Identity

You are currently browsing the archive for the Identity category.

We know more than we can tell.

That one-liner from Michael Polanyi has been waiting half a century for a proper controversy, which it now has with facial recognition. Here’s how he explains it in The Tacit Dimension:

This fact seems obvious enough; but it is not easy to say exactly what it means. Take an example. We know a person’s face, and can recognize it among a thousand others, indeed among a million. Yet we usually cannot tell how we recognize a face we know. So most of this knowledge cannot be put into words.

Polanyi calls that kind of knowledge tacit. The words we put knowledge into he calls explicit.

For an example of both at work, consider how, generally, we  don’t know how we will end the sentences we begin, or how we began the sentences we are ending—and how the same is true of what we hear or read from other people whose sentences we find meaningful. The explicit survives only as fragments, but the meaning of what was said persists in tacit form.

Likewise, if we are asked to recall and repeat, verbatim, a paragraph of words we have just said or heard, we will find it difficult or impossible to do so, even if we have no trouble saying exactly what was meant. This is because tacit knowing, whether kept to one’s self or told to others, survives the natural human tendency to forget particulars after a few seconds, even when we very clearly understand what we have just said or heard.

Tacit knowledge and short term memory are both features of human knowing and communication, not bugs. Even for people with extreme gifts of memorization (e.g. actors who can learn a whole script in one pass, or mathematicians who can learn pi to 4000 decimals), what matters more than the words or the numbers are their meaning. And that meaning is both more and other than what can be said. It is deeply tacit.

On the other hand—the digital hand—computer knowledge is only explicit, meaning a computer can know only what it can tell. At both knowing and telling, a computer can be far more complete and detailed than a human could ever be. And the more a computer knows, the better it can tell. (To be clear, a computer doesn’t know a damn thing. But it does remember—meaning it retrieves—what’s in its databases, and it does process what it retrieves. At all those activities it is inhumanly capable.)

So, the more a computer learns of explicit facial details, the better it can infer conclusions about that face, including ethnicity, age, emotion, wellness (or lack of it) and much else. Given a base of data about individual faces, and of names associated with those faces, a computer programmed to be adept at facial recognition can also connect faces to names, and say “This is (whomever).”

For all those reasons, computers doing facial recognition are proving useful for countless purposes: unlocking phones, finding missing persons and criminals, aiding investigations, shortening queues at passport portals, reducing fraud (for example at casinos), confirming age (saying somebody is too old or not old enough), finding lost pets (which also have faces). The list is long and getting longer.

Yet many (or perhaps all) of those purposes are at odds with the sense of personal privacy that derives from the tacit ways we know faces, our reliance on short term memory, and our natural anonymity (literally, namelessness) among strangers. All of those are graces of civilized life in the physical world, and they are threatened by the increasingly widespread use—and uses—of facial recognition by governments, businesses, schools and each other.

Louis Brandeis and Samuel Warren visited the same problem more than a century ago, when they became alarmed at the implications of recording and reporting technologies that were far more primitive than the kind we have today. In response to those technologies, they wrote a landmark Harvard Law Review paper titled The Right to Privacy, which has served as a pole star of good sense ever since. Here’s an excerpt:

Recent inventions and business methods call attention to the next step which must be taken for the protection of the person, and for securing to the individual what Judge Cooley calls the right “to be let alone” 10 Instantaneous photographs and newspaper enterprise have invaded the sacred precincts of private and domestic life ; and numerous mechanical devices threaten to make good the prediction that “what is whispered in the closet shall be proclaimed from the house-tops.” For years there has been a feeling that the law must afford some remedy for the unauthorized circulation of portraits of private persons ;11 and the evil of invasion of privacy by the newspapers, long keenly felt, has been but recently discussed by an able writer.12 The alleged facts of a somewhat notorious case brought before an inferior tribunal in New York a few months ago, 13 directly involved the consideration of the right of circulating portraits ; and the question whether our law will recognize and protect the right to privacy in this and in other respects must soon come before out courts for consideration.

They also say the “right of the individual to be let alone…is like the right not be assaulted or beaten, the right not be imprisoned, the right not to be maliciously prosecuted, the right not to be defamed.”

To that list today we might also add, “the right not to be reduced to bits” or “the right not to be tracked like an animal.”

But it’s hard to argue for those rights in the digital world, where computers can see, hear, draw and paint exact portraits of everything: every photo we take, every word we write, every spreadsheet we assemble, every database accumulating in our hard drives—plus those of every institution we interact with, and countless ones we don’t (or do without knowing the interaction is there).

Facial recognition by computers is a genie that is not going back in the bottle. And there is no limit to wishes the facial recognition genie can grant the organizations that want to use it, which is why pretty much everything is being done with it. A few examples:

  • Facebook’s Deep Face sells facial recognition for many purposes to corporate customers. Examples from that link: “Face Detection & Landmarks…Facial Analysis & Attributes…Facial Expressions & Emotion… Verification, Similarity & Search.” This is non-trivial stuff. Writes Ben Goertzel, “Facebook has now pretty convincingly solved face recognition, via a simple convolutional neural net, dramatically scaled.”
  • FaceApp can make a face look older, younger, whatever. It can even swap genders.
  • The FBI’s Next Generation Identification (NGI), involves (says Wikipedia) eleven companies and the National Center for State Courts (NCSC).
  • Snap has a patent for reading emotions in faces.
  • The MORIS™ Multi-Biometric Identification System is “a portable handheld device and identification database system that can scan, recognize and identify individuals based on iris, facial and fingerprint recognition,” and is typically used law enforcement organizations.
  • Casinos in Canada are using facial recognition to “help addicts bar themselves from gaming facilities.” It’s opt-in: “The technology relies on a method of “self-exclusion,” whereby compulsive gamblers volunteer in advance to have their photos banked in the system’s database, in case they ever get the urge to try their luck at a casino again. If that person returns in the future and the facial-recognition software detects them, security will be dispatched to ask the gambler to leave.”
  • Cruise ships are boarding passengers faster using facial recognition by computers.
  • Australia proposes scanning faces to see if viewers are old enough to look at porn.

Privacy freaks (me included) would like everyone to be creeped out by this. Yet many—perhaps most—people are cool with it to some degree, and not just because they’re acquiescing to the inevitable.

For example, in Barcelona, CaixaBank is rolling out facial recognition at its ATMs, claiming that 70% of surveyed customers are ready to use it as an alternative to keying in a PIN, and that “66% of respondents highlighted the sense of security that comes with facial recognition.” That the bank’s facial recognition system “has the capability of capturing up to 16,000 definable points when the user’s face is presented at the screen” is presumably of little or no concern. Nor, also presumably, is the risk of  what might get done with facial data if the bank gets hacked, or changes its privacy policy, or if it gets sold and the new owner can’t resist selling or sharing facial data with others who want it, or if government bodies require it.

A predictable pattern for every new technology is that what can be done will be done—until we see how it goes wrong and try to stop doing that. This has been true of every technology from stone tools to nuclear power and beyond. Unlike many other new technologies, however, it is not hard to imagine ways facial recognition by computers can go wrong, especially when it already has.

Two examples:

  1. In June, U.S. Customs and Border Protection, which relies on facial recognition and other biometrics, revealed that photos of people were compromised by a cyberattack on a federal subcontractor.
  2. In August, researchers at vpnMentor reported a massive data leak in BioStar 2, a widely used “Web-based biometric security smart lock platform” that uses facial recognition and fingerprinting technology to identify users, was compromised. Notes the report, “Once stolen, fingerprint and facial recognition information cannot be retrieved. An individual will potentially be affected for the rest of their lives.” vpnMentor also had a hard time getting thrugh to company officials, so they could fix the leak.

As organizations should know (but in many cases have trouble learning), the highest risks of data exposure and damage are to—

  • the largest data sets,
  • the most complex organizations and relationships, and
  • the largest variety of existing and imaginable ways that security can be breached

And let’s not discount the scary potentials at the (not very) far ends of technological progress and bad intent. Killer microdrones targeted at faces, anyone?

So it is not surprising that some large companies doing facial recognition go out of their way to keep personal data out of their systems. For example, by making facial recognition work for the company’s customers, but not for the company itself.

Such is the case with Apple’s late model iPhones, which feature FaceID: a personal facial recognition system that lets a person unlock their phone with a glance. Says Apple, “Face ID data doesn’t leave your device and is never backed up to iCloud or anywhere else.”

But special cases such as that one haven’t stopped push-back against all facial recognition. Some examples—

  • The Public Voice: “We the undersigned call for a moratorium on the use of facial recognition technology that enables mass surveillance.”
  • Fight for the Future: BanFacialRecognition. Self-explanatory, and with lots of organizational signatories.
  • New York Times: “San Francisco, long at the heart of the technology revolution, took a stand against potential abuse on Tuesday by banning the use of facial recognition software by the police and other agencies. The action, which came in an 8-to-1 vote by the Board of Supervisors, makes San Francisco the first major American city to block a tool that many police forces are turning to in the search for both small-time criminal suspects and perpetrators of mass carnage.”
  • Also in the Times, Evan Sellinger and Woodrow Hartzhog write, “Stopping this technology from being procured — and its attendant databases from being created — is necessary for protecting civil rights and privacy. But limiting government procurement won’t be enough. We must ban facial recognition in both public and private sectors, before we grow so dependent on it that we accept its inevitable harms as necessary for “progress.” Perhaps over time appropriate policies can be enacted that justify lifting a ban. But we doubt it.”
  • Cory Doctorow‘s Why we should ban facial recognition technology everywhere is an “amen” to the Selinger & Hartzhog piece.
  • BanFacialRecognition.com lists 37 participating organizations, including EPIC (Electronic Privacy Information Center), Daily Kos, Fight for the Future, MoveOn.org, National Lawyers Guild, Greenpeace and Tor.
  • MIT Technology Revew says bans are spreading in in the U.S.: San Francisco and Oakland, California, and Somerville, Massachusetts, have outlawed certain uses of facial recognition technology, with Portland, Oregon, potentially soon to follow. That’s just the beginning, according to Mutale Nkonde, a Harvard fellow and AI policy advisor. That trend will soon spread to states, and there will eventually be a federal ban on some uses of the technology, she said at MIT Technology Review’s EmTech conference.”
  • Ban Facial Recognition

Irony alert: the black banner atop that last story says, “We use cookies to offer you a better browsing experience, analyze site traffic, personalize content, and serve targeted advertisements.” Notes the TimesCharlie Warzel, “Devoted readers of the Privacy Project will remember mobile advertising IDs as an easy way to de-anonymize extremely personal information, such as location data.” Well, advertising IDs are among the many trackers that both MIT Technology Review and The New York Times inject in readers’ browsers with every visit. (Bonus link.)

My own position on all this is provisional, because I’m still learning and there’s a lot to take in. But here goes:

The only entities that should be able to recognize people’s faces are other people. And maybe their pets. But not machines.

However, given the unlkelihood that the facial recognition genie will ever go back in its bottle, I’ll suggest a few rules for entities using computers to do facial recognition. All these are provisional as well:

  1. People should have their own forms of facial recognition, for example to unlock phones or to sort through old photos. But, the data they gather should not be shared with the company providing the facial recognition software (unless it’s just of their own face, and then only for the safest possible diagnostic or service improvement purposes).
  2. Facial recognition used to detect changing facial characteristics (such as emotions, age or wellness) should be required to forget what they see, right after the job is done, and not use the data gathered for any purpose other than diagnostics or performance improvement.
  3. For persons having their faces recognized, sharing data for diagnostic or performance improvement purposes should be opt-in, with data anonymized and made as auditable as possible, by individuals and/or their intermediaries.
  4. For enterprises with systems that know individuals’ (customers’ or consumers’) faces, don’t use those faces to track or find those individuals elsewhere in the online or offline worlds—again, unless those individuals have opted in to the practice.

I suspect that Polanyi would agree with those.

But my heart is with Walt Whitman, whose Song of Myself argued against the dehumanizing nature of mechanization at the dawn of the industrial age. Wrote Walt,

Encompass worlds but never try to encompass me.
I crowd your noisiest talk by looking toward you.

Writing and talk do not prove me.I carry the plenum of proof and everything else in my face.
With the hush of my lips I confound the topmost skeptic…

Do I contradict myself?
Very well then. I contradict myself.
I am large. I contain multitudes.

The spotted hawk swoops by and accuses me.
He complains of my gab and my loitering.

I too am not a bit tamed. I too am untranslatable.
I sound my barbaric yawp over the roofs of the world.

The barbaric yawps by human hawks say five words, very explicitly:

Get out of my face.

And they yawp those words in spite of the sad fact that obeying them may prove impossible.

 

Thoughts at #ID2020

I’m at the ID2020 (@ID2020) Summit in New York. The theme is “Rising to the Good ID Challenge.” My notes here are accumulating at the bottom, not the top. Okay, here goes…

At that last link it says, “The ID2020 Alliance is setting the course of digital ID through a multi-stakeholder partnership, ensuring digital ID is responsibly implemented and widely accessible.”

I find myself wondering if individuals are among the stakeholders. Also this:

There is also a manifesto. It says, among other things, “The ability to prove one’s identity is a fundamental and universal human right.” and “We live in a digital era. Individuals need a trusted, verifiable way to prove who they are, both in the physical world and online.”

That’s good. I’d also want more than one way, which may be the implication here.

The first speaker is from Caribou Digital. What follows is from her talk.

“1. It’s about the user, not just the use case.”

Hmm… I believe identity needs to be about independent human beings, not just “users” of systems.

“2. Intermediaries are still critical.”

The focus here is on family and institutional intermediaries, especially in the less developed world. Which is fine; but people should not need intermediaries in all cases. If you tell someone your name, or give them a business card no intermediary is involved. That same convention should be available online.

“3. It’s not just about an ‘ID.’ It’s not even about an identity system. It’s about an identification ecosystem.”

This is fine, but identification is about what systems do, not about what individuals do or have; and by itself tends to exclude self-sovereign identity. Self-sovereign is how identity works in the physical world. Here we are nameless (literally, anonymous) to most others, and reveal information about who we are (business cards, student ID, drivers license) on an as-needed basis that obeys Kim Cameron’s Laws of Identity, notably “minimum disclosure for a constrained use,” “justifiable parties” and “personal control and consent.”

4. “A human-centered, inclusive, respectful vision for the next stage of identification in a digital age.”

We need human-driven. Explained long ago here and here.

That’s over and the first panel is on now. Most of it is inaudible where I sit. The topic now is self-sovereign and decentralized. The audience seems to be pushing that. @MatthewDavie just said something sensible, I think, but don’t have a quote.

This:

And this. Read the thread that follows. There are disagreements and explanations.

Here’s the ID2020 search on Twitter.

Background, at least on where I’m coming from: https://www.google.com/search?q=”doc+searls”+identity.

For the interested, @identitywoman, @windley and I (@dsearls) put on the Internet Identity Workshop, October 1-3 at the Computer History Museum in Silicon Valley. This one will be our 29th. (The first was in 2005 and there are two per year.) It’s an unconference: no keynotes or panels, just breakouts on topics attendees choose and lead. It’s the most consequential conference I know.

@MatthewDavie: “If we do this, and it doesn’t work with the current power players, we’re going to end up with a second-class system.” I suspect this makes sense, but I’m not sure what “this” is.

“Sovereign ownership of data” just came up from the audience. I think it’s possible for individuals to act in a self-sovereign way in sharing identity data, but not that this data is exclusively own-able. Some thoughts on that from Elizabeth Renieris (@HackyLawyER). Mine agree.

The second panel is on now. It’s mostly inauduble.

Now Dakota Gruener (@DakotaGruener), Executive Director of ID2020 is speaking. She’s telling a moving story about a homeless neighbor, Colin, who is denied services for lack of official ID(s).

New panel: Decentralization in National ID Programs.

Kim Cameron is on the panel now: “I spent thirty years building the world’s identity systems.” There were gasps. I yelled “It’s true.” He continued: “I’m now trying to rile up the world’s populations…”

John Jordan just made a point about how logins are a screwed up way to do things online and don’t map to what we know well and do in the everyday world. (I think that’s close. The sound system is dim at this end of the room.)

Kim just sourced my wife (who is here and now deeper than I am in this identity stuff), adding that “people know something is wrong” when they mention shoes somewhere and then see ads for shoes online. “We have technology. We have consciousness. We have will. So let’s do something.”

John: “What we want is to be in control of our relationships. Those are ours. Those are decentralized… People are decentralized.”

Kim: “What it means is recognizing that identity is who we are. It begins with us. .. only we know the aggregate of these attributes. In daily life we reveal some of those attributes, but never the aggregate. We need a system that begins with the indi and recognizes that they are in control, and choose what they reveal separately. We don’t want aggregates of ourselves to be everywhere. We need systems that recognize that, and are based on control by the individual, consent of the individual.”

“We do need assertions from people other than ourselves. The government can provide useful claims about a person. So can a university, or a bank. I can say somebody is a great guy. The identity fabric is all these claims.” Not quite verbatim, but close.

John: “Personal data should never be presented in a non-cryptographic way.” Something like that.

Kim on the GDPR: “We have it because the population demanded it… what will happen is this vision of people in control of their identity, and the Internet becoming reliable and trustworthy and probabilistic (meaning you’re being guessed at) rather than fully useful. Let’s give people their own wallets, let them run their own lives, make up their own minds… the world of legislation will grow, and it will do that around the will of people. … they need an identity system based on individuals rather than institutions overstepping their bounds… and we will see conflicts around this, with both good and bad government interventions.”

John: “I’d like to see legislation that forbids companies from holding personal information they don’t have to.” (Not verbatim, but maybe close. Again, hard to hear.)

Kim: “The current identity systems of the world are collapsing… you will have major institutions switching over to these decentralized identity systems, not from altruism, but from liability.”

Elizabeth heard and tweeted about one of the thing that was inaudible to me at this end of the room: “Thank you @LudaBujoreanu for addressing the deep disconnect between the reality on the ground of those without ID and the privileged POV from which many of these #digitalid systems are built @ID2020’s #id2020summit cc @WomeninID

Next panel: “Cities Driving Innovation in Good ID.”

Scott David from the audience just talked about “Turning troubles into problems,” and the challenge of doing that for individuals in an identity context.”

This reminds me of what Gideon Litchfield said about the difference between debates and conflicts, and I expanded on a bit here. Our point was that there are some issues that become locked in conflict with no real debate between sides. Scott’s distinction is toward a way out. Interesting. I’d like to know more.

Ken Banks tweets, “It’s an increasingly crowded space… #digitalidentity #ID2020″:

Image
He adds, “Already lots of talk of putting people first. Hopefully the #digitalidentity community will deliver, and not fall into the trap of saying one thing and doing another, a common issue with in the tech-for-development/#ICT4D sector. #ID2020 #GoodID

Two tweets…

@Gavi: “Government representatives, tech experts & civil society will gather at #UNGA74 today to discuss the potential of #DigitalID. Biometric ID data could help us better monitor which children need to be vaccinated and when. #ID2020

Image

 

Now I can’t find the other one. It argued that there is a 2-3% error rate for biomentric.

For lunch David Carroll (@ProfCarroll) of The New School (@thenewschool) is talking. Title: A data quest: holding tech to account. He starred in The Great Hack, on Netflix.

He’s sourcing Democracy Disrupted, by the UK ICO. “the sortable, addressable… algorithmic democracy. “Couterveillance: advertisers get all the privacy. We get none.”

“Parable of the great hadk: data rights must externd to digital creditoship. Identity depends on it.”

200 million America has no access to data held about them, by, for istance, Acxiom.

“A simple bill of data rights. Creditorship, objection, control, knowledge.” (Here’s something that’s not it, but interesting enough for me to flag for later reading.)

Now a panel moderated by Raffi Kirkorian. Also Cameron Birge of Microsoft and the Emerson Collective, Karen Ottoni, Demora Compari, Matthew Yarger and Christine Leong. (Again the sound is weak at this end of the room. Not picking up much here.)

Okay, that’s it. I’ll say more after I pull some pix together and complete these public notes…

Well, I have the pix, but the upload thing here in WordPress gives me an “http error” when I try to upload them. And now I’ve gotta drive to Boston, so that’ll have to wait.

Power of the People is a great grabber of a headline, at least for me. But it’s a pitch for a report that requires filling out the form here on the right:

You see a lot of these: invitations to put one’s digital ass on mailing list, just to get a report that should have been public in the first place, but isn’t so personal data can be harvested and sold or given away to God knows who.

And you do more than just “agree to join” a mailing list. You are now what marketers call a “qualified lead” for countless other parties you’re sure to be hearing from.

And how can you be sure? Read the privacy policy,. This one (for Viantinc.com) begins,

If you choose to submit content to any public area of our websites or services, your content will be considered “public” and will be accessible by anyone, including us, and will not be subject to the privacy protections set forth in this Privacy Policy unless otherwise required by law. We encourage you to exercise caution when making decisions about what information you disclose in such public areas.

Is the form above one of those “public areas”? Of course. What wouldn’t be? And are they are not discouraging caution by requiring you to fill out all the personal data fields marked with a *? You betcha. See here:

III. How we use and share your information

A. To deliver services

In order to facilitate our delivery of advertising, analytics and other services, we may use and/or share the information we collect, including interest-based segments and user interest profiles containing demographic information, location information, gender, age, interest information and information about your computer, device, or group of devices, including your IP address, with our affiliates and third parties, such as our service providers, data processors, business partners and other third parties.

B. With third party clients and partners

Our online advertising services are used by advertisers, websites, applications and other companies providing online or internet connected advertising services. We may share information, including the information described in section III.A. above, with our clients and partners to enable them to deliver or facilitate the delivery of online advertising. We strive to ensure that these parties act in accordance with applicable law and industry standards, but we do not have control over these third parties. When you opt-out of our services, we stop sharing your interest-based data with these third parties. Click here for more information on opting out.

No need to bother opting out, by the way, because there’s this loophole too:

D. To complete a merger or sale of assets

If we sell all or part of our business or make a sale or transfer of our assets or are otherwise involved in a merger or transfer of all or a material part of our business, or participate in any other similar business combination (including, without limitation, in connection with any bankruptcy or similar proceeding), we may transfer all or part of our data to the party or parties involved in the transaction as part of that transaction. You acknowledge that such transfers may occur, and that we and any purchaser of our business or assets may continue to collect, use and disclose your information in compliance with this Privacy Policy.

Okay, let’s be fair: this is boilerplate. Every marketing company—hell, every company period—puts jive like this in their privacy policies.

And Viant isn’t one of marketing’s bad guys. Or at least that’s not how they see themselves. They do mean well, kinda, if you forget they see no alternative to tracking people.

If you want to see what’s in that report without leaking your ID info to the world, the short cut is New survey by people-based marketer Viant promotes marketing to identified users in @Martech_Today.

What you’ll see there is a company trying to be good to users in a world where those users have no more power than marketers give them. And giving marketers that ability is what Viant does.

Curious… will Viant’s business persist after the GDPR trains heavy ordnance on it?

See, the GDPR  forbids gathering personal data about an EU citizen without that person’s clear permission—no matter where that citizen goes in the digital world, meaning to any site or service anywhere. It arrives in full force, with fines of up to 4% of global revenues in the prior fiscal year, on 25 May of this year: about three months from now.

In case you’ve missed it, I’m not idle here.

To help give individuals fresh GDPR-fortified leverage, and to save the asses of companies like Viant (which probably has lawyers working overtime on GDPR compliance), I’m working with Customer Commons (on the board of which I serve) on terms individuals can proffer and companies can agree to, giving them a form of protection, and agreeable companies a path toward GDPR compliance. And companies should like to agree, because those terms will align everyone’s interests from the start.

I’m also working with Linux Journal (where I’ve recently been elevated to editor-in-chief) to make it one of the first publishers to agree to friendly terms its readers proffer. That’s why I posted Every User a Neo there. Other metaphors: turning everyone on the Net into an Archimedes, with levers to move the world, and turning the whole marketplace in to a Marvel-like universe where all of us are enhanced.

If you want to help with any of that, talk to me.

 

Ingeyes Google Has Quietly Dropped Ban on Personally Identifiable Web Tracking, @JuliaAngwin and @ProPublica unpack what the subhead says well already: “Google is the latest tech company to drop the longstanding wall between anonymous online ad tracking and user’s names.”

So here’s a message from humanity to Google and all the other spy organizations in the surveillance economy: Tracking is no less an invasion of privacy in apps and browsers than it is in homes, cars, purses, pants and wallets.

That’s because our apps and browsers, like the devices on which we use them, are personal and private. Simple as that. (HT to @Apple for digging that fact.)

To help the online advertising business understand what ought to be obvious (but isn’t yet), let’s clear up some misconceptions:

  1. Tracking people without their clear and conscious permission is wrong. (Meaning The Castle Doctrine should apply online no less than it does in the physical world.)
  2. Assuming that using a browser or an app constitutes some kind of “deal” to allow tracking is wrong. (Meaning implied consent is not the real thing. See The Tradeoff Fallacy: How Marketers Are Misrepresenting American Consumers and Opening Them Up to Exploitation, by Joseph Turow, Ph.D. and the Annenberg School for Communication at the University of Pennsylvania.)
  3. Claiming that advertising funds the “free” Internet is wrong. (The Net has been free for the duration. Had it been left up to the billing companies of the world, we never would have had it, and they never would have made their $trillions on it. More at New Clues.)

What’s right is civilization, which relies on manners. Advertisers, their agencies and publishers haven’t learned manners yet.

But they will.

At the very least, regulations will force companies harvesting personal data to obey those they harvest it from, with fines for not obeying. Toward that end, Europe’s General Data Protection Regulation already has compliance offices at large corporations shaking in their boots, for good reason: “a fine up to 20,000,000 EUR, or in the case of an undertaking, up to 4% of the total worldwide annual turnover of the preceding financial year, whichever is higher (Article 83, Paragraph 5 & 6).” Those come into force in 2018. Stay tuned.

Companies harvesting personal data also shouldn’t be surprised to find themselves re-classified as fiduciaries, no less responsible than accountants, brokers and doctors for confidentiality on behalf of the people they collect data from. (Thank you, professors Balkin and Zittrain, for that legal and rhetorical hack. Brilliant, and well done. Or begun.)

The only way to fully fix publishing, advertising and surveillance-corrupted business in general is to equip individuals with terms they can assert in dealing with others online — and to do it at scale. Meaning we need terms that work the same way across all the companies we deal with. That’s why Customer Commons and Kantara are working on exactly those terms. For starters. And these will be our terms — not separate and different ones that live at each company we deal with. Those aren’t working now, and never will work, because they can’t. And they can’t because when you have to deal with as many different terms as there are parties supplying them, the problem becomes unmanageable, and you get screwed. That’s why —

There’s a new sheriff on the Net, and it’s the individual. Who isn’t a “user,” by the way. Or a “consumer.” With new terms of our own, we’re the first party. The companies we deal with are second parties. Meaning that they are the users, and the consumers, of our legal “content.” And they’ll like it too, because we actually want to do good business with good companies, and are glad to make deals that work for both parties. Those include expressions of true loyalty, rather than the coerced kind we get from every “loyalty” card we carry in our purses and wallets.

When we are the first parties, we also get scale. Imagine changing your terms, your contact info, or your last name, for every company you deal with — and doing that in one move. That can only happen when you are the first party.

So here’s a call to action.

If you want to help blow up the surveillance economy by helping develop much better ways for demand and supply to deal with each other, show up next week at the Computer History Museum for VRM Day and the Internet Identity Workshop, where there are plenty of people already on the case.

Then follow the work that comes out of both — as if your life depends on it. Because it does.

And so does the economy that will grow atop true privacy online and the freedoms it supports. Both are a helluva lot more leveraged than the ill-gotten data gains harvested by the Lumascape doing unwelcome surveillance.

Bonus links:

  1. All the great research Julia Angwin & Pro Publica have been doing on a problem that data harvesting companies have been causing and can’t fix alone, even with government help. That’s why we’re doing the work I just described.
  2. What Facebook Knows About You Can Matter Offline, an OnPoint podcast featuring Julia, Cathy O’Neill and Ashkan Soltani.
  3. Everything by Shoshana Zuboff. From her home page: “’I’ve dedicated this part of my life to understanding and conceptualizing the transition to an information civilization. Will we be the masters of information, or will we be its slaves? There’s a lot of work to be done, if we are to build bridges to the kind of future that we can call “home.” My new book on this subject, Master or Slave? The Fight for the Soul of Our Information Civilization, will be published by Public Affairs in the U.S. and Eichborn in Germany in 2017.” Can’t wait.
  4. Don Marti’s good thinking and work with Aloodo and other fine hacks.

no-ads-trackingHere is a list of pieces I’ve written on what has come to be known as the “adblock wars.” That term applies most to #22 (written August of ’15) those that follow. But the whole series works as a coherent whole that might make a good book if a publisher is interested.

  1. Why online advertising sucks, and is a bubble (31 October 2008)
  2. After the advertising bubble bursts (23 March 2009)
  3. The Data Bubble (31 July 2010)
  4. The Data Bubble II (30 October 2010)
  5. A sense of bewronging (2 April 2011)
  6. For personal data, use value beats sale value (13 February 2012)
  7. Stop making cows. Quit being calves. (21 February 2012)
  8. An olive branch to advertising (12 September 2012, on the ProjectVRM blog)
  9. What could/should advertising look like in 2020, and what do we need to do now for this future? (Wharton’s Future of Advertising project, 13 November 2012)
  10. Bringing manners to marketing (12 January 2013 in Customer Commons)
  11. Thoughts on Privacy (31 August 2013)
  12. What the ad biz needs is to evict direct marketing (6 October 2013)
  13. We are not fish and advertising is not food (23 January 2014 in Customer Commons)
  14. Earth to Mozilla: Come back home (12 April 2014)
  15. Why to avoid advertising as a business model (25 June 2014, re-running Open Letter to Meg Whitman, which ran on 15 October 2000 in my old blog)
  16. Time for digital emancipation (27 July 2014)
  17. Privacy is personal (2 July 2014 in Linux Journal)
  18. On marketing’s terminal addiction to data fracking and bad guesswork (10 January 2015)
  19. Thoughts on tracking based advertising (18 February 2015)
  20. Because freedom matters (26 March 2015)
  21. On taking personalized ads personally (27 March 2015)
  22. Captivity rules (29 March 2015)
  23. Separating advertising’s wheat and chaff (12 August 2015)
  24. Apple’s content blocking is chemo for the cancer of adtech (26 August 2015)
  25. Will content blocking push Apple into advertising’s wheat business? (29 August 2015)
  26. If marketing listened to markets, they’d hear what ad blocking is telling them (8 September 2015)
  27. Debugging adtext assumptions (18 September 2015)
  28. How adtech, not ad blocking, breaks the social contract (23 September 2015)
  29. A way to peace in the adblock war (21 September 2015, on the ProjectVRM blog)
  30. Beyond ad blocking — the biggest boycott in human history (28 Septemper 2015)
  31. Dealing with Boundary Issues (1 October 2015 in Linux Journal)
  32. Helping publishers and advertisers move past the ad blockade (11 October on the ProjectVRM blog)
  33. How #adblocking matures from #NoAds to #SafeAds (22 October 2015)
  34. How Will the Big Data Craze Play Out (1 November 2015 in Linux Journal)
  35. Ad Blockers and the Next Chapter of the Internet (5 November in Harvard Business Review)
  36. At last, Cluetrain’s time has come (5 December 2015)
  37. The End of Internet Advertising as We’ve Known It (11 December 2015 in MIT Technology Review)
  38. More thoughts on privacy (13 December 2015)
  39. Why ad blocking is good (17 December 2015 talk at the U. of Michigan)
  40. What we can do with ad blocking’s leverage (1 January 2016 in Linux Journal)
  41. Rethinking John Wanamaker (18 January 2016)

There are others, but those will do for now.

In There Is No More Social Media — Just Advertising, Mike Proulx (@McProulx) begins,

CluetrainFifteen years ago, the provocative musings of Levine, Locke, Searls and Weinberger set the stage for a grand era of social media marketing with the publication of “The Cluetrain Manifesto” and their vigorous declaration of “the end of business as usual.”

For a while, it really felt like brands were beginning to embrace online communities as a way to directly connect with people as human beings. But over the years, that idealistic vision of genuine two-way exchange eroded. Brands got lazy by posting irrelevant content and social networks needed to make money.

Let’s call it what it is: Social media marketing is now advertising. It’s largely a media planning and buying exercise — emphasizing viewed impressions. Brands must pay if they really want their message to be seen. It’s the opposite of connecting or listening — it’s once again broadcasting.

Twitter’s Dick Costello recently said that ads will “make up about one in 20 tweets.” It’s also no secret that Facebook’s organic reach is on life support, at best. And when Snapchat launched Discover, it was quick to point out that “This is not social media.”

The idealistic end to business as usual, as “The Cluetrain Manifesto” envisioned, never happened. We didn’t reach the finish line. We didn’t even come close. After a promising start — a glimmer of hope — we’re back to business as usual. Sure, there have been powerful advances in ad tech. Media is more automated, targeted, instant, shareable and optimized than ever before. But is there anything really social about it? Not below its superficial layer.

First, a big thanks to Mike and @AdAge for such a gracious hat tip toward @Cluetrain. It’s amazing and gratifying to see the old meme still going strong, sixteen years after the original manifesto went up on the Web. (And it’s still there, pretty much unchanged — since 24 March 1999.) If it weren’t for marketing and advertising’s embrace of #Cluetrain, it might have been forgotten by now. So a hat tip to those disciplines as well.

An irony is that Cluetrain wasn’t meant for marketing or advertising. It was meant for everybody, including marketing, advertising and the rest of business. (That’s why @DWeinberger and I recently appended dillo3#NewClues to the original.) Another irony is that Cluetrain gets some degree of credit for helping social media come along. Even if that were true, it wasn’t what we intended. What we were looking for was more independence and agency on the personal side — and for business to adapt.

When that didn’t happen fast enough to satisfy me, I started ProjectVRM in 2006, to help the future along. We are now many people and many development projects strong. (VRM stands for Vendor Relationship Management: the customer-side counterpart of Customer Relationship Management — a $20+ billion business on the sellers’ side.)

Business is starting to notice. To see how well, check out the @Capgemini videos I unpack here. Also see how some companies (e.g. @Mozilla) are hiring VRM folks to help customers and companies shake hands in more respectful and effective ways online.

Monday, at VRM Day (openings still available), Customer Commons (ProjectVRM’s nonprofit spinoff) will be vetting a VRM maturity framework that will help businesses and their advisors (e.g. @Gartner, @Forrester, @idc, @KuppingerCole and @Ctrl-Shift) tune in to the APIs (and other forms of signaling) of customers expressing their intentions through tools and services from VRM developers. (BTW, big thanks to KuppingerCole and Ctrl-Shift for their early and continuing support for VRM and allied work toward customer empowerment.)

The main purpose of VRM Day is prep toward discussions and coding that will follow over the next three days at the XXth Internet Identity Workshop, better known as IIW, organized by @Windley, @IdentityWoman and myself. IIW is an unconference: no panels, no keynotes, no show floor. It’s all breakouts, demos and productive conversation and hackery, with topics chosen by participants. There are tickets left for IIW too. Click here. Both VRM Day and IIW are at the amazing and wonderful Computer History Museum in downtown Silicon Valley.

Mike closes his piece by offering five smart things marketers can do to “make the most of this era of #NotReally social media marketing.” All good advice.

Here’s one more that leverages the competencies of agencies like Mike’s own (@HillHolliday): Double down on old-fashioned Madison Avenue-type brand advertising. It’s the kind of advertising that carries the strongest brand signal. It’s also the most creative, and the least corrupted by tracking and other jive that creeps people out. (That stuff doesn’t come from Madison Avenue, by the way. Its direct ancestor is direct marketing, better known as junk mail. I explain the difference here.) For more on why that’s good, dig what Don Marti has been saying.

(BTW & FWIW, I was also with an ad agency business, as a founder and partner in Hodskins Simone & Searls, which did kick-ass work from 1978 to 1998. More about that here.)

Bottom line: business as usual will end. Just not on any schedule.

 

Tags: , , , ,

IIW XX, IIW_XX_logothe 20th Internet Identity Workshop, comes at a critical inflection point in the history of VRM: Vendor Relationship Management, the only business movement working toward giving you both

  1. independence from the silos and walled gardens of the world; and
  2. better means for engaging with every business in the world — your way, rather than theirs.

If you’re looking for a point of leverage on the future of customer liberation, independence and empowerment, IIW is it.

Wall Street-sized companies around the world are beginning to grok what Main Street ones have always known: customers aren’t just “targets” to be “acquired,” “managed,” “controlled” and “locked in.” In other words, Cluetrain was right when it said this, in 1999:

if you only have time for one clue this year, this is the one to get…

Now it is finally becoming clear that free customers are more valuable than captive ones: to themselves, to the companies they deal with, and to the marketplace.

But how, exactly? That’s what we’ll be working on at IIW, which runs from April 7 to 9 at the Computer History Museum, in the heart of Silicon Valley: the best venue ever created for a get-stuff-done unconference.

Focusing our work is a VRM maturity framework that gives every company, analyst and journalist a list of VRM competencies, and every VRM developer a context in which to show which of those competencies they provide, and how far along they are along the maturity path. This will start paving the paths along which individuals, tool and service providers and corporate systems (e.g. CRM) can finally begin to fit their pieces together. It will also help legitimize VRM as a category. If you have a VRM or related company, now is the time to jump in and participate in the conversation. Literally. Here are some of the VRM topics and technology categories that we’ll be talking about, and placing in context in the VRM maturity framework:

Note: Another version of this post appeared first on the ProjectVRM blog. I’m doing a rare cross-posting here because it that important.

Tags: , , , , , , , , , , , , , ,

I just ran across a post (below) on my old blog from Tuesday, July 12, 2005: a few months less than ten years ago. It was at the tail end of what Tantek Çelik calls the Independent Web. He gives the time frame for that as roughly 2001-2005, peaking in 2003 or so. “We took it as an assumption that if you were creating, you were putting yourself on the Web, on your own site… We all assumed that it was sort of our inevitable destiny that the Web was open, the Net was open, everyone had their own identity — to the point where everyone knew each other not by our names but by our URLs, our domain names, because everyone owned their domain and had control over it.”

What happened, he adds, was silos. Twitter popularized simplicity. Then Facebook built a big new ecosystem “that has nothing to do with the open Web.” They also made lots of stuff, such as identity, highly convenient. Log in anywhere with Facebook Connect (and don’t look at what’s happening behind the curtain).

And now most of our experiences on the Web are inside and between giant silos that add up to a system Bruce Schneier calls feudal. It’s got some nice stuff in it, but it’s not ours. It’s theirs.

So, while we wait for emancipation, it’s interesting to look back on what life was like on the Web when it was still ours.

Note that what I wrote on the old blog was outlines. Every new post was a top level item, and subordinate ones came under it. Today Dave Winer gives us a similar tool with Liveblog.

Anyway, here ya go:::

+

I’ve always wanted MORE back. This looks really promising.

Virtualities

I’m at this meeting, through Phil Windley‘s laptop’s audio.

Anals of Customer Service, Part 235, 673,458,31 

John Paczkowski: The Cluetrain don’t stop in Round Rock no more. It starts with this fine fodder:

Begin by turning off all the LEDs on your keyboard. 

My keyboard doesn’t have any LEDs.

You must turn off the LEDs on your keyboard.

My keyboard doesn’t have any LEDs.

I can’t help you if you don’t turn off the LEDs.

— Excerpt from a Dell customer service call

Essentials

Mitch responds to the “connections” item below with,

I’m a little surprised that Doc’s take on the information is that people have “jumped to conclusions based on what one guy said,” since that is the very essence of blogging: A single correspondent reported something that would have otherwise been ignored. A lot of people are very interested in how Technorati might make money and, more to the point, help them make money.

It’s one thing to point to something one person said, and another to jump to conclusions based on it. To me the latter is not “the essence of blogging.” In fact, it’s what too many big-J journalists do, and what too many of those journalists also accuse bloggers of doing.

I like Mitch’s other points about Technorati’s business model(s). I think when this is over we’ll see a lot more transparency from everybody whose business lives in the blogosphere.

Jeremy Wright busts Technorati for its performance:

Technorati¹s index is slow. If it¹s taking Technorati 5-20 hours to bring a post in (if it does at all), that is 4-19 hours slower than Bloglines. It¹s inaccurate. It¹s lucky if it shows 10% of the results that PubSub, Bloglines and Blogpulse show. It¹s also a SLOW site. Response times of 1 minute aren¹t uncommon, and even then results sometimes simply aren¹t shown.

I stuck up for Technorati for quite a while (and they¹re featured prominently in the book, which I now regretŠ hopefully I won¹t by the time the book comes out). But, Technorati has had 2 years to fix it¹s problems. Doc wants us to cut them some more slack, but I¹ve just about run out of slack. There are other services that are faster, more detailed, more comprehensive and actually listen to bloggers¹ concerns instead of making excuses.

Andy Lark adds,

Good on Jeremy. Frankly, Technorati is a joke in terms of indexing speed and accuracy. I can tag posts and not see them, well, ever. The fact you get listed at all is a miracle. He is right. As a user, they have let the blogosphere down. Doc Searls has a longer post on this. Doc, it’s great you are all chums but for us mere minions it just ain’t working and what doesn’t work, doesn’t get used. Simple as that.

For what it’s worth, I have a pile of Technorati and PubSub subscriptions. And for a long time, PubSub kicked ass. (And I often let Technorati’s techies know about it.) Lately Technorati seems to be doing better. But hey, your mileage may vary. For what it’s worth, I found both Jeremy’s and Andy’s posts in a Technorati search.

That said, Technorati’s failings have done a lot to cost some users faith in the service. There are still outages and breakdowns. There are on any service that’s scaling at the same rate. How often have you seen Flickr down for a “massage”?

What matters is that they keep working on it and improving it. Looks to me like they’re doing that.

Okay, more stuff…

Stowe Boyd weighs in:

I suspect that one of the issues here is the lack of cluefulness of Technorati, however, who have seemed to surprise everyone with their intention to make money — and lots of it — from its activities and services. Here’ is a great opportunity for Dave Sifry and company to leverage what they know about blog dynamics to head off a potential big stink. Remember the “Founding Fathers” flap from the Always On/Technorati Open Media 100 announcement?…

Technorati will inevitably — to the degree that it is successful — influence the behavior of those who would like to benefit from the power thet comes from a high Technorati ranking, just like the lengths that people will go to in order to get a high Google ranking. As a result, Technorati will need to have very scrupulous business practices in its dealings with those to whom it sells its services.

This is likely to flare up into a big imbloglio, with many perspectives swirling around, and a lot of hand waving and finger pointing. But I think it is a tempest in a teapot. The implicit social connections that blog linking imply are public: they are there for anyone to see, and the individuals involved actively create those links with that in mind. This is not some sort of surreptitious surveillance, like video cameras on street lights, or someone tapping our phone calls. And more importantly, as Doc suggests, the world is a better place if big corporations begin to take advantage of this information to figure out what people think is important, whose thoughts and observations matter, and how to better understand what is going on in the world. What is the alternative? We — the Blogosphere — are going to a lot of trouble to read and link to one others’ writing out here; do we want the rest of the world to ignore it? We are trying hard to make sense of the world; it’s stupid to think we would be better off if the world doesn’t pay attention, and adapt to the feedback system we have become. The value of that feedback is enormous, and people should be free to make money from turning it into bite-sized chunks for companies that want to do better: build better products, provide better service, and innovate more quickly.

The Blogosphere is not some private club for those most actively engaged it in: its a global asset, a new means of understanding the world, and perhaps the best hope we have for making a better world.

Rex Hammock has a brief post.

Jason Dowdell writes,

I personally know Tom Foremski and would not have based my piece on his story if I didn’t know him as an actual journalist. Tom would not put up data if it weren’t true, no matter how exciting it might be. Regardless, Technorati has issues it needs to deal with or it’s going to face continued scrutiny on it’s performance issues and lack of completeness. David Sifry and team have made a ton of progress in recent months regarding the user interface and features and have squashed a ton of bugs on the way… but if the performance doesn’t get fixed then it’s going to be a major issue.

He says a lot more. Worth reading.

Steve Gillmor goes up a level:

Certainly the tone has shifted in the blogosphere. Finding and maintaining friendships will be sorely tested in the coming weeks and months. Great care must be taken to avoid misunderstandings, and sometimes, understanding all too well. It’s a time for leadership, not brinkmanship.

It’s always nice when we can fly under the radar, avoidng the messy details of who gets the money and how. I’ve been doing this with attention, building coalitions, evangelizing the obvious, wheeling and dealing. Recently I’ve stopped all that, partly because others have picked up the banner and mostly because I’m sick and tired of it. I’ve tried to explain why I’m no evangelist, only to come off sounding like I’m evangelizing the idea.

And Alan8373 says Conversation are Markets.

Eye on the ‘sphere

National Journal has launched Blogometer, “a daily report from The Hotline taking the temperature of the political blogosphere.”

The war on war

Britt Blaser…we Americans admire the terrorism problem too much as mass entertainment…

A small part of a big piece. Read the whole thing.

Department of Connections

It’s interesting to see the ripple effect of The selling of the Blogosphere—Technorati’s big push into monetizing its treasure trove of data collected about millions of blogs, by Tom Foremski at SiliconValleyWatcher. The item is still the top story on his site. There it’s titled “The Selling of the Blogosphere.” The subtext:

How Technorati hopes to market its treasure trove of data it collects on millions of blogs to corporations, exposing the relaxed intimacy of online conversations. It’s all part of a growing ecosystem of companies hoping to profit handsomely from the work of bloggers [Read].

Right now, according to Technorati, the item has been blogged about sixteen times. The top response (in reverse chronological order, from the search), posted twenty minutes ago by DeepLinking, says,

I gotta know how much Technorati is charging for the blog-clipping service SiliconValleyWatcher is talking about [via Jason Calacanis]. However, SVW’s shocked tone about the whole thing is silly and naive. If you’re not aware that the corporate world is freaked out about blogs and very much interested in understanding their impact, you need to hang out in the corporate world a little more.

Jason Calcanis is concerned about “repurposed content,” then adds,

I highly doubt that this service — if it even exists — would repurpose blog content. Technorati has been very good about taking only a snip of people¹s content. I don¹t see Dave taking liberties with people¹s content… Dave’s a good man.

A number of bloggers, including Mike SandersDave WinerJeremy Zawodnyand Disruptive Media Technologies, quoted this line from Tom Foremski’s piece:

What surprised me was how aggressively Mr Hirshberg was pitching Technorati’s expensive blog tracking services to this audience of agency and corporate communications professionals. Mr Whitmore barely mentioned his company, and I didn’t pitch anything, maybe I should have 🙂

Of those four, only Mike had something positive to say:

Of course legally and ethically there is nothing wrong with a company using public information to make millions. And I am pretty sure that Technorati advisors and Cluetrain authors Doc Searls and David Weinberger have thought about how this benefits the little guy, furthers the emergence of voice, and is additional proof that markets are conversations.

Jeremy Wright quoted the same section, and more, adding,

Not only is Technorati lagging behind in blog tracking, which is sad enough, but they¹re trying to sell their blog tracking services to corporations!

According to SiliconValley Watcher, they even made arses of themselves at a recent panel by “pitching” during the panel (a huge no-no)

Technorati tells me Jeremy posted that item 9 hours ago. Let’s see, it’s 10:45pm Pacific Time. Jeremy’s blog says he posted it at 4:45pm. Not sure what time zone he’s in. Still, I gotta say, what lag?

This piece was kinda snarky too.

Going down through the list here…

Naill Kennedy (who works for Technorati) was next.

Then comes Geek News Central, wondering out loud about how the service works.

Marc Canter writes,

$$$$$$Billions and billions$$$$$$ of dollars are spent every year on bullshit. On pure crap that is shoveled down our throats, trying to make us believe what they want us to buy.

But what happens when one, two, five ad agencies figure out how to REALLY track what people are thinking about?

What happens when some brand finds a way to put a warm and fuzzy spot in our hearts? Almost as if my magic.

All this is happening because someone named Peter Hirshberg decided to move back to SF. Peter is one of those Silicon Valley guys who’s watched our industry become one of the leading industry’s throughout the world today. All culture, commerce and emotions lead through our industry.

What is known as entertainment, marketing, influence and psychology is driven by technology today. Everything that we know – is ‘swatched’ in the veneer of technology. We wouldn’t be sitting here today, reading this post – if it wasn’t for technology. Almost nothing ‘happens’ without technology. That’s how big we are.

And at the forefront of technology is blogging and social software.

It’s about us, people, and once we get our hands on the wheel of our own destiny – look out world!

Our own realization of what our own power is – is what it’s all about.

Mitch Ratcliffe says,

Along with MarcDave and others, I’m increasingly confused by the messages coming out of Technorati. They are grasping in so many directions — as a consumer service and species of publisher with Technorati.com, as an enabling technology provider with tags and attention.xml, as a business intelligence service. Dave Sifry is a great entrepreneur, but it is impossible to do everything well.

He adds,

The concern raised by SiliconValleyWatcher, that Technorati is monetizing bloggers’ creativity without sharing the wealth is misplaced, I think. Technorati has avoided pirating bloggers’ work by making it important to clickthrough to read full postings. It makes it easier to find the source data of the conversation. Were it to start taking full feeds of data and republishing them for corporate customers, it would be violating the rights of authors who have non-commercial share-and-share-alike Creative Commons licenses, but the folks at Technorati are too smart to make that mistake.

Unfortunately, they don’t seem to realize that the “algorithms” of participation and influence — the market metrics for the conversational market — can’t be delivered by an enabler of the conversation that simultaneously shapes the conversation with a proprietary tagging scheme.

Mitch, whose company is Persuadio, goes on,

Persuadio analysis consistently finds that Technorati tags are changing the flow of data, meaning that any attempt to measure Technorati’s influence has to be conducted by a third party in order to be fair and unbiased.

Technorati, at least according to my old friend Peter Hirshberg’s comments, is talking like it is building Persuadio’s services, but they are not.

The list goes on.

Okay, a few questions.

First, How many witnesses reported on what Peter said on that panel? Answer: One. Another panelist, by the way. How many bloggers jumped to conclusions based on what one guy said?

Next: Are marketers clueless or cluefull about blogging?

If the answer is “clueless,” then don’t we want them to get the clues? Especially if all the raw data is nothing more than what’s been published on the free and open Web, and what’s sold is data about data rather than “repurposed content”?

Next: Do we think they can get all the clues they need from search engines and feeds of blogs and searches about blogs and other stuff that’s already out there?

If the answer is no, then what is wrong with selling those clues to people willing to pay for them?

Some perspective.

Technorati was born as a cool hack David Sifry came up with while he and I were writing this piece for Linux Journal. Later, after Dave made Technorati a company, I became a member of its advisory board.

David and I are friends. Peter is a friend too. I’m one of the advisors who urged David to hire Peter, who’s a brilliant and funny guy.

I’ve watched David and his crew work 24/7/365 scaling a search service that finds everything on the live and syndicated Web — that’s hugely complementary to the engines that search the static Web. They’ve rebuilt their infrastructure more times than I can remember. The whole thing has creaked and fallen a number of times, and kept going, kept improving.

They haven’t always followed my advice (not by a long shot), but they’ve always listened to what bloggers are saying.

Such as now, when I’m on the phone with David and Peter, going over each of these posts, seeing what can be learned from the company’s first experience talking about one of the ways it hopes to serve customers and make their business work for everybody.

Will they make mistakes? Sure. Who won’t?

And really: Was a mistake even made here? How can we be sure?

Will they learn from the public conversation that their own service is exposing to them? From what I’m hearing (and saying) on the phone, I’d say the answer is yes.

Hey, we’re all in new territory here. The big challenge isn’t to bust each other for mistakes. Or to play the Gotcha Game, which is one of the oldest and shittiest traditions in mass market journalism. It’s to help.

From the beginning, that’s what Technorati has been trying to do.

Right now, the helping is going back the other way. Which is a good thing.

[A few minutes later…] I just checked, and this post is already showing up in a Technorati search for “Peter Hirshberg”.

Blog(himand)her

Chris Nolan on Blogher (the not-really all-woman blogging conference):

This gives me a wonderful chance to state the obvious about this conference: IT IS NOT FOR WOMEN ONLY. Not only are men welcome — a statement that it seems absurd to have to make – but some are planning to attend.

She adds,

This gives me the chance to make another observation: If you are a man who like code and software and things that plug in, and is perhaps having trouble finding a girl who likes Java (and knows it’s not just a coffee) and undersands your inner Geek, this might be the PERFECT place for you to spend a summer afternoon.

The ratio at most tech conferences is hugely biased toward men. That will assuredly not be the case here.

The bull’s eye of her entreaties is Kevin Drum (read Chris’s links for the whole story); but all men (and women) are invited.

Blogher is Saturday, July 30, in Santa Clara, CA: the heart of Silicon Valley. Follow that last link for more info and to register.

I’d love to be there, but I have other commitments. Still, I recommend it highly.

Back to the present.

Nice to see that many of the people I volleyed with there are still around. And that some things persist. (For example, Blogher.) But it’s also sad to see how much is gone. Especially Technorati, which drew a huge amount of discussion then. It still exists as a company, but it ain’t what it was. But it’s good that it mattered.

Not want.

Need.

If a site has one of these…

social-signin

… what is the least information they need from the user?

Seems to me that “social” login buttons like these are meant for the convenience of the user. But too often liberties are taken with them.

For example, here is what one company says in its terms & conditions:

Certain functionality may enable you to log-in using Facebook Connect, a Facebook, Inc. application, which is intended to provide interconnectivity between the Services and your Facebook.com profile. By using the Connect feature, you permit us to access your facebook.com profile, including without limitation,  information about you, your friends and privacy settings. When you use the Connect feature, you also agree to allow Facebook, Inc. to use information about your activities on our site and to access your facebook.com cookies.

This is an otherwise respectful (and respectable) company, which is why I’m not naming them here. They are also a retailer, and not supported by advertising. Nor is their offering “social” in the “social media” sense.

And, while the company might want Facebook profile stuff to better understand their customers, do they need it?

In answering the question, What do fully respectful sites need from social login?, it helps to ask another question: What does the individual need from that button, other than to log in with one click?

I’m asking these questions because this button here…

respect-connect-button

… needs definition of what respectful login is.

As I said in Time for Digital Emancipation, the definition (via the Respect Trust Framework) is that the user and the site respect each other’s boundaries. So we need to say what those boundaries are, or what they might be under different conditions. But a good place to start is by asking what the bare minimum needs of a site are.

So, what are they?

Civilization is a draft. Provisional. Scaffolded. Under construction. For example:

DEC. OF INDEP. 1

That’s Thomas Jefferson‘s rough draft of the Declaration of Independence. The Declaration hasn’t changed since July 4, 1776, but the Constitution built on it has been amended thirty-three times, so far. The thirteenth of those abolished slavery, at the close of the Civil War, seventy-seven years after the Constitution was ratified.

Today we are in another struggle for equality, this time on the Net. As Brian Grimmer put it to me, “Digital emancipation is the struggle of the century.”

There is an ironic distance between those first two words: digital and emancipation. The digital world by itself is free. Its boundaries are those of binary math: ones and zeroes. Connecting that world is a network designed to put no restrictions on personal (or any) power, while reducing nearly to zero the functional distance between everybody and everything. Costs too. Meanwhile, most of what we experience on the Net takes place on the World Wide Web, which is not the Net but a layer on top of it. The Web is built on architectural framework called client-server. Within that framework, browsers are clients, and sites are servers. So the relationship looks like this:

calf-cow

In other words, client-server is calf-cow. (I was once told that “client-server” was chosen because “it sounded better than ‘slave-master.'” If anyone has the facts on that, let us know.)

Bruce Schneier gives us another metapor for this asymmetry:

It’s a feudal world out there.

Some of us have pledged our allegiance to Google: We have Gmail accounts, we use Google Calendar and Google Docs, and we have Android phones. Others have pledged allegiance to Apple: We have Macintosh laptops, iPhones, and iPads; and we let iCloud automatically synchronize and back up everything. Still others of us let Microsoft do it all. Or we buy our music and e-books from Amazon, which keeps records of what we own and allows downloading to a Kindle, computer, or phone. Some of us have pretty much abandoned e-mail altogether … for Facebook.

These vendors are becoming our feudal lords, and we are becoming their vassals.

It’s handy being a vassal. For example, you get to use these shortcuts into websites that require logins:

social-signin

To see how much personal data you risk spilling when you click on the Facebook one, visit iSharedWhat (by Joe Andrieu) for a test run. That spilled data can be used in many ways, including surveillance. The Direct Marketing Association tells us the purpose of surveillance is to give you a better “internet experience” through “interest-based advertising—ads that are intended for you, based on what you do online.” The DMA also provides tools for you to manage experiences of what they call “your ads,” by clicking on this tiny image here:

adchoicesbutton

It appears in the corners of ads from companies in the DMA’s AdChoice program. Here is one:

scottrade

The “AdChoices” text appears when you mouse over the icon. When I click on it, I get this:

scottradepopdown

Like most companies’ privacy policies, Scottrade’s says this: “Scottrade reserves the right to make changes to this Online Privacy Policy at any time.” But never mind that. Instead look at the links that follow. One of those leads to Opt Out From Behavioral Advertising By Participating Companies (BETA). There you can selectively opt out of advertising by dozens of companies. (There are hundreds of those, however. Most don’t allow opting out.)

I suppose that’s kind of them; but for you and me it’s a lot easier just to block all ads and tracking on our own, with a browser extension or add-on. This is why Adblock Plus tops Firefox’s browser add-ons list, which includes many other similar products as well. (The latest is Privacy Badger, from the EFF, which Don Marti visits here.)

Good as they are, ad and tracking blockers are still just prophylactics. They make captivity more bearable, but they don’t emancipate us. For that we need are first person technologies: ways to engage as equals on the open Net, including the feudal Web.

One way to start is by agreeing about how we respect each other. The Respect Trust Framework, for example, is a constitution of sorts, “designed to be self-reinforcing through use of a peer-to-peer reputation system.” Every person and company agreeing to the framework is a peer. Here are the five principles to which all members agree:

Promise We will respect each other’s digital boundaries

Every Member promises to respect the right of every other Member to control the Member Information they share within the network and the communications they receive within the network.

Permission We will negotiate with each other in good faith

As part of this promise, every Member agrees that all sharing of Member Information and sending of communications will be by permission, and to be honest and direct about the purpose(s) for which permission is sought.

Protection We will protect the identity and data entrusted to us

As part of this promise, every Member agrees to provide reasonable protection for the privacy and security of Member Information shared with that Member.

Portability We will support other Members’ freedom of movement

As part of this promise, every Member agrees that if it hosts Member Information on behalf of another Member, the right to possess, access, control, and share the hosted information, including the right to move it to another host, belongs to the hosted Member.

Proof We will reasonably cooperate for the good of all Members

As part of this promise, every Member agrees to share the reputation metadata necessary for the health of the network, including feedback about compliance with this trust framework, and to not engage in any practices intended to game or subvert the reputation system.

The Respect Network has gathered several dozen founding partners in a common effort to leverage the Respect Trust Framework into common use, and within it a market for VRM and services that help out. I’m involved with two of those partners: The Searls Group (my own consultancy, for which Respect Network is a client) and Customer Commons (in which I am a board member).

This summer Respect Network launched a crowd-funding campaign to get this new social login button rolling:

respect-connect-button

It’s called the Respect Connect button, and it embodies all the principles above; but especially the first one: We will respect each others’ digital boundaries. This makes itthe first safe social login button.

Think of the Respect Connect button project as a barn raising. There are lots of planks (and skills) you can bring, but the main ones will be your =names (“equals names”). These are sovereign identifiers you own and manage for yourself — unlike, say, your Twitter @ handle, which Twitter owns. (Organizations — companies, associations, governments — have +names and things have *names.)

Mine is =Doc.

Selling =names are CSPs: Cloud Service Providers. There are five so far (based, respectively, in Las Vegas, Vienna, London, New York/Jerusalem and Perth):

bosonweb-logo danube_clouds-logo paoga-logo emmett_global-logo onexus-logo

Here’s a key feature: they are substituable. You can port your =name from one to the other as easily as you port your phone number from one company to another. (In fact the company that does this in the background for both your =name and your phone number is Neustar, another Respect Network partner.)

You can also self-host your own personal cloud.

I just got back from a world tour of places where much scaffolding work is going up around this and many other ways customers and companies can respect each other and grow markets. I’ll be reporting more on all of it in coming posts. Meanwhile, enjoy some photos.

 

« Older entries