Category: freedom (page 1 of 6)

VRM Day: Starting Phase Two

VRM Day is one week from today, at the Computer History Museum, followed by IIW over the next three days at the same place. We’ve been doing VRM Days since (let’s see…) this one in 2013, and VRM events since this one in 2007. Coming on our tenth anniversary, this is our last in Phase One.

sisyphusTheRolling snowball difference between Phase One and Phase Two is that between rocks and snowballs. In Phase One we played Sisyphus, pushing a rock uphill. In Phase Two we roll snowballs downhill.

Phase One was about getting us to the point where VRM was accepted by many as a thing bound to happen. This has taken ten years, but we are there.  Phase Two is about making it happen, by betting our energies on ideas and work that starts rolling downhill and gaining size and momentum.

Some of that work is already rolling. Some is poised to start. Both kinds will be on the table at VRM Day. Here are ones currently on the agenda:

  • VRM + CRM via JLINC. See At last: a protocol to link VRM and CRM. , and The new frontier for CRM is CDL: customer driven leads. This is a one form of intentcasting that should be enormously appealing to CRM companies and their B2B corporate customers. Speaking of which, we also have—
  • Big companies welcoming VRM.  Leading this is Fing, a French think tank that brings together many of the country’s largest companies, both to welcome VRM and to research (e.g. through Mesinfos) how the future might play out. Sarah Medjek of Fing will present that work, and lead discussion of where it will head next. We will also get a chance to participate in that research by providing her with our own use cases for VRM. (We’ll take out a few minutes to each fill out an online form.)
  • Terms individuals assert in dealings with companies. These are required for countless purposes. Mary Hodder will lead discussion of terms currently being developed at Customer Commons and the CISWG / Kantara User Submitted Terms working group (Consent and Information Sharing Working Group). Among other things, this leads to—
  • 2016_04_25_vrmday_000-1Next steps in tracking protection and ad blocking. At the last VRM Day and IIW, we discussed CHEDDAR on the server side and #NoStalking on the individual’s side. There are now huge opportunities with both, especially if we can normalize #NoStalking terms for all tracking protection and ad blocking tools.  To prep for this, see  Why #NoStalking is a good deal for publishers, where you’ll find the image on the right, copied from the whiteboard on VRM Day.
  • Blockchain, Identity and VRM. Read what Phil Windley has been writing lately distributed ledgers (e.g. blockchain) and what they bring to the identity discussions that have been happening for 22 IIWs, so far. There are many relevancies to VRM.
  • Personal data. This was the main topic at two recent big events in Europe: MyData2016 in Helsinki and PIE (peronal information economy) 2016 in London.  The long-standing anchor for discussions and work on the topic at VRM Day and IIW is PDEC (Personal Data Ecosystem Consortium). Dean Landsman of PDEC will keep that conversational ball rolling. Adrian Gropper will also brief us on recent developments around personal health data as well.
  • Hacks on the financial system. Kevin Cox can’t make it, but wants me to share what he would have presented. Three links: 1) a one minute video that shows why the financial system is so expensive, 2) part of a blog post respecting his local Water Authority and newly elected government., and 3) an explanation of the idea of how we can build low-cost systems of interacting agents. He adds, “Note the progression from location, to address, to identity, to money, to housing.  They are all ‘the same’.” We will also look at how small business and individuals have more in common than either do with big business. With a hint toward that, see what Xero (the very hot small business accounting software company) says here.
  • What ProjectVRM becomes. We’ve been a Berkman-Klein Center project from the start. We’ve already spun off Customer Commons. Inevitably, ProjectVRM will itself be spun off, or evolve in some TBD way. We need to co-think and co-plan how that will go. It will certainly live on in the DNA of VRM and VRooMy work of many kinds. How and where it lives on organizationally is an open question we’ll need to answer.

There are many other topics, some of which I have surely missed in my rush to put this up.

Kaliya will facilitate VRM Day. She and I are still working on the agenda. Let us know what you’d like to add to the list above, and we’ll do what we can. (At IIW, you’ll do it, because it’s an unconference. That’s where all the topics are provided by participants.)

Again, register here. And see you there.



The new frontier for CRM is CDL: Customer Driven Leads

cdlfunnelImagine customers diving, on their own, straight down to the bottom of the sales funnel.

Actually, don’t imagine it. Welcome it, because it’s coming, in the form of leads that customers generate themselves, when they’re ready to buy something. Here in the VRM world we call this intentcasting. At the receiving end, in the  CRM world, they’re CDLs, or Customer Driven Leads.

Because CDLs come from fully interested customers with cash in hand, they’re worth more than MQLs (Marketing Qualified Leads) or  SQLs (Sales Qualifed Leads), both of which need to be baited with marketing into the sales funnel.

CDLs are also free.  When the customer is ready to buy, she signals the market with an intentcast that CRM systems can hear as a fresh CDL. When the CRM system replies, an exchange of data and permissions follows, with the customer taking the lead.

It’s a new dance, this one with the customer taking the lead. But it’s much more direct, efficient and friendly than the old dances in which customers were mere “targets” to be “acquired.”

The first protocol-based way to generate CDLs for CRM is described in At last, a protocol to connect VRM and CRM, posted here in August. It’s called JLINC. We’ll be demonstrating it working on a Salesforce system on VRM Day at the Computer History Museum in Silicon Valley, on Monday, October 24. VRM Day is free, but space is limited, so register soon, here.

We’ll also continue to work on CDL development  over the next three days in the same location, at the IIW, the Internet Identity Workshop. IIW is an unconference that’s entirely about getting stuff done. No keynotes, no panels. Just working sessions run by attendees. This next one will be our 23rd IIW since we started them in 2005. It remains, in my humble estimation, the most leveraged conference I know. (And I go to a lot of them, usually as a speaker.)

As an additional temptation, we’re offering a 25% discount on IIW to the next 20 people who register for VRM Day. (And it you’ve already reigstered, talk to me.)

While we’re demonstrating CDLs on Salesforce, we also invite all the other CRM companies—IBM, Microsoft Dynamics, SAP, SugarCRM… you know who you are—to show up and participate as well. All CRM systems are programmable. And the level of programming required to hear intentcasts is simple and easy. We chose Salesforce for VRM Day because that’s the system Iain Henderson, who works with JLINC Labs and will lead the demo, knows best.

See you there!


VRM at MyData2016


As it happens I’m in Helsinki right now, for MyData2016, where I’ll be speaking on Thursday morning. My topic: The Power of the Individual. There is also a hackathon (led by going on during the show, starting at 4pm (local time) today. In no order of priority, here are just some of the subjects and players I’ll be dealing with,  talking to, and talking up (much as I can):

Please let me know what others belong on this list. And see you at the show.


The Castle Doctrine

home castle

The Castle doctrine has been around a long time. Cicero (106–43 BCE) wrote, “What more sacred, what more strongly guarded by every holy feeling, than a man’s own home?” In Book 4, Chapter 16 of his Commentaries on the Laws of England, William Blackstone (1723–1780 CE) added, “And the law of England has so particular and tender a regard to the immunity of a man’s house, that it stiles it his castle, and will never suffer it to be violated with impunity: agreeing herein with the sentiments of ancient Rome…”

Since you’re reading this online, let me ask, what’s your house here? What sacred space do you strongly guard, and never suffer to be violated with impunity?

At the very least, it should be your browser.

But, unless you’re running tracking protection in the browser you’re using right now, companies you’ve never heard of (and some you have) are watching you read this, and eager to use or sell personal data about you, so you can be delivered the human behavior hack called “interest based advertising.”

Shoshana Zuboff, of Harvard Business School, has a term for this:surveillance capitalism, defined as “a wholly new subspecies of capitalism in which profits derive from the unilateral surveillance and modification of human behavior.”

Almost across the board, advertising-supported publishers have handed their business over to adtech, the surveillance-based (they call it “interactive”) wing of advertising. Adtech doesn’t see your browser as a sacred personal space, but instead as a shopping cart with ad space that you push around from site to site.

So here is a helpful fact: we don’t go anywhere when we use our browsers. Our browser homes are in our computers, laptops and mobile devices. When we “visit” a web page or site with our browsers, we actually just request its contents (using the hypertext protocol called http or https).

In no case do we consciously ask to be spied on, or abused by content we didn’t ask for or expect. That’s why we have every right to field-strip out anything we don’t want when it arrives at our browsers’ doors.

The castle doctrine is what hundreds of millions of us practice when we use tracking protection and ad blockers. It is what called the new Brave browser into the marketplace. It’s why Mozilla has been cranking up privacy protections with every new version of Firefox . It’s why Apple’s new content blocking feature treats adtech the way chemo treats cancer. It’s why respectful publishers will comply with CHEDDAR. It’s why Customer Commons is becoming the place to choose No Trespassing signs potential intruders will obey. And it’s why #NoStalking is a good deal for publishers.

The job of every entity I named in the last paragraph — and every other one in a position to improve personal privacy online — is to bring as much respect to the castle doctrine in the virtual world as we’ve had in the physical one for more than two thousand years.

It should help to remember that it’s still early. We’ve only had commercial activity on the Internet since April 1995. But we’ve also waited long enough. Let’s finish making our homes online the safe places they should have been in the first place.


How customers can debug business with one line of code


Four years ago, I posted An olive branch to advertising here. It began,

Online advertising has a couple of big problems that could possibly be turned into opportunities. One is Do Not Track, or DNT. The other is blocking of ads and/or tracking.

Publishers and the advertising business either attacked or ignored Do Not Track, which was too bad, because the ideas we had for making it work might have prevented the problem those businesses now have with ad blocking.

According to the latest PageFair/Adobe study,  the number of people blocking ads passed 200 million last May, with double-digit increases in adoption, worldwide. Tracking protection is also gaining in popularity.

While those solutions provide individuals with agency and scale, they don’t work for publishers. Not yet, anyway.

What we need is a solution that scales for readers and is friendly to publishers and the kind of advertising readers can welcome—or at least tolerate, in appreciation of how ads sponsor the content they want. This is what we have always had with newspapers, magazines, radio and TV in the offline world, none of which ever tracked anybody anywhere.

So now we offer a solution. It’s a simple preference, which readers can express in code, that says this: Just show me ads that aren’t based on tracking me. Equally simple code can sit on the publishers’ side. Digital handshakes can also happen between the two.

This term will live at Customer Commons, which was designed for that purpose, on the model of Creative Commons (which also came out of work done by folks here at the Berkman Center).  This blog post provides some context.

We’ll be working on that term, its wording , and the code that expresses and agrees to it, next week at the Computer History Museum in Silicon Valley. Monday will be VRM Day. Tuesday through Thursday will be IIW—the Internet Identity Workshop (where ProjectVRM was incubated almost ten years ago). VRM Day is mostly for planning the work we’ll do at IIW. VRM Day is free, and IIW is cheap for three days of actually getting stuff done. (It’s by far the most leveraged conference I know, partly because it’s an unconference: no keynotes, panels or sponsor booths. Just breakouts that participants create, choose and lead.)

If you care about aligning publishing and advertising online with what worked for hundreds of years offline — and driving uninvited surveillance out of business itself — come help us out.

This one term is a first step. There will be many more before we customers get the full respect we deserve from ad-funded businesses online. Each step needs to prove to one business category or another that customers aren’t just followers. Sometimes they need to take the lead.

This is one of those times.  So let’s make it happen.

See you next week.



IoT & IoM next week at IIW


(This post was updated and given a new headline on 20 April 2016.)

In  The Compuserve of Things, Phil Windley issues this call to action:

On the Net today we face a choice between freedom and captivity, independence and dependence. How we build the Internet of Things has far-reaching consequences for the humans who will use—or be used by—it. Will we push forward, connecting things using forests of silos that are reminiscent the online services of the 1980’s, or will we learn the lessons of the Internet and build a true Internet of Things?

In other words, an Internet of Me (#IoM) and My Things. Meaning things we own that belong to us, under our control, and not puppeted by giant companies using them to snarf up data about our lives. Which is the  #IoT status quo today.

A great place to work on that is  IIW— the Internet Identity Workshop , which takes place next Tuesday-Thursday, April 26-28,  at the Computer History Museum in Silicon Valley. Phil and I co-organize it with Kaliya Hamlin.

To be discussed, among other things, is personal privacy, secured in distributed and crypto-secured sovereign personal spaces on your personal devices. Possibly using blockchains, or approaches like it.

So here is a list of some topics, code bases and approaches I’d love to see pushed forward at IIW:

  • OneName is “blockchain identity.”
  • Blockstack is a “decentralized DNS for blockchain applications” that “gives you fast, secure, and easy-to-use DNS, PKI, and identity management on the blockchain.” More: “When you run a Blockstack node, you join this network, which is more secure by design than traditional DNS systems and identity systems. This  is because the system’s registry and its records are secured by an underlying blockchain, which is extremely resilient against tampering and control. In the registry that makes up Blockstack, each of the names has an owner, represented by a cryptographic keypair, and is associated with instructions for how DNS resolvers and other software should resolve the name.” Here’s the academic paper explaining it.
  • The Blockstack Community is “a group of blockchain companies and nonprofits coming together to define and develop a set of software protocols and tools to serve as a common backend for blockchain-powered decentralized applications.” Pull quote: “For example, a developer could use Blockstack to develop a new web architecture which uses Blockstack to host and name websites, decentralizing web publishing and circumventing the traditional DNS and web hosting systems. Similarly, an application could be developed which uses Blockstack to host media files and provide a way to tag them with attribution information so they’re easy to find and link together, creating a decentralized alternative to popular video streaming or image sharing websites. These examples help to demonstrate the powerful potential of Blockstack to fundamentally change the way modern applications are built by removing the need for a “trusted third party” to host applications, and by giving users more control.” More here.
  • IPFS (short for InterPlanetary File System) is a “peer to peer hypermedia protocol” that “enables the creation of completely distributed applications.”
  • OpenBazaar is “an open peer to peer marketplace.” How it works: “you download and install a program on your computer that directly connects you to other people looking to buy and sell goods and services with you.” More here and here.
  • Mediachain, from Mine, has this goal: “to unbundle identity & distribution.” More here and here.
  • telehash is “a lightweight interoperable protocol with strong encryption to enable mesh networking across multiple transports and platforms,” from @Jeremie Miller and other friends who gave us jabber/xmpp.
  • Etherium is “a decentralized platform that runs smart contracts: applications that run exactly as programmed without any possibility of downtime, censorship, fraud or third party interference.”
  • Keybase is a way to “get a public key, safely, starting just with someone’s social media username(s).”
  • ____________ (your project here — tell me by mail or in the comments and I’ll add it)

In tweet-speak, that would be @BlockstackOrg, @IPFS, @OpenBazaar, @OneName, @Telehash, @Mine_Labs #Mediachain, and @IBMIVB #ADEPT

On the big company side, dig what IBM’s Institute for Business Value  is doing with “empowering the edge.” While you’re there, download Empowering the edge: Practical insights on a decentralized Internet of Things. Also go to Device Democracy: Saving the Future of the Internet of Things — and then download the paper by the same name, which includes this graphic here:


Put personal autonomy in that top triangle and you’ll have a fine model for VRM development as well. (It’s also nice to see Why we need first person technologies on the Net , published here in 2014, sourced in that same paper.)

Ideally, we would have people from all the projects above at IIW. For those not already familiar with it, IIW is a three-day unconference, meaning it’s all breakouts, with topics chosen by participants, entirely for the purpose of getting like-minded do-ers together to move their work forward. IIW has been doing that for many causes and projects since the first one, in 2005.

Register for IIW here:

Also register, if you can, for VRM Day: That’s when we prep for the next three days at IIW. The main focus for this VRM Day is here.

Bonus link: David Siegel‘s Decentralization.




The coming collapse of surveillance marketing

A few minutes ago, on a mailing list, somebody asked me if Google hadn’t shown people don’t mind having personal data harvested as long as they get value in exchange for it. Here’s what I answered:

It’s not about Google — or Google alone. It’s about the wanton and widespread harvesting of personal data without permission, by pretty much the entire digital marketing field, or what it has become while in maximum thrall of Big Data.

That this is normative in the extreme does not make it right, or even sustainable. The market — customers like you and me — doesn’t like it. Technologists, sooner or later, will provide customers with means of control they still lack today.

The plain fact is that most people don’t like surveillance-based marketing. Study after study (by TRUSTe, Pew, Customer Commons and others) have shown that 90+% of people have problems with the way their data and their privacy are abused online.

The Tradeoff Fallacy: How Marketers Are Misrepresenting American Consumers and Opening Them Up to Exploitation” by Annenberg (at the U. of Pa) says,

a majority of Americans are resigned to giving up their data—and that is why many appear to be engaging in tradeoffs. Resignation occurs when a person believes an undesirable outcome is inevitable and feels powerless to stop it. Rather than feeling able to make choices, Americans believe it is futile to manage what companies can learn about them. The study reveals that more than half do not want to lose control over their information but also believe this loss of control has already happened.

More from Penn News:

Survey respondents were asked whether they would accept “tradeoffs,” such as discounts, in exchange for allowing their supermarkets to collect information about their grocery purchases.  Among the key findings:

    • 91 percent disagree (77 percent of them strongly) that “if companies give me a discount, it is a fair exchange for them to collect information about me without my knowing.”
    • 71 percent disagree (53 percent of them strongly) that “it’s fair for an online or physical store to monitor what I’m doing online when I’m there, in exchange for letting me use the store’s wireless Internet, or Wi-Fi, without charge.”
    • 55 percent disagree (38 percent of them strongly) that “it’s okay if a store where I shop uses information it has about me to create a picture of me that improves the services they provide for me.”
Only about 4 percent agree or agree strongly with all three propositions.

But 58 percent agreed with both of the following two statements that together indicate resignation:  “I want to have control over what marketers know about me online” and “I’ve come to accept that I have little control over what marketers can learn about me online.”

The Net we know today was born only twenty years ago, when it opened to commercial activity. We are still naked there, lacking in clothing and shelter (to name two familiar privacy technologies in the physical world). Eventually we’ll have clothing and shelter in many forms, good means for preventing and permitting the ways others deal with us, and full agency in our dealings with business and government.

In the meantime we’ll have a status quo to which we remain resigned.

I suspect that even Google knows this will change.

Bonus Link.

Think about an irony here. Most brick-and-mortar merchants would be appalled at the thought of placing tracking beacons on visiting customers, to spy on them after they leave the store, just so they can be “delivered” a better “advertising experience.” And obviously, customers would hate it too. Yet many of the same merchants hardly think twice about doing the same online.

This will change because there is clear market sentiment against it. We see this through pressure toward regulation (especially in Europe), and through ad and tracking blocking rates that steadily increase.

But both regulation and blockers are stone tools. Eventually we’ll get real clothing and shelter.

That’s what we’ve been working on here with ProjectVRM. It’s taking longer than we expected at first, but it will happen, and not just because there is already a lot of VRM development going on.

It will happen because we have the Net, and the Net is not just Google and Facebook and other modern industrial giants. The Net is where all of those companies live, in the company of customers, to whom, — sooner or later, they become accountable.

Right now marketing is not taking the massive negative externalities of surveillance into account, mostly because marketing is a B2B rather than a B2C business, and there persists a blindered mania around Big Data. But they will take those externalities into account eventually, because the Cs of the world will gain the power to protect themselves against unwanted surveillance, and will provide far more useful economic signaling to the businesses of the world than marketing can ever guess at.

Once that happens, the surveillance marketing business, and what feeds it, will collapse.

“A house divided against itself cannot stand,” Lincoln said. That was in 1858, and in respect to slavery. In 2015 the language of marketing — in which customers are “targets” to be “acquired,” “controlled,” “managed” and “locked in” — is not much different than the language of slave owners in Lincoln’s time.

This will change for the simple reason that we are not slaves. We are the ones with the money, the choice about patronage, and the network. Companies that give us full respect will be the winners in the long run. Companies that continue to treat us as less than human will suffer the consequences.

A #VRM outline for the #4th

I’ve been liveblogging lately: writing live in an outline. Here is today’s. And here is the VRM section of it:

That’s copied and pasted from the web page, with all the outline levels opened. On the original they can be expanded and collapsed. In the authoring page they can also be expanded and collapsed. Dave Winer, who invented liveblogging (and  much else we take for granted), explains it here.

Declaration of Customer Independence

I published one of these five years ago, way ahead of its time, which I believe has now come. (Evidence:  @BenGrubb‘s victory over Telstra.*)

So here we go again:


We hold these truths to be self-evident: that all customers are born free, that they are endowed by their creator with innate abilities to relate, to converse and and to transact — on their own terms, and in their own ways. When sellers have labored long and hard to restrict those freedoms, and to ignore and insult the capacities enjoyed naturally by customers — by speaking, for example, of “targeting,” “capturing,” “acquiring,” “retaining,” “managing,” “locking in” and “owning” customers as if they were slaves  — and when sellers work to inconvenience customers to the exclusive benefit of sellers themselves, for example through “loyalty programs” that require customers to carry around cards that thicken’ wallets and slow checkout in stores, it is the right of customers to obsolete the coercive systems to which both sellers and customers have become accustomed. We do this by providing ourselves with new tools for leveraging our native human powers, for the good of ourselves and sellers alike.

We therefore resolve to construct relationships in which we, the customers, control our own data, hold rights to metadata about ourselves, express loyalty at our own grace, deal in common and standard ways with all sellers and other second and third parties, protect our private persons and spaces, assert fair terms and means of engagement that work in mutually constructive ways for both ourselves and the other parties we engage, for the good of all.

We make this Declaration as free and independent persons, each with full agency, ready to form agreements, make choices, assert commitments, transact business, and otherwise function in the free and open environment we call The Marketplace.

To this we pledge our lives, our fortunes, and our precious time and attention.

Comments and improvements welcome.

*Read the whole thing. It matters. Hugely.

By the way, I’ll be in New Zealand and Australia the week after next, keynoting Identity 2015 in Wellington and Customer Tech X in Melbourne, where I will also be on a number of panels. I’ll also be in Sydney for one day before heading back. Hope I can also hook up with some  of the growing number of VRM companies there. There are many on the VRM Developers List. (More on a separate post later.)

Of vaults and honey pots

Personal Blackbox ( is a new #VRM company — or so I gather, based on what they say they offer to users: “CONTROL YOUR DATA & UNLOCK ITS VALUE.”

So you’ll find them listed now on our developers list.

Here is the rest of the text on their index page:


PBB is a technology platform that gives you control of the data you produce every day.

PBB lets you gain insights into your own behaviors, and make money when you choose to give companies access to your data. The result? A new and meaningful relationship between you and your brands.

At PBB, we believe people have a right to own their data and unlock its benefits without loss of privacy, control and value. That’s why we created the Personal Data Independence Trust. Take a look and learn more about how you can own your data and its benefits.

In the meantime we are hard at work to provide you a service and a company that will make a difference. Join us to participate and we will keep you posted when we are ready to launch.

That graphic, and what seems to be said between the lines, tells me Personal Blackbox’s customers are marketers, not users.  And, as we so often hear, “If the service is free, you’re the product being sold.”

But, between the last paragraph and this one, I ran into Patrick Deegan, the Chief Technology Officer of Personal Blackbox, at the PDNYC meetup. When I asked him if the company’s customers are marketers, he said no — and that PBB (as it’s known) is doing something much different that’s not fully explained by the graphic and text above, and is tied with the Personal Data Independence Trust, about which not much is said at the link to it. (At least not yet. Keep checking back.) So I’ll withhold judgement about it until I know more, and instead pivot to the subject of VRM business models, which that graphic brings up for me.

I see two broad ones, which I’ll call vault and honey pot.

The vault model gives the individual full control over their personal data and what’s done with it, which could be anything, for any purpose. That data primarily has use value rather than sale value.

The honey pot model also gives the individual control over their personal data, but mostly toward providing a way to derive sale value for that data (or something similar, such as bargains and offers from marketers).

The context for the vault model is the individual’s whole life, and selective sharing of data with others.

The context for the honey pot model is the marketplace for qualified leads.

The vault model goes after the whole world of individuals. Being customers, or consumers, is just one of the many roles we play in that world. Who we are and what we do — embodied in our data — is infinitely larger that what’s valuable to marketers. But there’s not much money in that yet.

But there is in the honey pot model, at least for now. Simply put, the path to market success is a lot faster in the short run if you find new ways to help sellers sell.  $zillions are being spent on that, all the time. (Just look at the advertising coming along with that last link, to a search).

FWIW, I think the heart of VRM is in the vault model. But we have a big tent here, and many paths to explore. (And many metaphors to mix.)

Older posts

© 2016 ProjectVRM

Theme by Anders NorenUp ↑