On Friday, David Recordon, one of the original authors of OpenID, released a single-page specification for OpenID Connect, a concept that I outlined on this blog in January before I joined Google.

I’m particularly excited about this early proposal because it builds on all the great progress that the community has made recently on a litany of technologies, including OAuth 2.0 and the link-based resource descriptor format (LRDD) and its emerging JSON-based variant (JRD).

But I’m most excited about OpenID Connect because it forces the OpenID community to evaluate the progress we’ve made over the last three years (OpenID 2.0 was introduced in 2007) and to think critically about where we go next, and how we get there, given what the market has indicated it wants.

Rearticulating the problem

When Brad Fitzpatrick first created OpenID, he was looking to solve a fairly mundane problem: develop a protocol that made it possible for a commenter to claim her comments on someone else’s blog. For the commenter, she had a way to vouch for her words; for the blog owner, he had a way to establish the authenticity of the comments left by his readers. Given this context, all that was required in the early days of OpenID was a stable way to uniquely identify people — gathering additional profile information wasn’t as necessary because blog commenting forms already asked for — and often required — that commenters supply their name and email address.

Thus the basic architecture of OpenID concerned itself with establishing identity across contexts (i.e. “Bob” from Context A is the same “Bob” found in Context B), rather than with profile portability. This focus lent itself to privacy-preserving anonymous and pseudonymous transactions where identity could be established without the need to divulge personally-identifying information, or without forcing you to collapse the boundaries of separate social contexts.

This feature of OpenID (called directed identity) enabled you to hold a single account at, say, yahoo.com, but sign in to third party sites using “non-correlatable identifiers”. That is, this feature made it possible to maintain discreet profiles for logging in to other sites across the web without needing a different password to manage each.

The ability to “select [the] OpenID identifier” that I want to share with stackoverflow.com is how this feature manifests on yahoo.com:

The economics of user-centric identity

Features like directed identity, however, present several challenges for users and OpenID relying parties.

For users, these features complicate the sign in flow by introducing new interface surfaces (as seen above) and management tasks. They also increase the cognitive burden of registration by requiring a user to pick a profile (or create a new one) to use in a given context. Additionally, the ability to refrain from disclosing profile information when registering for a new service may seem economically advantageous to the user at the outset (“Aha! I refuse to tell you my name or email address!”) but results in unintended disadvantages over time.

That is, because OpenID users share less information with third parties, they are perceived as being “less valuable” than email-based registrants or users that connect to their Facebook or Twitter accounts.

Why? Simply put: OpenID, by design, favors the user rather than the relying party. In contrast, technologies like Facebook and Twitter Connect emphasize the benefits to relying parties. So while it might seem like an inconvenience to custom-tailor your personal privacy settings on Facebook, the liberal defaults are meant to make Facebook users’ accounts more valuable to relying parties than other, more privacy-preserving account configurations.

So, as Twitter and Facebook have grown in popularity and the number of sites willing to outsource their account management to them have increased, both OpenID users and providers find themselves in a predicament: if they continue to restrict the flow of data, the number of OpenID relying parties will diminish in favor of Facebook- and Twitter-Connected sites. If instead OpenID users become more liberal with the data that they are willing (and able) to share with third parties, they will still need to rally support from relying parties to be recognized as valuable users. Thus making more data available from OpenID users is the first essential step that we must take to regain our footing in the marketplace.

But it won’t be enough.

To overcome both the real and perceived economic disadvantage of supporting OpenID, we need to make adopting OpenID exceedingly simple, straight-forward, and economically advantageous — in real terms.

Why harmonizing “Connect” is important

I wrote my overview for OpenID Connect convinced that the “connect” verb (inherited from the Twitter and Facebook platforms) would help users distinguish between merely registering for a site and signing up for and sharing some data about themselves. Even though Facebook abandoned the “connect” brand at F8 this year, I’m still of the mind that the “connect” verb suits our purposes, even if it’s going to take several years to catch on in common usage.

In any case, if OpenID solves the problem of providing a stable and unique way to identify someone, then the “Connect” in OpenID Connect layers in the ability to access data on someone’s behalf (via conventional APIs like Portable Contacts or ActivityStreams).

It’s this assemblage of authentication and authorization technologies that the industry is calling out for — as evidenced by the success of Facebook and Twitter Connect and more recently, Messenger Connect from Microsoft and upstart efforts like Diaspora that cite OpenID among the technologies they intend to leverage. Without a common standard, each of these efforts is inventing its own custom-tailored solution, retarding industry-wide progress and delaying the development of next generation social applications.

Thus, by leveraging OAuth as the core of OpenID Connect, we can build on the consensus and momentum that has been achieved in the marketplace, and by weaving in a standard and much-simpler discovery mechanism, we can preserve the decentralized design of OpenID. Presuming that Facebook, Twitter, Google, and others all become OpenID Connect providers, that means that site operators can implement one connect API and interoperate with potentially dozens of providers with a single, well-understood open source stack of technologies.

Such an outcome would be good for relying parties (or “clients” in the parlance of Recordon’s proposal) as well as citizens of the web, who deserve a choice when it comes to entrusting a provider with their digital identity but are increasingly marginalized by “privacy-preserving technologies” that are not economically viable.

“Connect” also provides a convenient answer to the question of what kind of interface to present to the users who want to use their OpenID:

(Note that I also used the “connect” verb very intentionally in my social agent mockups for designing identity into the browser.)

If every site that supports third party authentication today added a “connect” button in place of their conventional “sign up” or “register” buttons and deployed a consistent user experience around picking a provider (some combination of NASCAR buttons and a type-anything email/URL field) that executed the OpenID Connect protocol, we’d be well along the path of decentralizing the social web, and restoring balance to the ecosystem.

What does OpenID stand for?

Of course, applying the OpenID brand to this solution isn’t something that I would do trivially, since the OpenID Foundation is the real authority for the trademark. However, at the foundation’s board meeting earlier this year at the OpenID Summit West, we unanimously decided to expand the scope of the OpenID Foundation’s mission to include advancing the technological underpinnings of internet identity in general, without regard for the existing OpenID technology.

This is a critical recasting of the role that OpenID and the OpenID Foundation plays in the ecosystem. Though there are other groups with similar mandates, the OpenID Foundation has decided to take on the internet identity opportunity as a general problem, rather than one narrowly scoped to disposable use cases.

In that light, it seems to me that we have come to a crossroads in the history of the foundation — however knowingly — and decided to take aggressive actions to advance the cause.

Without speaking for the foundation as a whole, I believe that it is essential that we are able to reconceive OpenID as the brand for decentralized digital identity. OpenID need not be thought of as merely an identity algorithm, but as a means for representing and conducting oneself online and across digital environments. Thus as the identity landscape undulates, the OpenID Foundation is in the position to articulate solutions that are not protocol-bound, but responsive to needs of the time, and able to adapt to and weather the shifting winds of technological progress.

After OpenID 2.0, OpenID Connect is the next significant reconceptualization of the technology that aims to meet the needs of a changing environment — one that is defined by the flow of data rather than by its suppression. It is in this context that I believe OpenID Connect can help usher forth the next evolution in digital identity technologies, building on the simplicity of OAuth 2.0 and the decentralized architecture of OpenID.

I’ve posted the video that Brynn shot of my talk. Slides are available here.

Of course, it’s purely coincidental that I used Pownce to illustrate my story of the “death of a web app”, since it was relaunched yesterday at TypePad Motion — without any of the relationships that were lost when the service shut down.

These are the slides from my talk at the Mindtrek conference in Tampere, Finland today.

I admit that there are some controversial things in this talk, but if I don’t say it, I don’t know who will. So, for the purpose of understanding this talk, it’s worth keeping in mind that I mean “OpenID” in a much more expansive way — not limited to the purview of the features of the protocol today, but as an effective, comprehensive competitor to Facebook Connect.

As well, I’m working out what I really mean by “Identity as the Platform”, but my five touchpoints are currently:

1. Me at the center
2. Smarter user agents
3. Dynamic personal expression
4. Universal user experience
5. Data is money

I’ll be posting a video of my talk later, which should I expand on what these elements actually mean, but I’m happy for feedback in the meanwhile!

Also, I’m embedding this slideshow using Scribd as Slideshare wasn’t able to convert my slides. Let me know what you think.

This post is a collaborative essay written by Jyri Engström and myself, edited by Brynn Evans and originally posted to the ArcticStartup blog on September 11, 2009. Thanks to Brad Fitzpatrick for his comments on the draft.

·   ·   ·

Around 2003, things began to change.

Technology was then the black sheep, having left overnight millionaires destitute and without change to afford their $4 lattes. Even the posers had left San Francisco and gone back to suburbia to be office managers at Walmart.

It was a sad time for everyone — that is, except the die-hards and the hackers. The web for them had never been about making money, but about reshaping culture and toppling the old order. 2003, therefore, was the perfect time for a resurgence: the people who kept pushing on in the Valley and elsewhere were a concentrated motley crew of innovators and builders. They cared about technology for technology’s sake and about developing and advancing web culture.

What they didn’t realize, however, was that the services and technologies that they were destined to build would need to be cobbled and sewn together using a system that would fight them every step of the way — not out of spite — but because of its architecture. By definition the network available was decidedly anti-human: in 2003, there was only the document-centric web.

The document-centric web

We’ll spare you the history lesson of the origin story of the internet, but suffice it to say, the web we have today is because a bunch of scientists, academics, and government folks needed a way to share static documents — not set up identities or have a dynamic conversation in public. The net was decidedly antisocial and anti-serendipity, from the beginning.

Keep that in mind when you consider what happened around 2003: masses of people started blogging, publicly. Services like Blogger and TypePad surged; LiveJournal and WordPress started to grow stubble and Drupal emerged from a college dorm. In the absence of innovation since the bubble burst, people started to realize that the web could be a place for personal expression and public conversation — and blogging became the “it” thing to do.

The problem was that tools were built around the document model of publishing. Many people maintained collections of blogs that they kept handy as bookmarks — and visited regularly, sometimes several times a day (depending on the prolificness of a given blogger). The more savvy audiences discovered desktop feed readers that fetched new content automatically. But conversation was fragmented and inconvenient: to comment, you had to visit the publisher’s blog and create a single-purpose account there; to post an original response, you had to have your own blog and know how to send a trackback to the post you were responding to.

The pace was slow and cumbersome, but most early bloggers didn’t mind. Their new medium was exciting, expansive, and controversial. And for the time, it fit the write-print/publish model many people had become familiar with thanks to Microsoft Word and other text editors — and which was in turn rewarded by Google’s link-based approach to search.

But two things were lacking in the first generation of Web 2.0 tools: personhood and aggregated conversation streams. The document-web hadn’t made room for people-friendly affordances like “faces,” and didn’t conform to our restless animal brain, which is well suited to working with a flow of short snippets of information.

Proprietary, real-time platforms

Enter: the real-time web. If 2003–2006 could be defined as the emergence of social media on infrastructure still dominated by the document-web, 2007 through the present will be defined as the transition to the “real-time” web, even if through a proprietary side-road.

We’ve had chat, SMS, and other forms of asynchronous (near) real-time data streams for some time. But, just as blogging did to email, every new generation is about pushing down the walls that cage one-to-one and one-to-few interactions, turning the same private publishing tools into many-to-many-to-many-more public publishing platforms. Emphasis on the noun: from tools to platforms.

The catch? This real-time web is not mature yet, since the platforms that sequester all of our activities today are proprietary ones like Facebook and Twitter. These are convenient, to be sure, but of limited utility to users with cross-site ambitions, who require interoperability.

While “brand-mediated” profiles and relationships may not seem completely odious on the surface, there are four major drawbacks to keep in mind:

• Tying one’s identity and communications to a single silo means relying on a single point of failure, degrading the overall reliability and stability of the system. (Remember the failwhale and efforts to keep Twitter from going offline during the Iran uprising, for example).
• Handing over management of one’s identity to a company means being dependent on their decisions and priorities. (Consider the 5,000 friend limit on Facebook; Twitter’s arbitrary suggested users list; and examples of users being ousted from various services for controversial reasons).
• A web built on top of a few proprietary platforms means less diversity and ultimately smaller scale than a web built on non-proprietary protocols and standards (consider how useful email, the web, and the internet itself became once open standards for interoperability were adopted, and the power of “small pieces loosely joined“).
• And finally, on an ethical and emotional level — it just doesn’t feel right.

Fortunately, there are a number of initiatives that are gaining in popularity and finding pockets of adoption throughout industry, leading us to a juncture, where in one direction is the status quo and in the other is what we call “the people-centric (real-time) web”.

The people-centric (real-time) web

If the document-centric web was dominated by static pages, then the people-centric web is about placing you at the center (as Time Magazine did famously in 2006). We’re seeing the rise of dynamic, portable friend lists and non-brand-mediated identities that can be used across a range of standards-compliant websites. People are beginning to move freely between silos. Individuals are increasingly able to bring their data with them and substitute one service or service provider with another, as one can switch between Outlook and Thunderbird for email, or Photoshop and Pixelmator for image editing on the desktop. Relevant information and friends’ activities are starting to come to users via distributed push publishing. (Thomas Vander Wal has called this the “come to me” web).

Let us briefly describe the key enablers of this emerging new phase:

Portable profiles means that instead of creating an account on each service you join, you can now host your identity in one place and bring your profile and friends with you to other sites as you surf the social web. Webfinger, OpenID, Portable Contacts, and OAuth all make this possible (and for bootstrapping profiles from the legacy document-web, we have Google’s Social Graph API).

Distributed push publishing means there is no longer a need to rely on proprietary platforms. The emerging standards here are PubSubHubbub (PuSH) and rssCloud (see comparisons on TheNextWeb and TechCrunch).

Synchronized conversation threads means that users can participate on the same conversation thread across multiple interfaces and services (we are still waiting for a standard, for which various geeks are actively devising a plan).

Much work remains to make cloud services fully interoperable, but the foundations are in place to turn the web into a truly people-centric place. This call to action goes out to developers, corporations, and individuals alike. Best of all, it’s not that hard to start supporting these efforts:

Let people use existing accounts to sign in and sign up for your service. First, the signup ritual offers the least amount of value to users so get it out of the way as fast as possible! Plus, it’s an automatic barrier to entry — you’ll see an increase in successful signups by reducing the friction in logging in up front (as Plaxo did). Second, unless it’s core to what you do, this will also save you the chore of managing profiles on your service. Third, people have so many profiles these days, they can’t keep track of them and they certainly don’t want to be creating yet another. Instead, figure out a way to subscribe to someone’s existing profile — and keep a reference of it up to date on your site.

Sharing information and activities from your site is how other people will discover you. Stickiness as a business practice was a byproduct of the document era of the web; on the people-centric web, portability is critical. Data, identities, relationships, and activities need to flow between sites in order to expose insights, spread knowledge, and engender meaningful social interactivity. This sounds complicated but is relatively straightforward. To begin, your site can make available atomic units of data, exported as streams of activity that indicate who acted in which way upon what object. It’s easier than it sounds and formats are available to support this modular approach (see: Activity Streams)

As a user, consider how much control and security you really want over your online identity. How do you feel about leasing an identity from a web brand? Unsure about the benefits of owning your own? Some providers (Google, Yahoo, Flickr, MySpace, AOL) let you use their accounts as OpenIDs — a great step towards portability, and beneficial to everyone. The catch with any leased identity is that your identity will be under the provider’s brand, profile constrained by their design decisions, and personal data subjected to their terms of service. As an alternative, acquiring your own domain and setting up your own profile with an independent is becoming much easier with free services like Chi.mp and hi.im. More innovation is needed in this area to make independent identities for people and organizations first class citizens on the social web, and their setup and management simpler, accessible, and secure!

What’s yet to come

It’s 2009, going on 2010. For the past three years, the web has been morphing into a real-time and people-centric place. We’ve seen this trend among individual users — through their actions and demands for better social experiences — but also increasingly among companies and developers. We want a web that’s more “like us” than the old model was. We want a web where people are as important to the architecture of the system as documents.

And with this new model come new opportunities for innovation and personalization. It is possible to build applications for participating in decentralized conversations around various ideas and trends. This presents a new opportunity for identity management apps, community sites, social dashboards, real-time search, messaging hubs… and even browser makers, hardware manufacturers, and ad networks. Mobile platforms are also growing, as people connect over non-desktop devices. These small handheld technologies further underscore the importance of portable identity, microcontent, decentralization, and (near) real-time delivery. A document-centric approach just doesn’t make sense in a mobile world, and with new ground being broken in fields like augmented reality, demand for increasingly rich social experiences powered by open standards instead of proprietary platforms will continue to grow.

But consider the future: the benefits of a people-centric model are still evolving and remain to be fully realized. It’s critical to not be complacent with the platforms we’ve grown so accustomed to. If you wear the developer’s hat, now’s the time to get on board, read the specs, and implement support for OpenID, Activity Streams, OAuth, PubSubHubbub/rssCloud, or the other mentioned open standards that are relevant to your users. If you are a user, don’t be afraid to be vocal and ask the services you love to show they love you back, by giving you the rights to your data and the tools to take it with you elsewhere. If you’re a business, realize that the distributed potential of the social web has barely been tapped, and that you have a choice between (as Robert Scoble calls it) gifting your branding power to someone else, or leveraging these standards to turn your own site from an island to a node in a network of social activity as wide as the web itself. In the end, the internet as a whole will be better off if we stay in control of our own destinies.

·   ·   ·

Jyri and I will be presenting a workshop on this material during our MindTrek pre-conference tutorial on September 30th in Helsinki. Early bird tickets are still available at a discounted rate; register today!

Also, don’t forget you can still register for MindTrek, the Nordic conference on social media (Oct. 1st–2nd) in Tampere, Finland.

The second reason today’s announcement is a really big deal is that, after years of government attempts to create identities and assign them to citizens (via such bad ideas as the UK National ID scheme and the US REAL-ID act), a government has finally recognized that individuals already HAVE identities, and that it’s a better idea, for most purposes, to use these identities than to establish a new government bureaucracy to create new identities – especially if they’re identities people don’t want.

If this initiative succeeds, and I hope it does, it’s almost certain to be a much cheaper route to government consumption of reliable digital identities of citizens than something like REAL-ID would be. And it will preserve consumer choice at the same time as encouraging innovation in commercial identity technology.

Today in collaboration with Vivek Kundra, the nation’s first CIO, we are announcing a pilot program intended to enable individual citizens to login to government websites with their existing accounts — without revealing their password or personally identifying information — using OpenID and InfoCard technologies.

This is an important step in the Obama administration’s commitment to open, transparent, and participatory government.

First, it acknowledges and embraces existing, open technologies, rather than inventing their own (or worse, hiring independent contractors to do the same).

Second, this comes at a critical time in the history of OpenID, of which there are now well over 500 million OpenID-capable accounts in the wild, (even if few people realize that they already have one!). Given the wide deployment of this technology, it only makes sense that the government should leverage this wide potential userbase to facilitate interaction with its citizens.

Third, it is critical for the government and government agencies to develop solutions and adopt technologies that make it easier for modern citizens to engage with them, to exist competently alongside other social networking websites.

In other words, by embracing OpenID (and InfoCard), the government is helping to further establish the value of owning one’s own identity, and of having convenient, consistent, and privacy-protecting mechanisms in place to enhance and enable participation.

To make this more real, consider booking a campground on a state park’s website: do you really want to create yet another account (that you’ll probably never use again) just to reserve a campsite? Probably not.

To make this more personal: imagine searching the National Institute of Health’s website for information for a loved one who was recently diagnosed with cancer. You’d want the technology to get out of the way and serve your goals — who’d want to register for a new account when you just want to save your search progress (say, from a library kiosk) and resume it later (i.e. from home)?

It’s cases like this that begin to tease at the value of using existing accounts for low-security government interactions (at least to start). Like email, I expect to see this start with a slow, gradual adoption, and overtime, gain momentum and relevance.

To find out more about this pilot program, read the full press release and visit our OpenID for Government page. Also check out ReadWriteWeb and TechCrunch’s coverage.

As the US government considers OpenID as a vehicle for citizen engagement, it became time for the OpenID Foundation’s website to receive similar consideration. For some time, the site has been neglected and ignored — serving primarily as a resource for developers, with little regard paid to people just learning about digital identity. The new design — while far from complete or final — is a first step to remedy that imbalance.

Moreover, I think it’s also important to realize that in Don’s post today (and related interview), we’re starting to witness the slow realization of the importance and relevance of digital identity to a broader audience — one that has become accustomed to having fractured identities across the web, and having to create new logins on every website with which they wish to engage.

The new design is intended to be more open and clean — and to present a fresher face for OpenID — indeed, to provide the foundation for a re-invigorated identity.

As I mentioned, the site is far from complete — and will need a lot of work to become the public resource that it needs to be in order to continue to make OpenID — both concept and technology — more accessible to an increasingly wider swath of the internet population.

If you have feedback or ideas, please don’t hesitate to post them or send them to the marketing mailing list.

Credit where credit’s due: This project came together in a very short amount of time, and I’d like to give a shoutout to the team at Cloud Four (Jason, Lyza, Megan, John and Aileen), Amanda Richardson, John Ehrig from Global Inventures, Michael Olson and Brian Kissel from Janrain and Don Thibeau — who contributed to help make this happen. Of course the work’s just begun, but this is an important first step forward for the Foundation.

“Brand-mediated identity” in and of itself isn’t bad. In fact, it’s a choice — one that I argue shouldn’t be made unconsciously or involuntarily (but all too often is because obvious or viable alternatives aren’t available).

Indeed, people mediate their online identities through brands all the time — the latest example being the “Madmenize” app that replaces your Twitter avatar with a cartoon head from the acclaimed Mad Men series. This kind of mediation happens with increasing frequency on Twitter, where identity is fluid and often the sum of a tweet, an avatar and a username. Renny Gleeson has even started cataloguing these “icon memes” — they’re that frequent.

But today I came across a truly inspirational approach to brand-mediated identity that portends great potential for OpenID and for brands generally — especially those with eager and adoring fans:

What better way to both support Creative Commons and show off your patronage than by identifying yourself across the web with your very own unique, secure, privacy-protecting creativecommons.net OpenID (just like Zach Beauvais)?

For a mere $50 minimum donation ($25 for students), you can own a limited edition URL and profile from Creative Commons that identifies you to the world and provides a compelling revenue opportunity for the non-profit foundation.

While companies like SAP become OpenID providers for pedestrian reasons like simplifying authentication across their many different distributed web properties, Creative Commons is redistributing the brand equity and social capital their members have accrued over the last several years by letting people show and verify their affiliation to the organization.

With this simple example, we can start to see the symbiosis of making an intentional choice about identity: Creative Commons finds a new revenue opportunity and members of the community have a way to express their affiliation and promote the brand. This is exactly the kind of thing that I could see the NYTimes doing for its writers (as an extension to its Times People platform) — providing them both a home on the web and a way to validate their association with a more well-known entity. This of course is just a small experiment for Creative Commons — but a very exciting one in terms of what it means for identity on the web.

On the one hand, I was sickened by the lack of analysis from the echolalic blogger news corps. It appeared that Opera PR had successfully reached out to all of them, shoved a news release down their throats and waited to give them the go-ahead to regurgitate it on their blogs, using the same screenshots, same content, and differing only in the pithiness of their post titles.

Of course, I could have gotten the same depth of analysis from half a dozen tweets.

Maybe they long ago wrote off Opera and aren’t interested in providing any kind of depth of insight but whatever, who knows — the nouveau press corps blew it. Social media proves its vapidity once again.

But, I digress. I’ll tell you what I think, since there’s a lot in the details of Opera’s announcement that bear inspection, even if I’m the only one to do it.

I’m going to talk about six topics:

• What is Unite?
• The Marketing Pitch
• Why isn’t Opera open source?
• Is Unite really decentralized?
• Owning Your Namespace
• Unite & Activity Streams

Let’s get to it.

What is Unite?

Like Flock before it (Disclaimer: okay, I’m just stroking my own ego here. Note to self: get over yourself), Opera is attempting to take advantage of the rise of social networking (the verb) and bake it into the browser, as a personal extension to one’s computing experience.

They accomplish this by embedding what amounts to a web server in the browser, and making it possible to share files, music and photos and to post notes or chat directly with your friends (or anyone who knows the URL to your account and in some cases, has the right password).

You can download an Opera Unite alpha build to try it yourself.

The Marketing Pitch

The marketing hype for Unite started recently, with a bright red page (above) hosted at opera.com/freedom. Of course this inspired a bit of buzz, and Kas Thomas from CMS Watch even guessed correctly what it was all about:

Folks, let me tell you what’s going to happen. I have a pretty strong hunch (but no inside info, I assure you) on this one. This is something I’ve thought about for years — it has needed to happen for years — and I’ll be thrilled if Opera pulls it off, although whether people will flock to adopt it is another question.

The answer is that Opera is going to embed a web server in itself.

When you fire up Opera, you’ll be operating a secure server and you will be able to serve all kinds of content (whatever you want, basically: bookmarks, contacts, cached content, arbitrary files from a roped-off area of your local storage, web pages of your own) to other Opera users, at the very least, and maybe all browser users, at the very most.

The mystery seems to have paid off, as Unite is topping Techmeme today.

They released a stylized video explaining Unite, remniscent of the Data Portability promotional video from several months ago:

What I find so fascinating about this marketing message is that it presumes that owning one’s own data and “connecting directly” with friends is somehow relevant to people — as though it’s a big problem that people have been complaining about for years, and that Opera has finally answered the call.

But I think they’re missing the big picture here — or intentionally obscuring it — which is that, while the idea of owning your own data may be attractive to neo-libertarians and open source geeks — most people really don’t care and are happy to outsource storage of their data to someone else who can be responsible for backing up their data and fending off hackers. 200 million Facebook users can’t be wrong, right?

People have embraced social networks because they make it easy to share and collaborate using the browser that they already have — and answering the question: “what do I do with all these stupid digital photos sitting idly on my harddrive?”

Let’s face it, bookmarks were pretty lame before we could peak over our friends’ shoulders at what they were reading.

So while Opera is right to seize on to the social networking meme, they’re doing so largely to increase the waning relevance of their browser — not to support freedom as they claim — especially at a time when Google’s Chrome and Apple’s Safari have entered the ring as the new twin contenders for the browser crown (even though no one knows what a “browser” is).

Furthermore, their whole pitch about owning your own data and disintermediating the large social networks will likely resonate much more with a European audience (i.e. one that would give 7.1% of their vote to the Pirate Party) than a mainstream, social network-obsessed American one.

If you consider how Lawrence Eng (Opera’s product analyst) puts Unite into context talking about “the Internet’s unfulfilled promise”, you’ll see what I mean:

Our computers are only dumb terminals connected to other computers (meaning servers) owned by other people — such as large corporations — who we depend upon to host our words, thoughts, and images. We depend on them to do it well and with our best interests at heart. We place our trust in these third parties, and we hope for the best, but as long as our own computers are not first class citizens on the Web, we are merely tenants, and hosting companies are the landlords of the Internet.

Social networking is important, but who owns it — the online real estate and all the content we share on it? How much control over our words, photos, and identities are we giving up by using someone else’s site for our personal information? How dependent have we become? I imagine that many of us would lose most of our personal contacts if our favorite Web mail services shut down without warning. Also, many of us maintain extensive friend networks on sites like MySpace and Facebook, and are, therefore, subject to their corporate decisions via “Terms of Service” and click-through agreements. Furthermore, what does it mean anyway to be connected to hundreds of our “closest” friends? What about our real social networks, the people we want to interact with on a regular basis (like once a week, or even every day)? Why are online solutions to help us with our real-world social needs so few and far between?

We are connected to a Web that has democratized much and is an amazing source of information. However, “the wisdom of the crowd,” along with the notion that our data ought to live on other people’s computers that we don’t control, has contributed to making the Internet more impersonal, anonymous, fragmented, and more about “the aggregate” than the individual. In fact, quite the opposite of the original promise. For too long, we’ve been going online to connect to each other, but sacrificing intimacy as a result.

With Opera Unite, I think we can start moving in a different direction.

Now, it might sound ironic coming from me that I think Opera was wrong to paint their pitch with the paint of libertarian ethos, but if they’re going to succeed, they have to go beyond “owning your own data” to talking about why owning your own data is better or easier. Philosophical rhetoric will only get you so far, as I’ve learned.

Speaking of…

Why isn’t Opera open source?

So, with all that raging neo-libertarian angst, why isn’t Opera open source?

Quite frankly, I have no fucking clue. And with Webkit giving everyone — including Mozilla — a run for dominance over the personal viewport to the web, I simply don’t see why anyone would build on the Opera platform (albeit, their platform is largely the web — though their rendering engine remains proprietary).

Could it be failure of imagination? Is it that Opera hasn’t figured out that the future of the web is in hosted and delegated services? Or, is it that they did figure that out, but desperately want to defeat that future in order to write an alternative future with their browser at its center?

In 2006, Opera didn’t see a business model for open source browsers. Little has changed since then, except that they now have three formidable open source challengers to contend with that have shipped “cloud services”: Mozilla Weave, Google’s Apps and Apple’s MobileMe.

So, although you can build widgets for Opera Unite, you’re still relying on a third party to stay in the room with you… namely, Opera. And Opera isn’t exactly an organization that has behaved favorably towards the open source community in the past. Though that seems unlikely to change, it still begs the question why they believe there is more value is staying proprietary than opening up their browser to outside contributors.

Still, regardless of the decision that they make for their business about open source, there’s a bigger elephant in the room that needs to be addressed:

Is Opera Unite really decentralized?

Opera’s CEO Jon von Tetzchner claims that “Opera Unite now decentralizes and democratizes the cloud”, illustrated like this:

I call bullshit.

Opera Unite does indeed rely on a P2P-like network to function, but the big problem is that you must push all your traffic through Opera’s proxy service:

Not exactly “decentralized” (more on this in the next section).

Furthermore, if you read through the Opera Desktop End User License Agreement (which you had to if you installed the browser — shame on you if you didn’t!), you would have read section 7: USE OF SERVICES (emphasis mine):

Opera Unite and Transmission and Receipt of Content: Certain features of the Software and Services, including Opera Unite, may allow you to post or send content and/or links to content stored on your computer, that can be viewed by others (“User Generated Content”). Opera Software ASA exercises no control over User Generated Content passing through its network or equipment or available on or through the Services. You agree that Opera Software ASA is not liable for any loss of data. YOU MAY ONLY POST OR SEND USER GENERATED CONTENT THROUGH THE SERVICES THAT YOU CREATED OR THAT YOU HAVE PERMISSION TO POST OR SEND.. You agree not to use Opera Unite to upload, transfer or otherwise make available files, images, code, materials, or other information or content that is obscene, vulgar, hateful, threatening, or that violates any laws or third-party rights, hereunder but not limited to third-party intellectual property rights. We do not claim ownership of any User Generated Content. However, by submitting User Generated Content to us, you grant us and our affiliates the right and limited license to use, copy, display, perform, distribute and adapt this User Generated Content for the purpose of carrying out the Services.

You agree that we are not liable for User Generated Content that is provided by others. We have no duty to pre-screen User Generated Content, but we have the right to refuse to post, edit, or deliver submitted User Generated Content. We reserve the right to remove User Generated Content for any reason, but we are not responsible for any failure or delay in removing such material. We reserve the right to block any user’s access to any content, web site or web page in our sole discretion. Opera Software ASA reserves the right to terminate your account if you use your account privileges to unlawfully transmit copyrighted material without a license, valid defense or fair use privilege to do so.

Disputes may arise between you and others or between you and Opera Software ASA related to content or commerce, including User Generated Content. Such disputes could involve, among other things, the use or misuse of domain names; the infringement of copyrights, trademarks or other rights in intellectual property; defamation; fraud; the use or misuse of information; and problems with online auction or commerce transactions. You agree that all claims, disputes or wrongdoing that result from, or are related in any way to, the content of information that you post, transmit, re-transmit or receive through the Services, Opera Software’s network or Software are your sole and exclusive responsibility. Opera Software ASA may at it’s discretion, block certain web sites or domains and re-route you to other pages. By accepting these Terms of Use, You hereby consent to this.

Besides this hands-on approach to their centralized proxy service, Opera also reserves the right to filter the apps that you can install, a la Apple and their approach to the AppStore (because everyone wants an AppStore, right?):

What are the guidelines for approval of an Opera Unite Service?

These are some of the guidelines that apply to services:

• The service must have a sensible name and description
• The service must not have obvious bugs, so ensure that you test it before uploading
• The service must not contain malicious or destructive code
• The service must not contain or use copyrighted information for which you do not hold the rights
• The service must not contain or point to adult or hateful content
• The service should comply with the Opera Unite Service UI guidelines. Any reason for diverging significantly from the guidelines should be documented in the submission
• The service should serve standards-compliant HTML pages that are viewable in all modern browsers on a variety of devices.

I fail to see how this changes our reliance on “large corporations — who we depend upon to host our words, thoughts, and images” of whom Lawrence Eng spoke so disparagingly.

Owning Your Namespace

So, if it isn’t enough that you have to tunnel your connection through Opera’s proxies and place your service’s existence at the mercy of Opera’s filters, they also want to own your identity, something that everyone also wants to do lately.

In order to use Opera Unite, you have to have a my.opera.com account — perhaps not a big deal until you realize that you’ll be assigned a URL like http://notebook.username.operaunite.com/ to access your “self-hosted” outpost on the web.

Chris Mills, Opera’s Developer Relations Manager, explains:

To use Opera Unite Services, you need to log into Opera. This is the same login that you use to log in to My Opera, Dev Opera, or Opera Link.

…

Choosing an Opera Unite name for your computer

This name is basically your computer’s identity on the Opera Unite system — this is the URL that your contacts can go to if they want to make use of your Opera Unite Services, and share them with you.

So, while it’s true that your friends can access your Opera Unite homepage without an Opera account, if they want to host their own Unite server, they’re going to have to both download Opera and obtain an Opera account (and no, they don’t support OpenID).

While there are technical reasons why this makes some sense (mostly to make it easier to get things up and running), it contradicts the whole promise of obviating central control. Indeed, AllPeers (now defunct) and others offered similar solutions previously. Why did Opera not launch with the ability for me to choose my own URL, or at least mask my homepage URL with something that didn’t tie me to Opera…? Oh yeah, that’s right — it’s all about owning the namespace.

At least Google was smart enough when they launched Wave to build in true decentralization from the start, and to choose a patent license for the Wave protocol that demonstrated that their desire was not to own the network, but to compete on it.

Unite & Activity Streams

Now, I know I sound like a curmudgeon, but I’m mostly just disappointed that few other people took Opera to task over the reality distortion field that Opera’s PR machine generated around this technology launch. But, as someone in the office said to me today, maybe no one cares enough about Opera to bother. Yeah, exactly, like I said before.

Still, there is a silver lining to this cloud computing fiasco which NO ONE else covered: Opera Unite supports activity streams!

It turns out that tucked within the Opera application is a directory called “unite” (on the Mac you can find it at Opera.app:Contents:Resources:unite) which contains a bunch of files with the .us extension (presumably for “Unite Service”). Like Mozilla .xpi files, these .us files are just zip files and can easily be decompressed by changing the extension.

In just about every bundle, there are several pertinent JavaScript files either in a folder called “asdstream” or with “activityStream” in the filename. The one that’s most interesting to me is the “activitystreamparser.js” file in the fridge.as bundle, which starts like this:

Now, I’m not sure how this is being used, but I imagine it’s being used to output updates on the personal homepage of the site… which is awesome.

I wish that Opera had reached out to the Activity Streams mailing list about this work, but I can also understand that they probably didn’t want to jump the hype stungun. Anyway, it’s a huge opportunity (in my eyes!) for them to join the discussion about the open social web (since they have been essential proponents of web standards on the open web to date) and I invite them to share their goals and ideas for this work.

Conclusion

Okay, so I shit all over Opera Unite, but you can’t come out and promise all kinds of world-changing, freedom-enhancing goodness and then not deliver! — worse, to do so when their newest competitor (Google!) is schooling everyone with the perfect example of how to do it right (see: Wave).

While I have problems with Opera’s marketing approach, I do think that it’s useful to have Unite in the marketplace so that I can point to it as an example of what I want to see happen with the Diso Project — though I’m not willing to rest my success on the fate of any particular browser.

Through a combination of technologies like OpenID, OAuth, XRD, Portable Contacts, Activity Streams and microformats, we’ve been moving in this direction for some time, without having to alter the browser. Of course that’s meant that the browser has been conspicuously missing from the conversation, but that too is changing (see Mozilla’s experiment baking OpenID into the browser with Weave), and with Unite, we have yet another vision to contemplate — though I would have loved to have seen Opera embrace more than just Activity Streams out of all the technologies from the Open Stack.

I’ll give Opera some credit — both for using Activity Streams instead of inventing their own protocol — and also for launching a fairly polished demonstration of Unite concept as an alpha. If they really want to offer transformative technologies, though, I think it’s critical that they align their business policies with their marketing rhetoric and technological objectives, down to the code level. Anything less will result in confusion and worse, more posts like this one!

If Dustin Moskovitz were dead, he’d be rolling over in his grave.

For those of you who don’t know who Dustin Moskovitz is, he’s one of those infrequently mentioned co-founders of Facebook that prevented Facebook from offering usernames or friendly web addresses (so-called “vanity URLs” in the industry) from the beginning. It was his insistence that people should go by their real names on Facebook — and should thus perform under their true identities — that I posit has accounted for much of Facebook’s success with non-digital natives. Of course, competition makes institutions do crazy things, and I think that includes getting into the domain-slash-namespace game.

Arguing that Facebook shouldn’t get into the vanity URL business, I still think that they had it right the first time around. Digital identity should change to adapt to humans; not force humans to refer to each other in more computer-friendly ways. But the allure is simply too great. I also can’t say that I blame them, even though I think it’s a distraction along the way towards more widespread real identity (and thereby reputability) online.

Let’s stop to consider what’s going on here.

As we migrate from the desktop to the web, the way that we want to be perceived by our friends will determine where we also spend most of our time “performing” or constructing our identity (through what we “do” — i.e. activity streams). The easier web services like Facebook make it for us to pass around some kind of universal identifier that points to our account, the more likely we’ll actually hand out that identifier. The author’s byline on that Facebook post makes my point for me:

Blaise, a designer at Facebook, is letterpressing his new business cards.

This is not unrelated to Google’s recent business card promotion where, after you set up your own Google Profile, you could compete to get a set of free business cards printed with your name on them, like so:

It’s remarkable how cheap we’ll sell out our identity these days.

Curiously, in 2005, after their surprise acquisition of geolocation service Dodgeball (now Foursquare), I wrote that “Google had acquired my life“, referring to all the identity information Google now had about me.

Now that these companies know so much about me, the race is now on to be me online. Check it out:

• facebook.com/chrismessina
• friendfeed.com/chrismessina
• google.com/profiles/chrismessina
• twitter.com/chrismessina
• flickr.com/factoryjoe
• myspace.com/factoryjoe
• etc.

All these guys want to own me (and you, for that matter). And, they all want to be my communications hub (FriendFeed now offers email, by the way, and I imagine Facebook will get in that game eventually as well, since DiPersia wrote, “We expect to offer even more ways to use your Facebook user name in the future”).

In any case, this is good news for me, if this indirectly means that Facebook is going to become an OpenID provider (after becoming an OpenID relying party). It would make sense that if you’re going to sign in to a remote service that supports OpenID but not Facebook Connect, then you’d want to use something a little more attractive (and shorter) than www.facebook.com/people/Chris-Messina/502411873.

Whatever, I can get over Facebook offering custom usernames (maybe because I already have mine). The bigger thing that’s missing from the echo chamber treatment of this subject is what Brian Oberkirch wrote about after SXSW this year, talking about maintaining the authority over your own identity online:

You shall know us by our @identities?

At one of the SXSW panels a few weeks ago, I saw something that caught my eye. I think Micah may have started it, but one by one all the panelists took their name placards, wrote their Twitter handles on the back, then flipped them around so you were looking a row of people announcing themselves by @handles. (You see what I did there? Old skool blogging protokol would have me link to his canonical url, but, hey, they asked for the @’ing.)

Then this past week at Web2Expo, much the same thing. Slides that touted the speaker’s twitter handle as primary identity.

Think of the power of this for Twitter. You don’t need to name the animals. You only need to be the language in which animals speak themselves. For Unlimited Power (mmmwhahahahhaha)

It’s ridonk. Own your namespace. Get a domain, pivot from there. If your domain is your name, so much the better. Please don’t come crying to me when the Goog owns your ‘@’ and that whole namespace gets deprecated. (Hey, extra credit: after everyone in the world is following your Twitter updates, will your food taste that much better?)

So, this is happening, and companies are racing to achieve namespace dominance over your online profile. This is what Tim O’Reilly warned about in his definition of Web 2.0. He said that one of the new kinds of lock-in in the era of [cloud computing] will be owning a namespace. There you have it — who are you going to trust to own yours?