I’ve been meaning to write about this for a while, following some sessions with various teams working on how government can make better use of technology to deliver their services to citizens. However, the same principle comes up pretty rapidly in similar conversations in a lot of different industries as we try to come to terms with our new ‘open’ online society. Mention doing things online - or moving elements of your business online - and within minutes comes the concern around security. It’s hardly surprising, given that one of the key duties of an enterprise - which it passes on to its CIO and IT department - is to keep certain data secure. The twist is that the media is full of stories about how individuals have been caught out in one way or another online. So ‘security’ is clearly a must and we need to work accordingly. Consequently, ‘bang’ goes a load of ‘open’ principles. Worse still, it may well spell the end of the initiative to take something online, which would make life easier for citizens, or customers. But I think we are making a mistake by confusing everything as needing IT style ‘security’. After all, we are in the midst of a generational shift towards technology built around people, not computers. Do we want to make people ‘secure’, or is it their personal computational devices that we need to secure? If we shift the topic to people, and their behaviour, a more appropriate term is ‘privacy’. However, if you are reading this post then it’s probable that your interest is actually in producing ‘solutions’ that allow people to achieve what they want or need. I believe the diagram below shows we have three very different requirements that together make up the end-to-end online interaction. The key is defining the requirements of each as an essential part of the overall solution and embed them within each the necessary elements to provide ‘Jericho’ style protection. The secure enterprise seems pretty obvious and in one sense it is, but increasingly surely we will see REST-based solutions - where the data file is not exposed and only representation is provided. This not only has the obvious affect on security, it also brings some answers to how to combine the ‘data’ in different systems owned by different departments to allow a mash-up style re-use that suits the citizen or customer, by providing an interaction built around their wishes. This is something that Microsoft Azure looks to be able to perform in a very interesting way. The definition of enterprise or government relationships with a ‘market’ are relatively simple to define in terms of the interactions that have to be supported. The definition of a market is more complex, as by definition, a market contains enough buyers and sellers to offer choice to all and from that choice, enable optimisation of the individual possibilities. The key elements of a ‘trade’ are again definable, but that’s not the real challenge. Instead the challenge is how to make a market a trustworthy place, where both the buyers and sellers feel safe conducting business. To make the market work requires more than ‘trust’ - another word that I encounter frequently - instead, it requires ‘transparency’. Transparency enables buyers and sellers to engage fairly and honestly in the eyes of all parties and build reputations so new customers and partners can feel safe. The reference must be impartial and contextually relevant for it to be meaningful and that’s where design comes in. The ability to design the environment of the market in such a way that the trades, or services, that have occurred automatically, build a picture of the successful operation of the overall market - as well as the satisfaction of the individual interactions. The aim is to build the ‘reputation’ of the market overall, not just those of the sellers and buyers. eBay has had enough cases on its buyer/seller comments to suggest that an individual’s posted opinion is not necessary always carried out for the right reasons. Amazon in its books business adds an extra marking process that allows prospective buyers to indicate whether the reviews (opinions) were helpful (accurate) to them in making their decision. Overall, this does much to reassure the buyers (and the sellers in the form of the authors) that the market is ‘fair’. This is closer to ‘a wisdom of the crowds’ approach with less chance for individual bias. Though conversely, it should be noted that WiKipedia has been struggling to maintain objectivity in its edits recently. This throws up the last point: privacy. In fact, I will restate this as ‘the role of the private individual’. Going back to the eBay and WiKipedia issues, it is possible to make a correlation between loss of objectivity and the entry of ‘commercial’ interest in the market. Most want their privacy respected - a point often made in respect of dealing with government - where the fear of the consolidation of data on a citizen is at least equal to the benefit of improved services. But is this true? Not in Denmark or in Norway where at least some part of the government data is in fact transparent, i.e., everyone knows the fact so knowledge by a small group ceases to provide them with power over the individual in question. That’s an important point, transparency has a lot to do with the removal of unfair advantage and the decision as to what is unfair is a personal one. Or is it? It increasingly seems that a new ‘online’ generation has a different perception of what they will and won’t make public on a social site and what comments they will openly allow to be attributed to them. Sometimes this backfires as the law or expectations of the older generations including employers, take exception to this change. Nevertheless, it is happening. So if we want to do business with the online generation we have two options, notice and build in the opportunity to use their willingness to be more open and frank to increase transparency of the environments we are trying to design, which leads to more and better interactions. Or continue to think in terms of transactions and securing the computers and data. This is highly subjective, since it involves people, so I look forward to some interesting views being posted - and I hope this will aid our coming to grips with this trend. Oh and by the way - if this topic really interests you, then I recommend ‘Groundswell’ a book by two Forrester analysts based on good research over the last few years.