Link: Animations of a Web Browser’s “Reflow” Layout Process

http://dougt.wordpress.com/2008/05/24/what-is-a-reflow/

What is private, the photo or its content?

For the sake of more theorizing on the use of Digital Rights Management (DRM) systems to enforce privacy constraints in digital social systems, let’s take “the privacy of photos” as an example that seems simpler than “the privacy of email addresses” (from my last post) but actuality isn’t.

Let’s say you give me viewing access to a “DRM private” photo that you’ve posted on your favorite server. What would this DRM say? What software am I allowed to use to view this photo and to find it again? Am I allowed to “see” the photo with software I’ve written myself? Am I allowed to derive any knowledge from that photo and use that knowledge in other contexts? Can I use any networked software with that photo? Can I get recommendations from something like Google based on the fact that I enjoyed the photo?

A quick concrete example: I show you a photo of me and Mike exploring the secret tunnels under University Hall. We shouldn’t have been down there, so I mark this photo as “DRM private”–for your eyes only. Say this is the first and only time you learn that I know how to get into the tunnels. Later, your friend John asks you for help getting into the tunnels. Are you allowed to recommend he talk to me?

What is supposed to be private– the photo itself, or the meaning (content) of the photo?

Now, I’m no DRM expert, but I wonder if advocating its usage in social computing might actually tie us more into the “walled-gardens” of proprietary social computer systems than it would get us out, just as DRM on DVDs has tied us to a select few vendors and restricted the advancement of player technology.

Arrington’s Email Address Unusable in Andromeda Galaxy?

Super interesting Gillmore Group podcast today, if a little hot-headed at times. This has to be my new favorite podcast. Link.

At one point, about 45 minutes in, the group starts talking about the now famous(?) incident-turned-thought-experiment where Mark Scoble had used Plaxo to scrape an email address off one of his friend’s Facebook profile (Michael Arrington’s).

The basic problem is this: If Arrington had his way, Scoble would be able to enter Arrington’s secret email address into Gmail, because Arrington trusts Gmail. But Scoble wouldn’t be able to enter the secret email address into Plaxo, because Arrington doesn’t trust Plaxo.

To achieve this programmatically, we’d want a data-sharing framework set up whereby the secret email address would be wrapped a protective permissions blanket that would automatically prevent unwanted people from seeing it and using it. Only too bad the Gillmor Group didn’t talk about how this permission system would work, because I think the devil is in the details. Such a system would be an example of Digital Rights Management (”Code is Law!”); and through this system Arrington avoids having to take Scoble to court because the secret email address manages itself. Don’t we all love DRM?

So what might the DRM permission system look like? I was thinking about one straw man proposal and it got me cringing: What if it were a white-list. Then Arrington could block Plaxo? But how would it work when Scoble wants to enter Arrington’s secret email address into some completely new web system that Arrington doesn’t know whether he trusts or not? ((i.e. Can he play his dvd on linux? no.)) It doesn’t work.

Worse, take the white-list straw man into the future with an analogy for distributed computer systems: What happens if Scoble leaves the galaxy with Arrington’s protected secret, and meets an alien email system that purports to be able to send email privately AND faster than light. Scoble trusts it, and boy, what a great way to call home! But is he allowed to enter Arrington’s secret address? Or does he have to wait 22 million light years to get an updated permission set from Arrington? The white-list straw man doesn’t scale, and it impedes progress.

Hopefully the Gillmor Group will be telling us about DRM that does work soon.

Seems to me that the most useful permission system would allow for a sort of weighted transitive trust network. Returning finally to the original incident about the facebook-scraped email, here are my two cents: If someone provides you with their email address, the typical understanding is one of transitive trust: “Here’s my email address, I want you to have it. Use whatever software you use, but protect my data like you’d protect your own.” In this light at least, Scoble wasn’t wrong; he was just using his address book software.

Privacy == Can of worms.