Posted 4 days, 19 hours ago at 11:00 pm. 0 comments
Build worlds, tell stories … that’s what I love about cinema and that is what Tim Burton delivers in his vision of Alice in Wonderland. This is a visual feast with director Tim Burton painting with light and colour and imagination tumbling from the screen through the rich art design and numerous small touches of detail. It works as both a genuine source of wonder and as an intriguing critical text rattling along at a rollicking pace full of incident and adventure whilst leaving me thinking about it long after I’d left the cinema.
This is also one of the first 3D films I’ve seen (and I haven’t seen the all conquering Avatar) that begins to use the depth provided by 3D to pull you into the screen not just extend outwards and uses the extra dimension to add to the narrative rather than merely decorate it. Perspective is put to powerful use to convey the sense of expectation that Alice feels crushing her at decisive moments. For this is a story of a girl coming to terms with the pain of grief and growing up within a society that doesn’t suit her.
The world can be complex, difficult and emotional something we explore through fairytales and deconstruct through allegory (except when we are criticising it directly: “Do you know what I fear most”/”The decline of the aristocracy?”). The turbulent world of childish emotions come together better in the surreal juxtapositions of Wonderland than the social critique does as one weakness of the film is this it is a rather simplistic and cartoonish treatment of Victorian society. It is hard to contrast fact and fantasy in the same way as Pan’s Labyrinth does for example, which uses it’s alternative world to throw reality into ever darker relief. This gives the latter film a far more darker and tragic edge, whereas here you get the impression all that is glossed over in favour of the fun stuff as Wonderland spills so far into Alice’s reality it is hard to tell the difference.
For me more Labyrinth and less Narnia would have given the film a bit more edge without spoiling the fun and it works best when it does so. So this is another slight criticism as Burton’s originality gets a bit threadbare in the middle section as he draws upon The Chronicles of Narnia, The Lord of the Rings and The Wizard of Oz to line up his plot pieces and you begin to start mapping Wonderland to these other imaginary worlds rather than be immersed in it. In one scene the White Queen throws ingredients into her potion pot, (some buttered fingers, two spoonfuls of wishful thinking) and you get the same impression the film is being put together in the same way for a while.
On the acting side this is a richly talented cast but many of the characters seem less filled in, sketched to provide colour and nudge the plot along, or act as canvases on which to project these themes and Mia Wasikowska does a good job to not let the eponymous lead become a total cipher. The exceptions are Burton’s close collaborators Johnny Depp who plays the Mad Hatter and Helena Bonham Carter who plays the Red Queen. The depth of their working relationship with Burton is clear as both have a great time with their characters pulling them in all sorts of directions from the outrageously funny to the touchingly poignant.
I never thought I’d criticise a film for being too feminist but Alice’s proto-independepence at the end is too complete to be swallowed. More successful is the narrower gaze Wonderland throws over just how awful a family can seem to a teenage girl by being ‘made to be’ by others whilst wrestling with her own raging feelings. The two sisters, the Red Queen and the White Queen both come across responses to this. Both are petulant children and the former chooses “fear over love” rather than face her insecurities about her ‘grotesque’ appearance, whilst the latter elects to abdicate all responsibility in the hope that the trippy vacuity of drugs and longing for a champion will abdicate her from responsibility. Neither is perfect and when they clash the film sides with one, but you can’t help feeling that the strong willed Alice who rejects the social determinism of her class is much more like the other.
All of these thoughts and themes swim in and out of focus giving this film a long and provocative aftertaste but mostly, whilst I was watching, I just thought how fantastic and entertaining it all was. This Alison was definitely filled with wonder.
Posted 3 months, 2 weeks ago at 12:07 pm. 0 comments
Looking at Privacy and Consent Management in the second parallel session. From an SPs perspective first Fiona Culloch from Edina.
“A Catastrophic Success at keeping personal information private”
Most IDPs only give a small set of very opaque attributes to SPs. The vision for federation was as a route for passing all sorts of attributes between different providers. Technically this is possible. In policy terms personal data has stayed on the old road. The IDPs never get asked; the SPs think it’s too hard so nothing happens!!
From a federation approach technical architects and legal tend to thing that too much will be given/demanded. There are few if any IDP/SP voices in the conversation. It’s hard to engage with them all – there are too many entities so the traditional answer is to go via representative forums.
SP forums could broker requirements. SPs know what attributes they want to know. These are vertifical forums so divorce applications from infrastructure and could cross national boundaries.
IDP forums could determine feasibility and implement. This had to be invented for Eduserv, who is kind of a meta-IDP. It would be useful to broaden that out.
Joint forums would allow bottom up progress and experiment, agree, pilot, deploy, scale rather than just sit around theorising (although as pointed out the downside of this is it mean work!!)
How to release data whilst staying DPA compliant?
Technical fix is user consent at run time.
- Adds complexity to user interface
- IDP must still create defauly Attribute Release Policy (ARP) and face quasi-legal questions
- SPs must handle revocation
DPA does allow release of data if necessary for the purpose it was collected for. Consent is not the only possible way or even the best way. If you are going to do this it’s a good idea to have a Data Processor Agreement between the
IDP and SP. Most IDPs and SPs have a legal relationship in any case – via licenses, so add some
DPA clauses to it. You have agreement and the
IDP is covered against misbehaviour by the SP.
Is there an opportunity to put
DPA terms into the
JISC model license??
Can
JISC Collections define recommended ARPs for each SP or banding of SPs? Only realistic if the
IDP forum existed.
In Computing Regulations we could add
DPA “Purposes” to serve as user notification of fair processing. In practice vague is good. [What about exceptions and exemptions though. How would we record if a user didn’t want to agree to any or all of the
DPA purposes in the regulations. This is the click through consent management problem magnified to the institutional level. If we are concerned about run time consent click through then should we not be concerned about policy click through?]
Seems there are a lot of IDPs in the room interested in participating in such a forum.
Now Robin Wilton Director of Future Identity Ltd and Director of Privacy and Public Policy at Liberty Alliance is going to provide further thoughts on privacy and consent.
Who is Evan Ratliff?? No googling….
Liberty Alliance conceptual model of identity and privacy – the ‘onion model’ (this makes me think of my housemate and Shrek – layers donkey!!)
- Basic Identitifer Set (BIS) at the core provides proof of uniqueness
- Next layer is other Personally Identifying Information (PII) e.g. Address
- The next ring is attributes. Example is blood type – a person only has one but it by no means uniquely identifies them.
Credentials encapsulate data from multiple layers. Credentials are not privacy neutral as they tend to reveal more than just the attribute required for a claim and they tend to make transactions ‘linkable’.
Privacy enhancing systems should (must) be better at attribute level disclosure or better still yes/no answers to attribute related questions – “the
Psychic ID“
“Privacy is about disclosure not secrecy”. A ‘segment’ of the onion may correspond to a particular segment or contextual use. Privacy concerns arise when attributes appear out of context. Privacy may be described as about contextual integrity.
- Privacy is not a state but a relationship
- These relationships are contractual
- It is highly asymmetric and involves conflicting interests and motivations
- It is highly contextual – and context changes.
- We have social relationships and networked relationships but these are not the same.
What are the implications for consent?
If we aren’t talking about the same things what are we talking about? We are only gradually developing a shared vocabulary for digital identity, trust and online privacy.
EnCoRe Project (LSE and HP) is looking at Ensuring Consent and Revocation.
- When we give consent do we understand what we are consenting to?
- What means to we have for enforcing consent?
- What means to we have for withdrawing it?
- How can we make our conditions of disclosure stick to to those attributes, particularly beyond first disclosure.
Evan Ratliff …
decided to see how long he could drop of the grid for … 27 days. He was hunted by online groups then subsequently protected by online groups. Interesting experiment from Wired.
Posted 3 months, 2 weeks ago at 6:32 pm. 0 comments
There’s beer (although had a female moment getting my beer open with the bottle opener) and very nice leather chairs in this rrom so worth staying on for some extra info and discussion in this session.
Eduserv get their moment to talk about the OpenAthens LA 2.0 launch.
Now Owen (Stephens – some of you might not know him!) is talking about WAYF? and other stupid questions. Just getting the whistle stop version of the Telstar presentation we saw last week at RHUL.
This is really about multiple affiliations: where are you from? Also where do you live? Where do you work? Even who do you know? Horrified gasps in the room at anecdotes about this sort of ‘peer to peer’ networking.
Yes see “What are your affiliations”?
This isn’t about owning data but knowing how to use it. We know most about our affiliations even though we may not know what those affiliations give us access to. The key for users is not where am I from but where do I need to be from today to get access to this resource that I want to use. The user needs to help answer the question of multiple affiliations, at the point of using a resource the user just wants access. Users don’t always know the best route to get access to resources that one of their affiliations might allow them to have access to.
Who should answer that question?? The person has to be involved?? But which organisation or service should ‘curate’ user affiliation lists. Authorisation needs to be more sophisticated. Once I’ve established I’m me – how does the service provider answer the question can any provide the user with this resource by one of the affiliations we know about that user. We have to tell someone – then who do we allow that someone to share with.
Is there an incentive for SPs at the moment on an institutional subscription model??
Thought provoking and debate provoking as per usual…
John Paschoud now talking about coincidentally multiple affiliations. One of the big usability issues in the FAM model. Do you want your life to be more segmented or more joined up? Brings the question back to is this a problem? Are users sophisticated enough and do they not mind using the credentials for the best affilation at point of use. Probably not most of them … so looking at potential solutions that balance the seamless access/privact conundrum. Shintau described as the most workable. This is about designating a primary IDP. This IDP can know about other IDPs or not even about each other if using a linking service, and can release an additional attribute about another IDP who can pass a token to get access to only the necessary attributes. I think it’s something along those lines… Google it! It sounds interesting anyway.
Now we are on Consent Management… Cambridge … a loose federation itself. May have data, not necessarily consent to release it. Terms and conditions prompt. Get an information rleease prompt when using each SP for the first time. Usually 3 attributes to external SPs. Starting to use Shib for internal resources so prepared to release many more attributes which makes the release screen horrific. I’m going to the full consent management parallel session tomorrow and it sounds like it will be important governance part of the FAM project.
Wishlist:
- Configurable T&C splash screen
- Let users choose the privacy they want
- Don’t ask in advance, remember choices
- Let users change their mind
- Configurable defaults
- Tell the user what will be released not what could be released
- Distinguish what we must be released from what could be released
- Identitfy everything from the user’s POV
- Some attributes are more equal than others
- Seamless IdP plugin or part of IdP
- Easily skinnable
Waiting for Eduserv to pipe up that OpenAthens
LA 2.0 does all this
Instead Andy Powell asks some further questions:
It would be nice if T&C terms were more user friendly.
Would be nice if SPs provided information on how they use attributes
[Looks like a conference full of IT/Library geeks has finally crashed the free wireless – everyone whips out their iPhones instead]
Perception of SPs is they can’t get anything out of Federation IDPs anyway because of data protection. Are IDPs willing to engage with SPs and get these issues hammered out.
Now some information on federated access in Japan.
UPKI-Federation is service of National Institute of Informatics in Jpan. Has 4 IDPs and 10 SPs.
