data

You are currently browsing the archive for the data category.

Because We Still Have Net 1.0

September 16, 2022 in Cluetrain, data, Events, Ostrom Workshop, privacy, VRM | 1 comment


That’s the flyer for the first salon in our Beyond the Web Series at the Ostrom Workshop, here at Indiana University. You can attend in person or on Zoom. Register here for that. It’s at 2 PM Eastern on Monday, September 19.

And yes, all those links are on the Web. What’s not on the Web—yet—are all the things listed here. These are things the Internet can support, because, as a World of Ends (defined and maintained by TCP/IP), it is far deeper and broader than the Web alone, no matter what version number we append to the Web.

The salon will open with an interview of yours truly by Dr. Angie Raymond, Program Director of Data Management and Information Governance at the Ostrom Workshop, and Associate Professor of Business Law and Ethics in the Kelley School of Business (among too much else to list here), and quickly move forward into a discussion. Our purpose is to introduce and talk about these ideas:

  1. That free customers are more valuable—to themselves, to businesses, and to the marketplace—than captive ones.
  2. That the Internet’s original promises of personal empowerment, peer-to-peer communication, free and open markets, and other utopian ideals, can actually happen without surveillance, algorithmic nudging, and capture by giants, all of which have all become norms in these early years of our digital world.
  3. That, since the admittedly utopian ambitions behind 1 and 2 require boiling oceans, it’s a good idea to try first proving them locally, in one community, guided by Ostrom’s principles for governing a commons. Which we are doing with a new project called the Byway.

This is our second Beyond the Web Salon series. The first featured David P. Reed, Ethan Zuckerman, Robin Chase, and Shoshana Zuboff. Upcoming in this series are:

Mark your calendars for those.

And, if you’d like homework to do before Monday, here you go:

See you there!

Of Waste and Value

September 9, 2022 in data | Permalink

One morning a couple months ago, while I was staying at a friend’s house near Los Angeles, I was surprised to find the Los Angeles Times still being delivered there. The paper was smaller and thinner than it used to be, with minimized news, remarkably little sports, and only two ads in the whole paper. One was for Laemmle Theaters. The other was for a law firm. No inserts from grocery stores. No pitches for tires in the sports section, for clothing in the culture section, for insurance in the business section, or for events in the local section. I don’t even recall if those sections still existed, because the paper itself had been so drastically minimized

Economically speaking, a newspaper has just two markets: advertisers and readers. The photo above says what one advertiser thinks: that ads in print are a waste—and so is what they’re printed on, including the LA Times. The reader whose house I stayed in has since canceled her subscription. She also isn’t subscribing to the online edition. She also subscribes to no forms of advertising, although she can hardly avoid ads online, or anywhere outside her home.

Many years ago, Esther Dyson said the challenge for business isn’t to add value but to subtract waste. So I’m wondering how much time, money, and effort Pavillions is wasting by sending ads to people—even to those who scan that QR code.

Peter Drucker said “the purpose of a business is to create a customer.” So, consider the difference between a customer created by good products and services and one created by coupons and “our weekly ad in your web browser.”

A good example of the former is Trader Joe’s., which has no loyalty program, no stuff “on sale,” no human-free checkout, almost no advertising—and none of the personal kind. Instead, Trader Joe’s creates customers with good products, good service, good prices, and helpful human beings. It never games customers with what Doug Rauch, retired president of Trader Joe’s, calls “gimmicks.”*

I actually like Pavillions. But only two things make me a Pavillioins customer. One is their location (slightly closer than Trader Joe’s), and the other is that they carry bread from LaBrea Bakery.

While I would never sign up for a weekly ad from Pavillions, I do acknowledge that lots of people love coupons and hunting for discounts.

But how much of that work is actually waste as well, with high cognitive and operational overhead for both sellers and buyers? How many CVS customers like scanning their loyalty card or punching in their phone number when they check out of the store—or actually using any of the many discounts printed on the store’s famous four-foot-long receipts? (Especially since many of those discounts are for stuff the customer just bought? Does CVS, which is a good chain with locations everywhere, actually need those gimmicks?)

Marketers selling services to companies like Pavillions and CVS will tell you, with lots of supporting stats, that coupons and personalized (aka “relevant” and “interest-based”) ads and promos do much to improve business. But what if a business is better to begin with, so customers come there for that reason, rather than because they’re being gamed with gimmicks?

Will the difference ever become fully obvious? I hope so, but I don’t know.

One thing I do know is that there is less and less left of old-fashioned brand advertising: the kind that supported newspapers in the first place. That kind of advertising was never personal (that was the job of “direct response marketing”). It was meant instead for populations of possible customers and carried messages about the worth of a brand.

This is the kind of advertising we still see on old-school TV, radio and billboards. Sometimes also in vertical magazines. (Fashion, for example.) But not much anymore in newspapers.

Why this change? Well, as I put it in Separating Advertising’s Wheat and Chaff, “Madison Avenue fell asleep, direct response marketing ate its brain, and it woke up as an alien replica of itself.”

That was seven years ago. A difference now is that it’s clearer than ever that digital tech and the Internet are radically changing every business, every institution, and every person who depends on it. Everywhere you drive in Los Angeles today, there are For Lease signs on office buildings. The same is true everywhere now graced with what Bob Frankston calls “ambient connectivity.” It’s a bit much to say nobody is going back to the office, but it’s obvious that you need damn good reasons for going there.

Meanwhile, I’m haunted by knowing a lot of real value is being subtracted as waste. (I did a TEDx talk on this topic, four years ago.) And that we’re not going back.

*I tell more of the Trader Joe’s story, with help from Doug, in The Intention Economy.

The Empire Strikes On

July 31, 2022 in adtech, advertising, data, intention economy, Internet, Journalism, Law, media, privacy, problems, regulation, Technology, VRM | Permalink

Twelve years ago, I posted The Data Bubble. It began,

The tide turned today. Mark it: 31 July 2010.

That’s when The Wall Street Journal published The Web’s Gold Mine: Your Secrets, subtitled A Journal investigation finds that one of the fastest-growing businesses on the Internet is the business of spying on consumers. First in a series. It has ten links to other sections of today’s report. It’s pretty freaking amazing — and amazingly freaky when you dig down to the business assumptions behind it. Here is the rest of the list (sans one that goes to a link-proof Flash thing):

Here’s the gist:

The Journal conducted a comprehensive study that assesses and analyzes the broad array of cookies and other surveillance technology that companies are deploying on Internet users. It reveals that the tracking of consumers has grown both far more pervasive and far more intrusive than is realized by all but a handful of people in the vanguard of the industry.

It gets worse:

In between the Internet user and the advertiser, the Journal identified more than 100 middlemen—tracking companies, data brokers and advertising networks—competing to meet the growing demand for data on individual behavior and interests.The data on Ms. Hayes-Beaty’s film-watching habits, for instance, is being offered to advertisers on BlueKai Inc., one of the new data exchanges. “It is a sea change in the way the industry works,” says Omar Tawakol, CEO of BlueKai. “Advertisers want to buy access to people, not Web pages.” The Journal examined the 50 most popular U.S. websites, which account for about 40% of the Web pages viewed by Americans. (The Journal also tested its own site, WSJ.com.) It then analyzed the tracking files and programs these sites downloaded onto a test computer. As a group, the top 50 sites placed 3,180 tracking files in total on the Journal’s test computer. Nearly a third of these were innocuous, deployed to remember the password to a favorite site or tally most-popular articles. But over two-thirds—2,224—were installed by 131 companies, many of which are in the business of tracking Web users to create rich databases of consumer profiles that can be sold.

Here’s what’s delusional about all this: There is no demand for tracking by individual customers. All the demand comes from advertisers — or from companies selling to advertisers. For now.

Here is the difference between an advertiser and an ordinary company just trying to sell stuff to customers: nothing. If a better way to sell stuff comes along — especially if customers like it better than this crap the Journal is reporting on — advertising is in trouble.

In fact, I had been calling the tracking-based advertising business (now branded adtech or ad-tech) a bubble for some time. For example, in Why online advertising sucks, and is a bubble (31 October 2008) and After the advertising bubble bursts (23 March 2009). But I didn’t expect my own small voice to have much effect. But this was different. What They Know was written by a crack team of writers, researchers, and data visualizers. It was led by Julia Angwin and truly Pulitzer-grade stuff. It  was so well done, so deep, and so sharp, that I posted a follow-up report three months later, called The Data Bubble II. In that one, I wrote,

That same series is now nine stories long, not counting the introduction and a long list of related pieces. Here’s the current list:

  1. The Web’s Gold Mine: What They Know About You
  2. Microsoft Quashed Bid to Boost Web Privacy
  3. On the Web’s Cutting Edge: Anonymity in Name Only
  4. Stalking by Cell Phone
  5. Google Agonizes Over Privacy
  6. Kids Face Intensive Tracking on Web
  7. ‘Scrapers’ Dig Deep for Data on the Web
  8. Facebook in Privacy Breach
  9. A Web Pioneer Profiles Users By Name

Related pieces—

Two things I especially like about all this. First, Julia Angwin and her team are doing a terrific job of old-fashioned investigative journalism here. Kudos for that. Second, the whole series stands on the side of readers. The second person voice (youyour) is directed to individual persons—the same persons who do not sit at the tables of decision-makers in this crazy new hyper-personalized advertising business.

To measure the delta of change in that business, start with John Battelle‘s Conversational Marketing series (post 1post 2post 3) from early 2007, and then his post Identity and the Independent Web, from last week. In the former he writes about how the need for companies to converse directly with customers and prospects is both inevitable and transformative. He even kindly links to The Cluetrain Manifesto (behind the phrase “brands are conversations”).

It was obvious to me that this fine work would blow the adtech bubble to a fine mist. It was just a matter of when.

Over the years since, I’ve retained hope, if not faith. Examples: The Data Bubble Redux (9 April 2016), and Is the advertising bubble finally starting to pop? (9 May 2016, and in Medium).

Alas, the answer to that last one was no. By 2016, Julia and her team had long since disbanded, and the original links to the What They Know series began to fail. I don’t have exact dates for which failed when, but I do know that the trusty master link, wjs.com/wtk, began to 404 at some point. Fortunately, Julia has kept much of it alive at https://juliaangwin.com/category/portfolio/wall-street-journal/what-they-know/. Still, by the late Teens it was clear that even the best journalism wasn’t going to be enough—especially since the major publications had become adtech junkies. Worse, covering their own publications’ involvement in surveillance capitalism had become an untouchable topic for journalists. (One notable exception is Farhad Manjoo of The New York Times, whose coverage of the paper’s own tracking was followed by a cutback in the practice.)

While I believe that most new laws for tech mostly protect yesterday from last Thursday, I share with many a hope for regulatory relief. I was especially jazzed about Europe’s GDPR, as you can read in GDPR will pop the adtech bubble (12 May 2018) and Our time has come (16 May 2018 in ProjectVRM).

But I was wrong then too. Because adtech isn’t a bubble. It’s a death star in service of an evil empire that destroys privacy through every function it funds in the digital world.

That’s why I expect the American Data Privacy and Protection Act (H.R. 8152), even if it passes through both houses of Congress at full strength, to do jack shit. Or worse, to make our experience of life in the digital world even more complicated, by requiring us to opt-out, rather than opt-in (yep, it’s in the law—as a right, no less), to tracking-based advertising everywhere. And we know how well that’s been going. (Read this whole post by Tom Fishburne, the Marketoonist, for a picture of how less than zero progress has been made, and how venial and absurd “consent” gauntlets on websites have become.) Do a search for https://www.google.com/search?q=gdpr+compliance to see how large the GDPR “compliance” business has become. Nearly all your 200+ million results will be for services selling obedience to the letter of the GDPR while death-star laser beams blow its spirit into spinning shards. Then expect that business to grow once the ADPPA is in place.

There is only thing that will save us from adtech’s death star.

That’s tech of our own. Our tech. Personal tech.

We did it in the physical world with the personal privacy tech we call clothing, shelter, locks, doors, shades, and shutters. We’ve barely started to make the equivalents for the digital world. But the digital world is only a few decades old. It will be around for dozens, hundreds, or thousands of decades to come. And adtech is still just a teenager. We can, must, and will do better.

All we need is the tech. Big Tech won’t do it for us. Nor will Big Gov.

The economics will actually help, because there are many business problems in the digital world that can only be solved from the customers’ side, with better signaling from demand to supply than adtech-based guesswork can ever provide. Customer Commons lists fourteen of those solutions, here. Privacy is just one of them.

Use the Force, folks.

That Force is us.

Subscriptification

July 15, 2022 in data, media | 3 comments

subscribe

via Nick Youngson CC BY-SA 3.0 Pix4free.org

Let’s start with what happened to TV.

For decades, all TV signals were “over the air,” and free to be watched by anyone with a TV and an antenna. Then these things happened:

  1.  Community Antenna TeleVision, aka CATV, gave us most or all of our free over-the-air channels, plus many more—for a monthly subscription fee. They delivered this service, literally, through a cable connection—one that looked like the old one that went to an outside antenna, but instead went back to the cable company’s local headquarters.
  2. Then premium TV (aka “pay,” “prestige” and “subscription” TV), along with one’s cable channel selection. This started with HBO and Showtime. It cost additional subscription fees but was inside your cable channel selection and your monthly cable bill.
  3. Then came streaming services, (aka Video on Demand, or VoD) showed up over the Internet, and then through media players you could hook up to your tv through an input (usually HDMI) aside from the one from your cable box, and your cable service—even if your Internet service was provided by the cable company. This is why the cable industry called all of these services “over the top,” or OTT. The main brands here were Amazon Fire, Apple TV, Google Chromecast, and Roku. Being delivered over the Internet rather than lumped in with all those cable channels, higher resolutions were possible. At best most cable services are “HD,” which was fine a decade ago, but is now quite retro. Want to watch TV in 4K, HDR, and all that? Subscribe through your smart OTT media intermediary.
  4. And now media players are baked into TVs. Go to Best Buy, Costco, Sam’s Club, Amazon, or Walmart, and you’ll see promos for “smart” Google, Fire (Amazon), Roku, webOS, and Tizen TVs—rather than just Sony, LG, Samsung, and other brands. Relatively cheap brands, such as Vizio, TCL, and Hisense, are essentially branded media players with secondary brand names on the bezel.

Economically speaking, all that built-in smartness is about two things. One is facilitating subscriptions, and the other is spying on you for the advertising business. But let’s table the latter and focus just on subscriptions, because that’s the way the service world is going.

More and more formerly free stuff on the Net is available only behind paywalls. Newspapers and magazines have been playing this game for some time. But, now that Substack is the new blogging, many writers there are paywalling their stuff as well. Remember SlideShare? Now it’s “Read free for 60 days.”

Podcasting is drifting in that direction too. SiriusXM and Spotify together paid over a half $billion to put a large mess of popular podcasts into subscription-based complete (SiriusXM) or partial (Spotify) paywall systems, pushing podcasting toward the place where premium TV has already sat for years—even though lots of popular podcasts are still paid for by advertising.

I could add a lot of data here, but I’m about to leave on a road trip. So I’ll leave it up to you. Look at what you’re spending now on subscriptions, and how that collection of expenses is going up. Also, take a look at how much of what was free on the Net and the Web is moving to a paid subscription model. The trend is not small, and I don’t see it stopping soon.

 

Laws of Identity

May 10, 2022 in data, history, Ideas, Identity, iiw | 2 comments

When digital identity ceases to be a pain in the ass, we can thank Kim Cameron and his Seven Laws of Identity, which he wrote in 2004, formally published in early 2005, and gently explained and put to use until he died late last year. Today, seven of us will take turns explaining each of Kim’s laws at KuppingerCole‘s EIC conference in Berlin. We’ll only have a few minutes each, however, so I’d like to visit the subject in a bit more depth here.

To understand why these laws are so important and effective, it will help to know where Kim was coming from in the first place. It wasn’t just his work as the top architect for identity at Microsoft (to which he arrived when his company was acquired). Specifically, Kim was coming from two places. One was the physical world where we live and breathe, and identity is inherently personal. The other was the digital world where what we call identity is how we are known to databases. Kim believed the former should guide the latter, and that nothing like that had happened yet, but that we could and should work for it.

Kim’s The Laws of Identity paper alone is close to seven thousand words, and his IdentityBlog adds many thousands more. But his laws by themselves are short and sweet. Here they are, with additional commentary by me, in italics.

1. User Control and Consent

Technical identity systems must only reveal information identifying a user with the user’s consent.

Note that consent goes in the opposite direction from all the consent “agreements” websites and services want us to click on. This matches the way identity works in the natural world, where each of us not only chooses how we wish to be known, but usually with an understanding about how that information might be used.

2. Minimun Disclosure for a Constrained Use

The solution which discloses the least amount of identifying information and best limits its use is the most stable long term solution.

There is a reason we don’t walk down the street wearing name badges: because the world doesn’t need to know any more about us than we wish to disclose. Even when we pay with a credit card, the other party really doesn’t need (or want) to know the name on the card. It’s just not something they need to know.

3. Justifiable Parties

Digital identity systems must be designed so the disclosure of identifying information is limited to parties having a necessary and justifiable place in a given identity relationship.

If this law applied way back when Kim wrote it, we wouldn’t have the massive privacy losses that have become the norm, with unwanted tracking pretty much everywhere online—and increasingly offline as well. 

4. Directed Identity

A universal identity system must support both “omni-directional” identifiers for use by public entities and “unidirectional” identifiers for use by private entities, thus facilitating discovery while preventing unnecessary release of correlation handles.

All brands, meaning all names of public entities, are “omni-directional.” They are also what Kim calls “beacons” that have the opposite of something to hide about who they are. Individuals, however, are private first, and public only to the degrees they wish to be in different circumstances. Each of the first three laws are “unidirectional.”

5. Pluralism of Operators and Technologies

A universal identity system must channel and enable the inter-working of multiple identity technologies run by multiple identity providers.

This law expresses learnings from Microsoft’s failed experiment with Passport and a project called “Hailstorm.” The idea with both was for Microsoft to become the primary or sole online identity provider for everyone. Kim’s work at Microsoft was all about making the company one among many working in the same broad industry.

6. Human Integration

The universal identity metasystem must define the human user to be a component of the distributed system integrated through unambiguous human-machine communication mechanisms offering protection against identity attacks.

As Kim put it in his 2019 (and final) talk at EIC, we need to turn the Web “right side up,” meaning putting the individual at the top rather than the bottom, with each of us in charge of our lives online, in distributed homes of our own. That’s what will integrate all the systems we deal with. (Joe Andrieu first explained this in 2007, here.)

7. Consistent Experience Across Contexts

The unifying identity metasystem must guarantee its users a simple, consistent experience while enabling separation of contexts through multiple operators and technologies.

So identity isn’t just about corporate systems getting along with each other. It’s about giving each of us scale across all the entities we deal with. Because it’s our experience that will make identity work right, finally, online. 

I expect to add more as the conference goes on; but I want to get this much out there to start with.

By the way, the photo above is from the first and only meeting of the Identity Gang, at Esther Dyson’s PC Forum in 2005. The next meeting of the Gang was the first Internet Identity Workshop, aka IIW, later that year. We’ve had 34 more since then, all with hundreds of participants, all with great influence on the development of code, standards, and businesses in digital identity and adjacent fields. And all guided by Kim’s Laws.

 

The Age of Optionality—and its costs

April 2, 2022 in data, Events | 5 comments

Throughout the entire history of what we call media, we have consumed its contents on producers’ schedules. When we wanted to know what was in newspapers and magazines, we waited until the latest issues showed up on newsstands, at our doors, and in our mailboxes. When we wanted to hear what was on the radio or to watch what was on TV, we waited until it played on our stations’ schedules. “What’s on TV tonight?” is perhaps the all-time most-uttered question about a medium. Wanting the answers is what made TV Guide required reading in most American households.

But no more. Because we have entered the Age of Optionality. We read, listen to, and watch the media we choose, whenever we please. Podcasts, streams, and “over the top” (OTT) on-edmand subscription services are replacing old-fashioned broadcasting. Online publishing is now more synchronous with readers’ preferences than with producers’ schedules.

The graph above illustrates what happened and when, though I’m sure the flat line at the right end is some kind of error on Google’s part. Still, the message is clear: what’s on and what’s in have become anachronisms.

The centers of our cultures have been held for centuries by our media. Those centers held in large part because they came on a rhythm, a beat, to which we all danced and on which we all depended. But now those centers are threatened or gone, as media have proliferated and morphed into forms that feed our attention through the flat rectangles we carry in our pockets and purses, or mount like large art pieces on walls or tabletops at home. All of these rectangles maximize optionality to degrees barely imaginable in prior ages and their media environments: vocal, scribal, printed, broadcast.

We are now digital beings. With new media overlords.

The Digital Markets Act in Europe calls these overlords “gatekeepers.” The gates they keep are at entrances to vast private walled gardens enclosing whole cultures and economies. Bruce Schneier calls these gardens feudal systems in which we are all serfs.

To each of these duchies, territories, fiefs, and countries, we are like cattle from which personal data is extracted and processed as commodities. Purposes differ: Amazon, Apple, Facebook, Google, Twitter, and our phone and cable companies each use our personal data in different ways. Some of those ways do benefit us. But our agency over how personal data is extracted and used is neither large nor independent of these gatekeepers. Nor do we have much if any control over what countless customers of gatekeepers do with personal data they are given or sold.

The cornucopia of options we have over the media goods we consume in these gardens somatizes us while also masking the extreme degree to which these private gatekeepers have enclosed the Internet’s public commons, and how algorithmic optimization of engagement at all costs has made us into enemy tribes. Ignorance of this change and its costs is the darkness in which democracy dies.

Shoshana Zuboff calls this development The Coup We Are Not Talking About. The subhead of that essay makes the choice clear: We can have democracy, or we can have a surveillance society, but we cannot have both. Her book, The Age of Surveillance Capitalism: The Fight for a Human Future at the New Frontier of Power, gave us a name for what we’re up against. A bestseller, it is now published in twenty-six languages. But our collective oblivity is also massive.

We plan to relieve some of that oblivity by having Shoshana lead the final salon in our Beyond the Web series at Indiana University’s Ostrom Workshop. To prepare for that, Joyce and I spoke with Shoshana for more than an hour and a half last night, and are excited about her optimism toward restoring the public commons and invigorating democracy in our still-new digital age. This should be an extremely leveraged way to spend an hour or more on April 11, starting at 2PM Eastern time. And it’s free.

Use this link to add the salon to your calendar and join in when it starts.

Or, if you’re in Bloomington, come to the Workshop and attend in person. We’re at 513 North Park Avenue.

 

 

The frog of war

March 6, 2022 in data | 1 comment

“Compared to war, all other forms of human endeavor shrink to insignificance. God help me, I do love it so.” — George S. Patton (in the above shot played by George C. Scott in his greatest role.)

Is the world going to croak?

Put in geological terms, will the Phanerozoic eon, which began with the Cambrian explosion a half billion years ago, end at the close of the Anthropocene epoch, when the human species, which has permanently put its mark on the Earth, commits suicide with nuclear weapons? This became a lot more plausible as soon as Putin rattled his nuclear saber.

Well, life will survive, even if humans do not. And that will happen whether or not the globe warms as much as the IPCC assures us it will. If temperatures in the climate of our current interglacial interval peak with both poles free of ice, the Mississippi river will meet the Atlantic at what used to be St. Louis. Yet life will abound, as life does, at least until the Sun gets so large and hot that photosynthesis stops and the phanerozoic finally ends. That time is about a half-billion years away. That might seem like a long time, but given the age of the Earth itself—about 4.5 billion years—life here is much closer to the end than the beginning.

Now let’s go back to human time.

I’ve been on the planet for almost 75 years, which in the grand scheme is a short ride. But it’s enough to have experienced history being bent some number of times. So far I count six.

First was on November 22, 1963, when John F. Kennedy was assassinated. This was when The Fifties actually ended and The Sixties began. (My great aunt Eva Quakenbush, née Searls or Searles—it was spelled both ways—told us what it was like when Lincoln was shot and she was 12 years old. “It changed everything,” she said. So did the JFK assassination.)

The second was the one-two punch of the Martin Luther King and Bobby Kennedy assassinations, on April 4 and June 6, 1968. The former was a massive setback for both the civil rights movement and nonviolence. And neither has fully recovered. The latter assured the election of Richard Nixon and another six years of the Vietnam war.

The third was the Internet, which began to take off in the mid-1990s. I date the steep start of hockey stick curve to April 30, 1995, when the last backbone within the Internet that had forbidden commercial traffic (NSFnet) shut down, uncorking a tide of e-commerce that is still rising.

The fourth was 9/11, in 2001. That suckered the U.S. into wars in Afghanistan and Iraq, and repositioned the country from the world’s leading peacekeeper to the world’s leading war-maker—at least until Russia stepped up.

The fifth was the Covid pandemic, which hit the world in early 2020 and is still with us, causing all sorts of changes, from crashes in supply chains to inflation to complete new ways for people to work, travel, vote, and think.

Sixth is the 2022 Russian invasion of Ukraine, which began on February 24, 2022, just eleven days ago as I write this.

Big a thing as this last bend is—and it’s huge—there are too many ways to make sense of it all:

I didn’t list the threat of thermonuclear annihilation among the six big changes in history I’ve experienced because I was raised with it. Several times a year we would “duck and cover” under our desks when the school would set off air raid sirens. Less frequent than fire drills, these were far more scary, because we all knew we were toast, being just five miles by air from Manhattan, which was surely in the programmed crosshairs on one or more Soviet nukes.

Back then I put so little faith in adult wisdom, and its collective expression in government choices, that I had a bucket list of places I’d like to see before nuclear blasts or fallout doomed us all. My top two destinations were the Grand Canyon and California: exotic places for a kid whose farthest family venturings from New Jersey were to see relatives in North Carolina and North Dakota. (Of no importance but of possible interest is that I’ve now been a citizen of California for 37 years, married to an Angelino for 32 of those, and it still seems exotic to me. Mountains next to cities and beaches? A tradition of wildfires and earthquakes? Whoa.)

What’s around the corner we turned two Thursdays ago? Hard to tell, in spite of all that’s being said by Wise Ones in the links above. One things I do know for sure: People have changed, because more and more of them are digital now, connected to anybody and anything at any distance, and able to talk, produce “content” and do business—and to look and think past national and territorial boundaries. We make our tools and then our tools make us, McLuhan taught. Also, all media work us over completely. We have been remade into digital beings by our wires, waves, and phones. This raises optionalities in too many ways to list.

I’m an optimist by nature, and since the ’90s have been correctly labeled a cyber-utopian. (Is there anything more utopian than The Cluetrain Manifesto?) To me, the tiny light at the end of Ukraine’s tunnel is a provisional belief that bad states—especially ones led by lying bastards who think nothing of wasting thousands or millions of innocent lives just to build an empire—can’t win World War Wired. Unless, that is, the worst of those bastards launches the first nuke and we all go “gribbit.”

Our challenge as a species, after we stop Russia’s land grab from becoming a true world war, is to understand fully how we can live and work in the Wired World as digital as well as physical beings.

Tags:

TheirCharts

January 15, 2022 in Business, data, Health, Personal, problems | 9 comments

If you’re getting health care in the U.S., chances are your providers are now trying to give you a better patient experience through a website called MyChart.

This is supposed to be yours, as the first person singular pronoun My implies. Problem is, it’s TheirChart. And there are a lot of them. I have four (correction: five*) MyChart accounts with as many health care providers, so far: one in New York, two in Santa Barbara, one in Mountain View, and one in Los Angeles. I may soon have another in Bloomington, Indiana. None are mine. All are theirs, and they seem not to get along. Especially with me. (Some later correction on this below, and from readers who have weighed in. See the comments.)

Not surprisingly, all of them come from a single source: Epic Systems, the primary provider of back-end information tech to the country’s health care providers, including most of the big ones: Harvard, Yale, Mayo, UCLA, UChicago, Duke, Johns Hopkins, multiple Mount Sinais, and others like them. But, even though all these MyChart portals are provided by one company, and (I suppose) live in one cloud, there appears to be no way for you, the patient, to make those things work together inside an allied system that is truly yours (like your PC or your car is yours), or for you to provide them with data you already have from other sources. Which you could presumably do if My meant what it says.

The way they work can get perverse. For example, a couple days ago, one of my doctors’ offices called to tell me we would need to have a remote consult before she changed one of my prescriptions. This, I was told, could not be done over the phone. It would need to be done over video inside MyChart. So now we have an appointment for that meeting on Monday afternoon, using MyChart.

I decided to get ahead of that by finding my way into the right MyChart and leaving a session open in a browser tab. Then I made the mistake of starting to type “MyChart” into my browser’s location bar, and then not noticing that the top result was one of the countless other MyCharts maintained by countless other health care providers. But this other one looked so much like one of mine that I wasted an hour or more, failing to log in and then failing to recover my login credentials. It wasn’t until I called the customer service number thankfully listed on the website that I found I was trying to use the MyChart of some provider I’d never heard of—and which had never heard of me.

Now I’m looking at one of my two MyCharts for Santa Barbara, where it shows no upcoming visits. I can’t log into the other one to see if the Monday appointment is noted there, because that MyChart doesn’t know who I am. So I’m hoping to unfuck that one on Monday before the call on whichever MyChart I’ll need to use. Worst case, I’ll just tell the doctor’s office that we’ll have to make do with a phone call. If they answer the phone, that is.

The real problem here is that there seem to be hundreds or thousands of different health care providers, all using one company’s back end to provide personal health care information to millions of patients through hundreds or thousands of different portals, all called the same thing (or something close), while providing no obvious way for patients to gather their own data from multiple sources to use for their own independent purposes, both in and out of that system. Or any system.

To call this fubar understates the problem.

Here’s what matters: Epic can’t solve this. Nor can any or all of these separate health care systems. Because none of them are you.

You’re where the solution needs to happen. You need a simple and standardized way to collect and manage your own health-related information and engagements with multiple health care providers. One that’s yours.

This doesn’t mean you need to be alone in the wilderness. You do need expert help. In the old days, you used to get that through your primary care physician. But large health care operations have been hoovering up private practices for years, and one of the big reasons for that has been to make the data management side of medicine easier for physicians and their many associated providers. Not to make it easier for you. After all, you’re not their customer. Insurance companies are their customers.

In the midst of this is a market hole where your representation in the health care marketplace needs to sit. I know just one example of how that might work: the HIE of One. (HIE is Health Information Exchange.) For all our sakes, somebody please fund that work.

Far too much time, sweat, money, and blood is being spilled trying to solve this problem from the center outward. (For a few details on how awful that is, start reading here.)

While we’re probably never going to make health care in the U.S. something other than the B2B insurance business it has become, we can at least start working on a Me2B solution in the place it most needs to work: with patients. Because we’re the ones who need to be in full command of our relationships with our providers as well as with ourselves.

Health care, by the way, is just one category that cries out for solutions that can only come from the customers’ side. Customer Commons has a list of fourteen, including this one.

The first of these is identity. The self-sovereign approach to that would start with a wallet that is truly mine, and includes all these MyCharts. Hell, Epic could do one. Hint hint.

*Okay, now it’s Monday, and I’m a half-hour away from my consult with my doctor, via Zoom, inside MyChart. Turns out I was not yet registered with this MyChart, but at least there was a phone number I could call, and on the call (which my phone says took 14 minutes) we got my ass registered. He also pointed me to where, waaay down a very long menu, there is a “Link my accounts” choice, which brings up this:

Credit where due:

It was very easy to link my four known accounts, plus another (the one in Mountain View) that I had forgotten but somehow the MyChart master brain remembered. I suspect, given all the medical institutions I have encountered in my long life, that there are many more. Because in fact I had been to the Mountain View hospital only once, and I don’t even remember why, though I suppose I could check.

So that’s the good news. The bad news remains the same. None of these charts are mine. They are just views into many systems that are conditionally open to me. That they are now federated (that’s what this kind of linking-up is called) on Epic’s back end does not make it mine. It just makes it a many-theirs.

So the system still needs to be fixed. From our end.

 

 

 

 

 

Just in case you feel safe with Twitter

January 26, 2021 in adtech, advertising, Business, data, marketing, personal data, privacy, problems, publishing, Technology | Permalink

Just got a press release by email from David Rosen (@firstpersonpol) of the Public Citizen press office. The headline says “Historic Grindr Fine Shows Need for FTC Enforcement Action.” The same release is also a post in the news section of the Public Citizen website. This is it:

WASHINGTON, D.C. – The Norwegian Data Protection Agency today fined Grindr $11.7 million following a Jan. 2020 report that the dating app systematically violates users’ privacy. Public Citizen asked the Federal Trade Commission (FTC) and state attorneys general to investigate Grindr and other popular dating apps, but the agency has yet to take action. Burcu Kilic, digital rights program director for Public Citizen, released the following statement:

“Fining Grindr for systematic privacy violations is a historic decision under Europe’s GDPR (General Data Protection Regulation), and a strong signal to the AdTech ecosystem that business-as-usual is over. The question now is when the FTC will take similar action and bring U.S. regulatory enforcement in line with those in the rest of the world.

“Every day, millions of Americans share their most intimate personal details on apps like Grindr, upload personal photos, and reveal their sexual and religious identities. But these apps and online services spy on people, collect vast amounts of personal data and share it with third parties without people’s knowledge. We need to regulate them now, before it’s too late.”

The first link goes to Grindr is fined $11.7 million under European privacy law, by Natasha Singer (@NatashaNYT) and Aaron Krolik. (This @AaronKrolik? If so, hi. If not, sorry. This is a blog. I can edit it.) The second link goes to a Public Citizen post titled Popular Dating, Health Apps Violate Privacy.

In the emailed press release, the text is the same, but the links are not. The first is this:

https://default.salsalabs.org/T72ca980d-0c9b-45da-88fb-d8c1cf8716ac/25218e76-a235-4500-bc2b-d0f337c722d4

The second is this:

https://default.salsalabs.org/Tc66c3800-58c1-4083-bdd1-8e730c1c4221/25218e76-a235-4500-bc2b-d0f337c722d4

Why are they not simple and direct URLs? And who is salsalabs.org?

You won’t find anything at that link, or by running a whois on it. But I do see there is a salsalabs.com, which has  “SmartEngagement Technology” that “combines CRM and nonprofit engagement software with embedded best practices, machine learning, and world-class education and support.” since Public Citizen is a nonprofit, I suppose it’s getting some “smart engagement” of some kind with these links. PrivacyBadger tells me Salsalabs.com has 14 potential trackers, including static.ads.twitter.com.

My point here is that we, as clickers on those links, have at best a suspicion about what’s going on: perhaps that the link is being used to tell Public Citizen that we’ve clicked on the link… and likely also to help target us with messages of some sort. But we really don’t know.

And, speaking of not knowing, Natasha and Aaron’s New York Times story begins with this:

The Norwegian Data Protection Authority said on Monday that it would fine Grindr, the world’s most popular gay dating app, 100 million Norwegian kroner, or about $11.7 million, for illegally disclosing private details about its users to advertising companies.

The agency said the app had transmitted users’ precise locations, user-tracking codes and the app’s name to at least five advertising companies, essentially tagging individuals as L.G.B.T.Q. without obtaining their explicit consent, in violation of European data protection law. Grindr shared users’ private details with, among other companies, MoPub, Twitter’s mobile advertising platform, which may in turn share data with more than 100 partners, according to the agency’s ruling.

Before this, I had never heard of MoPub. In fact, I had always assumed that Twitter’s privacy policy either limited or forbid the company from leaking out personal information to advertisers or other entities. Here’s how its Private Information Policy Overview begins:

You may not publish or post other people’s private information without their express authorization and permission. We also prohibit threatening to expose private information or incentivizing others to do so.

Sharing someone’s private information online without their permission, sometimes called doxxing, is a breach of their privacy and of the Twitter Rules. Sharing private information can pose serious safety and security risks for those affected and can lead to physical, emotional, and financial hardship.

On the MoPub site, however, it says this:

MoPub, a Twitter company, provides monetization solutions for mobile app publishers and developers around the globe.

Our flexible network mediation solution, leading mobile programmatic exchange, and years of expertise in mobile app advertising mean publishers trust us to help them maximize their ad revenue and control their user experience.

The Norwegian DPA apparently finds a conflict between the former and the latter—or at least in the way the latter was used by Grinder (since they didn’t fine Twitter).

To be fair, Grindr and Twitter may not agree with the Norwegian DPA. Regardless of their opinion, however, by this point in history we should have no faith that any company will protect our privacy online. Violating personal privacy is just too easy to do, to rationalize, and to make money at.

To start truly facing this problem, we need start with a simple fact: If your privacy is in the hands of others alone, you don’t have any. Getting promises from others not to stare at your naked self isn’t the same as clothing. Getting promises not to walk into your house or look in your windows is not the same as having locks and curtains.

In the absence of personal clothing and shelter online, or working ways to signal intentions about one’s privacy, the hands of others alone is all we’ve got. And it doesn’t work. Nor do privacy laws, especially when enforcement is still so rare and scattered.

Really, to potential violators like Grindr and Twitter/MoPub, enforcement actions like this one by the Norwegian DPA are at most a little discouraging. The effect on our experience of exposure is still nil. We are exposed everywhere, all the time, and we know it. At best we just hope nothing bad happens.

The only way to fix this problem is with the digital equivalent of clothing, locks, curtains, ways to signal what’s okay and what’s not—and to get firm agreements from others about how our privacy will be respected.

At Customer Commons, we’re starting with signaling, specifically with first party terms that you and I can proffer and sites and services can accept.

The first is called P2B1, aka #NoStalking. It says “Just give me ads not based on tracking me.” It’s a term any browser (or other tool) can proffer and any site or service can accept—and any privacy-respecting website or service should welcome.

Making this kind of agreement work is also being addressed by IEEE7012, a working group on machine-readable personal privacy terms.

Now we’re looking for sites and services willing to accept those terms. How about it, Twitter, New York Times, Grindr and Public Citizen? Or anybody.

DM us at @CustomerCommons and we’ll get going on it.

 

Choose One

May 9, 2020 in Business, data, Digital Life, infrastructure, Internet, Pandemic, Politics, privacy, problems, Social, Technology | Permalink

A few days ago, in Figuring the Future, I sourced an Arnold Kling blog post that posed an interesting pair of angles toward outlook: a 2×2 with Fragile <—> Robust on one axis and Essential <—> Inessential on the other. In his sort, essential + fragile are hospitals and airlines. Inessential + fragile are cruise ships and movie theaters. Robust + essential are tech giants. Inessential + robust are sports and entertainment conglomerates, plus major restaurant chains. It’s a heuristic, and all of it is arguable (especially given the gray along both axes), which is the idea. Cases must be made if planning is to have meaning.

Now, haul Arnold’s template over to The U.S. Labor Market During the Beginning of the Pandemic Recession, by Tomaz Cajner, Leland D. Crane, Ryan A. Decker, John Grigsby, Adrian Hamins-Puertolas, Erik Hurst, Christopher Kurz, and Ahu Yildirmaz, of the University of Chicago, and lay it on this item from page 21:

The highest employment drop, in Arts, Entertainment and Recreation, leans toward inessential + fragile. The second, in Accommodation and Food Services is more on the essential + fragile side. The lowest employment changes, from Construction on down to Utilities, all tending toward essential + robust.

So I’m looking at those bottom eight essential + robust categories and asking a couple of questions:

1) What percentage of workers in each essential + robust category are now working from home?

2) How much of this work is essentially electronic? Meaning, done by people who live and work through glowing rectangles, connected on the Internet?

Hard to say, but the answers will have everything to do with the transition of work, and life in general, into a digital world that coexists with the physical one. This was the world we were gradually putting together when urgency around COVID-19 turned “eventually” into “now.”

In Junana, Bruce Caron writes,

“Choose One” was extremely powerful. It provided a seed for everything from language (connecting sound to meaning) to traffic control (driving on only one side of the road). It also opened up to a constructivist view of society, suggesting that choice was implicit in many areas, including gender.

Choose One said to the universe, “There are several ways we can go, but we’re all going to agree on this way for now, with the understanding that we can do it some other way later, thank you.” It wasn’t quite as elegant as “42,” but it was close. Once you started unfolding with it, you could never escape the arbitrariness of that first choice.

In some countries, an arbitrary first choice to eliminate or suspend personal privacy allowed intimate degrees of contract tracing to help hammer flat the infection curve of COVID-19. Not arbitrary, perhaps, but no longer escapable.

Other countries face similar choices. Here in the U.S., there is an argument that says “The tech giants already know our movements and social connections intimately. Combine that with what governments know and we can do contact tracing to a fine degree. What matters privacy if in reality we’ve lost it already and many thousands or millions of lives are at stake—and so are the economies that provide what we call our ‘livings.’ This virus doesn’t care about privacy, and for now neither should we.” There is also an argument that says, “Just because we have no privacy yet in the digital world is no reason not to have it. So, if we do contact tracing through our personal electronics, it should be disabled afterwards and obey old or new regulations respecting personal privacy.”

Those choices are not binary, of course. Nor are they outside the scope of too many other choices to name here. But many of those are “Choose Ones” that will play out, even if our choice is avoidance.

« Older entries § Newer entries »