Adventures of an Eternal Optimist

Bill Harris published this article on his blog two weeks ago, noting a few key sentences from the Electronic Arts Privacy Policy (italics & emphasis are Bill’s):

If you sign up to play EA games through Microsoft’s Xbox Live Service, Microsoft will provide your Xbox Live user account information to EA so that we can establish an EA Online account for you. You need an EA Online account to play EA’s Xbox Live titles. By signing up to play EA’s Xbox Live titles, you agree that Microsoft can transfer your user account information to EA.

Information collected will vary depending upon the activity and may include your name, e-mail address, phone number, mobile number, home address, birth date and credit card information. In addition, we may collect demographic information such as gender, zip code, information about your computer, hardware, software, platform, media, Internet IP address and connection, information about online activity such as feature usage, game play statistics and scores, user rankings and click paths and other data that you may provide in surveys or online profiles, for instance. We may combine demographic information with personal information.

Wow, I can’t think of a single thing that they are NOT transmitting. Quite the list, hey?  Seems to me you could do an awful lot with that information…

Bill then tried to look at various Microsoft privacy policies and couldn’t find any notice to users that Microsoft might transfer out what EA says is being transferred in.

Apparently there has been a wide distribution of his complaint — but EA hasn’t bothered to respond or even acknowledge the questions that are being raised. Neither has Microsoft.

Why is it ok for Microsoft to send all of that information to EA? User information is being piped apparently indiscriminately. Can the user even find out which information is sent when, and for what purpose? Do the users have the power to stand up and say NO, this is NOT a valid use of my personal data?

This kind of policy should be a major embarrassment to both of the companies involved. Questions & complaints should be plastered on public forums, and representatives of both Xbox and Electronic Arts should be made to answer for their actions whenever they speak to the press or to consumers.

We have the technology to empower users in cases exactly like this. The question is, what kind of pressure are these two companies under to examine their practices? Will they just brush those pesky complaining users off of their lapels, and continue to play fast and loose with identity data?

Let’s find out how much pressure we can bring to bear. If we aren’t horrified by this, who will be?

Have you ever head the saying “be careful what you wish for“?

Yeah. You might want to study that. For my part, if you really feel that we shouldn’t think of your company as so ubiquitously representing the world of internet search that the term “googling” and “searching” should be synonymous, and if you’re going to spend company $$ litigating against such a concept, then who am I to argue?

I for one will be glad to turn the other cheek. I’m sure there are worthy search companies out there with a bit more common sense and fewer lawyers on the payroll. From now on I’ll do my best to enact your wishes and treat the G-word like the four-letter-word you want it to be.

Here’s hoping that you sink into obscurity as quickly as possible. Good luck with that, from the bottom of my heart, and I really mean that.

Sincerely,

Pamela Dingle

Paul Madsen responded to this reference to the Liberty Alliance sarcastically, but I think that Liberty as an organization should take such a remark far more seriously — because I know exactly where this blogger is coming from:

The Liberty Alliance has churned out a number of PDFs but that seems to be the extent so far of their effort.

Paul, the reason people think Liberty is nothing more than a bunch of PDFs is because that’s all they see when they research it online. Last January, I too tried to figure out what ID-WSF was and how it could be used. I’m sorry this sounds so harsh, but frankly, the Liberty website sucks at communicating the spirit and the purpose of ID-WSF.

There are several problems. First, as a geek-investigating-liberty, I don’t want to read the specs first. I want to know what the specs are FOR. I want to know what business & technical problems can be solved with them. Imagine trying to figure out what LDAP does and why I might want to deploy a directory server — and being directed to a page like this:

Nobody would evangelize LDAP this way, and I can’t figure out why anybody would want to evangelize ID-WSF like that either. And yet, when I tried to research ID-WSF, that was exactly what I found. Hey look, same thing the other blogger found, gee funny it’s just a whole bunch of document links! Was there a gentler introduction? Not that I could find. Oh, and don’t even try to search on “ID-WSF” within projectliberty.org, the top hits on the site are mail thread references.

Second, the front page of the site (which is very pretty) is 100% about the organization and 0% percent about the specifications, even though their stated objective is the creation of said specifications. The words ID-WSF and ID-FF do not appear once on the page, let along People Service or other components. Doesn’t that seem odd???

Third, to address Conor’s point – I may or may not represent anyone other than little ol’ me, but personally, I couldn’t care less about “real” deployments. I just want to know that it is deployable, maybe whether there are toolkits, access to community forums, sample code. Perhaps other people really do care about real deployments in the first 20 minutes of investigation, but I believe that in fact, what they look for is evidence of a vibrant community. There are NO indications that anything other than the specs in their starkest incarnation are available for people outside Liberty. I’m not saying those things aren’t there. I’m saying that newcomers can’t possibly know one way or the other from the web material.

So. My hypothesis is that if you want to see adoption of Liberty by schmucks off the street like me (and perhaps even a few less guys deciding to brew their own SSO solution, we can always hope), you need to treat these specs like a solution. I should be able to easily discover what context in which the solution is valuable, in what high-level ways I can implement the solution, and who will commiserate with me if I have troubles. If all of that meets my approval, I might then want to take a look at the specs. After that, I may even become interested in joining the Liberty Alliance.

Having met many Liberty people at IOS in July, I know they are passionate people doing great work. I just don’t think that passion is being communicated to those not intimately involved. If the goal is to make the WORLD aware of ID-WSF, and not just insiders, fix the first 20 minutes of user investigation into the framework, and I predict that great things will happen. In my opinion, this is worth just as much time and effort as any of your standards efforts.

Update:  Turns out Liberty is way ahead of me, and they are working on a redesign of the website.  Thanks for responding with such class (:   Paul, I’m holding you to that Leafs game, I’ve never been to Kanata!

Important installation note for people wanting to play with CardSpace: CardSpace only works when installed on an NTFS filesystem. If you are planning on setting up the July CTP and playing with CardSpace, make sure your C: drive is not FAT32. Here is the error you will see if you try to run CardSpace and you are not using NTFS (note the bolded sentence):

The description for Event ID ( 102 ) in Source ( Microsoft.InfoCards.Diagnostics 3.0.0.0 ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: The Windows CardSpace service cannot be started on this file system., at System.ServiceModel.Diagnostics.ExceptionUtility.TraceFailFast(String message, EventLogger logger)
at System.ServiceModel.Diagnostics.ExceptionUtility.TraceFailFast(String message)
at Microsoft.InfoCards.Diagnostics.DiagnosticUtility.FailFast(String message)
at Microsoft.InfoCards.Diagnostics.InfoCardTrace.FailFast(String message)
at Microsoft.InfoCards.InfoCardService.FailFastIfNoFileSystemSecurity()
at Microsoft.InfoCards.InfoCardService..ctor()
at wmain()
at _wmainCRTStartup()

I have no idea what would happen if you installed the .Net Framework 3.0 on a FAT32 filesystem first, and then converted that filesystem to NTFS. If anyone happens to try this, drop me a comment and let me know how it goes.

I also do not know if the incompatibility rests with only CardSpace, with all of WCF, or with all of .NET Framework 3.0. Any and all information updates would be welcome.

Ah the trials and tribulations of the intrepid early adopter! How boring would life be if it all just worked? That being said, I do hope that they will put some kind of FAT32 test/warning into the next version of the installation script, otherwise there could be some long-term bad karma accumulation :-)

From now on, make sure that the vanity searches originate from a different IP address than the how-to searches regarding killing, maiming, and dead people…

The AOL search data scandal is a welcome wakeup call. It is useful to remember that even a common, theoretically harmless internet activity might be used to correlate between normally segmented parts of a person’s identity. Data that people believe goes no farther than from the chair to the keyboard gets published, and one more illusion of privacy goes out like the baby with the bathwater.

Ever heard the abbreviation “TMI”? It means “Too Much Information”. Generally it applies when somebody volunteers embarrassing and/or revealing information over and above what is necessary in the context of the conversation, resulting in discomfort and/or disgust on the part of the conversational partner.

We are, as a population, entering the age of TMI. Scores of people (including myself) are busily working on data entry: their thoughts, biographies, portraits, proclivities, and personal habits are being eagerly keyed in. Some of them are bright enough to do so pseudonymously or anonymously. Regardless of how they do it, it seems to me that there is no guarantee whatsoever that their anonymity or pseudonymity, or even their expectations of freedom from webcrawler indexing will stand the test of time.

I think most people, whether they are aware of it or not, still believe in security by obscurity. Sure, if somebody worked hard it might be possible to realize that Mary Smith is “concernedParent” on motherhoodparenting.com, but “naughtyGirl” on sexymommies.com, but why would anyone think to correlate those identities together? Such a correlation today takes an active effort, and it’s difficult to conceive of why anyone would even bother.

Of course, security by obscurity definitely didn’t work for Thelma Arnold. Her identity was extracted using the AOL dataset and other publicly available information for no other reason than because it could be. I’ll bet the phone calls from the reporters were an unwelcome shock. Even data that cannot quite personally identify someone now might cumulatively do so later. Perhaps the AOL dataset links “concernedParent” to “naughtyGirl”, but one year later, a different body of data manages to link “concernedParent” to Mary Smith. At this point the link between Mary Smith and “naughtyGirl” is there for the farming. Imagine what will happen if anyone on the internet figures out who user #17556639 is. Even worse, imagine if they get it wrong.

So when will be the day that the right body of personally correlational data combines to reveal your secrets? Maybe never. Maybe tomorrow. Just because it is obscured now, doesn’t mean it will be forever. And once an internet search for Mary Smith links to “naughtyGirl”, it won’t go away — the problem with a TMI situation is that the damage cannot be undone.

All I can think to hope for is a partial solution: mutual assured TMI. If everyone has as much dirt as everyone else, the dirt might become less significant. At least the excusable indiscretions might be overlooked. MySpace, you might save us yet….

Robert McLaws picked up on remarks that may indicate .NET 3.0 will be released in advance of Vista. If so, we might have a production CardSpace client sooner rather than later! How nice it would be to get things going on existing systems.

This is unverified – so take with a grain of salt.  It sure seems logical though, I’ll keep you posted on what I find out.

… it ain’t pretty. It involves a lot of manual work, and manual work is always a weak link in any change management strategy. If you edit your LDIF or re-enter data via the web interface, you introduce the possiblity that your migration could fail in production despite a perfect track record moving through every other environment.

We at Nulli have been trying to perfect a strategy by which an Administrator could reliably and predictably move environment-specific COREid configuration data from development through all the tiers up to production with as little manual intervention as possible. After various attempts to solve the problem, we think we’ve come up with a reasonable approach that will save time and reduce typos. We have also built up a very comprehensive set of best practices surrounding horizontal migration of COREid configuration data that could be applied, regardless of whether this tool is used or not.

Check out the COREid Nitty Gritty blog for more information. We’re looking to gauge interest in this kind of migration service, starting with our trusted customers, but if anyone else out there wants to let us know that the direction we’re moving in is valuable, or wants more information on what we’re doing, we would appreciate the feedback.

Mark – congrats on starting to get this out in the world, I know it has taken a lot of your time and effort.

I can’t wait to see the wonderful things you will do at the Burton Group.

I’m sure it will be a wild & woolly adventure; I would expect nothing less :-)

Cheers,

Pam