Last week pii2010 (the PrivacyIdentityInnovation conference) was held in Seattle, Washington. For those of us in the identity verification business, many speakers and presentations reinforced our commitment to identity verification and building trust online. You can read extensive comments posted by Brian Rowe and videos of the conference at Brian’s blog site.

You might also take a look at the Cyberspace Bill of Rigths presented by Jeff Jarvis. In particular I find that the following 2 Rights resonate with what Trufina offers:

VI. We have the right to control our data.
VII We have the right to own our identity.

Identity verification was highlighted again during a Q&A session between CNET’s Declan McCullagh and Chris Kelly (Facebook’s former Chief Privacy Officer). During the live feed, broadcast at the conference, Chris expressed his conviction for the need and liklihood of a strong identity platform in the future of the web and social media.

The future is now! Trufina provides the platform. Do you see the need for building trust in the world of social communities by sharing verified identity information? Let us know.

Did you get a chance to read the draft version of the NSTIC , published by the White House, June 25? We sure did, and we’re hoping to be part of the community moving the national strategy forward. Here’s a quote from the introductory paragraph:

“Imagine a world where individuals can seamlessly access information and services online from a variety of sources – the government, the private sector, other individuals, and even across national borders – with reduced fear of identity theft or fraud, lower probability of losing access to critical services and data, and without the need to manage many accounts and passwords. Individuals can conduct a wide variety of transactions online and trust the identities of the entities with which they interact. Individuals know what information service providers are collecting about them and how they are using it. They have choice in the number and types of user-friendly identity credentials they manage and use to assert their identity online.”

Trufina has not only been imagining that world, we’ve been building it….read our initial comments, Enhanced Online Security, Reduced Fraud and Personal Privacy. Today! Take a few additional moments to register on the forum and vote “I agree” at the top of our post. With your support our views will get more attention.

If you have an opinion on the strategy, post your comments there as well. Let us know and we’ll link to them in this blog. It’s a good opportunity to tell the government, and the entire internet community what you think.

As the safe haven for your personal identity information, it is critically important that Trufina protects your information, and adheres to a very stringent privacy policy, mandating how that information is shared.

Every year we participate in TRUSTe’s certification program, allowing us to display their trustmarks, assuring you of our adherence to their highest standards. We’ve just been re-certified by TRUSTe and thought it a good occasion to remind everyone of the importance of such audits.

Look for the TRUSTe seal on all reputable websites. It is an indication of their commitment to customer privacy.

On September 23rd and 24th Harvard Law School’s Berkman Center hosted an Internet Safety Technical Task Force (ISTTF) open meeting, where 15 companies made presentations on technological solutions intended to help make the Internet safer for America’s youth. The Internet Safety Technical Task Force, you recall, was created in February 2008 by the Attorneys General Multi-State Working Group on Social Networking and MySpace.

Anyone following the public meetings should be interested in icouldbe.org’s recently published news story about their participation. Frankly, icouldbe.org’s presentation was the only one by a company fully committed to providing an absolutely safe environment for youth on the Internet. In fact, their existence depends on it. We’re grateful to have them as a partner on the development of Trufina’s Child Protection Suite.

The most informative presentation at the meeting might have been the one given by a few of the youth representing Teenangels.org, which is part of WiredSafety.org Teenangels is a group of 13-18 year-old volunteers that have been specially trained by the local law enforcement, and many other leading safety experts in all aspects of online safety, privacy, and security. The teenangels research indicated that children and youth feel that their biggest online threat was from cyberbullying, and that the most effective means for limiting cyberbullying would be to provide tools to identify offenders, to kick the
‘bad actors” off the hosting community sites, and to ban them thereafter. So if the technology companies were listening, the keys are:

- Apparent anonymity needs to be accompanied by tools to hold offenders responsible. The teenangels specified tools for identity verification, not just age specific verification, so that offenders can be identified.
-The identity tools need to allow the hosting website to remove the offenders quickly, and to ban them permanently. So the tools must prove uniqueness.

As in daily life, cyberbullying is perpetrated by a minority of the community. Once children and youth realize that they will be banned permanently from participation, their behavior will improve, or they will not be allowed to play in the digital playground created by the hosting community sites.

Not coincidentally, the tools for limiting cyberbullying are similar to the ones that should be used for keeping predatory adults from interacting with children. And guess what, the combination of anonymity through the use of pseudonyms, coupled with identity verification by a hosting web site, would provide the same benefit of cleaning up adult behavior on forums and blogs Internet wide. Is it possible that improved behavior by adults might influence the behavior of our youth?

I was really moved by the FrontLine news story – Growing Up Online , and found it incredibly insightful about todays internet and social interactions. It highlights MANY positive, as well as negative, ways people interact online. Some for the better and, in some cases, for the worse. One comment by Rachel Dretzin was most interesting – “… it became clear that the supposed anonymity and immediacy of the Internet had led him to say things he never would say in “real” life — and didn’t even mean. It was a game, an exercise, a way of trying on identities. …”

It is clear, not just from the above piece, but news stories to numerous to mention, that traditional forms of social interaction are being replaced by virtual socializing. We thought we were busy when we were kids, yet it seems to be so much faster these days, and given traditional human traits we tend to do the easy things first – and socializing online is one of those. It’s faster and it allows you to multitask while you’re doing it. It doesn’t replace traditional hanging out, but it does present our society with a new set of social norms and challenges
Trufina, and other companies like Naymz, TrustPlus, and initiatives like OpenID and CardSpace, can certainly help fill the void that exists today regarding virtual identity, but we’re only part of the solution. Some of the burden, or atleast responsibility, lies with the websites that give unlimited tools to people online, the media, as well as each individual, parent or child, to continually educate ourselves on our hyper evolving society.

As a follow on to the piece, the Washington Post published a discussion with the the producers which well worth reading, too.

Several weeks ago we rolled into production a new set of API’s which allow partners to integrate Trufina services into their websites, and makes it easier for our users to share their information with websites. We’ve updated our website with some basic information about the API’s, and we’ll be adding more information to the API section of our site over time.

We have also rolled out our API’s with the folks at Naymz. Now Naymz users can access and utilize the Trufina services in a seamless manner – seamless being the keyword. If you are an existing Trufina user, you just have to log into your account and grant the information to Naymz. If you are not, you can go through our verification process. In either case, you can then pull back verified identity information into your Naymz accounts via the Trufina API, and post a verified shield to your Naymz profile. Additionally, users will receive 50 RepScore points if they go through the verification process.

We’re honored and proud to be working with Naymz, and are excited to be part of their offering, as well as providing a great additional service to our members.

Linden Lab, Second Life’s creator, has unveiled an identity verification system for residents. It’s voluntary right now but necessary if residents want to access restricted regions in the metaverse where explicit sexual or excessively violent content is available.

The service – in beta – uses Aristotle’s Integrity technology and involves entering a Social Security number, driving licence or passport, although the data will not be stored by Linden Lab or Aristotle. This is not as complete as Trufina’s process (we try to prove that the person who is typing in the drivers license/SSN is in fact the owner of that identity attribute – but its a great start.

The 101 responses to the blog post were mostly negative, with quite a few being concerned that either Linden Labs or Aristotle may misuse their identity data. Several users also wanted to keep their anonymity. Linden Labs defended the move saying “Anonymity has long been both a benefit and a challenge for online communities: a benefit because it offers opportunities to reinvent yourself; a challenge when it comes to the creation of trusting relationships. With the option to verify aspects of their real life identity, such as age and name, Second Life Residents can begin to build trust and safety systems inside the virtual world and their virtual community.�

As long as sites and the providers they use make sure the data they collect (either from the user, or via public records checks) is controlled by the user, and not used for ANY other purposes then everybody wins. Such a offering demands a large amount of trust between the user, the site, and the identity provider. Trust which must not compromised. 

 

John Battelle blogged today about a topic he’s covered in the past, a Data Bill of Rights. He makes the case for greater transparency from search and other online service companies. And he outlines a list of terms for the use of consumer attention by these organizations.

- Data Transparency. We can identify and review the data that companies have about us. A sticky issue is whether we can also identify and review data that is made about us based on other data the company might have. (IE, based on your behavior, we at Amazon know you might also like….)
- Data Portability. We can take copies of that data out of the company’s coffers and offer it to others or just keep copies for ourselves.
- Data Editing. We can request deletions, editing, clarifications of our data for accuracy and privacy.
- Data Anonymity. We can request that our data not be used, cognizant of the fact that that may mean services are unavailable to us.
- Data Use. We have rights to know how our data is being used inside a company.
- Data Value. The right to sell our data to the highest bidder.
- Data Permissions. The right to set permissions as to who might use/benefit from/have access to our data.

While this isn’t directly in line with what Trufina does, it’s certainly in step with our corporate mission and our perspective that users should control their information, and should be able to protect their privacy online.

There’s at least one Dot-Org taking a look at this issue: AttentionTrust. The brainchild of one of the brainiest people I’ve ever known, Seth Goldstein, who’s launched several companies with the intention of shaping and monetizing the “attention economy�.

‘The recent spamacornucopia means more than $10 BILLION DOLLARS OF YOUR DATA IS BEING EXCHANGED AMONG BUYERS AND SELLERS THAT YOU DON’T CONTROL, starting with DoubleClick (and H&F their private equity owner) and Google, and then Right Media (Redpoint) and Yahoo!, and then 24/7 and WPP, and now aQuantive and Microsoft.’

Between recent ad network acquisitions, the report from Privacy International which ranked Google at the bottom of a list of major internet companies for privacy, and the Apples iTunes debate, the issue has become a hot topic again among professionals.

‘Privacy can be a touchy subject; generally people want their privacy maintained and yet the delivery of many services from Internet startups is dependent on personal data to deliver personalized content. It has long been known that Google gathers more personal data than any other company, yet Google’s growing marketshare would seem to indicate that people are willing to ignore these privacy concerns. From an industry perspective, personalization is a defining quality of the new Internet – without this data we would be winding the clocks back to 1999.’

It’s great to see some of the smartest people in our business thinking and talking about these issues. It would be just as interesting to hear what the rest of the community has to say about it. There are any number of companies, individuals and organizations committed to issues of consumer privacy protection. Beyond that, there are folks taking care of “family identity management� and using ecommerce and online services daily. We’d love to have greater insights into their needs and concerns.