Month: September 2010

Do we have to “trade off” privacy?

Look up privacy trade-offs and you’ll get more than 150,000,000 results. The assumption in many of those is that privacy is something one can (and often should) trade away. Also that privacy trading is mostly done with marketers and advertisers, the most energetic of which take advantage of social media such as and .

I don’t think this has to be so.

One example of a trade-off story is this one on public radio’s Marketplace program, which I heard this evening. It begins with the case of Shea Sylvia, a FourSquare user who got creeped out by an unwelcome call from a follower who knew her location. Marketplace’s Sally Herships says,

There are millions of Sylvias out there, giving away their private information for social reasons. More and more, they’re also trading it in for financial benefits, like coupons and discounts. Social shopping websites like Blippy and Swipely let shoppers post about what they buy. But first they turn over the logins to their e-mail accounts or their credit card numbers, so their purchases can be tracked online.

Later, there’s this (the voice is Herships again):

Alessandro Acquisti researches the economics of privacy at Carnegie Mellon, and he says the value we put on privacy can easily shift. In other words, if giving away your credit card information or even your location in return for a discount or a deal seems normal, it must be OK.

ALESSANDRO ACQUISTI: Five years ago, if someone told you that there’d be lots of people going online to show, to share with strangers their credit card purchases, you probably would have been surprised, you probably would thought, “No, I can’t believe this. I wouldn’t have believed this.”

But Acquisti says, when new technologies are presented as the norm, people accept them that way. Like social shopping websites.

HERSHIPS: So the more we use sites like Blippy, the more we’ll use sites like Blippy?

ACQUISTI: Or Blippy 2.0.

Which Acquisti says will probably be even more invasive, because as time passes, we’re going to care less and less about privacy.

Back in Kansas City Shea Sylvia is feeling both better and worse. She thinks the phone call she got that night at the restaurant was probably a prank. But it was a wake up call.

What we’re dealing with here is an evanescent norm. A fashion. A craze. I’ve indulged in it myself with FourSquare, and at one point was the “mayor” of ten different places, including the #77 bus on Mass Ave in Cambridge. (In fact, I created that location.) Gradually I came to believe that it wasn’t worth the hassle of “checking in” all over the place, and was worth nothing to know Sally was at the airport, or Bill was teaching a class, or Mary was bored waiting in some check-out line, much as I might like all those people. The only time FourSquare came in handy was when a friend intercepted me on my way out of a stop in downtown Boston, and even then it felt strange.

The idea, I am sure, is that FourSquare comes to serve as a huge central clearing house for contacts between companies selling stuff and potential buyers (that’s you and me) wandering about the world. But is knowing that a near-infinite number of sellers can zero in on you at any time a Good Thing? And is the assumption that we’re out there buying stuff all the time not so wrong as to be insane?

Remember that we’re the product being sold to advertisers. The fact that our friends may be helping us out might be cool, but is that the ideal way to route our demand to supply? Or is it just one that’s fun at the moment but in the long term will produce a few hits but a lot of misses—some of which might be very personal, as was the case with Shea Silvia? (Of course I might be wrong about both assumptions. What I’m right about is that FourSquare’s business model will be based on what they get from sellers, not from you or me.)

The issue here isn’t how much our privacy is worth to the advertising mills of the world, or to intermediaries like FourSquare. It’s how we maintain and control our privacy, which is essentially priceless—even if millions of us give it away for trinkets or less. Privacy is deeply tied with who we are as human beings in the world. To be fully human is to be in control of one’s self, including the spaces we occupy.

An excellent summary of our current privacy challenge is this report by Joy L. Pitts (developed as part of health sciences policy development process at the Institute of Medicine, the health arm of the National Academy of Sciences). It sets context with these two quotes:

“The makers of the Constitution conferred the most comprehensive of rights and the right most valued by all civilized men—the right to be let alone.”

—Justice Louis Brandeis (1928)

“You already have zero privacy anyway. Get over it.”

—Scott McNealy, Chairman and CEO of Sun Microsystems (1999)

And, in the midst of a long, thoughtful and well-developed case, it says this (I’ve dropped the footnotes, which are many):

Privacy has deep historical roots. References to a private domain, the private or domestic sphere of family, as distinct from the public sphere, have existed since the days of ancient Greece.  Indeed, the English words “private” and “privacy” are derived from the Latin privatus, meaning “restricted to the use of a particular person; peculiar to oneself, one who holds no public office.” Systematic evaluations of the concept of privacy, however, are often said to have begun with the 1890 Samuel Warren and Louis Brandeis article, “The Right of Privacy,” in which the authors examined the law’s effectiveness in protecting privacy against the invasiveness of new technology and business practices (photography, other mechanical devices and newspaper enterprises). The authors, perhaps presciently, expressed concern that modern innovations had “invaded the sacred precincts of private and domestic life; and . . . threatened to make good the prediction that ‘what is whispered in the closet shall be proclaimed from the house-tops.’” They equated the right of privacy with “the right to be let alone” from these outside intrusions.

Since then, the scholarly literature prescribing ideal definitions of privacy has been “extensive and inconclusive.” While many different models of privacy have been developed, they generally incorporate concepts of:

  • Solitude (being alone)
  • Seclusion (having limited contact with others)
  • Anonymity (being in a group or in public, but not having one’s name or identity known to others; not being the subject of others’ attention)
  • Secrecy or reserve (information being withheld or inaccessible to others)

In essence, privacy has to do with having or being in one’s own space.

Some describe privacy as a state or sphere where others do not have access to a person, their information, or their identity. Others focus on the ability of an individual to control who may have access to or intrude on that sphere. Alan Westin, for example, considered by some to be the “father” of contemporary privacy thought, defines privacy as “the claim of individuals, groups or institutions to determine for themselves when, how and to what extent information about them is communicated to others.” Privacy can also be seen as encompassing an individual’s right to control the quality of information they share with others.

In the context of personal information, concepts of privacy are closely intertwined with those of confidentiality and security. Privacy addresses “the question of what personal information should be collected or stored at all for a given function.” In contrast, confidentiality addresses the issue of how personal data that has been collected for one approved purpose may be held and used by the organization that collected it, what other secondary or further uses may be made of it, and when the permission of the individual is required for such uses.Unauthorized or inadvertent disclosures of data are breaches of confidentiality. Informational security is the administrative and technological infrastructure that limits unauthorized access to information. When someone hacks into a computer system, there is a breach of security (and also potentially, a breach of confidentiality). In common parlance, the term privacy is often used to encompass all three of these concepts.

Take any one of these meanings, or understandings, and be assured that it is ignored or violated in practice by large parts of today’s online advertising business—for one simple reason (I got from long ago): Individuals have no independent status on the Web. Instead we have dependent status. Our relationships (and we have many) are all defined by the entities with which we choose to relate via the Web. All those dependencies are silo’d in the systems of sellers, schools, churches, government agencies, social media, associations, whatever. You name it. You have to deal with all of them separately, on their terms, and in their spaces. Those spaces are not your spaces. (Even if they’re in a place called . Isn’t it weird to have somebody else using the first person possessive pronoun for you? It will be interesting to see how retro that will seem after it goes out of fashion.)

What I’m saying here is that, on the Web, we do all our privacy-trading in contexts that are not out in the open marketplace, much less in our own private spaces (by any of the above definitions). They’re all in closed private spaces owned by the other party—where none of the rules, none of the terms of engagement, are yours. In other words, these places can’t be private, in the sense that you control them. You don’t. And in nearly all cases (at least here in the U.S.), your “agreements” with these silos are contracts of adhesion that you can’t break or change, but the other party can—and often does.

These contexts have been so normative, for so long, that we can hardly imagine anything else, even though we have that “else” out here in the physical world. We live and sleep and travel and get along in the physical world with a well-developed understanding of what’s mine, what’s yours, what’s ours, and what’s none of those. That’s because we have an equally well-developed understanding of bounded spaces. These differ by culture. In her wonderful book , Polly Platt writes about how French —comfortable distances from others—are smaller than those of Americans. The French feel more comfortable getting close, and bump into each other more in streets, while Americans tend to want more personal space, and spread out far more when they sit. Whether she’s right about that or not, we actually have personal spaces on Earth. We don’t on the Web, and in Web’d spaces provided by others. (The Net includes more than the Web, but let’s not get into that here. The Web is big enough.)

So one reason that privacy trading is so normative is that dependency requires it. We have to trade it, if that’s what the sites we use want, regardless of how they use whatever we trade away.

The only way we can get past this problem (and it is a very real one) is to create personal spaces on the Web. Ones that we own and control. Ones where we set the terms of engagement. Ones where we decide what’s private and what’s not.

In the VRM development community we have a number of different projects and companies working on exactly this challenge.  is pure open source and has a self-explanatory name. Others (, and others) are open in many ways as well, and are working together to create (or put to use) common code, standards, protocols, terminologies and other conventions on which all of us can build privacy-supporting solutions. You’ll find links to some of the people involved in those efforts (among others) in Personal Data Stores, Exchanges, and Applications, a new post by  (of Switchbook). There’s also the One example is the and at . (For more context on that, check out Iain Henderson’s unpacking of the .) There’s also our own work at ProjectVRM and , which has lately centered on developing -like legal tools for both individuals and companies.  What matters most here is that a bunch of good developers are working on creating spaces online that are as natural, human, personal—and under personal control—as the ones we enjoy offline.

Once we have those, the need for privacy trade-offs won’t end. But they will begin to make the same kind of down-to-Earth sense they do in the physical world. And that will be a huge leap forward.

VRM+FSW+PDS

Markus 3 visionsHere’s a great video by Markus Sabadello. It draws, literally, the connections between VRM, the Federated Social Web, and Personal Data Stores.

Here’s his blog post on the same topic, which also includes the video. Dig ‘em.

In case you’re wondering, he’s standing in Austria, with the Danube and Slovakia in the distance.

VRMomentum

Thanks to a question from , VRM is now on the radar of , a business consulting group I have followed and respected for nearly two decades. Much of what we’re doing with VRM is right in line with what Peppers & Rogers have been writing and talking about for the duration, so I’m not surprised to see them groking VRM in just one pass. Responding to Rebecca, posted VRM: Next Destination in Technology’s March?, where he says this:,

Think about it: “Management” is synonymous with control or direction by someone, while “social” represents an inherently collective, non-managed value. Trying to describe “social CRM” in other words, is something like trying to describe “citrus watermelon.” And in fact, many of the pioneers in SCRM are finding that in order to have any traction at all in social media they must first give up control – that is, they must admit that they cannot by themselves “manage” the process or its outcomes.

But the VRM idea may just describe the next destination in this march of technology. In our view, VRM makes the most sense for consumers when the process involves highly personal computers with mobile applications that allow consumers to mange their own information more directly, even as they continue to participate in the economic system, buying products and services and putting them to use.

Whether VRM actually takes root or not, however, depends on whether the right intermediaries spring to life to facilitate it. In The One to One Future, back in 1993, we speculated that eventually a form of business would emerge that we termed a “privacy intermediary.” This would be a business that would collect an individual’s personal information and use it to extract the best possible deal from a vendor while protecting the person’s privacy – that is, without allowing the vendor to gain its own access to the individual (see Chapter 9.)

Martha and I often say that if we made one big error in the predictions inside this book, it was overestimating the degree of interest consumers would have in protecting their own privacy. We thought privacy intermediation would be a big business, but so far this just hasn’t happened. On the other hand, it may be that technology has now reached the point that this kind of intermediary function might soon be handled as a simple mobile phone app. And when that happens, VRM will arrive for real.

Don & Martha, if you’re reading this, check out . (Also find more background on VRM here, here and here.)  And look here for some examples of efforts that qualify as “privacy intermediaries.” I think Azigo, , , and  are all in that ball park, each with different roles. (For more on that park, see Joe Andrieu’s series on user driven services.)

I need to add, however, that we don’t always need intermediaries. VRM is about independence as well as engagement. We need self-hosted and self-directed solutions as well. We also need to build on free and open code, standards and protocols if we don’t want VRM to become as silo’d as “social media” have become. (The big two, Twitter & Facebook, are both companies, not functional categories.) This is what is for. Also , the code-child of , whose fingerprints are also on both Twitter and Oauth. Here’s a nice interview with Blaine by Tom Murphy at .

has a customarily thoughtful post with The customer is not king. He explains,

…today that’s changing and we can look at the world through a different lens – that of the decision-maker (the person) rather than that of the decision-influencer (the seller). Once you do this it quickly becomes apparent that this meta-need – to make (and implement) better decisions – is bigger than all other needs (for chocolates, for cars, for current accounts etc) because it embraces them all, subsuming them into the bigger task of achieving what the person (not the seller) wants to achieve.

Person- or buyer-centric services then, sit on the side of the individual, helping the individual achieve what the individual wants to achieve, including managing relationships with many different suppliers more efficiently and more effectively (VRM, or Vendor Relationship Management). The central questions here are, What challenges does the person face when doing this? How to do it better?

The difference between now and say, twenty years ago, is that twenty years ago this person-centric perspective was operationally irrelevant. You couldn’t do anything practical to help people address these challenges. When marketers said ‘the customer is king’, it was just a disguised way of saying ‘the organisation is king’.

Now, however, as information becomes a tool in the hands of the individual, that’s changing. The organisational king is being deposed. This is not about superficial changes in ‘how to achieve the same old marketing goals better’. For example, it’s got nothing to do with arguments about whether it’s easier, cheaper or better to get marketing messages across via social media or mass advertising. It’s a deep, structural, tectonic, remorseless and comprehensive transformation in the relationship between individuals and organisations.

And if you keep on looking in the customer mirror, you simply won’t see it coming.

Denis Pombriant, who was a very helpful contributor to VRM+CRM 2010 a couple weeks ago at Harvard (with big thanks again to the Berkman Center staff), followed with VRM, CRM and Social Media. While mostly complimentary, Denis adds,

I can’t say the same for VRM and that’s one of the big hang-ups for it.  Who makes VRM and who pays for it?  The customers don’t seem interested in paying for anything so don’t look there.  And savvy vendors tend to look at VRM as slitting their own throats.  Pretty quickly you realize that while there is a need for what VRM does, there doesn’t seem to be a constituency ready to pay for it.

Well, we’ll see. Customers will pay for lots of stuff that has real value, provided the means are provided. When the only easy way to get digital music was Napster, everybody talked about how nobody wanted to pay for music anymore. Then Apple made it easy to pay 99¢ per tune, and since then more than ten billion tunes have been sold on iTunes alone. Mobile apps are another one. At a more mundane level, how about coffee. Before Starbucks, coffee was one of the cheapest drinks you could get. Now the new norm is $3+ for a cappuccino or a latte.

But Denis’ point is well-taken. VRM solutions need to provide real value to customers, or those solutions won’t thrive in the marketplace. Some of that value will come from free stuff that business can be built on. Some will come from services that customers — or somebody — will pay for.

David Cutler also has a nice post on VRM, borrowing a very helpful graphic from Julian Gay, which was the subject of much discussion at VRM+CRM 2010. A gallery of pix is here.

And the Danish Magazine  interviewed me, about VRM, e a few weeks back. The piece is up now, in Dansk. Here’s a blog post about it in English, with a short video by , shot over lunch outside in Paris. Scenario also got some great shots of me, also in Paris, to go with the piece.

Finally (for now), check out this Klint Finley interview with Josh Bernoff on Josh’s new book (co-authored with Ted Schadler, Empowered. I dunno if VRM comes up in there, but VRM is certainly more than consistent with the title.

VRM+CRM Follow-Up

It’s been a week since VRM+CRM 2010, and there have been many conversations on private channels (emails, face-to-face, phone-to-phone, face-to-faces), all “processing,” as they say. Meanwhile we also have some very interesting postings to chew on. (Note: This is cross-posted here.)

First, Bill Wendell‘s RealEstateCafe wiki has a nice outline of sessions at the workshop. Better than our own, so far, I might add. Great notes behind his many links, and an excellent resource.

Next, there is Katherine Warman Kerns’s Making Sense of Things (which follows her HuffPo piece, Will VRMCRM2010 disrupt ambiguity?). Here Katherine puts on some hats we both shared as veterans of the advertising and media businesses, and does some great thinking out loud about better ways for marketing energy to be spent than CRM, online advertising and FSIs (I believe these are Free Standing Inserts). An excerpt:

What if that 3% in CRM, the 1% in FSI’s, and the less than 1% online are the same heavy TV watchers with nothing better to do?You’d think there would be a lot of investment in innovation to develop “something better”, but innovators are getting mixed signals from advertisers.  Most businesses still advertise  in order to convince retailers and/or Wall Street that they are supporting the brand.

Few outsiders understand that advertising has become a business to business marketing tactic more than a business to “consumer” tactic. Instead of paying attention to advertising spending trends -  dropping from 40.6 % of the total media/marketing industry in 1975 to 17.2% in 2009 . . . . . .  the Venture world pays attention to the proportional amount spent on different tactics: “what this chart (provided by GOOGLE’s Hal Varian) says is that over that past decade Internet has gone from nothing to 5% of all the ad spend in the US”.  As I point out in my comment on this post, “At 5% of 17.2% that puts internet advertising at less than 1% of total media/marketing revenues. “

Ignoring this fundamental change in the market, an amazing amount of money is wasted on investing in incremental change.  For example, the race is on (reportedly, over $40 Billion a year) to upgrade CRM technology to improve predictive accuracy so that 3% will go up.

I’m all for continuous improvement process . . .  but, when the starting point is single digit success and that success may not even be among the desirable demographic who leaves the house, doesn’t it make sense to spend some of that money developing Plan B?

Hey if everyone on the team is aiming for the same corner of the goal with a single digit success rate, doesn’t it make sense to develop the skill to go after the remaining 90%+ of the goal?Until something better comes along, a market leader, P&G is quietly investing in the “new media” segment, “custom digital publishing”, to reach their target with less waste and to identify “thought leaders” to engage in their leading edge open innovation process.  Two examples are beinggirl.com and the partnership with NBCU to produce lifegoesstrong.com.

A new technology movement is creating a possibility to offer something even better: making it possible to shift the paradigm from improving Business to Customer communications to improving Customer to Business communication. Instead of wasting money on better ways to interrupt customers with messages, the customers are enabled to tell business when and what they want information. Project Vendor Relationship Management is the thought leadership evangelizing this premise and encouraging technology development.  On August 26-27, a workshop calledVRMCRM2010 introduced many of these technologies to VRM fans and receptive CRM professionals.

Media has an opportunity to use this technology to give all participants “The Freedom to be Ourselves”.   Instead of self-censuring because of uncertainty over what, with whom, or when their participation will be available for exploitation in “cyberspace”, participants may manage the release of identity, content, and information “in context”.   AND this control can be mutual – for  the “formerly known as audience”, the “formerly known as creative content producers”**, and the “formerly known as advertisers”.

Mutual benefit has the potential to breakdown the siloes which are barriers to collaborate on innovation.  Indeed, VRMCRM- like technologies offer a blank canvas of possibilities for media and marketing innovation to  disrupt ambiguity.

Next, Dan Miller’s In Spite of Investment in “Social CRM”, Enterprises are Still not Paying Attention. Dan, who led the CRM panel at the workshop, sees CRM and social CRM as a train wreck in progress:

…current solutions that are based in CRM and social CRM capture and conduct analysis on a broad set of customer generated data and metadata. Companies think they are doing a better job of paying attention but, whether they admit it to themselves or not, they continue to use their resources to analyze activity, target messages and promotions and influence future activity. That’s not listening or engaging in a meaningful conversation.

VRM involves a totally different engagement model. “Users” (be they shoppers, searchers, mobile subscribers or “other”) initiate conversations with their selected vendors through a trusted resource or advocate. They can compare notes with other shoppers/customers and, while they may be loyal to a brand, they are more loyal to themselves and their peers. In the ideal, the power shifts to the shopper in ways that will disintermediate traditional channels (like the contact center) and influencers (meaning commercials and advertisements).

The train wreck is not the result of there being too many names for the social CRM phenomenon, it is that CRM and VRM are on a collision course whereby one side seeks to grant more power to buyers while the other seeks to retain nearly all the power by pretending to do a better job of listening.

On the other hand, Denis Pombriant sees social CRM as having some promise for VRM, and writes about that in VRM’s Missing Ingredient, also posted as VRM and CRM Meet. An excerpt:

The great thing about social CRM is that it lets the genie out of the bottle.  It introduces randomness and uncertainty to the puzzle and that’s largely a good thing.  You can’t program a customer relationship, there are too many permutations and customers do things you just can’t always predict.

My big takeaway from the conference is the wisdom of crowds, the idea that since you can’t predict, take a deep breath and stop trying.  Instead, just ask the customer and, if you do it right, you’ll get amazing insights.  It struck me that the wisdom of crowds is, perhaps, one thing that VRM could incorporate with great success.

Mitch Lieberman (@mjayliebs) put up a nice summary of #vrmcrm2010 tweets through September 1Here’s the current Twitter search for the tag.

Even though the workshop was well-attended by CRM folks (and some of their customers), I was struck by how widely varied that business actually is. The distinction between CRM and sCRM is but one of very many.

In fact I had already been schooled on this by my old friend Larry Augustin, whom I got to know well back when he was a major force in the Linux community, and now runs SugarCRM. You can’t have a $15 billion (give or take… I still haven’t seen any numbers since 2008) business without a great deal of variation in what is sold to whom, and how it is used.

And, of course, relating to customers is not the sole province of CRM itself. I would bet that most customer-supporting corporate Twitter entities (e.g. @BigCoCares) began as individual efforts within their companies, completely outside those companies’ CRM systems, including call centers. These as a class now qualify as sCRM, I suppose. But in any case, it’s complicated.

So is VRM, of course. It starts from the individual, but can go in many directions after that. Here are a few of my own take-aways, all arguable, of course:

  1. You can’t get to VRM from CRM, or even sCRM, any more than you can get to personal from social. But VRM needs to engage both. And both need to engage VRM.
  2. You can’t get to VRM from advertising, either. Trying to make VRM from advertising is like trying to make green from red. The closest you’ll get is brown.
  3. We have code, and were able to show some off (or at least talk about it), and that was great. Adam Marcus’ talk on r-buttons, while delayed by equipment failings (not his — the classroom’s built-in projection system on Day One was flaky), showed how users and site owners could signal their intentions toward each other with symbols that actually worked. Renee Lloyd unpacked the (very friendly) legal side of that too. Iain Henderson gave a nice forecast of the Personal Data Store (PDS) trials that MyDex will be running in the UK shortly. Phil Windley vetted the work Kynetx is doing with the Kynetx Rules Language (KRL). It also amazed me that, even when the workshop was over, many people stayed late, on a Friday, to see Craig Burton give a quick demonstration of KRL at work. (See the photo series that starts here.) Joe Andrieu didn’t show his code at work, but gave a great talk on how search is more than queries. I could go on, but to sum up: this was a watershed moment for the VRM community.
  4. It’s still early. Maybe very early. At the end of the workshop I was asked the What’s Next question. My reply was that it’s great to see a fleet of planes airborne after watching them head down the runway for three years — and that they’re all heading in different directions. Also, they’re not the only planes. Beyond that the future is what we make it, and we’ve still got a lot of making to do.
  5. VRM+CRM is a live topic. There was much talk afterward of next steps with workshops, conferences and other kinds of gatherings, in addition to a list for people wanting to follow up with focused conversation. Stay tuned for more on all that.
  6. VRM is not just the counterpart of CRM. There are VRM efforts, such as The Mine! Project, that address one-to-one relating outside the scope both of identity systems (from which some VRM efforts originated) and of CRM. These also matter a great deal, and are very close to the heart of VRM’s mission.
  7. GRM has mojo going. Two years ago, Britt Blaser was the only GRM guy at that VRM workshop, and had trouble drawing a crowd. This time he brought his own crowd, and drew a bigger one. Very encouraging.
  8. I’m still not entirely sure what ProjectVRM should become as it spins out of the Berkman Center. I want it to be lightweight and useful. I’ll be involved, obviously; and we’ll always have a kinship connection with Berkman. Specifics beyond that are forthcoming, probably in the next three weeks.

I’ll think of others, but I’m out of time right now. Please add your own. And thanks again to everybody who participated. It was a great workshop.

© 2014 ProjectVRM

Theme by Anders NorenUp ↑