One of the core concepts at the heart of XDI and Personal Clouds is the “link contract”, but what is a link contract and why should we care?
Link contracts make what is being shared and the conditions and limits on that sharing explicit in the data exchange protocol. For example a link contract may stipulate that it provides access to my email address and phone number but you must not share those with anyone else for any reason nor should you call me after 10:00pm. This is a great first step, expectations are explicit, but so what? What happens if someone breaks one of these contracts?
According to the Merriam Webster dictionary a contract is:
“a binding agreement between two or more persons or parties”
it goes on to qualify that with:
“; especially : one legally enforceable”
We’ll come back to that in a moment.
Nolo’s Legal Dictionary defines it like this:
“A legally binding agreement involving two or more people or businesses (called parties) that sets forth what the parties will or will not do.”
Both of these definitions assume that the system of accountability that underpins the contract is the legal system. In many cases this is right and appropriate but in some cases, it is insufficient. The reason that the legal system is sometimes, often, insufficient is that “it just isn’t worth it”. Taking someone to court because they called me at 10:30 simply does not survive cost benefit analysis. So what is one to do?
The status quo is death by a thousand cuts. There are constant small injuries accrued from the many (telemarketers) to the few (me) “Didn’t I put myself on the do-not-call-list?”, or from the few (spammers) to the many (all of the recipients). But for the injured parties there is no recourse. Yes, there is the occasional class action suit or settlement where “Big Co” pays out millions of dollars for some wrongdoing and as part of the class I get my $3.75 but this does not really value the damage done to me or create any systemic improvement. So what alternative is there?
I posit that a powerful alternative, if used judiciously, is a system of reputation.
Reputation has been a powerful force for controlling human behavior since before we learned to blush. As individuals we may or may not care what others think of us, but if having a bad reputation limits our options or opportunities then it becomes meaningful.
If people will not accept my messages because I have a reputation as a spammer then my bad behavior is curtailed. My ‘punishment’ is that I can no longer make new connections (route messages to people that haven’t already approved me) because of my reputation. I am now incentivised to make sure I don’t trigger ‘spammer’ reactions in people I reach out to. The onus is on me to behave well.
This system of reputation as applied to messaging and invitations is not new. Many of you are probably thinking that we all saw this in messaging systems years ago, I know. That’s why it’s a good example and, it’s known to work.
The problem is that reputation systems are notoriously vulnerable to ‘gaming’: What happens if I decide I want to ‘shut you down’ and get a bunch of my friends to say you are a spammer? There needs to be strong controls in a reputation system. In those old messaging systems you could only indicate that a person was a spammer if they sent you a message and you hadn’t accepted a message from them before. It was great, a single function system with a single piece of reputational collateral and a simple control.
So how do we make reputation a useful system of accountability in a rich and complex system of social, commercial, political transactions? The answer, of course, is link contracts.
Link contracts, as we said earlier, are explicit and transactional. Like a legal contract that has an arbitration clause, recourse can be explicit in the link contract. We create an interplay of expected behavior and actual behavior:
I will only accept contact requests from people who:
- do not have more that 10 spammer flags
- include in their contact request an irrevocable permission for me to flag them as a spammer should I see fit.
People issuing contact requests who are not spammers may occasionally trigger a spam flag but there is room for that. You aren’t out till your 10th strike. If you aren’t willing to ‘risk’ being marked as spam I will not let you use my contact channel.
The rich semantics of the link contract let this easily extend to richer and more nuanced use cases, for example a business to consumer case:
I would like you to register your purchase of my product; give me your product serial number and contact information so I can inform you of changes in the future. In exchange for this I give you irrevocable right to effect my product’s reputation in regards to:
- Robustness (good, average, bad)
- Ease of use (good, average, bad)
- Speed of operation (good, average, bad)
- The Company respects my privacy (good, average, bad)
It’s a win win. The products reputation can only be affected by people who prove that they purchased the product. The individual has an incentive to share their information with and have visible recourse if that trust is abused.
The link contract ends up with a powerful system of accountability and the reputation system has strong rich controls that let you explicitly manage the exposure of reputational collateral.
