Every year I enjoy writing a post with my predictions for the next year.  It's a nice way to empty the old thoughts from my brains so there's room for new ones.  Plus I leave a trail of blog posts so I can see how my thoughts change from year to year.

In retrospect I've realized that each year tends to have a theme or two, and that the hardest part about making accurate predictions for a given year is identifying the themes that will drive it.

In 2007 the driving themes were social networking and online entertainment.  In 2008 the themes were distributed and mobile communication, with a dash of cloud computing sprinkled on top.

The theme for 2009 is almost absurdly easy to identify:  the economy.  If you thought 2008 was about the economy, just wait for 2009.  You truly ain't seen nothin' yet.  A deflationary black hole is sucking all of the money out of the economy and we haven't even seen the impact yet.

Every time I hear somebody talk about how the market has bottomed and the economy is starting to improve I mentally picture them in this position:

So if we're talking about the economy and you see me chuckle, you know why.

Hope is a great mindset to have and a fantastic slogan for winning Presidential campaigns apparently, but it is not such a great lens to view reality thru when you're trying to make money.

A post by Erick Schonfeld at TechCrunch today really got me riled up:  The SEC has shut down Prosper, a peer-to-peer lending site.  This was up in the air until yesterday:

Yesterday, the SEC issued its formal cease-and-desist letter (embedded below or download PDF), outlining its reasoning for characterizing Prosper as a seller of investment, something prosper had vigorously resisted in the past by arguing that it was merely a marketplace matching lenders and borrowers. But the SEC is having none of that.

If this sounds familiar, it's because this is an exact rerun of what happened with the original Napster and the music industry, only worse in my opinion.

The key here is that Prosper itself was not lending or borrowing, it was simply matching up willing borrowers and willing borrowers.  It also provided additional services such as collection and tracking.  The HORROR.

The real fact is, if private citizens were allowed to freely lend to one another, the private banking cartel that is our central banking system would lose the little control they have over the economy.  The free  market would freely set interest rates and people and businesses would be free to do an end-run around our corrupt and bloated financial system.  The financial engineering that has allowed Wall Street to siphon off trillions of dollars in profit at our expense would be crippled.  The SEC is simply acting as the enforcement arm of our private national banking cartel.

Don't fall under the protection of the cartel?  Goodnight, chump.

Nova Spivack from Twine wrote an interesting post over at Read/WriteWeb about the future of the desktop which I'd like to comment on.  It really ties in nicely with what I've been thinking about recently around user interfaces, especially since any hardware innovations will necessarily involve an ACTUAL operating system.

I agree 100% with Nova when he says that everything is moving to the cloud.  SmugMug lets me store my high-res photos in my own Amazon S3 store, Jungle Disk lets me back up everything else to the cloud.  Storage is, for me, a monthly utility expense (and last month it only cost me $3.18, so for me this is much cheaper than hard drive space, backup, backup tapes, tracking everything, and worrying).

What does it mean to own your online identity?

Does it mean that you're free to take your data from a walled garden and move it elsewhere, a la Data Portability?

Or does it mean that you have complete control over it and you're free to mold it into whatever form you need it to take, delete it, share it, and otherwise do whatever you like with it?

Tony Hail wrote an interesting post discussing some of the more philosophical points of identity ownership in the digital age, and it sparked memories of some of the posts I wrote a while back about online identity ownership.  My thoughts haven't changed much in the years since I originally wrote about this, but it seems that more people are starting to think along these lines, and it's certainly a topic that's important enough to warrant further, extended, conversation.

My online identity is made of up the data I put on the Web.  My data IS my online identity.  Every blog post, tweet, and comment I put out into the Web becomes part of my online identity.  Right now, I only REALLY own the data in my blog.  This blog, right here, jasonkolb.com, is the only part of my online identity that I actually own.  *I* own the domain, *I* set the terms of service, *I* set the license for other people to use the content, and *I* decide what I want to let out into the wild.  Other than this blog, my identity is owned by LinkedIn, Twitter, and every other service that I put my data into.

Identity ownership is about owning versus renting.  Data Portability is about being able to move your furniture from one place to another when you move, identity ownership is about being able to tear down walls, put in an inground pool, and throw wild parties if you feel like it.  Both are important, but they're not the same thing.

Online identity ownership is all about DATA ownership.  Beyond the philosophical implications, this is actually a legal conversation.  This becomes obvious when people are forced to hand over their LinkedIn contacts by courts, and FaceBook and MySpace continually make strides towards locking users into their own walled gardens.  If you don't own the place where you're putting the data, you don't own the data, period.  You might get really pissed at your social networks for locking you in, but you are completely at their mercy in this regard, and unless the free market forces them to comply there's not a damn thing you can do about it.

The only real solution to this is to allow users to own the storage container for their data.  This is kind of an obscure concept, but it's an important one.  While the public at large might not be clamoring for this--yet--the early adopter crowd surely is, hence the visibility of the Data Portability movement.  But there are already solutions available today that will actually, really, for real, let you OWN your data, and that chunk of your online identity.  I truly feel that they're the wave of the future.

Amazon S3 is the 900 lb. gorilla in the TRUE data ownership area.  There are other pretenders to the throne, but S3 is the first and in my opinion the best service.  It doesn't focus on a pretty front-end or anything even remotely relating to usability, but that's OK.  It's personal storage--a utility, like electricity.  You pay for what you use.  And you do truly OWN the data.  It provides a glimpse of the future in the area of identity ownership.

JungleDisk, for example, lets you hook up S3 as a virtual drive on your machine.  You pay 15 cents a month per gig (to Amazon), but you own the data, nobody else can touch it.  SmugMug is like Flickr but better, because it also hosts your pictures on your own S3 account.  The only thing you're missing is the Flickr community, but that's the choice you're making when you use it--owning versus renting.  The first social network to allow users to store their data in their S3 account in a standarized format is going to score a major coup with the early adopter crowd.

There's no doubt in my mind that this is going to become a VERY hot issue over time, especially as the line between work and personal lives online continues to blur.  Unfortunately, when nobody explicitly owns the data except for a third party, it leaves the data in legal limbo and true ownership is left up to the courts.  This is uncharted water.  But the epiphany around this is on the way, and it's going to affect the startup arena in a big way when it does.

About two years ago now (wow...) I wrote a post about my fragmented online identity, and all of the pieces of it scattered across the Internet.  The list at that time was pretty big:

• My blog
• My LinkedIn profile
• My Flickr account
• My YouTube account
• My XBox 360 profile
• My Yahoo IM account
• My ICQ IM account
• My Gmail account
• My Latigent (work) account
• My personal (jason+NOSPAM@jasonkolb.com) account
• My TypePad account
• My BlogLines account
• My Google account
• My Microsoft Passport account
• My bank accounts
• My other bank's accounts
• My brokerage account
• My Amazon account
• My eBay account
• The bazillions of forums I'm registered to

Since that post my online identity has only grown even more fragmented due to all of the different sites I have added to my roster.  (Well, except for the Latigent account--that one's dead now, replaced with my Cisco email account.)  I've since added a Twitter account, a Digg account, a Reddit account, a forex brokerage account, an options brokerage account, a LibraryThing account, a Jott account, and a Google GrandCentral account.  And those are only the ones I use on a regular basis, not the throwaway accounts for checking out a service.  If you add those into the mix I've probably literally added well over 100 accounts to my identity in the past couple of years.

Solutions like OpenID work great--when they're supported.  I set up jasonkolb.com as my OpenID, and I LOVE it when sites support OpenID.  I don't have to remember yet another account, I just plug in "www.jasonkolb.com" and I'm done.  And it's linked to my permanent identity, so I can switch OpenID providers with NO problem at ANY time.  Unfortunately, sites that support OpenID are still in the minority.  Companies like to pay lip service to single sign-on by allowing their accounts to be used as OpenID's but not accepting OpenID's themselves.  Bah, hypocrites.  Two steps forward, one step back... such is life, I guess.

I still firmly believe that ultimately your online identity will revolve around a single URI that you own, and OpenID has made some great strides in that respect.  This concept is still in the nascent stages, but you can certainly see where it's pointing, and that's exciting.

One aspect of online identity that I don't see discussed often is the intersection of personal and corporate identity.  I think the technology is certainly available to make this happen, after all OpenID is nothing but a layer of abstraction that removes the authentication plumbing from the application.  Enterprise apps could certainly just hand off to OpenID for authentication and companies could be rid of user provisioning altogether, except to turn access on and off.  Creating an internal OpenID provider would be dead simple, using public OpenID providers gets even more interesting.  It would allow people to use the exact same set of credentials when they're working and playing.

The only reason I can see why a company would NOT want to do this is for security reasons.  When applications hand off user security to OpenID, they're making the assumption that the user's OpenID account is secure.  In this scenario, the chain is only as strong as the user's OpenID provider.  If the OpenID provider doesn't force the user to use complex passwords, change their password every 90 days, etc, I don't think this will fly in the corporate world, as nice as it would be.

The solution to this, however, is relatively simple, and I think presents an interesting business opportunity for a large company.  A public OpenID provider that conforms to Sarbanes-Oxley security standards would be secure AND would certainly work as the employee's personal OpenID provider as well.  For example, if Cisco were to offer a public, secure OpenID provider that enforces enterprise security I could simply redirect jasonkolb.com to that provider and bang I'm done.  Cisco could even use its existing Active Directory to authenticate me, the only difference would be that I'd be using that account for both my internal AND external accounts.  All of the sites I currently use my OpenID for wouldn't even know the difference, I could use my OpenID for internal secure applications, and the Cisco enterprise group policy would be enforced for every single application I used OpenID to authenticate against.  Beautiful.

As I wrote before, there are some business opportunities only available to the big boys in the market who have something a startup can't buy--trust.  This is one of those opportunities.  Here is an opportunity for a large company to leverage its position as a trusted entity to both create a new market and move the industry as a whole forward in the process.  Hopefully somebody will pick this idea up and run with it, because I'm sick of managing all of these accounts :)

Michael Arrington over at TechCrunch finally raised a point which I've been wondering about for a long time.  He wonders if large technology companies aren't just jumping on the OpenID bandwagon to get good publicity out of it.

I've had that feeling ever since AOL announced their intention to make each of their user ID's an OpenID as well.  (The fact that their user ID's CANNOT be OpenID's because they are not actually URI's pretty much makes that impossible from a technical standpoint, instead it's more accurate to say that AOL is providing each of their subscribers with an OpenID to use.)  To me this looks like a play for publicity and an opportunity for user lock-in.  (However, I will say that it has worked in both directions, OpenID probably wouldn't have the momentum it now has if these companies hadn't announced their support.)

The problem is that these companies are only acting as ID providers, they are not enabling users from other systems to log in using THEIR ID's (to us geeks that means they're not acting as relying partys, only as issuers).  They're trying to have their cake and eat it too.  Arrington writes:

It’s time for these companies to do what’s right for the users and fully adopt OpenID as relying parties. That doesn’t fit in with their strategy of owning the identity of as many Internet users as possible, but it certainly fits in with the Internet’s very serious need for an open, distributed and secure single log in system (OpenID is all three).

There's a big difference between providing OpenID's and accepting them.  Providing OpenID's costs you pretty much nothing from a technical standpoint, and ties your users to your product.  Accepting them means that you're conceding that the users of your application have a home somewhere else and you're just letting them visit.

Hopefully the pressure on these companies to complete their adoption of OpenID will continue to mount and I'll be able to use my OpenID for everything in the near future.

I got an interesting comment from Edwin Stauthamer on my last post about my little epiphany about the semantic Web: 

When I saw the title of your post I thought I finally found a post that could explain what the semantic web is.  Instead of that I read a post about how you found out the fact that the semantic web consists of some technologies and insights you already used and know about for years.

I think this comment is interesting for a few reasons:  It’s pretty obvious that Edwin has heard of the semantic Web, but has very little practical idea about what it is, and also that he’s not aware of what it DOES.  Does is the most interesting part to me, because the “is” is just a means to an end.  I also think that Edwin's view is typical of a lot of people's, definitely very similar to mine up until recently.

So I’m going to take a crack at this.  I know that my definition probably won’t match what you’ll see if you look it up in Wikipedia, but I’ll give you my impression of the core ideas—in probably an unusually object-oriented way, because that’s how my brain works.  Going from simplest to most complex, here's how I view the functionality of the Semantic Web:

• Identifying data objects using URI’s.  This is one of the core tenets of the semantic Web, if not THE core tenant.  It enables everything else.
• Showing objects as they need to be shown.  This means that when you request an object’s data, you get its data.  When you request a visual representation, you get a visual representation.  Same object, usable for different purposes.  (Technical enabler:  content accept HTTP headers)
• The ability to either use property types defined by other people for your objects, or to make up your own brand-new ones if you prefer.  The properties that you use from other places are capable of interoperating with other data on the Web even if the rest of your object doesn’t match.  (Technical enabler:  RDF)
• The ability to define some pretty complex classes with some pretty specific structures. (Technical enabler:  OWL)
• The ability to expose object methods.  This one gets lost in the shuffle, but essentially what it means is that you can set the property of an object so that it points to a Web service endpoint of some type which is functionally equivalent to a method for the object method in a traditional object oriented programming language.  (Techinical enabler:  RDF, RDFS, OWL, SAWSDL and SA-REST)
• The ability to create associations between objects, even to the point that something (probably software) reading the data can see that data associated with one URI is really the same as data associated with another URI (for example, the entity which is referred to by <http://dbpedia.org/resource/Tim_Berners-Lee> is the same as <http://www.w3.org/People/Berners-Lee/card#i>).  It also means that an object property can derive its value from data associated with another URI.  (Technical enabler:  HTTP)
• The ability to crawl through the node structure (data graph) to find data, discern information, and infer facts to understand what it all means (Technical enabler:  all of the above, plus query language and inference engines)

This is a gross oversimplification of things, and I probably butchered the terminology, but it’s what would have made me say “aha” when I saw it a month back.  This really doesn’t touch on how any of this is actually used (use cases), because there are just so many different ways that it would make your head spin.  The way to actually use all of these components could easily fill a book (and they have!)  I tend to think of it as distributed object-oriented programming on steroids, with a distributed database and a cherry on top.

Hope that answers your question a little better Edwin.

I admit it… I thought I got the semantic Web before, but I didn’t really.  I really got it just recently.

People have noticed that I haven’t blogged much (well, really not at all) for the past week. That's partly because I’ve been under some pretty tight deadlines at work lately, but also because I’ve also been feverishly working to fully grasp the semantic Web—not an easy task, for me at least.

Now that I’ve emerged on the other side of that process, the semantic Web seems like a pretty uncomplicated concept.  But boy, let me tell you, trying to wrap my brain around it was quite a challenge. I always knew what it was about from a high level—RDF, triples, vocabularies and all of that. I could just never mentally translate those ideas into solutions for the problems I was working on. And it’s interesting, because I can plainly see the vision now and, more importantly, how it fits into real-world problems.  I also see why it has been utterly failing at gaining any kind of traction outside of academia.

My little self-education process started when Kingsley Idehen invited me to a semantic Web get-together at MIT. We had emailed each other a few times before as a result of him finding my blog, and some posts I wrote about a year back about what is now being called data portability and distributed social networks. Since I’m now living in the Boston area, he invited me to MIT to meet in person and to get a sense of what the semantic Web ideas are truly about. The meeting was interesting, but I still came away unimpressed.

I kept in contact with Kingsley, peppering him with rapid-fire questions about semantic Web technology, technical details, and how it applies to my real-world problems, and he patiently answered all of my questions.  Thanks for the tutoring there man, appreciate it ;)  I thought I was pretty forward-thinking for writing about things like data portability and distributed social networks a year or two before they became hot stuff, but I now have to tip my hat to Kingsley and a few select members of the Semantic Web crowd and admit that they had this problem figured out back when I was still in college.

Now that I understand it, I realize that the semantic Web is some very, very cool stuff. It includes many of the ideas that I’ve been writing about for a long time without fully realizing that they were encapsulated by semantic Web ideas. Many of the things that I’ve been wanting to do for a while—data portability, being able to use objects distributed across the Web, global object identifiers, distributing software across networks, and using converged online identities—are achievable by the semantic Web, and pretty much all of the details have already been worked out. It was an epiphany for me when I realized this, and I have to say I’m extremely happy about it because I had been thinking that all of this was a new trail that had to be blazed. Turns out, all the heavy lifting has already been done, it’s just never really been used much.

I think the biggest problem the semantic Web is facing is the fact that most of the people who understand it come primarily from academia. Academia, to me, is plagued with a disease that I myself have suffered from my entire life—that is, the urge to build something just because it’s cool technologically, not because it’s useful in the real world. While something I built might impress the hell out of other computer geeks, and I’d be extremely proud of it, other people would look at it with mild interest and then quickly move on to something else, because they couldn’t see the value in it. I’d have to say that I owe a lot to the experience of building Latigent and to my former business partner Chris Crosby for helping me overcome that handicap. Having to build something with resale value in order to pay the bills this month has a way of grounding you in reality.  Having somebody else depending on you to build something of resale value, and remind you of that constantly, helps even more :)   I’d highly recommend every geek who thinks he’s hot stuff work closely with a sales-oriented person for a period of time if you really have a desire to make any money.

Besides suffering from being sold by people who don't really understand the real-world problems that it could fix, the semantic Web is plagued by a layer of jargon and terms that takes a significant investment of time to work through. While I understand that it’s important to clearly define what you’re talking about, people who are pushing the semantic Web are generally not very good at dumbing it down enough so that it’s easily palatable. It took me a good week of pretty focused research and having somebody there to bounce questions off of before I really got it--and I like to think that I'm a pretty technical guy. Now that I get it, I’m sure that there’s a better way to package these concepts so that more people understand how they relate to the problems they’re facing. The straightforward concepts that underlie the idea of the semantic Web are so obfuscated by the terminology and the W3C standards that come up when you google them that the mental barrier to entry is just way too high right now. The fact is, people will not adopt semantic Web ideas until semantic Web ideas are the ones that get returned when they search for a solution to their problem. In order to get to that point a radical change in the way these concepts are sold is needed.  That, and people like Kingsley, Danny Ayers, Tim Berners-Lee and others who are out there tirelessly promoting it as a real-world solution to real-world problems.

Kingsley has started calling the semantic Web the Linked Data Web, which is definitely a good step towards packing the idea in a more attractive way. I would personally prefer something more closely related to living, breathing objects (not literally, but in the sense that they can actually do things besides just being queried for data). I think that the semantic Web crowd is a little too focused on the data output side of things—all of the excitement seems to be around querying data, finding data, building a better Google, etc. That’s cool and all, but it seems to me that the real killer application for these ideas is allowing nodes on the Internet to find and then actually communicate with each other.  That key point almost seems lost in the shuffle to me. What is called the semantic Web today, with a nice healthy injection of service-oriented architecture, is going to be a revolution in computing. That's the bit that excites me—enabling an Internet where any node can communicate and interact with any other node on the network.

I'm looking forward to continuing to learn more about the details that have been painstakingly worked out over the years on the semantic Web, and at some point actually getting an opportunity to put them into practice.  I now have no doubt that the next earth-shattering applications, the revolutions in the way we use computers and the Internet, are going to spring from this movement, and I'm pretty excited about that.  All it needs is a little sex appeal and it'll catch on like wildfire.

One of my predictions for 2008 was that "Privacy and personal data ownership will be a critical issue for Web-based businesses."  Well, that didn't take too long.

Robert Scoble opened a can of worms today by testing a new Plaxo feature that scraped his contact list out of his FaceBook profile and importing it into Plaxo (and by doing so synchronizing his Outlook contact list, a pretty reasonable use of his FaceBook friend list if you ask me).  FaceBook banned him for using an automated script to suck out his contact data, and this has generated a flurry of blog posts debating who actually owns your contact data in a social network.

My kneejerk reaction is "duh".  You, obviously, own your contact list data.  However, there seems to be some controversy over whether FaceBook has a duty to "protect" its users' data from being scraped out by nefarious software.  The people making this argument no doubt also feel that the government needs to protect you from spending your money unwisely by taking it from you and spending it on $900 toilet seats.  This is a dumb argument.  If you establish a relationship with someone online, you are granting them some level of access to you.  The only logical reason for FaceBook NOT to want you to have access to your contact list is because... drumroll please... it makes your data portable.  It frees you to take your business elsewhere, and you can leave FaceBook unless it provides some kind of value proposition.  Poor FaceBook.  Is anyone else getting flashbacks to the MP3/RIAA/DRM controversy here or is it just me?

Anyway, I can now throw my full weight behind that prediction and say with some degree of certainty that 2008 will DEFINITELY be the year where you start to see personal data ownership and distributed social networks.  Efforts like dataportability.org and atmy.Name are going to force the issue whether sites like FaceBook and MySpace like it or not.  It's great to see this debate hit the mainstream, it's about time.  Plus, it helps my prediction success ration :)

There’s been a pretty fascinating discussion going on in the blogosphere recently about the benefits and hazards of centralization on the Internet.  Three main hot button topics have come and have ignited the discussion:  TechMeme, TinyURL, and FaceBook.

If you’re not familiar with TechMeme, it’s a site that aggregates blog posts around a particular topic (meme) and creates “conversations” around them.  It’s pretty popular among the Web 2.0 crowd and many people—myself included—tend to use it as a tech newspaper.  It’s really handy in that regard, because you can see when there’s a popular topic that’s getting a lot of coverage without having to subscribe to thousands of feeds.

On the other hand, the way TechMeme aggregates the posts is something of a mystery.  It’s unclear whose blogs are on its “reading” list (my blog is part of the mix, and I’m not exactly sure how it got there), and they seem to be giving a lot more traffic to the big corporate blogs such as CNN, CNET, and TechCrunch lately. People are complaining that this is killing genuinely new and innovative memes off the site, and I tend to agree.  It used to be an incredibly interesting site to read because you’d see all kinds of offbeat and obscure ideas that you would otherwise never have heard of.  Recently it’s been more along the lines of technology news commentary, which is a real shame.  I would almost rather see the site broken up into an “A List” and “B List” site, I’d probably pay much more attention to the “B List” version.  But the point is that the one site having the power to decide which blogs are important, and thereby which memes are important, seems to be hurting the diversity and egalitarianism that made blogs interesting in the first place.  It’s a single point of failure in the brainstorming business.

And then there’s TinyURL.  Most people are probably familiar with it—but if you’re not it’s just a service that will take a long, obtuse URL and shorten it into a URL of about 15 characters.  It’s become more popular recently thanks to the micro-blogging phenomenon using sites like Twitter which let users post extremely small blog posts.  Usually the posts are limited to about 200 characters, so if you want to embed a link in your Twitter post, TinyURL is a handy little tool to help save space.

The downside, as with TechMeme, is that TinyURL is a single point of failure.  It went down the other day, and all of a sudden many, many links stopped working.  It poses the question of whether using any single point on the Internet as a conduit for so much traffic is actually a good idea, even if it makes life a little easier.  (I also have questions about where the Google juice for TinyURL’s go, to TinyURL itself or the destination site.)

And then there’s privacy—the big 500-lb gorilla hiding in the corner.  People are starting to have concerns about what Facebook and other social networks are doing with their data.  I’ve been blowing this horn for so long I’m starting to get tired, and the only way around this roadblock is to actually OWN OUR OWN DATA (duh).  IMO trying to fix the companies themselves is just a band-aid--just like tamed lion, even the most trustworthy companies can turn on you at any time ("Don't be evil" comes to mind here).  Of course, if you willingly give a company your data, they will use it to make the most money they can.  If you don't like it, you should rethink capitalism.  Don’t try to fix the companies, fix the freaking paradigm.  This is one area that needs decentralization in a bad way.

What I think is interesting is to watch this dance back and forth between centralization and decentralization.  For every two steps we make towards decentralization, we take a step backwards towards centralization.  What starts out decentralized ends up centralizing for a time in the name of progress and convenience, until the centralized systems are shattered into a million pieces as necessity and self-preservation demands it.  Technology innovation tends to happen in one spot (company, site, community, etc), and shortly afterwards that one spot becomes a centralized hub for all activity around that innovation.  Until it’s not.

This whole discussion leads to another fascinating topic, one that I think is going to be the defining trend in the next phase of Internet evolution:  personal Internet ownership.  It’s the ultimate level of decentralization, decentralizing the Internet so that it operates on the basis of each individual person, not relying on these central hubs we have today, like social networks and Old Media outlets.  Taking the Internet’s server network and turning it into a human network.