Tuesday, October 21, 2008

Results of OLDaily Reader Survey

I have a total of 199 results from the survey. You can view the results here (the tables simply won't display in Blogger - some weird default or script, I know not what).

I received many text comments as well, the vast majority of which said things to the effect: don't change anything.

Sunday, October 19, 2008

Networks, Power and Ethics

This is a few weeks ahead of when we will be looking at this in the course, but I wrote is as a response to a discussion post today and so I'll post it here now.

> Could we separate out some issues?

OK, this post raises a number of great points. Let me work through them.

> 1. Is it not the case that if we respect: autonomy, diversity, openness and interactivity in any form or structure, its difficult to misuse power, but that's the case by definition?

It is so by definition only if the definition of 'power' is something like 'the limitation of autonomy, diversity, etc...' And I'm not sure people woul want to define power that way. Usually power is defined not just as type of limiting behaviour, but also as a type of effective behaviour, that is, people wield their power to cause some sort of outcome.

Maybe it can be so by the definition of 'autonomy', 'diversity', etc? This isn't clear. Clearly not for diversity. The cells in a leaf or the atoms in a lump of lead are all the same, but not by virtue of some sort of power. So non-diversity does not entail power. Similarly with non-autonomy. A pilot fish follows a shark around, or a barnacle attaches to the hull of a ship and goes where the ship goes - this is non-autonomous behaviour, but not a power relationship.

Interestingly, I think that because we define 'power' as the capacity to some sort of intervention, we can't have 'power' without at least the possibility of autonomy, diversity, etc., if not the actual existence of them. The wielding of power is the violation of autonomy, diversity, etc., which means it is wielded in a situation where autonomy, diversity, etc., would normally be expected.

What, then, would make it difficult to wield power is not simply the existence of autonomy, diversity, etc., but rather, the degree to which they are entrenched - how stuubornly autonomous individual entities are by nature or temperament, how 'power-wielding' form of contact or interaction are available through the connections in a given network, the nature and inclination of given entities to wield power, etc., the number of connections (and therefore the extnt of power) that may be forged, etc.

This gives us a way of describing different types of networks in term of the degree to which power may be wielded in those networks. For example:

- person-to-person network: communication is exercised by physical contact, power can b wielded as the direct application of force leading to injury and possible fatality, versus
- electronic network: communication is exercised by electronic message, power can be wielded only by means of changing opinions through rhetoric or reason

Or:

- person-to-person network: communication only to people who are physically proximate, and therefore limited to a maximum audience of several thousand (tens of thousands with voice amplification), versus
- broadcast (radio or television): communication to people with receiver, limited only by the number of people that exist

> 2. What is it particularly about networks that tends to enhance autonomy etc? Or is it the case that networks inevitably enhance autonomy etc?

I don't think there's anything particularly about networks that tends t enhance autonomy, etc.

What it is about networks is that properties such as autonomy become important in a way they didn't before. This is why I distinguished networks from groups.

In groups, the properties of autonomy, diversity, etc. tend to be thought of as inhibiting the function of the group. Notice how the person who has a different point of view, or who has different objectives ("their own agenda") are depicted as obstacles to be overcome.

Nothing inherently in a network fosters autonomy, etc. and, depending on its make-up, a network can be used equally to promote or to eliminate autonomy. That is why it is possible for a network to effectively collapse into a group.

A reworking of this question would be, why are autonomy, etc., important? And I have tried to answer this in An Introduction to Connective Knowledge and elsewhere. Networks in which these values are promoted are robust, dynamic, stable, reliable - they are good knowledge engines. We can rely on them (the way we rely on scientific explanation and induction, as methodological paradigms, tweaked and adjusted over time).

Another way of stating the same thing is that networks in which autonomy, etc., are abridged are effectively dying. The resonation of connections from entity to entity will gradually cease. The network gradually becomes inert. If all entities are the same, there is nothing for them to communicate to one another. The network is dead - a dead lump of coal (100% carbon) rather than a living, breathing plant or animal.

> 3. The internet allows, and enhances all sorts of behaviours: grooming for child pornography and abuse, and for the grooming of disabled adults for terrorism, just for starters. Giving a child, or a disabled adult the autonomy to connect to anyone else on the Internet, within diversity, openness and interactivity is clearly a disaster.

I don't think any of this is an argument against either the internet or networks.

First of all, the internet does not increase the possibility of exposure to these elements. Child abuse was common before electronic media - maybe even more common. The grooming of average civilians for military purposes was also common; witness the Crusades.

Second, internet technologies tend to make these things less dangerous, not more dangerous. Child abusers and terrorists cannot use the internet to impose direct control the way they can in person. You cannot kidnap a child or harm someone's relatives online - you have to do it in person.

Third, the best defense against the ills of society is not sheltering, but exposure. It is the things children (and adults) have never seen before that really hurt them or kill them. Children who have been exposed have a better chance of survival, and if this exposure happens in a safe environment, such as the internet, so much the better.

Fourth, exposing children to the diverse nature of society shows them how rare some of these phenomena are. While broadcast television hammers into them the incorrect notion that violent crimes are prevalent and increasing, exposure to actual people shows the wide diversity of (mostly nice) people.

All of this is, in essence, an argument to the effect that network responses are a better remdy to the ills outlined in the comment than group responses. One of the most striking images I have of my visit to South Africa was of the walls that are everywhere. But nowhere were people less safe. Huddling together with people of your own kind, keeping those you fear at bay with fences and security and police, makes you less safe. You have the illusion of control - but it's only an illusion.

4. So, can we distinguish:

a. Generic affordances of networks

That's a good one. Autonomy, diversity, openness and connectedness are not properties o networks generically, they are properties of good networks.

I confess I don't have a systemic list of the generic affordances of networks. I would be inclined to put things like 'pattern creation' and 'emergent properties' as the generic affordances. But I would have to think about it.

b. Distortions and misuses of networks

This is where I would place non-autonomy, non-diversity, etc.

c. The ethics and memes of positive social networks, and the value systems within which we make those judgment calls?

This should be the subject of a much larger discussion. So I will only attempt a summary of my views here.

First, there is a significant distinction to be drawn between personal ethics and public ethics (analogous to the distinction between personal knowledge and public knowledge).

Personal ethics (aka personal morality) is an emergent property of your own self (your own brain, your own body, whatever). Personal morality is like a sensation - it is based in what we in this course have been calling the passions, it is a feeling for what is right and what is wrong. Though reason and argumentation can augment it, as Hume says, "reason is, and must be, the slave of the passions." In morality especially, if you don't feel that something is good, it can never be believed by you to be good.

The arguments we see in ethical texts - from Kant's description of the categorical imperative to Mill's utilitarianism to Sidgwick's methods - are, to my mind, rationalizations of the ethical impulses we feel as individuals. They are attempts to explain and justify the ethical values we already possess - and it is worth noting that such writings are singularly unconvincing to pople who do not feel the same way.

Such ethics can be taught, and a person's personal ethics are very often a reflection of their parents' ethics. But the manner of teaching is not to tell a child how to behave, but rather, to model and demonstrate ethical behaviour, which the child will practice, and reflect upon (forming ethical principles in his or her own mind as massive sets of connections between neurons formed via the principles of association).

Public ethics is the mechanism though which personal ethics are reflected in society as a whole. In essence, each person in a society is thought of as an ethical agent - an individualized sensor of ethical knowledge.

In terms of content, public ethics are whatever they are. What I man by that is that they are the emergent ethical properties that are produced though the interactions of a viable social network. We ma make various attempts to formulate them, but such attempts will be invariably limited by context and abstraction - they will be partial representations of a much richer phenomenon. The legal system is one such partial representation - it is an attempt to codify and prescribe punishments for serious ethical violations. Yet nobody would equate the legal system with the complete set of social ethics, an few people, if any, adopt the legal system as their own personal definition of ethics.

As such, and crucially, what constitutes ethical behaviour with respect to the creation of the social ethic is equivalent to whatever produces the best, most robust, richest, most reliable, and most reasonable social ethic. Behaviours that promote the development of such a social ethioc are ethical, behaviours that inhibit it are unethical.

Another way of putting the same point is what while personal ethics govern how we conduct our lives as individuals, social (or public) ethics govern how we interact with each other. Our motivations for acting in one way or another can and will be very different; what a public ethic amounts to is (roughly) the rules of engagement with each other - or, as Wittgenstein might say, the ethics game, or as computer scientist might say, protocols for a network infrastructure (the IETF and the W3C protocols are not standards, they are a set of protocols for ethical behaviour - that is, behaviour that best leads to the effective functioning of the internet, so far as we know).

What amounts to ethical behaviour, on such an account, is (very roughly) what amounts to reasonable or polite behaviour. In my own thinking, I identify different domains depnding on the different types of interaction. For example:

- principles of argumentation - ethical behaviour is rational behaviour - we interact using reason, rather than attempting to intimidate with force, we argue clearly and honestly, rather than attempting to misrepresent or fool through trickery. These principles align with qualitative knowledge.

- principles of explanation - we favour theories and mechanisms that are testable, that are robust, that apply in a wide range of disciplines; we reject explanations and mechanisms based on incomplete or misrepresentative information; we favour simplicity. These principles align with quantitative knowledge.

- principles of networking - we favour networks in which the entities are autonomous; we promote networks of diverse entities; we prefer networks that are open and undefined; and we prefer networks that produce knowledge as an emergent property, rather than mere repetition of some poperty or state of an individual entity. These principles align with connective knowledge.

d. Appropriate ways of regulating networks - both socially and ethically appropriate, and network/CAST (complex adaptive systems theory) appropriate, assuming that regulation of complex systems is not the same as regulation of predictable systems (see Kurtz and Snowden).

The connotation of 'regulation' is that it is the moderation of behaviour through a projection of power.

My reaction to that is that I have never seen an effective regulation through projection of power.

That is not to say that projections of power cannot prevent particular instances of prohibited behaviour. That is not even to say that the application of a significant amount of power cannot prevent most instances of a prohibited behaviour. Police states, whatever their faults, result in less crime. For a time.

If you convert your network into a perfect group, you will have achieved group identity, and hence, perfect regulation. At the cost of killing the network.

Mechanisms based on projections of power are temporary and ineffective, and that they will fail in the long run.

Ethical behaviour cannot be imposed. It can be enforced, but cannot be produced through the use of force.

Only behaviour that is freely chosen can become ethical behaviour, because only such behaviour can be relied upon even in the absence of constraint or force. Only such behaviour will survive the breakdown of social order. Only such behaviour will permit the rebuilding of a society in the event of disaster.

Such behaviour is not created by power, regulation or force, it is taught, and such behaviour is not taught by telling, it is taught by modeling and demonstrating ethical (read: 'reasonable') behaviour.

Regulations are a short-term mechanism intended to cope with a failure of teaching. Regulations are effective only for the perpetuation of a status quo while alternative teaching can effect long-term and substantial change.

All of that said - the practical question is, how should I, as an ethical actor, with an interest in promoting an ethical network, approach instances of unethical behaviour (defined for now as behaviour that would normally prompt calls for 'regulation').

And the answer, in a nutshell, is to make ethical behaviour a condition for network interaction. Ethical protocols are voluntary, and you can do something else if you want, but nobody will talk to you if you do not behave ethically.

This is something you cannot impose - you cannot effectively isolate a person from a network, because it has no boundaries. However, individual entities can refuse to connect with non-compliant entities. And this refusal to connect is something that can be modeled (and, more importantly, the conditions under which non-connection occurs) can be modeled.

That said, it should be understood that these are two gradations, not on-off absolutes. A person's behaviour can be more or less reasonable (as defined above) and a response to that behaviour can be more or less exclusionary. There is room for moderation of response, and moderation of response is encouraged. The network principle "be generous in what you accept, strict in what you send out" applies here: it is better to encourage reasonableness by demonstrating it, but the effectiveness of demonstrating it exists only if communications are undertaken, at least some times, with people who are more or less unreasonable.

(I use the word 'people' but I actually intend to refer to 'entities' more generally.)

Friday, October 17, 2008

The Pond by the Corner





I may complain about Moncton sometimes, but I can't think of any city more beautiful than Moncton in the fall. This photo is of a pond just near my office, that I pass by every day.

The Pond by the Corner
Originally uploaded by Stephen Downes

Tuesday, October 14, 2008

The Dion Question

To: CTV News
Subject: You call that an interview?

That was a pretty shabby tactic used in the interview with Stephane Dion today.

I am not a Liberal, but I recognize a hatchet job when I see one.

When someone asks you, "Can I start over," and you say "yes", it is an out-and-out lie if you then turn around and broadcast the false starts. It's just bad faith, and you should be ashamed of yourselves.

And what a stupid question - you are asking what Dion would do - but isn't important to know whether this is before or after the irresponsible tax cuts harper passed just before the crisis hit. It was a question that meant to be vague and misleading, and it is clear you were counting on a muddled response.

Shame on you. Irresponsible, yellow yellow journalism.




Dear Mr. Downes,

Thank you for your email. I would like to take a moment to respond to your concerns to give you a better understanding of why we aired the interview with Stephane Dion in its entirety.

The economic crisis is a central issue in the federal election campaign. We posed a question to Mr. Dion regarding the economy and while it was unfortunate that he struggled in answering the question, upon review and reflection it was decided that we had a responsibility to run the footage so that our viewers could decide for themselves.

We would like to emphasize that Steve Murphy is not personally responsible for this decision. CTV News has an editorial review process in place. There was a great deal of consideration and discussion that went into making this decision. This process also included numerous other people from various departments within CTV News, as decisions of this magnitude are never made in isolation. We assure you that we do not take these issues lightly.

Thank you for sharing your point-of-view, as feedback from our viewers is extremely important to us. We sincerely hope that you will continue to watch CTV News in the future.

Sincerely,
Jay Witherbee
News Director
CTV Atlantic




Hiya Jay,

The widespread condemnation your actions are receiving in other media (and, notably, not your own) is indication that you made the wrong call.

Dion's efforts to comprehend a confusing and poorly worded question were not news, and your airing of obvious outtakes normally left on the cutting room floor was not journalism.

In recent years, CTV News has increasingly begun to resemble Fox News in both tone and in balance. I will not be watching CTV News in the future if this trend continues.

-- Stephen

Friday, October 10, 2008

My Digital Identity

Based on my presentation to the e-Portfolios conference, May 6, 2008.

Abstract

In this address to the 2008 e-Portfolio Conference I consider the sorts of questions that might be asked about a student’s identity in an e-portfolio system and the factors that inform the answers to those questions. Rather than being answered with a simple physical presence, as we might have expected in the past, the question of identity in a digital space requires a complex answer, taking into account a person’s past and future states, as well as his or her motivations, desires and expectations. Accordingly, an identity is best thought of as a distributed profile, written by multiple authors and considering multiple questions, rather than a single fixed point on which attributes may be assigned.



Questions, Answers and Technology

One way to enquire about e-portfolios is to consider the questions raised by them. Consider, for example, some of the central questions on the subject of e-portfolios that center on identity. What is the self? What is the person? What are the capacities, the competencies of the person?

As Heidegger argues, any time there is a question, there are things that come with that question. (Heidegger, 1962) The first of these is that the thing that we’re inquiring about: whether it’s a nature, a capacity, ability, or skill. The second is the thing that we are asking that question of, “that which is interrogated.” We assume that we are asking the questions of the student, for example, but in fact, when we’re working with things like digital identities and digital portfolios our inquiry isn’t of the student, but of the body of work that we take to be representative of the student. And third, there’s always a presupposition when we make an inquiry of any sort about the sort of thing that we might get in response. If we ask for grades, we’ll get grades back. If we ask for capacities, we’ll get capacities back.

All of these things interplay in the nature of our enquiry. To see this, consider the technology that we’re dealing with. To borrow some comments from Helen Barrett, who cites Gary Brown, one aspect of e-portfolio technology is a shift from the idea that a learner takes a course from a particular institution or that a learner has a particular source or a particular authority that is teaching them or representing the state of the world to them. (Grush, 2008) More and more learning is happening online and, according to Brown, 50 percent of students are studying from multiple sources, multiple institutions, often at the same time. So the very idea that any system like a learning management system or an e-portfolio system as something that is created and managed by the institution seems in a way seriously misguided. If people are taking things from multiple institutions, then if we have an application that is a single point of reference for their learning, then that application must be of multi-institutional.

Brown also suggests that the ePortfolio is becoming or adapting to Web 2.0. The idea here is that the ePortfolio resembles less and less a content management systems (CMS) and is less and less a single place or location where students put all their work, and becomes more and more what is being referred to as a personal learning environment (PLE). The personal learning environment adapts, adopts and embraces Web 2.0 methodologies and in particular applications that can make inquiries of other applications using things like AJAX (Asynchronous Javascript and XML) and REST (Representational State Transfer) based technology. (O'Reilly, 2005)

And the three domains of inquiries come into play here. We need to know what we’re asking about. We need to know what we’re asking of. We need to know what we expect to get in return. When we define things like Asynchronous Javascript and XML, when we define Representational State Transfer, what we’re trying to do is understand the kind of questions one application can ask of another application. We are defining what we are asking for – a name, a value, a field? What we are asking it if – a website, a web service, a person? And what we expect in return – some text, some XML, an authentication?

E-portfolios involve distributed content. That is to say content that is located not in one place on the World Wide Web, not in one place on the internet, but rather in multiple locations. If you think about even your own web presence now, you have a Facebook account, where you keep your contacts; you have Google Docs, where you keep your essays; you have a Flickr account, where you keep your photos; a YouTube account, where you’ve uploaded your videos and your friends’ videos and stuff from TV. You have your website, your blogs, and all of the rest. These things are spread out across the internet and the whole idea of distributive profile is getting a picture of all of those things that are spread out all over the internet and thinking of them as one thing.

And these things allow people to collaborate and to communicate with each other, to form communities of users. For example, here is the widely cited diagram of a personal learning environment diagram that was actually created before anybody came up to the term personal learning environment (so it says ‘future VLE’ in there instead). It’s authored by Scott Wilson:


(Wilson, 2005) There have been numerous variations of this diagram since, but the original is sufficient to demonstrate the distributive nature of the concept. Wilson describes links to 43 Things for your task list, Flickr for your photos, Live Journal for your blogging posting, et cetera. And what makes the PLE the PLE is the way that communications takes place from entity to entity to entity. Thus Wilson describes the various protocols – RSS, FOAF, Atom – these sites use to communicate with each other.

So e-portfolios built using these - these representations of the self that are out there in the world - are not simply static artifacts. They are actually conversations – series of questions and answers - that you have with the rest of the world. That’s the kind of technology, the kind technological environment that we’re looking at.


What We Think About Identity

In this environment, then, what can we say about identity? It seems that with the use of digital communications, the question of identity changes. Identity used to be ontological problem. It used to be a question about being. If you wanted to establish an identity, you would produce a body. That was identity: one person, one body. But on the internet we have a situation where we have identities without bodies. We might think that this doesn’t make sense, but it does, if we think about identity the way we think about it in everyday ordinary life.

What is the common conception of identity? As Heidegger notes, we’re born, we live, we die in time. And we have a certain presence in space. Heidegger should have called it “being (or space) in time.” (Arisaka, 1996) So we take up space. Some of us take up more space than others, but our identity does not begin and end there. We have a corpus, we have a body, but our identity is much more than just that. For example, Heidegger has a lot to say about the way the past plays a role in our identity. The past shapes who we are.

Think about two people with two identical properties? Two hockey playerers may have the property of having ‘scored 32 goals’, say. For one player, that’s a great achievement, the peak of his career. But for another player, it’s his career in decline. He’s going to have to retire now. The present is informed by the past; what we understand of the present entity is informed by that entity’s past states. And there’s also the future, what one could be. Our potential also defines who we are, in a certain sense. Our identity, in any sense of the word, is not merely a defined by a physical presence in an instant of time. Our identity spans dimensions, from past to future. And therefore, extends beyond the merely immediately physical.

Our identity extends beyond mere physical dimensionality in space as well. For example, in addition to the physical, we have what we might call, for lack of a better word, the ‘inner’, which can be contrasted with ‘the outer’, which is the rest of the world. We have not just our physical body and any physical extensions of the body – our reach, our property, our influence – that we might find in the outer world, but also our mental state – our hopes and dreams and habits and predilections. A change in the purely mental may quite rightly prompt us to say “He’s not the same person.”

And so what happens when we’re establishing identity, and particularly when we’re talking about identity on the internet, is that we’re talking about the projections of this self from here to these four dimensions (past and future, outer and inner).

That’s why it’s so difficult to make assertions about identity, particular when those assertions include assertions about the capacities or the competencies of the person. We have these divisions, not only between past and future, but also between, on the one hand, the things that we do in the world (actions), and on the other hand, the things that we think about the world (reflections). And the reason this is relevant is because a question of identity, a question of understanding what this person is, isn’t simply a point by point picking out of this sort of thing. It involves inferences and relations between the various aspects of identity. This inference is not straightforward; it is multidimensional and complex. (Blunden, 1996)

(Aside: Proponents of standardized testing haven’t accounted for this adequately. The problem is that testing measures only one dimension of something that is very complex. Consider Charles Ungerleider, who says things like, “The utility of CRLSAs for improving student achievement depends on the capacity for investigating relations among variables over which the system exercises control or is capable of exercising control.” (Ungerleider, 2003) This creates a very limited, very simple point of view, since most of what accounts for a student’s learning is outside the control of the evaluators. When we’re talking identity, we’re talking about the full scope of an identity, but when we’re talking about measuring – that is, trying to find causal relationships between variables – we are typically we’re talking about one dimension about it. And thus, if we represent it as the whole of an identity, misrepresenting it.)


Asking Questions About Identity

And so the study of identity has changed. If we go back to the world of Descartes it consisted of questions like “Who am I, what is my nature, what is my essential nature?” (Descartes, 1996) Today, questions of identities become (maybe it has to do with our bar culture and IDing yourself) how you can prove who you are to someone else. And notice the way the question has changed. Notice the way the asker of the question has changed. Notice the way the entity to which the question is being put has changed. It used to be that to identify yourself was very simple. You just stepped forward and the guard at the gate would recognize you. You just made a barrel, and people could see you know how to make barrels. Now, there’s no such way of doing that. You can’t stand forward and be recognized. You can’t simply demonstrate your skill or capacity. And so what was never questioned is now the central question.

It is important when questioning assertions of identity to draw out two distinct concepts. The first of these is identification - sometimes known as self identification - which is my assertion that I am a certain person. The second is authentication, which is the verification (presumably by a third party) that I am who I say I am. (Downes, 2005)

Identification is really kind of soft verification. It is us, asking of ourselves, who we are. Who am I? It’s essential to our being. When a person becomes amnesiac and they lose their memory, their first question is, “who am I?” As opposed to, “What is the capital of France?” Who they are: That’s what they want to know. And importantly my sense of self, my sense of identity defends crucially on my remembering who I am. And in a certain way, remembering what my aptitudes are. You cannot have identity in time without identity in history. Self-identification is self-memory.

I have different ways of describing who I am, and each different way I describe who I am corresponds to a different way of thinking about myself. I have a name. But my name is not sufficient to identify me. It is also the name of a restaurant critic in Melbourne, Australia. It is also the name of a political candidate in Nova Scotia, Canada. It is also the name of the cognitive psychologist who works at Utah. It is also the name of a football player in England. I need something more specific.

In identity there is a presumption of uniqueness and in order to establish uniqueness you need multiple naming systems. Some of them are more or less permanent, like your social security number. Others are transient and less permanent, such as your school number, phone number, PIN, and the like. The problem is that there are too many numbers. Nobody can remember them all. So we carry tokens with us – our credit cards, our bank cards, and the like. And that way we don’t need to remember all of these numbers. We just refer to the token.

It’s kind of funny; right? My tokens tell me who I am. If I didn’t have my tokens - if I didn’t have things that are external to me - I wouldn’t know who I am, because I wouldn’t be able to name myself.

What about authentication? How do I prove to someone that I am who I say I am? First of all, I have to know who I am. There is no authentication without identification. There’s no way I can prove to you that I am who I say I am unless I can say to myself I am who I am.


The Failure of Authentication

Consider the two major cases of identity claims that are made in context of authentication: where self-identification is accurate, and where it is not. First of all, I am Pete when I am Pete. It’s an accurate or correct identity claim, and if that’s the case everything’s fine and we don’t need to worry. The problematic chases when I say I am Pete when in fact I am not Pete, I am someone else. How do I prove that I am or am not Pete? If I can’t present the body I’m going to present the token. And if it’s a case of online authentication, I’m going to present a digital token, something like a password or a PIN or something like that.

But there is nothing inherently in the token that establishes the authenticity of my identity claim. A PIN is just a PIN. Only when a PIN is seen or used in a certain context is that an identity claim. There’s nothing in the PIN itself. Think about the example of the bank machine. I give my card, which is the physical token, and my pin number, which is the digital token, to my wife and I say, “Go get me a hundred dollars.” She goes to the bank presents the card, presents the ID number, gets a hundred dollars. There’s nothing inherent in the presentation of the card and the ID number that establishes that that person is who they claim to be.

So there’s nothing in the claim itself that prevents it from being a false claim. This is very important, because what is means is in the end no system of authentication ever succeeds. This is the conclusion of the famous Microsoft Darknet paper. (Peter Biddle, 2002) By ‘succeeds’ I mean establishing to a sufficient degree of certainty that my claim to be Pete is in fact true. Now, the standard will vary, but we can take very stringent standards and very loose standards, the result ends up the same.

Consider how we authenticate. Typically we rely on the testimony of a third party. Look at my tokens again – one is authenticated by the bank, another is authenticated by the government, another is authenticated by Costco. But how do they know I am who I am? Well, typically I went to them and said, “I am so and so” and maybe presented to them some other tokens. When you have a case of testimony from a third party, you basically created the same problem, but another iteration down, particularly in an online environment. Where now instead of proving I am who I am to the one place, I’m proving that I am who I am to another place, and using that proof to establish my proof here. There are all kinds of ways of misrepresenting myself. And even then even if I have proved to the satisfaction of someone that I am who I am, if I give my cards to somebody or if somebody steals my cards, and my pin numbers, they can still claim to be me even if they are not me.

The problem is essentially there is no token that is unique to me and that I can’t share - other than my own body, which I can’t share by definition. There is no token that I can present that is establishes that I am the young shadow of the doubt. It just does not exist.

The typical response is to propose some sort of biometric system, that is, to use a property of the body to establish identity. But the body – and other proxies, such as your computer, your telephone, like your mobile phone, the chip in your computer - can still all in some way be shared. The theme of many gruesome movies is that they cut the guy’s hand or they gouge out the guy’s eye in order to fool a biometric system. Biometrics depends on some kind of signature, and that signature is presumed to be unique to the body that carries that signature. But since it’s a signature, since it’s a type of sign, and not the actual entire body itself, it can always be spoofed.

This is especially the case if I am the person who is doing the spoofing. We typically think of false claims where somebody is claiming to be me, but what if I am me, but I want somebody else to be me? Suppose my thumbprint opens that door; I’ll unlock the door, and then I’ll send you through it. I’ve defeated the biometrics because I, the owner of the token (my thumb), used it to deceive. This is exactly what comes up in examinations and testing, when it’s in my interest to have someone who is not me write the test.


Trust and Motivation

Identity and authentication depends on motivation. They depend on me not wanting somebody else to self-identify as me. That’s why bank cards work. Bank cards work not because they’re super duper security – they are basically a simple password system, no more secure in a certain sense than a website – but because of my desire not to have the entire world able to withdraw funds from my bank account. Even biometrics depend on the bearer’s motivation to keep the lock secure, on me not wanting somebody else to be able to successfully pose as me.

In fact, when we talk about trust, our idea of trust is exactly backwards from the way it should be. We typically talk about trust in terms of authentication, in terms of whether I can prove my identity to someone else’s satisfaction. (Crocker, 2008) But what we should be talking about is whether I can trust the resource provider. Can this system establish to my own satisfaction that - I and only I - can establish that I am who I am? Are my identity assertions in this system uniquely my own?

This issue becomes especially evident when we look at the wider sense of identity, when we think of identity not just as a name or a number but rather as the complex set dimensions described at the beginning of this paper. If identity is not just a name, but rather, a four-dimensional array of properties, then the task becomes one of my being able to ensure that the properties – or at least, descriptions of those properties – are uniquely my own. And it is indeed this question of trust is brought forward in very sharp relief on the internet of today. Governments share our data. Companies share our data. Other people share our data.

Sometimes people impersonate these agencies in order to steal our data. Sometimes they simply sign legal agreements, or acquire the company, in order to obtain the data. Every year, thousands of people are victims of identity theft. (Canada, 2008) When agencies impersonate the entities that we can trust in order to steal our identities and use them for their own purposes, we lose the assurance that our identity claims are uniquely our own. We lose the assurance that claims made about us are true. And it is arguably this, rather than authentication, that the barrier to identity creation on the web today.

We need to establish a system whereby a person owns his or her own identity, where the projections that this person makes out to the world are verifiably, to the satisfaction of the person (not an external agency) reliably the property of that person. Or in pragmatic technical terms, if a blog post out there on my account has my name on it, it had better be something that I wrote and not something that has been put there in place of something that I wrote. We see that all the time people attempting to steal blog accounts in order to insert spam. This is exactly an instance of the sort of trust that we need to be able to establish: me being able to establish that my content, and not spam content, will go on my blogs, will be delivered using my email address, will represent my work, or my competences.

So identity needs to be understood from the perspective of our objectives, needs to be understood from the perspective of potentials of actions that we want to take, needs to be understood from the perspective of, as Terry Anderson says, how I manage my own presence. (Terry Anderson, 2001) How I manage who I am out there on the internet.

The way this is currently being done in practice on the internet is through a system called OpenID. (OpenID, 2007) In OpenID, a person’s identity is essentially a website and people verify this identity by putting something on the website. This is how Technorati verifies ownership of web logs. Somebody a signs up for Technorati and Technorati gives them unique token. They log in and put that token on their blog. Thus, they have proven that they own the website in question. (Technorati, 2005) OpenID works in the same way, except that the process is automatic. Instead of a name and a password, I give a website URL, and I’m redirected, with a token, to that URL. Some software on my website accepts the token and sends me back to the original website, which checks my URL for an instance of the token.

OpenID is not a system of authentication. Indeed, that was the subject of criticisms. (Johnson, 2007) You are not proving to Yahoo that you are whoever you say you are. You are proving to Yahoo only that you control this website. So there’s no presumption of uniqueness. There’s no presumption of a physical body. The only thing that there is a presumption of is that you control this site. It’s self identification. It works because you are motivated to maintain your own identity. This is not some trusted authority. This is not some identity provider or registry system. There is no registry system at all. This is you. This is your projection of your digital identity on the web. And your motivation is your desire to maintain the integrity of the content on these sites you maintain, your desire to maintain control and ownership of them.


Identity and Resources

Let’s take some of these concepts and apply them to e-portfolios, to the way we attempting to describe resources. So here is a resource. It is out here in the world somewhere. And the question is how do we describe this resource? We need to be able to describe this resource in the case of the portfolios because this is the expression of one’s external self, the token that we are going to use in order to show that we have a competence or whatever, whatever. But the way we typically think of describing these resources is through metadata, and the presumption here is that this metadata will be in accurate or true description of this resource. The big problem is metadata lies. Just as a token does not establish identity, metadata does not establish content. The sign signifies, but does not verify, the entity.

People lie in their metadata. If you looking at learning object metadata you see a perfect example of it. One of the fields in learning object metadata is “interactivity”, and it turns out they all are highly interactive. Even plain text web pages are all interactive. Everything in the world is interactive. According to metadata.

What we want to think about now are the different types of metadata that are attached to different types of resources. For any given resource there will be different types of metadata: bibliographical, technical, classification, et cetera. Think for example of a photograph versus a video. A video has a runtime in seconds, 43 seconds say. A photo does not. And it doesn’t even make sense to think of a photograph of having a certain runtime. So different metadata attaches to different types of objects.

What we think we know about that type of object is expressed by the metadata that we apply to it. Essentially in this sort of world there are three kinds of metadata. (Downes, Resource Profiles, 2004)

First party metadata is that created by the author of a resource. First party metadata is typically bibliographical metadata describing the author, the creation date, the location, and the like. It may also include rights metadata. And it includes technical metadata specific to the type of resource being described.

Second party metadata is metadata created by the user, or through the use, of a resource. It might be, for example, an evaluative metadata, containing the sort of criticism we would never see in first party metadata. Second party metadata may thus seem to be more accurate. But not necessarily; people lie about other people’s stuff too. Second party metadata is best thought of as usage metadata: who used it, when it was used, in what context it was used, what people said about it, and such.

Third party metadata is metadata created by people who neither created nor used the resource, by people who are describing it or classifying it for some purpose. “This is a resource about physics,” says the bibliographical association of America. “This is a resource that is appropriate for our students,” says the Latter Day Saints Association of America.

As these different types of metadata get produced by different people we get what might be called a profile of the resource composed of that metadata.

So what does this have to do with identity?

Exactly the same thing happens for people. If you think about it, think about the lifecycle of a resource or the lifecycle of a person it comes down to the same thing. You were born. I was born. When I came into this world I had very little metadata. I had almost none, in fact. I had a birth date, and I had a location of birth. A little while later I began to accumulate more metadata. I got named. That didn’t happen until after it took a few days. And then as time goes by I accumulate more metadata. I get grades in school. I have a brush with the law. I joined Boy Scouts. All of these things produce metadata, and this metadata is stored in different places. Some of the metadata is with the school. Some of the metadata is with the police service. Some of the metadata is with the university. It’s distributed all over the place.

So the idea of generating a resource profile – the idea of creating an identity, whether for a person or a resource - is pooling this metadata together. A person persists through time and space, projects through time and space. In the same way, and for much the same reasons, resources also persist and project through time and space. Different people with different needs and different perspectives may pool different bits of information, from different sources. A prospective romantic partner will be interested in different properties of an individual than will a prospective employer.


Summation

And thus, we return to Heidegger. Because no matter how we think of portfolios and identity, we need a more nuanced understanding of the three basic questions he describes.

First, we need to consider carefully what we are asking about. If we ask for something simple and one-dimensional – a grade, say, or a token – then that is what we will receive in response. But a person’s identity – and the picture of their skills and capacities, their motivations and their attitudes – is more complex, consisting of properties that extend well beyond the merely physically present.

Second, we need to consider who we are asking. This is not simply a matter of which person we are asking. It also depends on the attitude of the person to the question. Even something as simple as personal identification depends on the willingness of the person to cooperate, on there being an appropriate motivation to perform, and on their trust in you. And even then, we want to ask different kinds of questions of different individuals.

And third, we need to consider who is asking the question – what they can see and cannot see, what they want and do not want, what they expect and do not expect. There is not and cannot be a single view, a single story, on any given person, because the person is not just the thing that you see in front of you. We must understand that what we ask is not what defines the person in question, that we can at best achieve an approximation of an identity that is inherently compex.



Arisaka, Y. (1996). Spatiality, Temporality, and the Problem of Foundation in Being and Time. Philosophy Today , 40 (1), 36-46.

Blunden, R. (1996). The Mind Dependency of Vocational Skills. Journal of Vocational Education & Training , 48 (2), 167-188.

Canada, P. C. (2008, April 15). Identity Theft: What it is and what you can do about it. Retrieved August 1, 2008, from Office of the Privacy Commissioner of Canada: http://www.privcom.gc.ca/fs-fi/02_05_d_10_e.asp

Crocker, D. (2008, March). Trust in Email Begins with Authentication. Retrieved August 1, 2008, from Messaging Anti-Abuse Working Group (MAAWG): http://www.maawg.org/about/publishedDocuments/MAAWG_Email_Authentication_Paper.pdf

Descartes, R. (1996). Meditations on First Philosophy. (J. Cottingham, Trans.) cambridge: Cambridge University Press.

Downes, S. (2005). Authentication and Identification. International Journal of Instructional Technology and Distance Learning . http://www.itdl.org/Journal/Oct_05/article01.htm

Downes, S. (2004). Resource Profiles. Journal of Interactive Media in Education , 5. http://www-jime.open.ac.uk/2004/5/downes-2004-5-disc-t.html

Grush, M. (2008, February 27). The Future of Web 2.0: An interview with WSU's Gary Brown. Campus Technology .

Heidegger, M. (1962). Being and Time. (J. Macquarrie, & E. Robinson, Trans.) Oxford: Basil Blackwell.

Johnson, M. (2007, february 23). The OpenID Buzz: The good and the bad. Retrieved August 1, 2008, from Techzoogle: http://techzoogle.com/the-openid-buzz-the-good-and-the-bad/

OpenID. (2007). Retrieved August 1, 2008, from OpenID: http://openid.net/

O'Reilly, T. (2005, September 30). What Is Web 2.0: Design Patterns and Business Models for the Next Generation of Software. O'Reilly .

Peter Biddle, P. E. (2002). The Darknet and the Future of Content Distribution. 2002 ACM Workshop on Digital Rights Management. Washington DC: Microsoft.

Technorati. (2005). Hey bloggers: Claim your blog! Retrieved August 1, 2008, from Technorati: http://technorati.com/weblog/2005/11/58.html

Terry Anderson, L. R. (2001). Assessing teaching presence in computer conferencing transcripts. Journal of the Asynchronous Learning Network , 5 (2).

Ungerleider, C. (2003). Large-Scale Student Assessment: Guidelines for Policymakers. International Journal of Testing , 3 (2), 119-128.

Wilson, S. (2005, January 25). Future VLE - The Visual Version. Retrieved July 28, 2008, from Scott's Workblog: http://zope.cetis.ac.uk/members/scott/blogview?entry=20050125170206


Tuesday, October 07, 2008

The Conservative Platform

This pretty much says it for me
The Conservatives minor tax cuts will accomplish little or nothing. Tax cuts are only beneficial in an economy where incomes are stable or rising and companies are turning profits. If companies are losing money and Canadian workers are losing jobs cutting their taxes will have no impact on them whatsoever. All of the other parties are promising green jobs, infrastructure rebuilding (which is long past due and will create jobs) and other programs that will stimulate the economy and make it more attractive to international investment and trade. Stephen Harper's agenda does none of this.
Source: publicbroadcasting.ca

Saturday, October 04, 2008

Who Is Paying Off Google?

The selection of journalists in Google's new 'Power Reader' Canadian Politics newsfeed is so blatantly conservative someone must be paying off Google.

On the Atilla scale (*):

Come on Google, get serious with the political blogs. Include a few people who are to the left of Atilla the Hun.

Via Google's official blog.

(0 = Atilla the Hun, most of us are in negative digits, far to the left. Positive digits are to the right of Atilla the Hun)