It was a little over a year ago when I first wrote about persona, and I’ve done a couple of follow ups since.

It seems that the term is finally finding its way into common usage, and I’m encouraged by the recent posts by Nishant Kaushik and Mark Dixon. Mark’s visualisation is particularly good (and I hope he doesn’t mind me linking to it here):

All of this good work leaves me wondering why the definitions at IdentityCommons (which seems to be where Identipedia has moved to) haven’t really caught up, but maybe that’s just a mopping up exercise? Once again, here’s my own definition:

  • Persona is an abstraction between an entity (usually a biological entity, or person) and a bundle of one or more digital identifiers, so that the entity can present themselves differently according to context.

I think I may have been concentrating too much on implementation details when I came up with that one, but it still encapsulates the key points about expression of a specifically modified identity in a given context (according to a user preference).

One of the challenges I’ve come across many times in the last year is that this concept of persona cuts across what many people have internalised as an aspect of ‘role’. The whole point of using another term is that ‘role’ has become too overloaded, and as we go about designing systems to support the various activities we engage in it’s useful to carve pieces of ‘role’ down to size. I do however accept that this causes trouble for people who’ve invested a lot of time and money into something that already kind of does ‘persona’ but has called it ‘role’. It may be just semantics, but I often find that semantics are very important.


I first touched upon this a while ago when I called it the ‘interest feed‘, and JP recently got me going again with his posts about customer perspective. In theory this is the type of problem that could be addressed by ‘synopsys‘, but some deeper digging is making me think that things are worse than they first appeared.

I though I’d have a go at brute forcing a part of the problem. Each time a wrote a comment on somebody else’s blog, I’d subscribe to the comments feed and put it into a group in my aggregator called ‘comments watch’. That way I wouldn’t miss out as the conversation developed. So far it’s been an almost complete failure, as it turns out that very few blogging platforms support a comments subscription for a single post. The feed stock for microsubscriptions just isn’t there.

I feel a nasty cludge coming along.

What does the rest of the world do about this? Do people making comments just shoot their mouth off and move on? Or do folk obsessively (and manually) return to where they’ve been before (and I can’t help thinking of my West Highland Terrier as I write this)?


Classen’s law

06Jan09

Sean Park’s ‘The power of power laws‘ reminded me once again of one of my favourites – Theo A C M Classen’s “logarithmic law of usefulness”. I finally got around to doing a WikiPedia entry for it here, which I hope is notable enough to survive the WikiPedia deletionists (about which I’m entirely in agreement with Tim Bray).

It’s because of Classen’s law that I’ve declared myself as a singularity non believer (even though I enjoy reading singularity inspired SF). I think to have a real singularity it would take something that would drive an exponential increase in usefulness, and if Classen’s right that would need something to drive technology at a double exponential rate. Given how hard it has turned out to be to keep Moore’s law a reality that seems unlikely, though when Moore’s law finally has a hard collision with the laws of physics who knows what might emerge to take the place of reducing the feature size of 2D semiconductors?


James McGovern came up with a good starter for 10, but since he called me out to add some more here goes:

  1. Ignoring Pareto – many enterprise architects end up becoming the creators of internal ‘standards’, and then become the standards cops. All too often the 80:20 rule is ignored (and in fact this tends to be more like 90:10 for many things IT), which results in an application being shoehorned into an inappropriate ‘standard’ platform, or the platform squished out of shape to accept an application that shouldn’t be there. Good architects are the masters of good exception processes.
  2. Thinking linear scalability will be enough (or worse aspiring to linear scalability). It won’t be – too many things in the real world follow power laws, and it’s no coincidence that the systems we build to model them and manage them also need to scale accordingly. Of course Moore’s law is itself a power law, and many have relied upon it to get them out of trouble, but the terrain is getting muddy as we go from single cores following Moore’s law to multi-core systems and the need to design expressly parallel applications.
  3. Too many patterns, and not enough understanding of antipatterns and how we get into them. If I pick up a patterns book then there’s sure to be stuff in there where I’ll wonder how it ever could be used, if I pick up an antipattern book I’ll be able to think of at least one application that’s fallen into every trap. My view is that there’s more value in avoiding the holes than there is to staying on the path.
  4. Thinking that the laws of software development only apply to other people, particularly Conway’s law when dealing with any organisation large enough to have people that call themselves enterprise architects.

Last week I was asked (at very short notice) to come up with a presentation on what a social networking operating system would be. This is in part why I felt it was necessary to spend time on social network modalities. In the end the presentation wasn’t formalised (or constrained) by being put into a document, so this blog post is the first written record (assuming that my white board scribblings were consigned to the bin shortly after the workshop ended).

The thesis is fairly simple. Over time we’ve seen operating systems develop to provide sets of basic functions and services so that applications don’t have to do this themselves. This achieves a number of key things:

  1. Applications can be simpler, because the operating system does the ‘heavy lifting’ for them.
  2. Applications can work together, because there are common interfaces provided by the operating system.

This makes me think that we’re still in some sort of pre-history with social networking applications, as since they aren’t built on a common operating system they necessarily have to provide their own essential functions and services, and these typically don’t work well together.

So what does a social networking operating system let me do? I think it’s like this – it will let you join together functional aspects from social networking applications, and do this in the context of the user. An example might be the feedback mechanism for directed social bookmarking. Lets suppose that the user wishes to provide feedback via microblog @name posts. Without a social network OS that user is forced to switch contexts from their RSS aggregator (where the social bookmark is consumed) to their microblogging application (where they can make the feedback post). Not only do they need to switch applications, but they might also have to deal with context mismatches between namespaces etc. With a social networking OS the user would be able to press a button to make that response in context – the reply by microblog post (or whatever else they wanted to do) would become a feature of the RSS aggregator.

More broadly a social networking OS allows a user to consume social web applications (in the context of their choice) and connect to other social web applications in the modality of their choice (and without having to change context).

This example makes me think that the social networking OS would therefore be a very client centric rather than server centric technology, as the user context is on the client. I therefore think that the environment for such an OS is almost certainly the browser, which means that the preferred language is almost certainly JavaScript. This would give us the following evolution:

  • Internet
    • Paradigm – distributed machines
    • OS – Unix
    • Language – C
    • Protocol – TCP/IP
  • Web
    • Paradigm – application server
    • OS – J2EE
    • Language – Java
    • Protocol – HTTP
  • Social web
    • Paradigm – social network
    • OS – something in the browser?
    • Language – JavaScript
    • Protocol – stuff based on HTTP, but not really HTTP itself (could be replaced by AMQP?)

I suspect that the example I illustrate above could be pulled off with some ninja GreaseMonkey scripting, but that doesn’t mean that I see GreaseMonkey as the heart of a social networking OS.

It would be remiss of me to close without a hat tip to OpenSocial, which seems to have been an effort to create something like a social networking OS. I remain curious about what’s become of it? I’d also love to hear from any OpenSocial guru who can explain how it might be used to achieve the use case outlined above?


I’ve spent a lot of time this year talking about persona, which makes it a little ridiculous that I find myself writing now about its possible demise. We’ve barely got started.

The problem is ‘the end on online anonymity‘, where Sarah Perez argues that the Lori Drew case will cause us to lose the freedom to use a pseudonym or alternate persona. If this was true then I feel that it would be very bad, but let’s unpick the details a bit:

  1. This is a classic knee jerk reaction of a legal system to an awful event. Things have far from stabilised, and as one of the commenters points out the scope is very limited for the time being.
  2. The US != the internet, and that becomes more true every day.  From my own local perspective the UK has become all too adept at importing stupid stuff, but there’s latency there and a hope of balance being brought by the EU.
  3. This is about web site terms and conditions. Most of the popular social networking sites seem to have taken a line that you have to be yourself. That’s fine, though I think enfolding Ts&Cs in legal precedent is bad; they’re often just as abusive of real legal rights as most EULAs (which is why we need reasonableagreement.org). Forcing you to be yourself isn’t the case with MMORPGs, and I’m sure that there are plenty of other corners of the web where alternate persona makes commercial or social sense and will thus be allowed by the Ts&Cs.

I therefore think the end of persona (and the anonymity it may confer) isn’t yet nigh. The sky isn’t falling, and the trolls can still hide under there bridges. If you don’t like trolls, then probably best to avoid bridges.


Perhaps I was being a bit dull when I first read through Andrew McAffe’s The Ties that Find, as I seem to have missed the key point, which is that weak ties are where new information comes from. Thanks to Dr Felix Reed-Tsochas for calling this out so explicitly during his section of the networks masterclass at the recent SVCO event. I should also say that Mark S. Granovetter’s original paper on The Strength of Weak Ties is well worth a read – what wonderful insight for something written more than 25 years ago.

This gets me thinking that there’s probably a gravity analogy lurking here – once something falls inside a field of influence then it becomes less useful because it has lower entropy.

There’s also a potential molecular chemistry analogy here – that weak ties (like covalent bonds) take less energy to get reactions going than strong ties (like ionic bonds).

If enterprise 2.0 is looking to encourage innovation, to get those reactions going, to suck in that entropy, then we need to facilitate those weak ties. If we keep the enterprise 1.0 blinkers on and stop things at the electronic borders that wrap around our buildings then that’s not going to happen very well.

and that’s why enterprise 2.0 shouldn’t be ‘enterprisey‘.


This post has been stewing for some time, and perhaps the fuss today over the launch of the .tel domain gives me a good reason to serve it up.

It’s my view that telephone numbers were THE original digital identity scheme. Of course like most pioneering activities things weren’t thought through particularly well, and we’ve seen various changes and kludges applied along the way. The system still works though, and most people (even amongst the less technically savvy) are aware of the limitations without even giving them much thought.

Security seems like a good place to start. For some reason my colleagues in the IT security world seem to turn purple and start ranting when I talk about telephone numbers being a type of digital identity. “They’re not secure”, I hear the cry. Let’s put things into perspective – a number is just a type constrained special case of a string format address. Less constrained cases (that are also used for the purposes of digital identity) include email addresses and OpenID URIs. None of these things are inherently secure or insecure, but we tend to associate them with the various degrees of badness embedded in the common implementations. When I dial a number I could be misdirected elsewhere (by an attacker, or just some clever call forwarding), and when I receive a call with caller line identification (CLI) it could be spoofed. It is true that the telephony system that we mostly use today is riddled with security hole, and that there are few good ways of establishing trust, but that’s mostly not the fault of the numbers.

Namespace management has been a key problem over the years. As the use of telephone numbers for personal identity became more common we see the same growing pains that we’re presently encountering in the journey from IPv4 to IPv6. Corporate exchanges were a bit like NAT, but corporate citizens came to demand personal addresses (=numbers), and sometimes more than one (for fax machines etc.). We also bump up against some cognitive psychology issues here – too much namespace = too long to remember. For those of you with kids you can think of yourself as being an expensive NAT router next time you answer their calls :)

Geographic anchoring is somewhat related to the namespace management issues. This is of course a hang over from the days where the physical location of exchange switching equipment was meaningful, but it continues to affect us. I’ve been trying for some time to run with ‘one number’ – a single telephone number that will reach me wherever I am in the world, on whatever device I choose to have with me. The mechanics behind this work surprisingly well; all of the issues are around social etiquette that’s annealed around our use of numbers. People still get offended when I don’t give them a ‘mobile’ number, and others find it impossible to grasp that dialling something that’s purportedly anchored in London will actually reach me in office in NY (or wherever else). I’m told that in some parts of the world great significance is attached to which class of number (from many on a business card) should be used at any given time.

Of course ‘one number’ isn’t a panacea. People still worry about things like long distance costs and roaming charges. +44 may alienate those from +1 or +34 or whatever (it may even be blocked on some corporate exchanges and pay as you go mobiles); so what I may really need is some identity virtualisation, and luckily services to do this already exist.

So, rounding up, telephone numbers were there being digital identity before the term was even coined. Since we still use telephones a lot we still have to consider the use of telephone numbers as part of a broader identity landscape, and that’s particularly important when the conversation moves onto unified communications – something that I’ll probably post about another day.

PS I’m intrigued by the utility of putting contact data into DNS versus something webby like Portable Contacts, and would love to hear stories of how this will be used in anger?


They in this case are the machines that we use every day, or more specifically the software running on them. By using language like ‘they’ perhaps I’m already using a person like metaphor that’s inappropriate to the situation. Regardless, we’re confronted each day by machines that make us do repetitive tasks rather than taking them on for us.

This post was originally going to be called something like ‘bookmarks with input’, as such things would solve a tiny subset of the trouble at hand. Certainly bookmarks with input would solve the issue that got me thinking about the broader problem space.

My frustration began with the browser on one of the mobile devices that I lug around with me. I use it quite frequently to check railway timetables, and then use the information from those timetables to determine which station to head for, or train to jump onto. Like most mobile devices it’s design can best be described as read mostly – doing input is a pain, and also bandwidth is limited, so browsing through many pages to get to the right place is a slow process. So… rather than repeatedly making me input the same variables why doesn’t the device do this for me (or at least let me save a given input set for rapid future reuse)? This is less of a problem on the desktop, where both browsing and input are higher bandwidth experiences, and yet we still sit there like robots – repetitiously pointing and clicking. The server side for many services don’t help either, by insisting that some sort of session state be established and maintained, and sliding you straight back to square one if you dare to let things time out or ask a question without hoping through the right sequential steps and up the right ladder.

How do we stop ourselves being robots playing snakes and ladders? The geeky answer is scripting. In anticipation of the comments that might say ‘you can do all that with Greasemonkey‘, I would like to ask ‘why don’t we do all that with Greasemonkey, or indeed any other scripting environment’? I think the answer is that scripting is for geeks, because scripting is hard – it’s another place where the machine makes you think like a computer rather than a computer learning from our actions.

Things get much more interesting if the script is automatically generated, perhaps by observing pattens of repeated behaviour. More interesting still if the generated script can then by edited in a simple and meaningful way. I think that’s what Platypus does, but that still leaves me wondering why such functionality is in an add-on to an add-on rather than part of the everyday out of the box experience?