Month: January 2010

VRM Mojo Working

Think of the industrialized world as Kansas and the Internet as Oz. The difference is actually more radical than that, because the Internet is real. From the perspective of industry, the Internet is actually surreal. It’s a place that calls for depiction by Dalí, or Escher or Magritte. For example, the term “content” suggests a quantity of stuff we can “upload”, “download” and “distribute.” Yet, most of the time we are actually copying and proliferating. That’s because data moves by a process of replication. “The Internet is a copy machine”, Kevin Kelly says.

So, how do we “protect” something that is not a thing, has value, and is easily copied? Well, there are lots of ways, but maybe that’s the wrong question. Maybe the better question is, Who do we share it with, and what decisions about it do we, as a couple, make about it?

Questions about protection usually devolve into arguments about ownership, and that’s a red herring. As Joe Andrieu explains in Beyond Data Ownership to Information Sharing, “sometimes the arguments behind these efforts are based on who owns—or who should own–the data. This is not just an intellectual debate or political rallying call, it often undermines our common efforts to build a better system.” Joe offers five propositions for consideration:

  1. Privacy as secrecy is dead
  2. Data sharing is data copying
  3. Transaction data has dual ownership
  4. Yours, mine, & ours: Reality is complicated
  5. Taking back ownership is confrontational

Of #3, Joe says,

In the movie Fast Times at Ridgemont High, in a confrontation with Mr. Hand, Spicoli argues “If I’m here and you’re here, doesn’t that make it our time?” Just like the time shared between Spicoli and Mr. Hand, the information created by visiting a website is co-created and co-owned by both the visitor and the website. Every single interaction between two endpoints on the web generates at least two owners of the underlying data.

This is not a minor issue. The courts have already ruled that if an email is stored for any period of time on a server, the owner of that server has a right to read the email. So, when “my” email is out there at GMail or AOL or on our company’s servers, know that it is also, legally, factually, and functionally, already their data.

Because of all five points, Joe suggests,

Rather than building a regime based on data ownership, I believe we would be better served by building one based on authority, rights, and responsibilities. That is, based on Information Sharing.

Joe isn’t just talking here. He and others are working on exactly that regime:

At the Information Sharing Work Group at the Kantara Initiative, Iain Henderson and I are leading a conversation to create a framework for sharing information with service providers, online and off. We are coordinating with folks involved in privacy and dataportability and distinguish our effort by focusing on new information, information created for the purposes of sharing with others to enable a better service experience. Our goal is to create the technical and legal framework for Information Sharing that both protects the individual and enables new services built on previously unshared and unsharable information. In short, we are setting aside the questions of data ownership and focusing on the means for individuals to control that magical, digital pixie dust we sprinkle across every website we visit.

Because the fact is, we want to share information. We want Google to know what we are searching for. We want Orbitz to know where we want to fly. We want Cars.com to know the kind of car we are looking for.

We just don’t want that information to be abused. We don’t want to be spammed, telemarketed, and adverblasted to death. We don’t want companies stockpiling vast data warehouses of personal information outside of our control. We don’t want to be exploited by corporations leveraging asymmetric power to force us to divulge and relinquish control over our addresses, dates of birth, and the names of our friends and family.

What we want is to share our information, on our terms. We want to protect our interests and enable service providers to do truly amazing things for us and on our behalf. This is the promise of the digital age: fabulous new services, under the guidance and control of each of us, individually.

And that is precisely what Information Sharing work group at Kantara is enabling.

The work is a continuation of several years of collaboration with Doc Searls and others at ProjectVRM. We’re building on the principles and conversations of Vendor Relationship Management and User Driven Services to create an industry standard for a legal and technical solution to individually-driven Information Sharing.

Our work group, like all Kantara work groups, is open to all contributors–and non-contributing participants–at no cost. I invite everyone interested in helping create a user-driven world to join us.

It should be an exciting future.

It isn’t easy to “set aside questions of data ownership”, of course, because possession is 9/10ths of human perception. We are grabby animals. Our thumbs do not oppose for nothing. We even “grasp” ideas. This is why one of the first words a toddler utters is “mine!”

As it happens, this is also a key insight of The Mine! Project, whose About page says,

The Mine! project is about equipping people with tools and functionality that will help them:

  1. take charge of their data (content, relationships, transactions, knowledge),
  2. arrange (analyse, manipulate, combine, mash-up) it according to their needs and preferences and
  3. share it on their own terms
  4. whilst connected and networked on the web.

The Mine! aims to be an (infra)structure for other solutions – VRM (relationships with individuals and vendors, transactions), self-defined identity, authentication, data portability and hopefully many more.

These and other projects are visited by Neil Davey in a post in MyCustomer.com on VRM and the new tools of engagement. This follows up on an earlier post, based on the same interview with me. I wrote about it as well in How VRM helps CRM.

When we started here at the Berkman Center, the idea was never that we’d do this development ourselves, but would instead provide a place where we could share our thoughts, show our work, do research, publish what we’ve learned, and encourage more development.

Nice to see the mojo working.

Where Markets are Not Conversations

Imagine you’re at a party where you’re introduced to an interesting person who turns out to be a psychologist. You get to talking about personality types. Then, in the course of the conversation, the shrink tells you he’ll give you some insights about yourself, in response to a few questions. You say okay, and in the next few minutes you reveal a portfolio of characteristics: that you’re empathetic and extroverted, a bit disorganized, a lover of old buildings and new music, an ex-jock, mother of three, and a repeat parking rules violator. Then, just when the shrink is about to reveal his insights, he says you first need to give him your business card, and insists that you also choose a password, make up a special nickname for yourself, just for him, to provide your date of birth and then answer a “security question”, just so he’s sure you’re you, or whomever you say you are. After seeing the skeptical look on your face, he tells you all this information is “required”. He also assures you that he has a “privacy policy”, and that if you want to read it, he has it in his back pocket. You say, “Yeah, let me see that.”

The policy tells you that, if you fill out this guy’s form, he will plant on your person a tracking device that will report your movements back to him. Collected data might include the type of car you drive, the routes you take, the names and addresses of the places you visit, and the times and dates for all this activity — just to improve his services and your “experience” of them. The form assures you that this information is all kept “private”, but on terms that he defines, and reserves the right to revise. For example, the form says this guy does not “currently provide” personal information to “third parties”, except for those “who may perform certain services” either through him or on their own. “Nevertheless”, it continues, “I may at a later time choose to make certain offers or services available to you from third parties”.

At the bottom of the form, under a heading titled “Your Consent”, it says “In dealing with me, you consent to the terms of my Privacy Policy, my Terms and Conditions, and my processing of Personal Information for the purposes given above. If you do not agree to this Privacy Policy, please stop talking to me. If you continue talking to me, I reserve the right, at my discretion, to change, modify, add, or remove portions from this Privacy Policy at any time. Your continued conversation with me, after I put a new form like this in my back pocket, means means you accept these changes”.

“This is your ‘Privacy Policy’”? you say.

“Yes”.

“And your ‘Terms and Conditions’ are something else? Did I hear that right?”

“Yes”.

“Let me see those”.

“Okay”, he says, and pulls another form out of his back pocket. He hands it to you.

At the top it says “Terms and Conditions of Use”. Your eye scans down to the all-caps paragraph at the bottom, under the heading “DISCLAIMER OF WARRANTIES”. It says,

YOUR INTERACTION WITH ME IS SOLELY AT YOUR OWN RISK. I AM PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS. I EXPRESSLY DISCLAIMS ALL WARRANTIES OF ANY KIND WITH RESPECT MYSELF, WHETHER EXPRESS OR IMPLIED, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT. I MAKES NO WARRANTY THAT I AND/OR ANYTHING I SAY OR DO WILL MEET YOUR REQUIREMENTS, OR WILL BE UNINTERRUPTED, TIMELY, SECURE, CURRENT, ACCURATE, COMPLETE OR ERROR-FREE OR THAT THE RESULTS THAT MAY BE OBTAINED BY USE OF ME AND/OR ANYTHING I SAY OR DO WILL BE ACCURATE OR RELIABLE. YOU UNDERSTAND AND ACKNOWLEDGE THAT YOUR SOLE AND EXCLUSIVE REMEDY WITH RESPECT TO ANY DEFECT IN OR DISSATISFACTION WITH ME IS TO CEASE CONVERSATION AND WALK AWAY.

So, at this point, what do you do?

If you’re a normal human being, you walk away.

If you’re a normal Web user, you accept all of it, use the provided services, and blithely browse on, carrying a cookie that reports back your activities.

Without normal Web users, sites like SignalPatterns.com, which inspired this post, would not be able to do what they do.

I was directed this morning by a friend to SignalPatterns, which I had never heard of before. At the top of SignalPatterns’ home page it says they develop “psychology-based mobile and web applications that help their well-being and relationships with others”. Their iPhone apps include Stress Free with Deepak Chopra and Great Career from Franklin Covey. They have social network apps that run on Facebook. They have Web apps that test for musical tastes, parenting styles and personality patterns. I took the last one of those. That’s where, just after flashing the results, they turned the screen gray and gave me one of these:

signalpatterns1

I followed the Privacy Policy link from there, and then the Terms and Conditions link from the Privacy Policy. Text from those was barely altered (to make it personal rather than corporate) from those originals.

So, why do companies behave like this? Why do they act on the Web in ways that nobody would act in person, whether at a party or even in the privacy of, say, a doctor’s office? The answer is that the Web isn’t human. At least not yet.

You are not a human being on the Web. In fact, as Paul Trevithick put it (at one of our first VRM meetings at the Berkman Center), the Web has no concept of a human being. It is fundamentally an arrangement of files and connections between those files. Hyperlinks on the Web may subvert hieraraches, especially when they are authored by human beings (such as here, in a blog, which is a human expression); but the Web itself is oblivious to that. We still lack the means, on top of the Web (and the Net) to form and maintain relationships that are anything more than a very crude, partial and highly distorted imitation of those we have out in the real, human, social world.

Put another way, social contracts in cyberspace have a long way to go before they catch up with those in real-world social space. In fact, they may be two hundred and fifty years behind. “Man is born free, and everywhere he is in chains”, Rousseau wrote (in The Social Contract, Or Principles of Political Right (Du contrat social ou Principes du droit politique), in 1762. The Age of Enlightenment followed, during which we began to work out a variety of social contracts involving governance, commerce, education and religion. I submit that we have hardly begun to do the same on the Net or the Web.

“Markets are conversations,” the famous first thesis of The Cluetrain Manifesto (and later a chapter of the book by the same title) was meant to help model the social contract in cyberspace after the ones we have in meat/meet space. This has happened only in those places where the interactions are most human. It has barely happened where the interactions are most corporate.

I am sure that SignalPatterns is a fine company. The person who recommended them to me says they’re among the best of their type. But, in the absence of a social contract that says “this is a line you will not cross,” the line simply isn’t there. And, in its absence, systems for scaffolding real relationships, modeled on real interactions between real human beings, don’t get built.

We’ve been talking lately on the ProjectVRM list about defining that line, perhaps by creating a site where we can talk about it. The idea would not be to beg companies for better treatment (which would be like petitioning sovereigns in Rousseau’s time for rights they would rather not yield), but to explore how best to define in cyberspace those lines of rudeness one either does not find in civilized discourse, or finds only where suckers don’t get an even break. (Meaning, a lot of real-world business, still.)

Your thoughts are invited.

© 2014 ProjectVRM

Theme by Anders NorenUp ↑