Category: Privacy (Page 4 of 5)

#TakeBackControl with #VRM

June 23, 2014 / Doc Searls / 1 Comment

That’s a big part of what tonight’s Respect Network launch here in London is about. I’ll be speaking briefly tonight at the event and giving the opening keynote at the Immersion Day that will follow tomorrow. Here is a draft of what I’ll say tonight:

This launch is personal.

It’s about privacy.

It’s about control.

It’s about taking back what we lost when Industry won the Industrial Revolution.

It’s about fixing a marketplace that has been ruled by giant companies for a hundred and fifty years — even on the Internet, which was designed — literally — to support our independence, our autonomy, our freedom, our liberty, our agency in the world.

Mass marketing required subordinating the individual to the group, to treat human beings as templates, demographics, typicalities.

The promise of the Internet was to give each of us scale, reach and power.

But the commercial Internet was built on the old model. On the industrial model. What we have now is what the security guru Bruce Schneier calls a feudal system. We are serfs in the Kingdom of Google, the Duchy of Facebook, the Principality of Amazon.

Still, it’s early. The Internet as we know it today — with browsers, ISPs, search engines and social media — is just eighteen years old. In the history of business, and of civilization, this is nothing. We’ve barely started.

But the Internet does something new that nothing else in human history ever did, and we’re only beginning to wrap our heads around the possibilities: It puts everybody and everything at zero functional distance from everybody and everything else — and at costs that want to be zero as well.

This is profound and huge. The fact that we have the Net means we can zero-base new solutions that work for each of us, and not just for our feudal overlords.

Archimedes said “Give me a place to stand and I can move the world.”

That’s why we are here today. Respect Network has been working to give each of us a place to stand, to take back control: of our identities, our data, our lives, our relationships… of everything we do on the Net as free and independent human beings.

And what’s extra cool about this is that Respect Network isn’t just one company. It’s dozens of them, all standing behind the same promise, the same principles, the same commitment to build markets upward from you and me, and not just downward like eyes atop pyramids of control.

I’ll have a lot more to say about this tomorrow at Immersion Day, but for now I invite you to savor participating in a historic occasion.

I’m sure I’ll say something different, because I’ll speak extemporaneously and without the crutchware of slides. But I want to get this up because I can’t print where I am at the moment, and it seems like a fun and useful thing to do in any case.

For more, see A New Data Deal, starting today, at my personal blog.

On the geofences we’re already building

March 17, 2014 / Doc Searls / 1 Comment

I was just pointed to the Geofencing Manifesto, “created by the audience at the SxSW 2014 workshop entitled ‘The Future Landscape of Geofencing Manifesto’ on Saturday, March 8th, 2014.” Leading the workshop were Jay Wilson (@jwsfl), Jenessa Carder (@expressanything) and Kevin Pound, all with SapientNitro, “a new breed of agency for an always-on world” that is “redefining how stories can be told across brand, digital and commerce.” Additional inks: workshop, guidelines.

I salute their good efforts. Could be they’ll get farther with this than other agencies have. There are also some existing contexts they will need to consider as they press forward with this and similar efforts. So, to help with that, I’ll run them down:

There is work already going on here, by the EFF, Mozilla, ProjectVRM and others.
The Geofencing Manifesto appears to be a marketing document. Meaning, it seems to be a form of outreach from marketing. It also frames the geofencing challenge — correctly — in the context of huge push-back against marketing by its targets.
We have some manifestos already, starting with Cluetrain, which laid out the situation pretty well in 1999. It does help that marketing embraced Cluetrain rather enthusiastically, especially the idea that markets are conversations. (That was Cluetrain’s first thesis, expanded a few months later into a whole book chapter.)
We are not just “consumers.” As Cluetrain put it, “we are not seats or eyeballs or end users or consumers. we are human beings and our reach exceeds your grasp. deal with it.” Persons, people, individuals and customers are all better terms.
There have never been mutual and consenting relationships between marketers and the people they call “targets,” and which they seek to “acquire,” “manage,” “control” and “lock in” as if they were slaves or cattle. For example, programs called “loyalty” involve all the words in that last sentence, and are by nature coercive. They are all different from each other as well, requiring the customer to maintain separate “relationships” with every marketing operation, which is a huge inconvenience and an industrial-age affront to the peer-to-peer design of the Net in the first place.
Let’s face it: until we build those fences, and get tools of our own for managing real relationships, on our terms, all we’ll get from marketing is more respectful and conversational forms of the same old thing. Meaning it’s our job, not marketing’s.
There is nothing in the history of marketing to suggests that it will work cooperatively with “consumers” to come up with something agreeable to both that will lock out all marketing intrusions. This is especially true in the Age of Data, because…
Data is to marketing as blood is to Dracula. Telling surveillance-oriented marketing “Let’s work together on what we agree to let you suck from our necks” won’t get us very far in the dark and bat-filled night that the commercial Web has become.
The only way to build fences that work is for us to build them ourselves, which is what we’ve been doing with ProjectVRM.
Geo is an interesting angle, especially in the mobile world. I like it. Privacy in the physical world tends to be spacial, and matching that in the virtual world seems a good thing. Bonus link: Clothing as a privacy system.

So we invite Jay, Venessa, Kevin and other well-intended marketers to come check out the work already going on here and elsewhere. (A good place to start is at our development work list.) I also suggest they come as individuals and not as marketers. In other words, stand on our side of the fence. Trust me: doing that will make marketing a lot better than anything marketing can do alone, or with the help of cooperating “consumers.” (For more on the customer/consumer distinction, go here, here, here and here.)

Reporting on the Data Privacy Hackathon

February 10, 2014 / Doc Searls / 0 Comments

In case you missed the Data Privacy Hackathon, held this past weekend in London, New York and San Francisco, there should be a good mother lode of posts, tweets and videos up now, or soon.

Here is a small starter-pile of links from the New York one:

The hackathon page.
#privacyhack on Twitter
Videos of the event, courtesy of the New York Chapter of the Internet Society. VRM and I come in at ~ 27 minutes into the first video. Finalist hacks are presented in this video here. One of the entries, Re-entry, led by Lina Kaisey, Harvard Law School ’14, starts at about 56 minutes into the last video link, and is to some degree based on my challenge in the first video link. It came in second. The winner was Ghostdrop, the presentation for which follows Lina’s, and which allows private communications between individuals. (Re-entry does that too, for prisoners re-entering the free world, and communicating with The System).

More at LegalHackathon.net.

LG jumps on advertising bandwagon, runs over its own customers

November 20, 2013 / Doc Searls / 0 Comments

Used to be a TV was a TV: a screen for viewing television channels and programs, delivered from stations and networks through a home antenna or a cable set top box. But in fact TVs have been computers for a long time. And, as computers, they can do a lot more than what you want, or expect.

Combine that fact with the current supply-side mania for advertising aimed by surveillance, and you get weirdness such as Doctor Beet‘s LG Smart TVs logging USB filenames and viewing info to LG servers. According to Doctor Beet, viewer activity is actually reported to a dead URL (which may not be, say some of the comments). The opt-out is also buried an off-screen scroll. And LG tells Doctor Beet to live with it, because he “accepted” unseen opt-out terms and conditions.

But wait: there’s more.

If you want to really hate LG — a company you barely cared about until now, watch this. It’s a promotional video for “LG Smart AD,” which “provides the smartest way to reach your targeted audiences across the borders and connected devices with excitement powered by LG’s world best 3D and HD home entertainment technology” and “enables publishers to maximize revenues through worldwide ad networks, intelligent platform to boost CPM and the remarkable ecosystem.” The screen shot above shows (I’m not kidding) a family being terrorized by their “immersive” advertising “experience.”

This promotional jive, plus the company’s utterly uncaring response to a customer inquiry, shows what happens when a company’s customers and consumers become separate populations — and the latter is sold to the former. This split has afflicted the commercial broadcast industry from the start, and it afflicts the online advertising industry today. It’s why the most popular browser add-ons and extensions are ones that thwart advertising and tracking. And it’s why the online advertising industry continues to turn deaf ears and blind eyes toward the obvious: that people hate it.

Clearly LG is getting on the surveillance-based advertising-at-all-costs bandwagon here. The sad and dumb thing about it is that they’re actually selling customers they already have (TV buyers) to ones they don’t (advertisers). Their whole strategy is so ham-fisted that I doubt they’ll get the message, even if bad PR like this goes mainstream.

The one good effect we might expect is for competing companies to sell surveillance-free viewing as a feature.

Bonus link.

Freedom vs. Tracking

July 29, 2013 / Doc Searls / 10 Comments

In The Mobile Customer as Data vs. Customer Data, Chuck Martin in MediaPost‘s Mobile Shop Talk says this:

The world of data tracking for mobile commerce is getting much more precise.

The phone knows where the phone goes, as we all know. And that knowledge can be used to help provide better services to those carrying them.

Any driver using Google Navigation, for example, gets the benefit of other phones being tracked to identify bottlenecks on roads ahead. The next step was for Navigation to automatically re-route your trip to avoid the traffic jam, so the benefit became seamless.

The tracking of phones at retail also is being used in efforts to provide a better shopping experience.

In these cases, the value comes from the data about the phone being tracked, not information about the person.

This is about the use of customers as data rather than data about the customer.

This data about phone movements already is being used at hundreds of stores ranging from small mom-and-pop shops to national chains and shopping centers.

He goes on to talk about Euclid, “a three-year-old California company that likens what it does to Google analytics but for the physical world.” And he explains what they do:

Rather than tracking phones by apps, sign-ins, GPS or cell tower, Euclid installs sensors at stores to capture MAC addresses, which are part of every smartphone.

The company doesn’t capture any information about the person, just the identification of smartphones that are on with Wi-Fi enabled.

The idea is to map shopper traffic and analyze how stores can become more effective. The large volume of aggregated data of phone traffic patterns is what provides the value.

Here is what I put in the comments below (with paragraph breaks and links added):

I am a customer. I am not data. I do not wish to yield personal data, even if anonymized, to anybody other than those with whom I have a fully consenting, non-coercive and respectful relationship.

I do not wish to receive offers as a matter of course, even if machines following me guess those offers might might be relevant — especially since what I am doing most of the time is not shopping.

I also don’t wish to have a “better experience” with advertising inundation, especially if the “experience” is “delivered” to me rather than something I have for myself.

Familiar with Trader Joes? People love them. Know why? They do none of this tracking jive. They just talk, as human beings, to customers. There’s no way to automate that, and they save the overhead of marketing automation as well.

Now think of the “mobile experience” we call driving a car, or riding a bike. Our phones need to be the same: fully ours. Not tracking devices.

I know mine is a voice in the wilderness here, but I’m not alone. It’s not for no reason that the most popular browser add-ons are ad and tracking blockers. That’s the market talking. Marketers need to listen.

In a commencement speech this past May, former presidential speechwriter @JonLovett says this (around 14:30): I believe we may have reached peak bullshit.

He continues: I believe those who push back against the noise and the nonsense, those who refuse to accept the untruths of politics and commerce and entertainment and government, will be rewarded. And that we are at the beginning of something important. He also pushes back on what he calls “a process that is inauthentic.” (Here’s a transcript.)

Here’s what’s real: For whatever reasons, we blew it by not building browsers to be cars and bikes in the first place. Same with smartphones and tablets. We gave wonderful powers to users, but greater powers to companies that would rather track us than respect us, who would rather “deliver”us the “experience” they want us to have than equip us to operate as fully human beings in the world — beings with independence and agency, able to engage in our own ways, and on our own terms.

So, what we’ve got now, nice as it is in many ways, is a feudal system. Not real freedom.

It’s a feudal system run by advertising money, and it is worse than broken: it looks to its masters like it isn’t working well enough. Those masters include lots of good people trying to do the Right Things. But they aren’t listening, because they are too busy talking to each other. The whole marketing ecosystem is an echo chamber now. And we, the users and customers of the world, are not in it, except as magnets for tracking beacons and MAC addresses sold to marketing mills.

There is now a line in the sand. On one side is industrial control of human beings, and systems that “allow” degrees of freedom. On the other side is freedom itself. On that side also lies the truly free marketplace.

Here’s a bet. A lot more money will be made equipping individual human beings with means for enjoying full agency than there is today in “delivering” better sales “experiences” to them through browsers and phones that aren’t really theirs at all.

And here’s betting we’ll get better social effects too: ones that arise from freedom of association in an open world, rather than inside giant mills built for selling us to advertisers.

Turning the customer journey into a virtuous cycle

July 13, 2013 / Doc Searls / 3 Comments

Traditional CRM typically looks at customers this way:It’s a cycle. One of the reasons we started ProjectVRM is that actual customers are hard to find in the CRM business. We are “leads” for Sales and Marketing, and “cases” for Support. At the Orders stage we are destinations to which products and invoices are delivered. That’s it.

Oracle CRM, however, has a nice twist on this (and thanks to @nitinbadjatia of Oracle for sharing it*):

Here we see the “customer journey” as a path that loops between buying and owning. The blue part — OWN, on the right — is literally the customer’s own space. As the text on the OWN loop shows, the company’s job in that space is to support and serve. As we see here…

… the place where that happens is typically the call center.

Now let’s look at how this journey looks in our lives, in terms of how much of the time we own stuff and how much of the time we shop for it. The real ratio is closer to this:

kolskycyce1

And that’s not an exaggeration, since we own everything 100% of the time and shop only a small % of the time.

Now let’s pause to consider the curb weight of “solutions” in the world of interactivity between company and customer today. In the BUY loop of the customer journey, we have:

All of advertising, which Magna Global expects to pass $.5 trillion this year
All of CRM, which Gartner pegs at $18b)
All the rest of marketing, which has too many segments for me to bother looking up

So, in the OWN loop we have a $0 trillion greenfield. This is where VRM started, with personal data lockers, stores, vaults, services and (just in the last few months) clouds.

Now look around your home. What you see is mostly stuff you own. Meaning you’ve bought it already. How about basing your relationships with companies on those things, rather than over on the BUY side of the loop, where you are forced to stand under a Niagara of advertising and sales-pitching, by companies and agencies trying to “target” and “acquire” you. From marketing’s traditional point of view (the headwaters of that Niagara), the OWN loop is where they can “manage” you, “control” you, “own” you and “lock” you in. To see one way this works, check your wallets, purses, glove compartments and kitchen junk drawers for “loyalty” cards that have little if anything to do with genuine loyalty.

But what if the OWN loop actually belonged to the customer, and not to the CRM system? What if you had VRM going there, working together with CRM, at any number of touch points, including the call center?

This is more than a simple dream. One of the coolest things to happen in the VRM development world is this insight, based on actual technology: everything you own can have its own cloud, and each can live inside your personal cloud. Your stuff doesn’t need to have embedded smarts. You can put your things’ smarts inside clouds of their own. Manufacturers can also include clouds along with everything they sell. Inside that cloud can go all the touchpoint contact data required for a genuine relationship, plus useful extras such as service manuals and shortcuts to product updates.

This means the product itself becomes the platform for relationship between the customer and everybody on the sell side, from manufacturer to distributor to retailer to service company. As I explained in this HBR post, that platform — the product’s cloud — is the level table where all those parties sit, at the grace of the customer. Because it’s the customer’s space.

One tablecloth for that platform is the TalkTag. It’s a simple QR code, like the one on the right. The pioneering company here is Kynetx, through its SquareTag service. It’s a simple way to give anything you have a cloud of its own. Scanning a TalkTag is one way to visit a thing’s cloud, which is also a programmable space. If your thing is lost, you can program it to provide contact information through somebody’s smartphone when they scan it. (Which I have done, and it works.)

You can also program it to, say, notify the call center when you scan it. For example, I want the TalkTag I just put on my cable modem to notify Time Warner Cable when I scan it. If Time Warner Cable’s CRM system is listening (which should be easy enough to make happen), it can send back a message to my phone, telling me there is an outage in my neighborhood. Or, in the event that there isn’t an outage, the “I’ve been scanned” message from me to Time Warner Cable can jump past stages in the company’s IVR (Interactive Voice Response) system and get me straight to the right person or automated response. That might be, “You need to download new firmware,” or “We have three new service tiers you might want to know about,” or “We see you haven’t paid your bill.”

I have shared this kind of scenario with two call center companies recently, and they liked it a lot. In fact they like the whole idea of VRM systems on the customers’ side that can lighten the burdens of relationship (and open opportunities) for both sides.

The customer journey — his or her experiences of owning and buying — will include more than just interacting with call centers. We use the things we own in countless ways that might be useful to share with others, including the companies that make and sell stuff — and not just through “social” systems like Facebook and Twitter, over which we have little or no control.

We should also be able to integrate data from products that don’t relate but should. In the Quantified Self world, for example, there is a standing need to synthesize data from many devices and databases. This need cannot be solved by asking Nike, Fitbit, Withings, RunKeeper and the rest of them to all make their data un-silo’d and combine-able. And doing it in “social media,” whose only business is advertising at us, won’t work either. We need means of our own.

In the VRM world we’ve been saying the user needs to be the point of integration for his or her own data since Joe Andrieu first expressed that insight in 2007. Now, with personal clouds, in 2013, it’s starting to look possible. In fact the personal cloud, and the whole OWN loop, can also be a platform for intentcasting toward the BUY side.

The OWN side is also where all the privacy technology also sits, chiefly because it is distributed. It is here also that we hold the terms, preferences and policies we express when dealing with companies sitting across the tables set between us.

An interesting case that lies between buying and owning is relationships with service organizations, such as utilities. What we own here is own side of an ongoing relationship. Equipment of our own may be in there, or may not be. Either way, the use of a service — in our homes, cars and pockets — is what we at least control, even if we don’t own it.

So clearly we need a common platform for personal clouds, and for the things we put in them. That platform needs to be small, lightweight, distributed and open source. Right now I see one candidate for that: CloudOS, which is the brainbaby of Phil Windley. (Here’s a search for CloudOS and Windley. Lots of stuff there.) If you’ve got some other hacks, point them out in the comments below.

If we look at the customer experience from the company’s side again, this graphic from Joe Pine and Jim Gilmore does a nice job of framing the possibilities:

Across the table set in a personal cloud, customers can feed back good intelligence to every one of the loops in that graphic. And, because that data arrives directly and voluntarily, it has far higher quality than inferential data gathered by marketing’s many surveillance methods.

It also re-frames relationship and loyalty, as real things rather than as words marketing recites inside its own echo chambers. It will reduce marketing’s urge to manipulate, and advertising’s urge to personalize in the absence of conscious and voluntary signals welcoming it. The customer journey will thus turn into a virtuous cycle rather than the arduous one it is today.

It can also create a demand chain that can work in tandem with the supply chain, providing far better feedback at every stage. I could go on, but I want to get this up before the latest in the series of Important Calls that punctuate my life. (And they are all Good Things, trust me.)

Bonus link.

* In the comments below the post that follows this one, Ray Wang points to Esteban Kolsky as the original author of this graphic. As I say in my comment below Ray’s, I did hear that from Nitin Badjatia (of Oracle and formerly of Right Now), but I didn’t remember it when I wrote both posts in a hurry. Again, it is the verbs — BUY and OWN — that make the image especially useful for VRM, because they are the customer’s. I don’t yet know if those verbs are Esteban’s or Right Now/Oracle’s. Let me know and I’ll give credit where due.

Save

Prepping for #VRM Day and #IIW

April 20, 2013 / Doc Searls / 0 Comments

The 16th IIW (Internet Identity Workshop) is coming up, Tuesday to Thursday, 7-9 May, will be tat the Computer History Museum in Mountain View, CA. As usual, VRM will be a main topic, with lots of developers and other interested folk participating. Also as usual, we will have a VRM planning day on the Monday preceding: 6 May, also at the CHM. So that’s four straight days during which we’ll get to present, whiteboard, discuss and move forward the many projects we’re working on. From the top of my head at the moment:

Personal Clouds, including —
- The Internet of Me and My Things
- QS (Quantified Self) and Self-Hacking
Fully personal wallets, rather than branded ones that work only with payment silos and their partners
Intentcasting — where customers advertise their purchase intentions in a secure, private and trusted way, outside of any vendor’s silo
Browser add-ons, extensions, related developments
Licensing issues
Sovereign and administrative identity approaches, including Persona, formerly BrowserID, from Mozilla
Legal issues, such as creating terms and policies that individuals assert
Tracking and ad blocking, and harmonizing methods and experiences
Health Care VRM
Devices, such as the freedom box
VRM inSovereign vs./+ Administrative identities
- Real estate
- Banking (including credit cards, payments, transactions)
- Retail
Personal data pain points, e.g. filling out forms
Trust networks
Harnessing adtech science and methods for customers, rather than only for vendors

The morning will be devoted to VRM issues, while the afternoon will concentrate on personal clouds.

We still have eight tickets left here. There is no charge to attend.

In the next few days here on the blog we’ll be going over some of the topics above. Input welcome.

VRM development work

February 5, 2013 / Doc Searls / 0 Comments

I’ll be having a brown bag lunch today with a group of developers, talking about VRM and personal clouds, among other stuff that’s sure to come up. To make that easier, I’ve copied and pasted the current list from the VRM developers page of the ProjectVRM wiki. If you’d like to improve it in any way, please do — either on the wiki itself, or by letting us know what to change.

While there are entire categories that fit in the larger VRM circle — quantified self (QS) and personal health records (PHRs) are two that often come up — we’ve tried to confine this list to projects and companies that directly address the goals (as well as the principles) listed on the main page of the wiki.

Here is a partial list of VRM development efforts. (See About VRM). Some are organizations, some are commercial entities, some are standing open source code development efforts.

SOFTWARE and SERVICES

Intentcasting

AskForIt † – individual demand aggregation and advocacy

Body Shop Bids † – intentcasting for auto body work bids based on uploaded photos

Have to Have † – “A single destination to store and share everything you want online”

Intently † – Intentcasting “shouts” for services, in the U.K.

Innotribe Funding the Digital Asset Grid prototype, for secure and accountable Intentcasting infrastructure

OffersByMe † – intentcasting for local offers

Prizzm †- social CRM platform rewarding customers for telling businesses what they want, what they like, and what they have problems with

RedBeacon † – intentcasting locally for home services

Thumbtack † – service for finding trustworthy local service providers

Trovi intentcasting; matching searchers and vendors in Portland, OR and Chandler, AZ†

Übokia intentcasting†

Zaarly † intentcasting to community – local so far in SF and NYC

Browser Extensions

Abine † DNT+, deleteme, PrivacyWatch: privacy-protecting browser extentions

Collusion Firefox add-on for viewing third parties tracking your movements

Disconnect.me † browser extentions to stop unwanted tracking, control data sharing

Ghostery † browser extension for tracking the trackers

PrivacyScore † browser extensions and services to users and site builders for keeping track of trackers

Databases

InfoGrid – graph database for personal networking applications

ProjectDanube – open source software for identity and personal data services

Messaging Services and Brokers

Gliph †- private, secure identity management and messaging for smartphones

Insidr † – customer service Q&A site connecting to people who have worked in big companies and are willing to help when the company can’t or won’t

PingUp (was Getabl) †- chat utility for customers to engage with merchants the instant customers are looking for something

TrustFabric † – service for managing relationships with sellers

Personal Data and Relationship Management

Azigo.com † – personal data, personal agent

ComplainApp † – An iOS/Android app to “submit complaints to businesses instantly – and find people with similar complaints”

Connect.Me † – peer-to-peer reputation, personal agent

Geddup.com † – personal data and relationship management

Higgins – open source, personal data

The Locker Project – open source, personal data

Mydex †- personal data stores and other services

OneCub †- Le compte unique pour vos inscriptions en ligne (single account for online registration)

Paoga † – personal data, personal agent

Personal.com † – personal data storage, personal agent

Personal Clouds – personal cloud wiki

Privowny † – privacy company for protecting personal identities and for tracking use and abuse of those identities, building relationships

QIY † – independent infrastructure for managing personal data and relationships

Singly † – personal data storage and platform for development, with an API

Transaction Management

Dashlane † – simplified login and checkout

Trust-Based or -Providing Systems and Services

id3 – trust frameworks

Respect Network † – VRM personal cloud network based on OAuth, XDI, KRL, unhosted, and other open standards, open source, and open data initiatives. Respect Network is the parent of Connect.Me.

Trust.cc Personal social graph based fraud prevention, affiliated with Social Islands

SERVICE PROVIDERS OR PROJECTS BUILT ON VRM PRINCIPLES

First Retail Inc. † commodity infrastructure for bi-directional marketplaces to enable the Personal RFP

dotui.com † intelligent media solutions for retail and hospitality customers

Edentiti Customer driven verification of idenity

Real Estate Cafe † money-saving services for DIY homebuyers & FSBOs

Hover.com Customer-driven domain management†

Hypothes.is – open source, peer review

MyInfo.cl (Transitioning from VRM.cl) †

Neustar “Cooperation through trusted connections” †

NewGov.us – GRM

[1] † – Service for controlling one’s reputation online

Spotflux † malware, tracking, unwanted ad filtration through an encrypted tunnel

SwitchBook † – personal search

Tangled Web † – mobile, P2P & PDS

The Banyan Project– community news co-ops owned by reader/members

TiddlyWiki – a reusable non-linear personal Web notebook

Ting † – customer-driven mobile virtual network operator (MVNO – a cell phone company)

Tucows †

VirtualZero – Open food platform, supply chain transparency

INFRASTRUCTURE

Concepts

EmanciPay – dev project for customer-driven payment choices

GRM: Government Relationship Management – subcategory of VRM

ListenLog – personal data logging

Personal RFP – crowdsourcing, standards

R-button – UI elements for relationship members

Hardware

Freedom Box – personal server on free software and hardware

Precipitat, WebBox – new architecture for decentralizing the Web, little server

Standards, Frameworks, Code bases and Protocols

Datownia † – builds APIs from Excel spreadsheets held in Dropbox

Evented APIs – new standard for live web interactivity

KRL (Kinetic Rules Language) – personal event networks, personal rulesets, programming Live Web interactions

Kynetx † – personal event networks, personal rulesets

https://github.com/CSEMike/OneSwarm Oneswarm] – privacy protecting peer-to-peer data sharing

http://www.mozilla.org/en-US/persona/ Mozila Persona] – a privacy-protecting one-click email-based way to do single sign on at websites

TAS3.eu — Trusted Architecture for Securely Shared Services – R&D toward a trusted architecture and set of adaptive security services for individuals

Telehash – standards, personal data protocols

Tent – open decentralized protocol for personal autonomy and social networking

The Mine! Project – personal data, personal agent

UMA – standards

webfinger – personal Web discovery, finger over HTTP

XDI – OASIS semantic data interchange standard

PEOPLE

Analysts and Consultants

Ctrl-SHIFT † – analysts

Synergetics † – VRM for job markets

VRM Labs – Research

HealthURL – Medical

Consortia, Workgroups

Fing.org – VRM fostering organization

Information Sharing Workgroup at Kantara – legal agreements, trust frameworks

Pegasus – eID smart cards

Personal Data Ecosystem Consortium (PDEC) – industry collaborative

Meetups, Conferences, and Events

IIW: Internet Identity Workshop – yearly unconference in Mountain View

VRM Hub – meeting in LondonNOTES:
† Indicates companies. Others are organizations, development projects or both. Some development projects are affiliated with companies. (e.g. Telehash and The Locker Project with Singly, and KRL with Kynetx.)
A – creating standard
B – Using other standards
1 – EventedAPI

Driving VRM with car data and APIs

November 26, 2012 / Doc Searls / 6 Comments

Go read OnStar gives Volt owners what they want: their data, in the cloud, by Sean Gallagher, in Ars Technica. It’s a VRM story. The vendor is Chevrolet, the vended product is the Volt, and the relationship management is a DIY hack by one customer. The story begins,

You probably don’t think of your car as a developer platform, but Mike Rosack did. A few days after buying his Chevy Volt, Rosack started slowly mining his driving data. But he eventually revved up his efforts and created a community platform for drivers to track their own efficiency. Today more than 1,800 Volt owners compare stats with each other, jockeying for position on Rosack’s Volt Stats leader board.

volt dash with r-button The Volt uses OnStar, a GM subsidiary known through its advertising for providing a way for drivers to call for roadside assistance; but which is actually a sophisticated cell-based data system through which cars communicate constantly with the mother ship’s cloud. While OnStar generously shares data back to customers through an app called RemoteLink, much more can be done with it, since it’s data and comes out through an API. Now here is where the story gets VRooMy:

Rosack initially wanted to do more with his own driving data than just view it on his phone. So he built what eventually became Volt Stats to capture this data, then started sharing it with other Volt owners. There was just one small problem: Volt Stats relied on Rosack’s reverse engineering of an interface for OnStar’s RemoteLink mobile application (iOS and Android). When OnStar moved to shut down the Web services interface Rosack had plugged into in mid-October, Volt Stats arrived at a screeching halt.

Rather than leaving Volt Stats stalled on the roadside, GM and OnStar accelerated efforts to give developers a new public Web API to create services on top of OnStar data. The companies even worked with Rosack to get him onboard and get Volt Stats re-launched. Now, Volt Stats is back online and other would-be car data hackers will soon be able to connect their Web applications to GM owners’ vehicle data (provided, of course, that they have privacy policies that meet with the approval of GM and OnStar lawyers).

OnStar had already developed an API for GM partners such as the car-sharing service RelayRides, who need to get access to some of the remote control and telematics elements of the service. But this new interface takes advantage of technologies such as OAuth and JAX-RS and it’s a step toward turning OnStar into a broader platform for the “Internet of things.” It’s also a way to give car enthusiasts a new kind of access to something they’ve always thought of as their own—their cars’ data.

Now come the VRM questions:

Where and how might customers store that data? Are current PDS (personal data stores) compatible and ready for it?
How might customers use that data — especially outside and between multiple vendors’ apps, APIs and relationship silos?
Might we see an ⊂ (r-button) on the dashboards of car? How might that work? And if it does, how do we make it standard?
What usage and new market-driving scenarios might we start to imagine here?
How might customers assert their own privacy policies and terms as demand begins to drive supply?
What other interfaces do cars have that might be brought into the picture?
How can what happens here model what we do with the rest of the “Internet of things?”
What are the meshy wireless things we can do among ourselves and our cars, outside any vendor’s box? (Would love Robin Chase‘s thinking here.)

These are questions especially for VRM developers. Look for answers (and more questions) here and on various blogs.

The identity problem

November 8, 2012 / Doc Searls / 5 Comments

Robin Wilton (@futureidentity) has been wrestling with identity issues for longer than I have, and deeper in the trenches. It is from one of those — IGF2012 (The Internet Governance Forum for Sustainable Human and Economic Development) — that he issued a deep and thoughtful post today on the topic of identity. His central distinction:

2. So let me describe two ways of looking at digital identity. I’ll describe the first one and then contrast its characteristics with the second. The first, I’ll call the Classic model. It is based on:

– Single authoritative source

– Credential

– Authentication

– Binary (Y or N)

– Level of assurance and a chain of trust, both of which can be formalised into procedures and assigned liability models (retroactive).

The second is what I’ll call the Emerging model. It looks like this:

– Multiple, low-assurance sources

– Attributes

– Authorisation

– Contextual and adaptive

– A web of trust, notions of mutable reputation, and quantifiable mainly in terms of risk management (predictive).

The Classic model is “fundamentally retrospective,” he writes; and

The Emerging model is future-facing. It is much more dynamic, and it is also completely compatible with anonymous authorisation. But it alters our conception of identity and trust, and relies on immature disciplines such as reputation management and contextual authorisation.

This is correct and astute. It also lays out much to be feared if we stick with either one. So I weighed in at his post with a long comment from a VRM perspective:

The reason “your digital identity” is not “close to being a reflection of your personal identity” is that you are a “user” on the Web and not a sovereign and independent human being.

The reason you are a user and not a human being on the Web is that in 1995 we settled on a model called “client-server” in which every server carried responsibility for authentication and pretty much everything else. You, as an individual, were just a user. It is not a coincidence that only two industries call individual human beings “users.” The other is drugs.

Nothing substantive has yet been built toward independence for individuals on the client side. We remain dependent variables rather than independent ones — a situation that has not changed in the seventeen years since. Client-server has become calf-cow, where users are the calves and sites are the cows. (More here.)

Both the classic and the emergent models you describe rely on cows. Neither allows the user to perform as an independent individual. Neither attempts to fix the problem of identity from the individual’s side.

Truly fixing identity is un-done work. Some companies and development efforts listed in the ProjectVRM wiki are working on it. Every six months it also comes up at Internet Identity Workshops (http://www.internetidentityworkshop.com/). But it’s a hard problem, akin to solving personal transportation with better railroads.

What we need online are the digital equivalents of cars and bicycles: personal transportation. Remember the “information superhighway” — this communications path on which you would “drive”? The idea was that each browser was a personal vehicle on which we “surfed” from place to place. Think of the literal meanings of drive, browse and surf. They are what independent human beings do. When all we do is “use,” we are dependent. Simple as that.

This is why the browser morphed from a car or a surfboard into a shopping cart that gets re-skinned with every commercial site it “uses.” At each site the user iis known in ways exclusive to the site, over which the individual has little control, except to opt out of the site and its systems. Add Twitter or Facebook login to the mix, and you just have more, and bigger, cows involved.

The burden of subordination to each of us is hundreds of different login/password combinations and acceptance of one-sided “agreements” offered by each site or service we use, on a take-it-or-leave-it basis. The “agreements” are ones we never read because they are written by and for lawyers, and are built to offload as much risk and liability as possible to users, along with minimized control over the user’s “experience.”

So there is much more to fix here than identity alone. But identity is the oldest challenge, and perhaps still the largest one.

I hope it helps. I also want to tip my hat toward Devon Loffreto, aka Moxy Tongue and @EnzionXavier, who writes posts such as this one. It is to Devon that I owe the adjective sovereign for what matters most about personal identity. I also owe much to Walt Whitman, who writes,

The spotted hawk swoops by and accuses me.
He complains of my gab and my loitering.

I too am not a bit tamed. I too am untranslatable.
I sound my barbaric yawp over the roofs of the world.

To mix metaphors one more time, we have ceased being hawks, or inspired by them.

If now is not the time to fly, when will we?

[Later…] Crosbie Fitch has also been a helpful influence. His is the first comment below.