Corvus Consulting

A growing theme in new web 2.0 services is what I’ll loosely call location streaming, or the ability to transmit changes in your physical location to various networks on the web. Smart-phones of all kinds now have access to infrastructures (both on wifi or cellular networks) that can place their location reliably and quite precisely. This capability has arrived scary-fast, after a long period of hearing that “someday” it would be real. The future always seems to arrive while you’re out having a coffee.

It’s a kind of technology that people often respond to with a gut-level reaction, much along the lines of Adam’s twitter post:

That mix of interest and wariness is likely familiar. Location services are knitting these newly location-aware devices into web services, and through their APIs we’re starting to communicate perhaps the ultimate piece of existential metadata: where we are in the physical world.

There are a lot of things that we argue about as we build out the web, but this is one that truly merits the concern it raises in all kinds of customers: consumer, corporate, hybrid, juvenile. Locations is a piece of information that’s every bit as important as credit card numbers, and in many cases more so.

Overnight Geo-Lock

How does it feel when an online experience becomes location-aware? The taste I got today wasn’t good. It happened through a regular browser rather than a mobile web experience, and is much more blunt than the precise location tracking that mobile devices can produce, but it’s a good basic example of what’s at stake.

emusic.com made a surprise change today, or at least it surprised me. It’s possible it was pre-announced and I missed it in the monthly newsletters and on the site. What happened? As a Canadian in Canada, I was moved into the new emusic Canada which features different content, though with a lot of overlap of course, and a bump in price.

My identity on emusic previously accessed the same catalog as everyone else, regardless of place. That changed without warning, and suddenly where I call home meant more than part of my billing address and some market research: it meant a different catalog and a 20% price jump. emusic threw in 10 free songs, but it didn’t feel great to suddenly contract to national boundaries without warning.

iTunes has country-specific stores as well, but a smoother experience since the store limitations are articulated during registration. I’m sure this is where emusic will end up as well, but for existing customers the change to location-awareness salted the whole experience.

Try It On the Go

Thinking again of mobile devices, how many places do you go without your cellphone? How much of the data in your phone is really important to your social life? Considering those two questions, you’ll see quite quickly how closely bound to your identity your cellphone is. The idea of a cellphone as a physical anchor to digital identity is explored by Tony Haile on the Own Your Identity blog, and it’s well worth a read. Adding location to those concepts fits the higher end consumer devices like the iPhone, Blackberry and other smart phones.

Where I can go in the physical world has a lot to do with my identity. Conversely, where I’m observed to go changes the way people see me. If you see someone going into the pub and someone else going into the library every day, you’ll likely make different inferences about aspects of their identity. Combine the fluidity and speed of the web with the regulation of access to places and the ability to be recognized as being in a specific place by others remotely, and it makes the social gaffs of over-sharing party photos look like pretty tame.

Along with the contact list, physical location is being graphed onto our digital identities, updated and publicized as much as we allow, but always being paired up in the background at the device level. If we don’t trust the software that manages location exposure, it will make being outside and being online more trouble than its worth. The stakes are high: trust, safety, status; it’s crucial that we get this right.

Three Easy Wins Plus One Not-So-Easy

You must wonder by this point if this is my tipping point into a gloomy future of self-powered surveillance. Nope. I don’t have a map around all the pitfalls, but there are some points we can address to ensure that location-aware applications start out best foot forward.

The easy wins:

• Be private by default
• Use secure communication when transmitting location data, like SSL
• Provide an ambient indicator reflecting the status of sharing for the current location. If I can always know that I have wifi and what network I’m on, I can know if my location is being disclosed to any degree.

The not so easy is to enable locations to be associated with facets of one’s life, and for applications to manage location exposure on that basis. Facets are an idea that came into an earlier post on portable identities, and have potential as bridges between social software design and the everyday concepts that people use to organize their lives.

I don’t fault emerging services like BrightKite and Fire Eagle for how close they are or aren’t to my short list of starting points. I know they take privacy seriously, and I’m interested in seeing how location and identity evolves in these services.

In fact, something really cool that’s in Fire Eagle right now is the reminder about location sharing settings. This is great, with the potential to change an oh my god no! scenario to an oops let’s fix that moment.

I’ll be using blog posts to note design patterns I come across for making location awareness more than just another feature, but as one treated as seriously as monetary transactions. If I build up enough, I’ll start a wiki or find a home for the collection. Comments, please.