VRM Day: Let’s talk UMA and terms
VRM Day and IIW are coming up in October: VRM Day on the 26th, and IIW on the 27th-29th. As always, both are at the Computer History Museum in the heart of Silicon Valley. Also, as always, we would like to focus VRM day on issues that will be discussed and pushed forward (by word and code) on the following days at IIW.
I see two.
The first is UMA, for User Managed Access. UMA is the brainchild of Eve Maler, one of the most creative minds in the Digital Identity field. (And possibly its best singer as well.) The site explains, “User-Managed Access (UMA) is an award-winning OAuth-based protocol designed to give a web user a unified control point for authorizing who and what can get access to their online personal data, content, and services, no matter where all those things live on the web. Read the spec, join the group, check out the implementations, follow us on Twitter, like us onFacebook, get involved!”
Which a number of us in the #VRM community already are — enough, in fact, to lead discussion on VRM Day.
In Regaining Control of Our Data with User-Managed Access, Phil Windley calls VRM “a perfect example of the kind of place where UMA could have a big impact. VRM is giving customers tools for managing their interactions with vendors. That sounds, in large part, like a permissioning task. And UMA could be a key piece of technology for unifying various VRM efforts.”
For example, “Most of us hate seeing ads getting in the way of what we’re trying to do online. The problem is that even with the best “targeting” technology, most of the ads you see are wasted. You don’t want to see them. UMA could be used to send much stronger signals to vendors by granting permission for them to access information would let them help me and, in the process, make more money.”
We call those signals “intentcasting.”
Yet, even though our wiki lists almost two dozen intentcasting developers, all of them roll their own code. As a result, all of them have limited success. This argues for looking at UMA as one way they can substantiate the category together.
The second topic is terms. These can take two forms: ones individuals can assert (which on the wiki we call EmanciTerm); and truly user- and customer-friendly ones sites and services can assert. (Along with truly agreeable privacy policies on both sides.)
At last Fall’s VRM Day, we came up with one possible approach, which looked like this on the whiteboard:
This was posted on Customer Commons, which is designed to serve the same purpose for individual terms as Creative Commons does for individual artists’ copyright terms. We can do the same this time.
So be sure to register soon. Space is limited.