Marco Barulli writes
It’s now clear that exporting a reputation should mean exporting the whole set of “identity transactional data” and implementing some countermeasures (signatures and encryption) to prevent frauds. Then the receiving reputation manager will apply its own computation and derive the reputation.
I disagree. My concerns may not matter as much in the specific case of blog comment reputation systems. However, I believe that they are large concerns to reputation systems in general.
I think the term “identity transactional data” is confusing. Phil Windley correctly clarifies that data feed to a reputation system is transactional data, not identity data. Transactional data is a record of interaction between parties. I buy a book from amazon, that is a transaction. Transactional data contains attributes pertaining to the interaction it is a record of. Identities that participated in a transaction may be recorded as part of the transactional record, but that doesn’t make the transaction part of the identities. Transactions are just a record of behavior exhibited by an entity or identity.
Others have said that exporting reputations from one reputation systems to another is difficult or of little worth. It seems to me that Marco is saying that exporting all the transaction data used to compute a reputation for a particular identity is a necessary condition to share reputation with another system.
Sending all the collected transactional data to an external reputation system seems easy and enpowers the external reptuation system to make its own conclusions from the raw or primary data. Doing so however, violates not only the privacy of the identity for which a repuation is being calculated, but also the privacy of the other reporting entities that originally reported the transactiona data for the identity in question.
The issue in question here is one of authorization. Just because the reporting entities have authorized the reputation system to use the transactional data to compute reputation metrics doesn’t mean they authorize the reputation system to share this source transactional data in raw format with other reputational systems.
Reporting entities usually share their transactional data understanding that it will be aggregated with reports from other reporting entities and summerized sufficiently that the resulting reptuation score while informative will not devulge specific about an individual transaction.
Reputation systems should be transparent. They should allow an identity to review and audit transactional data which it is an active party to. Likewise reporting entities should be able to review and revise transactional data they report.
Reputation systems are only as good as the data feed to them. Reputation systems are appealing because of their ability to reduce report information into manageable sized measures and indicators. Reputation systems can export detailed and informative reputations to external or systems(relying parties) or other peer reputation systems using aggregate statistics without exposing raw transactional data and violating the privacy of the reporting entities or of the individual identites.
