Mass fingerprinting of children will start in 2010

More good news from The Sunday Times in Britain: 

CHILDREN aged 11 to 16 are to have their fingerprints taken and stored on a secret database, internal Whitehall documents reveal.

The leaked Home Office plans show that the mass fingerprinting will start in 2010, with a batch of 295,000 youngsters who apply for passports.

The Home Office expects 545,000 children aged 11 and over to have their prints taken in 2011, with the figure settling at an annual 495,000 from 2014. Their fingerprints will be held on a database also used by the Immigration and Nationality Directorate to store the fingerprints of hundreds of thousands of asylum seekers.

The plans are outlined in a series of “restricted” documents circulating among officials in the Identity and Passport Service. They form part of the programme for the introduction of new biometric passports and ID cards.

David Davis, the shadow home secretary, said: “This borders on the sinister and it shows the government is trying to end the presumption of innocence. With the fingerprinting of all our children, this government is clearly determined to enforce major changes in the relationship between the citizen and the state in a way never seen before.”

…Children under 16 will not be part of the ID card scheme. But the documents show that from 2010 they will still have to be fingerprinted for a new passport.

The prints will initially be stored on the directorate’s database. Once children reach 16 their fingerprints and other personal information will be passed for storage on the register, along with those of nearly 50m adults.

If they don't scan, they don't eat

The more I look into this story, the worse it gets.  We don't have to go to Britain for examples of child fingerprinting – just take a look at this email from a lady in Illinois:


My name is Joy and I am continuing to get the word out & tell this true story.

In August 2005, our public school district with less than 500 students decided to start using biometric equipment for “accounting purposes”.  We were told at registration to take our children over and have them scanned.  (There was not an opt out or opt in policy).

I objected and said no – our children are not to use this equipment -especially when there is not a policy to look over.

We were told, “if they don't scan ,they don't eat.”

I explained I believed that to against the law and the rights of the children as well as parental rights.  I was then told that this equipment would put Earlville, Illinois on the map (not like they thought).  A few days later I gave birth to our youngest daughter, on Aug 20, 2005, and explained to my husband that when I recovered I was going to discuss this matter with the district administration again.

Meanwhile my eldest children Brooke & Gunner were still brown bagging it.  Well, Sept 21, 2005 my 7 year old son was scanned anyway – even though he reminded the “tech director” that he was not to scan.

I of course called the school and started recieving excuses from the adminstrative staff.  I went to the local paper, the school board and still did not feel as if we were getting very far with our objection.  I then decided to write to Illinois legislators and the media.

Senator Miquel Del Valle introduced SB 2549 in Jan, 2006. CBN came to our town and interviewed us (as well as Senator Miquel Del Valle on a different date.)  The story aired Nov 7, 2006.  Then Senator Miguel Del Valle stepped down and took another position in Chicago. SB 2549-session sine die.

There I was again writing and calling the media and legislators.  In Jan,  2007 I was invited to speak with some privacy advocates and share this almost unbelievable story.  In Feb, 2007 two bills were introduced and are passing:  HB 1559,  introduced by State Rep Bob Pritchard; and SB 1702, introduced by Senator Kim Lightford.

I have several newspaper articles as well as letters from the Superintendant stating that my 7 yearr old son willingly gave up his finger.  Info about this story can also be found on EFFs deeplinks ,the Cato Institute,The End times and of course the CBN website.   As soon as I get updated on the bills I can notify you.   In the meantime I will continue to get the word out and search for advice on this matter .

I had my finger impression scanned for an Illinois licensure requirement, however I am a mother of five, over 30 and a private detective.

Not a minor child trying to by hot lunch at school.  We know that the data on these children can be sold, given away and anyone who knows how to write a FOIA can have access to this info. 

Joy Robinson-Van Gilder

Make sure children are calm

Continuing to explore the new specialty of child fingerprinting, I came across a nice piece on this phantasmagorical teaching aid:

Not surprisingly, people are responding to this preposterous misuse of identity with sites like leavethemkidsalone.  These people know how to communicate.  Take a look at this little video

Amazingly, those caught up in child fingerprinting have broken the first four laws of identity all in one go.  This will come back to haunt them – and much worse, may stalk some of their little victims.

First, both the parents and the children should have been asked for consent – and given the opportunity to opt out (law 1).  Second, far more information is being collected than is required by what the schools are using it for (law 2).  Third, this information is in the hands of unwarranted parties (law 3).  Fourth, a non-revocable omnidirectional identifier (you can't change fingerprints) is being used in a an interaction where a unidirectional (context-specific) identifier would do just fine, paving the way for many attacks on the individuals’ privacy and security (law 4). 

Strangest of all, though we can predict with near certainty that the information being collected will leak over time, the schools and government seem to have no concern for the unnecessary liability they are assuming.  Strange.  Perhaps, in Britain, they are immune to law suits?

Already we see the first repercussions.  In fact the Dudley school system teaching aid shown above was taken down in response to a leavethemkidsalone story.

3,500 British schools fingerprinting their children

Greg Mulholland, a British MP, has drawn my attention to a misuse of identity technology that not only concerns me, but saddens me. 

I'm a pretty hard-bitten technologist.  I long ago observed that one of the unfortunate characteristics of computers is that they allow people to do stupid things thousands of times more quickly than they did before. 

But this one goes beyond silly to abusive.  It involves inflicting a technology that is not yet ready for use in the real world, on young children.  An analogy might be a decision, by people who don't realize testing is necessary, to inject students with an untested vaccine.  And worse, the parents have no opportunity to opt out. 

This is one of those cases where ignorance breeds Sorcerer's Apprentices who act without the slightest knowledge that there will be consequences to what they do.

On a personal note, I can't help responding as one who has taught – albeit, not to children.  I wonder what has happened to our teachers, whose job must be to know their students intimately and respond, with open hearts, to their needs and abilities?  What macabre pathways led them to introduce impersonal and mechanized technologies like RFID and – the mind boggles – fingerprinting, as a substitute for personal interaction?  I see a tear in Socrates’ eye.

In  Britain, not only do an estimated 3,500 schools already use fingerprinting, but, in astonishing ignorance of the first law of identity, parental consent is not required.  If it had been, the technical and security issues now coming to light would have been raised earlier, and the money which has been poured down this pathetic technology drain could have been used to better ends.

The following is a story on the BBC web site about the growing controversy and the government's new “guidelines” on fingerprinting in schools:

The guidelines, published next month, will “encourage” schools to seek consent before taking biometric data.

The move comes after it emerged some primary schools stored children's thumb prints for computerised class registers and libraries without parental consent.

The Department for Education and Skills (DfeS) says it does not have figures for how many schools are already using biometric data.

However, a web poll by lobby group Leave Them Kids Alone, estimated that 3,500 schools had bought equipment from two DfES-approved suppliers.

Under the Data Protection Act, schools do not have to seek parental consent to take and store children's fingerprints.

‘Sensitive area’

But privacy watchdog the Information Commissioner will urge them to do so from next month after pressure from parents and campaign groups.

“Because this is a fairly sensitive area – because young people are going to be sharing their personal information – we are encouraging schools to adopt best practice and seek the consent of both pupil and parent,” a spokesman for the Information Commissioner said.

Schools will also be reminded that they must not share the data with other organisations.

They have also been told they should only hold fingerprint and other information “as long as it necessary for the purpose for which it is being processed”.

But the moves are unlikely to satisfy campaigners, who have been calling for a change in the law to ban fingerprint scanners from school premises.

‘Social conditioning’

The director of lobby group Action on Rights for Children, Terri Dowty, said having fingerprint technology in schools – allowing students to register, use the library and buy canteen food – was “encouraging children to be casual about their biometric data”.

Her views were echoed by Phil Booth from the anti-identity card campaign group No2ID.

He said: “We're talking about social conditioning. In a school environment it will make kids less concerned about their biometric data.”

But he also raised concerns about storing such information on “relatively insecure databases”.

Parent activist David Clouter said a lack of guidance from the DfES and the Information Commissioner had “produced a juggernaut of companies wanting to jump on the bandwagon” to sell equipment to schools.

‘Stolen identities’

He had been told that having biometric data in school libraries “would encourage people to read”.

“Given that children have been reading for centuries I find that hard to believe”.

A technology expert, Andrew Clymer, who has campaigned to keep biometrics out of the school attended by his children, aged six and eight, said that no IT system was guaranteed to last beyond a few years.

However, a fingerprint taken from a 4-year-old child would last a lifetime.

“Security is always developed with a timeframe, but biometric data is for a lifetime.

“We would potentially be opening up the possibility that in the future kids will have their identities stolen,” Mr Clymer said.


Forty-seven MPs have signed a Commons motion tabled by Liberal Democrat MP Greg Mullholland calling for consent to be required for the collection of biometric data.

Shadow schools minister Nick Gibb has also asked schools minister Jim Knight about guidance.

Mr Knight responded that biometric information about pupils should be handled in the same way as other personal data about pupils, and said it was subject to the Data Protection Act 1998.

Under the Act, schools are not obliged to seek consent from parents, but they should provide notification of their use of data to individuals involved.

‘Common sense’

The DfeS said fingerprints were used to help make school libraries, lunches and “management systems” run more smoothly and the information was stored as a “digital number stream” rather than individual prints.

Schools are also required by the Data Protection Act to tell parents about any information being held on their children and what it is being is used for.

A DfeS spokesman said: “It is important to remember that schools have always collected personal information, such as registers and home addresses, on pupils for their own smooth running.

“They are well used to handling all kinds of sensitive information to comply with data protection and confidentiality laws.

“Parents should be engaged in all aspects of school life and it is common sense for schools to talk to them about this and all issues relating to their children.”

The new guidance for schools will be available from the end of March on the website of Becta, the British Educational and Communications Technology Agency.

Delegation tokens and impersonation

I've been asked to clarify a couple of points by Devlin Daley and Bryant Cutler, who are studying with Phil Windley.

Delegation tokens 

Delegation tokens, as you've described them, (according to one of Dale Old's recent posts) are not yet implemented in CardSpace.  Is that accurate? Is it soon to be added to specification or is it still a work in progress?

I like Dale's piece, but think the “not yet implemented” statement might lead to confusion. 

One of the key characteristics of CardSpace is that it has no idea what kind(s) of token it is carrying.  It's hard to get this across – the practical meaning isn't obvious.  But your question about “delegation tokens” provides  a good concrete example:  delegation coupons can be conveyed through CardSpace without any changes or extensions to it.  This doesn't mean anyone is doing so yet.  That is likely what Dale is talking about. 

I've actually been thinking of putting together some demo code to show how this would work.  If you look at my “HelloWorld Card” tutorial,  you will see that rather than requesting and sending a “HelloWorld Card”, the relying party could easily be requesting a delegation coupon.  So CardSpace is actually ready for “delegation coupons”.

One can then ask what a delegation coupon would look like in concrete terms.  What's the best format for the (possibly multiple) constituent tokens?  The blogosphere discussion about delegation shows lots of people are thinking about this, but so far we haven't built the “early implementations” that let us explore the issues and problems concretely enough to emerge with a new standard.  I would be interested in learning about research systems built in the academic community to explore this territory – perhaps you can share your research with us.


Devin and Bryant continue:

We've been bantering about the idea of delegation vs. impersonation. Clearly impersonating someone without them knowing is wrong and a serious problem. But, is impersonation “bad” if I give my express permission for someone to do so? (assuming there is a mechanism for revoking this permission).

In your Powell's and Amazon example, what if I don't want Powell's to know that I am supplying this information to Amazon? Obviously there are cases where we want to let others know that services are acting with our permission. Perhaps there are cases where we don't want to disclose that. Is granting the choice to me more user-centric?

You are quite right that, as per the first law of identity, the choice of what to disclose must always be in the hands of the user.  Further, if a user wants to delegate to a machine the ability to “be her”, that should be possible too.  Let's call it extreme delegation.  Our job is not to tell anyone that they should live in some particular way.  We might, however, have the responsibility of pointing out the technical dangers of this extreme, perhaps even recommending some interesting science fiction readings…

But I'll point out that it isn't necessary to do impersonation to achieve the goal you want to achieve in your example – preventing Powell's from knowing that you are supplying information to Amazon.  In fact there are two ways to use delegation to do this. 

The first is simply to create a coupon saying, “the holder of this key has the right to see my Powell's behavior”.  Then you give Amazon the coupon and the key.  In return, Amazon might give you assurances about how it will protect the coupon.  Meanwhile, it can retrieve the information it wants without revealing its identity.

Or you may wish to have an agent of your own to which you delegate the ability to assemble your behaviors, and the right to pass them on according to your dictates.  I personally think this is the most likely option since it provides optimal user control.  But even in this case, designing secure systems means limiting the capabilities delegated to that particular piece of software, rather than “making it into you” by having it operate in your identity.  There is zero need for impersonation.

Your use case of information hiding can be handled without departing from my delegation maxim:

No one and no service should ever act in a peron’s identity or employ their credentials when they’re not present.  Ever.  

Putting several threads together, the user should act through a transducer to delegate to well-identified processes.

Cruise control and alcohol…

In a new comment, Ernst Lopez Cordozo book-ends our “transducer versus delegation” discussion with a spectacular real-life example.

I had been trying to tease apart the distinction between a transducer and an agent to which we have delegated, arguing that we need both classes of component in computerized systems.  Using the “gas pedal” as an example, I wrote:

I’m certain that Ernst would not argue that we “delegate” control of acceleration to the foot pedal in our car – the “foot-pedal-associated-components” constitute the transducer that conveys our intentions to engine control systems.

Ernst's response puts the whole discussion into stark relief:

I agree with your analysis. And yes, it is difficult.

Ten years ago the car of a well known Dutch opera singer caused a fatal accident while driving on the parking deck of the Amsterdam Arena. The singer, who was behind the wheel, successfully claimed that the accident was caused by his car’s cruise control, rather than his consumption of alcohol that night.  I don’t make this up.  Reality dovetails nicely with your examples.

Whether we use an innocent transducer or a possibly disobedient agent determines the deniability of the resulting actions.

Doc Searls on Creator Relationship Management

Here is Doc Searls, Editor of Linux Journal, rapping about the role of identity in a whole new creator-consumer model:   

If incoming mail contains the word “identity” it goes to a mailbox I started in late 2004. It has over 7000 emails in it now. The majority of those are from the Identity Gang list.

The Identity Gang got its name when it first met informally on the December 31, 2004 edition of Gillmor Gang. I've lost track of how many workshops and meetings and other exercizes in convergence we've had, but the progress continues to be amazing.

I just looked at what Eric Norlin of IDG wrote here, then at what Scott Kveton of JanRain wrote here then at what Kim Cameron of Microsoft wrote here — to pick just three out of countless posts, all connected somehow. You can see the progress in just one month.

This observation comes in the midst of thinking about a form of
Vendor Relationship Management
that has the same initials as CRM, but a different meaning: Creator Relationship Management.

I would like to relate to creators in a better, less intermediated way. On the supply side, Creative Commons has done a great job of clarifying how artists and their representatives would like to relate in the marketplace. Think of CC as a form of CRM — of customer relationship management. A way of relating to customers. It's a great start. But it still only comes from the supply side.

Now I want to come back at creators from the other direction: from the demand side. From my end, not just theirs. I want to give them something more to relate to than an entry I put in a form on a website. I want to create a mechanism of engagement that is independent of any one supplier: that is silo-free.

I want them to be in my database, not just be one entry in their database.

I want to relate as a customer in the marketplace, and to be able to expand on that relationship in ways that allow both sides to create and expand value.

That means if I like a play, or a piece of music, or a podcast, or a video, or any creative production, and I want to pay the creators (and the producers) for that, I want a way to do that directly, on my own terms, with minimum intermediation.

I want to reward the intermediators too — the producers and distributors, for example. Anybody who contributes value.

Beyond cash for goods or services, I would like the option of having some range in relating. Maybe I want nothing more than give an artist some cash and a high-five. Or I may want a subscription to notices of new work, or to performances near where I live.

The thing is, this mechanism needs to live on my side: to be mine. It must be able to relate to a first source or to an intermediary, but it can't belong to the intermediary. The responsibilities for relating need to be shared. To do that, I need to control my end, free and clear. I can't just be enrolled in a system controlled by the supply side, or by somebody in the middle.

The absence of the power to relate from the demand side — except with cash or mechanisms controled by the supply side or its intermediaries — is a problem as old as the Industrial Age, and it's time to solve it.

So: my role on the demand side needs to be better equipped. How do we do that?

First we start with identity. That's why everything going on in the Identity Space is important. (And why I need to catch up with it.)

Second, we need to pick a problem to solve, not an ocean to boil. Here's one I like: make it easier for public broadcasting listeners and viewers to pay for the goods they receive. Right now public broadcasting continues to raise money in extremely old-fashioned ways. The one I hate most is the fund drive where they turn off programming for two weeks, plead poverty, and then give you a cup or a CD if you send some money. There has to be a better way.

So that's what I want to work on as my first VRM project, which I'll detail in Wednesday's SuitWatch Newsletter, and then here on Thursday. Stay tuned.

The concepts are great.  I wish we had a better word than ‘management’.  It seems like we have to “manage” everything, from time to relationships, when we used to just enjoy them.


Identity Crisis Podcast

Identity Crisis If you haven't read Jim Harper's book, Identity Crisis: How Identification Is Overused and Missunderstood I urge you to do so as soon as you can.

I was initially a bit skeptical about this book because – I hope my more politically inclined friends will forgive me – it was published by what I assume is a political “think tank”.  I worried it might reflect some kind of ideology, rather than being a dispassionate examination of reality.

But in this case I was wrong, wrong, wrong. 

Jim Harper really understands identification.  And he is better than anyone at explaining what identification systems won't do for us – or our institutions. He carefully explains why many of the proposed uses of identification are irrational – delivering results that are quite unrelated to what they are purported to do.  In my view, getting this message out is just as important as explaining what identity will do.  In fact it is a prerequisite for the identity big-bang.  There are two sides to this equation an we need to understand them both.

He directly takes on the myth that if only we knew what peoples’ identifiers were, “we would be safe”.  Metaphorically, he is asking what kind of plane we would rather fly in – one where the passengers’ identifiers have been checked against a database or one where they and their luggage have been screened for explosives and guns? 

I think he will convey to “lay people” why a so-called “blacklist” is one of the weakest forms of protection, showing that all you have to do is impersonate anyone not on it to sneak through the cracks.

The book is full of important discussions.  It has chapters like “Use identification less” and “Use authorization more.”  I have only one criticism of the book.  I would like to see us separate the notion of identity, on the one hand, and individual identification (or identifiers) on the other.  We need return to the original meaning of identity: the fact of being who or what a person or thing is.

As a simple example, suppose I'm a service provider building a chat room for children, and want to limit participation to children who are between 12 and 15.  Let me contrast two ways of doing this. 

In the first, all the children are given an identifier.  To get into the room, they present their identifier and prove they are the person to whom that identifier was given.  Then the chatroom system does a lookup in some public system linking identifier and age to make the access control decision.

In the second, the children are given a “digital claim” that they are of some age, and a way to prove they are the person to whom that “claim” was given.  The chatroom system just queries the claim to see if it meets its criteria.  There is no reference to any public or even private identifier.

My point is that the first mechanism involves use of an identifier.  The second still involves identity – in the sense of being what a person is – but the identification, so rightly put into question by Jim's book, has been put into the trashcan where it belongs.

The use of an identifier in our first example breaks the second Law of Identity (Data Minimization – release no more data than necessary). It breaks the third Law too (Fewest Parties – since it discloses use of information to a central database unnecessary to the transaction).   Finally, it breaks the Fourth Law (using an omnidirectional identifier when none is required).

The book was written before “claims-based thinking” began to gain mindshare, and so it's missing as a category in Jim's discussion of advanced identity technologies.  But we've talked extensively about these issues and we have concluded that we have no theoretical difference – in fact the alignment between his work and the Laws of Identity struck us both as remarkable given that we come at these issues from such different starting points. 

Jim's book is wonderful reading.  It should help newcomers better understand the Laws of Identity.  And this week the Cato Institute in Washington held an event at which Jim spoke, along with James Lewis, Director and Senior Fellow, Technology and Public Policy Program Center for Strategic and International Studies; and Jay Stanley, Public Education Director, Technology and Liberty Project American Civil Liberties Union.

Download the podcast or watch the video here.


World's leading identity politician

When it comes to dealing with identity, Australia has already “been there, done that.”  In 1987 there was a massive public revolt against a proposed national ID card that imprinted several of the Laws of Identity on the psyche of the nation.

None the less, the country faces the same challenges around health care and social benefits as every other: the need to streamline benefits processing, reduce fraud, and improve information flow where it is vital to the health and safety of individual citizens.

Over the last few years this had led a whole cohort of Australians to think extensively about how identity, privacy and efficiency can all be served through new paradigms and new technology. 

On its second try, Australia went in a fundamentally different direction than it did with its 1987 proposal (reminiscent of others that have hit the wall of public opinion recently in other countries).  This time, Australia started out right – bringing privacy advocates into the center of the process from day one. 

The cabinet minister responsible for all of this has been Joe Hockey, who seems to have a no-nonsense approach based on putting users in control and minimizing disclosure.

Finally!  Our first glimpse of a government initiative that is, at least in its inception, fully cognisant of the Laws of Identity.  Beyond this, instead of swimming with dull proposals based on Berlin-wall technology,  Australia is leading the way by benefiting from new inventions like smartcards with advanced processors and web services that can together put information ownership in the hands (and wallets) of the individuals concerned.

Here's the story from The West Australian

Police, State governments and banks will not be able to demand access to the new $1.1 billion smartcards under new laws aimed at stopping them becoming de facto national identity cards.

Responding to a report to be released today by Access Card task force chairman Allan Fels, Human Services Minister Joe Hockey will announce changes to ensure individual cardholders have legal ownership over them.

In a speech to be delivered to the National Press Club today he says most government and bank-issued cards remain the property of the issuer but in what may be a world first, the new laws will ensure the cards cannot be demanded for ID purposes.

Professor Fels foreshadowed the legislation in June when he warned consumers needed to be given as much control over the card as possible, and that the Government faced major security concerns if it did not protect cardholders from having to produce the card as identification.

Mr Hockey says the legislation will be introduced next year.

The Government will be able to turn off access to health and welfare benefits if the owner of the card is no longer entitled to them.

The high-tech cards, to be rolled out across Australia from 2008, will replace 17 health and social services cards, including the Medicare card, healthcare cards and veterans’ cards.

They will include a digital photo and name but not the holder’s address and date of birth, and the microchip will store certain health information and emergency contact details.

The Government says it will not be compulsory, but has admitted it will be hard to avoid because it will be required for all government services.

Nearly every Australian will need to carry a smartcard by 2010.

In his speech, Mr Hockey will argue that Australia has been a “complacent comfort zone” when it comes to aspects of card technology and security.

“Many other countries, particularly in Europe, replaced the magnetic strip with a microchip long ago,” he says.

He denies the scheme will result in one giant data base.

“Your information will stay where it presently is, the agency relevant to that information, the agency you deal with,” he says.

The Government hopes the scheme will wipe out $3 billion in welfare fraud a year.

Shadow human services minister Kelvin Thomson said the Government had engaged in precious little public debate about the card.

“Concerns include the threat to privacy from surveillance by corporations and governments, as well as the financial plausibility of a Government-run $1.1 billion IT project,” he said.

“In the United Kingdom, the Blair Government has been forced to put their proposed smartcard on hold due to overwhelming public opposition.”

If Joe Hockey's proposal is as enlightened as it appears to be, I hope every technologist will help explain that our current systems are far from being ideal.  We mustn't get too hung up on simply preventing deterioration of privacy through absurdist proposals, because the current bar is already too low for safety. 

We need to follow Australia in being proactive about strengthening the fabric of privacy while achieving the goals of business and government.

Virtual gardens with real-world walls

Here is a fascinating piece from OZYMANDIAS that oozes with grist for the User Centric mill.  This seems to be about walled gardens with barbed wire.  Please don't take what I'm saying as being critical of Sony in order to puff some other company (like, er, my own).  I'm talking about the general problem of identity in the gaming world, and the miserable experience much of the current technology gives us.  I think I should be able to represent my gaming personas as Information Cards – just as I would represent other aspects of my identity – and use them across games (and one day, even platforms) – without linkage to my molecular identity. 

News on the web today is that Xfire is suing GameSpy for how their GameSpy Comrade “Buddy Sync” feature creates friends lists. To quote:

Now Battlefield 2142 is caught up in a legal tangle between rival in-game instant messaging programs Xfire and GameSpy Comrade. On October 16, Viacom-owned Xfire filed suit against News Corp subsidiary IGN Entertainment over its GameSpy Comrade program, which comes on the Battlefield 2142 disc. IGN Entertainment also owns, a GameSpot competitor.   

Xfire is claiming that GameSpy Comrade's “Buddy Sync” feature illegally infringes on its copyrights. Buddy Sync retrieves users’ friends lists from other instant messaging programs like AOL Instant Messenger and Xfire, and gives players the option of automatically inviting those friends who have GameSpy accounts to join the users’ friends lists on Comrade.

If you read a bit deeper you find that what's basically being challenged is GameSpy's use of information (friends lists) that has been publicly published by Xfire on their website. Xfire claims that GameSpy's reading of that data is to enable GameSpy to bolster their own friends lists:

In a filing in support of the restraining order, Xfire CEO Michael Cassidy specified how his company believes the Comrade program works. First, Cassidy said it reads the user's Xfire handle from the XfireUser.ini file, then visits a formulaic URL on the Xfire site to get a list of the user's friends (for instance, to find the friends list of Xfire user Aragorn, Comrade would go to The names on that friends list are then compared with a central IGN database of Comrade users’ Xfire handles, and if any matches turn up, the user is asked if they want to invite those people to their Comrade buddy lists.

I am not a lawyer, and can't definitively comment on whether information that's made public in this fashion can or cannot be harvested. My gut is that it's probably kosher – we have plenty of website scraping applications in the wild today that do just this, including best price searching sites. What does fascinate me is how this suit highlights how busted Sony's PS3 online network is, and how companies are fighting to position themselves to take advantage of this financially. Bet that seemed to come out of right field. Wink But here's where I'm coming from.

I wrote earlier about why Sony's enabling of Xfire for PS3 games wasn't as exciting as it might seem. Take a read, and then let's talk about just what the experience of being an online user on PS3 is likely to be like.

So I buy my PS3, bring it home, and go online. The first thing I'm going to be asked to do is create some sort of Sony Network ID. That “Sony ID” will apparently bring basic presence and communication features via the crossbar interface. So far so good. Now I decide to play Insomniac's Resistance, which recently stated the following:

Insomniac's Ted Price: “The buddy list is specific to Resistance. And we decided not to bother people in-game with messages. If you have a new message sent to you while you're in a game, you'll see your “buddy list” tab flashing when you re-enter the lobby after playing a game. The buddy list tab is where you can access your friends, ignore list, messages, etc.”  

1Up (to reader): “Does this mean there's a system-wide friend's list, but you have to compile game-specific friends lists for each online game you participate in? That doesn't make much sense, and hopefully today's event will clear up the situation.”

Yes Virginia, that's exactly what this means. Even though I already have a “Sony ID”, I may have to create a new “Resistance ID” to play. And then start thinking about just how broken the experience is when you try to invite someone to a game. Do you send it via the Resistance UI? What screenname do I send it to? If I want to add you to my “Sony ID” friends list, do I need to send you an in-game message to ask you what your real “Sony ID” name is? What about game invites? How does that work across even just these two IDs?

You think that's bad? Now let's open up a few more games from different publishers. Each of these publishers had to make a choice of what online interface to use – again, because Sony's online network just isn't ready. So they'll choose between writing their own (as did Insomniac for Resistance), or perhaps licensing Xfire, or GameSpy, or Quazal, or Demonware. So now we have five potential networks with different namespaces, and an inherent  lack of ability to communicate (chatting, voice, invites, finding friends, etc.) between them, and even across to just the “Sony ID” namespace. Think we're done? Nope… what happens if each publisher doesn't stick with the same online solution for all of their games? This is very likely as most publishers use different developers – so even across a single publisher, you may find fragmented communities.

The only consistent tie all of these different community fragments has is that a user should always have their Sony ID. That gives you a lifeline to be see friends when they are online… but only in the crossbar UI. Will you even be able to see what game they're playing? What about what network that game uses, and whether that friend is logged into it? How will you get messages in a timely manner? Remember Ted Price's quote above? “And we decided not to bother people in-game with messages. If you have a new message sent to you while you're in a game, you'll see your “buddy list” tab flashing when you re-enter the lobby after playing a game.” Doesn't sound like a user-centric design decision to me.

So… back to Xfire and GameSpy. I said earlier this suit is a direct result of how busted Sony's online network appears to be, and I just described some of the issues you'll likely be facing later this month. Yes, it's targeted at a PC title right now (Battlefield 2142), but that's just noise. What we're really seeing with this suit are online middleware companies trying to position themselves to become the eventual defacto solution that publishers will use. Just as with web search and instant messaging, these companies are trying to get momentum and user base that will cause them to be the “PS3 online” solution of choice. And this suit is simply one of many battles we'll see in this space, especially as PC and console crossplatform connectivity becomes more important in the coming years.

When my role as a player is really valued, I will be seen as owning my own buddy list.  Using zero knowledge technology, it will be possible for me to hook up with any of my buddies’ personas – across various games and without committing sins of privacy.