Promise-ring

Last week, in our introductory blog post called The Principles of Personal: Can You Guess the Five P’s?, we promised to explain the key differences between personal networking and social networking by blogging one principle each Monday for five weeks. And now we’re keeping our promise by blogging about…promise.

Why is Promise the first Principles of Personal? Because it is a simple, low-register English word for the agreement (implicit or explicit) you enter into whenever you share personal data over the net.

This promise is implicit with personal friends and contacts. After all, just by communicating with them, you’re sharing your email address (or IM address, Facebook address, etc.). You trust your friends not to abuse it (by sending you messages you don’t want, sharing it without your permission, etc.) That’s the kind of personal promise inherent in the social contract that binds us into a functioning society.

When you share personal data with a site, however, there is usually an explicit form to this promise. It’s called a privacy policy. Unfortunately that term turns most Internet users cold. Why? As Lorrie Cranor, director of the CyLab Usable Privacy and Security Laboratory at Carnegie Mellon University, put it in Is the Internet Destroying Privacy?:

Sure, plenty of websites offer privacy policies that explain what they will and won’t do with any personal information they collect from visitors, but Cranor’s studies show that people typically ignore them and don’t understand the legalese, anyway.

“They are plenty of privacy policies that say ‘we collect whatever we want from you and we do whatever want with it.’ And that’s a privacy policy,” Cranor said. “It’s not a very protective privacy policy, but it is a privacy policy.”

By their very nature privacy policies are also contracts of adhesion — meaning “take it or leave it” propositions. A core premise of the Personal Data Ecosystem is that we can do much better than that. What’s the Personal Data Ecosystem? It’s a new group (within an 8-year-old international volunteer organization called Identity Commons) formed a year ago to focus on how to create a “New Digital Deal” for personal data. (That phrase was coined by Nick Givotovsky, a passionate volunteer at Identity Commons until his accidental death at age 44.)

At the core of this New Digital Deal is a more progressive approach to establishing trust relationships between individuals and sites called trust frameworks. A trust framework is a set of legal and technical agreements by which an online community, e.g. a group of sites and their users, can establish trust. Open Identity Exchange (OIX) was created as an international non-profit organization in March 2010 to foster the adoption of online trust frameworks.

So the first Principle of Personal is the promise — both literally and figuratively — of a new trust framework for the exchange of personal data online. And at the  heart of this new trust framework is a simple but powerful promise: the promise to respect the right of everyone to control the data they share under the trust framework.

That’s why it’s called the Respect Trust Framework.

So now you know the first Principle of Personal: a promise about personal data. A hint about the other four: they are all key components of this new promise. Be the first to guess their names and you could win an iPad 2 and a special role in the Connect.Me launch.