10. January 2013 12:28
As we approach the 3rd Plenary meeting in Phoenix next month, the IDESG is experiencing a lot of activity. A number of active committees produce thousands of emails and draft work products each week. The sheer volume of the information and work is utterly overwhelming. But as the saying goes, activity doesn’t always mean progress.
The IDESG is slowly, painfully, exiting the formation phase and entering the committee phase. During this phase, the committee curmudgeons begin to nest, and the amateur parliamentarians set up shop. It seems that process often swallows substance, and the whole IDESG morass seems as organized as an ant colony without a queen.
Do not be alarmed; yet. Understanding some fundamentals of how consensus organizations operate will help move quickly from process to substance. Among these fundamentals are:
- There is no such thing as “innovation by committee,” so we shouldn’t be dismayed when we don’t see rapid progress and thought leadership from large groups.
- For every internal action, there is an equal (and often opposite) internal reaction. Put another way, the total velocity of a committee approaches zero, as the size of the committee increases.
- For every external stimulus, there is a flurry of productive activity. The best way to spur a committee to action is by introducing an outside stimulus, and letting the committee react. In other collaborative environments, such as Wikipedia, this phenomenon has been called the “Piranha Effect.” It’s a bloody but efficient process. The Piranha Effect recognizes that it’s easier to edit than compose from a blank page.
Given these fundamentals, I make two proposals to focus the IDESG’s energies: 1. Make the Pilot Programs Transparent; and 2. Create a “Market Models” Initiative.
Pilot Program Transparency
This suggestion is directed at the NSTIC NPO. I do not believe that anyone is trying to make the existing pilot programs less transparent, and I recognize that the committee-driven IDESG cannot be allowed to slow down the pilots. But if the NPO wants to pick a single activity that will spur the IDESG into productive, focused (but perhaps bloody) activity, it is to make the ongoing activities of each pilot program more open and transparent.
Making the pilot programs more transparent will spur action, engagement, and valuable feedback– the Piranha Effect. Each pilot will give the plenary a snapshot of what an aspect of the Identity Ecosystem really looks like. Some will like what they see. Some will be horrified. Everyone will engage.
I recognize that increasing transparency will take extra energy and may incur additional cost. But if the NPO’s goal is to improve IDESG productivity, this investment has the highest ROI.
Market Models Initative
This suggestion is for the IDESG Plenary. Several IDESG committees are trying to articulate a vision of the Identity Ecosystem—one focusing on legal liability, another focusing on visualizations of an identity ecosystem, and others focusing on use cases. But none focus on business and market models.
Existing committees try to prepare for the future by looking backward at existing Identity Ecosystem business models. Unfortunately, many of the existing business models do not support all of NSTIC’s guiding principles. While several emerging ecosystem business and market models are evolving rapidly, it is unclear which, if any, will also support all of the NSTIC guiding principles.
Developing market models that will support all of the NSTIC guiding principles (including privacy) must be the Plenary’s top priority. I am loath to recommend another working group or committee, but one thing is clear: We need a group comprised primarily of economists and business executives (not lawyers, advocates, or experts in other fields) to define, explore, analyze, refine, and articulate existing and emerging business/market model types. The goal of this group will be to identify market models that will support an NSTIC-compliant Identity Ecosystem. Such an initiative would fill several IDESG needs:
- Engage everyone to solve real-world, bottom-line problems that business leaders understand.
- Articulate and educate the Plenary and public about what a real ecosystem will actually look like from a business perspective, and how everyone will make money while supporting the NSTIC guiding principles.
- Make business cases that will spur investment into ecosystem development.
- Propose business models that will align economic incentives with all of the NSTIC guiding principles, including Privacy.
- Give the Plenary some short-term deliverables to sink their teeth into.
The Initiative might be a paid short-term effort by outside professionals, or even members of the IDESG, if there are truly economists in our midst. The deliverables should be short-term, and the initiative should not be permanent. The last thing I want is a Market Models Initiative to become another permanent committee where committee curmudgeons can make their nests.
Updates: Please read the very productive email thread that ensued after this blog was posted.
4. January 2013 13:46
For Immediate Release
Media Contact: Aaron Titus
Steubenville, OH—A hacker by the name @Anon_Acid claims to have hacked into the systems of Jefferson County, OH, which includes the City of Steubenville, OH in protest to an alleged rape of a 16-year-old West Virginia girl. The hacker released what appears to be 49,870 voter records for Steubenville, OH residents. They include 12,616 registered Democrats, 8,440 registered Republicans, 10 Libertarians, 8 registered with other parties, and 28,796 independents. Identity Finder has analyzed the information which appears to contain:
- Full Names
- Physical and Mailing Addresses
- Political Party Affiliations
- Birth Years (Average is 1961)
- Voter ID Numbers
- School District
- Voting Precincts
- Voting Records From March 2000 to November 2012
- Zero Email addresses
- Zero Social Security Numbers
“This appears to be a legitimate breach,” says Aaron Titus, Chief Privacy Officer at Identity Finder. “We don’t know exactly how the hacker accessed this information, but the breach appears to originate from a municipal database, probably the voter record database. If legitimate, the leak could have occured through a city website, a city employee, or some other way. City Officials should investigate this breach seriously.”
Although citizens of Steubenville are not at high risk of identity theft from this breach, residents should contact the city if they believe their physical address is non-public for safety reasons.
In a release on the website pastebin.com, the hacker targets 13 individuals by name in the rape scandal. At least four of the names identified by the hacker appear in the leaked data set, and it seems likely that personal information for family members of others targeted by the hacker were included in the leak.
Identity Finder’s data discovery and protection software provides companies the ability to prevent data leakage and find sensitive information. They have quickly grown to become a leader in identity protection and Data Loss Prevention (DLP) by helping millions of consumers, small businesses, and enterprises across the world. You may download the free version of Identity Finder DLP Software here: http://identityfinder.com/free