Some ideas and thoughts from 1997 on tech that would allow individuals to control their personal information on the Internet. Some of the specific tech is totally obsolete, but the ideas are still valid today.
1. Created: Monday, December 15, 1997
Modified:Wednesday, December 16, 1998 11:08 am
Personal Object
Technology
Robert J. Berger - CTO
Second Draft of ideas and overview of
Personal Object Technology and
Applications
Introduction
The Personal Object will allow people to take charge of and own their personal informa-
tion. This is in stark contrast to today’s situation where one’s personal information is
spread out across incompatible legacy, poorly connected systems owned by a variety of
entities. These include the individual’s home & work PCs, and various servers as well as
databases some of which are not normally accessible to the individual such as Credit
Agencies, Medical Establishments, Brokerage Houses and so on.
Keeping control of one’s personal information is difficult on today’s Internet. There are
many times you are asked to give out your identity, interests and demographic info in
order to download software or gain access to content. Not only is this a pain to keep fill-
ing in these forms, but you have little or no control on how that information is utilized.
For content sites, it is difficult to offer the owner of the personal information a way to
have informed consent on what information is collected and how it is used.
At the same time there is an explosion of Internet based demands for keeping track of
and coordination of personal information. These include bookmarks, the person’s public
contact info, cookies, email history, personal interests, application preferences, contact
info, passwords and security certificates to name a few.
There is also a growing need to coordinate similar personalize the various gadgets and
network connected computers we use. There should be no reason to not be able to “hot
sync” our Cellular phones, home phone, work phones, PDAs, smart cards, Voice Mail
and any other future device that can be connected to a network to our personal object.
Confidential 1
2. CONFIDENTIAL Core Technology
Core Technology
Physical Infrastructure Personal Objects would “live” on top of a distributed infrastructure of servers collocated
at appropriate key facilities of the Global Internet. The underlying software, based on
CORBA IIOP middleware would allow access to personal objects to scale at rates
appropriate for the Internet growth. It will also be inherently fault tolerant and load bal-
anced.
[ DIAGRAM OF PERSONAL OBJECT / ORB INFRASTRUCTURE]
Repository High performance OODBMS/RDBMS systems capable of replication will be the under-
lying repository.
MiddleWare & Standard JAVA/IIOP will be the primary client and inter-server mechanism for new applications/
Access Mechanisms functionality and the basis for the SDK. But the primary access will be available via
Internet Standards such as:
• VCard - Public Information about the owner
• VCalander - Calendar info
• PICS - Platform for Internet Content Selection
• OPS - Open Profile Standard
• LDAP - Directory Services related to the owner
• P3 - Platform for Privacy / Preferences
• PGP Keyserver for Encryption Keys
• Certificate Access
• SIP User Location (What phone/email/VoIP address)
• ACAP - Application Preferences
• IMAP - Mail folders
Client Interface & Security
Owner Security There will be several ways to access the Personal Object. Some are tuned for the owner
to retrieve & manage their personal information. Secured access would primarily be via
a a certificate, a passphrase or even physical access control such as a smartcard, bio-ver-
ification, or secureID card depending on the level of paranoia / security consciousness
of the owner.
A light weight Java Applet is the primary representation and interface of the Personal
Object to the owner. The core personal information (name, address, demographics, pref-
erences, interests, etc.) would be entered only one time and would be rather complete.
Site Security While interacting with a site, the owner can control when particular types of personal
information is “released” to the site they are visiting. For instance, when a site wants to
2 Personal Object Technology
3. CONFIDENTIAL Client Interface & Security
collect name, address, and other “public” info on the owner, the Java Client will show
the owner what information is “required”, what is optional as well as how the informa-
tion will be used by the site. The owner can have defaults for permission to be granted
automatically or ok individual items via a dialog box, similar to cookie management,
but with much finer control.
The web site can also use the Java Client to present the types of content that is available
to the user. The user can then select what they are interested in. These interests can be
stored in the personal object as well as on the web site. This is one way that the Personal
Object content can grow and create more value. These interests can then be presented
(under control of the owner) to other sites or agents to so that the owner gets much more
targeted information. Web sites and their advertisers can also get much better demo-
graphic information and thus improve the targeting of their content.
Agent Security Non-interactive access, i.e. if a an “agent” wants to access info in a personal object
while the owner is not necessarily on-line, would be handled by a combination of owner
defined preferences/interests. The agent would normally have to present a certificate to
prove / log their authenticity of who it represents. If the agent and its content/purpose is
in line with the owner’s preferences, then the interaction would be allowed on the
proper subset of the Personal Object. There may need to be mechanisms to limit SPAM
data collection such as throttle mechanisms that limit uncertified trawling for data.
3rd Party / Notary Access There will be some information that may want to be kept in the Personal Object that
Control needs to be certified by a 3rd party and can not be changed willy-nilly by the owner or
by others. This would include things like Credit history, Medical Records and so on.
There would be a mechanism so that info can be added / modified by a 3rd party such as
a bank, but would have to be oked by the owner and possibly the Notary Party that may
be domain specific such as a certified credit bureau. This would allow the owner to
know every time there is a change or query to his Credit History.
Similarly, the owner would have to do a transaction with the domain specific Notary if
there needs to be a change or contest of the info put in by a 3rd party.
Personal Object Corp would not be in the domain specific Notary business itself, but
would create the enabling technology and work with existing authorities to create the
mechanisms, standards and infrastructure.
[One issue with this concept is if there should be who should pay for the Personal
Objects in this scenario as there may be cases where the person who’s content is to be
managed doesn’t want to subscribe to the Personal Object service, but Personal Object
Corp would like this to evolve to a universal service....]
Personal Object Technology 3
4. CONFIDENTIAL Implementation Ideas
Implementation Ideas
Software for Core Free serverlet / CGI / NSAPI / MSAPI plug in to support core Personal Object Corp
Functionality functionality on Web Servers. Paid License for server software with added functionality.
By giving away the core functionality, we make it possible that core features will be
widely available and we bootstrap adoption of Personal Object Corp technology and
standards. The same thing can be done with the client, though it will be more common
to have a free client.
Revenue streams from It may turn out that there may be larger and more reliable revenue streams from selling
aggregation of content and the aggregated demographic and interest databases (of course with the informed consent
transactions of the owners) as well as future transaction fees for the Notary based services than from
selling the software.
Survey of Functionality
The following describes some of the functionality that can be delivered with Personal
Objects.
Soft “Business Card” / This is the basic functionality of Personal Object Corp. The Personal Object will store
Public Info the public info of the owner. Much of the same info that would be on a business card
along with Public Key and certificate info. This info can be automatically presented to
web sites when there is the need for a user to register with the site. This eliminates the
need for web surfers to have to keep filling in the same info over and over as they visit
different sites. The web site will be able to get a server side software as mentioned in
“Software for Core Functionality” on page 4.
Protector of Privacy The issue of personal privacy protection on the Internet is rapidly coming to the fore-
front of debate. The US Government is threatening to step in and start regulating the
industry if it does not successfully self-regulate. The Personal Object Corp product can
be a major positive factor to help web sites offer informed consent mechanisms as well
as legally binding per use agreements between the site and the user. By working with
existing privacy certification groups such as TRUSTe and EFF, Personal Object Corp
can help sites to meet industry legal and ethical privacy standards.
Machine Readable Physical Personal Object Corp has the opportunity to set a standard for adding a machine read-
Business Card able code to business cards that would allow the business card data and a pointer to the
Personal Object to be scanned into a computer from a physical business card.
This might not really make sense if there is a really easy way to get to the same con-
tent by just entering something like the email address of the business card’s owner
into a Personal Object Corp server and import the Vcard info that way.
4 Personal Object Technology
5. CONFIDENTIAL Survey of Functionality
Wallet On-line credit cards, cybercash, millicent, and digicash could be kept in the Personal
Object and ether directly accessed or synced with standard Wallet Clients. The main
feature is that it makes the Wallet accessible to the owner no matter how they are con-
necting to the Internet.
Interest & Rating Services The Personal Object would be able to contain structured records of the owner’s inter-
ests. These would be collected in various ways such as the owner filling in surveys, by
rating content of sites they visit as well as by saying that they are interested in the same
things that another user or domain expert was interested in for particular domains. The
owner will also be able to make their site ratings for different domains available for oth-
ers so they can be a domain expert. It will also be possible for people to “rate the raters”.
I.E. Public “Domain Experts” can have the quality of their interests/ratings be rated.
This will allow people to filter content on weighted combinations of their own interests
along with public rating services.
Application Preference Store ACAP is an emerging standard to allow applications to store their user preferences on a
server instead of on a local PC. It was originally developed at Carnegie Mellon as a
mechanism to store Email preferences for IMAP clients. It was then generalized and
submitted to the IETF as a general mechanism for any software.
In the case where applications support ACAP, the Personal Object can be used directly
by the app to get its preferences. In cases where applications are not ACAP aware, a
Personal Object Corp client on the user’s PC can access the Personal Object and directly
manipulate the applications’s preference file.
These mechanisms would be able to also manage bookmarks, user dictionaries, etc.
SIP User Location SIP is an emerging Internet Standard for Signalling for Internet Telephony. There is
some early work being done to create a mechanism to determine “where” a user is in
terms of which phone number, hostname, voicemailbox, etc. to connect to in order to
make a telephone call or leave a message. This could be another good thing for the Per-
sonal Object to offer as the standard stabilizes.
Password / Certificate / Key People are being forced to keep around many different passwords, keys and certificates.
Store The Personal Object would be an ideal place to keep, manage and assist the user with
these objects. In places where there is enough hooks or standards, the Personal Object
could be used to directly deliver the password, key or certificate. In other cases, it can
just be a repository that the user can retrieve them by name and then cut/paste or other-
wise use “by hand”. Of course there would need to be an appropriate master key for the
owner to use to access these other objects!
“Selling” of User Interests/ Since there will be sophisticated interest record keeping on a per user basis, Personal
Preferences Object Corp can act as a broker between the individual Personal Object owners and
entities that would value that kind of information. This would be done with explicit per-
mission of the PO owner and they would be able to collect a portion of the revenue as
money or as some form of reward, script or credit. Personal Object Corp will probably
act only as a mechanism and work with other companies already in the field such as
CyberGold as well as with groups that buy/sell demographic information.
Personal Object Technology 5
6. CONFIDENTIAL Storage Intensive Services
Sell Distilled Demographic Personal Object Corp can be in the position to distill interests and other elements of
Info aggregate Personal Objects to generate anonymous demographic information. This
should be built into the agreement with customers that this is allowed or that it cost
more if they don’t want their info aggregated like this.
Domain Authority Controlled As mentioned in more detain in Figure , “3rd Party / Notary Access Control,” on page 3,
Content there is the option to support domain specific notaries or authorities for such areas as
Medical, Credit, Stock, Bank, Telephone access / phone cards.
Device Synchronization PDAs, Cell Phones and VoiceMail systems could have their preferences, phone lists,
etc. initialized and synchronized with the Personal Object. Personal Object Corp could
offer dialup services to do this via the phone network.
Storage Intensive Services
The following services all require significant on-line storage and have some of the same
problems of growth management of an ISP. But they do fit in with the model of a Per-
sonal Object service where a person can keep all their information they want to keep
together on the net.
Mail Folder Access An optional service would be to be on-line storage for PO Owner’s to keep their read
mail folders. If Personal Object Corp does not act as their mail service provider, we will
need to make sure there is a mechanism where a user can have their incoming mail
spool on one network/machine and their saved mail folders on another machine. This
also means Personal Object Corp would have to manage/bill for a lot more storage. It
also has a different kind of need for high availability and synchronization of replication.
File Storage Similar to Mail Folder Access, but for general file storage. Standards like WebNFS and
the Microsoft [SMB replacement] could be used to allow the owner to access the files
using the access mechanisms already in the PO. (see http://www.briefcase.com for an
example)
Personal web page Similar to Mail Folder / IMAP service, Personal Object Corp may want to offer minimal
personal web page service. Just enough for people to “publish” their contact info or
minimal personal page.
6 Personal Object Technology