personal data

You are currently browsing the archive for the personal data category.

dat is the new love

Personal data, that is.

Because it’s good to give away—but only if you mean it.

And it’s bad to take it, even it seems to be there for the taking.

I bring this up because a quarter million pages (so far) on the Web say “data is the new oil.”

That’s because a massive personal data extraction industry has grown up around the simple fact that our data is there for the taking. Or so it seems. To them. And their apologists.

As a result, we’re at a stage of wanton data extraction that looks kind of like the oil industry did in 1920 or so:

It’s a good metaphor, but for a horrible business. It’s a business we need to reform, replace, or both. What we need most are new industries that grow around who and what we are as individual human beings—and as a society that values what makes us human.

Our data is us. Each of us. It is our life online. Yes, we shed some data in the course of our activities there, kind of like we shed dandruff and odors. But that’s no excuse for the extractors to frack our lives and take what they want, just because it’s there, and they can.

Now think about what love is, and how it works. How we give it freely, and how worthwhile it is when others accept it. How taking it without asking is simply wrong. How it’s better to earn it than to demand it. How it grows when it’s given. How we grow when we give it as well.

True, all metaphors are wrong, but that’s how metaphors work. Time is not money. Life is not travel. A country is not a family. But all those things are like those other things, so we think and talk about each of them in terms of those others. (By saving, wasting and investing time; by arriving, departing, and moving through life; by serving our motherlands, and honoring our founding fathers.)

Oil made sense as a metaphor when data was so easy to take, and the resistance wasn’t there.

But now the resistance is there. More than half a billion people block ads online, most of which are aimed by extracted personal data. Laws like the GDPR have appeared, with heavy fines for taking personal data without clear permission.

I could go on, but I also need to go to bed. I just wanted to get this down while it was in the front of my mind, where it arrived while discussing how shitty and awful “data is the new oil” was when it first showed up in 2006, and how sadly popular it has become since then:

It’s time for a new metaphor that expresses what our personal data really is to us, and how much more it’s worth to everybody else if we keep, give and accept it on the model of love.

You’re welcome.

 

symbiosis

Synopsis—Advertising supported publishing in the offline world by sponsoring it. In the online world, advertising has been body-snatched by adtech, which tracks eyeballs via files injected into apps and browsers, then shoots those eyeballs with “relevant” ads wherever the eyeballs show up. Adtech has with little or no interest in sponsoring a pub for the pub’s own worth. Worse, it encourages fake news (which is easier to produce than the real kind) and flooding the world with “content” rather than old-fashioned (and infinitely more worthwhile) editorial. When publishers agreed to funding by adtech, they sold their souls and their readers down a river full of fraud and malware, as well as indefensible manners. Fortunately, readers can bring both publishers and advertisers back into a soulful reunion. Helpfully, the GDPR makes it illegal not to, and that will be a huge issue as the deadline for compliance (next May 25th) approaches.


Yesterday Digiday published The GDPR will help or hurt publishers, depending on who you ask, by Ross Benes (@RossBenes). I was one of the people Ross asked, and the piece includes a quote from me. His question went this way:

I saw this blog you wrote about the topic.

http://blogs.harvard.edu/vrm/2017/09/03/good-news-for-publishers-and-advertisers-fearing-the-gdpr/

Do you think advertisers will pay enough for SafeAds to offset the losses publishers will have from selling fewer targeted ads due to privacy regs?

It’s a good question. (That’s what people say when they don’t have an answer, or can’t think of an easy one right away. But…) I thought about it, and replied with this:

Yes, and then some.

They’ll do it because there is more brand value to SafeAds.

The bigger question is for publishers: what business do they want to be in?

Do they want to operate barrels of “content” full of tracked fish baited there so adtech can shoot them with “interest-based” ads?

Or do they want to operate actual publications with good editorial that advertisers sponsor so their ads can be seen by readers who know those ads support the publication and are appropriate without being personal?

That’s the choice.

It helps that the second business — actual publishing — has been around for a couple hundred years, and even worked fine on the Web before publishers fell for the adtech sell.

Publishers sold a big piece of their soul when they consented to having their readers’ privacy violated, and with rampant impunity, by adtech. They also chose to ignore the fact that adtech is in the business of chasing eyeballs, not of sponsoring the good work publishers do, or of building brand reputation. (Which can’t be done by shooting people constantly with “interest-based” ads that mostly creep people out if they hit a bulls-eye.)

The GDPR, if it works like it should, will force publishers to fire adtech and normalize their relationship with readers. When that happens, publishers, advertisers, readers and agents for all three can start working out better business models than the creepy one we’ve had with adtech.

More of that in my People vs. Adtech series: http://j.mp/adbwars.

Ross quoted the first sentence of the second-to-last paragraph, which is probably the best one of the bunch he could have used. Most of the quotes he gathered from other folks in the biz were also very good. I study this topic a lot, and I still learned some new things. Hats off for that.

While I’m saluting what I just learned from Ross, however, I also want to visit some assumptions that surface in his piece. They aren’t his, but rather pretty much everybody’s, and that’s a problem. Here are four of them.

1) Consent can only go one way, meaning each of us should always be the ones consenting to terms proffered by sites and services. Here’s how Ross puts it:

The General Data Protection Regulation, which prevents brands from using a person’s data unless they have explicit permission to do so, could send more ad dollars to premium publishers that are more likely to obtain user consent than lower-quality publishers.

In fact consent can go the other way, meaning the publisher or advertiser can consent to our terms.

It is only because we made a Faustian bargain with client-server in 1995 that we remain stuck inside a model that assumes we “users” should always be second (and second-class) parties, with no choice but to agree as “clients” to terms proffered by server operators.

It helps that the Internet was designed so any one of us can be peers. This is an especially good design feature in the age that (at least I hope) begins with the GDPR.

One reason why I’m encouraged about the GDPR is that it says each of us can be “data controllers” as well as “data subjects.” (White & Case have a good unpacking of that, here.)

I visit the possibilities in Good news for publishers and advertisers fearing the GDPR (3 September in ProjectVRM), How to plug the publishing revenue drain (9 June 2017 in Medium), Why #NoStalking is a good deal for publishers (11 May 2016, and in Medium), How customers can debug business with one line of code (19 April 2016 in ProjectVRM and in Medium) and An invitation to settle matters with @Forbes, @Wired and other publishers (15 April 2016 and in Medium).

2) The choice is between “acceptable” and “unacceptable” ads (as Adblock Plus believes) or between “intrusive” ads and those that aren’t.

In fact the real choice is between ads based on tracking and those that aren’t (which I call #SafeAds in Good news for publishers and advertisers fearing the GDPR, and which are what you see in all non-digital commercial media).

Tracking is the reason ad blocking, which has been around since 2003, didn’t hockey-stick toward the sky until 2012. That was when publishers and advertisers, led by the IAB, gave the middle finger to Do Not Track, which was merely a polite request not to be tracked that people could express in their browsers.

I wrote about this in Ad Blockers and the Next Chapter of the Internet (5 November in Harvard Business Review) and Beyond ad blocking — the biggest boycott in human history (28 Septemper 2015). Here’s a graphic showing what happened:

I also unpack the difference between SafeAds and tracking based ones (aka adtech) in Separating advertising’s wheat and chaff (12 August 2015, and on 2 July 2016 in an updated version in Medium).

3) The best advertising is the most measurable, and is looking for a response from an individual.

That’s not true for advertising, but it is for direct response marketing (the wheat and chaff I talk about in the last cited piece). Unfortunately, as I say in that piece, “Madison Avenue fell asleep, direct response marketing ate its brain, and it woke up as an alien replica of itself.”

The outlines of that alien replica can be seen in what Ross cites here:

Eric Berry, CEO of native ad platform TripleLift, said the GDPR could lead to a reduction in programmatic ad spend because ad buyers will struggle to measure whether their ads lead to purchases. There’s uncertainty about how the law will be enforced, but if users have to give consent to individual publishers, demand-side platforms and attribution vendors, the attribution companies won’t likely have enough data to make accurate measurements, which will lead ad buyers to shift their dollars to other marketing tactics. This would hurt publishers that rely on programmatic ad revenue, he said.

There is a reason perhaps a $trillion has been spent on adtech and not one worldwide brand everyone can name has been created by it, much less sustained or helped in any way.

As Don Marti says, only real advertising can carry the full economic and creative signals required to create and sustain a brand. And, as Bob Hoffman hammers home constantly (and very artfully) in The Ad Contrarian, the ad industry’s equation of “digital” with tracking is based entirely on bullshit. (His term, and the right one.)

Direct response marketing, which began as junk mail, and which looks to measure results for every message, wasn’t designed for that, and can’t do it.

Calling direct response marketing advertising was one of the biggest mistakes the ad industry ever made and masks the real problem the GDPR invites, which is that we risk throwing out the SafeAds baby with the FakeAds (adtech) bathwater.

If all the GDPR leads publishers to do is (as Ross says in his piece) “use intrusive messages — like pop-ups or interstitials — to get user consent,” and the EU fails to fine publishers and their adtech funders for violating the spirit as well as the letter of the GDPR, the GDPR will be as big a fail as the useless cookie consent notices people see on European sites.

4) There’s nothing really wrong with adtech.

Pretty much everything is wrong about adtech, but perhaps the wrongest of the wrong is the problem Siva Vaidhyanathan (@sivasaid) visits in a NY Times piece titled Facebook Wins, Democracy Loses. Here’s a pull quote:

A core principle in political advertising is transparency — political ads are supposed to be easily visible to everyone, and everyone is supposed to understand that they are political ads, and where they come from. And it’s expensive to run even one version of an ad in traditional outlets, let alone a dozen different versions. Moreover, in the case of federal campaigns in the United States, the 2002 McCain-Feingold campaign-finance act requires candidates to state they approve of an ad and thus take responsibility for its content.

The bold-face is mine (or actually my wife’s, who found and highlighted it for me).

The economic signaling value of an ad comes from what it costs. Only a brand with a lot of heft can afford to sponsor a publication or a mainstream broadcaster. But it’s super-cheap to run ads that narrowcast to just a few people. Or to put up a fake news site. (Both are big reasons why journalism is now drowning in a sea of contentAdtech is what paid publishing to trade journalism for “content generation.” This is a cancer on advertising, publishing and journalism, and makes adtech the Agent Smith of digital.)

What’s more, adtech has created environments where micro-targeted ads and adtech-funded fake news can work very effectively to destroy brands.

Consider this possibility: Trump and his sympathizers succeeded in destroying Hillary Clinton’s brand, and there wasn’t a damn thing any of her own big-budget and big-media branding efforts (#SafeAds all) could do about it. (And try, if you are a Trump sympathizer, to ignore whatever you think about how much Hillary brought it on herself or deserved it. In badness of the smear-worthy sort, she has plenty of company, especially Trump. In using modern adtech and fake news methods, the Trump campaign and those helping it were very smart and effective.)

As Siva says in his Times piece,

Ads on [Facebook] meant for, say, 20- to 30-year-old home-owning Latino men in Northern Virginia would not be viewed by anyone else, and would run only briefly before vanishing. The potential for abuse is vast. An ad could falsely accuse a candidate of the worst malfeasance a day before Election Day, and the victim would have no way of even knowing it happened. Ads could stoke ethnic hatred and no one could prepare or respond before serious harm occurs.

Can the GDPR address that problem?

Yes, by supporting individuals (not mere “users” or “consumers”) operating as first parties, getting the good publishers to agree not to run ads like the ones Siva describes, and to open the floodgates to brand ads that actually sponsor those publications, rather than regarding them as bait for shooting tracked eyeballs.

I explain how this will work in What if businesses agreed to customers’ terms and conditions? (28 April 2017 in Medium) as well as in a number of posts in my People vs. Adtech series.

In the long run only the targets of advertising can stop advertisers and publishers from driving drunk on digital, and to start respecting the very people they’ve been abusing.

If that fails, we’ll finally get one answer to the question I asked in January of last year: What if we don’t need advertising at all?

away2remember2manytabsFor today’s entries, I’m noting which linked pieces require you to turn off tracking protection, meaning tracking is required by those publishers. I’m also annotating entries with hashtags and organizing sections into bulleted lists.


#AdBlocking and #Advertising

#Apple

#Photography

#Other

This is a second draft of this post, corrected by Denise Howell’s comment below. Key facts: I am not a lawyer. She is. Good one, too. So take heed (as I just did). And read on.

nouber

Uber has new terms for you:

User Provided Content.

Uber may, in Uber’s sole discretion, permit you from time to time to submit, upload, publish or otherwise make available to Uber through the Services textual, audio, and/or visual content and information, including commentary and feedback related to the Services, initiation of support requests, and submission of entries for competitions and promotions (“User Content”). Any User Content provided by you remains your property. However, by providing User Content to Uber, you grant Uber a worldwide, perpetual, irrevocable, transferable, royalty-free license, with the right to sublicense, to use, copy, modify, create derivative works of, distribute, publicly display, publicly perform, and otherwise exploit in any manner such User Content in all formats and distribution channels now known or hereafter devised (including in connection with the Services and Uber’s business and on third-party sites and services), without further notice to or consent from you, and without the requirement of payment to you or any other person or entity.

The emphasis is mine. Interesting legal hack there: you own your data, but you license it to them, on terms that grant you nothing and grant them everything.

Talk about a deal breaker. Wow. (Except it’s also the old deal.)

Here’s the prior (and still current) version.

The new one goes into effect on 21 November. As I read that (when I wrote the first draft of this post), they have sale on personal data pending until that time.

For what it’s worth (nothing, given the above), here’s Uber’s privacy policy.

Meanwhile, here are Lyft’s terms:  Its privacy policy is on the same page, but here’s a direct link.

At the very least, Lyft should make hay on this, if they actually do have an advantage in the degree to which they protect privacy. (Denise, below, says they don’t. But hey, maybe they could if they wanted to compete on privacy.)

Here’s what matters (and remains unchanged from Denise’s corrections):::

We need our own terms. Meaning each of us should be the first party in agreements with service providers, not the second. Meaning they need to agree to our terms.

That’s Customer Commons’ reason for being. Just as Creative Commons is where you will find copyright terms you can assert as an artist, Customer Commons will be where you will find service terms you can assert as a customer.

With the wind of new .eu and .au  privacy laws (e.g. the EU’s GDPR) at our backs, we stand a good chance of making this happen.

The question is how we can get some mojo behind it. Thoughts welcome. Shoulders to the wheel as well.

Save

Save

Save

Tags: , , , , ,