VRM

You are currently browsing articles tagged VRM.

In , opens with this sentence: “On any person who desires such queer prizes, New York will bestow the gift of loneliness and the gift of privacy.” Sixty-four years have passed since White wrote that, and it still makes perfect sense to me, hunched behind a desk in a back room of a Manhattan apartment.

That’s because privacy is mostly a settled issue in the physical world, and a grace of civilized life. Clothing, for example, is a privacy technology. So are walls, doors, windows and shades.

Private spaces in public settings are well understood in every healthy and mature culture. This is why no store on Main Street would plant a tracking beacon in the pants of a visiting customer, to report back on that customer’s activities — just so the store or some third party can “deliver” a better “experience” through advertising. Yet this kind of thing is beyond normative on the Web: it is a huge business.

Worse, the institution we look toward for protection from this kind of unwelcome surveillance — our government — spies on us too, and relies on private companies for help with activities that would be a crime if the  still meant what it says. ( more than two years ago.)

I see two reasons why privacy is now under extreme threat in the digital world — and the physical one too, as surveillance cameras bloom like flowers in public spaces, and as marketers and spooks together look toward the “Internet of Things” for ways to harvest an infinitude of personal data.

Reason #1

The was back-burnered when  (aka ) got baked into e-commerce in the late ’90s. In a single slide  summarizes what happened after that. It looks like this:

The History of E-commerce
1995: Invention of the cookie.
The end.

For a measure of how far we have drifted away from the early promise of networked life, re-read ‘s “Death From Above,” published in January 1995, and his “Declaration of the Independence of Cyberspace,” published one year later. The first argued against asymmetrical provisioning of the Net and the second expressed faith in the triumph of nerds over wannabe overlords.

Three years later  was no less utopian. While it is best known for its 95 Theses (which include “” and ““) its most encompassing clue came before of all those. Chris Locke wrote it, and here’s what it says, boldface, color and all:

if you only have time for one clue this year, this is the one to get…
we are not seats or eyeballs or end users or consumers. we are human beings and our reach exceeds your grasp. deal with it.

Note the first and second person voices, and the possessive case. Our reach was everybody’s. Your grasp was companies’.

Fourteen years later, companies have won. Our reach has not exceeded their grasp. In fact, their grasp is stronger than ever.

Another irony: the overlords are nerds too. And  they lord over what Bruce Schneier calls a feudal system:

Some of us have pledged our allegiance to Google: We have Gmail accounts, we use Google Calendar and Google Docs, and we have Android phones. Others have pledged allegiance to Apple: We have Macintosh laptops, iPhones, and iPads; and we let iCloud automatically synchronize and back up everything. Still others of us let Microsoft do it all. Or we buy our music and e-books from Amazon, which keeps records of what we own and allows downloading to a Kindle, computer, or phone. Some of us have pretty much abandoned e-mail altogether … for Facebook.

These vendors are becoming our feudal lords, and we are becoming their vassals. We might refuse to pledge allegiance to all of them – or to a particular one we don’t like. Or we can spread our allegiance around. But either way, it’s becoming increasingly difficult to not pledge allegiance to at least one of them.

Reason #2

We have loosed three things into the digital world that we (by which I mean everybody) do not yet fully comprehend, much less deal with (through policy, tech or whatever). Those are:

  1. Ubiquitous computing power. In the old days only the big guys had it. Now we all do.
  2. Ubiquitous Internet access. This puts us all at zero virtual distance from each other, at costs that also veer toward zero as well.
  3. Unlimited ability to observe, copy and store data, which is the blood and flesh of the entire networked world.

In tech, what can be done will be done, sooner or later, especially if it’s possible to do it in secret — and if it helps make money, fight a war or both. This is why we have bad acting on a massive scale: from click farms gaming the digital advertising business, to the NSA doing what we now know it does.

Last month I gave a keynote at an  event in New York. One of my topics was personal privacy, and how it might actually be good for the advertising business to respect it. Another speaker was , a “gentleman hacker” and CEO of WhiteOps, “an internet security company focused on the eradication of ad fraud.” He told of countless computers and browsers infected with bots committing click-fraud on a massive scale, mostly for Russian hackers shunting $billions from the flow of money down the online advertising river. The audience responded with polite applause. Privacy? Fraud? Why care? The money’s rolling in. Make hay while the power asymmetry shines.

Just today an executive with a giant company whose name we all know told me about visiting “click farms” in India, which he calls “just one example of fraud on a massive scale that nobody in the industry wants to talk about.” (Credit where due: the IAB wouldn’t have had us speaking there if its leaders didn’t care about the issues. But a .org by itself does not an industry make.)

Yet I’m not discouraged. In fact, I’m optimistic.

These last few months I’ve been visiting dozens of developers and policy folk from Europe to Australia, all grappling productively with privacy issues, working on the side of individuals, and doing their best to develop enlightened policy, products and services.

I can report that respect for privacy — the right to be left alone and to conceal what one wishes about one’s self and one’s data — is far more evolved elsewhere than it is in the U.S. So is recognition that individuals can do far more with their own data than can any big company (or organization) that has snarfed that data up. In some cases this respect takes the form of policy (e.g. the EU Data Protection Directive). In other cases it takes the form of advocacy, or of new businesses. In others it’s a combination of all of those and more.

Some examples:

 is a policy and code development movement led by Ann Cavoukian, the Information & Privacy Commissioner of Ontario. Many developers, enterprises and governments are now following her guidelines. (Which in turn leverage the work of Helen Nissenbaum.)

, the Fondation Internet Nouvelle Génération, is a think tank of leading French developers, scientists, academics and business folk, convened to guide digital transformation across many disciplines, anchored in respect for the individual and his or her full empowerment (including protection of privacy), and for collective action based on that respect.

 is a Fing project in which six large French companies — Orange, La Poste, Cap-Digital, Monoprix, Alcatel-Lucent and Societe Generale — are releasing to 300 customers personal data gathered about those customers, and inviting developers to help those customers do cool things on their own with that data.

The  in the UK is doing a similar thing, with twenty UK companies and thousands of customers.

Both Midata and Etalab in France are also working the government side, sharing with citizens data collected about them by government agencies. For more on the latter read Interview with Henri Verdier: Director of Etalab, Services of the French Prime Minister. Also see Open Data Institute and PublicData.eu.

In Australia,    and  are working on re-building markets from the customer side, starting with personal control and required respect for one’s privacy as a base principle.

In the U.S. and Europe, companies and open source development groups have been working on personal data “stores,” “lockers,” “vaults” and “clouds,” where individuals can harbor and use their own data in their own private ways. There is already an  and a language for “” and “pclouds” for everything you can name in the Internet of Things. I posted something recently at HBR about one implication for this. (Alas, it’s behind an annoying registration wall.)

On the legal front, Customer Commons is working with the  at the Berkman Center on terms and privacy requirements that individuals can assert in dealing with other entities in the world. This work dovetails with , the  and others.

I am also encouraged to see that the most popular browser add-ons and extensions are ones that block tracking, ads or both. AdblockPlus, Firefox’s Privowny and  are all in this game, and they are having real effects. In May 2012,  a 9.26% ad blocking rate in North America and Europe. Above that were Austria (22.5%), Hungary, Germany, Finland, Poland, Gibraltar, Estonia and France. The U.S. was just below that at 8.72%. The top blocking browser was Firefox (17.81%) and the bottom one was Explorer (3.86%). So it was no surprise to see Microsoft jump on the Do Not Track bandwagon with its latest browser version. In sum what we see here is the marketplace talking back to marketing, through developers whose first loyalties are to people.

(The above and many other companies are listed among developers here.)

More context: it’s still early. The Internet most of us know today is just eighteen years old. The PC is thirty-something. Pendulums swing. Tides come and go. Bubbles burst.

I can’t prove it, but I do believe we have passed Peak Surveillance. When Edward Snowden’s NSA revelations hit the fan in May, lots of people said the controversy would blow over. It hasn’t, and it won’t. Our frogs are not fully boiled, and we’re jumping out of the pot. New personal powers will be decentralized. And in cases where those powers are centralized, it will be in ways that are better aligned with individual and social power than the feudal systems of today. End-to-end principles are still there, and still apply.

Another reason for my optimism is metaphor, the main subject in the thread below. In , George Lakoff and Mark Johnson open with this assertion: The mind is inherently embodied. We think metaphorically, and our metaphorical frames arise from our bodily experience. Ideas, for example, may not be things in the physical sense, but we still talk of “forming,” “getting,” “catching” and “throwing out” ideas. Metaphorically, privacy is a possession. We speak of it in possessive terms, and as something valuable and important to protect — because this has been our experience with it for as long as we’ve had civilization.

Possession is “nine-tenths of the law” because it is nine-tenths of the three-year-old. She says “It’s mine!” because she has hands with thumbs that give her the power to grab. Possession begins with what we can hold.

There is also in our embodied nature a uniquely human capacity called indwelling. Through indwelling our senses extend outward through our clothes, our tools, our vehicles, enlarging the boundaries of what we do and experience in the physical world. When drivers speak of “my wheels” and pilots of “my wings,” it is because their senses dwell in those things as extensions of their bodies.

This relates to privacy through exclusion: my privacy is what only I have.

The clothes we wear are exclusively ours. We may wear them to express ourselves, but their first purpose is to protect and conceal what is only ours. This sense of exclusivity also expands outward, even though our data.

 “the Internet is a copy machine.” And it is. We send an email in a less literal sense than we copy it. Yet the most essential human experience is ambulation: movement. This is why we conceive life, and talk about it, in terms of travel, rather than in terms of biology. Birth is arrival, we say. Death is departure. Careers are paths. This is why, when we move data around, we expect its ownership to remain a private matter even if we’re not really moving any of it in the postal sense of a sending a letter.

The problem here is not that our bodily senses fail to respect the easily-copied nature of data on networks, but that we haven’t yet created social, technical and policy protocols for the digital world to match the ones we’ve long understood in the physical world. We still need to do that. As embodied beings, the physical world is not just our first home. It is the set of reference frames we will never shake off, because we can’t. And because we’ve had them for ten thousand years or more.

The evolutionary adaptation that needs to happen is within the digital world and how we govern it, not the physical one.

Our experience as healthy and mature human beings in the physical world is one of full agency over personal privacy. In building out our digital world — something we are still just beginning to do — we need to respect that agency. The biggest entities in the digital world don’t yet do that. But that doesn’t mean they can’t. Especially after we start leaving their castles in droves.

Tags: , , , ,

[Trieste, Italy, 12:02am Friday 21 May 2013 — As I say in the comments here, Airbnb has responded to this post, explaining that a bug in the system was involved. While that might patch Airbnb's relationship with my wife and I, the bridge remains burned with other customers as long as Airbnb's Verified ID system retains its current requirements. They still need the kind of help only good hackers and loyal customers can provide. — Doc]

My wife and I are veteran Airbnb customers who have been happy with the company from the start. We like the prices, the experiences, the whole thing. As happy customers, we have also been spreading the love far and wide, pitching many new customers on Airbnb as a better way to stay when traveling. We want to continue spreading that love, even though we — and many other loyal customers — are now on the far side of a bridge Airbnb burned when it launched its new identity Verified ID system, which they explain (at that link) this way:

Verified ID provides a connection between the online and offline spaces. Airbnb users can earn a “Verified ID” badge on their profile by providing their online identity (via existing Airbnb reviews, LinkedIn, or Facebook) and matching it to offline ID documentation, such as confirming personal information or scanning a photo ID. The name provided by both channels must match for verification to succeed.

Starting today, Airbnb will require a random 25% of users in the USA to go through the Verified ID process. Soon, we’ll expand this requirement to users around the world. We hope that hosts and guests worldwide will see the benefits of interacting with users who complete Verified ID. Our goal is for all Airbnb members to have Verified ID eventually.

Any Airbnb host can now require their prospective guests to obtain Verified IDs before booking. Trust runs in both directions, so any host who requests this condition must also get verified.

Some of the comments under the post were positive, but many went the other way. Here are a few…

Jon:

I am an Airbnb host. Naturally, safety is always a concern. Despite that, I find this move objectionable, dishonest, misguided, and outright offensive.

  1. As a host, it is up to me to choose who I allow in my home. I like that I can decide how many requirements to place on my guests. Should I choose to place strict requirements, I get more protection and probably fewer bookings. I like having the choice. Airbnb just took the choice away from me and I’m not happy about it.
  2. You are making it substantially harder for guests to book on Airbnb. These standards will reduce the number of bookings we receive as hosts. You reduce our bookings and remove our ability to choose. Hosts should have the ability to choose.
  3. You want people to send you their photo ID / passport? Are you out of your *&#%& mind? Banks lose customer data all the time and they have some of the most stringent standards possible. Despite that, you pretend that you all are immune. You claim that having people send some of their most personal information over the internet will make them safer. You don’t make them safer; you make them MUCH LESS SAFE. When you have your data breached and you get sued, you will deserve every bit of the penalty.
  4. Why did you require a random 25% of users? Why not all users? Because you know you’d get too much negative feedback all at once and you could control the situation better if you phase it in. Either you are lying or you are putting hosts at risk. Shameful either way.
  5. “enhanced trust” I hate your Orwellian crock of sh&# phrasing. You should help the prison system rebrand their “full body cavity search”
  6. As a traveler myself, I was one of the 25% selected for “enhanced trust”. I have over 50 positive reviews from guests and hosts alike. You know where I live! There is no more trust that could possibly be had. Use a little common sense. This is the kind of nonsense I’d expect from the DMV, not from a blossoming enterprise.
  7. When the hell did facebook become an authority on people’s identities? I suspect that you have much more interesting motives for forcing people to connect their profiles to facebook. Quit trying to mine data under the guise of trust.
  • Deborah:

    my Facebook account did not work for Airbnb so they asked me to make a personal video talking about such things as why i like my neighborhood. I’m sorry, but I find this creepy. think of the inevitable steps up: photos of tattoos or birthmarks? proof of baptism? defense of fashion choices? that fragrant blend of californian cumbayah and capitalism. yechh….

  • Also from Deborah:

    I was just trying to book a short stay and the rigmarole and emails this verification process generated was ridiculous, but what caused me to cancel the reservation was this weird audition video request. Nor will I ever have anything further to do with Airbnb; not because of the hassle, but because this new verification process is invasive and puts my identity at risk. I have never encountered any comparable vetting for any purpose and it’s depressing to realize people will unthinkingly accept this kind of exploitation of information. I guess the thinking is if you value your privacy and identity above “trust” you don’t measure up to the Airbnb “community”. And is it a “community”? Really??

  • kim:

    well this is irritating. i have neither a facebook nor linkedin account, nor do i want either. i’ve been a positively-reviewed airbnb member for 2 years. although this article says it will look at positive reviews as online verification, it does not seem to be the case.
    and as for the 24/7 customer service? at this moment there is NO chat available, phone number is reserved for emergencies, and they are not responding to e-mail. so my booking is in limbo. if you’re going to implement this new feature, at least have the customer service to support it!<

  • Mle Davis

    Agree with others that the new verification process is insane and insulting. I have used your service for two years. My “reality” has been verified by my hosts and my guests: people in four countries have left feedback about their experiences with me. We have talked on the phone. You have my social security number from when you sent me tax documents. You have my credit card on file. I”m happy to send you my drivers license, but don’t see why you would need it, when you already have the rest. There is just no way I”m linking up my facebook account so you can datamine my friends, keep an eye on my day to day activity, or examine my relationships. There are enough safety checks on me through the relationship we’ve already developed. Please reconsider this stupidity.

  • E:

    Just had a reservation cancelled tonight because I did not complete the verification process. I inadvertently skipped the second step in the process which is give them access to my facebook account and contacts. I guess it doesn’t matter that I have been a member for almost three years and have rented through airbnb more than 15 times and have ALL positive reviews. I see this as an attempt to gather data for marketing purposes. Why else would they need access to facebook or linked in. Airbnb is going down hill. I have had more and more problems with them over the past 6 months. It was a great idea in the begining, but I think they are imploding!

  • Tony:

    I’m new to airbnb and I’m not crazy about the idea of scanning my driver’s license or passport and sending that to you. How do I know the faceless employees of whatever company which gets this information can be trusted with it?…
    … before you go to these extraordinary steps, why not fix the site so that friends can give me references. As I said, I’m new and (per your instructions) have asked friends through the site (both by email and facebook) to provide me with a reference. No one has done so yet and three have written back to say that they click the link and then don’t see any way to provide me with a reference. Two of these people are now concerned that this was just a way for someone to get their email addresses and add them to a spam list.

  • Lisa:

    I am so relieved to hear all these comments about the verification process. I am feeling DEEPLY resentful of this. I used Airbnb successfully this year, and am horrified to see what they’re asking. It is so invasive I can’t believe it. Like most people here, I’m sure, I’ve done vacation rentals, car rentals, bought tickets, booked everything and anything without this level of scrutiny. I finally capitulated to four levels of the scrutiny. This is ABSURD. If they want to offer this, then fine. But let the users decide how much they’re sharing and let hosts decide what they need.

Well, it was our bad luck to fall into that 25% when we booked an Airbnb place in Rome last weekend. My wife, an experienced and savvy traveler (with more than two million miles on one airline alone), always books our reservations, and expected the usual smooth and pleasant process when she was suddenly faced with this crazy new verification routine. Here’s how Airbnb explained her options after she declined to login with Facebook or Linkedin (neither of which she belongs to):

If you’re unable to verify your online ID using Facebook or LinkedIn, or if your account does not automatically satisfy the online ID requirements, you can create a video profile to serve as an alternative.

Your video will be visible on your profile as a live introduction of yourself to other Airbnb community members. To create your video profile, visit the “Photos and Video” section under Edit Profile. Consider using your first name, your current city, what you like about your neighborhood, and what you are looking for in a travel experience! Please do not include information about your government-issued ID, payment information, email address, last name, or any other personally identifiable information in your profile video.

After you’ve created a video profile, please email  trust at airbnb.com and we’ll help you complete the verification process.

I’ll pause to note here that my wife and and I have been around identity systems development for a very long time. In my case I’ve keynoted nearly ever Digital ID World, and have co-hosted all sixteen Internet Identity Workshops. Neither of us have ever seen an identity verification routine that required making a video to share with others.  We were, like… what?

So, after she declined to make the video and Airbnb cancelled our order, she sent an email to  trust at airbnb.com that included the following:

I’m perfectly happy to verify through a personal cloud provider ie: Personal.com, Virtrue, OwnYourInfo, Mydex, Gli.ph, or a trust network like Respect Network or Qiy. I suggest that you take a look at some of these services that work on the side of the customer, without exposing them to further surveillance and tracking of their personal data.

Airbnb replied,

Thank you for your email. Please accept our apologies if our verification process caused you any distress. As we are constantly working on improving our product and services, I’ll pass your feedback on accordingly. In the future, you can also submit your opinions or ideas on www.airbnb.com/feedback. Even when we are unable to accommodate all requests, we always value feedback from the community.

Airbnb is a platform for connecting individuals interested in having unique and personalized experiences. This is how Airbnb differs from the norm, as not everyone on Airbnb operates their business outside of Airbnb the way a normal bed and breakfast would. Please consider that you will be staying in the home or residence of another individual. At Airbnb we’re constantly striving to improve the level of trust between our users to instill confidence in the transactions between our users. Our verification process was designed to help improve that level of trust and allow users to fully enjoy their experience on Airbnb.

At Airbnb we’re constantly striving to improve the level of trust between our users to instill confidence in the transactions between our users. Our verification process was designed to help improve that level of trust and allow users to fully enjoy their experience on Airbnb.

Recent positive reviews do count towards verifying your Online identity but the reviews you received did not satisfy our system’s verification requirements. Unfortunately, if you don’t have a Facebook or LinkedIn account, the video profile is the only alternative available at this point. We offer several alternatives in hopes that one will work for you, but we understand that these situations do arise. That’s why we offer you the opportunity to verify your account by recording a 30 second video in which you can introduce yourself to the Airbnb community.

Please know that if you don’t want your video profile to be public, you can also record the clip using a digital camera or a smartphone and attach it to your response to this message. We’ll then verify your account without publishing the video.

This makes no sense to me. Are they saying Airbnb operates a social business, meaning one that places a premium on people exposing themselves to others, rather than on minimizing exposure? Are they saying that everybody in the Airbnb community is a potential “friend,” and thats’s why it makes sense to login with Facebook or Linkedin? And why the video? What’s to keep any community member from copying that video — or any personal information exposed through social media — and spreading it out on the open Web? Why would anybody trust Airbnb to keep that kind of thing from happening?

Given that Ghostery finds Airbnb using only six tracking systems (Facebook Connect, Google AdWords Conversion, Google Analytics, Google Tag Manager, MixPanel and New Relic) — a relatively small number for a commercial site — I doubt that Airbnb just wants to play the same advertising game that B2B companies like Google, Facebook, Twitter and other “social” sites play. Why should they, when they operate one of those very rare things in the “social” age: a real B2C business, for customers who actually pay for goods and services. That’s an enviable and valuable thing. And they’re screwing it up.

The “Verified ID” program fails because it alienates both the supply and the demand sides of the marketplace. It turns away good, loyal, paying customers, and denies hosts those customers’ bookings. Worse, it filters through only those customers who are comfortable exposing themselves through social media and in video performances. Do they really want to do that?

At some point it will dawn on Airbnb that this new system is worse than broken. When that dawn comes I suggest they do three things:

  1. Look into the list of companies and projects my wife mentioned above
  2. Join the Personal Identity Ecosystem Consortium (PDE.cc)
  3. Follow what’s happening with VRM and personal clouds — and get involved with those too

I also invite readers to weigh in with their own positive suggestions. No complaints or put-downs, please. We’re here to help.

Tags: , , , ,

(Cross-posted from the ProjectVRM blog.)

left r-buttonright r-buttonFor as long as we’ve had economies, demand and supply have been attracted to each other like a pair of magnets. Ideally, they should match up evenly and produce good outcomes. But sometimes one side comes to dominate the other, with bad effects along with good ones.

Such has been the case on the Web ever since it went commercial with the invention of the cookie in 1995, resulting in a  in which the demand side — that’s you and me — plays the submissive role of mere “users,” who pretty much have to put up with whatever rules websites set on the supply side.

Consistent with  (“Power corrupts; absolute power corrupts absolutely”) the near absolute power of website cows over user calves has resulted in near-absolute corruption of website ethics in respect to personal privacy.

This has been a subject of productive obsession by  and her team of reporters at The Wall Street Journal, which have been producing the  series (shortcut: http://wsj.com/wtk) since July 30, 2010, when Julia by-lined . The next day I called that piece a turning point. And I still believe that.

Today came another one, again in the Journal, in Julia’s latest, titled Web Firms to Adopt ‘No Track’ Button. She begins,

A coalition of Internet giants including Google Inc. has agreed to support a do-not-track button to be embedded in most Web browsers—a move that the industry had been resisting for more than a year.

The reversal is being announced as part of the White House’s call for Congress to pass a “privacy bill of rights,” that will give people greater control over the personal data collected about them.

The long White House press release headline reads,

We Can’t Wait: Obama Administration Unveils Blueprint for a “Privacy Bill of Rights” to Protect Consumers Online

Internet Advertising Networks Announces Commitment to “Do-Not-Track” Technology to Allow Consumers to Control Online Tracking

Obviously, government and industry have been working together on this one. Which is good, as far as it goes. Toward that point, Julia adds,

The new do-not-track button isn’t going to stop all Web tracking. The companies have agreed to stop using the data about people’s Web browsing habits to customize ads, and have agreed not to use the data for employment, credit, health-care or insurance purposes. But the data can still be used for some purposes such as “market research” and “product development” and can still be obtained by law enforcement officers.

The do-not-track button also wouldn’t block companies such as Facebook Inc. from tracking their members through “Like” buttons and other functions.

“It’s a good start,” said Christopher Calabrese, legislative counsel at the American Civil Liberties Union. “But we want you to be able to not be tracked at all if you so choose.”

In the New York Times’ White House, Consumers in Mind, Offers Online Privacy Guidelines Edward Wyatt writes,

The framework for a new privacy code moves electronic commerce closer to a one-click, one-touch process by which users can tell Internet companies whether they want their online activity tracked.

Much remains to be done before consumers can click on a button in their Web browser to set their privacy standards. Congress will probably have to write legislation governing the collection and use of personal data, officials said, something that is unlikely to occur this year. And the companies that make browsers — Google, Microsoft, Apple and others — will have to agree to the new standards.

No they won’t. Buttons can be plug-ins to existing browsers. And work has already been done. VRM developers are on the case, and their ranks are growing. We have dozens of developers (at that last link) working on equipping both the demand and the supply side with tools for engaging as independent and respectful parties. In fact we already have a button that can say “Don’t track me,” plus much more — for both sides. Its calle the R-button, and it looks like this: ⊂ ⊃. (And yes, those symbols are real characters. Took a long time to find them, but they do exist.)

Yours — the user’s — is on the left. The website’s is on the right. On a browser it might look like this:

r-button in a browser

Underneath both those buttons can go many things, including preferences, policies, terms, offers, or anything else — on both sides. One of those terms can be “do not track me.” It might point to a fourth party (see explanations here and here) which, on behalf of the user or customer, maintains settings that control sharing of personal data, including the conditions that must be met. A number of development projects and companies are already on this case. Some have personal data stores (PDSes), also called “lockers” or “vaults.” These include:

Three of those are in the U.S., one in Austria, one in France, one in South Africa, and three in the U.K. (All helping drive the Midata project by the U.K. government, by the way.) And those are just companies with PDSes. There are many others working on allied technologies, standards, protocols and much more. They’re all just flying below media radar because media like to look at what big suppliers and governments are doing. Speaking of which… :-)

Here’s Julia again:

Google is expected to enable do-not-track in its Chrome Web browser by the end of this year.

Susan Wojcicki, senior vice president of advertising at Google, said the company is pleased to join “a broad industry agreement to respect the ‘Do Not Track’ header in a consistent and meaningful way that offers users choice and clearly explained browser controls.”

White House Deputy Chief Technology Officer Daniel Weitzner said the do-not-track option should clear up confusion among consumers who “think they are expressing a preference and it ends up, for a set of technical reasons, that they are not.”

Some critics said the industry’s move could throw a wrench in a separate year-long effort by the World Wide Web consortium to set an international standard for do-not-track. But Mr. Ingis said he hopes the consortium could “build off of” the industry’s approach.

So here’s an invitation to the White House, Google, the 3wC, interested BigCos (including CRM companies), developers of all sizes and journalists who are interested in building out genuine and cooperative relationships between demand and supply::::

Join us at IIW — the Internet Identity Workshop — in Mountain View, May 1-3. This is the unconference where developers and other helpful parties gather to talk things over and move development forward. No speakers, no panels, no BS. Just good conversation and productive work. It’s our fourteenth one, and they’ve all been highly productive.

As for the r-button, take it and run with it. It’s there for the development. It’s meaningful. We’re past square one. We’d love to have all the participation we can get, from the big guys as well as the little ones listed above and here.

To help get your thinking started, visit this presentation of one r-button scenario, by Adam Marcus of MIT. Here’s another view of the same work, which came of of a Google Summer of Code project through ProjectVRM and the Berkman Center:

(Props to Oshani Seneviratne and David Karger, also both of MIT, and Ahmad Bakhiet, of Kings College London, for work on that project.)

If we leave fixing the calf-cow problem entirely up to the BigCos and BigGov, it won’t get fixed. We have to work from the demand side as well. In economies, customers are the 100%.

Here are some other stories, mostly gathered by Zemanta:

All look at the symptoms, and supply-side cures. Time for the demand side to demand answers from itself. Fortunately, we’ve been listening, and the answers are coming.

Tags: , , , , , , , ,

CRM and IIW

It just occurred to me that everything being worked on at IIW is meaningful to CRM. I had been thinking that only the VRM stuff was meaningful, but I realize now that all the IIW stuff is, because — from a CRM perspective — it’s all about customer empowerment. And empowered customers are entities that CRM will welcome, sooner or later.

Here’s the list of IIW topics on the IIW home page:

  • Open Standards that have been born and developed at IIW – OpenID, OAuth, Activity Streams, Portable Contacts, Salmon Protocol, SCIM, UMA ….
  • The Federated Social Web
  • Vendor Relationship Management
  • Personal Data Services -  collection, storage and value generation
  • Anonymity Pseudonymity and Reputation Online (think google+ controversy)
  • Legal Innovation including, Information Sharing Agreements, Data Ownership Agreements and the development of “trust” frameworks.
  • NSTIC – the National Strategy for Trusted Identities in Cyberspace (it uses the term “user-centric identity” 4 times & “citizen-centric identity” once)
  • Cloud Identity and the intersection of enterprise ID and people (consumer) ID

With this in mind we (a bunch of VRM and IIW people) decided that Wednesday afternoon is when we’ll have the VRM+CRM session, although we can have CRM sessions anytime, because the whole workshop is an unconference and participants choose the topics. But if you’re into the future of CRM, that afternoon session will be a good one to hit.

There is also the whole next day, currently thus described:

Thursday is Yukon Day: One of the longtime themes of IIW is how identity and personal data intersect.  Many important discussions about Vendor Relationship Management (VRM) have also taken place at IIW.  In recognition of how personal data and identity are intertwined, the third day of the IIW, will be designated “IIW + Yukon” and will stress the emerging personal data economy.  The primary theme will be personal data control and leverage, where the individual controls and drives the use of their own data, and data about them held by other parties.

This isn’t social. It’s personal.  This day you can expext open-space style discuss ions of personal data stores (PDS), PDS ecosystems, and VRM.  One purpose of Yukon is to start to focus on business models and value propositions, so we will specifically be reaching out to angels and VC’s who are interested in personal data economy plays and inviting them to attend.

Yukon” is a play on “You Control.”

So, if CRM is your thing, IIW would be a good place to see what’s coming in CRM’s direction.

Look forward to seeing some of ya’ll there.

Enhanced by Zemanta

Tags: , ,

OwnerIQ sez,

This video explains what they mean.

Compare those people and the way they define themselves—as products (a BMW, an iPad)—to the way Walt Whitman defined himself, just before Industry won the Industrial Revolution:

I know I am solid and sound.
To me the converging objects of the universe
perpetually flow.
All are written to me,
and I must get what the writing means.
I know I am deathless.
I know this orbit of mine cannot be swept
by a carpenter’s compass,

I know that I am august,
I do not trouble my spirit to vindicate itself
or be understood.
I see that the elementary laws never apologize.

My foothold is tenoned and mortised in granite.
I laugh at what you call dissolution,
And I know the amplitude of time.

It is time to explain myself. Let us stand up.

I am an acme of things accomplished,
and I an encloser of things to be.
Rise after rise bow the phantoms behind me.
Afar down I see the huge first Nothing,
the vapor from the nostrils of death.
I know I was even there.
I waited unseen and always.
And slept while God carried me
through the lethargic mist.
And took my time.

Long I was hugged close. Long and long.
Infinite have been the preparations for me.
Faithful and friendly the arms that have helped me.

Cycles ferried my cradle, rowing and rowing
like cheerful boatmen;
For room to me stars kept aside in their own rings.
They sent influences to look after what was to hold me.

Before I was born out of my mother
generations guided me.
My embryo has never been torpid.
Nothing could overlay it.
For it the nebula cohered to an orb.
The long slow strata piled to rest it on.
Vast vegetables gave it substance.
Monstrous animals transported it in their mouths
and deposited it with care.

All forces have been steadily employed
to complete and delight me.
Now I stand on this spot with my soul.

I know that I have the best of time and space.
And that I was never measured, and never will be measured.

I’m sure he owned more stuff than “a rainproof coat, good shoes and a staff cut from the wood.” But hey, maybe not. But whatever he had, what he did mattered more. Here’s what he does for each of us:

Each man and woman of you I lead upon a knoll.
My left hand hooks you about the waist,
My right hand points to landscapes and continents,
and a plain public road.

Not I, nor any one else can travel that road for you.
You must travel it for yourself.

It is not far. It is within reach.
Perhaps you have been on it since you were born
and did not know.
Perhaps it is everywhere on water and on land.

Shoulder your duds, and I will mine,
and let us hasten forth.

If you tire, give me both burdens and rest the chuff of your hand on my hip.
And in due time you shall repay the same service to me.

Long enough have you dreamed contemptible dreams.
Now I wash the gum from your eyes.
You must habit yourself to the dazzle of the light and of every moment of your life.

Long have you timidly waited,
holding a plank by the shore.
Now I will you to be a bold swimmer,
To jump off in the midst of the sea, and rise again,
and nod to me and shout,
and laughingly dash your hair.

I am the teacher of athletes.
He that by me spreads a wider breast than my own
proves the width of my own.
He most honors my style
who learns under it to destroy the teacher.

Do I contradict myself?
Very well then. I contradict myself.
I am large. I contain multitudes.

I concentrate toward them that are nigh.
I wait on the door-slab.

Who has done his day’s work
and will soonest be through with his supper?
Who wishes to walk with me.

The spotted hawk swoops by and accuses me.
He complains of my gab and my loitering.

I too am not a bit tamed. I too am untranslatable.
I sound my barbaric yawp over the roofs of the world.

I submit that wild and free customers are far more potent participants in the marketplace than “consumers” of “brands.”

You know, like this:

The time has come to choose your species. If you’re just what you own, you’re veal.

Tags:

We’re doing something different at next week’s IIW: inviting investors. So here’s a pitch that should resonate with investors — especially in Silicon Valley, where IIW happens (appropriately, at the Computer History Museum in Mountain View)…

Here’s a chance to check in on development work on a huge new disruptive market play: empowering customers as independent players in the marketplace, and building new businesses that serve liberated customers who want choices other than those between silos and walled gardens.

We’re talking here about equipping demand to drive supply, rather than just the reverse. (Which is fine and necessary, but it’s been done. A lot.)

We’re talking about creating tools and services proving at last that free customers are more valuable than captive ones.

We’re talking about how much more can happen in a marketplace where customers collect, control and selectively share their own data, for their own purposes — which nobody on the vendor side needs to guess about, because the customer knows, has the intent, and has the money.

We’ve been working on these tools for awhile now. My own work, both through IIW (which I help organize) and ProjectVRM at Harvard’s Berkman Center, has been to encourage development of tools that liberate and empower customers in the marketplace. Thanks also to the good work of allied efforts, many of these tools now exist, and more are coming along.

These tools fall into many categories. Some are open source efforts that equip developers with essential building material. Some are commercial efforts at the angel or pre-angel stages. Some are already funded. Some are existing businesses looking for partners. Whatever breed they are, all should be interesting to investors looking to place bets on customers, and on companies that align with customer interests and intentions in the marketplace.

IIW — which stands for Internet Identity Workshop — has always been about development. Since 2005 we’ve been getting together twice a year to share ideas and move work forward. As a workshop, it’s organized as an unconference. No speakers, no panels. Participants suggest topics and everybody breaks out to rooms and tables where those topics get discussed, whiteboards get marked up, and in many cases code gets shown and improved.

On Tuesday and Wednesday, May 3 and 4, the workshop will follow the usual routine. But on Thursday, May 5, we’ll visit a new topic which we’re calling “Yukon”: a one-word play on the line, “You control your own data.” As it says here,

Something New: IIW + Yukon: One of the longtime themes of IIW is how identity and personal data intersect. Many important discussions about Vendor Relationship Management (VRM) have also taken place at IIW. In recognition of how personal data and identity are intertwined, the third day of the IIW, May 5, will be designated “IIW + Yukon” and will stress the emerging personal data economy. The primary theme will be personal data control and leverage, where the individual controls and drives the use of their own data, and data about them held by other parties.

This isn’t social. It’s personal. This day you can expext open-space style discussions of personal data stores (PDS), PDS ecosystems, and VRM. One purpose of Yukon is to start to focus on business models and value propositions, so we will specifically be reaching out to angels and VC’s who are intersted in personal data economy plays and inviting them to attend.

Whether or not you’re an investor, or just friends with some (as pretty much all of us are these days), you’re invited. Looking forward to seeing you there.

Tags: , , , , ,

If you want to know what data you’re sharing — without (thus far) knowing about it — on Facebook, ISharedWhat.com is the way. You run it as a simulator and what’s what.

It was developed by Joe Andrieu, a stalwart contributor of wisdom and code to the VRM community, and has been covered by and tweeted by the Wall Street Journal’s @WhatTheyKnow.

It’s what we call a fourth party app, meaning it performs as an instrument of your intentions, rather than a seller’s or a site operator’s. Check it out and give Joe feedback.

Tags: , , , , , ,

In The Data Bubble, I told readers to mark the day: 31 July 2010. That’s when The Wall Street Journal published The Web’s Gold Mine: Your Secrets, subtitled A Journal investigation finds that one of the fastest-growing businesses on the Internet is the business of spying on consumers. First in a series. That same series is now nine stories long, not counting the introduction and a long list of related pieces. Here’s the current list:

  1. The Web’s Gold Mine: What They Know About You
  2. Microsoft Quashed Bid to Boost Web Privacy
  3. On the Web’s Cutting Edge: Anonymity in Name Only
  4. Stalking by Cell Phone
  5. Google Agonizes Over Privacy
  6. Kids Face Intensive Tracking on Web
  7. ‘Scrapers’ Dig Deep for Data on the Web
  8. Facebook in Privacy Breach
  9. A Web Pioneer Profiles Users By Name

Related pieces—

Two things I especially like about all this. First, Julia Angwin and her team are doing a terrific job of old-fashioned investigative journalism here. Kudos for that. Second, the whole series stands on the side of readers. The second person voice (you, your) is directed to individual persons—the same persons who do not sit at the tables of decision-makers in this crazy new hyper-personalized advertising business.

To measure the delta of change in that business, start with John Battelle‘s Conversational Marketing series (post 1, post 2, post 3) from early 2007, and then his post Identity and the Independent Web, from last week. In the former he writes about how the need for companies to converse directly with customers and prospects is both inevitable and transformative. He even kindly links to The Cluetrain Manifesto (behind the phrase “brands are conversations”).

In his latest he observes some changes in the Web itself:

Here’s one major architectural pattern I’ve noticed: the emergence of two distinct territories across the web landscape. One I’ll call the “Dependent Web,” the other is its converse: The “Independent Web.”

The Dependent Web is dominated by companies that deliver services, content and advertising based on who that service believes you to be: What you see on these sites “depends” on their proprietary model of your identity, including what you’ve done in the past, what you’re doing right now, what “cohorts” you might fall into based on third- or first-party data and algorithms, and any number of other robust signals.

The Independent Web, for the most part, does not shift its content or services based on who you are. However, in the past few years, a large group of these sites have begun to use Dependent Web algorithms and services to deliver advertising based on who you are.

A Shift In How The Web Works?

And therein lies the itch I’m looking to scratch: With Facebook’s push to export its version of the social graph across the Independent Web; Google’s efforts to personalize display via AdSense and Doubleclick; AOL, Yahoo and Demand building search-driven content farms, and the rise of data-driven ad exchanges and “Demand Side Platforms” to manage revenue for it all, it’s clear that we’re in the early phases of a major shift in the texture and experience of the web.

He goes on to talk about how “these services match their model of your identity to an extraordinary machinery of marketing dollars“, and how

When we’re “on” Facebook, Google, or Twitter, we’re plugged into an infrastructure (in the case of the latter two, it may be a distributed infrastructure) that locks onto us, serving us content and commerce in an automated but increasingly sophisticated fashion. Sure, we navigate around, in control of our experience, but the fact is, the choices provided to us as we navigate are increasingly driven by algorithms modeled on the service’s understanding of our identity.

And here is where we get to the deepest, most critical problem: Their understanding of our identity is not the same as our understanding of our identity. What they have are a bunch of derived assumptions that may or may not be correct; and even if they are, they are not ours. This is a difference in kind, not degree. It doesn’t matter how personalized anybody makes advertising targeted at us. Who we are is something we possess and control—or would at least like to think we do—no matter how well some of us (such as advertisers) rationalize the “socially derived” natures of our identities in the world.

It is standard for people in the ad business to equate assent with approval, and John’s take on this is a good example of that. Sez he,

We know this, and we’re cool with the deal.

In fact we don’t know, we’re not cool with it, and it isn’t a deal.

If we knew, the Wall Street Journal wouldn’t have a reason to clue us in at such length.

We’re cool with it only to the degree that we are uncomplaining about it—so far.

And it isn’t a “deal” because nothing was ever negotiated.

On that last point, our “deals” with vendors on the Web are agreements in name only. Specifically, they are a breed of assent called contracts of adhesion. Also called standard form or boilerplate contracts, they are what you get when a dominant party sets all the terms, there is no room for negotiation, and the submissive party has a choice only to accept the terms or walk away. The term “adhesion” refers to the nailed-down nature of the submissive party’s position, while the dominant party is free to change the terms any time it wishes. Next time you “agree” to terms you haven’t read, go read them and see where it says the other party reserves the right to change the terms.

There is a good reason why we have had these kinds of agreements since the dawn of e-commerce. It’s because that’s the way the Web was built. Only one party—the one with the servers and the services—was in a position to say what was what. It’s still that way. The best slide I’ve seen in the last several years is one of Phil Windley‘s. It says,

HISTORY OF E-COMMERCE

1995: Invention of the Cookie.

The End.

About all we’ve done since 1995 on the sell side is improve the cookie-based system of “relating” to users. This is a one-way take-it-or-leave-it system that has become lame and pernicious in the extreme. We can and should do better than that.

Phil’s own company, Kynetx, has come up with a whole new schema. Besides clients and servers (which don’t go away), you’ve got end points, events, rules and rules engines to execute the rules. David Siegel’s excellent book, The Power of Pull, describes how the Semantic Web also offers a rich and far more flexible and useful alternative to the Web’s old skool model. His post yesterday is a perfect example of liberated thinking and planning that transcends the old cookie-limited world. The man is on fire. Dig his first paragraph:

Monday I talked about the social networking bubble. Marketers are getting sucked into the social-networking vortex and can’t find their way out. The problem is that most companies are trying small tactical improvements, hoping to improve sales a bit and trying tactical savings programs, hoping to improve margins a bit. Yet there’s a whole new curve of efficiency waiting in the world of pull. It’s time to start talking about savingtrillions, not millions. Companies should think in terms of big, strategic, double-digit improvements, new markets, and new ways to cooperate. Here is a road map

Read on. (I love that he calls social networking a “bubble”. I’m with that.)

This week at IIW in Mountain View, we’re going to be talking about, and working on, improving markets from the buyers’ side. (Through VRM and other means.) On the table will be whole new ways of relating, starting with systems by which users and customers can offer their own terms of engagement, their own policies, their own preferences (even their own prices and payment options)—and by which sellers and site operators can signal their openness to those terms (even if they’re not yet ready to accept them). The idea here is to get buyers out of their shells and sellers out of their silos, so they can meet and deal for real in a truly open marketplace. (This doesn’t have to be complicated. A lot of it can be automated. And, if we do it right, we can skip a lot of the pointless one-sided agreement-clicking friction we now take for granted.)

Right now it’s hard to argue against all the money being spent (and therefore made) in the personalized advertising business—just like it was hard to argue against the bubble in tech stock prices in 1999 and in home prices in 2004. But we need to come to our senses here, and develop new and better systems by which demand and supply can meet and deal with each other as equally powerful parties in the open marketplace. Some of the tech we need for that is coming into being right now. That’s what we should be following. Not just whether Google, Facebook or Twitter will do the best job of putting crosshairs on our backs.

John’s right that the split is between dependence and independence. But the split that matters most is between yesterday’s dependence and tomorrow’s independence—for ourselves. If we want a truly conversational economy, we’re going to need individuals who are independent and self-empowered. Once we have that, the level of economic activity that follows will be a lot higher, and a lot more productive, than we’re getting now just by improving the world’s biggest guesswork business.

Tags: , , , , , , ,

First, three posts by:

His bottom line in the last of those: “… people are saying the web dumbs us down. This is wrong. The web can dumb us down, but only if we choose to let it.” Much substance leads up to that, including many comments to the first two posts.

In the first post, JP says, “For information to have power, it needs to be held asymmetrically. Preferably very very asymmetrically. Someone who knows something that others do not know can do something potentially useful and profitable with that information.” He adds,

So when people create walled-garden paid apps, others will create unpaid apps that get to the same material. It’s only a matter of time. Because every attempt at building dams and filters on the internet is seen as pollution by the volunteers. It’s not about the money, it’s about the principle. No pollutants.

Which brings me to the reason for this post. There’s been a lot of talk about the web and the internet making us dumber.

I think it’s more serious than that. What the web does is reduce the capacity for asymmetry in education. Which in turn undermines the exalted status of the expert.

The web makes experts “dumb”. By reducing the privileged nature of their expertise.

Every artificial scarcity will be met by an equal and opposite artificial abundance. And, over time, the abundance will win. There will always be more people choosing to find ways to undo DRM than people employed in the DRM-implementing sector. Always.

Joe Andrieu responds with Asmmetry by choice.  After giving some examples, Joe adds,

These types of voluntary acceptance of asymmetry in information are the fabric of relationships. We trust people with sensitive information when we believe they will respect our privacy.

I don’t see abundance undoing that. Either the untrustworthy recipient develops a reputation for indescretion and is cut off, or the entire system would have to preclude any privacy at all. In that latter scenario, it would became impossible to share our thoughts and ideas, our dreams and passions, without divulging it to the world. We would stop sharing and shut down those thoughts altogether rather than allow ourselves to become vulnerable to passing strangers and the powers that be. Such a world would of totalitarian omniscience would be unbearable and unsustainable. Human beings need to be able to trust one another.  Friends need to be able to talk to friends without broadcasting to the world. Otherwise, we are just cogs in a vast social order over which we have almost no control.

Asymmetry-by-choice, whether formalized in an NDA, regulated by law, or just understood between close friends, is part of the weft and weave of modern society.

The power of asymmetry-by-choice is the power of relationships. When we can trust someone else with our secrets, we gain. When we can’t, we are limited to just whatever we can do with that information in isolation.

This is a core part of what we are doing with and the . Vendor Relationship Management (VRM) is about helping users get the most out of their relationships with vendors. And those relationships depend on Vendors respecting the directives of their customers, especially around asymmetric information. The Information Sharing Work Group (ISWG) is developing scenarios and legal agreements that enable individuals to share information with service providers on their own terms. The notion of a is predicated on providing privileged information to service providers, dynamically, with full assurance and the backing of the law. The receiving service providers can then provide enhanced, customized services based on the content of that data store… and individuals can rest assured that law abiding service providers will respect the terms they’ve requested.

I think the value of this asymmetry-by-choice is about artificial scarcity, in that it is constructed through voluntary agreement rather than the mechanics/electronics of the situation, but it is also about voluntary relationships, and that is why it is so powerful and essential.

I’ll let both arguments stand for now (and I think if the two of them were talking here right now they’d come to some kind of agreement… maybe they will in comments here or on their own blogs), while I lever both their points toward the issue of privacy, which will continue to heat up as more people become aware of liberties taken with personal information by Web companies, especially those in the advertising business. I hadn’t thought about this in terms of asymmetry before, but maybe it helps.

The Web has always embodied the design asymmetry of . Sites have servers. Visitors have clients (your computing device and its browser). To help keep track of visitors’ relationships, the server gives them . These are small text files that help the server recall logins, passwords, contact history and other helpful information. Cookies have been normative in the extreme since they were first used in the mid-nineties.

Today advertising on the Web is also normative to an extreme that is beginning to feel . In efforts to improve advertising, “beacons” and flash cookies have been added to the HTTP variety, and all are now also used to track users on the Web. The Wall Street Journal has been following this in its series, and you can find out more there. Improvement, in the new advertising business, is now about personalization. “It is a sea change in the way the industry works,” Omar Tawakol, CEO of BlueKai, told the Wall Street Journal. “Advertisers want to buy access to people, not Web pages.”

Talk about asymmetry. You are no longer just a client to a server. You are a target with crosshairs on your wallet.

Trying to make advertising more helpful is a good thing. Within a trusted relationship, it can be a better thing. The problem with all this tracking is that it does not involve trusted relationships. Advertisers and site owners may assume or infer some degree of conscious assent by users. But, as the Journal series makes clear, most of us have no idea how much unwelcome tracking is really going on. (Hell, they didn’t know until they started digging.)

So let’s say we can construct trusted relationships with sellers. By we I mean you and me, as individuals. How about if we have our own terms of engagement with sellers—ones that express our intentions, and not just theirs? What might we say? How about,

  • You will put nothing on my computer or browser other than what we need for our  relationship.
  • Any data you collect in the course of our relationship can be shared with me.
  • You can combine my data with other data and share it outside our relatinship, provided it is not PII (Personally Identifiable Information).
  • If we cease our relationship, you can keep my data but not associate any PII with that data.
  • You will also not follow my behavior or accumulate data about me for the purposes of promotion or advertising unless I opt into that. Nor will your affiliates or partners.

I’m not a lawyer, and I’m not saying any of the points above are either legal or in legal language. But they are the kinds of things we might like to say within a relationship that is symmetrical in nature yet includes the kind of asymmetry-by-choice that Joe talks about: the kind based on real trust and real agreement and not just passive assent.

The idea here isn’t to make buyers more powerful than sellers. It’s to frame up standard mechanisms by which understandings can be established by both parties. Joe mentioned some of the work going on there. I also mention some in Cooperation vs. Coercion, on the . Here’s a long excerpt:

What we need now is for vendors to discover that free customers are more valuable than captive ones. For that we need to equip customers with better ways to enjoy and express their freedom, including ways of engaging that work consistently for many vendors, rather than in as many different ways ways as there are vendors — which is the “system” (that isn’t) we have now.

There are lots of VRM development efforts working on both the customer and vendor sides of this challenge. In this post I want to draw attention to the symbols that represent those two sides, which we call r-buttons, two of which appear above. Yours is the left one. The vendor’s is the right one. They face each other like magnets, and are open on the facing ends.

These are designed to support what calls , which he started talking about back in 2005 or so. I paid some respect to gestures (though I didn’t yet understand what he meant) in The Intention Economy, a piece I wrote for in 2006. (That same title is also the one for book I’m writing for . The subtitle is What happens when customers get real power.) On the sell side, in a browser environment, the vendor puts some RDFa in its HTML that says “We welcome free customers.” That can mean many things, but the most important is this: Free customers bring their own means of engagement. It also means they bring their own terms of engagement.

Being open to free customers doesn’t mean that a vendor has to accept the customer’s terms. It does mean that the vendor doesn’t believe it has to provide all those terms itself, through the currently defaulted contracts of adhesion that most of us click “accept” for, almost daily. We have those because from the dawn of e-commerce sellers have assumed that they alone have full responsibility for relationships with customers. Maybe now that dawn has passed, we can get some daylight on other ways of getting along in a free and open marketplace.

The gesture shown here —

— is the vendor (in this case the public radio station , which I’m just using as an example here) expressing openness to the user, through that RDFa code in its HTML. Without that code, the right-side r-button would be gray. The red color on the left side shows that the user has his or her own code for engagement, ready to go. (I unpack some of this stuff here.)

Putting in that RDFa would be trivial for a CRM system. Or even for a CMS (content management system). Next step: (I have Craig Burton leading me on this… he’s on the phone with me right now…) RESTful APIs for customer data. Check slide 69 here. Also slides 98 and 99. And 122, 124, 133 and 153.

If I’m not mistaken, a little bit of RDFa can populate a pop-down menu on the site’s side that might look like this:

All the lower stuff is typical “here are our social links” jive. The important new one is that item at the top. It’s the new place for “legal” (the symbol is one side of a “scale of justice”) but it doesn’t say “these are our non-negotiable terms of service (or privacy policies, or other contracts of adhesion). Just by appearing there it says “We’re open to what you bring to the table. Click here to see how.” This in turn opens the door to a whole new way for buyers and sellers to relate: one that doesn’t need to start with the buyer (or the user) just “accepting” terms he or she doesn’t bother to read because they give all advantages to the seller and are not negotiable. Instead it is an open door like one in a store. Much can be implicit, casual and free of obligation. No new law is required here. Just new practice. This worked for (which neither offered nor required new copyright law), and it can work for r-commerce (a term I just made up). As with Creative Commons, what happens behind that symbol can be machine, lawyer or human-readable. You don’t have to click on it. If your policy as a buyer is that you don’t want to to be tracked by advertisers, you can specify that, and the site can hear and respond to it. The system is, as Renee Lloyd puts it, the difference between a handcuff and a handshake.

Renee is a lawyer and self-described “shark trainer” who has done much in the community to help us think about agreements in ways that are legal without being complicated. For example, when you walk into a store, you are surrounded by laws of many kinds, yet you have an understanding with that store that you will behave as a proper guest. (And many stores, such as Target, refer by policy to their customers as “guests.”) You don’t have accept “terms of service” that look like this:

You agree we are not liable for annoying interruptions caused by you; or a third party, buildings, hills, network congestion, rye whiskey falling sickness or unexpected acts of God or man, and will save harmless rotary lyrfmstrdl detections of bargas overload prevention, or if Elvis leaves the building, living or dead. Unattended overseas submissions in saved mail hazard functions will be subject to bad weather or sneeze funneling through contractor felch reform blister pack truncation, or for the duration of the remaining unintended contractual subsequent lost or expired obligations, except in the state of Arizona at night. We also save ourselves and close relatives harmless from anything we don’t control; including clear weather and oddball acts of random gods. You also agree we are not liable for missed garments, body parts, electronic communications or musical instruments, even if you have saved them. Nothing we say or mumble here is trustworthy or true, or meant for any purpose other than to sphincter the fears of our legal department, which has no other reason to live. Everything here does not hold if we become lost, damaged or sold to some other company. Whether for reasons of drugs, hormones, gas or mood, we may also terminate or change this agreement with cheerful impunity.

[   ]  Accept.

And for that you get a cookie. Yum.

gives a great talk in which he reduces History of E-Commerce to one slide. It looks like this:

1995: Invention of the Cookie.

The End.

Not content with that, Phil has moved history forward a step by writing KRL, the , which he describes in this post here. The bottom line for our purpose in this post is that you can write your own rules. Terms of engagement are not among them yet, but why not? It’s early. At last Friday, showed how easy it is to program a relationship—or just your side of one—with KRL. What blew my mind was that the show was over and it was past time to leave, on a Friday, and people hung out to see how this was done. (Here’s a gallery of photos from the workshop.)

And those are just some of the efforts going on in the VRM (and soon, we trust, the CRM) community. What we’re trusting (we’re beyond just hoping at this point) is that tools for users wishing to manage relationships with organizations of all kinds (and not just vendors) will continue to find their way into the marketplace. And the result will be voluntary relationships that employ asymmetry by choice—in which the choice is made freely by all the parties involved.

Tags: , , ,

VRM + CRM 2010

So that’s the logo for the first VRM+CRM workshop, which will happen on 26-27 August, at Harvard Law School. It’s free. You can register here.

ProjectVRM, which I’ve been running as a fellow at Harvard’s Berkman Center has been growing nicely over the past four years, and is on its way toward becoming an independent entity. (It will exist, as always, to support a community of developers and interested parties outside of the project itself.) It’s funny, I remember Jeremie Miller, who encouraged me to choose VRM (before it had that name) as my Berkman project when I started out in late summer of 2006, telling me “it will take five years.” Meaning that’s generally how long any new world-changing development effort spends in the quiet shadows before it breaks out into the open and starts taking off. (If it does at all.) That’s about how long it took for Jeremie’s own Jabber/XMPP efforts. (He predicted five years at the beginning of that too, and he was just a kid then. Wise dude.)

I’ve liked keeping VRM in the shadows, because I felt that code mattered more than anything. Code talks. Buzz walks. And I say that even though I’m not bad at generating buzz when I need to. Now the code base is growing enough that many of us feel a need to start talking about it. Especially to potential partners in the business world.

We’ve described VRM as the “reciprocal” of CRM at various times. It’s much more than that, actually. Its tools that give individuals independence from others, yet useful means for engaging with others — especially organizations, and among those especially sellers. But the core elements are individuals and independence.

I’ve also seen VRM from the start as fundamentally an open source effort, not a commercial one. I also saw open source tools, with their high use-value, having enormous leverage into sale-value for any company selling products or services based on those open tools. This would include, among other things, many fourth-party services — itself another whole new category.

CRM in the meantime has grown to become a $15-billion business. It has also lately enlarged its intrest to include Social CRM. Our friend Paul Greenberg has written extensively on both, and is the driving force behind Destination CRM next week in New York. (Which I hate to miss, but have a prior commitment elsewhere.) Since VRM will be a topic at Destination CRM, and we can get space here at Harvard before the students come back, we put together the workshop to follow at the other end of the same month.

The workshop is for VRM and CRM developers and other interested parties (such as CRM customers) together to start building out the common ground between them. The nature of relationship is to exist between and apart from both parties. Neither controls the other. Both work together, in a common space between the two. We haven’t had that space before. The default on the CRM side (and one that predates CRM itself) is for vendors to control relationships with customers. What VRM proposes is that neither controls the other, but both manage the space between them, in mutually beneficial ways.

The workshop will mostly be an unconference, though there will be some opening briefings by VRM and CRM folks, to set the stage for sessions to follow. Here are a few of the topics and questions I expect will come up. (These are copied over from a post I just put up over on the ProjectVRM blog.) –

  • Terms of service. How can we get past the legal hurdles and shackles that inconvenience both buyers and sellers when they get acquainted?
  • Privacy policies. How can we reduce the suspicions and frictions that these involve?
  • Personal data. What tools, methods and services are being developed for individuals to keep track of data they generate or is being kept by sellers and other parties? What means do we have for sharing or exchanging that data in secure and trustable ways?
  • Signaling. What new methods will both individuals and organizations have for notifying each other of interests, intentions, policies, preferences, or changes in any of those? How can we make these common across the industry, rather than different for every organization?
  • Self-tracking and personal informatics. What vendor-independent means are being developed for individuals to keep track of their own personal data, and manage it?
  • Interactive shopping. The Live Web we saw coming in 2005 is here. So is the mobile one. Combine those facts with the ability to issue personal RFPs (or just to publish your shopping list to trusted retailers and fourth parties), and what do you get?
  • Search. What new paradigms for searching are being developed, especially in the context of all the topics above?
  • Non-coercive loyalty. What ways are being developed for individuals to express and manage their own forms of loyalty to sellers and other organizations? How can this improve existing loyalty programs?
  • Personal RFPs or Advertising in Reverse. How can individual customers notify whole market categories of their intent to purchase a product, safely and securely, without inviting a torrent of promotional jive in response?
  • Leveraging base-level protocols, standards and tools. There are hundreds of thousands of free and open source tools, protocols and other goods already in the world, ready to serve as free building materials and guidelines. What can we use of these, and what new ones do we need? What new ones are in development on the VRM side?
  • Reducing MLOTT — Money Left On The Table. In our current system, a huge sum of demand goes un-met because of the the means for communicating interest and availability are on the supply side. How (including the means listed above and others) can we equip demand to notify supply of money ready to be spent? In the old days this was seen as “lead generation” by suppliers. But now it’s time to get past that.
  • Tie-ins with SCRM. Social CRM is the hottest topic in CRM. How can VRM connect with and through social networking? Important question: Should “social” be restricted to just what can be done through Facebook, Twitter and other commercial services?
  • Patient-driven health care. How can individuals be the collection points for their own health data, and the point of origination for what gets done with it?
  • API symphonics. The commercial world is increasingly building around a collection of interconnected APIs, or Application Programming Interfaces. Many CRM systems are built around their own APIs. VRM will surely connect into many APIs. How should we be thinking about and guiding evolution here?
  • The oppposite of cookies. Sites and companies of all kinds have been keeping track of customers through cookies since the mid-’90s. How can customers do the same with their suppliers?

Feel free to add your own, correct these, or make other recommendations.

More details on the event wiki page.

Tags: , , , , ,

« Older entries