assembling class records, or access passes, a photo has immediate DPA relevance.

But like a shaky student in an exam, the ICO write answers about the DPA because they know about the DPA–even if that’s not quite the question that’s being asked.

They are right in saying that most instances of photos being taken have no data protection implication, but that isn’t really why parents and teachers are getting twitchy these days.

No, many concerns today are over something that’s not even mentioned in the guidance perhaps (being fair) because it didn’t really exist in 2005. [I shall be less fair now that I've seen the 2010 version!]

Yes. Adults will take photographs of children, without explicit permission of the parents of each and every child in the picture, and put them on the Internet. [SFX: Internet Paedo Malarkey klaxon]

No, this is a social concern. And indeed a social media concern. One that’s not such much about privacy, or spamming, but about darker fears. Because we all know that Internet photos are photoshopped together with scenes of bestial savagery, and traded by rings of shadowy perverts. We know about it because we read it in the Daily Mail.

Being blunt: people only really freak if they think you’re either going to make a) money or b) porn out of their kids’ faces (the fact that without highly verified model releases, the commercial exploitation just ain’t going to happen being neither here nor there).

Those fears aren’t going to be countered by waving “permits” from some bit of government. It might help a bit, of course, if a headteacher really does pull the “because of Data Protection…” line. Though remember that the Trunchbulls of this world are not easily moved by proffered sheets of A4, especially with Crown Crests on them. It’s their school, and their Word is Law.

And angry, scared parents are angry and scared–driven by emotions that it’s sometimes hard to comprehend. If you get to the point where you need to show them a letter from the government, you’ve probably already lost the battle. You certainly won’t be having any more fun at that Nativity Play, anyway. Best avoided.

No, the only answer in my experience is to approach with subtlety. With smiles. With requests for permission where that looks sensible. By keeping an eye out for parents who don’t look comfortable, and making an obvious point of avoiding their children. By offering to share the pics with other parents. Saying you’ll send copies to the school has worked wonders for me. (Suddenly everyone wants their child front and centre.)

By perhaps not taking your 400mm and sitting smack in the centre of the front row shooting up the skirts of the tinies. Yes, I’ve seen this done. Unwittingly. Take a good, small lens that’s good for indoor light. Don’t blaze away with a flash.

Be respectful. That is all.

A policy so incredibly inhuman that it stops you in your tracks.

How could this ever have been dreamed up? Who thought this would ever be acceptable? How on earth did a blank-faced politician manage to express it in cold, bare words?

This was pretty much my reaction (and that of many, I know) to this story about cancer patients on chemotherapy being forced into more stringent checking of their eligility for sickness benefits.

Particularly that last question: how on earth was such barbarity actually expressed?

That press release from Macmillan, linking to a petition, was getting a LOT of attention.

So I had a search around for some wider perspectives. And found…well, not much more, really.

A few blog posts are springing up to denounce its atrocity, but there’s precious little in terms of any deeper analysis of this policy. Or, reading in more detail, not policy, but something that is being “consulted on” and “could”…

OK, so it’s a “could” story. I approach anything containing the phrase “that could” in its first two lines with a bit of caution. (And then look for a range of robust, related sources.) Generally, “it could” = “it might, but it probably won’t, though WHOAH LOOK AT THIS HEADLINE”.

Make no mistake: I am hugely supportive of the aims of those campaigning for better treatment for people in such a terrible position. I completely understand Macmillan’s wish to remove even the burden of testing from a whole swathe of people in an enormously challenging personal situation.

But I can also at least appreciate the existence of an argument that says: if some people are on a particular drug regime, but are symptom-free or want to work, should they automatically be signed up to receive benefits?

Contemplating the fact that any issue involving a large number of people involves tricky edge-cases (and false positives and negatives) doesn’t automatically make me a card-carrying Tory benefit slasher, m’kay? (And I honestly don’t need a ton of comments in testimony to how grim chemo is; believe me, I’ve been pretty close to it myself in the last two years.)

But what I’m really interested in is the rational debate here. With both sides putting forth their attempts at cogent argument, the better to inform us all of what’s really going on.

So what did the government actually say? In its response there are references to the prior involvement of Macmillan in this review. Involvement which clearly did not end well. Here are the relevant paragraphs from that PDF:

31. Professor Harrington asked Macmillan Cancer Support…to assess whether there were improvements that could be made to the provisions for people who were undergoing treatment for cancer. During July 2011, the Department received evidence from Macmillan which was endorsed by Professor Harrington.
32. The Department accepts the evidence presented by Macmillan that the effects of oral chemotherapy can be as debilitating as other types of chemotherapy.
The evidence also shows that certain types of radiotherapy and in particular of combined chemo-irradiation can be equally debilitating. As a result of the
evidence supplied by Macmillan, the Department has developed detailed proposals for changing the way we assess individuals being treated for cancer.
33. If introduced, these proposals would increase the number of individuals being treated for cancer going into the Support Group. They would also reduce the
number of face-to-face assessments for people being treated for cancer as most assessments could be done on a paper basis, based on evidence presented by a GP or treating healthcare professional.
34. We had hoped to introduce these proposals in April 2012. However, following detailed discussions with Macmillan, we have been unable to secure their
support to our proposals which were based on their evidence.
35. As a result, the Department now intends to seek a wider range of views on the proposed changes through an informal consultation. We wish to gather views
of interested stakeholders, including individuals affected by cancer, their families and carers, employers, healthcare practitioners and cancer specialists
as well as other representative groups. We will launch this consultation during December 2011.

This needs some decoding, clearly. Perhaps Macmillan put forward their evidence about effects, along with their proposal for a block exemption from any ESA assessment, and this latter part was rejected? One has to read between the lines, though. And “going into the Support Group [undefined]“? I mean, it sounds nice, but does it mean “added to the numbers of those needing to be formally assessed”? I guess it does. But should any reader have to guess? UPDATE (1544 121206) Support Group as defined here is actually jargon for where you get put when you’ve been assessed as eligible for benefit, and are NOT required to work (but can if you want to). Which, taken as read (and how else should one take it?) makes this all even more puzzling.

So there a few language games being played here, and perhaps more to the story than meets the eye. You’ll note the Macmillan press release opens with the careful wording: “…Department of Work and Pensions decision to propose changes”. The word “decision” echoes more loudly than “propose”, of course.

DWP hasn’t made a decision. It has made proposals. See what they did there?

But this post is not about the arguments for and against the policy, merely to acknowledge that they probably both exist (whether they’re particularly strong, or not).

This is an observation on communications.

If someone, especially someone approaching or undergoing chemotherapy (or close to someone who is), sees this press release, there’ll be some FUD (Fear, Uncertainty & Doubt). That’s probably part of its intention. The piece is getting its points in quickly to influence a debate that’s about to take place in this consultation period. That’s what good lobbying and campaigning does. And more power to it.

But when you see FUD, maybe you want to see a broader perspective to reassure you. FUD is great for campaigning, but it has its downsides.

Will you find anything on the DWP or Department of Health websites by way of response that people might actually understand? Anything other than more impenetrable PDFs?

I can’t.

So the government are clearly losing the heart-and-minds battle on this one already. Losing? They’ve already lost. They didn’t even show up for the game.

And what were the government so keen on abolishing, almost as their first act after the election?

All those unnecessary communications posts.

Oh, how my heart bleeds for them.

I’ve just done a bad thing.

As a photographer, I’ve got a great deal of respect for the work of others. When copyright is held by someone else, and I don’t have a licence to take it or tinker with it, I don’t.

Well, I just did. (And remorse is fairly low on my list of feelings, to be honest.)

I picked up a nice brief today for a shoot in a week or two. As I often do these days, I put the address into Google Street View, just to get a general sense of where the building lies, and what sort of street vistas might be possible.

And there’s this guy. Right in front of the camera.

Shielding his face from the camera, with not one, but both hands.

I kept coming back to the image. Finding it a powerful visual metaphor for the evasion of surveillance; of a small, bowed figure at the front of the frame, seeking not to be identified.

Did he know about the face-blurring they use? Did he trust it? Did he care?

(Yes, I think he cared.)

So I did the bad thing, and scraped the image, un-watermarked it (in a symbolic echo of de/anonymisation?), gave it a little help with colour and tone and composed it as an image that told a story. As I like to do.

You can see it in its full glory by clicking on the preview below. You can download it and use it for stuff if you so choose.

(If I get into trouble, I’ll let you know. If you do, let me know.)

P.S. Thanks to Michael Smethurst for setting the image in the context of this fabulous story from Cory Doctorow, which then made me think more about its symbolism.

P.P.S. You can see the original image here (until it’s replaced by a fresh camera shot, of course).

P.P.P.S. Yes, I am fully aware that I’m quite happy to use Google Street View to help me in my work but also have little frissons about some of its other “features”. But thank you for thinking it.

An interesting piece appeared on the Guardian data blog on Friday. It describes a wealth of new data being released relating to court and conviction information.

The database shows sentencing in 322 magistrates and crown courts in England and Wales. Defendants’ names are excluded but details such as age, ethnicity, type of offence and sentence are not. Any computer user can analyse aspects such as how many white people were sent to jail for driving offences.

All good stuff. There’s definitely value to be gained from this type of analysis. It’s being released as a database (hopefully with a commitment to regular ongoing publication), and it brings consistency to often haphazard arrangements for making data available. These are positive moves, and should be welcomed.

But…

Transparency campaigner William Perrin, who advises the Ministry of Justice on opening up its data, says the release is a big step: “Publishing the details of each sentence handed down in each court is a great leap forward for transparency in the UK, for which MoJ should be warmly praised. Courts have to be accountable to the local populations they serve.” But he, like some campaigners, believes the MoJ should go further, releasing the names of defendants. “The data published is anonymised, flying in the face of hundreds of years of tradition of open courts and public justice.

“The MoJ need to have an open and public debate about the conflict between the central role in our society of open public courts where you can hear the name and details of offenders read out in public and crude misapplication of data protection.”

My concern lies with the consequences of releasing the names of individuals, as proposed here, in a completely accessible and reusable way.

William draws a parallel between the act of reading out names in public court and publishing them on the Internet. (Disclosure: William and I both sit on the Transparency Sector Panel in MoJ.)

Were it a simple parallel, with the same consequences, I’d be pretty comfortable with the principle of release, too. But I see one very big difference: raw content on the Internet is (almost always) indexed by search engines. And search engines have very, very long memories. The (only) two things that the Internet has fundamentally changed are the ease with which information can be found, and the duration and extent over which it persists–as I’ve banged on about on this blog before.

So, this proposal (if taken at face value) would lead to a couple of consequences which might not be wholly desirable: firstly, a name would quite feasibly, if entered into a search engine, throw up information about an offence and the consequent sentencing for an indefinite time. What implications does that have for rehabilitation of offenders? If your conviction has been spent, and your potential employer does a quick check and finds that the only thing you’ve ever been noted for on the Internet is… Well, would that feel just to you?

Ah, I hear you say–but look at court reporting now: those journalists that do manage to get intelligible information out of a clerk so they can write their pieces accurately end up with their content being indexed (paywalls permitting), and the Google ghosts will be there to do their haunting anyway. Yes. They will. But this is an issue of scale and ease, not principle. Journalists today, even those with perfect information, exercise some choice over what they choose to print. Maybe this is just because of space constraints, maybe there are other factors at play. But the “release everything for reuse” stance would dramatically increase this scale of publication.

You may say that this is a good thing: along similar lines as “nothing to hide, nothing to fear”, this extra hangover from a criminal’s downfall may be a very positive thing for society. Another deterrent to criminality, maybe? I don’t know about that, but I do know that we then face a reappraisal about what we mean by rehabilitation as a direct consequence of data release.

And, as William says, that needs proper public debate.

But it’s not just a matter of scale. We find, when public data is released en masse, that new business opportunities spring up. Imagine the entrepreneur who gathers all data on convictions and charges for their own employee check service. They might adhere to principles of time limitation on their data. They might not. They might mash-up this data set with other information. They might not. They might put profit before principle.

We attempt to control such reuse of information with regulation, but on the Internet, it gets very much harder to make this stick in practice. Again, we risk changing the landscape of what it means to be convicted, by releasing data like this.

I’m fascinated by how even something like the current Data Protection Act relates to the indexing of personal information within search engines. Surely, almost by definition, the end purpose of such indexing cannot be known, and therefore Principle 2 (Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes–source: ICO) must surely be creaking already?

So, I’m not so keen on making it indexable. Can this be avoided? Is there a middle ground which acknowledges the shambles that is the current practice in courts–with some prepared to supply information in machine-readable format, others insisting on hand-written notes being passed, and some seemingly actively obstructive in providing information?

I think there might be. There are some “government” datasets which although they could be released for reuse, aren’t. For fairly good reasons. The database of car registrations, for example. I suspect we’d consider if a bad thing if a road rage incident could be easily followed up with some bricks through windows on the basis of typing in the offending registration plate when you got home.

Similarly, we have a curious set of “frictions” in place to allow us to have an electoral roll which is at the same time both “publicly viewable” (provided you go to a library) and searchable online only if you pay up a good chunk of cash. A big hmmm from me to that latter part, by the way, but you can read much more on electoral roll issues here.

And the way that this data is structured is also important: so that we can’t, for example, easily go online, type in an address down the road, get a full list of occupants’ names and pop round there with all sorts of social engineering stories designed to make trouble/extract money/dig for further info/groom/be very creepy. Again, I’d suggest we do this for good reasons, and we know how to build machinery to keep this equilibrium in our society.

We may solve the problem through choosing carefully the format for release, the means by which it’s referenced, and even to whom it’s released. Yes, I know, those wretched privileged accessors again (just like the Police, DVLA, local authorities, credit agencies etc etc etc.) Always a subject to warm the temperature in open data discussions!

But I’m not arguing for wilful obfuscation of this data, merely putting forward some of the alternative perspectives to “everything, raw, now”. We do need this public debate, and we need to be reasonably confident that we’re getting a net societal benefit from whatever action we take.

Let’s tread carefully here–just because you can, doesn’t always mean you should.

[I'd be commenting on the Guardian article if I could, but it doesn't seem to have comments open, so I've written this in response.]

It happened a few months back.

Facebook (that hideous, grunt-cheering, dumb-arse cesspit of a privacy clusterfuck–but let me try and remain objective) started to put some rather strange suggestions for new “friends” up on the top right. People who weren’t unknown to me, exactly, but whose electronic link to me could only have been derived in one way.

From email addresses.

These were people who I may once, ever, have emailed. Or who had emailed me, maybe just the once.

And this latter angle got me worried.

Because I know I have never, ever pressed that “find my friends by pillaging my address book” button. Not in Facebook; not in any other service.

And anyway, some of those names weren’t in my address book anyway. But mine must have been in someone else’s… And I started to whiff a potentially horrible thing. However, this being Facebook, and Facebook being full of horrible things, I tucked it into a mental back drawer and let it go. That time.

Then, last week, I got another email invite to some new whizzy networking service. The invite came from someone I’ve got a lot of time for, so I figured there’d be no harm in signing up and having a quick look around.

The first thing I was greeted with on entering the new service was the message: “Ah – it looks like you already know Rich D—-; why don’t you connect to him on here?”

And that, dear reader, brought the whole sorry mess tumbling out of that back drawer in my head.

This service was entirely greenfield territory to me. I had shared absolutely nothing with it, other than my name and email address (by virtue of using it as the basis of my registration).

So the only way this matching could have occurred would be if Rich had clicked on the “Pillage Me!” button, and passed his entire address book to the new service, there to be held in limbo until such time as happy little matches like me popped up to trigger this unwelcome welcome.

I know I’ve agonised on this blog before about what makes personal data personal. About how uniqueness, utility and linkability all have a big bearing on just how “personal” a piece of data is (and how much we should therefore be bothered by its loss or misappropriation).

Just having one bit of data floating about would be concerning enough, but–and this is a big but: what if that address book pillaging also took not just the raw email address itself, but also the associated name (or indeed any other fields)?

Anon@freetibetbyforce.com may just be an address to a dead-drop online account, but if it’s ever been associated with a real name, manually entered, in someone’s address book…(you see where I’m going here?)…the consequences could be pretty horrendous. Obviously this is an extreme example–but it makes the point–third parties are sharing your email address and perhaps related personal data in vast quantities, without really realising they are doing so, with services that hold it…where? how securely? for how long? IN ORDER TO MATCH YOU UP ON SOME LAME SKILLS NETWORK SITE?

When companies first started this sort of indiscriminate hoarding and sharing of personal data, we created the Data Protection Act as a countermeasure. Clearly, it’s getting hopelessly out of date and was never designed for this sort of scenario.

But humour me, and assume we should still adhere to its principles.

That would mean that you, me, anyone with an address book, could (or should?) be required to register as a Data Controller–mindful of the fact that our own address books have powerful, valuable content and with one click we become complicit in a process that spreads it way beyond the bounds of any purpose we could sensibly be said to have consented to.

I think this is hugely important, as no matter how careful we are with our own information, we are entirely reliant on the caution of others not to compromise it.

It’s an interesting one. Exam question for the Information Commissioner’s Office then: how big does your address book have to be before you need to register it under the Data Protection Act?

Picture this.

You’re walking down the street one day and a strange figure blocks your path. They’re clad head-to-foot in a black sheet. They’ve got some strange sort of voice scrambler strapped to their mouth beneath, and you hear this grating mechanical voice emerging.

It’s low, sinister, and very, very unnerving. You’re told that you’re worthless, stupid, wrong, and that all manner of terrible tortures will now befall you. There are slurs on your gender, your age, your politics, your sexuality.

At first, you’re shocked. Terrified and horrified.

Then you take stock. This creature…this shambling figure who dare not show their face nor reveal their true voice. This creature, who you now see is wearing a little badly-spelled badge so that their “distinctive” ranting can be identified wherever they choose to spew it out.

And you’re there, unmasked, identifiably, proudly, you. And you think of the feedback you get–good and bad–from those who do show their faces, and who use names which you can check out at least roughly in twenty seconds on Google or Facebook.

And you also think of those who are generally helpful and positive to you, but go under a pseudonym that can’t be easily checked back to an identifiable person.

And you put these in order of importance in your head. And you look again at the grating, shrouded, cowardly figure, and you laugh. They’re at the bottom. Actually, they and their opinions are completely worthless. The out-and-proud are at the top. And the pseudonymous somewhere in the middle.

You begin to laugh at the creature. Not viciously, not gloatingly. Just in mild amusement that anyone, ever could think that this creature mattered. Others join you. A warm buzz of gentle ridicule washes over the creature. It slopes away.

And you walk on.

Now. That’s a twee little tale if ever there was one. A piece of blogger whimsy, and not a little patronising with it. Of course it is. (I hope to God it doesn’t come over as a piece of “mansplaining” by the way. Because it’s not aimed at any group or individual in particular.)

It’s an observation not on “how we stop anonymity”–if you read my stuff on identity on this blog you’ll understand that I don’t believe that’s possible. Instead it’s a sketch of what type of framing it might take to assign anonymous, negative comments such a low value that everyone–from direct recipient to disinterested observer–just goes “oh, yeah, right, ok, anonymous blah, where’s the valuable stuff?”

Idealistic. Yes. I know. And I’ve skirted around a few obvious issues, above.

That the shock and pain of these comments can be so blithely overcome, if at all. And yes, I’ve had some myself, and not done a very good job of prioritising them as unimportant. (By any stretch of the imagination.)

I’ve ignored the physical reality of intimidation–of attacks moving from the space at the bottom of the blog to a text on your phone or a knock at your door. I’m making some big assumptions that the machinery of our society’s protection of the individual, plus a diminishing urge on the part of trolls to convert their keyboard bile into further threats in riskier channels, combine to mean that actually personal safety isn’t endangered that much. But it is sometimes. I know that.

But the key message of this illustration is to suggest that it isn’t just the personal reframing of a recipient of anonymous hate speech that takes us nearer to a solution–if that worked, we’ve have all done it a long time ago.

It’s that we might find the answer in the growth of a collective recognition–in our society and culture–that there is a pecking order of importance, with anonymous, negative right at the very bottom.

It’s obvious that there’s an asymmetry involved: for hate speech to be a problem the original author has to be identifiable to some degree, and the troll almost without exception anonymous. It would be wonderful if that asymmetry also became the foundation of a recognised hierarchy of weight-given-to-commentary. (No fancy technical mechanics here in the giving of points or +1s–I mean a completely, socially-pervasive, understood hierarchy).

And that would extend not just to an author’s reaction to their troll, but to it becoming completely normal for other commentators to perform the online equivalent of shrugging, smiling slightly, and stepping around the shambling, cloaked, figure. No quick fix, of course: but a cultural goal to aim for.

With thanks to Julia Hobsbawm who wrote about this tonight for making me think more about an issue that’s been bubbling away in my head for a while now. I saw other angles on the debate earlier today too, asking how technology might save us from the curse of the troll: a framing of the question, in my view, that will be very unlikely to lead to fruitful answers.

I guess my one-line summary is: the only viable solutions will come from a focus on how we all react, and not on how we police boundaries. Please let’s not get tangled up with more futile attempts at gatekeeping.

No technology contracts bigger than £100m.

Bye-bye proprietary software monopolies–hello Open alternatives.

An avalanche of government data to generate new business opportunities and pump billions into the economy.

Fast broadband for (almost) all.

Agility, everywhere–no more risk-averse, unchangeable systems–instead, a commitment to diversity and experimentation.

Reskilling in-house tech teams, reducing dependence on external suppliers with vested interests.

And after years of false dawns, services actually joined up around–and designed for–their users.

There’s not a lot not to like, really. Is there?

Just before the election we heard a torrent of such promises. Watching the gathered geeks and entrepreneurs around me at the launch of the Conservative Technology Manifesto last March I could see tongues virtually hanging out. We weren’t just being offered the keys to the sweetshop–Francis Maude and Jeremy Hunt were pretty much proposing ripping its doors off.

How much of these sweeties have actually been delivered post-election is a story for another day (ah, the shackles of that Coalition Agreement, I’m sure…).

But over recent weeks and months we’ve seen glimpses of another what’s-not-to-like initiative. And now it’s been launched.

Midata.

[Ok, try this link. I was making a dodgy CMS point with the first one, that Google (and BIS site search!) gave me...]

So here comes the grumpy blogger to get all picky with what on the face of it is a risk-free, consumer-enriching move willingly volunteered by industry, facilitated by government, to make real people’s lives easier at no cost. (Coz there’s loads of those.)

Well, not so much of the picky, really–just an interest in shining a light into some of the corners of this debate. Because corners and angles there most certainly are.

The first thing to get to grips with is that there seem to be two big agendas wrapped up together here.

Both can be connected to the words “me” and “data”. But they seem to be quite different in their nature and purpose. That’s always a recipe for confusion if not properly unpacked. So let’s see what we have.

Agenda 1: better information for consumers

We have a consumer empowerment angle here, clearly. “Giving people back their data” is billed as putting the customer back in control when forming or reviewing a relationship with a vendor. For some services, especially things like utilities and telecomms, the case is very tangibly made.

We generate a lot of data in consuming the service. Understanding our consumption patterns in detail would help us when making future choices about service provider, as we’d be able to match the terms that were on offer with what we actually needed.

So far so good.

This also extends to things like preference data: as we go about buying things (and even just looking at them) we generate a cloud of information about our preferences, choices, needs and their timing. This has a value–how much, nobody really knows, though there are some florid estimates–to marketeers, and could drive better deals and more targeted, less intrusive advertising.

Agenda 2: proving your identity online

The moment we started to move transactions away from being with someone you knew personally in your village, we increased the complexity of how you prove things: who you are, can you pay, entitlement-by-residence and so on. Online, it’s pretty horrible, and attempts at building something that’s simultaneously secure and usable by normal people have foundered.

(There is more elsewhere on this blog about these issues–otherwise this post would be very long.)

Suffice to say that the current approach (which actually looks pretty promising) is that of “federated identity assurance”. Not trying to create one massive database of people information against which things can be checked, but to use information sourced from a number of existing trusted relationships, in combination, to give sufficient assurance of identity.

Which means that both these agendas are the same, doesn’t it? They both involve consumers getting their hands on personal data that’s previously been locked up in companies.

Well, actually, I don’t think it does.

Why not?

A definition of “personal data” is harder to pin down than might seem initially apparent [more here]. Lots of things that don’t look that personal by themselves (points on a map, equipment serial numbers etc.) take on a whole new power when linked to an individual.

There’s the obvious “personal facts” stuff, of course: name, address, account number etc. which usually (but not always) identify an individual.

Then there’s operational data, made much of by midata: what we’ve used, what we’re interested in, what service choices we made etc.

Releasing structured chunks of this latter type could well meet Agenda 1′s objectives. And there are design choices to be made here which will have a big impact on risk and privacy.

Would it be sufficient to get a log of mobile calls by time band and number type, for example, rather than a detailed list of numbers actually called, and precisely when they were made? The former could well be enough to allow a better contract to be found: the latter would be a potential privacy nightmare, not just for the caller, but also whom they called, if it were mislaid.

My point being that meeting a consumer empowerment agenda requires the “giving back” of information with certain characteristics–i.e. tailored to fit the way that consumer services are packaged.

But the giving back of information to help confirm an identity relationship–Agenda 2–seems to me to be a very different beast.

Because I thought the whole concept of using a number of different identity providers was that you asked them to pass confirmations of trust around–not the actual personal data itself? So one might ask a bank to confirm electronically that some submitted data matched a record that they held, but that’s not the same as handing the requestor (or indeed the individual) chunks of personal data.

So I fear that in an attempt “not to go into too much detail” we’ve got a conflation of two separate, interesting, important issues under the midata flag.

One can always argue that “it’s the principle that counts–we should establish that first, then let the clever people get on with the solutions”. Well, yes. Ok.

We did that with electronic patient records, with Post Office smartcards, with national identity cards and registers… At some point we do need a public airing of the underlying principles in a greater level of detail than the initial press release. And before a major delivery programme has been commissioned, I’d suggest.

Other than this “issue overlap” there are a few other points that strike me about midata. There is this underlying sentiment that consumers have a right to “their data”. But what is it that actually makes a particular piece of data “theirs”?

Information about usage is a hybrid of personal facts (e.g. who is the account holder?) and operational information as a consequence of service use. How far does it extend? Basic consumption patterns? Probably yes. Detailed, time-stamped records of every purchase and all parties involved? Hmm. Maybe. Serial numbers and last maintenance dates of the precise routers and masts that were used to deliver a phone call? Well, now you’re being silly, Paul.

Yes, I am, of course. But I’m trying to illustrate that the translation of this “right to data” into reality involves more than just signing a memorandum of understanding.

And then there’s the cost angle. Even if we assume that the addition of a simple bit of code will suddenly enable service providers to spit out raw chunks of data onto the Internet (aka the “it can’t be that hard to get their systems to…” fallacy argument) the midata announcement is already talking about a greater degree of sophistication: particularly the bit about “access, retrieve and store their data securely”. Who’s going to pay for that?

And do we have robust evidence that there is interest and demand for this type of data release, other than from the vociferous lobbyists with their eyes on constructing a wealth of new “personal data store” opportunities?

It’s great to see entrepreneurial spirit flourishing, but how much is this about solving real consumer problems, and how much about playing yet more variations on the “consumer as product” theme–you tell us about your interests, and we’ll give you better deals (but only as a share of what we’re really making by selling that information to other vendors).

The argument that better information increases customer choice, and therefore power, is of course another “what’s-not-to-like”. But if you take a step back, and look at the implied problem that “people don’t know which is the best deal as they’re all so complicated and people don’t really know what they use anyway…”

…would you put your energy into releasing chunks of data to help make a better match with a complicated tariff, or would you have another look at the issue of tariffs in general, and simplify them? Yes, both represent some form of intervention, and I can see the political attractiveness of the former, as (especially under a voluntary scheme like midata) it plays down the regulatory role in favour of cheerful vendors all quite happy to be a lot more transparent with their/your operational information. But one wonders just how sustainable this level of voluntary cooperation would actually be in the longer term in highly competitive markets…

That’s a bit like imagining a set of doors with fantastically complicated locks, and giving people the right to have equally complicated keys cut–rather than pushing for simpler locks in the first place.

So, a lot of questions remain. Conceptually, midata isn’t something that could or should be objected to. And this post is not written to criticise, but to suggest a few areas that need more detail and analysis.

When we see press releases that let fly with cool talk of data, empowerment and choice we should be getting a lot more eager to ask the next level of questions. What does this really mean? How will it work in practice? And what might some of the broader economic, competitive, social and privacy implications be?

Until we do, we’ll be dazzled by press releases and then a bit disappointed when delivery swings into action. And it’s usually too late by then to do much about it.

This isn’t really a blogpost. Just a tiny anecdote about the power of the information at our fingertips, and how, in less than a minute, it can delight and surprise.

I do try and look at photography other than my own from time to time. I spotted this lovely piece just now: street photos of New York from the middle of the last century.

The photo at the end of that particular link, Zito’s bakery, caught my attention for whatever reason. (I think it was the idea of a “Sanitary Bakery” actually shouting that particular branding at the world.)

As you do, I wondered if Zito was still in business today. (And is he still sanitary?) A quick flick over to Google Maps, popping in the address: 259 Bleecker Street, New York, NY.

And there it is.

View Larger Map

Immediately, perfectly, the streetview is located at the precise spot where that shop stands. The tiling around the cellar hatch is there; it looks like it’s been retiled, but it’s the same shop front, without a doubt. Now an Italian restaurant.

But hang on: scroll a little to the left (try it now on the embedded picture–it works) and you’ll see that 259 is the shop next door. 259 Unique Gifts & Souvenirs. Couldn’t be clearer.

So at some point, did Zito’s stop being 259, and the numbering get changed? Why?

A surprise, a delight, and a little mystery, all in a minute, all far away in Bleecker St, as viewed from this sofa deep beneath the West End of London. I like that.

(And now I have a Simon & Garfunkel earworm, of course.)

The factual bits:

A charity announces its forthcoming annual balloon release.

A campaigner highlights the environmental consequences of balloon releases, and posts his objections–backed up with references–on the Facebook page of the charity.

The references look to have a sound scientific foundation.

The campaigner uses a civil and unemotive tone.

The charity supports those bereaved through the loss of a child.

The supporters of the charity express outrage and condemnation towards the campaigner, and some quickly adopt an abusive stance.

Accusations are flung around on Twitter, Facebook, publicly and privately. It all gets rather nasty.

And what to make of these facts?

Should the campaigner have done it?

This is a pretty good case of “someone is wrong on the Internet” (and indeed, in the environment). But is it all one-sided?

Clearly both sides in the dispute see the other as having crossed over important boundaries.

The charity (and its supporters) are guilty of environmental vandalism, according to the scientific evidence. But they are not interested in scientific evidence. This is their tribute ritual, and the emotions surrounding it are so high as to seemingly overshadow any attempt at rational engagement. That’s “wrong”. [Clarification: the environmental damage is "wrong". Emotions are emotions. Can't really call them right or wrong. Sentence structure could have been better there.]

The campaigner believes that his cause–the potential damage to wildlife and the ecosystem in general–justifies raising awareness in the way he has. But does that make his actions entirely “right”?

I found this case particularly interesting for two reasons: the suspension of rationality, self-justified by those doing it because of the very real grief and suffering they are experiencing, but also by what it tells us about the nature of online engagement spaces.

And ultimately, was the intervention effective? Did it “raise awareness”?

Might it stop this charity doing the same thing next year?

Probably not.

Might it have an impact on those involved in less sensitive matters who might have thought about releasing balloons at some point?

Very possibly.

And does that positive effect in other places justify what was undoubtedly a painful experience in this forum?

I suspect that the campaigner, who I know personally to be highly altruistic in general, acted with a wish to help, not harm. But I wonder if he misjudged to some extent the nature of the space in which he engaged?

That Facebook page might have been billed as the discussion forum for the charity–a place in which, for any generic organisation, one might reasonably expect to conduct debate about the organisation’s aims and objectives.

But in this case, the space clearly has a different purpose. A place of mourning, of solidarity, of remembrance.

The campaigner caused distress in there. It has to be a matter of judgement as to whether the wider awareness of this environmental hazard justifies that. On balance, I think it might have been possible to raise the issue, and create a dialogue with the organisers, in a space other than the “holy ground” of this particular community–perhaps on an environmental blog, or the campaigner’s own online estate. It might not have been as effective in spreading the message, of course.

But it’s very difficult to know. Judging the mood and purpose of an online space, separating its form from its function, is hard indeed. Just because something looks like a discussion forum doesn’t always mean that it actually has that characteristic.

What do you think?