VRM Day: Let’s talk UMA and terms

VRM Day and IIW are coming up in October: VRM Day on the 26th, and IIW on the 27th-29th. As always, both are at the Computer History Museum in the heart of Silicon Valley. Also, as always, we would like to focus  VRM day on issues that will be discussed and pushed forward (by word and code) on the following days at IIW.

I see two.

The first isUMA-logo UMA, for User Managed Access. UMA is the brainchild of Eve Maler, one of the most creative minds in the Digital Identity field. (And possibly its best singer as well.) The site explains, “User-Managed Access (UMA) is an award-winning OAuth-based protocol designed to give a web user a unified control point for authorizing who and what can get access to their online personal data, content, and services, no matter where all those things live on the web. Read the spec, join the group, check out the implementations, follow us on Twitter, like us onFacebook, get involved!”

Which a number of us in the #VRM community already are — enough, in fact, to lead discussion on VRM Day.

In Regaining Control of Our Data with User-Managed Access, Phil Windley calls VRM “a perfect example of the kind of place where UMA could have a big impact. VRM is giving customers tools for managing their interactions with vendors. That sounds, in large part, like a permissioning task. And UMA could be a key piece of technology for unifying various VRM efforts.”

For example, “Most of us hate seeing ads getting in the way of what we’re trying to do online. The problem is that even with the best “targeting” technology, most of the ads you see are wasted. You don’t want to see them. UMA could be used to send much stronger signals to vendors by granting permission for them to access information would let them help me and, in the process, make more money.”

We call those signals “intentcasting.”

Yet, even though our wiki lists almost two dozen intentcasting developers, all of them roll their own code. As a result, all of them have limited success. This argues for looking at UMA as one way they can  substantiate the category together.

The second topic is terms. These can take two forms: ones individuals can assert (which on the wiki we call EmanciTerm); and truly user- and customer-friendly ones sites and services can assert. (Along with truly agreeable privacy policies on both sides.)

At last Fall’s VRM Day, we came up with one possible approach, which looked like this on the whiteboard:

UserTerms1This was posted on Customer Commons, which is designed to serve the same purpose for individual terms as Creative Commons does for individual artists’ copyright terms. We can do the same this time.

So be sure to register soon. Space is limited.

Bonus links/tweets: here and here.

 

 

Loyalty means nothing if customers don’t have their own ways of expressing it

nomorecards

@jobsworth and I were just pointed by @aainslie to a @ronmiller piece in @TechCrunch titled In The Age of Disruption, Customer Love Is More Important Than Ever.

The headline says it all, and it’s true. But, as with all pieces like this, it’s about what companies can (or should) do, rather than what customers can do.

Think about it. What if customers had their own systematic methods of expressing loyalty? Not silo-provided gimmicks like Facebook’s “like” buttons, but standard tools or systems that every customer could use, as easily as they use their own wallets or phones.

Think about how much better it would be for the whole marketplace if we built loyalty tools and systems where loyalty actually resides: on the customer’s side. What customers express through these tools and systems would be far more genuine and meaningful than any of today’s silo’d and coercive “loyalty programs,” which inconvenience everybody and yield rewards worth less than the time wasted by everybody dealing with them.

If loyalty systems are left entirely up to the sellers of the world, we’ll have as many different systems as we have sellers. Which, of course, is what we already have, and it’s a royal mess.

As it happens, loyalty is one VRM development area where there is nothing going on, so far — or at least nothing that fits the description I just made.

So maybe it’s about time to get started. Looks like a greenfield to me.

Speaking of which, I’ll betcha there is stuff that already exists within CRM systems that could be ported over to the customer side, and then match up with seller-side CRM stuff. Be interesting to hear from CRM folks about that. Here’s the key thing, though: customer VRM loyalty tools need to work with all CRM systems. (Just like, say, browsers, email and other standard customer-side tools also do.)

The coming collapse of surveillance marketing

A few minutes ago, on a mailing list, somebody asked me if Google hadn’t shown people don’t mind having personal data harvested as long as they get value in exchange for it. Here’s what I answered:

It’s not about Google — or Google alone. It’s about the wanton and widespread harvesting of personal data without permission, by pretty much the entire digital marketing field, or what it has become while in maximum thrall of Big Data.

That this is normative in the extreme does not make it right, or even sustainable. The market — customers like you and me — doesn’t like it. Technologists, sooner or later, will provide customers with means of control they still lack today.

The plain fact is that most people don’t like surveillance-based marketing. Study after study (by TRUSTe, Pew, Customer Commons and others) have shown that 90+% of people have problems with the way their data and their privacy are abused online.

The Tradeoff Fallacy: How Marketers Are Misrepresenting American Consumers and Opening Them Up to Exploitation” by Annenberg (at the U. of Pa) says,

a majority of Americans are resigned to giving up their data—and that is why many appear to be engaging in tradeoffs. Resignation occurs when a person believes an undesirable outcome is inevitable and feels powerless to stop it. Rather than feeling able to make choices, Americans believe it is futile to manage what companies can learn about them. The study reveals that more than half do not want to lose control over their information but also believe this loss of control has already happened.

More from Penn News:

Survey respondents were asked whether they would accept “tradeoffs,” such as discounts, in exchange for allowing their supermarkets to collect information about their grocery purchases.  Among the key findings:

    • 91 percent disagree (77 percent of them strongly) that “if companies give me a discount, it is a fair exchange for them to collect information about me without my knowing.”
    • 71 percent disagree (53 percent of them strongly) that “it’s fair for an online or physical store to monitor what I’m doing online when I’m there, in exchange for letting me use the store’s wireless Internet, or Wi-Fi, without charge.”
    • 55 percent disagree (38 percent of them strongly) that “it’s okay if a store where I shop uses information it has about me to create a picture of me that improves the services they provide for me.”
Only about 4 percent agree or agree strongly with all three propositions.

But 58 percent agreed with both of the following two statements that together indicate resignation:  “I want to have control over what marketers know about me online” and “I’ve come to accept that I have little control over what marketers can learn about me online.”

The Net we know today was born only twenty years ago, when it opened to commercial activity. We are still naked there, lacking in clothing and shelter (to name two familiar privacy technologies in the physical world). Eventually we’ll have clothing and shelter in many forms, good means for preventing and permitting the ways others deal with us, and full agency in our dealings with business and government.

In the meantime we’ll have a status quo to which we remain resigned.

I suspect that even Google knows this will change.

Bonus Link.

Think about an irony here. Most brick-and-mortar merchants would be appalled at the thought of placing tracking beacons on visiting customers, to spy on them after they leave the store, just so they can be “delivered” a better “advertising experience.” And obviously, customers would hate it too. Yet many of the same merchants hardly think twice about doing the same online.

This will change because there is clear market sentiment against it. We see this through pressure toward regulation (especially in Europe), and through ad and tracking blocking rates that steadily increase.

But both regulation and blockers are stone tools. Eventually we’ll get real clothing and shelter.

That’s what we’ve been working on here with ProjectVRM. It’s taking longer than we expected at first, but it will happen, and not just because there is already a lot of VRM development going on.

It will happen because we have the Net, and the Net is not just Google and Facebook and other modern industrial giants. The Net is where all of those companies live, in the company of customers, to whom, — sooner or later, they become accountable.

Right now marketing is not taking the massive negative externalities of surveillance into account, mostly because marketing is a B2B rather than a B2C business, and there persists a blindered mania around Big Data. But they will take those externalities into account eventually, because the Cs of the world will gain the power to protect themselves against unwanted surveillance, and will provide far more useful economic signaling to the businesses of the world than marketing can ever guess at.

Once that happens, the surveillance marketing business, and what feeds it, will collapse.

“A house divided against itself cannot stand,” Lincoln said. That was in 1858, and in respect to slavery. In 2015 the language of marketing — in which customers are “targets” to be “acquired,” “controlled,” “managed” and “locked in” — is not much different than the language of slave owners in Lincoln’s time.

This will change for the simple reason that we are not slaves. We are the ones with the money, the choice about patronage, and the network. Companies that give us full respect will be the winners in the long run. Companies that continue to treat us as less than human will suffer the consequences.

A #VRM outline for the #4th

I’ve been liveblogging lately: writing live in an outline. Here is today’s. And here is the VRM section of it:

That’s copied and pasted from the web page, with all the outline levels opened. On the original they can be expanded and collapsed. In the authoring page they can also be expanded and collapsed. Dave Winer, who invented liveblogging (and  much else we take for granted), explains it here.

If your voice comes from a company, you don’t have one

Got this in my email today:

Oracle pitch

I’m sure Oracle Service Cloud is good at what it does. Such as:

  • Deliver an integrated customer experience while equipping employees with the right tools
  • Drive and meet consumer expectations in the new omni-channel world
  • Adapt their service to customer needs by researching and considering their demographics

The problem is that this assumes customers have no voices of their own, and need to be given one. And, since every company has its own way to give customers voices, the customer turns into a Tower of Babble, speaking with many different voices to many different companies.

For example, today at a medical center I had to give exactly the same personal information to two different systems operating in the same office — and this was information already known to countless other systems with which I’ve had dealings over the years. Why? “Because we’re using two different CRM systems.”

You can look at the problem here as one of scale. Systems such as Oracle’s give companies scale: one way to deal with many different customers. Likewise, customers need one way to deal with many different companies, regardless of what CRM systems they run. This is a fundamental VRM challenge. And it’s one that should be good for CRM too. Win-Win.

You can see how it would work if you imagine being able to  change your phone number or email address, for every company you deal with, in one move. Lots of VRM developers are working on that, but we aren’t there yet.

It helps that we already have the Internet, which bridges many networks (why it’s called internet), along with email, phones and other things that give us one way to deal with many different entities.

But we don’t yet have voices of our own (meaning scale), or we wouldn’t see headlines like the one above.

Giving our voices scale isn’t a CRM job. It’s a VRM job. It also has to be done in a way that speaks directly to the Oracle Service Clouds of the world, engaging what they already have in place.

I know people at Oracle and its competitors who are ready and eager to see VRM developments that speak — literally and figuratively — to their corporate systems. They know VRM is going to make their jobs a lot easier and cause a lot more business to happen and improve.

Conversations are happening, and that’s good. But we also need more development in the direction of convergence. Expect to see reports on that in coming months.

Positive #VRM signs

First, there’s this tweet by @EvaPascoe, featuring this photo (which I just transformed from a trapezoid to a rectangle):

htw-slide

Then there is this from three analysts at KuppingerCole, which has been covering VRM since giving ProjectVRM an award in 2008.

I’ll also be presenting at  VRM et Données Personnelles (VRM and Personal Data) on Tuesday evening in Paris.(Wish I could be there in person, but I’ll be on a good connection from nine time zones west of there.) VRM has been a happening thing in France for awhile now.

Privacy isn’t about secrecy and freedom isn’t about license. Both are about agency.

Agency is the power to act with effect in the world. We have agency when we type on a keyboard, hammer a nail, ride a horse or drive a car.  Here’s a dictionary definition:

a·gen·cy (ā′jən-sē)
noun.

  1. The condition of being in action; operation.
  2. The means or mode of acting; instrumentality.

It is derived from agere: Latin for to do.

We are built to do a lot: with our brains, our opposable thumbs, our lack of fur, our capacity to sweat and to learn — and our strange ability to walk or run on two feet instead of four (almost ceaselessly, at least when we are young and fit) — we can do an amazing variety of things with our bodies.

For what we can’t do, we invent tools and machines. These extend our agency outward through technology. A hammer becomes another length of arm. With one in our hand, we have the power to drive nails with a metal fist. A car gives us an engine and wheels, so we can zoom down roads at dozens of miles (or kilometers) per hour. A plane gives us engines and wings, so we can fly far and high.  Each expands our agency to distant horizons of effect and experience in the world.

Infrastructure and services expand what each and all of us can do as well. But at the base of human capacity is the individual’s ability to do stuff in the world. Or, in a word, agency.

Which brings me to the second world we built alongside the physical one we all share. That second world is the Internet: a Giant Zero shaped by an oddly simple protocol: TCP/IP. Never mind how it works. Just note what it does: reduce to zero the functional distance between everything and everybody on it. Also the cost.

As a way to expand human agency, the Internet has no rivals. It gives all our voices, all our ideas, all our actions, worldwide scale. Any of us can speak, write, publish and much more, across any distance, at levels of inconvenience and cost that veer toward zero.

And we’ve been doing that, routinely, ever since the Internet assumed its current form. (That happened in April 1995, when the NSFnet‘s backbone — one network within the Internet — was decommissioned and commercial activity, which the NSFnet forbade, could begin to flourish across the whole Net.)

The Net has an end-to-end architecture. Every body and every thing is an end point, and the Net’s protocol does its best to move data between any and all of those. This is what Paul Baran, one of the Net’s fathers, described as a distributed design, rather than a centralized or decentralized one. Here is how he illustrated the difference, way back in 1962:

Paul Baran, On Distributed Communications Networks, 1962

And that became the Net’s basic design. Or at least its ideal.

Yet, for the sake of convenience — especially in the early days of the Net, when most of us were still on dial-up — we defaulted to a client-server architecture for deploying servers and services. With client-server, each server is a central point, which makes the Net, in a practical sense, a decentralized thing, rather than a distributed one.

And yet the distributed nature of the Net persists, grounding our agency in the world it defines.

Conflicts between centralized, decentralized and distributed capacities on the Net — and uneven development of tools and services enlarging our agency — are behind many of our crises on the Net today.

Take privacy for example. It’s a huge issue. Survey after survey (e.g. from Pew, TRUSTe and Customer Commons) say that 90% and more of us are concerned about personal privacy on the Net, don’t trust many service providers, or lie and hide to obscure personal identity. Advertising and tracking blockers are the most popular browser extensions, and with good reason: we are still naked on the Net.

That’s because the Net, like nature in the physical world, doesn’t come with privacy installed. We have to make it for ourselves. In the physical world we did it by inventing clothing and shelter. In the virtual world we still don’t have either. Tracking blockers are fig leaves at best. They also all work differently. We are still in early times.

Since we have no privacy yet (other than by staying off the Net, or by isolating ourselves on it by declining to accept cookies and staying away from services such as Google’s and Facebook’s), we tend to think about privacy in terms of secrets: things we don’t want others to know about us. But think instead about what we do to create privacy in the physical world, with clothing and shelter. Both do more than cover our bodies and and our lives. We express both. We also express with them. Our clothing and shelter send signals about ourselves. They speak of our tastes, our gender, our status, our memberships. Most of these speakings are subtle, but many are not. What matters is that they all valve our exposure to others. Buttons and zippers on our clothes speak of what can, can’t and shouldn’t be opened by others, without permission. Doors, shades and shutters on our homes do the same.

All of those things facilitate our agency. We need the same in the networked world.

The main difference is that we’ve had thousands of years to work them out in the physical world, and just twenty in the networked one. In the history of civilization, and even of business, this is close to nothing. We’re barely started.

There will, inevitably, emerge a symbiosis between centralized, decentralized and distributed capacities. Brian Behlendorf uses the term “minimum viable centralization” to label what we’re looking for here. Meanwhile we have maximum viable centralization on a network that is also distributed by design. Just like the humans on it.

We are seeing today a collapse of intermediary institutions. Publishing (e.g. blogs) Hospitality (e.g. Airbnb), dispatch (e.g. Uber), broadcast (e.g. Meerkat and Periscope) and payments (e.g.  Bitcoin) come quickly to mind, and many more are coming along. Yet through all of those there must remain some degree of trust in the graces that institutions — governments and companies — alone can provide. How can their minimum viable agencies help us enlarge our own? That’s the main challenge for the coming years.

The question we need to ask, as we address that challenge through VRM, is this: What is best done by the individual, and what is best done by the institution — and how an the two work together?

To answer that, agency must be key. Without it we’ll only get more centralized BS to distrust.

 

 

 

First we take Oz

Sydneydoc 017-018_combined_medAustralia’s privacy principles are among the few in the world that require organizations to give individuals personal information gathered about them.* This opens the path to proving that we can do more with our own data than anybody else can.

Estimating the size of the personal data management business is like figuring the size of the market for talking or driving. (Note: we can also do more with those than companies can.)

Starting us down this path is  Ben Grubb (@BenGrubb) of the Sydney Morning Herald. Ben requested personal data held by the Australian telco giant Telstra, and found himself in a big fightwhich he won. (Here’s the decision. Telstra is appealing, but they’re still gonna lose.)

Bravo to Ben — not just for whupping a giant, but for showing a path forward for individual empowerment in the marketplace. Thanks to Australia’s privacy principles, and Ben’s illustrative case, the yellow brick road to the VRM future is widest in Oz.

Here (and in New Zealand) we not only have lots of VRM developers (Flamingo, Fourth Party, Geddup, Meeco, MyWave, OneExus, Welcomer and others I’ll insulting by not listing yet), but legal easement toward proving that individuals can do the more with their own data than can the companies that follow us. And proving as well that individuals managing their own data will be good for those companies as well. The data they get will be richer, more accurate,  more contextual, and more useful.

This challenge is not new. It’s as old as our species. The biggest tech revolutions have always been inventions individuals could put to the best use:

  • Stone tools
  • Weaving
  • Smithing
  • Musical instruments
  • Hand-held hunting and fighting tools
  • Automobiles
  • PCs
  • The Internet (which is a node-to-node invention, not an advanced phone or cable company, even though we pay those things for access to it)
  • Mobile phones and tablets
  • Movable type (which would be nowhere without individual authors — and writing tools in the hands of those authors)

There should be symbiosis here. There are things big organizations do best, and things individuals do best. And much that both do best when they work together.

Look at cars, which are a VRM technology: we use them to get around the marketplace, and to help us do business with many companies. They give us ways to be both independent and engaging. But companies don’t drive them. We do. Companies provide parking lots, garages, drive-up windows and other conveniences for drivers. Symbiosis.

So, while Telstra is great at building and managing communication infrastructure and services, its customers will be great at doing useful stuff with the kind of data Ben requested, such as locations, calls and texts — especially after customers get easy-to-use tools and services that help them work as points of integration for their own data, and managers of what gets done with it. There are many VRM developers working toward that purpose, around the world, And many more that will come once they smell the opportunities.

These opportunities are only apparent when you look at the market through your own eyes as a sovereign human being. The same opportunities are mostly invisible when you look at the market from the eye at the top of the industrial pyramid.

Bonus links:


* My understanding is that privacy principles such as the OECD’s and Ontario’s provide guidance but not the full force of law, or means of enforcement. Australia’s differ because they have teeth. See the Determination on page 36 of the Privacy Commissioner’s investigation and decision. Canada’s also has teeth. See the list of orders issued in Ontario. If there are other examples of decisions like this one, anywhere in the world, please let us know.

Declaration of Customer Independence

I published one of these five years ago, way ahead of its time, which I believe has now come. (Evidence:  @BenGrubb‘s victory over Telstra.*)

So here we go again:

Declaration

We hold these truths to be self-evident: that all customers are born free, that they are endowed by their creator with innate abilities to relate, to converse and and to transact — on their own terms, and in their own ways. When sellers have labored long and hard to restrict those freedoms, and to ignore and insult the capacities enjoyed naturally by customers — by speaking, for example, of “targeting,” “capturing,” “acquiring,” “retaining,” “managing,” “locking in” and “owning” customers as if they were slaves  — and when sellers work to inconvenience customers to the exclusive benefit of sellers themselves, for example through “loyalty programs” that require customers to carry around cards that thicken’ wallets and slow checkout in stores, it is the right of customers to obsolete the coercive systems to which both sellers and customers have become accustomed. We do this by providing ourselves with new tools for leveraging our native human powers, for the good of ourselves and sellers alike.

We therefore resolve to construct relationships in which we, the customers, control our own data, hold rights to metadata about ourselves, express loyalty at our own grace, deal in common and standard ways with all sellers and other second and third parties, protect our private persons and spaces, assert fair terms and means of engagement that work in mutually constructive ways for both ourselves and the other parties we engage, for the good of all.

We make this Declaration as free and independent persons, each with full agency, ready to form agreements, make choices, assert commitments, transact business, and otherwise function in the free and open environment we call The Marketplace.

To this we pledge our lives, our fortunes, and our precious time and attention.

Comments and improvements welcome.

*Read the whole thing. It matters. Hugely.

By the way, I’ll be in New Zealand and Australia the week after next, keynoting Identity 2015 in Wellington and Customer Tech X in Melbourne, where I will also be on a number of panels. I’ll also be in Sydney for one day before heading back. Hope I can also hook up with some  of the growing number of VRM companies there. There are many on the VRM Developers List. (More on a separate post later.)

Of vaults and honey pots

Personal Blackbox (pbb.me) is a new #VRM company — or so I gather, based on what they say they offer to users: “CONTROL YOUR DATA & UNLOCK ITS VALUE.”

So you’ll find them listed now on our developers list.

Here is the rest of the text on their index page:

pbbWheel

PBB is a technology platform that gives you control of the data you produce every day.

PBB lets you gain insights into your own behaviors, and make money when you choose to give companies access to your data. The result? A new and meaningful relationship between you and your brands.

At PBB, we believe people have a right to own their data and unlock its benefits without loss of privacy, control and value. That’s why we created the Personal Data Independence Trust. Take a look and learn more about how you can own your data and its benefits.

In the meantime we are hard at work to provide you a service and a company that will make a difference. Join us to participate and we will keep you posted when we are ready to launch.

That graphic, and what seems to be said between the lines, tells me Personal Blackbox’s customers are marketers, not users.  And, as we so often hear, “If the service is free, you’re the product being sold.”

But, between the last paragraph and this one, I ran into Patrick Deegan, the Chief Technology Officer of Personal Blackbox, at the PDNYC meetup. When I asked him if the company’s customers are marketers, he said no — and that PBB (as it’s known) is doing something much different that’s not fully explained by the graphic and text above, and is tied with the Personal Data Independence Trust, about which not much is said at the link to it. (At least not yet. Keep checking back.) So I’ll withhold judgement about it until I know more, and instead pivot to the subject of VRM business models, which that graphic brings up for me.

I see two broad ones, which I’ll call vault and honey pot.

The vault model gives the individual full control over their personal data and what’s done with it, which could be anything, for any purpose. That data primarily has use value rather than sale value.

The honey pot model also gives the individual control over their personal data, but mostly toward providing a way to derive sale value for that data (or something similar, such as bargains and offers from marketers).

The context for the vault model is the individual’s whole life, and selective sharing of data with others.

The context for the honey pot model is the marketplace for qualified leads.

The vault model goes after the whole world of individuals. Being customers, or consumers, is just one of the many roles we play in that world. Who we are and what we do — embodied in our data — is infinitely larger that what’s valuable to marketers. But there’s not much money in that yet.

But there is in the honey pot model, at least for now. Simply put, the path to market success is a lot faster in the short run if you find new ways to help sellers sell.  $zillions are being spent on that, all the time. (Just look at the advertising coming along with that last link, to a search).

FWIW, I think the heart of VRM is in the vault model. But we have a big tent here, and many paths to explore. (And many metaphors to mix.)

« Older posts

© 2015 ProjectVRM

Theme by Anders NorenUp ↑