Archive for July, 2008

This morning at the opening session of the Firefox Plus Summit I showed this image, which has been in the works for a while. It’s my current approach to finding a good metaphor to explain the complex nature of Mozilla. There’s a fair amount of explanation needed for this image to make sense, and I’ll try to get that posted before long.

I’ve received a couple of emails from people saying it’s hard to comment on the data issue without some idea of where I’m heading or what I’m thinking. So here goes. I’ll come back to some of the topics I’ve written about already. And I’ll continue with the other posts as well; I think we need some depth of analysis to make good decisions.

In the meantime, here’s the basic message.

I would like to see Mozilla provide more leadership in helping people manage the collection and treatment of data related to them — what I’ve called “Associated Data.” I don’t have a specific plan of what leadership would look like, or what features or capabilities this means our products, services or websites should implement (or block). There are a lot of different types of Associated Data; the desired treatment of different types may vary. This is something I’d like to see us figure out.

I would also like to see Mozilla provide leadership in treating some basic aggregate, anonymized usage data as a public asset. To do this, we need to develop a sense of what data this might include and what aggregation and anonymizing techniques make the Mozilla communities comfortable. Some data — like public disclosure of bandwidth use, website rankings, etc. seem to be areas everyone is comfortable with, but we should make as few assumptions as possible. Sometimes it can be hard to get truly anonymous data and so this is an area where great care — and therefore  leadership — is required. But if everything that is known about the basic usage of the Internet is closed and proprietary then the Internet as an open platform will suffer. I don’t have a specific plan as to what Mozilla might do here; that’s the point of the discussion.

These are difficult and sensitive topics, it would be easier to ignore them. But both of these areas are critical to building the Internet that is healthy for the individuals using it. The Mozilla mission is to keep the Internet an open platform, and to promote the values in the Mozilla Manifesto. It will be hard to do this if we ignore the effects of data.

In my last couple of posts I’ve described why I believe Mozilla must pay attention to data in order to help individual people deal with  data about them.

There’s a lot of data about people being created.  I’ve listed below some of the basic kinds of this data  that I think we need to be able to distinguish in order to speak meaningfully the effects.  I’m calling all of these categories “Associated Data” for the reasons described at the end of the post.

Is there a type of data about people that’s of interest or concern to you? If so, take a look and see if it fits into one of the sections below.

1. “Personal and potential personal data.”  These terms are already in reasonably wide usage to mean specific information that identifies an individual, such as name, address, email address, credit card number, government-issued identification number, etc.   In some cases it’s used to include other information that can be combined to create personal information, such as an IP (Internet Protocol) address.
2. “Intentional Content.” Data intentionally created by people to be seen by people.  When we post to social networking pages,  blogs, photo sites, product review sites, create wishlists, send gifts and other online markers we intentionally create content about ourselves or associated with us.   Sometimes this information is in big chunks, like a blog post or photostream; other times the information is in small bits like a recommendations, “pokes,” etc.  Sometimes we want this data to be public and sometimes we may not.
3. “Harvested Data.” Information gathered or created about an individual through the logging, tracking, aggregating and correlating of his or her online activities.   It’s possible today to record just many of the actions someone takes online (the “clickstream”) and then to harvest patterns and other useful facts from that data.  For example, an e-commerce website you visit regularly will know a great deal about your shopping patterns, what kinds of items and what price ranges you look, how many times you look before you buy, the average purchase amount, the average time between purchases, etc.   They’ll know which ads you respond to and which you ignore.
4. Relationship Data.  Our relationships with other people, such as our “friends” or followers at various sites.  This can  be either Intentional Content or Harvested Information.  I call this out specifically because a relationship always involves at least two people.  And so the treatment of this information — is it public or private, how is it used — always affects at least two people.  I’m not yet positive this is a useful topic, but (obviously) I think it likely enough to include it here.

“Associated Data.” It will be helpful to have a term that describes all these types of data.  In a vacuum “Personal” would seem the best because this is all information that somehow identifies, is related to or associated with a specific person.  But I think “personal” is understood as item 1 already.    I’m using the term “associated data” to mean all of the types of data listed above.

Are there other broad categories of information about people that would help us think clearly? Are there different categories altogether that would be more helpful?  And are there examples of this kind of data you’d like to make sure we think about? If so, note them in the comments or somewhere where we can find them.

I’ve said in a previous post that I believe Mozilla needs to pay attention to the amounts and types of data that increasingly define the Internet experience.    I’ve even created an outline of  different topics relating to data that I think should be part of the discussion.  Why is this?

Principles 3, 4 and 5 of the Mozilla Manifesto state that:

3.  The Internet should enrich the lives of individual human beings.
4.  Individuals’ security on the Internet is fundamental and cannot be treated as optional.
5.  Individuals must have the ability to shape their own experiences on the Internet.

These principles are at risk if individuals have no  control over the creation or use of the data that describes us.    These principles are at risk if we sit back and hope someone else addresses them.  We need to build them into the Internet.

What can and should Mozilla do to help people be safe and in control of their online experience in the midst of this rising sea of data?

Here’s my starting framework for the data discussions.

• Outline the different reasons data is important/ different ways in which understanding data is important to building the type of Internet we want to live with.
• Develop some shared, reasonably specific terms about the kinds of data that related to people.
• Develop some shared, reasonably specific terms about other kinds of data, in particular the types of aggregated data that tell us  how people are actually using the Internet.
• Identify a range of overall approaches consumers might take, or want to take, regarding data.   I’m thinking this is at a very high, general level, such as the approaches of not caring, to a considered trade of data for services, to absolute control of all data.
• Identify approaches Mozilla  could take to data, at a very high level.   Everything from avoiding the collection of any data to making the trade-off between convenience and data clearer to consumers, to providing tools to help consumers with these trade-offs.    Each and every approach Mozilla might take must be one that is based on our stated principles of safely, control and benefit for the individual human being, and on promoting the Internet as an open platform.    There’s a range of possibilities there and I imagine we’ll have some lively discussions.  This should not obscure the fact that there is an entire set of activities that we will not consider.
• Identify what Mozilla might/ should do with our products, our websites and the product related services.  Some of this discussion is underway already of course, with the anti-phisihing, anti-malware services we offer in Firefox and the discussion of website analytics that occurred via blog and discussion groups earlier this year.   Setting these within a general framework will be very helpful.

The last couple of topics are discussions where our values and goals are critical.  These are areas where Mozilla actions — if any — regarding data will be distinctly Mozilla.   In other words, actions based on our mission, and designed to bring the principles of user safety and control to life, and to promote the I health of the Internet as an open platform.  I suspect the temptation to jump to this last couple of topics right away will be high.   And we’ll probably jump backward and forward a  few times.

It’s important to have the earlier discussions, and to do so with a focus on developing shaved concepts and vocabulary.     Let’s develop a shared understanding of the kinds of data that exist, and then we can talk more intelligently about whether it “should* exist or if and how it should be regulated or controlled.  Similarly, let’s develop a shared understanding of the high level approaches consumers could take with data before we discuss what approach each of us thinks they *should* take with data.

After we have enough shared vocabulary we can talk more effectively what Mozilla can and should do regarding data to manifest the principles of openness, innovation, and user safety and control in our activities.