Category: Companies (page 1 of 10)

VRM Day: Starting Phase Two

VRM Day is one week from today, at the Computer History Museum, followed by IIW over the next three days at the same place. We’ve been doing VRM Days since (let’s see…) this one in 2013, and VRM events since this one in 2007. Coming on our tenth anniversary, this is our last in Phase One.

sisyphusTheRolling snowball difference between Phase One and Phase Two is that between rocks and snowballs. In Phase One we played Sisyphus, pushing a rock uphill. In Phase Two we roll snowballs downhill.

Phase One was about getting us to the point where VRM was accepted by many as a thing bound to happen. This has taken ten years, but we are there.  Phase Two is about making it happen, by betting our energies on ideas and work that starts rolling downhill and gaining size and momentum.

Some of that work is already rolling. Some is poised to start. Both kinds will be on the table at VRM Day. Here are ones currently on the agenda:

  • VRM + CRM via JLINC. See At last: a protocol to link VRM and CRM. , and The new frontier for CRM is CDL: customer driven leads. This is a one form of intentcasting that should be enormously appealing to CRM companies and their B2B corporate customers. Speaking of which, we also have—
  • Big companies welcoming VRM.  Leading this is Fing, a French think tank that brings together many of the country’s largest companies, both to welcome VRM and to research (e.g. through Mesinfos) how the future might play out. Sarah Medjek of Fing will present that work, and lead discussion of where it will head next. We will also get a chance to participate in that research by providing her with our own use cases for VRM. (We’ll take out a few minutes to each fill out an online form.)
  • Terms individuals assert in dealings with companies. These are required for countless purposes. Mary Hodder will lead discussion of terms currently being developed at Customer Commons and the CISWG / Kantara User Submitted Terms working group (Consent and Information Sharing Working Group). Among other things, this leads to—
  • 2016_04_25_vrmday_000-1Next steps in tracking protection and ad blocking. At the last VRM Day and IIW, we discussed CHEDDAR on the server side and #NoStalking on the individual’s side. There are now huge opportunities with both, especially if we can normalize #NoStalking terms for all tracking protection and ad blocking tools.  To prep for this, see  Why #NoStalking is a good deal for publishers, where you’ll find the image on the right, copied from the whiteboard on VRM Day.
  • Blockchain, Identity and VRM. Read what Phil Windley has been writing lately distributed ledgers (e.g. blockchain) and what they bring to the identity discussions that have been happening for 22 IIWs, so far. There are many relevancies to VRM.
  • Personal data. This was the main topic at two recent big events in Europe: MyData2016 in Helsinki and PIE (peronal information economy) 2016 in London.  The long-standing anchor for discussions and work on the topic at VRM Day and IIW is PDEC (Personal Data Ecosystem Consortium). Dean Landsman of PDEC will keep that conversational ball rolling. Adrian Gropper will also brief us on recent developments around personal health data as well.
  • Hacks on the financial system. Kevin Cox can’t make it, but wants me to share what he would have presented. Three links: 1) a one minute video that shows why the financial system is so expensive, 2) part of a blog post respecting his local Water Authority and newly elected government., and 3) an explanation of the idea of how we can build low-cost systems of interacting agents. He adds, “Note the progression from location, to address, to identity, to money, to housing.  They are all ‘the same’.” We will also look at how small business and individuals have more in common than either do with big business. With a hint toward that, see what Xero (the very hot small business accounting software company) says here.
  • What ProjectVRM becomes. We’ve been a Berkman-Klein Center project from the start. We’ve already spun off Customer Commons. Inevitably, ProjectVRM will itself be spun off, or evolve in some TBD way. We need to co-think and co-plan how that will go. It will certainly live on in the DNA of VRM and VRooMy work of many kinds. How and where it lives on organizationally is an open question we’ll need to answer.

There are many other topics, some of which I have surely missed in my rush to put this up.

Kaliya will facilitate VRM Day. She and I are still working on the agenda. Let us know what you’d like to add to the list above, and we’ll do what we can. (At IIW, you’ll do it, because it’s an unconference. That’s where all the topics are provided by participants.)

Again, register here. And see you there.



What small business and their customers have in common

small vs largeSmall businesses and their customers both have problems dealing with big businesses that are more vested in captive markets than in free ones. So, since VRM is about independence and engagement, we may have an opportunity for customers and small businesses to join in common cause.

To dig deeper into that possibility, I interviewed LaVonne Reimer, who runs Lumenous (a startup that  provides ways for small businesses to create and share credit profiles on their own terms). Here goes—

DS: How big is small business?

LR: The domestic small business market in the U.S. is currently at 28 million firms. This includes employer and non-employer firms that provide products or services to their neighborhoods and communities as well as those that provide a unique offering to a larger supply chain or marketplace.

The impact of credit decisions is another big number—how at least $4 trillion flows to small business in the U.S.. That includes a significant portion of over $1 trillion in federal contracts and grants, and $700 billion in loans, a substantial portion of which are backed by the Small Business Administration (SBA).

DS: What’s the biggest issue for small business, and how is that similar to issues for individuals?

LR: Credit. The $28 billion credit industry provides creditworthiness indicators as well as personal identity and entity verification for both businesses and individuals. From the standpoint of both, that industry is a collection of black boxes. They are unaccountable collections of algorithms that can make or break a business, or often its owner, without explaining why. Or even knowing why.

The incumbent with the biggest impact on small business credit is Dun & Bradstreet. Founded in 1841, D&B is the grandfather of all credit bureaus and in many respects the originator of corporate surveillance.  And now D&B is in the identity business as well, putting those being identified at D&B’s mercy.

DS: How?

LR: Through the Data Universal Numbering System, better known as DUNS. It’s a loss leader that gives D&B a potent tool for finding and extracting information from business owners not otherwise publicly available. And it’s all done out of the sight of the business, and—effectively—government as well.

DS: Are they alone at this?

LR: No. A handful of venture-backed “fintech” startups are using similar technology to harvest data. Some of the data gathering might be initially authorized by the business owner. Other data they can scrape or mine from the Web to determine creditworthiness for purposes of making loans. Many do not disclose “effective APR” but recent Federal Reserve System research suggests the range may be from over 50% at the low end to somewhere in the hundreds. Business owners may get loans they couldn’t get from regulated or traditional banks but are blind-sided by onerous terms and in some cases thrown into bankruptcy because the collection model—daily automated micro-payments—catches them off guard, for example by triggering excessive non-sufficient funds (NSF) fees. To a business owner, these providers seem much like credit bureaus. There is no way yet to leverage or re-use the data you have to supply to get the loan, much less understand how the algorithms work.

I should add that a small business “bill of rights” has been circulating among start-ups; but it under-estimates the degree to which the odds are stacked against a small business across commercial credit.”

DS: What about government oversight?

LR: Today, consumer identity and credit providers must comply with the Fair Credit Reporting Act, but the FCRA and similar regulations do not govern small business credit, not even when consumer credit information is used to verify the identity and creditworthiness of the entity and owner.

There is, however, increasing scrutiny by the Federal Trade Commission (FTC) of big data systems in credit profiling and other data brokers. In multiple enforcement orders and two major reports, the FTC is calling on identity and data providers to demonstrate greater transparency and accountability in the uses of personal data. One report is Big Data: A Tool for Inclusion or Exclusion? The other is “Data Brokers: A Call for Transparency and Accountability.

Still, as is true of the Fair Credit Reporting Act, small business is left unaddressed, even if creditors use consumer credit information associated with the owner of the business.

DS: What outcomes are we looking for here?

LR:  At Lumenous, we are applying the principles of VRM to transform the relationship between small business and creditors. As a result, up to six million small employer firms will be able to access the credit, capital, and commerce they deserve.. This will lead to better leverage of cash and ability to not only meet payroll and pay bills on time, but also better contribute to the economic well-being of their communities. Twenty-two million “non employer firms”—freelancers and sole proprietors, for example—will have access to credit, and more easily form trusted joint ventures to bid on otherwise out-of-reach projects.

DS: Are there any large companies that are working to bring small business and their customers together in the fight to improve the economy from the bottom up?

LR: I really like what Xero is doing. It is far more friendly and useful to small business than other accounting software and services companies (especially Quickbooks). It’s growing rapidly too. I believe that;s because it has a deep understanding of how small business works, and a genuine respect for how small business owners think about their firms, and those firms’ roles in the world.

DS: I noticed. Xero’s CEO, Rod Drury, sourced a recent post of mine in a talk he gave just a few days ago. And Gary Turner, an old friend from my Cluetrain days, is Managing Director of Xero in the UK. I’ll be talking with both in the next few days as well.

LR: I expect that Xero will also have lots of useful intelligence about what’s actually happening with small business, worldwide—and with possible VRM connections.

And here are some bonus sources, mostly courtesy of LaVonne:

There are many more, but I’ll save those for a follow-up post.














VRM at MyData2016


As it happens I’m in Helsinki right now, for MyData2016, where I’ll be speaking on Thursday morning. My topic: The Power of the Individual. There is also a hackathon (led by going on during the show, starting at 4pm (local time) today. In no order of priority, here are just some of the subjects and players I’ll be dealing with,  talking to, and talking up (much as I can):

Please let me know what others belong on this list. And see you at the show.


Is Facebook working on a VRM system? Or just another way to do ads?

It’s easy to get caught up in news that WhatsApp is starting to accept advertising (after they said they would never do that), and miss the deeper point of what’s really going on: Facebook setting up a new bot-based channel through which companies and customers can communicate. Like this:


The word balloon is Facebook Messenger. But it could be WhatsApp too. From a VRM perspective, what matters is whether or not “Messenger bots” work as VRM tools, meaning they obey the individual user’s commands (and not just those of Facebook’s corporate customers). We don’t know yet. Hence the question mark.

But before we get to exploring the possibilities here (which could be immense), we need to visit and dismiss the main distractions.

Those start with Why we don’t sell ads, posted on the WhatsApp blog on 18 June 2012. Here are the money grafs from that one:

We knew we could do what most people aim to do every day: avoid ads.
No one wakes up excited to see more advertising, no one goes to sleep thinking about the ads they’ll see tomorrow. We know people go to sleep excited about who they chatted with that day (and disappointed about who they didn’t). We want WhatsApp to be the product that keeps you awake… and that you reach for in the morning. No one jumps up from a nap and runs to see an advertisement.

Advertising isn’t just the disruption of aesthetics, the insults to your intelligence and the interruption of your train of thought. At every company that sells ads, a significant portion of their engineering team spends their day tuning data mining, writing better code to collect all your personal data, upgrading the servers that hold all the data and making sure it’s all being logged and collated and sliced and packaged and shipped out… And at the end of the day the result of it all is a slightly different advertising banner in your browser or on your mobile screen.

Remember, when advertising is involved you the user are the product.

Great stuff. But that was then and this is now. In WhatsApp’s latest post, Looking Ahead for WhatsApp (25 August), we have the about-face:

But by coordinating more with Facebook, we’ll be able to do things like track basic metrics about how often people use our services and better fight spam on WhatsApp. And by connecting your phone number with Facebook’s systems, Facebook can offer better friend suggestions and show you more relevant ads if you have an account with them. For example, you might see an ad from a company you already work with, rather than one from someone you’ve never heard of. You can learn more, including how to control the use of your data, here.

Pretty yucky, huh?

Earlier in the same post, however, WhatsApp says,

we want to explore ways for you to communicate with businesses that matter to you too

Interesting: Mark Zuckerberg said the same thing when he introduced messenger bots, back in April. In the video at that link, Zuck said,

Now that Messenger has scaled, we’re starting to develop ecosystems around it. And the first thing we’re doing is exploring how you can all communicate with businesses.

You probably interact with dozens of businesses every day. And some of them are probably really meaningful to you. But I’ve never met anyone who likes calling a business. And no one wants to have to install a new app for every service or business they want to interact with. So we think there’s gotta be a better way to do this.

We think you should be able to message a business the same way you message a friend. You should get a quick response, and it shouldn’t take your full attention, like a phone call would. And you shouldn’t have to install a new app.

Note the similarities in the set-up:

  1. Zuck:  “how you can all communicate with business.”
  2. WhatsApp: “explore ways for you to communicate with businesses.”

This is, or should be, pure VRM:  a way for a customer to issue a service request, or to intentcast for bids on a new washing machine or a car. In other words, what they seem to be talking about here is a new communication channel between customers and businesses that can relieve  the typical pains of being a customer while also opening the floodgates of demand notifying supply when it’s ready to buy. Back to Zuck:

So today we’re launching Messenger Platform. So you can build bots for Messenger.

By “you” Zuck means the developers he was addressing that day. I assume these were developers working for businesses that avoid customer contact and would rather have robots take over everything possible, because that’s the norm these days. But I could be wrong. He continues,

And it’s a simple platform, powered by artificial intelligence, so you can build natural language services to communicate directly with people. So let’s take a look.

CNN, for example, is going to be able to send you a daily digest of stories, right into messenger. And the more you use it, the more personalized it will get. And if you want to learn more about a specific topic, say a Supreme Court nomination or the zika virus, you just send a message and it will send you that information.

The antecedents of “you” move around here. Could be he’s misdirecting attention away from surveillance. Can’t tell. But it is clear that he’s looking past advertising alone as a way to make money.

Back to the WhatsApp post:

Whether it’s hearing from your bank about a potentially fraudulent transaction, or getting notified by an airline about a delayed flight, many of us get this information elsewhere, including in text messages and phone calls.

This also echoes what Zuck said in April. In both cases it’s about companies communicating with you, not about you communicating with companies. Would bots work both ways?

In “‘Bot’ is the wrong name…and why people who think it’s silly are wrong”, Aaron Batalion says all kinds of functionality now found only in apps will move to bots—Messenger’s in particular. “In a micro app world, you build one experience on the Facebook platform and reach 1B people.”

How about building a one-experience bot so 1B people can reach businesses the same way?

Imagine, for example, that you can notify every company you deal with that your last name has changed, or you’ve replaced a credit card. It would be great to do that in one move. It would also be VRM 101. But, almost ten years into our project, nobody has built that yet. Is Facebook doing it?

Frankly, I hope not, because I don’t want to see VRM trapped inside a giant silo.

That’s why I just put up Market intelligence that flows both ways, over in Medium. (It’s a much-updated version of a post I put up here several years ago.)

In that post I describe a much better approach, based on open source code, that doesn’t require locating your soul inside a large company for which, as WhatsApp put it four years ago, you’re the product.

Here’s a diagram that shows how one person (myself, in this case) can relate to a company whose moccasins he owns:


The moccasins have their own pico: a cloud on the Net for a thing in the physical world. For VRM and CRM purposes, this one is a relationship conduit between customer and company.

A pico of this type comes in to being when the customer assigns the QR code to the moccasins and scans it. The customer and company can then share records about the product, or notify the other party when there’s a problem, a bargain on a new pair, or whatever. It’s tabula rasa: wide open.

The current code for this is called Wrangler. It’s open source and in Github. For the curious, Phil Windley explains how picos work in Reactive Programming With Picos.

I’ll continue on this theme in the next post. Meanwhile, my main purpose with this one is to borrow interest in where Facebook is going (if I’m guessing right) with Messenger bots, and do it one better in the open and un-silo’d world, while we still have one to hack.
















The Castle Doctrine

home castle

The Castle doctrine has been around a long time. Cicero (106–43 BCE) wrote, “What more sacred, what more strongly guarded by every holy feeling, than a man’s own home?” In Book 4, Chapter 16 of his Commentaries on the Laws of England, William Blackstone (1723–1780 CE) added, “And the law of England has so particular and tender a regard to the immunity of a man’s house, that it stiles it his castle, and will never suffer it to be violated with impunity: agreeing herein with the sentiments of ancient Rome…”

Since you’re reading this online, let me ask, what’s your house here? What sacred space do you strongly guard, and never suffer to be violated with impunity?

At the very least, it should be your browser.

But, unless you’re running tracking protection in the browser you’re using right now, companies you’ve never heard of (and some you have) are watching you read this, and eager to use or sell personal data about you, so you can be delivered the human behavior hack called “interest based advertising.”

Shoshana Zuboff, of Harvard Business School, has a term for this:surveillance capitalism, defined as “a wholly new subspecies of capitalism in which profits derive from the unilateral surveillance and modification of human behavior.”

Almost across the board, advertising-supported publishers have handed their business over to adtech, the surveillance-based (they call it “interactive”) wing of advertising. Adtech doesn’t see your browser as a sacred personal space, but instead as a shopping cart with ad space that you push around from site to site.

So here is a helpful fact: we don’t go anywhere when we use our browsers. Our browser homes are in our computers, laptops and mobile devices. When we “visit” a web page or site with our browsers, we actually just request its contents (using the hypertext protocol called http or https).

In no case do we consciously ask to be spied on, or abused by content we didn’t ask for or expect. That’s why we have every right to field-strip out anything we don’t want when it arrives at our browsers’ doors.

The castle doctrine is what hundreds of millions of us practice when we use tracking protection and ad blockers. It is what called the new Brave browser into the marketplace. It’s why Mozilla has been cranking up privacy protections with every new version of Firefox . It’s why Apple’s new content blocking feature treats adtech the way chemo treats cancer. It’s why respectful publishers will comply with CHEDDAR. It’s why Customer Commons is becoming the place to choose No Trespassing signs potential intruders will obey. And it’s why #NoStalking is a good deal for publishers.

The job of every entity I named in the last paragraph — and every other one in a position to improve personal privacy online — is to bring as much respect to the castle doctrine in the virtual world as we’ve had in the physical one for more than two thousand years.

It should help to remember that it’s still early. We’ve only had commercial activity on the Internet since April 1995. But we’ve also waited long enough. Let’s finish making our homes online the safe places they should have been in the first place.


Helping publishers and advertisers move past the ad blockade


Those are the three market conversations happening in the digital publishing world. Let’s look into what they’re saying, and then what more they can say that’s not being said yet.

A: Publisher-Reader

Publishing has mostly been a push medium from the start. One has always been able to write back to The Editor, and in the digital world one can tweet and post in other places, including one’s own blog. But the flow and power asymmetry is still push-dominated, and the conversation remains mostly a one-way thing, centered on editorial content. (There is also far more blocking of ads than talk about them.)

An important distinction to make here is between subscription-based pubs and free ones. The business model of subscription-supported pubs is (or at least includes) B2C: business-to-customer. The business model of free pubs is B2B: business-to-business. In the free pub case, the consumer (who is not a customer, because she isn’t paying anything) is the product sold to the pub’s customer, the advertiser.

Publishers with paying subscribers have a greater stake — and therefore interest — in opening up conversation with customers. I believe they are also less interested in fighting with customers blocking ads than are the free pubs. (It would be interesting to see research on that.)

B. Publisher-Advertiser

In the offline world, this was an uncomplicated thing. Advertisers or their agencies placed ads in publications, and paid directly for it. In the online world, ads come to publishers through a tangle of intermediaries:


Thus publishers may have no idea at any given time what ads get placed in front of what readers, or for what reason. In service to this same complex system, they also serve up far more than the pages of editorial content that attracts readers to the site. Sight unseen, they plant tracking cookies and beacons in readers’ browsers, to follow those readers around and report their doings back to third parties that help advertisers aim ads back at those readers, either on the publisher’s site or elsewhere.

We could explore the four-dimensional shell game that comprises this system, but for our purposes here let’s just say it’s a B2B conversation. That it’s a big one now doesn’t mean it has to be the only one. Many others are possible.

C. Reader-Advertiser

In traditional offline advertising, there was little if any conversation between readers and advertisers, because the main purpose of advertising was to increase awareness. (Or, as Don Marti puts it, to send an economic signal.) If there was a call to action, it usually wasn’t to do something that involved the publisher.

A lot of online advertising is still that way. But much of it is direct response advertising. This kind of advertising (as I explain in Separating Advertising’s Wheat and Chaff) is descended not from Madison Avenue, but from direct mail (aka junk mail). And (as I explain in Debugging adtech’s assumptions) it’s hard to tell the difference.

Today readers are speaking to advertisers a number of ways:

  1. Responding to ads with a click or some other gesture. (This tens to happen at percentages to the right of the decimal point.)
  2. Talking back, one way or another, over social media or their own blogs.
  3. Blocking ads, and the tracking that aims them.

Lately the rate of ad and tracking blocking by readers has gone so high that publishers and advertisers have been freaking out. This is characterized as a “war” between ad-blocking readers and publishers. At the individual level it’s just prophylaxis. At the group level it’s a boycott. Both ways it sends a message to both publishers and advertisers that much of advertising and the methods used for aiming it are not welcome.

This does not mean, however, that making those ads or their methods more welcome is the job only of advertisers and publishers. Nor does it mean that the interactions between all three parties need to be confined to the ones we have now. We’re on the Internet here.

The Internet as we know it today is only twenty years old: dating from the end of the NSFnet (on 30 April 1995) and the opening of the whole Internet to commercial activity. There are sand dunes older than Facebook, Twitter — even Google — and more durable as well. There is no reason to confine the scope of our invention to incremental adaptations of what we have. So let’s get creative here, and start by looking at, then past, the immediate crisis.

People started blocking ads for two reasons: 1) too many got icky (see the Acceptable Ads Manifesto for a list of unwanted types); 2) unwelcome tracking. Both arise from the publisher-advertiser conversation, which to the reader (aka consumer) looks like this:


Thus the non-conversation between readers blocking ads and both publishers and advertisers (A and C) looks like this:


So far.

Readers also have an interest in the persistence of the publishers they read. And they have an interest in at least some advertisers’ goods and services, or the marketplace wouldn’t exist.

Thus A and C are conversational frontiers — while B is a mess in desperate need of cleaning up.

VRM is about A and C, and it can help with B. It also goes beyond conversation to include the two other activities that comprise markets: transaction and relationship. You might visualize it as this:


From Turning the customer journey into a virtuous cycle:

One of the reasons we started ProjectVRM is that actual customers are hard to find in the CRM business. We are “leads” for Sales, “cases” in Support, “leads” again in Marketing. At the Orders stage we are destinations to which products and invoices are delivered. That’s it.

Oracle CRM, however, has a nice twist on this (and thanks to @nitinbadjatia of Oracle for sharing it*):

Oracle Twist

Here we see the “customer journey” as a path that loops between buying and owning. The blue part — OWN, on the right — is literally the customer’s own-space. As the text on the OWN loop shows, the company’s job in that space is to support and serve. As we see here…

… the place where that happens is typically the call center.

Now let’s pause to consider the curb weight of “solutions” in the world of interactivity between company and customer today. In the BUY loop of the customer journey, we have:

  1. All of advertising, which Magna Global expects to pass $.5 trillion this year
  2. All of CRM, which Gartner pegs at $18b)
  3. All the rest of marketing, which has too many segments for me to bother looking up

In the OWN loop we have a $0trillion greenfield. This is where VRM started, with personal data lockers, stores, vaults, services and (just in the last few months) clouds.

Now look around your home. What you see is mostly stuff you own. Meaning you’ve bought it already. How about basing your relationships with companies on those things, rather than over on the BUY side of the loop, where you are forced to stand under a Niagara of advertising and sales-pitching, by companies and agencies trying to “target” and “acquire” you. From marketing’s traditional point of view (the headwaters of that Niagara), the OWN loop is where they can “manage” you, “control” you, “own” you and “lock” you in. To see one way this works, check your wallets, purses, glove compartments and kitchen junk drawers for “loyalty” cards that have little if anything to do with genuine loyalty.

But what if the OWN loop actually belonged to the customer, and not to the CRM system? What if you had VRM going there, working together with CRM, at any number of touch points, including the call center?

So here are two questions for the VRM community:

  1. What are we already doing in those areas that can help move forward in A and B?
  2. What can we do that isn’t being done now?

Among things we’re already doing are:

  • Maintaining personal clouds (aka vaults, lockers, personal information management systems, from which data we control can be shared on a permitted basis with publishers and companies that want to sell us stuff, or with which we already enjoy relationships.
  • Employing intelligent personal assistants of our own.
  • Intentcasting, in which we advertise our intentions to buy (or seek services of some kind).
  • Terms individuals can assert, to start basing interactions and relationships on equal power, rather than the defaulted one-way take-it-or-leave-it non-agreements we have today.

The main challenge for publishers and advertisers is to look outside the box in which their B2B conversation happens — and the threats to that box they see in ad blocking — and to start looking at new ways of interacting with readers. And look for leadership coming from tool and service providers representing those readers. (For example, Mozilla.)

The main challenge for VRM developers is to provide more of those tools and services.

Bonus links for starters (again, I’ll add more):

First we take Oz

Sydneydoc 017-018_combined_medAustralia’s privacy principles are among the few in the world that require organizations to give individuals personal information gathered about them.* This opens the path to proving that we can do more with our own data than anybody else can.

Estimating the size of the personal data management business is like figuring the size of the market for talking or driving. (Note: we can also do more with those than companies can.)

Starting us down this path is  Ben Grubb (@BenGrubb) of the Sydney Morning Herald. Ben requested personal data held by the Australian telco giant Telstra, and found himself in a big fightwhich he won. (Here’s the decision. Telstra is appealing, but they’re still gonna lose.)

Bravo to Ben — not just for whupping a giant, but for showing a path forward for individual empowerment in the marketplace. Thanks to Australia’s privacy principles, and Ben’s illustrative case, the yellow brick road to the VRM future is widest in Oz.

Here (and in New Zealand) we not only have lots of VRM developers (Flamingo, Fourth Party, Geddup, Meeco, MyWave, OneExus, Welcomer and others I’ll insulting by not listing yet), but legal easement toward proving that individuals can do the more with their own data than can the companies that follow us. And proving as well that individuals managing their own data will be good for those companies as well. The data they get will be richer, more accurate,  more contextual, and more useful.

This challenge is not new. It’s as old as our species. The biggest tech revolutions have always been inventions individuals could put to the best use:

  • Stone tools
  • Weaving
  • Smithing
  • Musical instruments
  • Hand-held hunting and fighting tools
  • Automobiles
  • PCs
  • The Internet (which is a node-to-node invention, not an advanced phone or cable company, even though we pay those things for access to it)
  • Mobile phones and tablets
  • Movable type (which would be nowhere without individual authors — and writing tools in the hands of those authors)

There should be symbiosis here. There are things big organizations do best, and things individuals do best. And much that both do best when they work together.

Look at cars, which are a VRM technology: we use them to get around the marketplace, and to help us do business with many companies. They give us ways to be both independent and engaging. But companies don’t drive them. We do. Companies provide parking lots, garages, drive-up windows and other conveniences for drivers. Symbiosis.

So, while Telstra is great at building and managing communication infrastructure and services, its customers will be great at doing useful stuff with the kind of data Ben requested, such as locations, calls and texts — especially after customers get easy-to-use tools and services that help them work as points of integration for their own data, and managers of what gets done with it. There are many VRM developers working toward that purpose, around the world, And many more that will come once they smell the opportunities.

These opportunities are only apparent when you look at the market through your own eyes as a sovereign human being. The same opportunities are mostly invisible when you look at the market from the eye at the top of the industrial pyramid.

Bonus links:

* My understanding is that privacy principles such as the OECD’s and Ontario’s provide guidance but not the full force of law, or means of enforcement. Australia’s differ because they have teeth. See the Determination on page 36 of the Privacy Commissioner’s investigation and decision. Canada’s also has teeth. See the list of orders issued in Ontario. If there are other examples of decisions like this one, anywhere in the world, please let us know.

Of vaults and honey pots

Personal Blackbox ( is a new #VRM company — or so I gather, based on what they say they offer to users: “CONTROL YOUR DATA & UNLOCK ITS VALUE.”

So you’ll find them listed now on our developers list.

Here is the rest of the text on their index page:


PBB is a technology platform that gives you control of the data you produce every day.

PBB lets you gain insights into your own behaviors, and make money when you choose to give companies access to your data. The result? A new and meaningful relationship between you and your brands.

At PBB, we believe people have a right to own their data and unlock its benefits without loss of privacy, control and value. That’s why we created the Personal Data Independence Trust. Take a look and learn more about how you can own your data and its benefits.

In the meantime we are hard at work to provide you a service and a company that will make a difference. Join us to participate and we will keep you posted when we are ready to launch.

That graphic, and what seems to be said between the lines, tells me Personal Blackbox’s customers are marketers, not users.  And, as we so often hear, “If the service is free, you’re the product being sold.”

But, between the last paragraph and this one, I ran into Patrick Deegan, the Chief Technology Officer of Personal Blackbox, at the PDNYC meetup. When I asked him if the company’s customers are marketers, he said no — and that PBB (as it’s known) is doing something much different that’s not fully explained by the graphic and text above, and is tied with the Personal Data Independence Trust, about which not much is said at the link to it. (At least not yet. Keep checking back.) So I’ll withhold judgement about it until I know more, and instead pivot to the subject of VRM business models, which that graphic brings up for me.

I see two broad ones, which I’ll call vault and honey pot.

The vault model gives the individual full control over their personal data and what’s done with it, which could be anything, for any purpose. That data primarily has use value rather than sale value.

The honey pot model also gives the individual control over their personal data, but mostly toward providing a way to derive sale value for that data (or something similar, such as bargains and offers from marketers).

The context for the vault model is the individual’s whole life, and selective sharing of data with others.

The context for the honey pot model is the marketplace for qualified leads.

The vault model goes after the whole world of individuals. Being customers, or consumers, is just one of the many roles we play in that world. Who we are and what we do — embodied in our data — is infinitely larger that what’s valuable to marketers. But there’s not much money in that yet.

But there is in the honey pot model, at least for now. Simply put, the path to market success is a lot faster in the short run if you find new ways to help sellers sell.  $zillions are being spent on that, all the time. (Just look at the advertising coming along with that last link, to a search).

FWIW, I think the heart of VRM is in the vault model. But we have a big tent here, and many paths to explore. (And many metaphors to mix.)

How Staples can make things easy for real

Staples likes to make things easy. s0105150_sc7Or so their button says.

But rebates in general are hard — on both the store and the customer. And at that Staples is no exception.

For example, yesterday at a Staples store I bought a couple reams of Staples paper for our printer. I probably would have bought the Staples brand anyway, simply because it’s cheaper. But I also couldn’t ignore the after-rebate price: $1.50 less for each ream, or $3.00 total. So I asked at the cash register if what I paid included the rebate. No, I was told. The rebate is in the electronic receipt I’d get by email. I could send in for the rebate online after getting the email.

When I got home the receipt was waiting in my email inbox. Among many other promotions in the email, it said this about my rebate:

Screen Shot 2015-04-02 at 12.18.33 AM

When I clicked on the link I got to this:

Screen Shot 2015-04-02 at 12.19.34 AM

When I clicked on “SELECT FORM” I got this:

Screen Shot 2015-04-02 at 12.22.06 AM

For $3, fulling out something like that, and mailing it in, is worse than a waste. So I clicked on the “right here” link, which led me here:

Screen Shot 2015-04-02 at 12.24.13 AM

So I clicked on the center one. That got me here:

Screen Shot 2015-04-02 at 12.26.49 AM

So: what was the Easy Rebate ID? All I saw, so far, was a “Rebate offer number,” on the email and back at the page that the email link brought up. So I entered it in the form and hit “NEXT.” That got me this:

Screen Shot 2015-04-02 at 12.29.23 AM

After going “Hmmm… ” I scrolled down and saw this:

Screen Shot 2015-04-02 at 12.31.45 AM

Sure enough, at the bottom of the very long email with the rebate jive on it, was this:

Mail Attachment

I entered that number, and it worked.  Hitting “NEXT” then took me here:

Screen Shot 2015-04-02 at 12.37.02 AM

When I clicked on NEXT again, I got to a page where I could register for a rebate account (by filling out a form that mined way too much personal information) or sign in. I have a Staples loyalty account; so, hoping that this might also be the rebate account, I hit “Sign in.”

I would show you the page this went to, if I could have copied it. But I couldn’t. The page had the same “Staples Easy Rebates” header, and under it just two words: “Error occurred.” When I paged down to see if there was more, the page disappeared and I was delivered back to Square Zero: the “Welcome to the Staples Rebate Center” page.

Since everything I already entered was lost, and I had no faith that entering it again would yield a different result, I gave up.

In retail parlance, this is called “breakage.” Within rebate systems, some level of breakage is a virtue. You (the retailer) don’t want everybody getting a rebate. You want as few people as possible asking for the rebate, and as few as possible succeeding at navigating an intentionally complicated series of required steps for getting the rebate. Most customers know this, of course, but every once in awhile some of us want to see if we get lucky.

This is not a good “customer experience.”In what marketers love to call “the customer journey,” it’s a wasteful and annoying side trip to an outer circle of retail hell.

So here’s a message from one customer to every retailer running a rebate program:

Any system that rationalizes breakage as a virtue is broken itself, for the simple reason that it pisses off customers. And if you want to piss off any percentage of customers — even good ones — some of the time, your whole store is broken.

So here’s a bottom line I invite Staples to consider:

Rebates save money if your time has no value. This principle applies equally to customers and companies offering rebates.

As a loyal customer of Staples — a company I’ve always liked (partly because of the “easy” promise, which they’ve been making for many years — my advice is to calculate all the overhead involved in all the promotional gimmickry used to drive sales and “loyalty” that isn’t. Include time wasted at the cash register every time the employee has to ask for a loyalty card  or a phone number to recover the customer’s account, and to explain how a rebate works, plus other extraneous bullshit that has that takes time and incurs labor costs for purposes that have nothing to do with why the customer is standing at the checkout counter, just wanting to pay for goods and  get the hell out of the store. Also include the inconvenience to the customer of having to carry around a card, and the corresponding administrative overhead required to manage all this complicated work, and the computing and network technology required to sustain it (and how that gets broken too). Multiply those by all the employees and customers inconvenienced by it. Then add all of it up. Be real about what percentage of your total overhead it accounts for. Remember to include the real costs to customer loyalty of pissing some of them off on purpose.

Then kill the whole thing and subtract the savings from the prices of the goods in the store. Publicize it. Hey, hold a public execution of all the added-up costs to company and customers. Talk about it as real savings, which it is. Publish papers and place editorials explaining why you’re done with the game of kidding yourselves and your customers. I know plenty of good PR firms that would be glad to help you out with this — and maybe even cut you a deal, because they’re tired of bullshitting too.

In Silicon Valley they call this “disruption.” It’s a great way to stand out, and to reposition both Staples and all of retailing.

And your customers will love it.

Don’t trust me on this. Trust  Trader Joe’s. They don’t have a loyalty program, rebates or any other gimmicks. They never have discount prices. They don’t keep any data on any customers, because they don’t want the overhead, or to complicate anybody’s life. Their marketing research — no kidding — consists of this: talking to customers. That’s it. And what’s the result? Customers love them.*

Now you might say, “Yes, but Trader Joe’s is a special case. So are companies like Apple — another company customers seem to love. They only sell their own private label goods. They don’t operate in the world of co-op advertising, dealer premiums, display allowances, buyback allowances, push money, spiffs, forward buying, variable trade spending and trade deals, manufacturer coupons and all the other variables that retailers like Staples, which carry goods from hundreds of different suppliers, need to deal with constantly. And what about customers constantly hunting bargains, and comparison shopping? They want deals, and we have to compete for them.”

Sure. But why make it more complicated than it has to be?

If you really want to make things easy, for yourself and your customers, kill the bullshit. Be the no-bullshit company. Nothing would make you stand out more.

Nothing is easier, for everybody in retailing, than no bullshit at all. Or more rewarding, because customers appreciate absent bullshit at least as much as they appreciate present bargains. Especially bargains that come with labor costs — for them.

Source: The Intention Economy, pp. 223-228.

Preparing for the 3D/VR future

Look in the direction that meerkatMeerkat and periscopeappPeriscope both point.

If you’ve witnessed the output of either, several things become clear about their evolutionary path:

  1. Stereo sound is coming. So is binaural sound, with its you-are-there qualities.
  2. 3D will come too, of course, especially as mobile devices start to include two microphones and two cameras.
  3. The end state of both those developments is VR, or virtual reality. At least on the receiving end.

The production end is a different animal. Or herd of animals, eventually. Expect professional gear from all the usual sources, showing up at CES starting next year and on store shelves shortly thereafter. Walking around like a dork holding a mobile in front of you will look in 2018 like holding a dial-phone handset to your head looks today.

I expect the most handy way to produce 3D and VR streams will be with  glasses like these:


(That’s my placeholder design, which is in the public domain. That’s so it has no IP drag, other than whatever submarine patents already exist, and I am sure there are some.)

Now pause to dig @ctrlzee‘s Fast Company report on Facebook’s 10-year plan to trap us inside The Matrix. How long before Facebook buys Meerkat and builds it into Occulus Rift? Or buys Twitter, just to get Periscope and do the same?

Whatever else happens, the rights clearing question gets very personal. Do you want to be broadcast and/or recorded by others or not? What are the social and device protocols for that? (The VRM dev community has designed one for the glasses above. See the ⊂ ⊃ in the glasses? That’s one. Each corner light is another.)

We should start zero-basing the answers today, while the inevitable is in sight but isn’t here yet. Empathy is the first requirement. (Take the time to dig Dave Winer’s 12-minute podcast on the topic. It matters.) Getting permission is another.

As for the relevance of standing law, almost none of it applies at the technical level. Simply put, all copyright laws were created in times when digital life was unimaginable (e.g. Stature of Anne, ASCAP), barely known (Act of 1976), or highly feared (WIPO, CTEA, DMCA).

How would we write new laws for an age that has barely started? Or why start with laws at all? (Nearly all regulation protects yesterday from last Thursday. And too often its crafted by know-nothings.)

We’ve only been living the networked life since graphical browsers and ISPs arrived in the mid-90’s. Meanwhile we’ve had thousands of years to develop civilization in the physical world. Which means that, relatively speaking, networked life is Eden. It’s brand new here, and we’re all naked. That’s why it’s so easy anybody to see everything about us online.

How will we create the digital equivalents of the privacy technologies we call clothing and shelter? Is the first answer a technical one, a policy one, or both? Which should come first? (In Europe and Australia, policy already has.)

Protecting the need for artists to make money is part of the picture. But it’s not the only part. And laws are only one way to protect artists, or anybody.

Manners come first, and we barely have those yet, if at all. None of the big companies that currently dominate our digital lives have fully thought out how to protect anybody’s privacy. Those that come closest are ones we pay directly, and are financially accountable to us.

Apple, for example, is doing more and more to isolate personal data to spaces the individual controls and the company can’t see. Google and Facebook both seem to regard personal privacy as a bug in online life, rather than a feature of it. (Note that, at least for their most popular services, we pay those two companies nothing. We are mere consumers whose lives are sold to the company’s actual customers, which are advertisers.)

Bottom line: the legal slate is covered in chalk, but the technical one is close to clean. What do we want to write there?

We’ll be talking about this, and many other things, at VRM Day (6 April) and IIW (7-9 April) in the Computer History Museum in downtown Silicon Valley (101 & Shoreline, Mountain View).

Older posts

© 2016 ProjectVRM

Theme by Anders NorenUp ↑