The Crying (about digital identity) Game

Image of hand against scannerOh, digital identity aggregation sites – is there anything you can’t do?

Apparently not, from my point of view. Last week, a relative e-mailed me a website intended to aggregate, and share, publicly available digital information for individuals. The database was searchable by first and last name. When I entered a search for myself, I inadvertently solved a longtime personal mystery.

I’m a man, baby.

At least, I showed up on the site as both female and male.  This realization actually isn’t surprising. I have a traditionally male first name. Moreover, this finding resolves a source of occasional irritation: I get a lot of junk mail addressed to me as “Mr.”

I tried checking the about page on the aggregator website to figure out the digital sources so I could pinpoint the source of a record for my name – not a common one, I might add – listing me as male. Unfortunately, the details about sources are vague – “people-related public records,” it reads. And some mention of an ominously-named “deepnet,” which I picture as a sort of digital Mariana Trench. (In reality, the deep web suggests content not in HTML format, or behind login scripts, for example, and it constitutes a wealth of information many times larger than the surface ‘Net, or what a user can typically browse or search.)

All of this made me wonder: where did my digital identity go wrong?

A person’s “digital identity” – the accumulation of records tied to one’s personal, financial, or professional life – can be a difficult thing to manage.  At best, one only has control over portions of it. Traditionally, theories about digital identity (or personas) include proprietary and public spheres.

The accounts I have opened online are in effect proprietary, meaning I have established an account or acted voluntarily. With sites such as social media, I can add content myself, or let friends add content. Most crucially, I have entered into some sort of agreement with the online company. In trying to stay on top of the privacy setting changes in social media, I ostensibly have some measure of control in shielding my content from public searches.

Importantly, however, proprietary digital identity also includes data about me in other “closed” systems, such as Social Security or medical records. Documents maintained in closed systems – a municipality for property ownership records, or information related to political donations – may be found with online searches at specific sites, but can be excluded from search engine results. Which leads to a somewhat gray area: this is related to the “deepnet,” mentioned above, where the proprietary and public spheres converge.

public persona can include data from proprietary sources such as Facebook or MySpace – which is where all the really juicy stuff resides, according to a former tabloid reporter – if a user does not override default settings. Other public identities include any information item findable with a search engine, such as this blog, for example. Individuals who are savvy with search engine optimization (SEO) techniques can have some influence over the page rank of search results (for instance, if I were to strategically link my academic portfolio at several well-traveled sites to drive that result up the page to the top result for my name). The conservative rule of thumb, though, is that there is no truly private sphere for any content posted on the Internet.

Digital identity issues will continue to evolve as a greater number of transactions, and particularly government services, move online. All I know, related to my discovery, is that I have certainly never posed as a man online or otherwise. That leads me to believe my public persona contains bad data, although this fact has not caused me any real problems to date. I realize it could be worse; no acute damage has been done to me financially or legally. For now, finding out I’m a digital man is sort of funny.

Sort of.

Image used per Creative Commons 2.0 Attribution License. Photograph by DaveBleasdale.

Standing out in the job market

Information management is a relatively new field. What is it like to get a job with a degree in Info Management? First we gave tips about learning new software for a job, and now we’re helping you think about networking.

Picture of Ted Williams seat at Fenway park My first rejection letter came via email. Over three months of job searching, I placed 50 applications, received about 13 rejection letters, and didn’t get any interviews. The lesson I learned: even if your resume is professionally made, when you apply online, you’re only one more resume in a company’s growing pile of resumes. You are not a person to the recruiter or the hiring manager.

I played what I called “the numbers game” online. With the numbers game, I was applying to seven or eight jobs a day, on my more motivated days. I pored over job listing sites and searched company websites, seeking direct-hire positions. What I thought I knew: if I played the numbers game, I would eventually get an interview somewhere.

Two months ago – almost serendipitously – I landed a position as a Data Analyst with an international non-profit organization. Getting hired couldn’t have come at a better time; in December, I have to start paying back student loans. The numbers game may have panned out eventually, but getting hired, as it turned out, resulted from talking to someone in person.

What I know now: as useful and necessary as online applications are, nothing compares to meeting someone face-to-face. A hiring manger needs to know you’ll be a great fit for the team and the company. And really, as a job candidate, you need to know if the company and position is a great fit for you. This is why recruiters and hiring managers prefer to meet you in person instead of skimming your online resume. And why you should, too.

This recent lesson is in contrast to my behavior in graduate school; the entire two years I spent at the University of Washington, I had been advised over and over to get out and network. My professors and program alumni all said the same thing: networking will get you further than online or paper application will.

So why didn’t I follow their advice when I was there? Frankly, it’s because I often found myself wondering: What does it mean to network? It took some trial and error, but I figured out what worked for me, and here are some things you can do to get on the fast track to finding a job:

Attend conferences, school events, and other networking gatherings. These are great places to meet new people and let you do what’s really important: talk about you (and even just practice talking about you). Just be yourself and talk about what excites you the most. The people you meet and the relationships you build will lead to a job offer, I promise you.

Build a portfolio! Start during your first quarter/semester of school and save all of your projects. Papers you write, pictures you take, and videos you produce: save them all! Go online and create a portfolio of all of these things. Make sure you add the link to your resume. Don’t have any website building experience? That’s OK. There are plenty of free services online that will host and create your website for you.

Talk to friends, family, and neighbors about your job search. You never know where an opportunity will arise; it could come from the least likely of places and you’ll miss out if you don’t speak up.

Leverage social networking. Get on Facebook and Twitter (if you’re not already) or, if you host your own blog – whatever it is – let the world know you’re looking for work. In fact, once you’ve created your portfolio, share the link with everyone. Remember: showing is always better than telling.

Finally, in general, think of networking as an opportunity for you to get creative and market yourself when you are job seeking. Networking enables you to really dive in, exploit your strengths, and articulate what separates you from the rest. Most importantly: sitting at a computer limits your ability to use these skills, to let an employer see the real you and “wow” a hiring manager with your talents.

I’d like to thank fellow contributing author, Jordan Eschler, for co-authoring this piece. Photo by joyosity. Used in accordance with a Creative Commons 2.0 license.

Wikileaks and weak links

Photo of an unlocked gate padlockThis post is about Wikileaks, without being about Wikileaks. We know the most recent Wikileaks release was an overwhelmingly large set of data, generated by a fairly low-ranking intelligence analyst, and contains potentially sensitive information. The aspects of the Wikileaks scandal that fascinate me, however, are the human and organizational factors affecting data security.

Why did Bradley Manning do it? He must have known he would be subject to a long prison sentence (at best), and made no efforts to hide his actions. Assuming he was acting rationally, the benefits he imagined from doing so outweighed the prospect of certain punishment. Manning must have evaluated the volume and nature of the data at his disposal – data owned by his organization, effectively the U.S. government – and chose to place his individual motivations above those of the organization to which he belonged.

His own Wikipedia page and various media reports describe Manning’s “disillusionment,” and some opinion pieces paint him as “disgruntled.”

Disgruntled at the age of 23?

This fact points to the causes of the leak: it’s a people problem, more than an information problem. This includes security clearances, i.e., how many eyes need to see the information, but the solution is not about security clearances. Safeguarding organizational data such as that shared in the Wikileaks event is ultimately a management issue, for the following reasons:

A change in employee behavior is a crucial signal to management. It would surprise me if Manning’s behavior changed overnight from unassuming analyst to data thief. A good manager should look for changes in employee behavior that signal a shift in attitude. Furthermore, a manager should ensure he has enough information to act on if restricting or revisiting information flows becomes necessary, particularly in the event that an employee’s risk profile changes.

Digital natives exhibit different workplace values than their older counterparts. At 23, Manning is a digital native. Individuals under the age of 30 have grown up with technology in a world where a sense of possession is poorly defined in digital terms. Digital natives have a different notion of right and wrong in sharing information than previous generations of workers, even when information is proprietary to their organizations. Generation Y is also less loyal to organizations, and expects authority figures to earn their respect, rather than commanding it automatically. (I realize the Army is a very special kind of organization; however, the military cannot claim to be modernizing for warfare in the Information Age and expect to preserve outdated management philosophies, particularly when recruiting overwhelmingly from the digital natives demographic.)

Technology itself distracts from the human issues. Security specialists discuss access protocols and authentication procedures, but focusing on such issues is like staring at the end of someone’s finger when she points to a mountain in the distance. Internal data leaks are a real threat, but they are also perpetrated by people. The Information Age is changing the relationship between people and organizations. Adding to the urgency of the problem, today’s technological capabilities allow people to share and act on information as quickly as they think to do so. When “think it – do it” is the norm, it is important for an organization’s management to communicate expectations about information use and dissemination and to assess and monitor, in an honest way, the risks associated with information flows.

The landscape of information behavior is undergoing a major shift, and technology is merely an enabler of behavior. An individual’s ability to act impulsively, and with powerful tools that can execute enormously impactful actions digitally, should prompt organizations to manage closely the human aspects of internal security threats. It takes one weak link in an organization – unmonitored, disillusioned – to commit a destructive act with sensitive data. Although individuals should be empowered to make ethical, informed decisions when acting on behalf of their organizations, management culture must continue to adapt to the new Information Age, and its digital natives.

Photo by -Tripp-. Used in accordance with a Creative Commons 2.0 license.

What I Learned at Info Camp

Word cloud of session descriptions for InfoCamp: Information, Design, Research, User, IA, etc...Last weekend, I attended InfoCamp, a community-organized “unconference” for people excited about information and how we manage and consume it.  This was its 4th year in Seattle, and I must say, it blew me away.

At first, I was pretty skeptical of the whole “unconference” idea.  There weren’t any predefined topics or sessions other than the keynote and plenary speakers and all the breakout sessions were run by conference participants.  I thought this meant the breakout sessions would be poorly prepared, and thus I wouldn’t like them.  As it turned out, there was a pretty good mix of highly polished presentations and more spontaneous ones.  The polished ones were good, and the spontaneous ones seemed to morph into enjoyable and informative Q&A sessions.

Overall InfoCamp gets an A in my book and I’m certainly going back next year.  And who knows, maybe I’ll even volunteer to run a session myself.  Without further ado, here’s a quick synopsis of the sessions I attended.

Content Management Strategy – More than just words

Vanessa Casavant gave a interesting & entertaining talk about how content management strategy fits into an organization.  The answer seemed to be right in the middle.  She explained that the role of a content strategist is to ensure that information & features being published by an organization have a clear alignment with the organization’s mission, and that they aren’t sending mixed signals about the organization to the end consumer of that information.

My key take aways were that content on the site needs to be in alignment with an organization’s strategy and that messaging should be consistent across the board, rather than a haphazard spray of content all over the organization’s website.

DAM Systems for Creative Agencies

Tracy Guza gave an overview of how creative agencies (mostly advertising firms) can employ Digital Asset Management (DAM) systems to manage their pictures.  This included file storage, searchability, meta data, and the whole nine yards.

I was particularly interested in this session because I work for a large stock photography company, and I wanted to learn more about how creative agencies use and manage the images they buy from us.  It was enlightening to learn some of the challenges facing a firm that manages 50,000 images, which are very different than the challenges my company faces in managing 14 million images.

Economics of Online Advertising

Jeff Huang led a discussion on how the economics of search advertising work.  This included the auction and fraud prevention.   Much of this was old hash to me, but it was interesting to get questions answered by an expert who has worked at all three of the big search engine companies.

Priority Inbox

Ario Jafarzadeh, one of Google’s designers on Gmail gave a talk about the design process behind Priority Inbox and all the iterations they went through to get to the current design.  It was pretty interesting to hear him describe all the decisions they made from what type of icons to use to whether they should use a video or a written document to explain it to users (turns out, they decided to make one of each).

This session was like manna falling from the sky.  I wrote a post about two weeks ago describing how much I liked priority inbox and speculating as to why it had taken so long for someone to do this.  I got my question answered, or least got his answer to it.  He explained that email is so personal that email providers have to get this sort of thing exactly right or else they’re going to upset their users pretty badly.  Apparently the machine learning (AI) behind this was so complicated that it took Google until now to build it. While I’m sure that’s true, I still think part of the answer is that nobody thought of doing that for email, or at least that nobody was willing to invest the time and money to make it happen until now.

If you’re interested in the keynote and plenary speaches, which were both good, you can find out more here.