Utah Open Source Planet

This Ars Technica story tells of an ebay seller who is suing a buyer over negative feedback. Since eBay removed negative feedback for buyers, there's no other way for sellers to leverage what could be vindictive buyers. On the other side, that leverage sometimes leads to buyers being unwilling to leave feedback. Of course the threat of a lawsuit does that in spades. eBay has a reputation problem they need to solve or the whole thing could fall down. As the article concludes:

[S]ellers were a bit miffed at eBay's feedback changes, and organized a week-long strike that resulted in 13 percent fewer listings on eBay. But, for many people who make a living selling stuff online, eBay is essential to business, and many have begrudgingly returned. Although they can no longer leave negative feedback for buyers, things appear to be operating smoothly--more or less--on the auction site. Libel lawsuits take tit-for-tat feedback a bit too far, however. The sky isn't falling just yet, but if more sellers decided to go after their buyers in the same way Jones has, buyers will be seen running for the hills en masse. And then who will buy all of your handmade duckling sculptures?

From Tit-for-tat extreme: eBay seller sues over negative feedback
Referenced Mon Oct 27 2008 16:12:51 GMT-0600 (MDT)

Tags: reputation identity ebay

Jamie Lewis at DIDW08 (click to enlarge)

Jamie Lewis gave the opening keynote this morning on the state of digital identity. The first part was pretty straightforward review of where we've been and where we are. Then Jamie started riffing on the relationship idea that Burton has been talking about lately.

Digital identity exists to enable human experiences online. In human experience, trust (I'd say reputation) is critical. He references Alan Greenspan's book The Age of Turbulance where Greenspan talks about the global economy being based on trust. With current technology we don't enable trust in the way humans use that term.

Trust is based on relationships. In close relationships you can make frequent, accurate observations about identity attributes that lead to better understanding. Close relationships require investment and commitment. A useful, good relationship provides value for all parties.

Centrism focuses on contention and sets up an adversarial approach. Relationships aren't just about rights, they're also about obligations. Systems that simply collect information without placing it in the context of a relationship are destined to fail.

Scaling is hard when we talk about relationships because of the commitment and time required. Custodial identity is what Burton Group calls the kind of close relationship-based identity that some entities will establish. Contextual identity is what distant parties use. It's provided by the custodian. Transactional identity is the use of minimal disclosure to reduce individual risk (Is this person over 21?) For many companies who use identity data, they can get by and should get by with just transactional identity data.

Tags: identity relationship reputation didw08

Businesses spend a great deal of time and money trying to identify their customers. By "identify" I mean not just get a name and credit card number, but find, learn about, and discover the attributes, preferences, and even desires of customers. They spend millions of dollars on "customer relationship management" (CRM) systems that are really "customer dossier systems" in a quest to manage the identity data they collect about customers.

In the same way, customers spend a great deal of effort identifying businesses. Which business sells the product that will meet my needs at a price I'm willing to pay? Which business will give me the best shipping, the best service, or even the most emotional lift when I buy from them?

Doc Searls has been talking about the need for the one-way "CRM" systems to become more truly about relationships for years--ever since I first met him. He's set up Project VRM at Harvard to focus on that effort. VRM, which stands for "vendor relationship management" was meant as a play on CRM, but is maybe too "user-centric" at this point. The real idea is relationships.

When Bob Blakely spoke at IIW about relationships, I don't think I really understood what he was saying, but I took notes and today when I was going back over them, the idea of relationships as the context for identity actually leaped out at me. (See also Drummond Reed's notes on this same talk.)

I've been thinking about this idea in the context of ecommerce lately and trying to understand the market that might emerge as ideas like VRM start to take hold. As Bob mentioned in his talk, this idea has real power when relationship intermediaries start to get involved.

The much used analogy to the credit card industry is applicable here. I can buy a TV at Best Buy on credit not because I have a direct credit relationship with Best Buy (although they'd love to establish one with me) but because I have a trusted relationship with my bank, they have one with their bank and there's a contract between those two banks (via the Visa network) that links them.

In a similar way, intermediaries could provide strong trust relationships that link merchants and shoppers. Here's a picture:

In this diagram the blue box labeled "RelP" represents a relationship provider. Not an IdP who provides low value authentication services, but someone with a strong trust relationship with various parties--shoppers and merchants in my example. The RelP creates a relationship context within which the identity data lives and is shared. Other RelPs through contractual relationships can federate to create relationship contexts that span a single RelP.

As a side note, this model doesn't necessarily envision the creation of a network for relationships like Visa, although you could imagine one. This was the reason Andre Durand started Ping Identity. 2002 was probably too early to get that gargantuan task accomplished, but the technology and thought processes around this area have grown up a lot in the last 6 years.

How might such relationships be created and managed? Drummond and the folks at the Higgins Project believe that relationship cards, or r-cards are the answer. They well may be. An r-card, perhaps slightly misnamed, offers the capability to instantiate an ongoing data sharing relationship that can be terminated at any time by either party. in Drummond's words:

An r-card ... exchanges a set of claims and associated policies that enables both parties to continue to share other information over time, e.g.:

• Updates to the initial values of the claims
• New claims
• Permissions and controls over communications via other channels
• Changes to the r-card itself

I'm still trying to understand all the details, but convinced of the necessity of this kind of thing. My work on reputation (PDF) was a start at understanding how trust relationships can be created online. I'll be writing more about this as I understand it more over the coming weeks.

Tags: identity relationship rcards reputation

Jeff Jarvis points out the flaws in Newscred.

It's very simple --- though that's the problem; credibility isn't so simple. They list articles and you get to "credit" or "discredit" them. These scores are, in turn, compiled for writers and publications.

The first and most obvious problem, which TechCrunch points out, is that this is bait for grudges. Fox from one side, the Times from the other will get discredited by their detractors all day long. One man's bias is often the other man's truth.

From BuzzMachine » Blog Archive » Credibility is not binary
Referenced Tue May 13 2008 09:45:47 GMT-0700 (PDT)

Precisely: reputation, credibility, are personal judgments. We often think of the New York Times having a reputation, but in fact, there's not some single, magic score somewhere. There are millions of opinions. But there are also millions of reputations. Each person judges what the reputation of the NYT is based on what they think others are thinking. Any system that doesn't allow each person to have a personalized reputation for a given entity is doomed to suffer this problem.

But Jeff points out a second problem:

The second and more fundamental problem is that there's no basis to decide credibility. Does one error ruin an article's credibility? How many discredits does it take to ruin a reporter's or a publication's? And then what does that mean? That they lied? That you don't believe them? That you don't like them? That they make mistakes? That they don't report enough? That they use anonymous sources? That they relied on bad sources? That they wrote it badly? That they weren't transparent?

From BuzzMachine » Blog Archive » Credibility is not binary
Referenced Tue May 13 2008 09:49:44 GMT-0700 (PDT)

Just as each person keeps an individual idea of the reputation of every other entity they care about, they also use their own basis for making that judgment. Apes are remarkably good at this--we have to be to create large social structures. Our frustration with computational systems that attempt to do this for us is partly rooted in the fact that they don't come close to the nuanced sophisticated social judgments that any 6 year old can make.

Tags: reputation

Reid Andersen from Microsoft Research is talking about trust-based recommendation systems (PDF). To build a personalized recommendation, you need a trust graph among users. What system should you use to determine the recommendation? The researchers use an axiomatic approach.

The context of their axiomatic system is social choice theory (see Arrow's impossibility theorem for voting systems from 1951). More recent treatments are Webpage ranking systems (Altman, Teeneholtz, '05).

The details are fairly complex, but the basic idea is that by proposing axioms until you get an inconsistency in the axiom set and then backing off and exploring other axioms to add to the set, you can generate unique recommendation systems that have a provable set of properties.

The overall model is simple, but there are several nice result including being able to show incentive compatibility which avoids self-interested bias in the recommendations. For details, see the paper (PDF).

Tags: reputation trust identity www2008 www2007 www2006

Clifford Thomson sent me a link to a talk Dan Solove gave at Google on his new book The Future of Reputation. I interviewed Dan on Technometria a while back about his earlier book The Digital Person.

Dan's a very interesting speaker and raises important issues in his books and in this video. This is well worth watching if you're interested in the intersection of privacy and reputation in the Internet age.

Tags: itconversations reputation identity video privacy

A while back Jon Udell interviewed me for his Interviews with Innovators podcast. We talked about reputation.

Tags: itconversations reputation identity

Doc juggles (click to enlarge)

I just posted a summary piece from Tuesday at IIW2007B at Between the Lines: Reputation taking center stage. I also have pictures. Look for more IIW coverage with the iiw2007b tag.

Tags: iiw identity iiw2007 iiw2007b reputation

Dick Hardt is giving a new talk at Defrag. He's talking about trust; his thesis is that trust defrags identity. Much of what's he's saying is right in line with the reputation work (PDF) my students and I have been working on. He makes a critical link to identity: identifiers bind personas together to increase trust.

Intuition doesn't work well online because of the absence of clues and the ability to create false context. Institutions haven't done much better. He brings up another key concept this is largely about accountability.

Key point: binding behavior from multiple sites together leads to better accountability. This doesn't mean that we can't have multiple personas just that we ought to be able to link them if we feel the reward is worth the loss of privacy.

Tags: trust identity defrag reputation