Category: Personal Cloud (Page 1 of 4)

VRM Day: Starting Phase Two

October 17, 2016 / Doc Searls / 0 Comments

VRM Day is today, 24 October, at the Computer History Museum. IIW follows, over the next three days at the same place. (The original version of this post was October 17.)

We’ve been doing VRM Days since (let’s see…) this one in 2013, and VRM events since this one in 2007. Coming on our tenth anniversary, this is our last in Phase One.

The Rolling snowball difference between Phase One and Phase Two is that between rocks and snowballs. In Phase One we played Sisyphus, pushing a rock uphill. In Phase Two we roll snowballs downhill.

Phase One was about getting us to the point where VRM was accepted by many as a thing bound to happen. This has taken ten years, but we are there.

Phase Two is about making it happen, by betting our energies on ideas and work that starts rolling downhill and gaining size and momentum.

Some of that work is already rolling. Some is poised to start. Both kinds will be on the table at VRM Day. Here are ones currently on the agenda:

VRM + CRM via JLINC. See At last: a protocol to link VRM and CRM. , and The new frontier for CRM is CDL: customer driven leads. This is a one form of intentcasting that should be enormously appealing to CRM companies and their B2B corporate customers. Speaking of which, we also have—
Big companies welcoming VRM. Leading this is Fing, a French think tank that brings together many of the country’s largest companies, both to welcome VRM and to research (e.g. through Mesinfos) how the future might play out. Sarah Medjek of Fing will present that work, and lead discussion of where it will head next. We will also get a chance to participate in that research by providing her with our own use cases for VRM. (We’ll take out a few minutes to each fill out an online form.)
Terms individuals assert in dealings with companies. These are required for countless purposes. Mary Hodder will lead discussion of terms currently being developed at Customer Commons and the CISWG / Kantara User Submitted Terms working group (Consent and Information Sharing Working Group). Among other things, this leads to—
Next steps in tracking protection and ad blocking. At the last VRM Day and IIW, we discussed CHEDDAR on the server side and #NoStalking on the individual’s side. There are now huge opportunities with both, especially if we can normalize #NoStalking terms for all tracking protection and ad blocking tools. To prep for this, see Why #NoStalking is a good deal for publishers, where you’ll find the image on the right, copied from the whiteboard on VRM Day.
Blockchain, Identity and VRM. Read what Phil Windley has been writing lately distributed ledgers (e.g. blockchain) and what they bring to the identity discussions that have been happening for 22 IIWs, so far. There are many relevancies to VRM.
Personal data. This was the main topic at two recent big events in Europe: MyData2016 in Helsinki and PIE (peronal information economy) 2016 in London. The long-standing anchor for discussions and work on the topic at VRM Day and IIW is PDEC (Personal Data Ecosystem Consortium). Dean Landsman of PDEC will keep that conversational ball rolling. Adrian Gropper will also brief us on recent developments around personal health data as well.
Hacks on the financial system. Kevin Cox can’t make it, but wants me to share what he would have presented. Three links: 1) a one minute video that shows why the financial system is so expensive, 2) part of a blog post respecting his local Water Authority and newly elected government., and 3) an explanation of the idea of how we can build low-cost systems of interacting agents. He adds, “Note the progression from location, to address, to identity, to money, to housing. They are all ‘the same’.” We will also look at how small business and individuals have more in common than either do with big business. With a hint toward that, see what Xero (the very hot small business accounting software company) says here.
What ProjectVRM becomes. We’ve been a Berkman-Klein Center project from the start. We’ve already spun off Customer Commons. Inevitably, ProjectVRM will itself be spun off, or evolve in some TBD way. We need to co-think and co-plan how that will go. It will certainly live on in the DNA of VRM and VRooMy work of many kinds. How and where it lives on organizationally is an open question we’ll need to answer.

Here is a straw man context for all of those and more.

Top Level: Tools for people. These are ones which, in legal terms, give individuals power as first parties. In mathematical terms, they make us independent variables, rather than dependent ones. Our focus from the start has been independence and engagement.
- VRM in the literal sense: whatever engages companies’ CRM or equivalent systems.
- Intentcasting.
- PIMS—Personal Information Management Systems. Goes by many names: personal clouds, personal data stores, life management platforms and so on. Ctrl-Shift has done a good job of branding PIMS, however. We should all just go with that.
- Privacy tools. Such as those provided by tracking protection (and tracking-protective ad blocking).
- Legal tools. Such as the terms Customer Commons and the CISWG are working on.
- UI elements. Such as the r-button.
- Transaction & payment systems. Such as EmanciPay.

Those overlap to some degree. For example, a PIMS app and data store can do all that stuff. But we do need to pull the concerns and categories apart as much as we can, just so we can talk about them.

Kaliya will facilitate VRM Day. She and I are still working on the agenda. Let us know what you’d like to add to the list above, and we’ll do what we can. (At IIW, you’ll do it, because it’s an unconference. That’s where all the topics are provided by participants.)

Again, register here. And see you there.

Save

VRM at MyData2016

August 30, 2016 / Doc Searls / 0 Comments

mydata2016-image

As it happens I’m in Helsinki right now, for MyData2016, where I’ll be speaking on Thursday morning. My topic: The Power of the Individual. There is also a hackathon (led by DataBusiness.fi) going on during the show, starting at 4pm (local time) today. In no order of priority, here are just some of the subjects and players I’ll be dealing with, talking to, and talking up (much as I can):

Terms individuals can assert (rather than ones others assert and individuals agree to), at Customer Commons, which is also working on a #nostalking term. (More here.)
The Consent and Information Sharing Working Group at Kantara, which is working with Customer Commons on terms, and also on Consent Receipts.
UMA (User Managed Access), “an OAuth-based protocol designed to give a web user a unified control point for authorizing who and what can get access to their online personal data, content, and services, no matter where all those things live on the web.”
JLINC, a protocol that can connect VRM and CRM by providing “signed agreements about how digital content can be shared on the internet.” These can also establish data provenance, for a chain of custody for data.
CHEDDAR, “a basic set of technical choices that make web ads work in a signal-carrying way, and restore market power to news sites.”
DoNotTrack, which has been around since ’09. You can see who’s obeying it, who’s not, and how, with Baycloud Bouncer, a Chrome extension.
The MyData Reference Architecture, which frames MyData2016.
OAuth, because it’s here, and huge, and works pretty well. (See Justin Richer’s presentation.)
ControlThings, CozyCloud, DataBusiness.fi, Digi.me, Digital Me Server, MasS-API, Meeco (with Meeco Labs), FreedomBox, PLR (Personal Life Repository),and Synergetics, all of which are a subset of VRM players present here at MyData2016.

Please let me know what others belong on this list. And see you at the show.

Save

The Castle Doctrine

June 19, 2016 / Doc Searls / 3 Comments

home castle

The Castle doctrine has been around a long time. Cicero (106–43 BCE) wrote, “What more sacred, what more strongly guarded by every holy feeling, than a man’s own home?” In Book 4, Chapter 16 of his Commentaries on the Laws of England, William Blackstone (1723–1780 CE) added, “And the law of England has so particular and tender a regard to the immunity of a man’s house, that it stiles it his castle, and will never suffer it to be violated with impunity: agreeing herein with the sentiments of ancient Rome…”

Since you’re reading this online, let me ask, what’s your house here? What sacred space do you strongly guard, and never suffer to be violated with impunity?

At the very least, it should be your browser.

But, unless you’re running tracking protection in the browser you’re using right now, companies you’ve never heard of (and some you have) are watching you read this, and eager to use or sell personal data about you, so you can be delivered the human behavior hack called “interest based advertising.”

Shoshana Zuboff, of Harvard Business School, has a term for this:surveillance capitalism, defined as “a wholly new subspecies of capitalism in which profits derive from the unilateral surveillance and modification of human behavior.”

Almost across the board, advertising-supported publishers have handed their business over to adtech, the surveillance-based (they call it “interactive”) wing of advertising. Adtech doesn’t see your browser as a sacred personal space, but instead as a shopping cart with ad space that you push around from site to site.

So here is a helpful fact: we don’t go anywhere when we use our browsers. Our browser homes are in our computers, laptops and mobile devices. When we “visit” a web page or site with our browsers, we actually just request its contents (using the hypertext protocol called http or https).

In no case do we consciously ask to be spied on, or abused by content we didn’t ask for or expect. That’s why we have every right to field-strip out anything we don’t want when it arrives at our browsers’ doors.

The castle doctrine is what hundreds of millions of us practice when we use tracking protection and ad blockers. It is what called the new Brave browser into the marketplace. It’s why Mozilla has been cranking up privacy protections with every new version of Firefox . It’s why Apple’s new content blocking feature treats adtech the way chemo treats cancer. It’s why respectful publishers will comply with CHEDDAR. It’s why Customer Commons is becoming the place to choose No Trespassing signs potential intruders will obey. And it’s why #NoStalking is a good deal for publishers.

The job of every entity I named in the last paragraph — and every other one in a position to improve personal privacy online — is to bring as much respect to the castle doctrine in the virtual world as we’ve had in the physical one for more than two thousand years.

It should help to remember that it’s still early. We’ve only had commercial activity on the Internet since April 1995. But we’ve also waited long enough. Let’s finish making our homes online the safe places they should have been in the first place.

IoT & IoM next week at IIW

February 28, 2016 / Doc Searls / 1 Comment

blockchain1

(This post was updated and given a new headline on 20 April 2016.)

In The Compuserve of Things, Phil Windley issues this call to action:

On the Net today we face a choice between freedom and captivity, independence and dependence. How we build the Internet of Things has far-reaching consequences for the humans who will use—or be used by—it. Will we push forward, connecting things using forests of silos that are reminiscent the online services of the 1980’s, or will we learn the lessons of the Internet and build a true Internet of Things?

In other words, an Internet of Me (#IoM) and My Things. Meaning things we own that belong to us, under our control, and not puppeted by giant companies using them to snarf up data about our lives. Which is the #IoT status quo today.

A great place to work on that is IIW— the Internet Identity Workshop , which takes place next Tuesday-Thursday, April 26-28, at the Computer History Museum in Silicon Valley. Phil and I co-organize it with Kaliya Hamlin.

To be discussed, among other things, is personal privacy, secured in distributed and crypto-secured sovereign personal spaces on your personal devices. Possibly using blockchains, or approaches like it.

So here is a list of some topics, code bases and approaches I’d love to see pushed forward at IIW:

OneName is “blockchain identity.”
Blockstack is a “decentralized DNS for blockchain applications” that “gives you fast, secure, and easy-to-use DNS, PKI, and identity management on the blockchain.” More: “When you run a Blockstack node, you join this network, which is more secure by design than traditional DNS systems and identity systems. This is because the system’s registry and its records are secured by an underlying blockchain, which is extremely resilient against tampering and control. In the registry that makes up Blockstack, each of the names has an owner, represented by a cryptographic keypair, and is associated with instructions for how DNS resolvers and other software should resolve the name.” Here’s the academic paper explaining it.
The Blockstack Community is “a group of blockchain companies and nonprofits coming together to define and develop a set of software protocols and tools to serve as a common backend for blockchain-powered decentralized applications.” Pull quote: “For example, a developer could use Blockstack to develop a new web architecture which uses Blockstack to host and name websites, decentralizing web publishing and circumventing the traditional DNS and web hosting systems. Similarly, an application could be developed which uses Blockstack to host media files and provide a way to tag them with attribution information so they’re easy to find and link together, creating a decentralized alternative to popular video streaming or image sharing websites. These examples help to demonstrate the powerful potential of Blockstack to fundamentally change the way modern applications are built by removing the need for a “trusted third party” to host applications, and by giving users more control.” More here.
IPFS (short for InterPlanetary File System) is a “peer to peer hypermedia protocol” that “enables the creation of completely distributed applications.”
OpenBazaar is “an open peer to peer marketplace.” How it works: “you download and install a program on your computer that directly connects you to other people looking to buy and sell goods and services with you.” More here and here.
Mediachain, from Mine, has this goal: “to unbundle identity & distribution.” More here and here.
telehash is “a lightweight interoperable protocol with strong encryption to enable mesh networking across multiple transports and platforms,” from @Jeremie Miller and other friends who gave us jabber/xmpp.
Etherium is “a decentralized platform that runs smart contracts: applications that run exactly as programmed without any possibility of downtime, censorship, fraud or third party interference.”
Keybase is a way to “get a public key, safely, starting just with someone’s social media username(s).”
____________ (your project here — tell me by mail or in the comments and I’ll add it)

In tweet-speak, that would be @BlockstackOrg, @IPFS, @OpenBazaar, @OneName, @Telehash, @Mine_Labs #Mediachain, and @IBMIVB #ADEPT

On the big company side, dig what IBM’s Institute for Business Value is doing with “empowering the edge.” While you’re there, download Empowering the edge: Practical insights on a decentralized Internet of Things. Also go to Device Democracy: Saving the Future of the Internet of Things — and then download the paper by the same name, which includes this graphic here:

ibm-pyramid

Put personal autonomy in that top triangle and you’ll have a fine model for VRM development as well. (It’s also nice to see Why we need first person technologies on the Net , published here in 2014, sourced in that same paper.)

Ideally, we would have people from all the projects above at IIW. For those not already familiar with it, IIW is a three-day unconference, meaning it’s all breakouts, with topics chosen by participants, entirely for the purpose of getting like-minded do-ers together to move their work forward. IIW has been doing that for many causes and projects since the first one, in 2005.

Also register, if you can, for VRM Day: https://vrmday2016a.eventbrite.com/. That’s when we prep for the next three days at IIW. The main focus for this VRM Day is here.

Bonus link: David Siegel‘s Decentralization.

What if we don’t need advertising at all?

February 15, 2016 / Doc Searls / 14 Comments

advertisinggrave I’m serious.

Answer this question: Would you pay for any publication that is only advertising? If not, Do you believe advertising adds or subtracts value from the media it funds?

It depends, right? Ads add value to The New Yorker, Vogue, Brides, Guns & Ammo and the Super Bowl. Readers and viewers actually like the ads that show up in those places. In some others, well, kinda. As for the rest? No.

The rest rounds to everything. The italicized items in the paragraph above are exceptions to a rule that is yucky in the extreme, especially on the Web and (increasingly) on our mobile devices.

So let’s say we normalize supply and demand to the Internet, which puts a giant zero — no distance — between everybody and everything. All that should stand between any two entities on the Net are manners, permission and convenience. Any company and any customer should be able to connect with any other, without an intermediary, any time and in any way they both want — provided agreements and methods for doing that are worked out.

So far they aren’t, and that’s the reason we have so much icky advertising on the Web and on our phones: most of the pushers have no manners, and there are no mutually accepted ways to allow or deny permission for being bothered, so those being bothered have responded with ad and tracking blockers. In other words, in the absence of manners, we’ve created an inconvenience.

Naturally, publishers, agencies and ad industry associations are crying foul, but too bad. Blocking that shit reduces friction and feels good. (Thank you, Bob Garfield, for both of those.)

What we need next are better ways for demand and supply to inform and connect. Not just better ways to pay for media. (That would be nice, but media have mostly been a one-way channel for informing, and at best a secondary way to connect.)

Think about what will happen to markets when any one of us can intentcast our needs for products or services, and do so easily and in standard ways that any supplier can understand. Then think about what will happen when any company can inform existing or potential customers directly, without the intermediation of the media we know today — and with clear and well-understood permissions for doing that on both sides.

The result will be the intention economy, which will work far better for demand and supply than the attention economy we have today, simply because there will be so many more and better ways to inform and connect, in both directions.

Asking today’s media to give us the intention economy is like asking AM radio to give us cellular telephony.

They can’t, and they won’t. At best they’ll serve the remaining needs of the attention economy: namely, old-fashioned Madison Avenue type branding, like we get from the best ads in the Super Bowl and in your better print magazines. This is the wheat I talk about in Separating Advertising’s Wheat and Chaff, and that Don Marti calls “signalful” advertising. Maybe that stuff will be with us forever. For the sake of the good things they fund, I hope so.

But I don’t know, because I’m sure if we zero-base the intention economy in our new all-digital world, it is unlikely that we’ll invent any of the media we have today.

It would be easy to call the intention economy utopian hogwash, and I expect some comments to say as much. But one could have said the same thing about personal computing in 1973, the Internet in 1983 and smartphones in 1993. All of those were unthinkable at those points in history, yet inevitable in retrospect.

The fact is, we are now in a digital world as well as an analog one. That alone rewrites the future in a huge way. Digital itself is the only medium, and the whole environment. It’s also us, whether we like it or not. We are digital as well as cellular.

In the past we put up with being annoyed and yelled at by advertising. And now we’re putting up with being spied on and guessed at, personally, as well. But we don’t have to put up with any of it any more. That’s another thing digital life makes possible, even if we haven’t taken the measures yet. The limits of invention are a lot farther out on the Giant Zero than they ever were in the old analog world where today’s media — including digital ones following analog models — were born.

Advertising is an analog thing. The arguments for its survival in the digital world need to be ones that start with demand. Is it something we want? Because we’ll get what we want. Sooner or later, we’ll have the digital versions of clothing and shelter (aka privacy), of terms and permissions, of ways to signal our intentions. If advertising fits in there somewhere, great. If not, R.I.P.

The coming collapse of surveillance marketing

August 3, 2015 / Doc Searls / 0 Comments

A few minutes ago, on a mailing list, somebody asked me if Google hadn’t shown people don’t mind having personal data harvested as long as they get value in exchange for it. Here’s what I answered:

It’s not about Google — or Google alone. It’s about the wanton and widespread harvesting of personal data without permission, by pretty much the entire digital marketing field, or what it has become while in maximum thrall of Big Data.

That this is normative in the extreme does not make it right, or even sustainable. The market — customers like you and me — doesn’t like it. Technologists, sooner or later, will provide customers with means of control they still lack today.

The plain fact is that most people don’t like surveillance-based marketing. Study after study (by TRUSTe, Pew, Customer Commons and others) have shown that 90+% of people have problems with the way their data and their privacy are abused online.

“The Tradeoff Fallacy: How Marketers Are Misrepresenting American Consumers and Opening Them Up to Exploitation” by Annenberg (at the U. of Pa) says,

a majority of Americans are resigned to giving up their data—and that is why many appear to be engaging in tradeoffs. Resignation occurs when a person believes an undesirable outcome is inevitable and feels powerless to stop it. Rather than feeling able to make choices, Americans believe it is futile to manage what companies can learn about them. The study reveals that more than half do not want to lose control over their information but also believe this loss of control has already happened.

More from Penn News:

Survey respondents were asked whether they would accept “tradeoffs,” such as discounts, in exchange for allowing their supermarkets to collect information about their grocery purchases. Among the key findings:

   • 91 percent disagree (77 percent of them strongly) that “if companies give me a discount, it is a fair exchange for them to collect information about me without my knowing.”
   • 71 percent disagree (53 percent of them strongly) that “it’s fair for an online or physical store to monitor what I’m doing online when I’m there, in exchange for letting me use the store’s wireless Internet, or Wi-Fi, without charge.”
   • 55 percent disagree (38 percent of them strongly) that “it’s okay if a store where I shop uses information it has about me to create a picture of me that improves the services they provide for me.”
Only about 4 percent agree or agree strongly with all three propositions.

But 58 percent agreed with both of the following two statements that together indicate resignation: “I want to have control over what marketers know about me online” and “I’ve come to accept that I have little control over what marketers can learn about me online.”

The Net we know today was born only twenty years ago, when it opened to commercial activity. We are still naked there, lacking in clothing and shelter (to name two familiar privacy technologies in the physical world). Eventually we’ll have clothing and shelter in many forms, good means for preventing and permitting the ways others deal with us, and full agency in our dealings with business and government.

In the meantime we’ll have a status quo to which we remain resigned.

I suspect that even Google knows this will change.

Bonus Link.

Think about an irony here. Most brick-and-mortar merchants would be appalled at the thought of placing tracking beacons on visiting customers, to spy on them after they leave the store, just so they can be “delivered” a better “advertising experience.” And obviously, customers would hate it too. Yet many of the same merchants hardly think twice about doing the same online.

This will change because there is clear market sentiment against it. We see this through pressure toward regulation (especially in Europe), and through ad and tracking blocking rates that steadily increase.

But both regulation and blockers are stone tools. Eventually we’ll get real clothing and shelter.

That’s what we’ve been working on here with ProjectVRM. It’s taking longer than we expected at first, but it will happen, and not just because there is already a lot of VRM development going on.

It will happen because we have the Net, and the Net is not just Google and Facebook and other modern industrial giants. The Net is where all of those companies live, in the company of customers, to whom, — sooner or later, they become accountable.

Right now marketing is not taking the massive negative externalities of surveillance into account, mostly because marketing is a B2B rather than a B2C business, and there persists a blindered mania around Big Data. But they will take those externalities into account eventually, because the Cs of the world will gain the power to protect themselves against unwanted surveillance, and will provide far more useful economic signaling to the businesses of the world than marketing can ever guess at.

Once that happens, the surveillance marketing business, and what feeds it, will collapse.

“A house divided against itself cannot stand,” Lincoln said. That was in 1858, and in respect to slavery. In 2015 the language of marketing — in which customers are “targets” to be “acquired,” “controlled,” “managed” and “locked in” — is not much different than the language of slave owners in Lincoln’s time.

This will change for the simple reason that we are not slaves. We are the ones with the money, the choice about patronage, and the network. Companies that give us full respect will be the winners in the long run. Companies that continue to treat us as less than human will suffer the consequences.

First we take Oz

May 22, 2015 / Doc Searls / 1 Comment

Sydney — doc 017-018_combined_med Australia’s privacy principles are among the few in the world that require organizations to give individuals personal information gathered about them.* This opens the path to proving that we can do more with our own data than anybody else can.

Estimating the size of the personal data management business is like figuring the size of the market for talking or driving. (Note: we can also do more with those than companies can.)

Starting us down this path is Ben Grubb (@BenGrubb) of the Sydney Morning Herald. Ben requested personal data held by the Australian telco giant Telstra, and found himself in a big fight, which he won. (Here’s the decision. Telstra is appealing, but they’re still gonna lose.)

Bravo to Ben — not just for whupping a giant, but for showing a path forward for individual empowerment in the marketplace. Thanks to Australia’s privacy principles, and Ben’s illustrative case, the yellow brick road to the VRM future is widest in Oz.

Here (and in New Zealand) we not only have lots of VRM developers (Flamingo, Fourth Party, Geddup, Meeco, MyWave, OneExus, Welcomer and others I’ll insulting by not listing yet), but legal easement toward proving that individuals can do the more with their own data than can the companies that follow us. And proving as well that individuals managing their own data will be good for those companies as well. The data they get will be richer, more accurate, more contextual, and more useful.

This challenge is not new. It’s as old as our species. The biggest tech revolutions have always been inventions individuals could put to the best use:

Stone tools
Weaving
Smithing
Musical instruments
Hand-held hunting and fighting tools
Automobiles
PCs
The Internet (which is a node-to-node invention, not an advanced phone or cable company, even though we pay those things for access to it)
Mobile phones and tablets
Movable type (which would be nowhere without individual authors — and writing tools in the hands of those authors)

There should be symbiosis here. There are things big organizations do best, and things individuals do best. And much that both do best when they work together.

Look at cars, which are a VRM technology: we use them to get around the marketplace, and to help us do business with many companies. They give us ways to be both independent and engaging. But companies don’t drive them. We do. Companies provide parking lots, garages, drive-up windows and other conveniences for drivers. Symbiosis.

So, while Telstra is great at building and managing communication infrastructure and services, its customers will be great at doing useful stuff with the kind of data Ben requested, such as locations, calls and texts — especially after customers get easy-to-use tools and services that help them work as points of integration for their own data, and managers of what gets done with it. There are many VRM developers working toward that purpose, around the world, And many more that will come once they smell the opportunities.

These opportunities are only apparent when you look at the market through your own eyes as a sovereign human being. The same opportunities are mostly invisible when you look at the market from the eye at the top of the industrial pyramid.

Bonus links:

Hugh McLeod, who drew the cartoon at the top for me way back in 2004.
Why we need first person technologies on the Net
Making customer experience a first-person thing
Up next: a master app to help customers scale
Capgemini on VRM
State of the VRooM 2014

* My understanding is that privacy principles such as the OECD’s and Ontario’s provide guidance but not the full force of law, or means of enforcement. Australia’s differ because they have teeth. See the Determination on page 36 of the Privacy Commissioner’s investigation and decision. Canada’s also has teeth. See the list of orders issued in Ontario. If there are other examples of decisions like this one, anywhere in the world, please let us know.

Declaration of Customer Independence

May 8, 2015 / Doc Searls / 0 Comments

I published one of these five years ago, way ahead of its time, which I believe has now come. (Evidence: @BenGrubb‘s victory over Telstra.*)

So here we go again:

Declaration

We hold these truths to be self-evident: that all customers are born free, that they are endowed by their creator with innate abilities to relate, to converse and and to transact — on their own terms, and in their own ways. When sellers have labored long and hard to restrict those freedoms, and to ignore and insult the capacities enjoyed naturally by customers — by speaking, for example, of “targeting,” “capturing,” “acquiring,” “retaining,” “managing,” “locking in” and “owning” customers as if they were slaves — and when sellers work to inconvenience customers to the exclusive benefit of sellers themselves, for example through “loyalty programs” that require customers to carry around cards that thicken’ wallets and slow checkout in stores, it is the right of customers to obsolete the coercive systems to which both sellers and customers have become accustomed. We do this by providing ourselves with new tools for leveraging our native human powers, for the good of ourselves and sellers alike.

We therefore resolve to construct relationships in which we, the customers, control our own data, hold rights to metadata about ourselves, express loyalty at our own grace, deal in common and standard ways with all sellers and other second and third parties, protect our private persons and spaces, assert fair terms and means of engagement that work in mutually constructive ways for both ourselves and the other parties we engage, for the good of all.

We make this Declaration as free and independent persons, each with full agency, ready to form agreements, make choices, assert commitments, transact business, and otherwise function in the free and open environment we call The Marketplace.

To this we pledge our lives, our fortunes, and our precious time and attention.

Comments and improvements welcome.

*Read the whole thing. It matters. Hugely.

By the way, I’ll be in New Zealand and Australia the week after next, keynoting Identity 2015 in Wellington and Customer Tech X in Melbourne, where I will also be on a number of panels. I’ll also be in Sydney for one day before heading back. Hope I can also hook up with some of the growing number of VRM companies there. There are many on the VRM Developers List. (More on a separate post later.)

Of vaults and honey pots

April 29, 2015 / Doc Searls / 0 Comments

Personal Blackbox (pbb.me) is a new #VRM company — or so I gather, based on what they say they offer to users: “CONTROL YOUR DATA & UNLOCK ITS VALUE.”

So you’ll find them listed now on our developers list.

Here is the rest of the text on their index page:

pbbWheel

PBB is a technology platform that gives you control of the data you produce every day.

PBB lets you gain insights into your own behaviors, and make money when you choose to give companies access to your data. The result? A new and meaningful relationship between you and your brands.

At PBB, we believe people have a right to own their data and unlock its benefits without loss of privacy, control and value. That’s why we created the Personal Data Independence Trust. Take a look and learn more about how you can own your data and its benefits.

In the meantime we are hard at work to provide you a service and a company that will make a difference. Join us to participate and we will keep you posted when we are ready to launch.

That graphic, and what seems to be said between the lines, tells me Personal Blackbox’s customers are marketers, not users. And, as we so often hear, “If the service is free, you’re the product being sold.”

But, between the last paragraph and this one, I ran into Patrick Deegan, the Chief Technology Officer of Personal Blackbox, at the PDNYC meetup. When I asked him if the company’s customers are marketers, he said no — and that PBB (as it’s known) is doing something much different that’s not fully explained by the graphic and text above, and is tied with the Personal Data Independence Trust, about which not much is said at the link to it. (At least not yet. Keep checking back.) So I’ll withhold judgement about it until I know more, and instead pivot to the subject of VRM business models, which that graphic brings up for me.

I see two broad ones, which I’ll call vault and honey pot.

The vault model gives the individual full control over their personal data and what’s done with it, which could be anything, for any purpose. That data primarily has use value rather than sale value.

The honey pot model also gives the individual control over their personal data, but mostly toward providing a way to derive sale value for that data (or something similar, such as bargains and offers from marketers).

The context for the vault model is the individual’s whole life, and selective sharing of data with others.

The context for the honey pot model is the marketplace for qualified leads.

The vault model goes after the whole world of individuals. Being customers, or consumers, is just one of the many roles we play in that world. Who we are and what we do — embodied in our data — is infinitely larger that what’s valuable to marketers. But there’s not much money in that yet.

But there is in the honey pot model, at least for now. Simply put, the path to market success is a lot faster in the short run if you find new ways to help sellers sell. $zillions are being spent on that, all the time. (Just look at the advertising coming along with that last link, to a search).

FWIW, I think the heart of VRM is in the vault model. But we have a big tent here, and many paths to explore. (And many metaphors to mix.)

Toward VRooMy privacy policies

April 29, 2015 / Doc Searls / 0 Comments

Canofworms1 In The nightmare of easy and simple, T.Rob unpacks the can of worms that is:

one company’s privacy policy,
provided by another company’s automatic privacy policy generating system, which is
hosted at that other company, and binds you to their privacy policy, which binds you to
three other companies’ privacy policies, none of which assure you of any privacy, really. Then,
the last of these is Google’s, which “is basically summed up as ‘we own your ass'” — and worse.

The company was GeniCan — a “smart garbage can” in the midst of being crowdfunded. GeniCan, like so many other connected devices, lives in the Internet of Things, or IoT. After exploring some of the many ways that IoT is already FUBAR in the privacy realm, T.Rob offers some constructive help:

The VRM Version
There is a possible version of this device that I’d actually use. It would be the one with the VRM-y, personal cloud architecture. How does that work? Same architecture I described in San Francisco:

The device emits signed data over pub/sub so that secondary and tertiary recipients of data can trust it.
By default, the device talks to the vendor’s service so users don’t need any other service or device to make it work.
The device can be configured to talk to a service of the user’s choosing instead of, or in addition to that of the manufacturer.
The device API is open.

Since privacy policy writing for IoT is pretty much a wide-open greenfield, that provides a helpful starting point. It will be good to see who picks up on it, and how.