To my mind, the way in which Cardspace presents a visual metaphor to the user is arguably the most visionary part of it. It’s a concept which I hope continues to extend and find adoption – whether or not that’s in the specific form of Cardspace implementations.

There’s an opportunity for Web 2.n to do a much better job of reifying, to the user, what is happening with their personal data, their personas and their online privacy. Cardspace certainly doesn’t do all that yet, but it starts to show ways in which the problem can be approached.

You can expect some more from me on the subject. And by the way, I recommended that Peter get in touch when you start at Gartner. i think that’s the first time I have ever recommended an executive talk to the Borg.

Re EU vs US we talked a little about regulatory frameworks vs criminal threats as drivers for better data governance. As you know I am am of the opinion that in the UK at least regulatory powers are insufficient to change corporate behaviors.

Pd- word. i love that cartoon. i totally agree with you – and tried to capture that with the phrase “generational shift”

Dan- ah yes the famous Facebook data portability…

However, Joe Average consumer trusts MS so, I think they are probably well positioned to push it but, I don’t see them pushing. Are they engaging with startups to adopt their solution? Sun is sending people hardware just for laughs, if MS really wants to get this done and it’s not just a “keeping up with the Joneses,” where is there push?

I would never use CardSpace, there is a Ruby library for it but, I never hear of anyone using it and the page looks mostly dead. Why use that when I can grab OpenID and not have to deal with MS or a dead OSS project.

http://ocnorml.org/images/security_fence.jpg

The last line of defence is not the SoX’s line , its the user themselves. In todays era Privacy a lot has to do with user education. for example, SMugMug has been caught with their pants down. albeit- Don & teamwas very professional about the whole thing.

http://blogoscoped.com/forum/121864-full.html

1) Hailstorm (never deployed) was more sweeping than Passport (still in use). Much of the original Hailstorm material has vanished from the web, but http://www.microsoft.com/presspass/features/2001/mar01/03-19hailstorm.mspx offers hints.

2) One facet that distinguishes “permission-based surveillance” a la Twitter, Facebook, MySpace et al is that when we’re doing our own surveilling we get to choose not only how much to share – but whether what we share is even truthful. Thus you see a range in these arenas from completely synthetic personalities (Santa Claus, Jesus Christ) to those who shade the truth about their day by only Twittering selected areas (“look, boss, I’m always working!”) to those who really do let it all hang out.