Category: Research (Page 1 of 2)

Shooting for the World

April 7, 2026 / / 1 Comment

There is no organisation on Earth with a more audacious purpose than this one:

From Customer Commons’ current index page.

This isn’t shooting for the Moon. It’s shooting for the whole world of business.

What Customer Commons wants to restore isn’t just what was lost when the Internet got real. (For example, privacy.) Customer Commons also wants to restore personal agency that was lost when Industry won the Industrial Revolution. That’s when jobs replaced work, labour replaced teams, and customers became consumers.

That last shift, Jerry Michalski explains, was from human beings to “gullets with wallets and eyeballs.” After that shift, freedom of contract in marketplaces was enjoyed only by businesses. Not by gullets.

Customer Commons was created to change that. It was spun out of ProjectVRM as a 501(c)3 nonprofit in 2013, shortly after Harvard Business Review Press published  The Intention Economy: When Customers Take Charge. That book specifically gave Customer Commons the job of doing for personal privacy terms what Creative Commons did for personal copyright.  And to do it by making privacy a contract between customers and businesses, rather than a “consent” to whatever the hell businesses wanted to shove down our gullets. (For example, with interruptive cookie “choices” that really aren’t and leave no audit trail.)

Work on that began in 2017, when the IEEE approached Customer Commons with an offer to host development of a standard for machine-readable personal privacy terms. That standard, officially called IEEE 7012-2025, and nicknamed MyTerms, was published this past January, concluding nine years of work.

Now what?

MyTerms is a great start toward completing Customer Commons’ audacious mission. Here are some goals we will achieve when that mission is accomplished:

  1. VRM will be a business category, welcomed and engaged by CRM and CX functions on the sell sides of markets.
  2. We will have proof that free customers are worth more than captive ones—to companies they engage, to whole markets, and to themselves. This was ProjectVRM’s original mission in 2006.
  3. The intention economy will materialize when voluntary signaling from customers to companies outperforms and obsolesces surveillance as the primary means for companies to obtain data about customers.

MyTerms is required for all three, because a contract is the only way for companies to commit to respecting personal privacy, and MyTerms is the standard for doing that.

So the first challenge is to make Customer Commons viable as the first mover in establishing MyTerms in the world.

The second challenge is to make Customer Commons substantial enough to lead work toward all three of the challenges listed above. Customer Commons won’t be the only entity working on those. In the U.S., Consumer Reports has already stepped forward as a natural ally.  MyData Global is partnering with Customer Commons in standing up the MyTerms Alliance, which is HQ’d in Europe. There are many other potential partners, such as Mozilla and the EFF.

There is development work on MyTerms already. You can learn more about those at VRM Day, IIW, and AIW, which run M-F through the last week of this month (April 27 to May 1) at the Computer History Museum in Silicon Valley.

Here are other ideas that have been floated in the past for Customer Commons:

  1. Customers Union. Being for customers what the AARP is for retired people. Only bigger, because it would include everybody who is a customer of anything. This isn’t far from Consumers Union, which begat Consumer Reports, and is now its advocacy group.
  2. CustomerCon. A trade show with company booths run by customers, to which companies are invited as guests. Key feature: no complaining. Guest companies are treated only to positive and constructive ideas. HT to Tim Hwang for helping come up with that one.
  3. Omie. A tablet with apps free of Google and Apple. HT to Iain Henderson.
  4. The ByWay, a new path for local e-commerce.
  5. The Free Customer Award. This would be given to companies that value free customers and do nothing to entrap them. The canonical example described in The Intention Economy is Trader Joe’s. But there are others. In-N-Out Burger, for example.

I share those only to give you an idea of how big and influential Customer Commons might be, and how it’s possible to have fun making a new and better economy happen.

We’re not at Square One. Customer Commons is an extant nonprofit, has an energetic board, and a huge accomplishment by getting MyTerms finished. What it needs now is to build out a working organisation. How can we do that?

Let’s look at how Creative Commons got rolling in 2002 and kept moving after that. Here is what I’ve found in diggings so far—

  • The History of Creative Commons in Wired (December 2011) says, “An hour after the court’s decision was announced, the William and Flora Hewlett Foundation presented Creative Commons with $1,000,000 to launch the movement.” The case was Eldred v. Ashcroft.
  • In 2008, there was a successful funding challenge from Hewlett: “The 5×5 challenge, issued in honor of Creative Commons’ fifth birthday, called for the organization to find five funders to each promise five years of support at $500,000 per year. In addition to the Hewlett Foundation, Creative Commons received pledges of $500,000 in yearly support for five years from Omidyar Network, as well as from an anonymous European trust. Google has pledged $300,000 in support renewable for five years, while Mozilla and Red Hat have each pledged to contribute $100,000 annually for five years. The final block of support comes from the board of Creative Commons, which has promised to personally raise or contribute $500,000 to the organization annually for five years.”(Source: Creative Commons Newsletter No.5, February 2008)
  • A Creative Commons  announcement in April 2008 said, “We’re thrilled about a major new grant of $4 million from the William and Flora Hewlett Foundation, consisting of $2.5 million to provide general support to Creative Commons over five years, as well as $1.5 million to support ccLearn.”
  • A MacArthur grant search reports a total of $3,225,000 provided between 2002 and 2022:
    • $750,000 in 2005 to support general operations for three years
    • $500,000 in 2007 to support Science Commons for two years
    • $700,000 in2008 to support general operations and an endowment campaign for three years
    • $25,000 in 2015 to provide travel and other support for attendees of the Creative Commons Global Summit in South Korea, for two months. The meeting was also funded in part by the Institute for Museu m and Library Services and th e Gates Foundation, and by the Korean Ministry of Culture, Sports and Tourism ($25,000), Mozilla ($10,000), and the Wikimedia Foundation ($10,000).
    • $50,000 in 2022 to support dedicated programming on open journalism issues at the 2023 Global Summit, “which is an annual event that brings together educators, artists, technologists, legal experts, and activists to promote the power of open licensing and global access.”

So, by inference, the phases were roughly this:

  • Launch (2001–2002) $1M of initial funding
  • Early build-out (2002–2004) +$1–3M with  additional foundation support
  • Continuous operations (2005 onward) at ~$1–3M/year

That gives us an idea of what we need to raise. (Given inflation, multiply those numbers by 1.5x.)

I’ll tell you more when I find out more. Meanwhile, watch this space. Better yet, jump in and help out.

 

 

 

Writings on the Failings of Notice & Consent

December 27, 2025 / / 0 Comments

This notice actually appeared on the front door of my house for a while.

As with the notice above, notice & consent online is worse than a fail. It’s absurd.  But it helps to have sources that explain how ceremonies promising privacy online will always fail when those running the ceremonies are also incentivised to violate their privacy commitments (or not to make them in the first place). I’m including coverage of adjacent and dependent topics (e.g. adtech and CRM/CX).  Of course, this is all toward setting the stage for MyTerms. Feel free to add your own.

A list of scholarly (or simply serious) sources:

Don Marti’s writings:

Iain Henderson’s writings:

My own writings:

Also Terms and Conditions May Apply, a 2013 documentary by Cullen Hobeck.

Toward better buy ways

August 23, 2022 / / 0 Comments

For sixteen years, ProjectVRM has encouraged the development of tools and services that solve business problems from the customer side. This work is toward testing a theory: that free customers are more valuable—to themselves and to the businesses they engage—than captive ones. That theory can only be tested when tools for doing that are in place.

We already have some of those tools. Our big four in the digital world are the browser, the phone, email, and texting. In the analog offline world, our best model is cash. From The Cash Model of Customer Experience:

Here’s the handy thing about cash: it gives customers scale. It does that by working the same way for everybody, everywhere it’s accepted. It’s also anonymous by nature, meaning it carries no personal identifiers. Recording what happens with it is also optional, because using it doesn’t require an entry in a ledger (as happens with cryptocurrencies). Cash has also been working this way for thousands of years. But we almost never talk about our “experience” with cash, because we don’t need to.

The problem with our four personal digital tools—browser, phone, email and texting—is that they are not fully ours. So our agency is at best compromised. Specifically,

  1. The most popular browsers are also agents of Apple, Google, Microsoft, plus countless thousands of third parties inserting cookies and other tracking instruments into our devices.
  2. Our phones are not just ours. They are corporate tentacles of Apple and Google, lined with countless personal data suction cups from unknown surveillance systems. (For more on this, see Apple vs (or plus) Adtech, Part I and Part II.)
  3. Apple and Google together supply 87% of all email software and services. Apple promises privacy, while Google makes a business out of knowing the contents of your messages, plus every other Google-provided or -involved piece of software reveals to the company about your life. As for how well Apple delivers on its privacy promises, look up apple+compromised+privacy.
  4. The original messaging service for phones, SMS, is owned and run by phone companies. Other major messaging, texting and chat services are run entirely by private companies.
  5. Among common Internet activities, only email and browsing are based on open and simple standards. The main ones are SMTP, IMAP, and POP3 for email, and HTTP/S for browsing. Those share the Internet’s three NEA virtues: Nobody owns them, Everybody can use them, and Anybody can improve them.

This is important: If a product or service mostly works for some company, it’s not yours. You are a user or a consumer. You are not a customer; nor are you operating with full agency in a truly free market. So, while it is obvious that all of us are made more valuable to business, and to ourselves, because we use browsers, phones, email, and messaging, we can’t say that we are free while we do.

But the Internet is still young: dating in its current form—supportive of e-commerce—since 30 April 1995, when the NSFNET (one of the Internet’s backbones) was decommissioned, and its policy forbidding commercial traffic on its pipes no longer stood in the way. The Net will also be with us for dozens or hundreds of decades to come, with its base protocol, TCP/IP, continuing to support freedom for every node on it.

More importantly, there are many business problems best or only solved from the customer side. Here is a list:

  1. Identity. Logins and passwords are burdensome leftovers from the last millennium. There should be (and already are) better ways to identify ourselves by revealing to others only what we need them to know. Working on this challenge is the SSI—Self-Sovereign Identity—movement.  (Which also goes by many other names. The latest is Web5.) The solution here for individuals is tools of their own that scale. Note that there is a LOT happening here. One good way keep up with it is in the Identisphere newsletter.  You can also participate by attending the twice-yearly Internet Identity Workshop, which has been going strong since 2005.
  2. Subscriptions. Nearly all subscriptions are pains in the butt. “Deals” can be deceiving, full of conditions and changes that come without warning. New customers often get better deals than loyal customers. And there are no standard ways for customers to keep track of when subscriptions run out, need renewal, or change. The only way this can be normalized is from the customers’ side.
  3. Terms and conditions. In the world today, nearly all of these are ones that companies proffer; and we have little or no choice about agreeing to them. Worse, in nearly all cases, the record of agreement is on the company’s side. Oh, and since the GDPR came along in Europe and the CCPA in California, entering a website has turned into an ordeal typically requiring “consent” to privacy violations the laws were meant to stop. Or worse, agreeing that a site or a service provider spying on us is a “legitimate interest.” The solution here is terms individuals can proffer and organizations can agree to. The first of these is #NoStalking, and allows a publisher to do all the advertising they want, so long as it’s not based on tracking people. Think of it as the opposite of an ad blocker. (Customer Commons is also involved in the IEEE’s P7012 Standard for Machine Readable Personal Privacy Terms.
  4. Payments. For demand and supply to be truly balanced, and for customers to operate at full agency in an open marketplace (which the Internet was designed to support), customers should have their own pricing gun: a way to signal—and actually pay willing sellers—as much as they like, however, they like, for whatever they like, on their own terms. There is already a design for that, called EmanciPay. Its promise for the music industry alone is enormous.
  5. Intentcasting. Advertising is all guesswork, which involves massive waste. But what if customers could safely and securely advertise what they want, and only to qualified and ready sellers? This is called intentcasting, and to some degree, it already exists. Toward this, the Intention Byway is a core focus of Customer Commons. (Also see a list of intentcasting providers on the ProjectVRM Development Work list.)
  6. Shopping. Why can’t you have your own shopping cart—that you can take from store to store? Because we haven’t invented one yet. But we can. And when we do, all sellers are likely to enjoy more sales than they get with the current system of all-silo’d carts.
  7. Internet of Things. We don’t have this yet. Instead, we have the Apple of things, the Amazon of things, the Google of things, the Samsung of things, the Sonos of things, and so on, each silo’d in separate systems we don’t control. Things we own on the Internet should be our things. We should be able to control them, as independent operators, as we do with our computers and mobile devices. (Also, by the way, things don’t need to be intelligent or connected to belong to the Internet for us to control what’s known about them. They can be, or have, picos.)
  8. Loyalty. All loyalty programs are gimmicks, and coercive. True loyalty is worth far more to companies than the coerced kind, and only customers are in a position to truly and fully express it. We should have our own loyalty programs, to which companies are members, rather than the reverse.
  9. Privacy. We’ve had privacy tech in the physical world since the inventions of clothing, shelter, locks, doors, shades, shutters, and other ways to limit what others can see or hear—and to signal to others what’s okay and what’s not. Instead, all we have are unenforced promises by others not to watch our naked selves, or to report what they see to others. Or worse, coerced urgings to “accept” spying on us and distributing harvested information about us to parties unknown, with no record of what we’ve agreed to.
  10. Customer service. There are no standard ways for customers and companies to enjoy relationships, with useful data flowing both ways, and for help to come when it’s needed. Instead, every company does it differently, in its own silo’d system. For more on this, see # 12 below.
  11. Regulatory compliance. Especially around privacy. Because really, all the GDPR and the CCPA want is for companies to stop spying on people. Without any privacy tech on the individual’s side, however, responsibility for everyone’s privacy is entirely a corporate burden. This is unfair to people and companies alike, as well as insane—because it can’t work. (Worse, nearly all B2B “compliance” solutions only solve the felt need by companies to obey the letter of a law while ignoring its spirit. But if people have their own ways to signal their privacy requirements and expectations (as they do with clothing and shelter in the natural world), life gets a lot easier for everybody, because there’s something there to respect. We don’t have that yet online, but it shouldn’t be hard. For more on this, see Privacy is Personal and our own Privacy Manifesto.
  12. Real relationships: ones in which both parties actually care about and help each other, and good market intelligence flows both ways. Marketing by itself can’t do it. All you get is the sound of one hand slapping. (Or, more typically, pleasuring itself with mountains of data and fanciful maths first described in Darrell Huff’s How to Lie With Statistics, written in 1954). Sales departments can’t do it either, because their job is done once the relationship is established. CRM can’t do it without a VRM hand to shake on the customer’s side. From What Makes a Good Customer: “Consider the fact that a customer’s experience with a product or service is far more rich, persistent and informative than is the company’s experience selling those things, or learning about their use only through customer service calls (or even through pre-installed surveillance systems such as those which for years now have been coming in new cars). The curb weight of customer intelligence (knowledge, know-how, experience) with a company’s products and services far outweighs whatever the company can know or guess at. So, what if that intelligence were to be made available by the customer, independently, and in standard ways that work at scale across many or all of the companies the customer deals with?”
  13. Any-to-any/many-to-many business: a market environment where anybody can easily do business with anybody else, mostly free of centralizers or controlling intermediaries (with due respect for inevitable tendencies toward federation). There is some movement in this direction around what’s being called Web3.
  14. Life management platforms. KuppingerCole has been writing and thinking about these since not long after they gave ProjectVRM an award for its work, way back in 2007. These have gone by many labels: personal data clouds, vaults, dashboards, cockpits, lockers, and other ways of characterizing personal control of one’s life where it meets and interacts with the digital world. The personal data that matters in these is the kind that matters in one’s life: health (e.g. HIEofOne), finances, property, subscriptions, contacts, calendar, creative works, and so on, including personal archives for all of it. Social data out in the world also matters, but is not the place to start, because that data is less important than the kinds of personal data listed above—most of which has no business being sold or given away for goodies from marketers. (See We can do better than selling our data.)

All of these, however, are ocean-boiling ideas. In other words, not easy, especially without what the military calls “robust funding.” So our strategies are best aimed toward what are called “blue” rather than “red” (blood filled) oceans. One of those is the Byway (or “buyway”) project by Customer Commons, in Bloomington, Indiana. An excerpt:

There are three parts to the Byway project as it now stands (in July 2022): an online community (Small Town/mastodon), a matcher tool (Intently), and a local e-commerce “buyway.” (For more on that one, download the slide deck presented by Doc and Joyce at The Mill in November 2021. Or download this earlier and shorter one.)

We also see the Byway as complementary to, rather than competitive with, developments with similar and overlapping ambitions, such as SSI, DIDcomm, picos, JLINC, Digital Homesteading / Dazzle and many others.

Joyce and I, both founders and board members of Customer Commons, are heading up to DWeb Camp in a few minutes, and plan to make progress there on Byway development. I’ll report here on progress.

[Later…] DWeb Camp was a great success for us. We are now in planning conversations with developers and others. Stay tuned for more on that.

Is being less tasty vegetables our best strategy?

March 8, 2021 / / 0 Comments

We are now being farmed by business. The pretense of the “customer is king” is now more like “the customer is a vegetable” — Adrian Gropper

That’s a vivid way to put the problem.

There are many approaches to solutions as well. One is suggested today in the latest by @_KarenHao in MIT Technology Review, titled

How to poison the data that Big Tech uses to surveil you:
Algorithms are meaningless without good data. The public can exploit that to demand change.

An  excerpt:

In a new paper being presented at the Association for Computing Machinery’s Fairness, Accountability, and Transparency conference next week, researchers including PhD students Nicholas Vincent and Hanlin Li propose three ways the public can exploit this to their advantage:
Data strikes, inspired by the idea of labor strikes, which involve withholding or deleting your data so a tech firm cannot use it—leaving a platform or installing privacy tools, for instance.
Data poisoning, which involves contributing meaningless or harmful data. AdNauseam, for example, is a browser extension that clicks on every single ad served to you, thus confusing Google’s ad-targeting algorithms.
Conscious data contribution, which involves giving meaningful data to the competitor of a platform you want to protest, such as by uploading your Facebook photos to Tumblr instead.
People already use many of these tactics to protect their own privacy. If you’ve ever used an ad blocker or another browser extension that modifies your search results to exclude certain websites, you’ve engaged in data striking and reclaimed some agency over the use of your data. But as Hill found, sporadic individual actions like these don’t do much to get tech giants to change their behaviors.
What if millions of people were to coordinate to poison a tech giant’s data well, though? That might just give them some leverage to assert their demands.

The sourced paper* is titled Data Leverage: A Framework for Empowering the Public in its Relationship with Technology Companies, and concludes,

In this paper, we presented a framework for using “data leverage” to give the public more influence over technology company behavior. Drawing on a variety of research areas, we described and assessed the “data levers” available to the public. We highlighted key areas where researchers and policymakers can amplify data leverage and work to ensure data leverage distributes power more broadly than is the case in the status quo.

I am all for screwing with overlords, and the authors suggest some fun approaches. Hell, we should all be doing whatever it takes, lawfully (and there is a lot of easement around that) to stop rampant violation of our privacy—and not just by technology companies. The customers of those companies, which include every website that puts up a cookie notice that nudges visitors into agreeing to be tracked all over the Web (in observance of the letter of the GDPR, while screwing its spirit), are also deserving of corrective measures. Same goes for governments who harvest private data themselves, or gather it from others without our knowledge or permission.

My problem with the framing of the paper and the story is that both start with the assumption that we are all so weak and disadvantaged that our only choices are: 1) to screw with the status quo to reduce its harms; and 2) to seek relief from policymakers.  While those choices are good, they are hardly the only ones.

Some context: wanton privacy violations in our digital world has only been going on for a little more than a decade, and that world is itself barely more than  a couple dozen years old (dating from the appearance of e-commerce in 1995). We will also remain digital as well as physical beings for the next few decades or centuries.

So we need more than these kinds of prescriptive solutions. For example, real privacy tech of our own, that starts with giving us the digital versions of the privacy protections we have enjoyed in the physical world for millennia: clothing, shelter, doors with locks, and windows with curtains or shutters.

We have been on that case with ProjectVRM since 2006, and there are many developments in progress. Some even comport with our Privacy Manifesto (a work in progress that welcomes improvement).

As we work on those, and think about throwing spanners into the works of overlords, it may also help to bear in mind one of Craig Burton‘s aphorisms: “Resistance creates existence.” What he means is that you can give strength to an opponent by fighting it directly. He applied that advice in the ’80s at Novell by embracing 3Com, Microsoft and other market opponents, inventing approaches that marginalized or obsolesced their businesses.

I doubt that will happen in this case. Resisting privacy violations has already had lots of positive results. But we do have a looong way to go.

Personally, I welcome throwing a Theia.

* The full list of authors is Nicholas Vincent, Hanlin Li (@hanlinliii), Nicole Tilly and Brent Hecht (@bhecht) of Northwestern University, and Stevie Chancellor (@snchencellor) of the University of Minnesota,

Personal scale

April 27, 2019 / / 3 Comments

Way back in 1995, when our family was still new to the Web, my wife asked a question that is one of the big reasons I started ProjectVRM: Why can’t I take my own shopping cart from one site to another?

The bad but true answer is that every site wants you to use their shopping cart. The good but not-yet-true answer is that nobody has invented it yet. By that I mean: not  a truly personal one, based on open standards that make it possible for lots of developers to compete at making the best personal shopping cart for you.

Think about what you might be able to do with a PSC (Personal Shopping Cart) online that you can’t do with a physical one offline:

  • Take it from store to store, just as you do with your browser. This should go without saying, but it’s still worth repeating, because it would be way cool.
  • Have a list of everything parked already in your carts within each store.
  • Know what prices have changed, or are about to change, for the products in your carts in each store.
  • Notify every retailer you trust that you intend to buy X, Y or Z, with restrictions (meaning your terms and conditions) on the use of that information, and in a way that will let you know if those restrictions are violated. This is called intentcasting, and there are a pile of companies already in that business.
  • Have a way to change your name and other contact information, for all the stores you deal with, in one move.
  • Control your subscriptions to each store’s emailings and promotional materials.
  • Have your  own way to express genuine loyalty , rather than suffering with as many coercive and goofy “loyalty programs” as there are companies
  • Have a standard way to share your experiences with the companies that make and sell the products you’ve bought, and to suggest improvements—and for those companies to share back updates and improvements you should know about.
  • Have wallets of your own, rather than only those provided by platforms.
  • Connect to your collection of receipts, instruction manuals and other relevant information for all the stuff you’ve already bought or currently rent. (Note that this collection is for the Internet of your things—one you control for yourself, and is not a set of suction cups on corporate tentacles.)
  • Your own standard way to call for service or support, for stuff you’ve bought or rented, rather than suffering with as many different ways to do that as there are companies you’ve engaged

All of these things are Me2B, and will give each of us scale, much as the standards that make the Internet, browsers and email all give us scale. And that scale will be just as good for the companies we deal with as are the Internet, browsers and email.

If you think “none of the stores out there will want any of this, because they won’t control it,” think about what personal operating systems and browsers on every device have already done for stores by making the customer interface standard. What we’re talking about here is enlarging that interface.

I’d love to see if there is any economics research and/or scholarship on personal scale and its leverage (such as personal operating systems, devices and browsers give us) in the digital world). Because it’s a case that needs to be made.

Of course, there’s money to me made as well, because there will be so many more, better and standard ways for companies to deal with customers than current tools (including email, apps and browsers) can by themselves.

Let’s give some @VRM help to the @CFPB

November 21, 2016 / / 1 Comment

cfpbThe Consumer Financial Protection Bureau (@CFPB) is looking to help you help them—plus everybody else who uses financial services.

They explain:

Many new financial innovations rely on people choosing to give a company access to their digital financial records held by another company. If you’re using these kinds of services, we’d love to hear from you…

Make your voice heard. Share your comments on Facebook or Twitter . If you want to give us more details, you can share your story with us through our website. To see and respond to the full range of questions we’re interested in learning about, visit our formal Request for Information

For example,

Services that rely on consumers granting access to their financial records include:

  • Budgeting analysis and advice:  Some tools let people set budgets and analyze their spending activity.  The tools organize your purchases across multiple accounts into categories like food, health care, and entertainment so you can see trends. Some services send a text or email notification when a spending category is close to being over-budget.

  • Product recommendations: Some tools may make recommendations for new financial products based on your financial history. For example, if your records show that you have a lot of ATM fees, a tool might recommend other checking accounts with lower or no ATM fees.

  • Account verification: Many companies need you to verify your identity and bank account information. Access to your financial records can speed that process.

  • Loan applications: Some lenders may access your financial records to confirm your income and other information on your loan application.

  • Automatic or motivational savings: Some companies analyze your records to provide you with automatic savings programs and messages to keep you motivated to save.

  • Bill payment: Some services may collect your bills and help you organize your payments in a timely manner.

  • Fraud and identity theft protection: Some services analyze your records across various accounts to alert you about potentially fraudulent transactions.

  • Investment management: Some services use your account records to help you manage your investments.

A little more about the CFPB:

Our job is to put consumers first and help them take more control over their financial lives. We’re the one federal agency with the sole mission of protecting consumers in the financial marketplace. We want to make sure that consumer financial products and services are helping people rather than harming them.

A hat tip to @GeneKoo (an old Berkman Klein colleague) at the CFPB,  who sees our work with ProjectVRM as especially relevant to what they’re doing.  Of course, we agree. So let’s help them help us, and everybody else in the process.

Some additional links:

VRM Day: Starting Phase Two

October 17, 2016 / / 0 Comments

VRM Day is today, 24 October, at the Computer History Museum. IIW follows, over the next three days at the same place. (The original version of this post was October 17.)

We’ve been doing VRM Days since (let’s see…) this one in 2013, and VRM events since this one in 2007. Coming on our tenth anniversary, this is our last in Phase One.

sisyphusTheRolling snowball difference between Phase One and Phase Two is that between rocks and snowballs. In Phase One we played Sisyphus, pushing a rock uphill. In Phase Two we roll snowballs downhill.

Phase One was about getting us to the point where VRM was accepted by many as a thing bound to happen. This has taken ten years, but we are there.

Phase Two is about making it happen, by betting our energies on ideas and work that starts rolling downhill and gaining size and momentum.

Some of that work is already rolling. Some is poised to start. Both kinds will be on the table at VRM Day. Here are ones currently on the agenda:

  • VRM + CRM via JLINC. See At last: a protocol to link VRM and CRM. , and The new frontier for CRM is CDL: customer driven leads. This is a one form of intentcasting that should be enormously appealing to CRM companies and their B2B corporate customers. Speaking of which, we also have—
  • Big companies welcoming VRM.  Leading this is Fing, a French think tank that brings together many of the country’s largest companies, both to welcome VRM and to research (e.g. through Mesinfos) how the future might play out. Sarah Medjek of Fing will present that work, and lead discussion of where it will head next. We will also get a chance to participate in that research by providing her with our own use cases for VRM. (We’ll take out a few minutes to each fill out an online form.)
  • Terms individuals assert in dealings with companies. These are required for countless purposes. Mary Hodder will lead discussion of terms currently being developed at Customer Commons and the CISWG / Kantara User Submitted Terms working group (Consent and Information Sharing Working Group). Among other things, this leads to—
  • 2016_04_25_vrmday_000-1Next steps in tracking protection and ad blocking. At the last VRM Day and IIW, we discussed CHEDDAR on the server side and #NoStalking on the individual’s side. There are now huge opportunities with both, especially if we can normalize #NoStalking terms for all tracking protection and ad blocking tools.  To prep for this, see  Why #NoStalking is a good deal for publishers, where you’ll find the image on the right, copied from the whiteboard on VRM Day.
  • Blockchain, Identity and VRM. Read what Phil Windley has been writing lately distributed ledgers (e.g. blockchain) and what they bring to the identity discussions that have been happening for 22 IIWs, so far. There are many relevancies to VRM.
  • Personal data. This was the main topic at two recent big events in Europe: MyData2016 in Helsinki and PIE (peronal information economy) 2016 in London.  The long-standing anchor for discussions and work on the topic at VRM Day and IIW is PDEC (Personal Data Ecosystem Consortium). Dean Landsman of PDEC will keep that conversational ball rolling. Adrian Gropper will also brief us on recent developments around personal health data as well.
  • Hacks on the financial system. Kevin Cox can’t make it, but wants me to share what he would have presented. Three links: 1) a one minute video that shows why the financial system is so expensive, 2) part of a blog post respecting his local Water Authority and newly elected government., and 3) an explanation of the idea of how we can build low-cost systems of interacting agents. He adds, “Note the progression from location, to address, to identity, to money, to housing.  They are all ‘the same’.” We will also look at how small business and individuals have more in common than either do with big business. With a hint toward that, see what Xero (the very hot small business accounting software company) says here.
  • What ProjectVRM becomes. We’ve been a Berkman-Klein Center project from the start. We’ve already spun off Customer Commons. Inevitably, ProjectVRM will itself be spun off, or evolve in some TBD way. We need to co-think and co-plan how that will go. It will certainly live on in the DNA of VRM and VRooMy work of many kinds. How and where it lives on organizationally is an open question we’ll need to answer.

Here is a straw man context for all of those and more.

  • Top Level: Tools for people. These are ones which, in legal terms, give individuals power as first parties. In mathematical terms, they make us independent variables, rather than dependent ones. Our focus from the start has been independence and engagement.
    • VRM in the literal sense: whatever engages companies’ CRM or equivalent systems.
    • Intentcasting.
    • PIMS—Personal Information Management Systems. Goes by many names: personal clouds, personal data stores, life management platforms and so on. Ctrl-Shift has done a good job of branding PIMS, however. We should all just go with that.
    • Privacy tools. Such as those provided by tracking protection (and tracking-protective ad blocking).
    • Legal tools. Such as the terms Customer Commons and the CISWG are working on.
    • UI elements. Such as the r-button.
    • Transaction & payment systems. Such as EmanciPay.

Those overlap to some degree. For example, a PIMS app and data store can do all that stuff. But we do need to pull the concerns and categories apart as much as we can, just so we can talk about them.

Kaliya will facilitate VRM Day. She and I are still working on the agenda. Let us know what you’d like to add to the list above, and we’ll do what we can. (At IIW, you’ll do it, because it’s an unconference. That’s where all the topics are provided by participants.)

Again, register here. And see you there.

 

Save

Save

Save

Save

We’re done with Phase One

October 9, 2016 / / 0 Comments

Here’s a picture that’s worth more than a thousand words:

maif-vrm

He’s with MAIF, the French insurance company, speaking at MyData 2016 in Helsinki, a little over a month ago. Here’s another:

sean-vrm

That’s Sean Bohan, head of our steering committee, expanding on what many people at the conference already knew.

I was there too, giving the morning keynote on Day 2:

cupfu1hxeaa4thh

It was an entirely new talk. Pretty good one too, especially since  I came up with it the night before.

See, by the end of Day 1, it was clear that pretty much everybody at the conference already knew how market power was shifting from centralized industries to distributed individuals and groups (including many inside centralized industries). It was also clear that most of the hundreds of people at the conference were also familiar with VRM as a market category. I didn’t need to talk about that stuff anymore. At least not in Europe, where most of the VRM action is.

So, after a very long journey, we’re finally getting started.

In my own case, the journey began when I saw the Internet coming, back in the ’80s.  It was clear to me that the Net would change the world radically, once it allowed commercial activity to flow over its pipes. That floodgate opened on April 30, 1995. Not long after that, I joined the fray as an editor for Linux Journal (where I still am, by the way, more than 20 years later). Then, in 1999, I co-wrote The Cluetrain Manifesto, which delivered this “one clue” above its list of 95 Theses:

not

And then, one decade ago last month, I started ProjectVRM, because that clue wasn’t yet true. Our reach did not exceed the grasp of marketers in the world. If anything, the Net extended marketers’ grasp a lot more than it did ours. (Shoshana Zuboff says their grasp has metastasized into surveillance capitalism. ) In respect to Gibson’s Law, Cluetrain proclaimed an arrived future that was not yet distributed. Our job was to distribute it.

Which we have. And we can start to see results such as those above. So let’s call Phase One a done thing. And start thinking about Phase Two, whatever it will be.

To get that work rolling, here are a few summary facts about ProjectVRM and related efforts.

First, the project itself could hardly be more lightweight, at least administratively. It consists of:

Second, we have a spin-off: Customer Commons, which will do for personal terms of engagement (one each of us can assert online) what Creative Commons (another Berkman-Klein spinoff) did for copyright.

Third, we have a list of many dozens of developers, which seem to be concentrated in Europe and Australia/New Zealand.  Two reasons for that, both speculative:

  1. Privacy. The concept is much more highly sensitive and evolved in Europe than in the U.S. The reason we most often get goes, “Some of our governments once kept detailed records of people, and those records were used to track down and kill many of them.” There are also more evolved laws respecting privacy. In Australia there have been privacy laws for several years requiring those collecting data about individuals to make it available to them, in forms the individual specifies. And in Europe there is the General Data Protection Regulation, which will impose severe penalties for unwelcome data gathering from individuals, starting in 2018.
  2. Enlightened investment. Meaning investors who want a startup to make a positive difference in the world, and not just give them a unicorn to ride out some exit. (Which seems to have become the default model in the U.S., especially Silicon Valley.)

What we lack is research. And by we I mean the world, and not just ProjectVRM.

Research is normally the first duty of a project at the Berkman Klein Center, which is chartered as a research organization. Research was ProjectVRM’s last duty, however, because we had nothing to research at first. Or, frankly, until now. That’s why we were defined as a development & research project rather than the reverse.

Where and how research on VRM and related efforts happens is a wide-open question. What matters is that it needs to be done, starting soon, while the “before” state still prevails in most of the world, and the future is still on its way in delivery trucks. Who does that research matters far less than the research itself.

So we are poised at a transitional point now. Let the conversations about Phase Two commence.

Preparing for the 3D/VR future

March 29, 2015 / / 0 Comments

Look in the direction that meerkatMeerkat and periscopeappPeriscope both point.

If you’ve witnessed the output of either, several things become clear about their evolutionary path:

  1. Stereo sound is coming. So is binaural sound, with its you-are-there qualities.
  2. 3D will come too, of course, especially as mobile devices start to include two microphones and two cameras.
  3. The end state of both those developments is VR, or virtual reality. At least on the receiving end.

The production end is a different animal. Or herd of animals, eventually. Expect professional gear from all the usual sources, showing up at CES starting next year and on store shelves shortly thereafter. Walking around like a dork holding a mobile in front of you will look in 2018 like holding a dial-phone handset to your head looks today.

I expect the most handy way to produce 3D and VR streams will be with  glasses like these:

srlzglasses

(That’s my placeholder design, which is in the public domain. That’s so it has no IP drag, other than whatever submarine patents already exist, and I am sure there are some.)

Now pause to dig @ctrlzee‘s Fast Company report on Facebook’s 10-year plan to trap us inside The Matrix. How long before Facebook buys Meerkat and builds it into Occulus Rift? Or buys Twitter, just to get Periscope and do the same?

Whatever else happens, the rights clearing question gets very personal. Do you want to be broadcast and/or recorded by others or not? What are the social and device protocols for that? (The VRM dev community has designed one for the glasses above. See the ⊂ ⊃ in the glasses? That’s one. Each corner light is another.)

We should start zero-basing the answers today, while the inevitable is in sight but isn’t here yet. Empathy is the first requirement. (Take the time to dig Dave Winer’s 12-minute podcast on the topic. It matters.) Getting permission is another.

As for the relevance of standing law, almost none of it applies at the technical level. Simply put, all copyright laws were created in times when digital life was unimaginable (e.g. Stature of Anne, ASCAP), barely known (Act of 1976), or highly feared (WIPO, CTEA, DMCA).

How would we write new laws for an age that has barely started? Or why start with laws at all? (Nearly all regulation protects yesterday from last Thursday. And too often its crafted by know-nothings.)

We’ve only been living the networked life since graphical browsers and ISPs arrived in the mid-90’s. Meanwhile we’ve had thousands of years to develop civilization in the physical world. Which means that, relatively speaking, networked life is Eden. It’s brand new here, and we’re all naked. That’s why it’s so easy anybody to see everything about us online.

How will we create the digital equivalents of the privacy technologies we call clothing and shelter? Is the first answer a technical one, a policy one, or both? Which should come first? (In Europe and Australia, policy already has.)

Protecting the need for artists to make money is part of the picture. But it’s not the only part. And laws are only one way to protect artists, or anybody.

Manners come first, and we barely have those yet, if at all. None of the big companies that currently dominate our digital lives have fully thought out how to protect anybody’s privacy. Those that come closest are ones we pay directly, and are financially accountable to us.

Apple, for example, is doing more and more to isolate personal data to spaces the individual controls and the company can’t see. Google and Facebook both seem to regard personal privacy as a bug in online life, rather than a feature of it. (Note that, at least for their most popular services, we pay those two companies nothing. We are mere consumers whose lives are sold to the company’s actual customers, which are advertisers.)

Bottom line: the legal slate is covered in chalk, but the technical one is close to clean. What do we want to write there?

We’ll be talking about this, and many other things, at VRM Day (6 April) and IIW (7-9 April) in the Computer History Museum in downtown Silicon Valley (101 & Shoreline, Mountain View).

Designing the VRM future at IIW

March 15, 2015 / / 0 Comments

A veteran VRooMeriiwxx tells me a design fiction would be a fun challenge for VRM Day and IIW (which will run from April 6-9 at the Computer History Museum in Mountain View, CA).

He describes one as “basically a way of peeking into the near future by demonstrating an imaginary product that doesn’t exist, but could. For example, instead of talking about a possible VRM product, one instead would create a marketing brochure, screen mockups or a fake video advertisement for this imaginary product as a way to help others understand where the world is headed and possibly even further the underlying technologies or driving concepts.”

Coincidentally, the subject of VRM Day (and a focus for the three days that will follow at IIW) is a maturity model framework that will provide every VRM developer the same single sheet (or set of them) on which to show where they stand in developing VRM capabilities into their company, product, code base or whatever else they’re working on. Work has already started on it, and those doing the work will present a first draft of it on VRM Day.

You know the old saying, “all singing from the same song sheet”? The VRM maturity model framework is it. Think of it as a musical score that is starting to be written, for an orchestra will come together. When we’re done with this round, we’ll at least know what the score describes, and give the players of different instruments enough of a framework so they know where they, and everybody else, fits.

By the end of IIW, it should be ready to do several things:

  1. Provide analysts with a single framework for understanding all VRM developers and development, and the coherencies among them.
  2. Give VRM developers a way to see how their work complements and/or competes with other VRM work that’s going on — and guide future developments.
  3. Give each developer a document to use for their own internal and external purposes.
  4. Give CRM, CE. CX and other vendor-side systems a clear picture of what pieces in the VRM development community will connect with their systems, and how, so buyer-side and seller-side systems can finally connect and grow together.

While we do this, it might also be fun to work out a design fiction as a summary document or video. What would the complete VRM solution (which will surely be a collection of them) look like? How would we present it as a single thing?

All of this is food for thinking and re-thinking. Suggestions invited.

« Older posts

© 2026 ProjectVRM

Theme by Anders NorenUp ↑