Social Protocols: Enabling Sophisticated Commerce on the Web

Audience: Students of MIT's 4.195: Designing Electronic Commerce and Online Government

Goal: Present ideas about social protocols while reviewing W3C Activities. XML, RDF, and P3P.


5 Key Points

  1. web interactions can be as sophisticated as those found in the  real world
  2. but the web requires mechanisms of trusted abstraction, assurance, redirection, and visual cues
  3. the key components of this are meta-data, negotiation, and signatures.
  4. social cues are meta-data! <exclaim>
  5. meta-data is RDF, based on XML, they need to know these hot tech.

Abstract:  Social Protocols: Meta-data and Negotiation in Digital Commerce
On the foundations of basic network, meta-data, and negotiation protocols, a "new" set of protocols, "social protocols," are being built. They are in fact applications of meta-data and negotiation in order to mimic the social capabilities people have in the real world: capabilities to create rich content, make verifiable assertions, create agreements, and to develop and manage trust relationships. Furthermore, governments realize that a significant portion of their constituencies and markets are moving on-line. Consequently, as the sophistication of one's interactions on the Web increase through the development of social protocols, so does the regulators' interest in extending their "real world" mandates on commerce and culture to the Web. Mr. Reagle will detail the development of "social protocols" and their ability to create and maintain spontaneous, emergent, social structures versus their ability to propagate "real world" norms on the Web.


Name of the course is "designing electronic commerce and online government"

  1. Introduction, what is a social protocol
    1. Methods of exchanging social cues, and negotiation: Anecdote about interacting with others (talking to Richard at CFP)
    2. Real world examples
    3. Definition
    4. <smile> (emoticons) XML markup that is a social cues, so is CSS (visual cues)
  2. Generations of Protocols
  3. Meta-Data and Negotiation
  4. Example of a Social Protocol, P3P
  5. Intent of Use, v. Government Use
    1. where have governments been trying to regulate?
    2. Given the ability of users to configure, negotiate and be informed, Governments will of course try to control and regulate both of those things
    3. the reason PICS was controversial is because it enables "social decision making" that can be co-opted by governments. (list examples: linking DSig to crypto)


  1. Social Protocols Introduction
  2. 3 Generations of Protocols
  3. Metadata
  4. Negotiation and DSig
  5. P3P and PICS as Social Protocols
  6. Social Protocols and Policy


Social Protocols

Real World Examples

In today's world we use a number of "tools" to create and maintain relationships:

Three Generations of Protocols

Web protocols can be broadly classified into three "layers":

  1. architectural protocols: HTML and HTTP
  2. meta-data, negotiation, and signature protocols: annotations, PICS (as spec'd), XML/CSS/RDF and JEPI/PEP
  3. social protocols: PICS (as applied), P3P

2nd Generation: Meta-Data Protocols

Meta-data: "data about data" (Web resources).

All of these systems provide some "data about data."

(Any data that has a referent is meta-data. The definition of meta-data and semantics are dependent on the application and respective position of other layers.)

Platform for Internet Content Selection (PICS)


XML is document structure/syntax

<Author>John Smith</Author>


RDF is meta-data about Web resources (anything referable by a URI)

<RDF:Description ID="John_Smith">
    <BIB:Phone>+1 (555) 123-4567</BIB:Phone>   

2nd Generation: Negotiation & DSig Protocols

Negotiation protocols allow two agents to flexibly communicate about how they wish to interact.

Joint Electronic Payment Initiative (JEPI)
negotiate which payment system to use between a client and server
Protocol Extension Protocol (PEP)
allow client and server to negotiate about how to use HTTP extensions.


Third Generation: Social Protocols

Social protocols are the application of second generation protocols towards problems of social relevance like content regulation, IPR, and privacy.

W3C is developing tools necessary for creating rich content, managing trust relationships, and making verifiable assertions.

These tools enable others to build new applications, offer sophisticated services and to build Web markets.

Platform for Privacy Preferences (P3P)

Sites make assertions about their privacy practices.

Users express their privacy preferences over those practices.

Negotiation between the site's supported and user's desired practices results in an agreement.

The interaction between the site and user is flexible. Users can find the level of privacy most appropriate for their sense of privacy and the type of interaction they wish to have with that site.

P3P Scenario

  1. A user sets generic preferences, upon which her agent (browser) automatically acts.
    She can now browse the Web seamlessly.
  2. She encounters a site with "exceptional" practices outside her generic preferences.
    Perhaps a sports news site wants to collect her favorite teams for a customized news page.
  3. The user is prompted if she wishes to consider other alternatives, consent to the exceptional practice, or to go elsewhere.
    She can develop a one-to-one relationship with a site she trusts.

To simplify the experience, users also have the option to download recommended settings from a trusted source.
The users could go to a trusted organization that present practices they feel, if followed, will keep users safe.

Design of Social Protocols and Policy

Regulation by Specifying an Instance

Engineering principles which served the Internet well (such as decentralization) also made it difficult for governments to regulate.

In the CDA hearings, the DoJ certainly tried strategy #1 with the argument (based on Dr. Olsen of BYU) that IPV6 would support an adult/minor tag in each datagram, but failed.

PICS, based on principles of decentralization and user control, was seen as a better alternative

However, now there is fear that PICS builds censorship into the Net.

Regulation by Configuring an Option

I talked about social protocols over a year ago on "Internet Control" and concluded with:

"A social protocol is not so much an 'Internet Control,' but a way of using meta-data and negotiation to control the interactions one has with others on the Internet/Web."

In the PICSRules debate, critics missed the true danger: regulations on the UI. As you promote configuration and preference expression to the UI (good things), governments may shift their strategy from infrastructure to UI.

Social Protocol Regulation Dilemma

Is there a way to limit protocols intended for self-emergent communities from being co-opted by external communities?