StickMan Talking!

“Let’s build what the user wants!!” I have heard that hundreds of times in my career. “The user” - a hypothetical human using an Internet product or service. It is the stick-man in the UML diagrams. I have never seen an architecture diagram without him on it. We don’t know who this genderless emotionless person is but, we know for sure that if we don’t meet his requirements, our job is at stake!! In fact everything that we do as software engineers in the IT industry is to make his life easier! Well, great! I agree... it’s all about the users. Then I noticed something disappointingly ironic. These users are segregated and stored as a set of lifeless configuration settings!! They are not truly representing the so called humans behind it. They are labeled and grouped under the Internet services - Google users, Yahoo users, Facebook users etc. I am not picking on any of these great companies but, look at the fact. For Google, a person with a Google account is the “user” in their world. The same applies to all the other providers as well. Now, remember the poor stick-man? He is real, with all his abilities, opinions and most of all a global presence! But, where is he? Being one of the most important entities in the system, where does he reside in the Internet? Whom does he belong to? Who has control over him? What kind of control he has on himself? The more I think about it, an appropriate term for the user is “digital self”. I have seen  that term mentioned in a few articles but in a slightly different context.

        Today we depend on Internet products to define users and their capabilities. Suppose I want to send a one line message to my friend - say regarding a MacBook purchase. First, I must decide what channel I should use to send that message. Let’s say I picked email, for whatever reason. Now I must know my friend’s “preferred” email address - perhaps it happened to be Gmail. I happened to be a yahoo user. In order for me to send a simple one liner to this person, I need to depend on two separate services - Yahoo and Google. Ultimately, this person must use Google compatible tools to view the message. By the time my friend receives the message, both Yahoo and Google might have crawled my message, analyzed it and guessed my interest in Mac Books. Now I am a qualified target for MacBook ads!! Dude…. I just want to send a one line message okay!!? All good… I understand… no complaints.. But my point is that having such services in-between, undermines the true intention of the user. The proliferation of various messaging apps have made this even more complex. Say I decided to switch to Skype as my preferred messaging application. Now I have to promptly tell my social circle to send my messages to Skype instead of Yahoo. Why should I have such a social commitment? Or is it a technical limitation imposed by the service dependency? I am inclined towards the latter.

        Enough about the messaging. Let’s look at the identity and authentication. Within a decade or so, pretty much everything will be digital. What would be my true identity then? My Gmail id ? Facebook id ? Twitter ? SSN ? Today I don’t even know how many user accounts I have on various services. I am running out of ideas for creating new passwords! I am at the mercy of the Internet product companies to notify me if someone tries to steal my identity. I understand the gravity of the problem. But, can we at least reduce the number of accounts I have ? Instead of having a separate user account for each of these services, can I have just one account ? my own account? As humans, we accept the status quo and live with it - which often include the pain and suffering. Today we have accepted that we have to remember 10 different usernames and passwords. If my service provider goes out of business, my digital presence sinks along with it - fact of life!! .. or is there a way around this problem ?

What if the users are independent from Internet products and services? Assume users reside in a separate layer. This layer doesn’t belong to anyone, but available to everyone. Think about it as the DNS (Domain Name System) service. The whole purpose of this layer of to host users and make it available to other services. Authorities can host this layer. Think about it as your US passport plus Facebook profile plus all other personal preferences with RESTful APIs. Every user is an object (as in Object Oriented Programming) with well-defined interfaces to communicate with it (as in Service Oriented Architecture). When a child is born, a new entry will be added to this collection. The user object is not tied to any services or products. It just represents actual human user himself. The user can set up policies on it. In other words, it is the “digital self” of the actual user. Everything about the user is stored on that server and accessible through the programmable interfaces (APIs). If anyone wants to communicate with the user, they can call the APIs. All the incoming APIs will be policed by the user’s preferences.

    When user objects are detached and autonomous, amazing things happen! First of all, the user object becomes programmable. Unlike today where the user object is a set of life-less key-value pairs, user object can be programmed. You can create a dashboard that shows everything about a user in a single pane. You can write a cron job to make a recurring payment without ever saving/updating the credit card number on another service. Sending a message to a user will be as simple as making a REST call. The recipient can decide how the message will be received and displayed. For example,you can issue a one time password for a 3rd party service to access payment information via the user object. Most importantly, the user objects can be inherited. When a child is born, the child’s user objects can be derived from their parent’s user objects using standard OOP concepts. Yeah, finally the “child” and “parent” classes makes sense. Consider another example. Today signing up for a service is a pain. We have to provide the same information to each service. Note that these information seldom changes! We are used to this, but the fact is, this is a limitation of our system. There is no single place where the user’s information is kept. Once we detach the user, signing up becomes a secure handshake between the service provider and the host server. This is just the tip of the iceberg!

    Users are the most important entities in the Internet. Everything revolves around them, making their lives easier. While everything is moving to programmable models, why not the user itself ? Today users are tightly coupled with the Internet products. This model puts lots of constraints which we do not realize. To unleash the power of users, we have to separated them from the Internet products. One of the proposals I have is to host the user on a separate layer (just like a website hosting a service) and make it’s features available via APIs. Such a hosting service will be independent of any commercial internet products. The sole purpose of that service will be to securely host the users and act as a point of contact (programmatic) for other services who wish to reach out to the user. This is based on the simple observation that everything (or most) happens in the Internet is for (or by) real-world human users. If so, why should we tie them up with company or product names ? Let them be themselves!!