White Paper


   Reptile (SCDS)
   User Content License




Secure, Privacy-enhanced Reputation Facility

Reputations are the cornerstone to any virtual community. OpenPrivacy enables reputations to be used to enhance searching as well as to filter out unwanted information, all while maintaining complete user privacy. In addition, the reputation substrate supports the user to:
  • accumulate valuable reputation capital for shared profile information, ideas and publications without needing to divulge identity
  • annotate any object with machine-readable opinions (grafts), thus creating a general purpose and secure reputation facility
  • enable opt-in profile/reputation owner contact by third parties

Open Source with Open APIs

OpenPrivacy is an Open Source platform with published XML data formats and APIs. The Open Source aspect of the OpenPrivacy platform ensures that the entire system is available for public inspection and auditing. While this activity is beyond the scope of most of the expected user populace, we are certain that privacy watchdog groups will help us by certifying that there are no "back doors" that permit misuse of your private information. The OpenPrivacy platform provides mechanisms to:
  • monitor and verify proper use of personal information
  • post unauthenticated (hearsay) profile information anonymously
  • authenticate (through opt-in verification) profile segments
  • most importantly, enable complete user control over her profile, including providing the ability for the user to be able to disassociate herself from any particular segment of profile information at any time

User Security

  • User posts profile data through pseudonymous mechanism
  • All profile data that resides on the OpenPrivacy system is disassociated from the user's true identity prior to submission. This is the primary mechanism through which a user can be assured that their privacy is safe throughout the system.
  • Protection from triangulation
  • Each reputation, opinion or profile fragment can be entered into the OpenPrivacy system using a unique nym. These nyms are maintained automatically by the client agent and provide anonymity while enabling later validated claims of ownership.
  • User contact by third-party entities is always opt-in
  • The user is in complete control over when and what agents can and cannot contact her. If at any time an agent is behaving in a fashion disagreeable to the user, she can take steps to modify that behavior. If the offensive behavior continues, she can cleanly disconnect from the agent leaving it with anonymous demographic data of little value because it cannot be validated.
  • User owns her own data and is in complete control
  • The user maintains at all times complete control over her data, or more specifically, her connection to the data. If she wishes to disassociate from data or some agent who has access to her data, she may do so with absolute completeness. In addition, if she ever chooses to change agents or decommission a nym, she can load up a new agent with as much or as little of her profile data as she chooses, potentially with no loss of profile knowledge or functionality.
  • User profile data traded between agents (and servers) is protected
  • Agents can trade pseudonymous demographic information, but will usually find it to their mutual advantage (data compactness, speed) to trade entirely anonymous aggregate demographic data.

Safety and Trust

  • Transparency - the user should at all times be able to see how, where, when and by whom their profile information is being used. While this transparency does not apply to data one does not own, an important side benefit is that the system is publicly auditable.
  • Strong cryptography will be utilized throughout the system for purposes of
    • authentication of active entities as well as data
    • privacy and security - encryption only allows authorized entities access to your profile
    • traceable - when an offer is received, the user can determine exactly how and why
    • non-repudiation - agents may be held accountable for their actions
    • reputation accrual - profile data, agents and even reputations may accrue context and time-sensitive reputation data
  • No lawyers - since the contracts and privacy are guaranteed cryptographically, the need for lawyers to enforce contracts is diminished to near zero
  • Open - since all the workings are open source and the design is available for public review, the trustworthiness quotient of the OpenPrivacy platform will be high

Fully Distributed

OpenPrivacy will create a networked peer-to-peer platform enabling Open Privacy Providers. This platform will provide:
  • storage, unique naming, indexing and retrieval mechanisms for profiles. (Note that this is a business opportunity in itself!)
  • privacy - a user's identity cannot be determined from their profile information
  • security - a user can determine how their profile is to be used, explicitly permitting some uses and denying others

Supporting Infrastructure

OpenPrivacy is a distributed peer-to-peer network. As all communications are anonymized and may be encrypted, it is highly censorship resistant, though this can be enhanced further by using techniques currently being implemented by these and other projects:
  • Freenet
  • Free Haven
  • Mojo Nation
  • Freedom (ZeroKnowledge)

Attack Resistant

  • Denial of Service (DOS): left to the supporting infrastructure
  • spoofing: impossible unless secret key is compromised
  • replay: identical (duplicate) data is GC'd
  • flooding: similar claims can be coalesced
  • /shills/slander/false claims:
    • making unsubstantiated comments can damage the issuer's reputation
    • anonymous (made with little or no backing reputation) shills/floods are likely to be ignored

Standards based

OpenPrivacy defines a few basic interfaces and leave implementation up to the developers of the various services. However, our reference implementation - and recommendation - is built on Internet standards, including:
  • XML - all communications and objects are represented in XML
  • XMLDsig - the XML Digital Signature standard is used as the base of the Profile/Reputation OBject (PROB)
  • SOAP - the Simple Object Access Protocol is used for inter-agent communications
  • HTTP and SMTP over TCP/IP - all communications are designed to work over existing standard protocols

  OpenPrivacy satisfies one of the requirements for Broadcatch systems
   and supports the Principles of the Identity Commons

Historical note: OpenPrivacy closed its virtual doors in May of 2002.
I wish this
site were
Drupal Strategy and Consulting