The Terms of Big Data Getting it Right

Appendix B: Terms and Definitions

Big Data consists of extensive datasetsprimarily in the characteristics of volume, variety, velocity, and/or variability that results in new and unprecedented amounts and kinds of value; primarily economic and socialthat requires a governed scalable architecture for the efficient and fair storage, manipulation, analysis and realization of this new value to increase the capability of living, individual social good and the well-being of society as a whole.

The Big Data paradigm consists of the distribution of data systems across horizontally coupled, independent resources to achieve the governed scalability needed for the efficient processing and fair realization of the value inherent in extensive datasets.

Big Data engineering is based on technical paradigms that tend to ignore or remain silent on the societal consequences of Big Data; this is why governance is needed, to guide the technical paradigms to use advanced techniques that not only harness independent resources for building scalable data systems, but also use those advanced techniques to assure the just and fair realization of the societal value inherent in those datasets. Big Data engineering so guided will use advanced techniques that harness the value in independent resources for building governable and governed scalable data systems so that when the characteristics of the datasets require new architectures for efficient, fair storage, manipulation, analysis such architectures will also enable the fair realization of value for the capability of living, individual social good, and the well-being of society as a whole.

Data governance is part of an evolving and dynamic rule set for realizing the societal and economic value from datasets. Data governance involves but is not limited to risk management or administering, or formalizing, discipline (e.g., behavior patterns) around the management of data. Data governance is a reflection of the choices made among normative and competing values and ideals such as—efficiency, economic efficiency—autonomy, individual personal autonomy— distributive justice—corrective justice between the parties—fairness and the like—where parity or equality in bargaining power between the parties is the foremost aspiration.

Value refers to the inherent wealth, economic and social, embedded in any data set that must be governed in order to realize that wealth for all members of the society.

Seeking leadership in managing the Identity Ecosystem

Relying Parties Stakeholder Delegate
Candidate Statement

Ann Racuya-Robbins LinkedIn

February 13, 2015

The last goal of good neighbors when human attributes are the new money is to advise your friends, family and community to hold on to your human attributes, to ask hard questions when entities want them including requiring an informed valuation of what they are worth in dollars and sense and before you let them go. Like my neighbor in the timberland of Washington that gives her son a patch of land and counsels him not to sell off the timber for quick cash which will make the land barren for years and lose its value.

Today many of us in the Relying Party role are working make the value of human attributes clear because we believe that the more just and generous a system is the more wealth is created broadly speaking. We are ready to stand up for a new justice and generosity by more deeply valuing the attributes, dynamics and creativity of each individual life. By human creativity I mean human attributes in motion. Many of us are ready to enable individual human creativity to endure and realize the largest share of the wealth an individual’s attributes at rest and in motion generates. We believe that these values are deeply aligned with the NSTIC Strategy and make the realization of NSTIC real for more people.

My goal as the Relying Parties Stakeholder Delegate for the IDESG is to represent and speak out for a new kind of relying party based on new principles of organization and new metrics of trust based on human rights to wholeness and dignity. Rather than seeing human beings as attribute providers that can be monetized and turned into money, the vast majority of which often goes to third parties, these new enterprises achieve value by increasing the capability of the human users in the enterprise. This is a new field for innovation and opportunity.

Image by Ann Racuya-Robbins Copyright 2012 — Social Cooperation and Privacy

The internet and cyberspace in general is the great enabler of our time. Not the least of the things it enables is a profusion of new systems creation each with new language. Sometimes this new language is a mapping from one set or system of thoughts to another, even an appropriation of a common term into an information science term with special meaning. In cyberspace and the internet the translation key often lies buried deep in the underlying computing soft/hard/firm protocol.

The term relying party is one of the terms from the emergent identity system of thought. Privacy is another of those terms. Among the reasons privacy is so important in the identity system of thought is that without privacy the vast wealth of individual human attributes and creativity will be transferred to third parties for their benefit and not for the benefit of the individuals’ from whom the creativity emerged. There are new organizational structures designed specifically to support and protect human attributes and creativity.

Big Data Governance

However large and complex Big Data ultimately emerges to become in terms of data volume, velocity, variety and variability, Big Data Governance will in some important conceptual and actual dimensions be much larger. Data Governance will need to persist across the data lifecycle; at rest, in motion, in incomplete stages and transactions all the while serving the privacy and security of the young and the old, individuals as companies and companies as companies—to be an emergent force for good. It will need to insure economy, and innovation; enable freedom of action and individual and public welfare. It will need to rely on standards governing things we do not yet know while integrating the human element from our humanity with strange new interoperability capability. Data Governance will require new kinds and possibilities of perception yet accept that our current techniques are notoriously slow. For example, even as of today we have not yet scoped-in data types.

The reason we, so many of us, are gathering our energies and the multiplexity of our perspectives is that we know Big Data without Big Data Governance will be less likely to be a force for good. It may come to be said that the best use of Big Data is Big Data Governance.

What concept or concepts are powerful enough to organize, cohere and form an actionable way forward? Are we brave enough to push forward a few concepts for our discussion? Some think data provenance, curation and conformance are the way forward. I agree with those that think this ground deserves a fifth V — Value.

Information Ethics and Human Capability

The Information Ethics and Capability Approach to online interactions from the human user’s perspective is made up of a number of interdependent layers based on the realization of the human user-centric principles identified in the NSTIC Strategy. Taken together these layers create an ethical and human capability usability-fabric built to support the human user experience in the Identity Ecosystem Framework (IDEF). At the highest level the Information Ethics and Human Capability Approach supports the human users’ experience by providing a welcoming and well defined set of opportunities for the end user to express his or her requirements and the parameters of those requirement to Service Providers in online transactions. At more detailed and granular layers this usability-fabric becomes represented as examples and design instantiations to make this usability-fabric operational in computational and information centric machines and systems.

Enhancing Human Trust Experience in Committee meetings

Remedies to Delaying and Obfuscation

based on my own personal experience at the IDESG TFTM meetings

Issues for Discussion should be dated when they arrive and are posted.
A discussion in the committee should be scheduled within 60 days or some other reasonable amount of time.
Detailed minutes should be taken and a standard call for approval minutes should be issued in meetings.
TFTM has again gone back to intermittent call for corrections to the minutes and minutes are often late.
The code of conduct should include a provision that meetings must be recorded when repeated and flagrant disregard is evidenced and reported.
I said in a recent meeting that if I was treated like this in a work place I would call IDESG a hostile work environment. I stand by that. This should be corrected at the earliest possible date.
If recording meetings does not reduce or eliminate this problem, a civil rights and fairness-in-the-volunteer-work-place professional should be called in to observe and re-mediate.

Human Trust EXperience Identity Requirements

The NSTIC Guided IDEF shall enable the recording of a machine readable natural language conversation between the Human User and the Service Provider(s) setting out the terms of agreement between the parties relating to the life-cycle (person) attribute management balancing human user and service provider requirements, desires, and benefits including the description, detailing and valuation of the monetization of human attributes with required user created limits, remedies and benefits. Said recorded machine readable natural language agreement shall form an access and benefits policy that can only be modified by a subsequent machine readable natural language conversational agreement.
The NSTIC Guided IDEF shall establish the requirements for a CONOPS for life-cycle (person) attribute management aligned with the NSTIC principles and created from a bi-direction approach balancing human user and service provider requirements, desires, and benefits.

What are Human Attributes?

Human attributes are a dynamic and expanding kind of information emergent from human capabilities and life experience. Human attributes, sometimes expressed in metadata, and personal information belong to the same domain, namely human capabilities. Human attributes belong to each person in the same way that human rights and dignities do. Human rights and dignities exist to protect and encourage human capabilities. Each person creates his or her own personal information and human attributes. The protection of human capabilities is the raison d’etre of privacy.

Social Cooperation based on Trust, Voluntary Interaction and Human Capability

In many ways I agree with Malcolm Crompton’s conclusions 1-5 starting with the fact that we will not emerge with a way forward that is without flaws. That said there are keys omission I feel especially need to be addressed as well as one important requirement implemented.

Marcolm’s summarizing that “management of the risk of an interaction between two entities by the exchange of relevant, verified claims about attributes” is in my view inadequate. My reasons emerge below.

The NSTIC and IDESG is dedicated to enhancing human capability through enhanced economic opportunities for all sizes of entities, including individuals, to solve problems, invent and innovate goods and services, including accessing and engaging affordable education in cyberspace. Who would have concluded from reading the NSTIC Strategy and IDESG that the goal was in anyway to broker and exchange, monetize and churn the human attributes of individuals that participated in the Identity Ecosystem Framework. Often without his or her knowledge or consent.

My own view is that we are at a paradigm-shift tipping point. However dramatic that might seems it outlines a basic truth emerging from our efforts in IDESG and NSTIC. NSTIC and IDESG is asking for voluntary interaction and social cooperation to adopt the NSTIC and IDEF plan even though important and basic questions of social and economic fairness, human capability, and equity have not been or are just beginning to surface. Without justice as fairness what will cause us to come together, to cooperate, to voluntarily interact? This question goes directly to the basis of trustworthiness. If fairness doesn’t hold the IDEF functional model parts together what does? Like it or not all of us are interdependent. The new commercial social and economic paradigm requires the development and empowerment of a new symbiotic market based on social cooperation and human capability. Our trust-marks must be built on the understanding that trust is to a large extent is a human emotion and we must answer:

Why should individuals agree to participate in the IDEF without?

1. An understanding of how it will benefit them socially and economically.{Not having to type in passwords in grossly not enough of a benefit for the risks involved).

2. An understanding of how other parties in the transaction(s) will benefit economically and socially.

3. An understandable and clear conversation among the parties as to the terms of an interaction, implemented at the beginning of an interaction.

While UMA IDEmix may preserve some fairness and economic benefit for individuals these measures simply put something in the middle of a transaction that may benefit some individuals but the benefits may be uneven and increase costs to the individuals. What happens to those that don’t know about or understand these systems. More importantly it is likely that those that are already in a digital divide will remain there and the inequalities there will widen and deepen. Those of lesser means or some other chosen attribute may simply be filtered out. It will further stimulate and speed up the effort of large commercial entities to collect and secure for themselves the human attributes of people around the world often, without protections.

Additional Baseline Requirement

Principle Assumption

It should be possible for a human being to start from the position that his or her attributes belong to them in some basic way and that if a commercial interests want to use them they need to come to an agreement with the individual(s) involved. Such an approach would give an incentive to understanding and valuing the human condition and further incentivize increasing human capability.

This might be called a Social Cooperation Requirement and read as follows:

IDEF participants must be able to have a conversation that educates each other and the system as to the desires each party is seeking in the relationship and stating risks of the interaction. This conversation must be in understandable language suitable to each participant and their human capability. This conversation method will be developed and tested in many communities beginning now.

Regards,

Ann Racuya-Robbins

Protecting Human Capability and Human Trust

How to Protect Human Trust

The question of what we are trying to protect in the IDEF Identity Ecosystem is the essential question of all our work in my view:

The IDEF Identity Ecosystem must be dedicated to protecting human capabilities and the human attributes they create. We should protect human capabilities (and resultant attributes) stated in the Bill of Rights and Martha Nussbaum’s 10 core capabilities.* (See below)

What an ID Ecosystem participant must not do to protect human capabilities and the resultant human attributes is prospectively or retrospectively appropriate personal human identity attributes and metadata (PHIDAM) for commercial purposes. A participant must not use personal human identity attributes and metadata without an offer and acceptance of an enhancement to one or more human capability and an offer and acceptance to share revenue based on an informed valuation of use of PHIDAM for commercial purposes.

What an ID Ecosystem participant must do to protect human capabilities and the resultant human attributes is consider and treat personal human identity attributes and metadata PHIDAM as items of great value.

As Anil John of FICAM has said
“attributes are the new money” … “My personal perspective is that in the current online environment, our personal identity attributes should be considered items of great value.

“What does it take to enable a person to say who they are in the digital world while having the same confidence, protections and rights that they expect in the real world?”

For terminology I recommend “personal human identity attributes and metadata”.

I agree with others that creating an exact list is not necessary but I think gathering references is useful and I will add to the wiki for future reference.

First line:
(1.1) Baseline security requirements are intended to define the proper execution of all Identity Ecosystem core operations and functions that support transactions:
(1.2) Baseline security requirements are intended to define the proper execution of all Identity Ecosystem functions—registration through to authorization—that support transactions:

Second line:
(2.1) That require authentication; and
(2.2) That require authentication and access control; and

Third line:
(3.1) Where personal human identity attributes and metadata and/or sensitive business information is collected, transmitted, retained, processed, disclosed, and/or disposed of
(3.2) Where personally identifiable information and/or sensitive business information is collected, transmitted, retained, processed, disclosed, and/or disposed of
* Core Capabilities
i. Life. Being able to live to the end of a human life of normal length; not dying prematurely, or before one’s life is so reduced as to be not worth living.
ii. Being able to have good health, including reproductive health; to be adequately nourished; to have adequate shelter.
iii. Bodily integrity. Being able to move freely from place to place; to be secure against violent assault, including sexual assault and domestic violence; having opportunities for sexual satisfaction and for choice in matters of reproduction.
iv. Senses, imagination, and thought. Being able to use the senses, to imagine, think, and reason-and to do these things in a “truly human” way, a way informed and cultivated by an adequate education, including, but by no means limited to, literacy and basic mathematical and scientific training. Being able to use imagination and thought in connection with experiencing and producing works and events of one’s own choice, religious, literary, musical, and so forth. Being able to use one’s mind in ways protected by guarantees of freedom of expression with respect to both political and artistic speech, and freedom of religious exercise. Being able to have pleasurable experiences and to avoid nonbeneficial pain.
v. Emotions. Being able to have attachments to things and people outside ourselves; to love those who love and care for us, to grieve at their absence; in general, to love, to grieve, to experience longing, gratitude, and justified anger. Not having one’s emotional development blighted by fear and anxiety. (Supporting this capability means supporting forms of human association that can be shown to be crucial in their development.)
vi. Practical reason. Being able to form a conception of the good and to engage in critical reflection about the planning of one’s life. (This entails protection for the liberty of conscience and religious observance.)
vii. Affiliation. (A) Being able to live with and toward others, to recognize and show concern for other human beings, to engage in various forms of social interaction; to be able to imagine the situation of another. (Protecting this capability means protecting institutions that constitute and nourish such forms of affiliation, and also protecting the freedom of assembly and political speech.) (B) Having the social bases of self-respect and nonhumiliation; being able to be treated as a dignified being whose worth is equal to that of others. This entails provisions of nondiscrimination on the basis of race, sex, sexual orientation, ethnicity, caste, religion, national origin.
viii. Other species. Being able to live with concern for and in relation to animals, plants, and the world of nature.
ix. Being able to laugh, to play, to enjoy recreational activities.
x. Control over one’s environment. (A) Political. Being able to participate effectively in political choices that govern one’s life; having the right of political participation, protections of free speech and association. (B) Material. Being able to hold property (both land and movable goods), and having property rights on an equal basis with others; having the right to seek employment on an equal basis with others; having the freedom from unwarranted search and seizure. In work, being able to work as a human being, exercising practical reason and entering into meaningful relationships of mutual recognition with other workers.

Martha C. Nussbaum. CREATING CAPABILITIES, Harvard University Press, 2011.

Human Capability and Human Trust

Human Capability and the Future of the Human Trust Experience

Did you see the example I contributed in response to Andrew’s question along the same lines. I have copied it below?

Last week I also suggested a process along with others for engaging a larger community for input.

Here are some other proposals:
A bit of taxonomy work on the wiki to collect more input around the core concepts of human capabilities, human attributes and personal information targeted to align with the Identity Ecosystem Framework IDEF dashboard. This could be done or not by a subgroup and should include outreach for input. This discussion should weight the fact that “personal information” has lost much of its meaning because it continues to be defined too narrowly and is perpetually playing catch up to changes in information systems, business practice and well, human capability. So to say we are dedicated to protecting personal information does not inspire much trust. This work could well be a trans-committee kind of work.

I have a proposal moving forward here and elsewhere on a Memorandum of Social Cooperation which operationalizes the

human capability approach beginning at Registration. One of the distinguishing features of the Memorandum of Social Cooperation is that it discusses the responsibilities of all parties in an IDEF transaction, not solely the providers’ responsibilities. I am mindful that HIPPA requirements begin at Registration and we might well look to aspects of HIPPA for Memorandum implementation. I believe there may be technical solutions aligned with these ideas and of course that is welcome.

Ryan you said “I would suggest that a requirement for encrypting audit and security logs would be well within the scope of what I have described—as long as the owner of those audit and security logs executes a function supporting the described transaction.” Excellent idea and the right direction forward in my view.

If we can voluntarily agree on ”what we are trying to protect” that is better than having to mandate compliance.

On Registration: you said “However, if you signed up to have a booklet
of coupons delivered to your house using an online form, that would currently be out of scope for
what we are considering.” Please elaborate why this is out of scope?

I will be providing alternative language to you “target statement” in another email.

My earlier example.
“Human capabilities are sometimes described as functions. More generally human capabilities refers to things a person can do, how a person can act.

For example, speaking (speech) is a human capability. When, by what means, how long, the pitch of the person’s voice, how loud a person speaks, where a person spoke from, whether a person used sign language… are human attributes that arise from the human capability to speak. Because human capabilities are dynamic and expanding so too human attributes are dynamic and expanding. In cyberspace and online environments human capabilities and the human attributes they create is a dynamic and expanding kind of information.
To protect this human capability, for example, American democracy created a right to free speech (with some provisos) which covers more or less all the human attributes that arise from speaking. For this reason we don’t have a right to speak limited to a device. So for example we don’t have a human right to speak limited to speaking on a telephone. This would limit and discourage the dynamic and expanding human function of speech. If a third party takes the human attributes created by a human capability and uses it to make money we would consider that an appropriation and a violation of copyright.

In cyberspace, online environments and information systems we draw on privacy provisions to protect the human capability and human attributes of speech.

In America there is general agreement (consensus if you will) that limiting the right to speak or appropriating speech erodes social cooperation in a society.