Our editor has asked me to “imagine a world where identity management has fully evolved to serve the individual researcher's needs—a world where discovery to delivery of licensed content is a smooth and sane experience.” Tall order, but he caught me at a good time; because, after many years of looking, I can now see a path to that future—one that ends with the Internet of Things, which is still almost pure buzz, as shown in Figure 1. [The illustrations that accompanied the print version of this article are available in the PDF at right.]
Amidst this early buzz, one finds two default assumptions about the Internet of Things. One is that to be “smart” things need embedded intelligence. The other is that the parties most responsible for smart things are their makers. Both are wrong.
Anything, literally, can be on the Internet. Your furniture, for example. Or your books. Or the magazine you are reading right now. All a thing needs is a unique identifier and standard ways that identifier can be understood and put to use.
So let’s say a thing’s identity is revealed through a QR code. (It just needs to be readable. For our purposes a QR code will do.) If you scan that code with your phone (or any device), it should be able to tell you what you need to know about the thing to which the code is affixed. For example, who owns it and what usage rights go along with it.
The thing telling you what you need to know is a pico, or persistent compute object. Phil Windley, Ph.D., who coined the term (and open source software to go with it), describes a pico as “a small, general-purpose, online computer.” Picos can be anywhere on the Internet, and act as peers to other entities (e.g., companies, people, things, or even concepts) on the Internet regardless of size. Picos run programs and store data on behalf of the entities they represent. And picos create active, event-based channels with other picos to form a relationship network. Collections of picos, acting under the authority of their owners, can model the relationships and interactions between entities in the physical world. Everything in the world can have a pico. (To illustrate how this works, Dr. Windley even gave a pico to a pothole on his street.)
So let’s talk about picos for books. In the long run, every book should come with its own pico, but for now let’s imagine giving picos to every book you own. There will be easy ways to do this eventually (and an array of service businesses helping customers do that), but for now let’s say you can do it yourself by sticking a QR code on the back corner of each book and scanning it with a reader that also picks up the ISBN number. The output of your scanning app can be programmed to route to another app made just for creating and managing picos. All your books’ picos will go in the personal cloud (itself a pico) where you keep everything that’s yours in the Internet of Things (including permissions for use, set by you and/or the holders of copyrights). Anybody who later scans the code on one of your books can know it’s yours—plus whatever else you and other rights holders choose to reveal.
A book with a pico can have relationships with its owner, publisher, seller, borrowers, other books, the movie that was made from it, or anything else that makes sense. The nature of these relationships is contextual and each enriches the book in some way by placing it in an important context. Programs running on the book’s pico manage these relationships. For example, a “who’s borrowed me” program could help the book (and its owner) keep track of who has read or borrowed the book, comments they had, or the book’s current physical location.
Now let’s say you donate your books to a library. When you do that, you also transfer the ownership of those books’ picos. Then, when somebody scans the QR code on the same book, they’ll see that the library now owns it—and also see the library’s and the rights holders’ permissions for using the book.
And now let’s say the contents of the book are available for scholarly use, online. You, as a researcher, should be able to discover and use that content, easily, and in permitted ways. This is only possible if there are standards governing all this, and they are widely adopted. This is what I expect to see happen with XDI, for eXtensible Data Interchange, which is already part of the spec for picos. According to the XDI Technical Committee at OASIS (a standards organization), “The goal of XDI is to enable data from any data source to be identified, described, linked, authorized, and synchronized using a standard semantic graph model, format, and protocol, so that data sharing can become as interoperable as HTML and HTTP have made content sharing.”
A key word is authorized. XDI has a feature called link contracts, which bind usage to permissions. According to Wikipedia, “Link contracts are themselves XDI documents (which may be contained in other XDI documents) that enable control over the authority, security, privacy, and rights of shared data to be expressed in a standard machine-readable format and understood by any XDI endpoint.”
I don’t know any other standard that points more clearly in the direction we all want.
Many companies are starting to adopt and deploy XDI, mostly in what’s becoming known as the “personal cloud” space (where, among other things, you control your own identifiers and manage relationships with other entities in the world). But it is still very early. There is no telling how fast or well developments will follow the path I’ve outlined here; but I’m encouraged by what I’ve seen so far. If you want to see more, follow along at ProjectVRM, which fosters this kind of work.
Doc Searls (email@example.com) runs ProjectVRM at the Harvard’s Berkman Center for Internet and Society, and is author of The Intention Economy: When Customers Take Charge (Harvard Business Review Press, 2012) and co-author of The Cluetrain Manifesto (Basic Books, 2000, 2010).