Today I had an unfortunate experience with EBAY, where I regularly purchase a lot of items for myself as well as others, including everything from coats and clothing, to bags, shoes, shampoo, vintage items, kitchen items, gifts, etc. Actually, this particular experience has been going on for two weeks.

Essentially, a seller, Kathy Don, listed an item, pictured below, as a Size LARGE. She described the coat in the title and the body of the listing as a Size LARGE, and the listing photos show the coat as belted. The seller also points out that the coat doesn't have buttons. So, the only way to close the coat, is with the belt, as photographed.

And let's be honest: people who see a belted coat, knowing that it closes the coat per the listing photos, probably want to close the coat, with that belt. Afterall, coats are purchased for the winter -- to manage cold. A coat that won't close doesn't make much sense.

The problem is, this coat is a Size LARGE, but the BELT is, curiously, a size SMALL.

And therefore, the belt won't actually tie around the coat, when on a LARGE human. The eBay listing photo you see is a mannequin, likely a Size SMALL, and on a small body, the belt will tie.

I asked the seller, Kathy Don, to take it back, as the belted coat was misdescribed, between the photo and the "Size LARGE" listing title and description. She would not, claiming that she already sent the money to someone, that she has cancer, but I could resell it.

Does any of that matter if she misrepresented the coat?

If I relist the coat at eBay as Size LARGE, when the belt won't tie on a Size LARGE person, I too would be committing a "not as described" problem. Or fraud. Because the item doesn't match the listing: consisting of the Title, Photos, plus Description.

So I asked eBay to mediate. EBay came back and said that since I didn't ASK the seller if the belt was Sized LARGE, I'm at fault.

REALLY?

Looking at "http://pages.ebay.com/help/policies/selling-practices.html">eBay's site on requirements for sellers:

"You're required to:
Provide complete and accurate details.
Specify the condition of the item.
Describe any defects or flaws—this helps avoid problems or buyer dissatisfaction."

Well.. I would say the seller did not accurately describe the item, when they claimed the coat was a LARGE and that it belted. The belt doesn't work because it's a size SMALL. The seller in this case, did not provide complete and accurate details, nor did they specify the condition was that the LARGE coat would not close with the SMALL belt, nor did they describe the fact that the belt was defective, in size SMALL, for a LARGE sized person.

I asked various eBay Reps (they passed me around a lot.. and disconnected the call 3 times saying they would call back if they lost me, but they never did call back) if photos are part of the listing and they said yes, however the one I talked to this morning doesn't think the seller should be held to the photo that shows a belted coat, if the belt isn't mentioned in the words. In fact, the woman at eBay I spoke with this morning said that since the belt isn't mentioned at all in the description, the belt is therefore NOT PART of the listing.

REALLY? I see a belt in the photos. So I asked the eBay rep: So the photos aren't part of what a buyer should consider and count on to buy on eBay? Buyers should ignore photos? She refused to answer.

Apparently asking that items actually look and work as shown in the photos on eBay is asking too much.

But you get the point. Buyers can no longer rely on photos as part of the eBay listing contract.

According to eBay, I HAVE to ASK a seller if parts of the Size LARGE coat are actually not sized LARGE.

Essentially, this represents a HUGE change at eBay, where they are willing to let sellers misrepresent an item, in this case, listing a WHOLE COAT as Size LARGE, when in fact the coat comes with a Size SMALL belt that WILL NOT CLOSE.

Who buys a coat for winter that WON'T CLOSE? Because the belt is misrepresented?

Apparently eBay thinks I'm at fault for not asking: ARE *ALL* PARTS OF THE SIZED LARGE COAT *ACTUALLY* SIZED LARGE?

Apparently, a photo of a belted coat, along with a title and description claiming SIZE LARGE, isn't enough. Apparently, I needed to ask the seller, ARE YOU SURE THE *WHOLE* COAT IS A SIZE LARGE?

So now, I'm facing small claims court with Ebay and Paypay, who received the funds they later paid to the seller.

The lesson for you is, DON'T ASSUME eBay will uphold a listing with words and photos combined.
Don't BUY anything at eBay that doesn't say "no returns accepted" because eBay won't back up buyers who are sold something that is not what the photos and words describe.

EBay has abandoned buyers to unscrupulous sellers like Kathy Don of Boca Raton, Florida who described and photographed a belted-coat, as a size LARGE but in fact it wasn't possible to belt the coat or close it, since the belt was a size SMALL. It's okay if the seller, and eBay disregard the photos and provide whatever they feel like in the way of the item purchased.

Consider yourself warned. I certainly will warn the hundreds of people over the years that i've shown how to use eBay, set up with accounts as buyers, to let them know that buying on eBay is no longer safe for them. It's too dangerous and I no longer recommend doing it.

Below is a diagram showing the non-profit organizations (note: no for-profits, conferences or governmental orgs were included) that are stewarding pieces of the Personal Data Ecosystem. I wanted to show how the orgs are relating to the problem of how to remake our digital lives, through more user-driven personal data, for more equal transactions throughout our lives with companies, the online world, and our government.

The orgs have been divided into four areas: technical, market, policy and individual advocates. While all the orgs have an interest and are doing some thinking in all the areas, these divisions show the foundational mission of the orgs. If each org, through its foundation mission, succeeded, they would be heros for sure. The problem is, mission creep. This is a problem for startups as well, where companies don't focus and get their piece right to succeed, but rather think competitively and try to take too many pieces of the market, leading to failure. So too will the large number of problems, plus mission creep, cause any of these orgs to fail at their mission.

Ideally, we'll see all the orgs working together in inter-disciplinary and multi-disciplinary ways, relating each of their solutions to the others, but keeping focused and executing their piece of this vast and Byzantine puzzle to solve the Personal Data Ecosystem. In creating this "org chart" I talked with folks like Kevin Marks of Microformats and Activity Streams, Harry Halpin of the Federated Social Web, Scott David, Don Thibeau of OIX and OpenID, Drummond Reed (who has worked with OASIS extensively), Doc Searls of VRM, Craig Burton, Steve Rappetti and Phil Wolff of Data Portability project, Dazza Greenwood of ID Cubed, Judi Clark and Joe Andrieu of Information Sharing Working Group, among others.

So here is a picture of who is doing what in the Personal Data space:

Below is more information on these organizations.

Individual Solutions

Customer Commons -- recently formed by Doc and Joyce Searls, Renee Lloyd, Joe Andrieu, Dean Landsman, Markus Sabadello, Judi Clark, Iain Henderson, Craig Burton, and me, as well as a few others in the room that, I apologize, I'm forgetting. Customer Commons' mission is: a community of customers, funded only by customers, serving the interests and aspirations of customers.

Market Solutions

Personal Data Ecosystem Consortium -- is a trade association for startups and big companies that agree to a set of principles for user-driven personal data. 19 companies (currently) have joined, and PDEC's mission is to support market solutions to the personal data question. Kaliya Hamlin is Executive Director and I am Chair of the Board.

PDEC also has just formed a Legal Town Hall, a monthly call starting January 11, 2012, to be led by Judi Clark, to talk about what kind of policies are needed when individuals share their data.

World Economic Forum -- WEF has been working with lots of early thinkers in the Personal Data space for the past 18 months to "rethink personal data." They put out a report: Personal Data: a New Asset Class last February and continue to have monthly calls to prepare for a presentation of the working groups' efforts at Davos in January.

Project VRM -- Vendor Relationships Management, the brainchild of Doc Searls created during his fellowship at the Berkman Center, is a discussion group with a very active maillist, a movement for user-driven relationships with entities, and a steward of developers coding to bear out the group's vision.

Policy Solutions

OIX: Open Identity Exchange -- Don Thibeau is Chair of their Board, and Scott David is their counsel. OIX's mission is to build trust in the exchange of identity credentials online. They do this through the open, standardization of Trust Frameworks. They don't make trust frameworks, but rather their mission is to be the home of other's trust frameworks for the sharing of personal data, login credentials, and other types of private or controlled information. For example, the company Drummond Reed co-founded, Respect Trust Framework at OIX, who publishes it for others to point to as a public declaration of the trust framework. And, the U.S. FICAM Trust Framework was the first open identity trust framework to be listed by OIX

Information Sharing Working Group -- From the ISWG: The ISWG works with the Kantara Initiative, Identity Commons, Project VRM, the Personal Data Ecosystem Consortium, and Customer Commons. Run by co-chairs, Joe Andrieu and Iain Henderson and secretary Judi Clark, ISWG's formal mission is "to identify and document the use cases and scenarios that illustrate the various sub-sets of user driven information, the benefits therein, and specify the policy and technology enablers that should be put in place to enable this information to flow."

The Information Sharing Work Group helps individuals take control of the information we share online. The Standard Information Sharing Agreement is a contract for the use of your information, agreed to BEFORE you share it. It has two parts. A basic agreement covers all the default terms, things like “don’t redistribute my information without my permission”, which all recipients agree to. Then, for each individual instance of sharing, a data transaction agreement with just the bare essentials: who gets what data for what purpose. By moving all the complicated legalese into the basic agreement, we’ve dramatically simplified each specific transaction agreement.

Now, when you want to know what’s happening with your data, it’s presented simply and concisely in easy-to-understand terms… while the basic agreement defines how recipients must treat your data appropriately. The Sharing Agreement is designed to make it easy to understand and make informed decisions about sharing information online.

ID Cubed (ID3) -- a newly formed research and developement group affiliated with MIT and led by John Clippinger, Executive Director and CEO, (who started the Law Lab at Berkman/Harvard a couple of years ago and the Social Physics project a couple of years before that, also at Berkman) and Henrik Sandell, COO and CTO of ID3. ID3's mission is to "oversee the development of a multi-disciplinary center founded to research the role of law in facilitating cooperation and entrepreneurial innovation." Their major focus based upon the website seems to be Trust Framework development. Dazza Greenwood is also involved, as is Mike Schwartz of Gluu is doing some technical work for them.

Technical Solutions

Data Portability Project -- "Aims to consult, design, educate and advocate interoperable data portability to users, developers and vendors." They don't make standards but they help steward them to support more data portability, including protocols like OpenID, OAuth, RSS, Microformats and RDF among others. Steve Repetti is their Chair and Phil Wolff is very active as a public speaker for them. Here is some additional information about their mission.

Federated Social Web -- has recently become a working group of W3C, and is stewarded by many including Evan Prodromou and Harry Halpin. FSW is stewarding work on federated social web software and protocols, including things like PubSubHubBub, OpenID, Activity Streams, OAuth, among many protocols.

Activity Streams -- developed a protocol for how user's share personal data, using both JSON and Atom based streams of metadata. Monica Wilkinson and Kevin Marks actively steward the project. Activity Streams works on the Microformats model, proposing standards around activities already heaving in used online.

Microformats -- Microformats have been created for many pieces of data shared, such as hcard or hcalendar. Stewards of this project include Tantek Celik and Kevin Marks.

OpenID -- Created protocol for a federated login with OpenID 2.0 spec. OpenID Foundation is currently working with Microsoft, Google and Facebook on OpenID Connect, as well as on Account Chooser, an open standard for web sign-in ease switching between multiple accounts on a website. OpenID Foundation's chair is Don Thibeau.

ID Trust, OASIS -- from their website: "...promotes greater understanding and adoption of standards-based identity and trusted infrastructure technologies, policies, and practices. The group provides a neutral setting where government agencies, companies, research institutes, and individuals work together to advance the use of trusted infrastructures, including the Public Key Infrastructure (PKI)."

XDI.org -- responsible for the XRI / XDI standard, currently for pointing to data and creating link contracts. From their website: "XDI.ORG is an international non-profit public trust organization governing open public XRI and XDI infrastructure. XRI (Extensible Resource Identifier) and XDI (XRI Data Interchange) are open standards for digital identity addressing and trusted data sharing developed at OASIS, the leading XML e-business standards body. XRI and XDI infrastructure enables individuals and organizations to establish persistent, privacy-protected Internet identities and form long-term, trusted peer-to-peer data sharing relationships." Drummond Reed co-chaired the group with well, Gabe Wachob, of the XRI TC at OASIS and Andy Dale, Markus Sabadello, Mike Schwartz we involved in developing the standard.

W3C -- Umbrella standards body stewarding a number of standards for personal data use and control including the Do Not Track proposal. The Federated Social Web, and all their combined efforts including Activity Streams, recently landed at W3C.

ITU (International Telecommunications Unit) -- making infocommunications standards since 1865. Yes.. that's really 1865.

User Managed Access (UMA), a Kantara working group -- develops specs to allow individuals to "control the authorization of data sharing and service access made between online services on the individual's behalf, and to facilitate interoperable implementations of the specs." UMA group chair is Eve Maler.

The Direct Project -- From their website: "The Direct Project specifies a simple, secure, scalable, standards-based way for participants to send authenticated, encrypted health information directly to known, trusted recipients over the Internet."

IETF (Internet Engineering Task Force) -- Working on a number of standards around identity and data portability.

Claims Agent Working Group -- is working on development of standards-based, interoperable, verified claims agent implementations. Is at IDCommons and was originally proposed by Paul Trevithick, though many people are part of the group.

Open Web Foundation -- is "independent non-profit dedicated to the development and protection of open, non-proprietary specifications for web technologies" and uses an open source model similar to the Apache Foundation. Their leadership includes Tantek Celik, Chris Messina & David Recordon.

Update: I've added the following item to technical:

SWIFT -- a non-profit based in Brussels that provides messaging standards around banking wires, is proposing a new infrastructure layer called the "Digital Asset Grid." The DAG would provide the metadata for all data transactions (including personal data), not just money wires, as well as a hardened, full duplex transaction layer for security, flexible identity and certified data. (Full disclosure, I'm on the team that proposed the Digital Asset Grid to SWIFT).

If you have more information about these groups, people involved, or corrections, please leave them in the comments and I'll update the post. Thanks!

Personal Data Ecosystem Consortium, or PDEC, is an org I've been involved with for a year. I'm chairing the Board. We just sent out a Year in Review recap of our activities for 2011, Part I (first half of the year).

My involvement in PDEC included (these are quotes from our newsletter -- to read the whole newsletter see our PDEC post here our link):

NSTIC (National Strategy on Trusted Identities in Cyberspace) National Program Office Announcement
January 7th, 2011 -- Stanford, Palo Alto, CA
Mary Hodder and Kaliya Hamlin attended the NSTIC National Program Office Announcement at Standford University. Commerce Secretary Gary Locke and   Commerce Secretary Gary Locke and  White House Cybersecurity Coordinator Howard Schmidt both spoke. 

Department of Commerce Green Paper Response Due
January 28, 2011
Kaliya Hamlin and Mary Hodder submitted the PDEC Green Paper response to the DOC and the National Telecommuncations and Information Administration (NIST) on the DOC proposals around identity and personal data, and the Do Not Track proposal by the FTC.
Read it here at the DOC site.

Strata, Data Camp
February 1, 2011 -- Santa Clara
Mary Hodder led a session at Data Camp, Strata for developers on the Personal Data Ecosystem.

Conversational Commerce Conference (C3)
February 2-3, 2011 -- San Francisco
Mary Hodder spoke at the C3 Event, on a panel with Michael Becker, Dean Landesman, Prakash Kondepudi (of Intellius) and Julian Gay (Orange) on CRM, VRM and Personal Data. Kaliya Hamiln also attended.

FTC Do Not Track Event
February 9, 2011 -- Berkeley, CA
Mary Hodder attended the FTC all day meeting on Do Not Track.
I asked the only audience question of the day, about models other than DNT and business as usual: whether a Personal Data Ecosystem would create a market solution to solve user discontent with the current state of online tracking and user data.

Applied Brilliance Salon
February 17, 2011 -- San Francisco
I attended the salon, regarding Personal Data topics, hosted by Jerry Michalski. I asked the first audience question about a Personal Data Ecosystem solution.

Federal Trade Commission Paper Response Due
February 18, 2011
Mary Hodder submitted the PDEC response to the FTC on Do Not Track proposal.
Read it here at the FTC site.

Tracking Do Not Track panel, Morris + King
April 26, 2011 -- NYC
Mary Hodder spoke on a panel with Brian Morrisey of Digiday, David Norris of Blue Cava, Dan Jaffe of the National Association of Advertisers and Helen Nissenbaum of NYU.
Read more about the panel here at PDEC.

W3C Privacy and Tracking
April 28-29, 2011 -- Princeton, NJ
Mary Hodder attended the W3C event about privacy and tracking. Mostly the event focused on Do Not Track as the only solution, but I tried to ask as many questions as possible to open up thinking about a possible Personal Data Ecosystem approach.

12th Internet Identity Workshop including Yukon Day
May 3-5, 2011 -- Mountain View, CA
PDEC led a number of sessions on Personal Data as well as participate in other sessions on Trust Frameworks (presented by Drummond Reed and Scott David) and VRM (by Doc Searls).
Mary Hodder and Kaliya Hamlin held a session on the Personal Data Ecosystem Consortium.
Kaliya Hamlin hosted Personal Data Stores Lockers Vaults
Mary Hodder led a session on The State of Personal Data today.
Mary Hodder and Heather Schlegel led two sessions on What Part is Identity and What Part is Personal Data?

W3C Identity in the Browser Workshop
May 24th -- Mountain View, CA
Mary Hodder presented the Personal Data Ecosystem philosophy. More can be found about the workshop here.

Quantified Self
May 28, 2011 -- Mountain View, CA
Mary Hodder attended QS and led a session on Developing Health / QS Apps in a Personal Data Ecosystem model. Read more about it here in my post on the event.

Next Monday we'll be sending out Part II of this.. recapping our activities this fall.

Brad McCarty of The Next Web thinks the IMDb: Age-publishing lawsuit is “a frivolous abuse” and should be dropped.

Reading his piece, I can see that on first glance, it sounds silly. An actress anonymously sues the Amazon-owned IMDB folks because they won't remove her birthdate, claiming that it will adversely affect her career. And now, IMBD has asked the judge to only allow the lawsuit to move forward if her name is made public:

"Truth and justice are philosophical pillars of this Court. The perpetuation of fraud, even for an actor's career, is inconsistent with these principals. Plaintiff's attempt to manipulate the federal court system so she can censor iMDb's display of her birth date and pretend to the world that she is not 40 years old is selfish, contrary to the public interest and a frivolous abuse of this Court's resources."

But this argument between IMDB and the actress points to a much bigger issue, and it's not the one about IMDB making its living trading on other's data, whether from Hollywood or the users who add to the IMDB system for free, which I would understand is a fairly selfish undertaking by IMDB.

Why should IMDB be able to operate "selfishly" by publishing people's personal data, outside their discretion, and the actress in question not be able to "selfishly" make a living by trading in her looks for salary? I would say IMDB is pretty hypocritical here. And do they really think the Judge, the public, or the Hollywood set they make money from, are that stupid that we wouldn't understand that IMDB is selfish too?

I understand from reading the Hollywood Reporter article that the IMDB believes she may be the same actress that years ago tried to change her birthday, submitted by a previous agent to IMDB. Since IMDB believes this is an issue of fraud (they have no proof), they now want the identity of the actress made public. But since the old information isn't part of the case, does it really matter? Yes, I get that actresses have lied about their ages for a long time, but is it really "in the public interest" to out this woman? It's definitely in her economic interest not to out her, so i just think Amazon-IMDB are being nasty and frankly it seems frivolous of them to try to out her.

But this is really beside the point.

The Larger Issue

I believe people should be able to choose what personal information is shown about them on websites.. especially data that isn't or wasn't before the past 10 years, public. It's easy to dismiss this as vanity or frivolous.. but as more and more personal data is out there, and as people lose control of it.. it points to a much larger issue: how do individuals control information about them that doesn't really need to be public?

I can see that by having her age obscured, the people who hire her would just think of her age based upon appearance.. which is actually for an actress or actor, probably a good measure. Giving the specific age will plant that in producer's and public's heads. So I can see her point.

Rather than get into a discussion of harms and "how bad is it" about one or another data breaches, I think the real question is:

What kind of society do we want to have, where everyone's data is public and out of their control? What does it do to us, to devolve into a totalitarian model where everyone is afraid because frankly, everyone has something to hide? Or maybe their friends do.

Right now, life and health insurance companies are telling the press and their investors that they are screening people in Facebook. And it's not just you under scrutiny. It's your friends. This was covered extensively in the Wall Street Journal "what they know" series a year ago. There are also finance companies that are telling users to "unfriend" anyone they are connected to in Facebook with bad credit... because when you are reviewed, friends with bad credit will reflect on you.

This issue of personal data and control is much larger than an actress and her age being displayed without her consent.

It's about how we allow others to show information about us, verses having control of it ourselves. I think for a civil and democratic society to work, we can't leave that up to companies with no oversight and a big profit motive, but instead need to think about giving the individual ultimate control over certain types of personal data.

So while the actress may be vain, may be trying to gloss over her age, or may just be reflecting the economic realities of her profession, which i do think are real, and we may poo-poo this as silly, this lawsuit reflects the much greater tension about personal data and control and actually could be a really interesting test case, given that we don't have much privacy law in the US.

I just read Sheryl Sandberg's profile by Ken Auletta in the New Yorker (A Woman's Place: Can Sheryl Sandberg upend Silicon Valley's male-dominated culture?).. and some months ago watched Sheryl Sandberg's video on women and success from TedWomen. (For more background, she was also covered recently in Bloomberg or watch her Barnard commencement speech .)

In all these talks, Sheryl notes that women are dropping out of tech and business leadership tracks.

She makes some good points, but only iteratively adds to what we've already talked about for the last 8 years about women in tech.

A little history

About 6 years ago, I came up with a list of things, along with a couple of other women, that we could do to encourage women:
* help women get speaker training
* encourage and submit women to speak at events
* help women pitch their companies to funders and get into the entrepreneurial ring
* help women get mentorship and family support they need to stay on leadership tracks
* help women get into science and technology tracks in school and keep them in those tracks in the working world
* get more women in the room to change the tone of whatever is happening
* when you hire, think about how women will read the ad: kick ass engineer will likely not get women applying
* when you hire, remember the women undersell and the men oversell, and if you even them out they are similarly prepared for the job

... and more recently, riffing on the last two, and I wrote a post last year in response to Clay Shirky's post on how his male students were much more aggressive about asking for help and in pursuing jobs that his female students, where I noted that in tech, often our filter for who gets noticed and appreciated is aggression. In other words, students of both genders need to be aggressive, but if our filters only notice the super-agressive, then we miss out on a lot of qualified people, especially women.

One of the key points Sheryl Sandberg makes is that women need to lean forward. I have seen women lean back even when we have explicitly made space for them. I can highlight one example out of the many I have seen in the 8 years I have been proactively working on this:

In service to the list above, a group of women and I pushed for speaker training by having Lura Dolas who is a premiere executive speaker trainer come to She's Geeky as well as for training for geek speakers at Citizen Space one saturday (coordinated at the time by Tara Hunt). But you know what? We held signups open for women, for a couple of weeks. Few women signed up even though we did lots of personal invites, and eventually opened it to men. All the rest of the spots were gone in a flash. So I get what Sheryl Sandberg is saying: she suggests that encouraging women to "lean forward" would work. I've been trying to get women in tech to do that, with a little different terminology, for 8 years.

I, as well as many others, have emailed (for years) various conference organizers from Mike Arrington to Tim O'Reilly suggesting highly-accomplished women for their speaker line-ups (with links to bio pages from the Speaker's Wiki as well as topic sorts of the many women listed by tags). Mike Arrington is right when he says the very few women at the top of tech are barraged by requests to speak and often turn down event requests. But there are other women who are very well qualified to speak, however the criteria for who is eligible is often heavily in favor of typically male tech behaviors: rabid self-promotion, the ability to speak very early on a new topic or meme, regardless of what they know, and brashness.

Women often eschew these qualities or don't know how to navigate them because they run so counter to women's social norms. So that, mixed with women's usualy less overall interest in having a big "title," which many conferences like to promote in association wifth the event (look: we've got 80 C-level speakers.. come pay several thousand to attend our event !) make women less attractive to conference organizers. Though I would argue that at most events I attend, women speakers share far more data and opinion than the men, and are often much more interesting speakers compared to the men who often hold their proverbial cards to their chests and don't share as much interesting stuff. So to me, the practical reality is that as far as speakers go, women are the brash risk-takers on stage. I often seek women out to get info the guys won't share.

Sheryl Sandberg suggests three ways we can push women in tech and leadership roles:
* keep women "leaning forward" (participating actively) in business, leadership and tech
* stay in the game (ie when they have kids, don't drop out) with a spouse who does as much housework as you do
* think bigger and take more risks

Those three are great additions to the set of things we can all recommend women do. But to me, these lists: our 8 plus Sheryl's 3 (two of hers overlap so it's really about 9 ways to get women more into leadership roles), not to mention complaining about the lack of women speakers at conferences or the lack of women on board's of directors, or lamenting the dearth of women in engineering or getting women to pitch a company, as Women 2.0 tries to support in their annual contest, doesn't get us what we need or want. Which is a healthier ecosystem between men and women in tech and business so that women can more naturally be themselves, contribute, and inhabit leadership roles and overall, products are better.

In fact, over the past three or four years, I'd mostly given up talking publicly about the dearth of women in tech and business. The problem isn't getting solved, despite things like the Speaker's Wiki created so that non-typical speakers could list themselves. For me, the value of that wiki listing is in being able to email a few biographies to conference organizers, which I do often privately. It's a much more positive step than complaining about the lack of women speakers, which I'm so tired of.... But overall, the topic has felt like a waste of time because men in tech look down on women for discussing it, and it doesn't feel like anything ever changes.

Frankly I could see Sheryl getting burned out on discussing the topic (from lack of results) the way so many of us have over the past decade. I give her about 2-3 years to get frustrated and move on to other things, at least as far as speaking out in the New Yorker and at Ted and college commencements and other forums. The topic gets old and you want to be constructive.. so you start thinking about other things you care about that get more traction. It's not that you don't care about women in business and tech leadership roles, but maybe the other things I've done for years like holding personal dinner parties for women business leaders, or the women in tech weekends south of Santa Cruz at the beach, are just more effective at creating connections and support between and for women in tech and business. And they don't have the downside you get when you keep bringing the issue up publicly.

What's new on this topic?

Recently, I've been rethinking: why are we still here in the same place with women in tech? Why is it that our old list of 8 or Sheryl's new list of 3 ways to push women up the leadership and tech ladders may help a little, for the tremendous effort they take, but they don't really effect the overall problem?

What is the deeper problem set here? Why talk about it again? Well, it started for me with a surprising conversation.

I chatted a few weeks ago with a friend who is a man in finance, business and banking (but no tech at all), about the problems women encounter in tech and business generally. I told him I felt often men have been socialized to be on "teams" where there is a team spirit, where they don't look to the coach to discipline someone. Instead, they do it through peer pressure, and they also don't criticize team members unless they violate a big rule that everyone knows.

How does this work in tech? I explained to my friend that often a group of guys will huddle at a conference or some event, and they are playing with their laptops and mobile devices, listening to (mainly male) presenters in sessions, and then back at the group email check and hallway conversations. The guys joke around and mostly none of them looks too closely at what anyone else is doing with their company or their products or pitches. They all joke and get along. There are some guys who do look more closely at products and companies, but you almost never hear them share their real views or anything at all critical of the other tech or guys.

Women, on the other hand, often see the flaws in those companies, or products or pitches and say so. They see how a product or algorithm can exclude or hurt people or create problems for users. How a business model won't resonate with people and why it will take about 2 years to show that no one wants what's on offer. They see what can go wrong. Why? Because we watched our moms and the other moms growing up, and we got socialized to look for the problems and to prevent disasters, and to do things fairly and equitably for everyone involved, because we (the women, the moms) would have to manage the problems, clean up the disasters and take care of anyone who was hurt.

For example, where a Dad might say, "Hey kids, lets climb the tree and we'll jump off onto our new trampoline!" And mom would say, "Wait a minute, the kids are going to jump off an 8' high branch, hit the trampoline at 4', and bounce off onto the ground and probably break things?" She would put a stop to the plan, saying "You can only jump on the middle of the trampoline and not at the edges and no jumping off anything else onto the trampoline." And while mom was a major bummer, she was also preventing broken bones, loss of school days (that might lead to having to repeat a grade if the injuries were really bad), pain and suffering, and oh yeah, if the neighbor kids got hurt, getting sued by their parents for negligence and potentially losing the house and having to move or at least getting into a major fight with those neighbors.

Yeah.. mom is really a bummer here. But in a very good way, because she is socialized to know that she will have to pick up the pieces of problems that get out of hand, nurse the sick, and see 10 steps down the road the implications of decisions. Dad on the other hand, in this scenario, is thinking of the fun.

Now, you can say there are plenty of dads that wouldn't suggest this with their kids, but I actually know a dad, who is a successful risk taker at work who makes lots of money and is considered by colleagues to be very good, who suggested this to his kids, partly because he figured he could manage it and catch any kids bouncing off the trampoline. But his wife put a stop to it. Though one kid did jump off the tree branch later when the parents weren't around and got a compound fracture out of the deal.

When there's disaster, like with the broken bones, it's the mom who usually drives the kid to school every day for three months, instead of having him ride his bike with his friends. She was the one who sacrificed a half hour every morning being late for work, and she knew what the sacrifices might be in advance of disaster striking, when she shut down the jumping-from-the-tree plan.

The real way to think about that mom, and many women's contributions in warding off disaster, is to say those women are caring about the greater good over a longer term. It's a more masculine trait to think about making a splash and more a typical feminine archetype to care about the long term risks.

We all hold both archetypes inside us, women are more apt to express more of the feminine archetype, bringing a way of being conscious of the longer term effects on other people, the longer term business model, the larger effect the business will have on society. Comparatively, men statistically are more likely to embody the male archetype which is often about taking larger, often dangerous risks for shorter term gain in order to break out for the big score and function more in a team mode with the other guys. And our society pushes us through socialization to these gender specific modes by blessing what is socially acceptable.

These gender-specific tendencies translate to a scenario in tech and business where men often show up as more exciting, brash risk takers who if they succeed, shine in the myth of the genius who did it all. Women are often behind the scenes, managing the fall-out of risks, and frankly, putting the kibosh on some proposals (read: bummer) in companies, in tech generally, and in business. And bummer it is if you don't take kindly to women's important role in thinking critically about risks and the consequences.

How many women do you know who you would put in the high-risk-taking category?

But this difference is *exactly* why we want a mix of men and women engineering, directing, creating and sustaining, leading businesses, and shaping policy, so we get a balance of each gender's tendencies which statistically will likely make the company or product or governments far more successful and stronger than if one gender alone works toward success.

So after telling this male friend about men and women in tech, the trampoline story and my general thesis that women are "analyst critics" and that feels like a bummer for the guys, I asked what he thought about the situation.

He said, "Well, whether guys know it consciously or not, most men tend to put women into two categories: bitch or hot. She can be in both, but she has to be very hot to over come 'the bitch' label in terms of whether a guy would talk with her or be 'friends' with her. So, while plenty of guys are socialized better because they are married or with a woman and therefore don't do this 'hot vs. bitch' assessment explicitly, no guy is going to defend a woman if all the other guys decide they don't really like her... no reason given. Or defend her if one guy starts picking on her, either to her or outside her purview, with the guys. Because we are all on the team. However, the unspoken reason is she is in the bitch category because once, once! she 'complained' about something, even if it was done constructively to solve a real problem. She had demonstrated that she could complain any time going forward and the guys know they can't be themselves around her. In other words, they have to be 'good' around her but can 'be themselves' with the guys. So now the set up becomes one where the guys have fun with each other, but are serious when any women are around, even if some of those women have never criticized or done anything to put themselves into the 'bitch' category."

Second, he noted that most men, in the face of even very mild criticism coupled with constructive solutions given from a woman, take her not as her, but rather to a place of fear. This fear is rooted in men's 2-year-old selves, deep down, where their mothers yelled at them or criticized them. So while the woman in a tech project might be saying: "Hey how about doing the project this way where something good can happen, because the other way isn't so good for the users..." the guy goes to a place where the woman co-worker is "his mother," telling him that he's wrong. The man can't hear the woman, because there are too many old filters in the way. And while again, some men have to have more criticism to get that fear going, most men aren't so conscious that they can hear criticism from women of a project, conference or company as being about the actual problem, but rather they take it to be about themselves. The criticism becomes an "ego-threat" and old defense mechanisms kick in. And criticism coming from a woman, well, lands her in "bitch jail", where the man's 2-year old fear is triggered and the woman can't really fix that without changing the larger issue of that man's consciousness about himself.

HIM: "We are all human and feel the emotions similarly in a way: Fear feels the same for men as fear feels to woman. Anger is anger for men and women. But if a man has fear.. he's what: 'a pussy.' If a woman has fear.. 'that's just how women are.' And if a man has anger, 'that's how men are.' But if a woman has anger, 'she's a bitch.' Even if she's just giving constructive criticism. Most men I know interpret any woman's criticism as inches from 'anger' no matter how nicely and constructively it's given, and therefore, she's rapidly entering 'bitch jail.' "

I have to say, I found it pretty shocking that a guy would cop to all this. And he wasn't leaving himself out of the category. Just being brutally honest.

If you're a guy reading this, and you are mad right now, I would ask yourself these questions:
Have you ever felt fear when a woman colleague has constructively criticized your project? Or did you even realize at the time you feared anything? Did you tell her, owning the fear and admitting it was your issue, not hers? Did you make it safe for her to share further criticisms? Or did you just distance yourself from the woman, and not work with her so much anymore, and did she just sort of back off from giving further feedback and instead, move away from the male members of the team? In other words, did she lean back and did you help her to be less involved?

So are you mad because my friend's words hit a nerve.. and this is uncomfortable? Because it only takes a few of these instances for a woman in tech or business to sit back and not participate as much. You may say, she's not tough enough. But she may say: why bother, if no one can take what I have to say.

I have another story, about a friend who is a partner on Sand Hill Road. She never speaks at the weekly partner meetings to review deals, until the end of the meeting (about 4 hours). She's learned that she waits until the chest beating and the competitiveness are over and the guys (the rest of the partners are, of course, all guys) have exhausted themselves and said everything they want to say. Then they look around.. and ask her what she thinks about this week's deals. Then, and only then, are they ready to listen to her. And they do. But she has leaned back. Effectively. I mean, she is a successful partner at a successful and top rated VC firm. But she leans back. Because that's how the guys can take her.

Back to my friend's and my conversation:

ME: Well.. it's true that it's not socially acceptable for a woman to express anger. Most women I know aren't even conscious of their own anger, or how much anger is inside them. They are so used to stuffing their anger, and moving on, that the anger comes out sideways. And men are right to fear that. It's not safe when men stuff fear, or women stuff anger, for anyone, because we are avoiding what is real, but complicated, and not socially acceptable. It comes out sideways for both of us. Men avoid angry women out of unconscious fear, and women try to work with men's fear, but can't, because fearful men won't include women in the real work, reducing women to things that are valued for their looks. That's a lot of sideways behavior.

Certainly I have been guilty of this.. especially prior to doing the emotional literacy work I've engaged in more recently. I have definitely stuffed anger, had it come out side ways, to other's confusion, and not owned what I was doing or feeling. It's probably been scary for men I've worked with, because I've *not talked* about anger, or released the pressure of feeling mad about the unfairness of something ... like not being taken seriously by the men in the room... or like a speaker list where organizers didn't even try to find qualified women, or disregarded dozens of qualified women. Or for example, once when I pitched to a partner's meeting in a Venture Capital firm, and had the senior partner refuse to look at me or ask me questions directly no matter how polite I was. Instead he asked all the questions to my male business partner, who turned every one over to me. Women have all had experiences like this. And we don't get mad. But everyone knows it's in there somewhere. And on and on with examples.

So if emotional literacy is the larger issue, how do we fix this? How do we get unstuck at a deeper level, than suggesting speaker training, or asking women to lean forward?

I'm not proposing we (women) try to change the guys that project the team vibe, consciously or unconsciously, who don't facing their own fear, or aren't honest about their own projections and inability to own what they are doing, or speak and share their fear.

I mean, women could do a big movement to educate men and get them to shift their thinking, a la the 70s, but that's a lot of work for something I don't think, frankly, will work. I don't think women can really change the attitudes and behavior patterns men carry, especially unconsciously.

Instead, I'm proposing we (women) change us. And my friend suggests that he, and other men, have to change men. Because, he too says, "Women can't change men, rather men can only initiate each other and teach each other to feel fear constructively, consciously, honestly and safely, in order to see women as women and not through the many filters they carry now."

So how do we do that? You know when people say: "Change yourself, change the world?" Where if you change yourself, everyone reacts and they are forced to treat you differently and if they don't, you don't care anyway because you've moved on and in a way others are left either changing or being left behind? Yeah. That way to change the world.

So how do we change us?

I'm not proposing that women be more like men.. to be more "fun" or take more crazy risks. Because trying to be something you aren't -- a team player if you've never been on a team, or able to laugh with the guys like a guy, when you aren't a guy, propose highly risky actions -- never works.

Instead, I think the answer lies in facing our own issues, as women, and not only changing ourselves for work, but everywhere. I'm proposing that we look at how we are angry, how we stuff that and don't face it, and aren't honest about it. Which makes us unsafe to many men. I believe that if women were honest about their anger, they would reside in their own power, own it, and reasonable risks and "leaning forward" as Sheryl says, would happen naturally and without a few of us pushing women to do what doesn't feel good to them now. Because most women aren't living in their authentic power which means they haven't faced their own anger or owned it.

As my man friend named it, "Women seem to have slid backwards over the past 20 years.. they are very concerned with their appearance to the sacrifice of their own truths and personal well being." My thought exactly.There's nothing wrong with looking good. But it should be secondary, and yet many young and older women seem to be focused on that to the detriment of their own advancement. It translates into caring more about what others think about you than asking for what you deserve, speaking the truth, and risking criticism to speak what is real and authentic. Which is all pretty much a recipe for holding anger deep down in an unconscious woman.

Not being taken seriously, not seeing women speaking at tech conferences, being on the boards of companies or doing what is high level work, could add even more anger. I know from years ago, challenging the organizers of conferences about how they had none, or one or two, women speakers at an event, didn't work. And women have been angry, when conference organizers react with silence or brush off the issue. But it was an anger women didn't feel they could express, or weren't conscious of.. and yet it was there.. I could feel it. And the men understandably feared that. Because the anger was coming out sideways.. it wasn't clean, owned and direct.

So, HE continued, "If men have taken the feminist messages from the 70s (like "who needs a man anyway?") and defaulted into emotionally illiteracy, where they don't have to own their emotions, or be conscious and share their own fear, then we end up with stagnant gender roles and fear about ever letting those roles shift again. Because the effect of those messages from the 70s have hung around, and a lot of men heard those messages from women as having an underlying criticism of who we are as men and whether we are even needed. For men who come after the 70s, the sons and nephews of men of age in the 70s, those boys are getting their modeling of what men are like, what it means to be a man in the world, how to treat women and how express their own emotions. The effects men felt in the 70s have been passed on to the current generations of men.

"There is a place where it's okay for men to express our emotions in our culture, but there is an invisible line for us, where when men cross it, the rest of the guys all point a stern finger and say to the one guy crossing the line: 'Dude, what are you being such a pussy for?' A guy who isn't emotionally literate will cave. But the guy, if he's emotionally literate, can say: "Hey, I'm feeling some fear / anger / sadness / a threat... " because that man is tired of having to not be himself for the sake of his friends. The truth about this is that there is a quiet revolution in men's circles across the country, THAT HASN'T YET trickled into our business and technology companies across the country.

"And so it's that distinction, that men can't yet be honest and direct. But as men begin to own their own internal emotional truth, to themselves and to each other, they'll realize that women are already there... waiting for them."

The notion is that the genders are secretly eyeing each other, where men look at the women's camp, women look at the men's camp, and if we raise the problem of women excluded from industry (tech, business, etc) and young women regressing to placing their value in the old stereotypical values like: "how do i look, how sexy am i, how desirable to the opposite sex.." this feels like a failure of the attempt women made during the feminism of the 70s to be integrated into male culture, male business and to be seen as equals.

If you accept that that 70s movement failed in a way, then it makes sense that women came into male domains (80's and 90s) and now women are receding from tech jobs from the 2000s on. (There are still women working, but the numbers in traditional male domains are down).

So why is this? Well, one view via my male friend has is that men inherently felt threatened during the 70s and 80s and after. This is partly because of what he called the "fragile male ego" which he says,"...is a reality especially among men who haven't done personal work.. who aren't emotionally literate." But also some of the loudest and clearest women's voices in the 70s and 80s were making men bad and wrong. He says further, "When men talk, we tend to lump all women into one voice.. so the women were lumped together as man-haters in the 70s and 80s."

So to the extent that the women's movement was about "taking power from men" ...this reaction from men happened. And got internalized by men.

So why have men returned to excluding women? My friend says, "Men tended to stereotype what was going on around their own exclusion by 'man hating women,' and reacted out of collective fear, toward women who wanted power." That power being the ability to join men at work, in business, or tech, and be taken seriously.

My friend goes on: "Men have always been at a place of lesser emotional literacy than women, so the dialog men cannot participate in with women is something like this: (to a man) How do you feel about women working in what has been men's world? A healthy male response would be: 'I feel fear of it because there has been incendiary language by a few women and that causes me to want to fight... '."

So in other words, emotional literacy allows for a full bodied conversation, where the whole body is involved in the conversation. Where the emotions in my body can be expressed.. and it's okay on both sides of the genders.

Again, HE said, "But men aren't able to do that yet, with women. But in general they do it with men, but it's limited.. to stomach, sexuality, gut.. but that's it. And many men have been raised by mothers who are emotionally invasive, so there is also a tendency to disbelieve that a women's desire for a full bodied emotionally aware dialog is *not* going to somehow come at a price to the man.

"So men aren't able to have a full bodied conversation with women, and women are waiting on men to get there.. to become emotionally literate.

"The problem is that when men fail to do this work, and when women don't have an equal partner (who is being emotionally aware) then women recede into a place where they try to find their value in the old stereotypical ways: valued for their looks and sexually because an equal dialog isn't really happening and neither party is really seeing each other as fully human."

ME: What about women? Why doesn't it work for us to help men?

HIM: "So if emotional literacy did happen, then men would treat women as more than tits and ass.. and women would feel that and feel able to take the risk of revealing who they are to men. That means women would be intellectually revealing, in board rooms, engineering rooms, with fully available ideas and contributions to the work.

"But the problem is, men can only do this work with men. Women can't help them. Men have to initiate men, men have to work on emotional literacy with each other, men have to make it safe to be masculine and live in their male bodies, and still express fear, even to women."

ME: So while this would change personal relationships a lot, in the context of work, men and women would see each other as humans who all have fear, feel threats, have anger, etc so we could be real about our contributions to projects, technology, development, etc. And women would be included and invited fully into speaking, leadership etc.

So this dialog between my male friend and me gives an idea of how we agreed women generally recede from the business world, because of these generalized dynamics. What my friend said above, and his take on men and women, which we both get are generalizations but also feel are generally true in our working experience, is a way to see that the lists of things women can do, like leaning forward, or getting speaker training, doesn't get at this deeper underlying problem to change what is happening with women in tech and business. Those suggestions are salve covering the underlying tense and uncomfortable relations between men and women in many work and professional situations, and we can see them explicitly displayed on many a tech conference speaker's list.

If men were to become emotionally literate and transparent it would change everything across the board: technology, business, leadership, speaking, conferences, product development, even Wall Street and the recent sociopathic behavior many men there have engaged in with our financial systems, to the huge detriment world wide of our economies and peoples. If women were to become emotionally literate, they would own their anger consciously, allowing men to feel safer in the presence of that anger.

I get that emotional literacy is a very tall order, but becoming aware of the need is a step. Talking about it is another step forward. I get it's very hard work each of us needs to do to face our selves and our emotional truths, so that when we go to work, we are clean and clear.

The upside for our society when men and women become emotionally literate is huge. It definitely extends beyond just tech conference speakers lists. It's just that a conference speaker list is a written testament to the problem at hand. Men and women can't now see each other as just human because of the many thick filters in the way of our communication and shared goals, that hold us in more adolescent gender roles.

One of the challenges with startups and incumbent businesses alike.. is the men are often looking for the splash (an IPO or a big fast score or a big win). But women often anticipate the greater consequences and see the longer term view. If men could invite women into really share the work, with full ability to share emotional and intellectual reality -- without judgements created through a person's own filters and projections, but rather from a place where both sides have emotional literacy -- with full ability to work toward the greater good, and long term success of the company and projects, men would succeed with less risky behavior and achieve more balance, women would succeed by bringing in their more considered approach to receive full acceptance as tech and business co-workers, co-founders and partners, leaders and contributors. And people, society, our economy, would be far more stable and successful by the work of an emotionally literate leadership and creator populace.

Just left the Quantified Self conference where I led a session in the last breakout on "building for a personal data ecosystem." Since we weren't on the official program, i was very happy to be holding something in an Infinity session. Fifteen or so people came, and I talked about Personal Data Ecosystem Consortium and our mission for a user centric data model where user's control their data through agents, or Personal Data Stores. I also mentioned what I was seeing at the event, which was lots of folks building apps, making new silos of data, and repeating the model where users' data is in question as to who owns it, and users don't really have access to their data except through the a service's website and possibly an API that might send a little data somewhere else (like twitter or facebook).

I suggested that in a Personal Data Ecosystem, apps makers could take data from their users and send it straight through to the users' Personal Data Stores (PDS). That way if the app or hardware changed or ceased to support their old systems, the user would have their old data to play with in their PDS. And I talked about open formats for the data (think.. what about an open format for Heart Monitor data, where you pulse is described and you can take that data anywhere). Services could think about just providing a great service, instead of trying to manage all the user data storage and security. Users would control their data in their Personal Data Stores/Lockers/Banks, and I said that a bunch of companies were building these PDSs, including Sing.ly which is building the Locker Project.

Sing.ly happened to have someone there, Jared Hansen, who is a developer in the open source project. And there was a guy from Basis, Bashir, who is building hardware (like a wristwatch) that you monitor things like your heartrate with.. though it does monitor many other things as well on your body. We also had a couple of health researchers there, plus other health and wellness companies looking at data, as well as Ian Li, of Carnegie Mellon who is researching data collection and normalization, and a woman from the EFF. And we had a couple of users who talked about what users need.

After a few minutes, Bashir from Basis explained their dilemma around the hardware which isn't all that profitable for them. So initially they were questioning what to do with the data and how to monitize the company. Should they sell the data, or give it to users, or charge uses for it, or give it away to developers who could create a great ecosystem by building lots of apps, thus driving more sales? And who's data is it?

WOW. WOW!!!!

So we were off an running, with the impromptu Basis use case of how to get the value of the data, include the user and let the user have choice and autonomy, and how to leverage what is being done out in the marketplace and with developers creativity with data. Oh.. and don't forget about participating in microformats and Activity Streams creation to make bottom up grass-roots standards for the data formats and exchanges.

We talked through what it would mean to give away the data, support users and ask them if they wanted their data included in studies, get additional revenue for Basis while maintaining the inclusion of the user in the process and what developers could and should do. We brainstormed a lot of things, and covered the good and bad points of how it would all work and how to support Basis' market model while still being good and fair to the users.

I have no idea what Basis will do, but I would love it if they would join the Personal Data Ecosystem Consortium in the Startup Circle, to help build out ways to make a user centric data system for user's wellness data collected with Basis hardware.

What an amazing opportunity Basis has for doing the right thing for users, and leading the wellness and personal data ecosystem by creating a win-win for themselves and users. They could create a new market for wellness data, that is user driven.

Frankly, we need more discussions like this. It's not about Do Not Track models where we kill all the data plus the value of it, and it's not about "business as usual" where the user isn't included and businesses do whatever they want with user data.

It's about creating markets that do right by users and have companies making money ethically and conversing with us in the market.

Thanks to everyone who came! We had many representatives of the relevant stakeholders and the discussion was enlightening and rare.. but one I hope to make more common in the near future!

I'm at the Quantified Self Conference in Mountain View today and tomorrow.

A few thoughts. There are lots of people here from various disciplines: health care, tech companies like 23andme.com that marry personal genomics and tech, apps makers and health and wellness hardware makers. And lots of folks just wanting to track themselves.

Sessions are preprogrammed (in other words, the conference is all done top down broadcast mode), and now and then in people's statements, a person will pass along the vibe of the old style medical industry (that is: we know more than you and we'll tell you what's true.. that mode was in the opening session where we were lectured to). Though I just walked through all the sessions in round 1 and the individual break out sessions are more discussion mode which is great to see.

There was a near complete lack of consciousness about protecting user's data as I walked in and spent a few minutes in each of the first 6 sessions. The impicit assumption was that "we" (builders, companies, etc) can take data and use it for whatever "we" want. Building systems that aren't just about more silos with data lock-in, or building for a Personal Data Ecosystem model where users keep their own archives and data, and then choose where their data goes, what purpose it's used for and control what is happening isn't on the radar. It is especially important that we look at issues of privacy, control, autonomy, choice and transparency for the highly personal, very sensitive data collected around personal wellness and health.

There is a single session, led by lawyers about privacy in round 2. But the rest of the sessions do not seem to be aware at all that they need to build from concept on for privacy, data control by the users, where users keep their data and the applications, devices and monitoring tools "use" the data with permission.

And there is no session about personal data control, where the QS apps would work on a Personal Data Store. I've asked to have one.. but we'll see if they decide to let me do it. The assumption is developers will just build more silos with more data collected, about you, crossed with other data about you, that after combined, creates yet another silo of data. There may be an API available, but effectively, the data is stuck in another silo, that a regular user can't really get at it, hold it, control it, share it, correct it or delete it.

It's dismal.. thinking about how all this highly personal data is just assumed to be owned by apps makers and companies and users are just cows in a big milking system. The participants of QS are just continuing the tradition started by the health industry and continued by tech company silos in making the users say "Moo." Pick your ecosystem and prepare to be milked.

Lastly, I'm really happy to report that the QS organizers decided to order a really healthy vegetable lunch salad (with either chicken or tofu on it).. Great work on that front!

Steve Lohr has a write up in today's NYTimes: Mining of Raw Data May Bring a Surge of Innovation about McKinsey & Company's report on Big Data: The Next Frontier for Innovation, Competition and Productivity.

I think we need to challenge assumptions about the inputs... compare the inputs from "hoovered" personal data to that of what people assemble in personal data stores operating in a Personal Data Ecosystem.

Execs from Rapleaf and Intellius have admitted publicly, recently, that they know half their data is bad, they don't know which half. I also sat recently with the woman from Experian who is in charge of segregating and keeping separate data from the internet (verses financial data which is regulated) for their offerings about users. When I posited that a lot of her data was likely wrong, she agreed.

User's obscure their data intentionally because they are scared.

For myself, I can tell you that in the last few years, I have obscured data online (birthdate, zip code, name, address, phone number, preferences, email addresses) as well as health info (not to my doctors, but to data collectors whom I do not trust yet claim they never share the data. For example, you can't get a mammogram in SF / Children's Hosp without sharing a huge amount of very personal data.. so i made it all fake because I don't trust the lab and who they sell the data to...). And I fake it to the pharmacy when they ask for more than my basic info to fill a prescription. In fact my current insurance company has my name and birthdate a little wrong and i'm not correcting them.. because it makes it harder to aggregate my data across systems. Oh.. and my bank spells my name: Hoddler .. and has a slightly incorrect address (don't you love how they key in the wrong data!) and i'm not correcting that either.

I fake all sorts of stuff on and offline... I fail to correct bad data... I know many others do too.. I have since 1994 been faking my data online. Somehow even then, without understanding the privacy issues or how the internet worked then, I just didn't trust the system because I knew then we had no privacy protection in this country (US). As I began working with online technology in 1997, and started really understanding it, I've felt more than ever the need to obscure my data and make it difficult to combine in a pivot about me.

I get that this security by obscurity and mistakes doesn't cut it, but it's the best I can do right now.

So my question for the McKinsey research people is: have they factored this in?

And have they factored in that users have obscured enough information that me at one site cannot be aggregated with me at another site?

Or have they factored in that the people at institutions who key in the data from our driver's licenses get it wrong (my bank with my name and address) or the insurance co (my application correctly filled out.. with my name and DOB) or whatever?

The answer is to give us proper protections for our data. 4th amendment protections and rights over sharing of our data, so that we make sure the data is right. We can aggregate our own data in Personal Data Stores. Then we can trade fairly for that data if we agree to being included in the big data systems McKinsey is saying will help us so much.

I agree big data analytics can help us as a society, but not without good data, and not without including users into the system, as equitable players who deserve to have rights over our data, including choice and autonomy to participate in big data systems.

But until then.. big data is working with databases that are half right.. because we don't have choice, autonomy, rights or protections as users, and that's the first problem with McKinsey's assumptions.

A bit of Context
Obviously, this diagram is a little cynical (courtesy of Chinagrrrl), but not too far off from how we manage personal data online today. But there are a lot of proposals on the table to fix this dilemma. One is Do Not Track which industry sees as something they can self-impose on an *opt-in* basis (for themselves) and opt-out (for the users) and self-regulate by having advertising trade org.s monitor compliance, with the FTC stepping in as necessary. There are also a number of DNT bills introduced in Congress and various hearings on tracking where the FTC would regulate implementation. And Johns Kerry and McCain have introduce a Rights and Responsibilities proposal in the Senate, that instead of Do Not Track (Kerry's LA, Danny Sepulveda told me DNT is a waste of time) suggest ways that data collectors would have to be responsible with our data. However, that bill lets 3rd party marketing, data tracking and Facebook's privacy bending ways totally off the hook. Both of these plans / legislative initiatives completely ignore the more than 40 startups and companies building for the Personal Data Ecosystem where users would collect their own data, and make use of the value, which the World Economic Forum recently said was "a new asset class".

That said, the rest of this post describes the Tracking DNT panel at Morris + King the other night.

Tracking Do Not Track
Tuesday night I was on a panel at Morris + King, an PR firm in NYC, called Tracking Do Not Track. Our hosts: Andy Morris and Dawn Barber (who co-founded NY Tech Meetup with Scott Heifferman) were very good about putting together a diverse group of people to talk about Do Not Track and the various issues with personal data and the advertising industry that have so many talking these days. My guesstimate was that about 100 people attended, mostly from industry (tech & advertising).

Our group included:
Brian Morrisey (Editor in Chief of Digiday, an ad industry trade publication) as Moderator
David Norris (CEO of Blue Cava)
Dan Jaffe (Exec VP, Govt Relations for the Assoc of National Advertisers - ANA)
Helen Nissenbaum, Professor, Media, Culture & Communication at New York University
and me: Chair of the Personal Data Ecosystem Consortium

We started off with Brian's question: who are you, what do you do in a nutshell, and what do you think of the state of online privacy these days?

I was first.. and gave a quick explanation of PDEC which is to say that we offer a middle way between Do Not Track (DNT) and what is going on now online (Business as Usual). Our middle way offers a market solution to users' wanting control of their data, and the tracking and digital dossier building by shadowy companies to stop..we don't believe DNT will work and don't support it, though we do see that some kind of "Rights and Responsibilities" legislation would help create a level playing field for any company that collects personal data. Those rights and responsibilities for personal data collectors needs to include giving user's a copy of their data, so they can then put them into personal data stores (or banks, lockers, etc) and then use the data as the person sees fit.

Oh, and I said the state of online privacy was pretty dismal, though I was optimistic because it feels like this year, it's actually possible to get personal data some basic protections similar to HIPPA or FCRA where user's can get their data, and we can make the Personal Data Ecosystem emerge as a market solution that finally works for people. Granted, it's a 5-7 year proposition to really create a new market, but we can actually start this year because of the 40 or so startups that are funded and building pieces of the PDE and the push in the US Government to do something about the dismalness of online privacy.

Helen Nissenbaum, whom I've admired for years for her thoughtful approach to privacy and usability, agreed that privacy online was pretty bad, and explained her work around Adnostic, a "privacy preserving targeted advertising" system made with some Stanford folks.

By far, the best comment Helen made all night was that tracking and aggregating data that pivots on people is not ethical, that it's bad for people and for the incremental 1% improvement we might see in targeted advertising, it's not worth the incredible intrusiveness of tracking. In particular she said, "Anonymization does not change intrusiveness."

Dan Jaffe spoke next, and surprise, agreed that online privacy is not good, but talked about how publishers need to support their businesses and that behavioral advertising is helping them do it, and that Do Not Track should be self-regulated by the industry because they know their business best. And government has a tendency to screw up regulations and therefore, we should let advertisers figure out what works.

Next up was David Norris, who agreed with my use of the word, "dismal" to describe online privacy and said that Blue Cava was supporting a self-regulatory model because they didn't feel that Do Not Track as proposed for legislation was a good idea.

We chatted about the viability of Do Not Track, and with Norris, Jaffe and me all agreeing it wasn't a good idea. However Jaffe said he didn't like the idea of any regulation, that the industry could do it themselves, and that my "data rights and responsibilities" support for legislation would be just as bad for data collectors.

Folks in the audience, like Esther Dyson, pushed back on Jaffe, saying that she wanted the ability to choose where and when her data was out at some vendors site, and that's why, she said, "I'm supporting Mary and her organization" because it's a market model that gave her choice.

I was very pleased to hear her endorse us (thank you Esther!)

In the end, I think we got our message out which is that tracking individuals is a bad thing, that users should be the only ones tracking themselves across sites, but that sites can track within the site to optimize business. And that users should have a marketplace to trade data, like they do in mileage accounts, and choose when they trade, as partners, and not have it done for them in secret as is the case now. And that we want to see users data protected with a basic set of rights, like Health, Education and Financial data currently is now.

Curiously, Dan Jaffe made a comment about HIPPA, the health data protection law, suggesting that users get their health data so maybe they could get their personal data too. Given that that is a law, and he was opposed to regulation of any sort otherwise, I wasn't sure what to make of this.

However, I was really pleased with the opportunity to talk about PDEC, the startups and tech efforts to create a personal data ecosystem, and to provide a different view than the usual support for Do Not Track as we try to figure out what is best for our society.

Thanks Andy and Dawn for inviting me!

Yesterday at this NCUA ICANN meeting in SF the right to oblivion was mentioned several times. It seems to be on people's minds as they try to figure out what privacy and data control mean to companies, to users, to privacy advocates and regulators.

Peter Fleischer who is Google's Global Privacy Counsel wrote a post on this topic: "Foggy Thinking about the Right to Oblivion" and I think he missed something very important in the discussion where people want to be "let alone." He mostly focuses on explicit data, the kind that user's put out there knowingly. But there is also implicit data, that users expect will stay within a website, and yet doesn't.

So I left this comment, but wanted to post it here as well:

I think you are missing an important distinction. There is data a user puts on the web: a facebook comment, a tweet, a flickr photo, etc. And there is data the user didn't expect to go anywhere except stay with the business they do or did business with:

* geolocation logs from one's mobile carrier
* purchases made with a vendor
* financial statements and the various actions one takes with bill pay, online banking and financial organization
* search activity logs
* an email address given to Facebook to be used as a login

The problem is that users expect that this data will stay with the obvious parties: you purchase something and your data should stay with the vendor and the shipping company. But the reality is your data is being sold all over, beacons are all over the purchase site, and you have no notice at all. Much less consent, except in some privacy policy you cannot begin to understand.

Or Facebook gives your email address to Rapleaf who matches it with activities all over the web. You have no idea, nor did you expect this.

Or you search on your mom's medical condition and now the beacons have transmitted the info to advertisers and pharmaceutical companies.

And you thought deleting your cookies would help. A complete waste of time now with flash cookies, beacons and fingerprinting of your computer.

What I think user's want is the right to control their own data. The right to ask that it be deleted after a period. The right to correct it if something is wrong, and the right to hold it, so they may store it in a personal data store (PDS).

And why, you ask, would anyone use a PDS? Well.. do you use Mint, or Dopplr, or Trippit, or have a mileage account? For that last one, you can get amazing things like free hotel room or plane tickets or even goods like flowers. We already use personal data stores now.. just very primitive ones. And we want the ability to trade our data because we might get a free book or discounted things. Those markets are yet to be sorted out.. but the apps to make that work are coming.

There is a lot to work out here, but there is a Personal Data Ecosystem coming.. companies are building for it, and frankly, we do need a little regulatory help on the side to support user's rights to their data.

And to keep sites, like the examples above, from sending your data off site through beacons and trackers or other data agreements. Instead, Ad companies should be sending websites a black box to process user data internally, and then pick relevant ads, so that sites never have their user's data leaving the site for any reason, unless the user takes it to their PDS.

It's the right thing to do for people.

Here is a link to the Personal Data Ecosystem Consortium response (pdf) I submitted late last night to the FTC about their Do Not Track white paper (pdf).

I got the letter and Q&A to the FTC (33 pages!) just in the nick of time as submission "00472"... at just about 9pm PST on February 18, after which the FTC shut down the submission site. You can see other submissions here but for now, nothing submitted last week is actually listed. Check back early next week for updates and the PDEC submission.

After working on this for 3 weeks off and on, between other endeavors, it's a huge relief to get it off.

Now the real work begins!

The last two weeks I've been speaking a lot. Why?

On 1/28/11 I was at She's Geeky SF leading a session with Kaliya Hamlin, Executive Director of Personal Data Ecosystem, where about 50 women came to talk about what this emerging organization and space are all about, and hear about what Kaliya Hamlin and I were submitting to the Department of Commerce in response to their Green Paper. On 1/3/11 I was at BigDataCamp 2011 (the night before O'Reilly's Strata) in Santa Clara, to lead a session on Personal Data Ecosystems. And on 2/3/11, I was on a panel called CRM versus VRM: Who Controls the Conversation at the Conversational Commerce Summit in SF. Also talking about the Personal Data Ecosystem.

Why all this talking? Well.. as I mentioned Kaliya Hamlin and I have submitted a response to the Department of Commerce Green Paper where they asked for comments about the FTC's Do Not Track proposal and options for how to protect user privacy and conduct secure logins, while still engaging in what the DOC does.. which is advise Congress on how to promote commerce in the Union.

I'm the Chair of the Board of Personal Data Ecosystem Consortium.

And I'm currently writing a response to the FTC's Do Not Track proposal.

Why all this work? Well.. I think the two extremes of on the one hand: shutting down tracking, or on the other: allowing a sort of "business as usual" stance for the intense tracking that goes on as we traverse the web, use our cell phones and generally act through digital mediums aren't the answers. We do need to dramatically alter what is happening, but not shut down the data.

Why? Instead of do not track, I want there a systems where *only I can self tracking*. Because I am the *only* ethical integration point of data about me.

Can you imagine if we did a "do not track" in 1979 when Airline Mileage Programs were just getting started? People have benefited enormously from them.. to the tune, per the Economist in 2005, of $700 billion in benefits. People want some self tracking, if they get something of value. They may want their histories private, but able to share a score or a piece of it, when they want. Because our data is gold. And we deserve to benefit from it.

We need to track ourselves, but only if we want to. And there needs to be no tracking of us, across sites, if we don't want it. But if we do, we need the ability to take our data, aggregate it, and trade it for goods. And to correct it, or delete it Like free plane tickets. And a lot of other things I think we can't imagine now. Because the Personal Data Ecosystem, and things like Vendor Relationship Management are just getting started.

We need to limit the surreptitious stalking of ourselves across digital platforms and sites by others, and take back the ownership of our own data, to be aggregated, deleted and managed only by the individual. And traded when we want to in a marketplace. And we need 4th Amendment protection for our personal data stores.

And we need marketplaces, much like the Mileage marketplaces, that allow us to trade our information, we need Personal Data Services that will store our data, make it portable, so that we can move our data when we want to (think taking your money from one bank and putting it into another) and we need an applications market for developers to do creative and interesting things with our data.

It's time.

Honestly.com is a people review site that allows others to anonymously review and/or rate a person.

First, a look at what the site is, in case you aren't familiar with it.

What they do:

Here is a screenshot of Cathy Brook's review page (she has 26 total):

Notice a few things if you go to the site: people are mostly given 5 star ratings like Cathy, and also rated highly on skills, relationships, productivity and integrity. Ratings/reviews are anonymous, and the reviewed person can leave comments.

Given how little the site has spread, 26 reviews is a lot. I wasn't able to find anyone else in my networks (mostly early adopters) with more than 5 or 6 reviews. Many only had say, 2 ratings, and those two were nothing but 5 stars, no review, no info on any of the 4 categories, etc. However, if you go to "top performers" (can we say: incentivise getting your friends to review you so you can make the ranked list?) there are lots of people in the 20-40 range of reviews, though the founder of Honestly has 222 reviews.. but i assume that's a lot about testing the site and proving the concept.

You can also sort by the number of stars, and here is a screenshot of 3 star reviews she received (the lowest scores in her ratings):

Notice that reviewers did not say why they gave a less than perfect review, and Cathy responded to each of those 3 star ratings. I found that in almost all the less than perfect ratings people did not specify why they gave 3 or less stars. And the lower ratings without any context, like Cathy's, are useless. Who would actually rely on them?

Some reviewers are "trusted," and some and some are "novice." It's not clear what that means, but Honestly.com is using Facebook logins, so maybe it has something to do with your number of friends/activities in Facebooks (more might make you more trusted) or maybe you have to leave more reviews at Honestly.com to be trusted.. or have more people in your Honestly.com network. Whatever it is, I see no reason why I would trust one reviewer over another in Honestly.com's system. My response is to treat all anonymous reviewers the same since I don't know who they are, what relationship they have to the reviewed and whether I would trust them.

One thing to note about trust around a person or handle online is that often we find people more trustworthy if we see them consistently and reasonably acting online. These of course are subjective and in the eye of the beholder. But consistent and reasonable actions do allow us to think more highly of someone over time. Anonymous reviews don't ever allow us to feel that a reviewer who is fair and consistent over time might be more trusted. We are asked to cede trust to Honestly.com abut who is deemed "trusted" verses "novice." And what is a novice anyway? What should we think about novice reviews?

An interesting side note is that Honestly.com is also placing people at their professions, so Esther Dyson is currently listed as a "director at Boxee" and John Clippinger is a "student at Harvard" and Steve Newhouse is an "employee at Conde Nast" and Stu Gannes is a "student at Stanford" and Clay Shirky is a "student at NYU... and on an on. All of these are wrong. Yes these people are associated with the organizations noted, but their roles are completely and bizarrely twisted causing me to suspect the Honestly.com site more.. because things I know to be false are stated as fact. So I'm asking myself, "what else can't I trust here."

How Honestly compares to other review systems

The old method for some kind of review might go like this: a person asks for a letter of recommendation or a reference, and then gives the letter writer a place to send the letter or asks the hiring person to call the reference. The reviewed doesn't know what's been said, but since they are asking trusted reviewers, the reviewed likely has a good idea that the overall message about them will be positive. The idea though was the reviewer would be able to speak freely because the reviewed wasn't going to know exactly what the reviewer was saying. And the reviewer could be very specific, often putting the letter on university or company letterhead which is harder to fake, and the review would be tailored to the purpose of the event (ie, getting into grad school or applying for a specific job).

More recently online, LinkedIn started public reviews, where folks would all list on their own resume a connection to a company or a school. Then when a review was created about a colleague or whatever, those reviews would be associated with the reviewed's listing of that company or school and the reviewer was connected through that link as well and it created a kind of verification even if it is just personal assertion on a public site. Reviews are generally public, the reviewer and context are named and associated with the time and entity where they have a connection and the reviewed can also reject the review.

The problem with LinkedIn reviews, in my experience is that sometimes people lie about their relationship, get bullied to write a review (I have personally been bullied twice to leave reviews for people.. I declined both but one of the people threatened to sue me as a result). A person can also lie about other aspects of the job (I personally know of at least 10 people on LinkedIn who currently show job titles, time frames and supervisor relationships that are flat out lies). Then the review is post on top of the lies about the job situation and it compounds the situation.. all appearing to be on the up and up. The interesting thing, as I started to discover those lies posted at LinkedIn, was that since two people are corroborating the situation with reviews, links, timeframes and titles it becomes harder to refute.. in fact there is no way to refute it). Given that, I'm not sure it's any better or worse to have anonymous reviews at Honestly.com, because frankly, if I can't trust some of LinkedIn, why would I trust any of it?

One other problem I've found over the years at LinkedIn is that a number of people regularly and actively seek out reviews (including the two people who tried to bully me into doing them). I've noticed an inverse relationship to review value: the more and better the reviews, often the worse the person is to work with as they are focused on the wrong set of goals (ie, getting quick short term reviews and making public statements instead of doing a great job, meeting the needs of a project or communicating well in service to the project). In other words, if someone is terribly motivated to get a rating or review out of the deal.. and this sounds odd but I've seen it a number of times, that motivation can overtake the motivation to make sure the project is done right and the company is happy.

Another issue with LinkedIn reviews is that reviewers can make them to suck up, creating something more generous or not terribly specific in order to make the reviewed person happy and in order to be associated with someone that may on the internet make the reviewing party look good and well connected.

Since Honestly.com's reviews aren't connected to people or specific jobs it's both impossible to tell how a reviewer knows what they assert, these reviews are even less reliable than at LinkedIn (though not that much). If at some point, Honestly decided to turn on the names of the reviewers they could find problems since people reviewed others thinking the reviews would be anonymous. Socially that could be a disaster and frankly I think Honestly has painted itself into a corner here. I also am reminded of the glitch a few years ago at Amazon where reviews of products and media were sometimes anonymous and for a few days, real names were exposed, revealing that reviews were often written by very biased people. That very same thing could happen at Honestly.com. But given that people are the objects of review, turning on real names could all be quite awkward for social and work relationships.

Why Honestly.com won't work in it's current form

So why is Honestly.com (at least in current form) not very honest or real? Well, the set up promotes people just writing whatever they want, disconnected from context and purpose, without any kind of understanding about who is saying what about the reviewed person. How much value does a review have, given that it's anonymous, there is no context for the reviewer or their relationship, or the purpose of the review, and there is no way to verify anything. The setup also promotes people just saying whatever is nice.

Those people I know on the site are all mostly very nice people (mostly, we all have our difficult sides) but getting a good review about working skills, effectiveness and productivity isn't so much about being nice. I do want to work with people who are fun and interesting, but ultimately we do need to get the job done.

In fact, what I see happening at Honestly, which is far worse than at LinkedIn, is that the site is becoming a popularity contest.. you see the jocks and the cheerleaders (CEOs and Marketing people in adult terms) doing very well with 5 star ratings and lots of reviews. What does a nice, non-specific 5 star rating and review mean anyway? My experience with hiring popular people is that the work doesn't happen as much as continued effort to remain popular. And it's also a matter of taste: one guy's 1star is another's 5star and it's subjective as well.

I don't see many geeks at Honestly.com, or folks who's reviews would need to be very context dependent (ie, if I want a mobile programmer, I need to know a lot about what they know and have done.. and wouldn't hire say, a front end web developer unless they also have years of C and Java and coding very stable small things like say, an OS from the 80s and early 90s). And frankly I don't care if that engineer is a little antisocial.. I want them programming, while people push pizza under the door periodically. Yes.. they need to understand digital social environments, but if you have product and design people, that can be managed. And frankly one person's "nice" doesn't work for someone else.. there is chemistry in our interactions after all. But why does that engineer need to be told publicly that he's a little antisocial? Isn't that a little weird socially? Throwing something like that out there anonymously? Being a little antisocial for some jobs is okay.

So does Honestly turn into the 5 star club, where everyone gets 5 or maybe 4.5 stars? Is it an old boys club where you review your friends and they review you and you all agree to do 5 stars and say you are all "GREAT!" ? Can someone hiring or looking for funding rely on these reviews that are all basically 4-5 stars or the few that aren't show nothing other than a 3 star rating?

When hiring I would never use LinkedIn or Honestly reviews unless I was looking for a popular person (might be good for a marketing or PR person). I have an obligation to do the footwork to find out if an applicant can do the work and are effective. These sites are not helpful and I would never rely on them, partly because of the known fake information and the bizarre social contract that a public review creates.

Frankly when I read reviews at Amazon, I specifically look to the bad reviews to see if I can live with the issues around a product or the characteristics that some didn't like in media. Nothing is perfect.. but if Honestly.com creates a culture where there is no reality about how we are as people in the reviews, and the public social contract around criticizing is pretty clear that it's not okay to do it in public, then I don't think the site with ever be helpful for real evaluation. And frankly why should it? We are talking about reviewing people after all and that in and of itself is pretty weird on a public website. I'm not sure negative reviews would work anyway because there is still no context or verifiable connection and what would a negative review really communicate, compared to say, a toaster oven at Amazon? I think negative reviews would just make Honestly.com a really downer and who would want to use it at that point? But what is the point of a site with only positive reviews?

There are other reasons people give good references for jobs not well done (in personal or phone refs): they do so out of obligation, they fired the person and want to see them get hired elsewhere to relieve that guilt, other guilt and pity, or like I experienced twice, they were bullied and it worked. Of course there are also good reviews because the reviewed is great and does great work. But how can you tell the difference between these?

Lastly, people change. A person labeled "great" at 25 could have a crisis at 30 and become unreliable.. or the same 25 year old could be a flake then and terrific at 32. So I'm not sure that a cumulative rating system over time is so great either, in the form of a fixed website.

So let's cut to the chase. Usually it takes 2 years for everyone to figure out that something in silicon valley isn't real. GroupOn will take that time.. as they are currently hot and making money, though the 20 or so businesses that I've talked to that have done a coupon have in 95% of the cases had very negative experiences and won't do online coupons again. I don't think GroupOn is viable long term for many other reasons as well but it's sexy now, though they could change into a long term viable model. But as they exist now, they frankly *need* to get bought by Google or someone proto. In 2 years.. people will see the current set of issues.

Likewise, I think Honestly.com, which doesn't have any great buzz currently, other than it's on Facebook occasionally or because people send me messages asking me to review them, will take a while for people to figure out it's not helpful, not worth their time, and in some ways reinforces the high school for adults model we love to embody at times in silicon valley, where you know, the jocks and the cheerleaders are socially held up and the rest grumble.

I just don't see Honestly.com working out. I don't think we need it.. it's not solving a need in our social and work interactions. And I think it sets up a bizarre social contract that one ups the weird one found at LinkedIn. LinkedIn has other value, but I don't see anything at Honestly.com that would transcend the general or specific people review problem to make it valuable in other ways.

Clay Shirky and Spot.us are doing a survey on objectivity in journalism. More info here from Amy Grahan.

If you register, $5 will go to a charity (automagically -- apparently -- matched to your IP address -- I'm traveling for a conference and my $5 went to local event coverage where I am). You can share what you think (anonymously.. they won't share your name with the answers).

Below are my answers.. upon doing the survey I realized I did want to share.

Is objectivity in journalism even possible? my answer (chosen from their list of possible answers): It's not possible. Let's stop pretending

Can you explain your thoughts on the subject? It's not possible to be truly objective... however, i do believe it's an ideal to strive for... and that information collectors should be trained to strive for it simply as a personal stance when they collect information.. but also trained to look for their own leading and biased behaviors that will change the collected information.

Articles often don't share the wording of the questions asked of subjects in articles.. they just share the answers. And depending on the way questions are asked.. it's easy for a subject to be led or mislead to an answer that isn't natural or that leads to a very subjective conclusion that readers cannot see.

Fairness is the real goal in articles and other kinds of reporting.. but in order to replace 'objectivity' with 'fairness' as a journalistic goal, I believe we would need to develop a whole school of 'fairness in reporting' the same way 'objectivity' has been articulated and taught to journalism students to date in Jschools.

Is striving for objectivity in Journalism a good thing? my answer (chosen from their choices): Always - it's required

Yeah.. I get it's a contradiction to say that journalists and information collectors should strive for objectivity even as they also are trained to strive for fairness and to filter out their own natural biases. The reality for me is that even when I collect information, mostly as I do usability studies, I know my biases can show through, that the framing of questions can radically alter the answers from subjects, and that in the end, I have to do my best, though there is no human on the planet who can perfectly seek information and attain perfection in the results. Therefore I have to be honest about these imperfections slipping into the work product. I think the same is true for journalists.

Information collection is a tight-rope walk... it's about trying to stay above the bias while balanced in fairness. No one can do it perfectly.. but fairness in journalism is the ultimate goal I believe, followed by the physical embodiment of the objective stance, even as journalists and other information collects realize they can't be truly unbiased. It's as tricky as high wire work.. and I think information collectors and reporters need to respect what this is about.. to maintain the balance while making the ultimate expression in their reports focused on fairness.

At the 30,000 foot level, all collecting and reporting work is subjective. Collecting information, choosing what is fair, what is worthy to include in a report, what to reveal about a reporters' questions and stance involves personal decisions and judgments. In a usability study, I always include in my reports the questions and tests, so that readers can evaluate for themselves what I've done in my report. This is not typically done in journalism reporting.

Maybe the new fairness in journalism should combine a sense of personal objectivity as a behavioral stance at information collection, fairness in the choosing of who and what to investigate, fairness in what ultimately makes the published report, and disclosure of how the reporter did these steps. It means bringing forward the reporter into the context of the story.. but maybe the new fairness is about holding reporters more accountable within the story. Since the internet allow articles to go on with as much backup as possible, this kind of accountability disclosure wouldn't cost anything but the reporters time to add in a little context about who they talked to, what they asked and how it was done. And it would radically change the conversation about what is going on in journalism as an objective or subjective medium.

On Friday, Clay Shirky was on NPR talking about why NPR doesn't use nearly as many women sources as men.

I love listening to Clay talk and he's a dear friend. And of course in the NPR On The Media interview, he and the host discussed the irony that *he* was on to discuss this.. instead of a woman. But since he wrote this post: A Rant About Women, about how his women students weren't nearly aggressive enough about promoting themselves as "arrogant self-aggrandizing jerks," NPR decided to have him on their show.

Basically, while I like that Clay and others like NPR are discussing this issue, I disagree with one part of his blog post and his interview answers on NPR about why NPR has a lack of women as sources, or why women aren't getting the jobs men get, or why women aren't as successful.

Aside from the fact that news producers are responsible for finding good interviewees (not interviewees finding news producers) which was the NPR story focus, I have a real problem with the idea that *aggression* is the appropriate filter for quality and relevance. It's not that I think Clay is advocating for aggression as our filter but rather he's accepting it without question. It's just that this Aggression Filter is so implicit that we all accept it without question.

What is the Aggression Filter?

Depends on the circumstance, but it almost always involves someone having to be aggressive in some way in order to be taken seriously and noticed, either through some sort of online or public yelling, or outrageous actions or marketing language spewed out to get people's attention. Often it's a deep loud voice when in person (this favors men) and could involve various ways that people get into something, like the agenda to speak at a conference or camp (diving head first into an agenda wall is going to filter for people literally willing to hurl their bodies at the speaker's wall or who have big bodies to muscle past others). Or it could be the person who gets someone to recommend them with ridiculous language, or gets some other loud-mouthed social media guru to speak up for them. Whatever it is, it's often behavior that could be quelled by peer pressure and social norms that look past the loud behavior to focus on what people do that qualifies them. When the standard for getting noticed is all about marketing language and yelling loudest, pushing through physically or behaving with obnoxiousness, we have a filter that only notices aggressive acts to the exclusion of good work and quality offerings.

As the internet+social media self-promotion machine amps up what was already a problematic Aggression Filter for finding value, we further reinforce our already broken system for how we find interesting, relevant people to talk about ideas, speak at events or create anything of quality or fill jobs.

I don't believe there is any correlation between aggression and quality of ideas, products, new startups, books, jobs or anything else. Yelling loudest to self or otherwise promote just means the yeller is loud and an obnoxious, pompous jerk (Clay and I definitely agree on those descriptors).

The Aggression Filter is what needs fixing. We need filters in tech that de-emphasize aggression to find what is interesting, innovative and risk-taking in any strata where people compete for value. The future of tech innovation depends on it, and so do women.

However, that said, I do very much agree with Clay when he says that women don't dive into uncharted waters with the confidence that men do. I see men all the time donning a new title for themselves for which they have little experience, and then plowing ahead to find the people with experience who can help them learn or do the parts they don't know. Many men may not even say anything about their lack of experience and just fly by the seat of their pants willy nilly. For example, a new startup founded by a guy might find him claiming the CEO role, and then hiring a COO to run the finances and operations. He may never have been CEO before, but he just takes the challenge. Most women I know want to make sure they have all the possible requisite experience under their belts before facing a daunting title like CEO. And if a funder suggests that maybe a more experienced CEO should be brought in, women are often quick to give up the reins. Not always true, and there are prominent examples where this hasn't happened... but often I see this abdication by women in one form or another.

What's key for women? Being willing to take the risk, fearlessly face criticisms, jump into the unknown and ask for the help needed to get things done. What shouldn't be key? Aggressive behaviors bordering on "jerk."

For now, I'm going to call my desired value-set the Thoughtful Risk filter.

What is the Thoughtful Risk Filter?

It's a filter for finding acts and people who take risks, that then includes evaluation of the thoughtfulness or usefulness of the product, book, job-seeker, pundit, prospective student, startup or company offering. In other words, just risking isn't enough, we want to see something of value.

Another example of the differences that fall along gender lines I've noticed comes in hiring. When I hire male engineers, I find they often overstate their qualifications and skills, and not just by a little. Hiring women engineers, I find that they almost always understate what they bring to the project. So I normalize. And I often find that in a room full of those men and women I've hired, they are pretty equally matches (when normalizing for years of experience).

I'd like to see women take leaps more often by founding startups, and see tech development, startups and VCs think smarter about how to build something of value via a Thoughtful Risk Filter, not through the Aggression Filter, which is what I see so often as the proof point for figuring out who gets money and who doesn't. With so many aggressive guys pitching so many alpha-male VCs, and the subconscious, unexamined Aggression Filter in place, we get a lot of garbage funded. Often the premises getting funded are utterly silly, and we all have to wait around 2-4 years for the users, founders, press and the funders figure out "this dog don't hunt."

People taking thoughtful, planned risks is where it's at. I'd like to see more women thoughtfully risking in the future. But in order to do that, we must shift what we value going forward and encourage people to perform for a Thoughtful Risk Filter. However without more women in partnership roles at VC funds, or pressures from Limited Partners (those who give money to VC funds) we may not see this change soon in the tech development ecosystem. But a value shift in the community would likely put pressure on funders.

People in the tech ecosystem can model, teach and support confidence in women to risk thoughtfully, even if these women fear criticism, or the exposure of their weaknesses as they do it. But if we don't value thoughtful, insightful risk over aggressiveness displayed by the "arrogant self-aggrandizing jerks," no matter whether it's a startup funding pitch or a job recommendation, we won't get people performing for a Thoughtful Risk filter.

When aggression is our filter, we burn people out, often women but men also, and fast. It's not pleasant or life sustaining to constantly be in an environment where aggressive measures are the gauge for what has value. Worse for women, it goes against the way we socialize with the world in communitarian ways over competitive ways. Though I don't think most men like it long-term on an endless loop either. We squander good people when we use aggression as our standard, and in the end, get less quality innovative work than we need.

There's a reason Caterina Fake posted this photo below from the Hunch white board stating rules that support a less aggressive and more thoughtful workplace, and it's not just because people work better with defined work times, breaks and single tasks on which to focus. It's because expecting people in a work environment to "do everything at once" and "stay the latest in the office" and "email at all hours" which many start ups do, encourages aggression as a filter for defining who on a project is worthy, who has control and what the best ideas, the best people and the best work are, instead of the most thoughtful, most useful and most well executed work for innovation.

(image by Caterina Fake)

I get that we are far from living with a Thoughtful Risk value set in tech (whether start up or established environment) as a rule, but we need higher minded goals and to convey these values through social pressure in our interactions. Just playing along with the current Aggression Filter value set only steers away women from tech opportunities, keeps women lower down the ladder, and our products just aren't as good without diverse inputs, nor do they speak to the majority of customers who are in fact women. I realize not everyone plays the aggression game in Tech, but most do in some way. Aggression Filters will only shift with conscious effort and social pressure by us to value Thoughtful Risk Filters.

It's us who can make it better for women in tech, as well as better products, services and companies as a whole because we decide to change what we value. We are responsible for enabling a system that supports aggression and we are responsible for changing it to something better.

Today I had what I would say was an anecdotal experience regarding data privacy.. calling my OBGYN to make my annual appointment. I ended up using their new website and giving various personal data, only to figure out that they have no privacy policy for data, that the data was going to a third party, and that in trying to make an online appointment, all I really got after sharing data was an email form to request an appointment.

So, here's the scoop.

In calling into the doctor's office, I got their voice system which has always required lots of number punching to finally get through to someone to make an appointment. It's better than 10 years ago where you could literally never talk to anyone in their offices and would just punch numbers endlessly until leaving them a message. That would be followed by a return call that you would invariably miss, having to start the process over, to get another call back.. all to just make an appointment.

Anyway, calling in today only requires two selections, before being told my call was in line to be picked up after approximately 6 minutes of estimated wait, OR I could use their online system. Whooppee! I could make an appointment using what I imagined was a calendar with available timeslots to book appointments? So here is Golden Gate Obstetrics (GGObgyn) big chance to show how they are using information technology to help people organize this process of getting an appointment better and faster!

Super cool!

Er... NOT. So. Fast.

Following the voice system at GGObgyn, I go to http://goldengateobgyn.medem.com/ which redirects me to http://www.ggobgyn.mymedfusion.com/:

The branding all over the site is "Golden Gate Obstetrics" so I'm thinking: okay, this is their site, even though it's got some other root domain name (mymedfusion.com).. in other words, Golden Gate Obstetrics is responsible for my health info, and I just need to get in to see their calendar and choose a time or something. So I go to "create an account" (Note below I've made screen shots of the *second* account I made, called 'testacct' to see what was going on a second time.. since the first time when I made an account for myself, it went by quickly and I wasn't suspicious until the end of the very end of the process):

I put in my name, SS # and DOB and email. After submitting, I was brought to this form (screenshots are in two parts as it was a longer page):

As you can see, there's enough data request there for someone to do some damage if they wanted to. At this point I was getting a little concerned about where this data was going, but keeping in mind GGObgyn's history where getting staff on the phone to make appointments is so difficult, I went ahead and submitted my data.

The screen instantly took me to a logged in state, saying "we are now your Health Record provider" which I found totally freaky. I don't want them to be my Health Record provider. I just want to schedule an appointment. All this, without requesting any sort of email verification or other checking... just gave me an account. At that point, I could go make an appointment:

To say the least, I was shocked. So I just put in all this personal information, dinked around with forms etc, to be given a glorified email form to request an appointment? With structured data about which day of the week I want the appointment? How about a calendar with available time slots? So I could just pick based upon my availability? No... it appears they are going to email me back or call me with times so we could go back and forth over schedules again, in email? Really? This is the promise of information technology for scheduling? I mean aside from the privacy issues, I really felt like I'd been had in terms of my time sink for their silly email form.

I notice there is no help or privacy statement on any of the pages in their system (and I clicked on all of them), and the "ask a question" page is all about medical stuff, not using the website. But I figure GGObgyn is responsible for this site. So I call them, and after a lengthy wait, get the appointment receptionist. And I ask, where did my data go? And she says she doesn't know, but they own the site, so therefore my data is safe.

This seemed reasonable given the interface on the GGObgyn website was so incomplete with so many important things missing (like a privacy statement as I entered in my SS # and DOB and address, etc. or even a privacy policy in the footer somewhere, or a help page, or real contact info), it had to have been done by people who don't normally develop websites.

I asked if the receptionist could give me the privacy policy, or tell me where my data had gone, and she said she would pass me to the "online manager" named Olivia. Olivia started off my telling me she sits on the system "all day long... as account requests from users to join their online system appear on my screen.. I look the patient up and put through the approval if the new user is in fact a patient."

ME: "Really? because my account approval seemed instantaneously to happen on my screen."
Olivia: "Oh yes.. I did that."
ME: "Wow.. you're fast."

Then Olivia reiterated to me that she's there literally every minute at work approving patient account requests.. because she manually approves all new accounts and also is there to pass along requests of appointments.. etc. And she was sure there was a privacy policy somewhere on the system. Her description of the account approval process sort of contradicts the fact that I could make an account called "testacct" and get right into their system without any approval but I didn't bother mentioning that. I just wanted to know where my data had gone from my first real account made with them.

After that, she could only talk about how to use the system from her perspective, not mine. In other words, Olivia had no idea what regular users face (ie, There is no privacy information, as I typed in my personal data, and no real idea other than from reading the URL in the address bar that maybe a third party was collecting my data, etc. Reading address bar URLs is something most users don't do.)

I told Olivia she literally wasn't getting the problem, because she just kept repeating to me how she uses the system (as an administrator over user accounts and for appointments where, I'm guessing, she has to be seeing an administrator version of the Medfusion system or some kind of much more powerful interface than the one regular users see when they log into the system). So she said she wanted to pass me to their office manager, Laura, who said, as she picked up the call:

"Mary, i've been listening to your call with Olivia" ... er.. okay.. no one disclosed to me that my call with Olivia was going to be monitored by others listening in. Unsettling. And possibly illegal. But whatever, that's really the least of my concerns here.

I told Laura there was no disclosure to me in advance of having a third party get my personal data.. and after Medfusion had it, I had no way of finding out what they are going to do with it.

I asked Laura about GGObgyn's ownership of Medfusion, but she replied that Golden Gate Obstetrics *did not* own Medfusion as the receptionist had told me. Instead, GGObgyn used them because they could not email "using Gmail or AOL" about appointments because that "wasn't safe." I was thinking really? Because having a website where my data just goes to third parties with no written privacy policy seems pretty unsafe.

So she explained that every page on their site (see all the screenshots and look hard for it!) have some sort of key symbol in yellow (it's not on any of the screen shots I took of the site, and I took shots of every page on their site), which if i click on the key, "will take me to their privacy policy." Okay.. so ignoring the obvious question of why they have a yellow key to signal a privacy policy (totally not intuitive from a user perspective), I look all over all the webpages that I can get to from the left side navigation, read them to Laura, and confirm that I cannot find the key.

Laura replied, "Well I can't help you anymore, because this is a waste of our time.. if you didn't want to put your information into MedFusion then you shouldn't have."

ME: "But your voice system told me to. And your name is on the website, and you aren't really disclosing that you are giving my data to a third party, MedFusion or telling me what they or you are going to do with it."

Laura: "Well, I can print the privacy policy and fax it to you."

ME: "But I don't have a fax machine. Can't you email it?"

Laura: "No.. maybe i could scan it and send it in email, but I'm not sure... and there isn't anything else I can do anyway." (It was clear she was trying to end the call.)

ME: "Er... Okay." (And then I hung up.)

A few hours later while writing this post, looking at the GGObgyn site, I noted that they added a privacy policy to the left side navigation, though that policy doesn't govern anything about what I entered into the GGObgyn site because it wasn't there when I gave my data. Medfusion and GGObgyn are under no obligation to keep my data safe or private, based on that policy.

No help or contact pages appeared afterward.

The privacy policy, which I read through, has a few issues. First, it starts off just saying "we" .. and my question is, We Who? I mean.. is it Medfusion? or GGObgyn? Me and GGObgyn together? Or someone else?

At the end of the privacy policy, it says under a section called OUR NOTICE OF PRIVACY PRACTICES:

By law, we must abide by the terms of this Notice of Privacy Practices. We reserve the right to change this notice at any time as allowed by law. If we change this Notice, the new privacy practices will apply to your health information that we already have as well as to such information that we may generate in the future. If we change our Notice of Privacy Practices, we will post the new notice in our Center, have copies available in our office and post it on our website.

So basically, they have to follow the policy, but can change their privacy policy at any time and it's retroactively applied to my old data and old terms? Well, I can see why GGObgyn wouldn't even bother having a privacy policy before because essentially, I have no rights over my data anyway.. because they can just change my rights whenever they want to suit themselves? I feel really good about my personal and medical information held by Golden Gate Obstetrics now.

And then, under COMPLAINTS:

If you think that we have not properly respected the privacy of your health information, you are free to complain to us or to the U.S. Department of Health and Human Services, Office for Civil Rights. We will not retaliate against you if you make a complaint. If you want to complain to us, send a written complaint to the contact person at the address shown at the beginning of this Notice. If you prefer, you can discuss your complaint in person or by phone.

So.. GGObgyn seriously expects me to complain to the USDoHHS? Why do we have to escalate this to a federal agency? Why can't they discuss it directly with their patients? I would rather just start by telling GGObgyn (which as you can see from the above dialog was incredibly successful, but they really ought to be open to hearing from their users about issues). In looking at the complaints section of the GGObgyn privacy policy, I note that I can contact the person listed "at the top of the privacy policy." Except, surprise! There is no one listed at the top of it. In fact, I don't even really know who "we" is in the policy language. So.. I guess I won't be contacting the "we" in this policy.

If I did want to complain about a privacy policy and questionable data usage problem, frankly I would use the Federal Trade Commission form because the FTC governs these things (see their most recent list of cases here where they go after companies that fail to protect user data and medical information, including the recent CVS case where they violated financial and medical data privacy rules). I have zero confidence that the Office of Civil Rights at the USDoHHS would even have a clue about privacy and my data on a website.

One thing.. after the GGObgyn privacy policy appeared, no one from GGObgn emailed me, or called me, to say that it was now up on their website. Of course, they have all this contact info and my name in their patient files and in their online system that Olivia who runs their website presumably could pull up very quickly and easily send me an email telling me to look at the policy.

I would also recommend that businesses like Golden Gate Obstetrics use the FTC page on Protecting their user's data and privacy which is very helpful when trying to figure out how to present privacy info on a website.

Frankly, I have no way to alert anyone at GGObgyn to this blog post, or to my thoughts on the subject, other than to call back, sit on hold, and talk with the three people I already discussed this with, who were ranged from unhelpful to hostile. Since GGObgyn doesn't seem open to discussing their websites problems and the fact that the cat is kind of out of the bag now with my data going God knows where into various company's hands, I'm posting this example of how companies, particularly *medical* entities, with no experience or understanding of information technology systems and websites need to use extreme care, and not assume that office staff trained to run a medical office has any idea what users need or will face with a website collecting personal or medical data.

I hope people at medical or other data collection companies will realize the importance of protecting user data and being straight with us about what's happening to personal and medical information. My experience is just one, but if this becomes representative of people's experience with their medical providers, we ought to be very worried.

Note: I took a look, when writing this post, at ratings for Dr. Wiggins, whom I really like and have enjoyed having as my doctor. You can see from the ratings at Health Grades that Dr. Wiggins is well liked by patients but the appointment system and her office staff.. not so much. I hope GGObrgn does an overhaul on all their office administration and website that interacts with patients before they venture further with information technology as tool for communications.

(image by Beth Kanter)

First, Kaliya Hamlin has written a great post on how to manage an unconference so that participants get the most from the event, and feel connected to the topic and solving a particular problem set as well as make stronger social relationships for future potential workings (in this case Transparency Camp West, held yesterday in Charlie's old cafe plus a few small conference rooms at Google in Mountain View).

I attended Transparency Camp West (#TCamp09) from Saturday Afternoon through Sunday's brief closing. It was structured more like a BarCamp or FooCamp (with minimal facilitation) than an unconference using the Open Space method (pdf) (which has a bit more social and activity facilitation and structure). I attended TCamp because I'm interested in, as well as want to help with, Transparency which I feel strongly is a very good thing for government to engage in.

The first Barcamp was formed as an alternative to FooCamp, O'Reillly's "friends of oreilly" camp held at their headquarters annually (note I have attended FOO and really enjoyed it.) That first Barcamp had the social cohesion that forms around the shared hurts which many there felt as insult and exclusion, because of an unfortunate and ill-worded blog post about FooCamp inclusion. So that particular Barcamp's lack of facilitation wasn't an issue. (Note that I didn't personally feel the insult because I know the people who run FooCamp and knew it wasn't directed at me personally. Yet I felt it for the other young folks there who couldn't understand whether they were the ones being called out as unworthy to attend Foocamp and therefore felt hurt. I spent a fair amount of time that first and second day of the first Barcamp consoling young developers, explaining that I didn't think they were the targets of that Foocamp blog post either.. but they were hurt anyway. And hurts do bring a certain cohesion.)

But subsequent Barcamps have suffered from the lack of a Beginning and Ending. They have a start and a finish, but they don't really begin in any formal way, where a facilitator helps the event process and participants to plan the event agenda, announce each session proposal, and then push for documentation of learnings, nor do they have an ending where the participants are brought back together to share learnings and insights, and close properly as a social group who may, hopefully want to see each other again one day. Barcamps often just start. Organizer announces a wall. And that's it. Dive in. Left socially flapping in the breeze.

When I've attended Barcamps in NYC or Austin or SF or other local barcamp styled events, I've alternately been pleased to see everyone show up and many present something interesting, and yet dismayed by the lack of social cohesion or shared learning and evolving that I know from experience is possible at an open space style unconference. This is especially true for the wall-rushing of the Bar/Foo style, which is great if your 22 and male, and want to dive head first into a pile of bodies to get your slot. But if you're not (and say female or not 22) then you would likely really enjoy the ability to announce one at a time your session without having to dive ass in the air into the sweaty bodies just to get your slot. Filtering agenda creation through that process has nothing to do with whether a session will be any good, and everything to do with 22 y old male "f-u" culture.

But think about an unconference as a story: there is a beginning, a middle and an ending when it's done well.

Open Space unconferences provide that social structure, without filling in the content. The participants do that. It's still an unconference but it's got social support in a way that Barcamps don't.

So why does it matter that Transparency Camp was more Barcamp than Open Space? Because it felt like they squandered the opportunity to get the most out of the participants brainstorming solutions and connecting socially around the tough problems that many, most notably the Sunlight Foundation are attacking. In fact, I didn't realize until the end of the event that there was any particular leader leading the event (I missed the beginning because I thought it would be really hard to get in but in fact the event was in a huge cavernous space with tons of room and comparably few people.. sparse even.. though the break out rooms which were tiny were often packed -- that said, I missed their beginning and only heard it later). At the brief ending, when the leader said, "Anybody have anything to say, or any criticisms?" to that giant cavernous room with a few people milling about at the end, it felt so awkward. No.. I'm never going to share anything under those circumstances. Certainly not criticisms.

::shudder::

I think he was a little out of his depth in terms of facilitation experience. Though I did love the singing he did to call everyone back into the ending time.

One thing the FooCamp/BarCamp method sets as an expectation is that everyone will "come present something amazing." Well, not everyone has something amazing to present. Or is an expert. But what TCamp had was a bunch of smart people in the room interested in a particular problem set: transparency of data.

I did work for a congressman long ago for 4.5 yrs, 1.5 of which was in Washington, but I'm a technologist now. I work with hopefully-structured data and make algorithms and create systems and interfaces.. I don't work in government currently -- hate bureaucracy -- but I do want transparency in government and so I'm strongly aligned with the Sunlight Foundation's mission. In other words, I gave TCamp a day and a half of my time as a non-expert in current government transparency to try to help as a civic gesture, not because I do it for a living.

So why not instead use Open Space, which sets the expectation that some will present amazing things, but the rest will attack a problem from different angles in a discussion format? This is a subtle, but very important social distinction about session formats. However, including both session formats requires an Open Space facilitation method to get people thinking in the direction of question and answer, not presentation broadcast and competition, so that they are socially aligned to work together, but also not so structured that it takes the life out of the budding, thoughtful ideas these participants might come up with around the problem-set.

In other words, it's a balance: structure and openness. This balance is cultivated in the Open Space, camp process where there is a real opening and closing plus announced sessions. Also important is the social evening event between the two days, where all organizers of the event should attend to give even the this time heft and importance as an integral part of the communal event, as well as to receive informal feedback on how things are going. Aside: when I walked into the TCamp evening event and saw none of the organizers there, and a sea of people I mostly didn't know, I though.. oh it's not that important to be here and I'm tired and want to go home and eat something simple and light and just chill. But before I saw that, I was fully prepared to spend the evening continuing to socialize around the Transparency Camp problem-set.

(image by Joseph Boyle)

I really enjoyed Dan Gillmor's session on governmental dissemination of information in an open, and individuated media world. Dan is thoughtful and sincere in his desire to chronicle and assist with the transformation from broadcast to social and individual media as we navigate this new world, especially around government data. I also liked the session on Lobbyists which was hilariously and spontaneously focused on how to understand and better map their activities. The session on transparent data, by Natalie Fonseca of Techpolicy, and how far should it go in exposing personal, governmental and corporate data was great.. though the strides were likely lost to Twitter's short horizon of maintained tweets. I do hope someone took notes about what we discussed and posts them. And Esther Dyson's session on genetic data sociality and exposure was terrific, if not totally on topic about government data transparency.

One last thing, overall I enjoyed TCamp and would attend again. But there were a number of incidents where I saw people puffing themselves up as they presented things (sometimes great, sometimes ill conceived) or otherwise talked in sessions (the amount of reactionary eye rolling confirmed for me that I wasn't the only one surprised and dismayed by this behavior across sessions). It may be that in order to be a technologist / player in Washington or other governmental locals, that being pompous is a job requirement in order that the old guard in WDC or California take you seriously. But considering the problem set: transparency for the common man, I felt there was some irony in this behavior. And since some of it came from Sunlight folks, it made me worried for them. I know we could do the typical Silicon Valley thing where some engage in something stupid, and we all don't say anything and two years later they fail. But Sunlight and these other orgs don't have two years to figure out that this behavior is counterproductive. They are non-profits and there is a public good to what they do, and they need to deal with this now, not figure it out in two years after no-one has said anything.

Thankfully Sunlight has people like the extraordinary Ellen Miller and the very thoughtful Esther Dyson, whom I hope can help school these youngsters in the idea that self-puffery gets you nowhere in Silicon Valley, or for that matter outside the Beltway or Sacramento. Not to mention it makes it very difficult to listen well. Simply presenting something without your own ego inserted in front of the presentation or your contributory statement is the best way to get us all to say: WOW, what a great idea.. I want to help too! And since what you are presenting is interesting, you must be smart too!

That said, I was very impressed with Sunlight's Policy Director, John Wonderlich, who was thoughtful, socially pleasant, listened well and didn't seem to have any personal agenda to advance his own ego and stature. Maybe he even pets small children and dogs on the head and helps little old ladies cross the road as he walks to work each day too, I don't know, but Sunlight could use more people like him because he really added to every session in which I encountered him, both in terms of smart thoughts and socially to make people feel comfortable with the thoughts and ideas being passed around.

Doc Searls in a post on celebrity, black holes and productivity comments on celebrity as a form of coasting. Below is my reaction. I think there is more to it. Let me know what you think.

I've been talking about celebrity a lot since Thurs afternoon re: MJ, FF, EM, etc. Doc and I discussed this a month ago in depth too. I've been trying to figured out for the past year what the hyperdrive of microcelebrity is on Twitter that so many run after. And then the real celebrities hit twitter en masse and the hyperdrive of real celebrity is there as well. That drive diminishes at times one's ability to have a real conversation because some of those diving into conversations have agendas like trying to get the attention of the perceived AList (whatever that is.. oh yes.. the high follower counts, goosed by the twitter suggested follower list, provide us with a definitive answer... thank the gods).

But the triple-hit celebrity death match on Thursday drove me to my thought which is that most people need to follow, most people need something to worship, and most people have given up serious religion (of the type where you spend like 20 hours a week in church and the pope or the ayatollah or the supreme leader or whoever is your celebrity representative communicates with god for you and leads you and makes the decisions and you worship him to get to god because you can't talk to him yourself).

Michael Jackson and other celebs are the replacement for that sort of seriously time consuming difficult religion, because media and post-modernism make it easy (where premodern means god is above man, modern has everything equal: god, man, nature, and post-modern means nothing is more important than you). If nothing is more important than the individual, but he/she needs to follow something bigger than the self out of insecurity or whatever and there is very little ritual left post-old-style-religion to set people on their own course of confidence, productivity and humility in the world, and you have the media machine the past 100 years that now includes internet and self-publicity on things like twitter, well.. you have the perfect primordial soup to grow the MJ, etc worship replacing organized religion we see now. And of course, the celebrity version is so much easier and more fun, kind of like fast food.

Doc is right, celebrity worship is a tremendous form of distraction, but I would argue most don't have the confidence, discipline, or for that matter the interest in spending their time on more constructive things. While most are capable of much more, there is safety in worship. That's why the church/temple/mosque of old was so effective. It filled the rest of your time after work and set the order that god was first, then the supreme leader as the physical manifestation, then puny you, so you would worship up the hierarchy. Oh, and you were given a structure to think about life and death. Which is frightening to many. And there was a structure for work and discipline, however messed up these organized religions have been over the centuries.

In Post-Modernity, celebs fill the worship channel, effortlessly, where the celeb hierarchy is the order and the media connects you. Microcelebs are the long tail of this channel. Nothing going on with the top? Well.. there is always Guy Kawasaki or iJustine. And if you as the worshiper can get nearer to the celeb so much the better. People used to say: god is my savior. Now they say, "I remember exactly where I was when I heard MJ died." It's a way of placing yourself close to the worshiped thing.

Not to mention that you don't have to think about death if you go with the celebrity distraction mechanism, except when Farrah and Michael and Ed McMahon leave us, at which point people seem to just increase the worship but don't really have to face facts about their own lives.

It's utterly silly, and of course the internet and socialmedia send this tendency and need an order of magnitude higher than before. But I think it's a rat-brain need for the masses to worship something, and celebrity is the post-modern fast-food solution.

Opiates anyone?

A month or so ago, someone (I can't remember who) said to me that mobile engineering was hard for web engineers to do because it was so different. I've worked over the nine months on product development for several mobile applications at Apisphere, and more specifically the last couple of months seen coding for handsets up close. I can see why those who are great at coding the front end of websites that will go out to people with beefy computers might have trouble coding for tiny devices with limited memory, harddrives and processors. Even smart phones are no competition for the latest desk or laptop.

Working with engineers on Android, iPhone and Blackberry apps, where GPS data is involved, and each of these phones' quirks are being exposed, I've come to realize there is much more to this than just the difference between webcoding and mobile engineering. I started in tech in the 90's working on boxed software. Huge projects with 60 engineers making things for big machines of the time. Those kinds of projects required enormous specs, Market Research Docs (MRDs) and Product Research Docs (PRDs), etc. When I later switched and started writing algorithms for web apps, building little classification systems, and working closely with engineers on web apps creating the information architectures and meaning on sites, through interfaces and algorithms, I didn't think all that much about the differences between installed boxed software and web development, other than the specs I was writing were far smaller and we iterated a whole lot more on the web development in tighter cycles, and often the usability was built in a bit more from the beginning instead of bolted on at the end.

But now seeing development for mobile and creating mobile apps, I realize engineers who learned to code way back when have a huge advantage over web and large app engineers who've never been forced to economize. Those early coders know what it means to optimize for tiny amounts of ram and hard drive space, to create truly elegant code that is compact, efficient, and doesn't take over a device or machine.

In contrast, I find my Firefox usage often pushes my laptop out of control as javascripts go crazy on tabs in the background. Those pages were written by programmers unschooled in the art of system management, who may believe the system resources are unlimited or worse, dedicated *only* to the running of the browser+their webapp. They don't even seem to know they ought to be considering users and their resources based upon the pinwheel of death I regularly experience. I'm often climbing through FF tabs on pages open for work and play as I go through my day, trying desperately to locate that one tab that's going crazy, pushing FF to 125% according to Top. When I get it shut down, after massive frustration and system hangs, waiting to see if the next tab is it, I realize another tab is out of control. And so on until I get my machine back.

Building mobile apps, there is no way we can put that sort of strain on a smart phone, much less a little tiny phone. At this point after watching 9 months of mobile development, I'm realizing the preferred mobile developer is someone who has hardcore coding experience with languages like Java and C++/C#, who had to optimize for old computers with minimalist ram, hardrives and CPUs. People who code as if their program will be the only one open or up in a browser need not apply.

In fact, I would say that older coders with this sort of discipline will often have a distinct advantage over the young new web-only coders, and will be the ones who help us move mobile forward as a viable industry. Of course, those who embody all of these skills for all environments will have the best chances to work in mobile going forward, as I see mobile delivery of webpages as also key to this industry.

Twitter (and the ISchool -- or one of my poor brethern -- I have a masters from UCBerkeley's iSchool) seem to be in the tweetsphere over one ill-found tweet tossed off by a student and found by her summer internship employer likely via search.twitter.com. For background, you can see this: FattyCisco.com. The poor girl is likely humiliated and horrified over what she thought was an innocent and also, likely, a fleeting thought that didn't really reflect how she felt overall.

We've all had those momentary thoughts where when we are ambivalent, we toss something out of our mouths and once it's out there, we think, wow, that doesn't even ring true or, it did for a nanosecond, and now it's changed, or gee, that's about 5% of the way I actually feel about this. But out of mouth, truly ephemeral (unless recorded in some form) is different than written down and searchable in the grand database of the Googlezon and search at twitter. Or maybe it's just a joke.

This is one of the problems with online communities and specifically twitter:

You don't know who's listening, and because of search tools, you are findable beyond your follower list
or your "community" of known tweeters (ppl you @ with or read) unless your account is private.

I don't think we have at all sussed out what it means to tweet in the long term, or what the power of the tweet is, or where the tweet goes and what sort of life it has beyond the first few minutes or hours of it's life in the Twitter / client context.

This is another example of something that happened recently:

A PR exec going to Memphis to meet with a client, Fed Ex, insulted the client on the way to the meeting. The clients wrote a letter to the PR company and him, his bosses, and cc'd everyone at Fed Ex as well. Ooops.

The problem is, tweets go to those paying attention at the moment, those who may save tweets in clients (i leave my twitter client open and check it now and then as I have time -- right now I have 15k tweets from the past couple of days), those pivoting on a single user, those searching for key words, those looking a related conversations.

But when you tweet, in your head, you're often just thinking about those you expect to read it, like only a few your followers paying attention at the time. What happens with some tweets (some reading by some followers) is not what can happen with all tweets.

The interface and interaction at Twitter's website doesn't lead you to believe that what happens most often there will happen in incendiary examples. And different twitter clients (an android or Iphone app for example) don't lead you to understand the permanent nature of tweets, through use, that say, search.twitter.com might, as you see something you deleted appear there anyway.

It takes experience with all these different modalities to inform you because there is no advance disclosure or warning of the elasticity of a single tweet.

What is most interesting is this pushes me to think harder about what the interface of "aged information" online looks like (and I don't mean google search results that move from page 1 to page 3 over time).

And I have to ask myself what it would mean to have what Judith Donath discussed on the panel, Is Privacy Dead or Just Very Confused, moderated Saturday at SXSW by danah boyd. Judith discussed having some kind of a "mirror" for you of your digital self that would reflect all your online presentation and communications and expression... just so you might get a sense of what you show people and what you project at a moment in time. Right now it's really hard to gather that sense of yourself. Right now, you don't really see it in any sort of complete way. But others see pieces of you digitally represented at different times. It would be like re-disclosing for yourself what you've done, discovering how others view you, in slices or on the whole, in order to see the effect you have. It would probably be helpful to know what had reach and where, and what was for now at least, forgotten.

But frankly, the privacy implications of that are huge as well. So, I'm thinking. No answers on that one yet.