Where there’s folk there’s fire

That headline was, far as I know, first uttered by Britt Blaser in a March 2007 blog post titled The people’s law trumps the power law. It was thirteen years ahead of its time.

Among many others, Britt was energized by  The Cluetrain Manifesto‘s 95 Theses, which David Weinberger, Chris Locke, Rick Levine and I nailed to the Web in April 1999. Today the one-liner most often quoted from Cluetrain is its the first of those theses: Markets are conversations, which then became the title of a chapter in the book version of the Manifesto, which appeared in January 2000 and quickly became a business bestseller. Today the word “cluetrain,” which didn’t exist before 1999, is tweeted daily by people all over the world and appears (says Google) on more than 1.3 million Web pages.

In the 10th Anniversary (2010) edition of the book, I explained that markets were actually three things:

  • transactions,
  • conversations, and
  • relationships

I learned that separately from two teachers, weeks apart in 2000. Both were responding to Cluetrain‘s markets are conversations line, which became a runaway marketing meme shortly after the book came out. One of those teachers was Eric S. Raymond, a devout atheist and libertarian who almost single-handedly made open source a thing, starting two years earlier. The other was Sayo Ajiboye, a Nigerian pastor I met on a plane.

Both suggested markets are relationships as a corollary to markets are conversations and markets are transactions; but it was Sayo who gave me the assignment I’m still working on here with Customer Commons: to make markets are relationships far more real than what customer relationship management (CRM) and related corporate functions imagined it was, because they were all too busy thinking markets are transactions. Seeing markets as conversations would be a step forward, Sayo said, but not a big enough step. Relationship was key to fully realizing free, open and productive markets in the industrial world, and it could only be fully achieved by working on solutions from the customers’ side.

That’s why I started ProjectVRM at Harvard’s Berkman (now Berkman Klein) Center in 2006, and why it’s still going strong today, both by itself and in the forms of Customer Commons (its one direct spin-off), the IEEE 7012 working group, and lately the Me2B Alliance as well. (The 2 in Me2B is about relationship, as I explain here.)

I’ve written about my encounter with Sayo in a number of places. But the most relevant to our work here is Mashing Up a Commons, published in the June 2006 issue of Linux Journal, three months before I became a fellow with the Berkman Center and started ProjectVRM. Without that encounter, there is a good chance neither would have happened.

Mashing up a commons is still our assignment. I believe it will be the most leveraged thing to happen to markets since the Internet showed up. I first explained why in Free Customers Make Free Markets, posted in November 2007. It closes with the headline above.

The time wasn’t right then, but it is now. Let’s do it.

Customers as a Third Force

Almost all arguments in economics are advanced by two almost opposed positions, each walled into the castles of their ideologies, both insisting that their side has the solutions and the other side causes the problems—while meanwhile between the two flows a river of customers who, if they could be heard, and could participate with more than their cash, would have solutions of their own.

Customer Commons’s job is giving those customers full agency for dealing with both the businesses and governments of the world, and in the process proving that free customers are more valuable—to themselves and the businesses of the world—than captive (or tracked) ones.

It’s a long fight, dating back to the personal agency we lost when industry won the industrial revolution. And it’s one we continue to lose, in many ways, through these early decades of the digital revolution.

If it weren’t losing, we wouldn’t have books such as Shoshana Zuboff‘s In the Age of Surveillance Capitalism, Brett Frischmann and Evan Sellinger‘s Re-Engineering Humanity, Jaron Lanier,’s You are Not a Gadget (and pretty much everything else he’s written), plus what Nicholas Carr, David Weinberger, and many others have been saying for years.

The problem with most of what’s been written so far is that it assumes customers will remain victims unless companies or governments (and mostly the latter) rescue them. There is little sense that customers can also bring solutions to the market—ones that are good for every party involved.

One notable exception is Brett and Evan’s book, mentioned above, which closes with a hopeful nod toward some of our work here at Customer Commons:

Doc Searls and his colleagues at Customer Commons have been working for years on standardized terms for customers to use in managing their relationships with websites and other vendors… [his] dream of customers systematically using contract and related tools to manage their relationships with vendors now seems feasible. It could be an important first step toward flipping the scientific-management-of-consumers script we’ve become so accustomed to.”

My own work here started with Linux Journal in 1994, and gained some notoriety with The Cluetrain Manifesto (co-written with David Weinberger, Christopher Locke and Rick Levine) in 1999. Then, after notoriety didn’t seem to be working, I launched ProjectVRM at Harvard’s Berkman Klein Center in 2006, and in 2012spun out Customer Commons, which since then has quietly been developing on the personal data usage terms Brett and Evan mentioned above.

These are terms that each of us can proffer, and which the businesses of the world can agree to—as an alternative to the reverse, which has become a bane of online existence, alas made worse by normalization of insincere and misleading cookie notices on the Web, caused by (what we regard as a misreading of) the GDPR: a sad example of policy failing to fix a market problem. (So far. In another post we’ll visit ways the GDPR and California’s CCPA might actually help.)

The term third force has multiple uses already, the most common of which seem especially relevant our work here:

  •  “A group of people or nations that mediates between two opposed groups…” —  Free Dictionary
  • (A humanistic psychology that) focuses on inner needs, happiness, fulfillment, the search for identity, and other distinctly human concerns. Psychology: An Introduction, by Russell A. Dewey, PhD

Since customers and citizens are opposed to neither business nor government, but constantly look for positive outcomes in their dealings and relationships with both, third force works.

— Doc Searls

 

Privacy is personal. Let’s start there.

The GDPR won’t give us privacy. Nor will ePrivacy or any other regulation. We also won’t get it from the businesses those regulations are aimed at.

Because privacy is personal. If it wasn’t we wouldn’t have invented clothing and shelter, or social norms for signaling to each what’s okay and what’s not okay.

On the Internet we have none of those. We’re still as naked as we were in Eden.

But let’s get some perspective here:  we invented clothing and shelter long before we invented history, and most of us didn’t get online until long after Internet service providers and graphical browsers showed up in 1994.

In these early years, it has been easier and more lucrative for business to exploit our exposed selves than it has been for technology makers to sew (and sell) us the virtual equivalents of animal skins and woven fabrics.

True, we do have the primitive shields called ad blockers and tracking protectors. And, when shields are all you’ve got, they can get mighty popular. That’s why 1.7 billion people on Earth were already blocking ads online by early 2017.† This made ad blocking the largest boycott in human history. (Note: some ad blockers also block tracking, but the most popular ad blocker is in the business of selling passage for tracking to companies whose advertising is found “acceptable” on grounds other than tracking.)

In case you think this happened just because most ads are “intrusive” or poorly targeted, consider the simple fact that ad blocking has been around since 2004, yet didn’t hockey-stick until the advertising business turned into direct response marketing, hellbent on collecting personal data and targeting ads at eyeballs.††

This happened in the late ’00s, with the rise of social media platforms and programmatic “adtech.” Euphemized by its perpetrators as  “interactive,” “interest-based,” “behavioral” and “personalized,” adtech was, simply-put, tracking-based advertising. Or, as I explain at the last link direct response marketing in the guise of advertising.

The first sign that people didn’t like tracking was Do Not Track, an idea hatched by  Chris Soghoian, Sid Stamm, and Dan Kaminsky, and named after the FTC’s popular Do Not Call Registry. Since browsers get copies of Web pages by requesting them (no, we don’t really “visit” those pages—and this distinction is critical), the idea behind Do Not Track was to make to put the request not to be tracked in the header of a browser. (The header is how a browser asks to see a Web page, and then guides the data exchanges that follow.)

Do Not Track was first implemented in 2009 by Sid Stamm, then a privacy engineer at Mozilla, as an option in the company’s Firefox browser. After that, the other major browser makers implemented Do Not Track in different ways at different times, culminating in Mozilla’s decision to block third party cookies in Firefox, starting in February 2013.

Before we get to what happened next, bear in mind that Do Not Track was never anything more than a polite request to have one’s privacy respected. It imposed no requirements on site owners. In other words, it was a social signal asking site owners and their third party partners to respect the simple fact that browsers are personal spaces, and that publishers and advertisers’ rights end at a browser’s front door.

The “interactive” ad industry and its dependents in publishing responded to that brave move by stomping on Mozilla like Gozilla on Bambi:

In this 2014 post  I reported on the specifics how that went down:

Google and Facebook both said in early 2013 that they would simply ignore Do Not Track requests, which killed it right there. But death for Do Not Track was not severe enough for the Interactive Advertising Bureau (IAB), which waged asymmetric PR warfare on Mozilla (the only browser maker not run by an industrial giant with a stake in the advertising business), even running red-herring shit like this on its client publishers websites:

As if Mozilla was out to harm “your small business,” or that any small business actually gave a shit.

And it worked.

In early 2013, Mozilla caved to pressure from the IAB.

Two things followed.

First, soon as it was clear that Do Not Track was a fail, ad blocking took off. You can see that in this Google Trends graph†††, published in Ad Blockers and the Next Chapter of the Internet (5 November 2015 in Harvard Business Review):

Next, ad searches for “how to block ads” rose right in step with searches for retargeting, which is the most obvious evidence that advertising is following you around:

You can see that correlation in this Google Trends graph in Don Marti’s Ad Blocking: Why Now, published by DCN (the online publishers’ trade association) on 9 July 2015:

Measures of how nearly all of us continue to hate tracking were posted by Dr. Johnny Ryan (@johnnyryan) in PageFair last September. In that post, he reports on a PageFair “survey of 300+ publishers, adtech, brands, and various others, on whether users will consent to tracking under the GDPR and the ePrivacy Regulation.” Bear in mind that the people surveyed were industry insiders: people you would expect to exaggerate on behalf of continued tracking.

Here’s one result:

Johnny adds, “Only a very small proportion (3%) believe that the average user will consent to ‘web-wide’ tracking for the purposes of advertising (tracking by any party, anywhere on the web).” And yet the same survey reports “almost a third believe that users will consent if forced to do so by tracking walls,” that deny access to a website unless a visitor agrees to be tracked.”

He goes on to add, “However, almost a third believe that users will consent if forced to do so by ‘tracking walls”, that deny access to a website unless a visitor agrees to be tracked. Tracking walls, however, are prohibited under Article 7 of the GDPR, the rules of which are already formalised and will apply in law from late May 2018.[3] “

Which means that the general plan by the “interactive” advertising business is to put up those walls anyway, on the assumption that people will think they won’t get to a site’s content without consenting to tracking. We can read that in the subtext of IAB Europe‘s Transparency and Consent Framework, a work-in-progress you can follow here on Github., and read unpacked in more detail at AdvertisingConsent.eu.

So, to sum all this up, so far online what we have for privacy are: 1) popular but woefully inadequate ad blocking and tracking protection add-ons in our browsers; 2) a massively interesting regulation called the GDPR…

… and 3) plans by privacy violators to obey the letter of that regulation while continuing to violate its spirit.

So how do we fix this on the personal side? Meaning, what might we have for clothing and shelter, now that regulators and failed regulatory captors are duking it out in media that continue to think all the solutions to our problems will come from technologies and social signals other than our own?

Glad you asked. The answers will come in our next three posts here. We expect those answers to arrive in the world and have real effects—for everyone except those hellbent on tracking us—before the 25 May GDPR deadline for compliance.


† From Beyond ad blocking—the biggest boycott in human history: “According to PageFair’s 2017 Adblock Report, at least 615 million devices now block ads. That’s larger than the human population of North America. According to GlobalWebIndex, 37% of all mobile users, worldwide, were blocking adsby January of last year, and another 42% would like to. With more than 4.6 billion mobile phone usersin the world, that means 1.7 billion people are blocking ads already—a sum exceeding the population of the Western Hemisphere.”

†† It was plain old non-tracking-based advertising that not only only sponsored publishing and other ad-suported media, but burned into people’s heads nearly every brand you can name. After a $trillion or more has been spent chasing eyeballs, not one brand known to the world has been made by it. For lots more on all this, read everything you can by Bob Hoffman (@AdContrarian) and Don Marti (@dmarti).

††† Among the differences between the graph above and the current one—both generated by the same Google Trends search—are readings above zero in the latter for Do Not Track prior to 2007. While there are results in a search for “Do Not Track” in the 2004-2006 time frame, they don’t refer to the browser header approach later branded and popularized as Do Not Track.

Also, in case you’re reading this footnote, the family at the top is my father‘s. He’s the one on the left. The location was Niagara Falls and the year was 1916. Here’s the original. I flipped it horizontally so the caption would look best in the photo.

 

Privacy is an Inside Job

The Searls Wanigan, 1949
Ordinary people wearing and enjoying the world’s original privacy technology: clothing and shelter. (I’m the one on top. Still had hair then.)

Start here: clothing and shelter are privacy technologies. We use them to create secluded spaces for ourselves. Spaces we control.

Our ancestors have been wearing clothing for at least 170,000 years and building shelters for at least half a million years. So we’ve had some time to work out what privacy means. Yes, it differs among cultures and settings, but on the whole it is well understood and not very controversial.

On the Internet we’ve had about 21 years*. That’s not enough time to catch up with the physical world, but hey: it’s still early.

It helps to remember that nature in the physical world doesn’t come with privacy. We have to make our own. Same goes for the networked world. And, since most of us don’t yet have clothing and shelter in the networked world, we’re naked there.

So, since others exploit our exposure — and we don’t like it — privacy on the Internet is very controversial. Evidence: searching for “privacy” brings up 4,670,000,000 results. Most of the top results are for groups active in the privacy cause, and for well-linked writings on the topic. But most of the billions of results below that are privacy policies uttered in print by lawyers for companies and published because that’s pro forma.

Most of those companies reserve the right to change their policies whenever they wish, by the way, meaning they’re meaningless.

For real privacy, we can’t depend on anybody else’s policies, public or private. We can’t wait for Privacy as a Service. We can’t wait for our abusers to get the clues and start respecting personal spaces we’ve hardly begun to mark out (even though they ought to be obvious). And we can’t wait for the world’s regulators to start smacking our abusers around (which, while satisfying, won’t solve the problem).

We need to work with the knitters and builders already on the case in the networked world, and recruit more to help out. Their job is to make privacy policies technologies we wear, we inhabit, we choose, and we use to signal what’s okay and not okay to others.

The EFF has been all over this for years. So have many developers on the VRM list. (Those are ones I pay the most attention to. Weigh in with others and I’ll add them here.)

The most widely used personal privacy technology today is ad and tracking blockingMore than 200 million of us now employ those on our browsers. The tools are many and different, but basically they all block ads and/or tracking at our digital doorstep. In sum this amounts to the largest boycott in human history.

But there’s still no house behind the doorstep, and we’re still standing there naked, even if we’ve kept others from planting tracking beacons on us.

One of the forms privacy takes in the physical world is the mutual understanding we call manners, which are agreements about how to respect each others’ intentions.

Here at Customer Commons, we’ve been working on terms we can assert, to signal those intentions. Here’s a working draft of what they look like now:

UserSubmittedTerms1stDraft

That’s at the Consent and Information Working Group. Another allied effort is Consent Receipt.

If you’re working on privacy in any way — whether you’re a geek hacking code, a policy maker, an academic, a marketer trying to do the right thing, or a journalist working the privacy beat — remember this: Privacy is personal first. Before anything elseIf you’re not working on getting people clothing and shelter of their own, you’re not helping where it’s needed.

It’s time to civilize the Net. And that’s an inside job.

__________________

*If we start from the dawn of ISPs, graphical browsers, email and the first commercial activity, which began after the NSFnet went down on 30 April 1995.

 

 

 

New Rules for Privacy Regulations

The Wall Street Journal has an informative conversation with Lawrence Lessig: Technology Will Create New Models for Privacy Regulation. What underlies a change toward new models are two points: the servers holding vast user databases are increasingly (and very cheaply) breached, and the value of the information in those databases is being transferred to something more aligned to VRM: use of the data, on a need to know basis. Lessig notes:

The average cost per user of a data breach is now $240 … think of businesses looking at that cost and saying “What if I can find a way to not hold that data, but the value of that data?” When we do that, our concept of privacy will be different. Our concept so far is that we should give people control over copies of data. In the future, we will not worry about copies of data, but using data. The paradigm of required use will develop once we have really simple ways to hold data. If I were king, I would say it’s too early. Let’s muddle through the next few years. The costs are costly, but the current model of privacy will not make sense going forward.

The challenge, notes Lessig, is “a corrupt Congress” that is more interested in surveillance than markets and doing business. Perhaps that isn’t a problem, according to an Associated Press poll (which has no bias, of course!):

According to the new poll, 56 percent of Americans favor and 28 percent oppose the ability of the government to conduct surveillance on Internet communications without needing to get a warrant. That includes such surveillance on U.S. citizens. Majorities both of Republicans (67 percent) and Democrats (55 percent) favor government surveillance of Americans’ Internet activities to watch for suspicious activity that might be connected to terrorism. Independents are more divided, with 40 percent in favor and 35 percent opposed. Only a third of Americans under 30, but nearly two-thirds 30 and older, support warrantless surveillance.

Right. After all, who needs business?

Electronic Health Records and Patient-Centric Design

CIO’s story Why Electronic Health Records aren’t more usable offers an interesting perspective on the current (improved?) state of affairs in medical care records. From the article:

The American Medical Association in 2014 issued an eight-point framework for improving EHR usability. According to this framework, EHRs should:

  • enhance physicians’ ability to provide high-quality patient care
  • support team-based care
  • promote care coordination
  • offer product modularity and configurability
  • reduce cognitive workload
  • promote data liquidity
  • facilitate digital and mobile patient engagement
  • expedite user input into product design and post-implementation feedback.

Nevertheless, it does not appear that EHR vendors are placing more emphasis on UCD. The Office of the National Coordinator for Health IT requires developers to perform usability tests as part of a certification process that makes their EHRs eligible for the government’s EHR incentive program. Yet a recent study found that, of 41 EHR vendors that released public reports, fewer than half used an industry-standard UCD process. Only nine developers tested their products with at least 15 participants who had clinical backgrounds, such as physicians.

Note that this situation is not due to a lack of user-centric efforts to make medical records more useful. Indeed there are several efforts underway, including HealthAuth, Kantara’s Healthcare ID Assurance Working Group, Patient Privacy Rights, HEART working efforts with OAuth and UMA, and more. As the article noted, there are regulatory complications as well as crazy-complicated workflow requirements imposed by the software designers/vendors. We need a shift in focus here.

Volvo’s In-Car Delivery Service

In Volvo launches in-car package delivery service in Gothenburg, Volvo’s new service “lets you have your Christmas shopping delivered directly to your car.” Intriguing idea that saves on parking hassles like those people who are waiting/idling around the favored spots.

With just days to go before Black Friday and Cyber Monday – the busiest online shopping days of the Christmas season – Sweden’s Volvo Cars has unveiled a brand new way to take some of the hassle out Christmas shopping.

The premium car maker has launched the world’s first commercially available in-car delivery service by teaming up with PostNord, the Nordic region’s leading communication and logistics supplier, Lekmer.com, the leading Nordic online toy and baby goods store, and Mat.se, a Swedish online grocery retailer, to have Christmas toys, gifts, food and drinks delivered to its cars. …

The Volvo In-car Delivery works by means of a digital key, which is used to gain one-time access to your vehicle. Owners simply order the goods online, receive a notification that the goods have been delivered and then just drive home with them.

Alas, not available everywhere. Yet.

Data Privacy Legal Hack-A-thon

Customer Commons is supporting, and board member, Mary Hodder, is hosting the Bay Area event. Additionally, there are NYC and London locations. Please join us if you are interested:

Data Privacy Legal Hackathon 2014
Data Privacy Legal Hackathon 2014

This is an unprecedented year documenting our loss of Privacy. Never before have we needed to stand up and team up to do something about it. In honour of Privacy Day, the Legal Hackers are leading the charge to do something about it, inspiring a two-day international Data Privacy Legal Hackathon. This is no ordinary event. Instead of talking about creating privacy tools in theory, the Data Privacy Legal Hackathon is about action! A call to action for tech & legal innovators who want to make a difference!

We are happy to announce a Data Privacy Legal Hackathon and invite the Kantara Community to get involved and participate. We are involved in not only hosting a Pre-Hackathon Project to create a Legal Map for consent laws across jurisdictions, but the CISWG will also be posting a project for the Consent Receipt Scenario that is posted in on the ISWG wiki.

The intention is to hack Open Notice with a Common Legal Map to create consent receipts that enable ‘customisers’ to control personal information If you would like to get involved in the hackathon, show your support, or help build the consent receipt infrastructure please get involved right away — you can get intouch with Mark (dot) Lizar (at)gmail (dot) com, Hodder (at) gmail (dot) com, or join the group pages that are in links below.

Across three locations on February 8th & 9th, 2014, get your Eventbrite Tickets Here:

* New York City * London, UK * San Francisco *

http://legalhackers.org/privacyhack2014/

This two-day event aims to mix the tech and legal scenes with people and companies that want to champion personal data privacy. Connecting entrepreneurs, developers, product makers, legal scholars, lawyers, and investors.

Each location will host a two-day “judged” hacking competition with a prize awarding finale, followed by an after-party to celebrate the event.

The Main Themes to The Hackathon Are:

  • Crossing the Pond Hack
  • Do Not Track Hack
  • Surveillance & Anti-Surveillance
  • Transparency Hacks
  • Privacy Policy Hack
  • Revenge Porn Hack

Prizes will be awarded:

  • 1st Prize:  $1,000
  • 2nd Prize:  $500
  • 3rd Prize: $250

There are pre-hackathon projects and activities. Join the Hackerleague to participate in these efforts and list your hack:

Sponsorship Is Available & Needed

Any organization or company seeking to show active support for data privacy and privacy technologies is invited to get involved.

  • Sponsor: prizes, food and event costs by becoming a Platinum, Gold or Silver Sponsor
  • Participate: at the event by leading or joining a hack project
  • Mentor: projects or topics that arise for teams, and share your expertise.

 

Contact NYC sponsorship: Phil Weiss email or @philwdjjd

Contact Bay Area sponsorship: Mary Hodder – Hodder (at) gmail (dot) com – Phone: 510 701 1975

Contact London sponsorship: Mark Lizar – Mark (dot) Lizar (at)gmail (dot) com – Phone: +44 02081237426 – @smarthart

The Internet of me and my things

Let’s say this key ring is yours and you’ve lost it.

If somebody scans the QR code with their smartphone, they will see a message from you. The message can say whatever you want (such as, “Help! I’ve misplaced these, please call or text me at this number”), and you can update it any time, because the information is in your personal cloud.

You can host your personal cloud yourself, or you can have it hosted elsewhere, such as at SquareTag, the brand name on the tag you see here. SquareTag is a service of Kynetx, the company behind the personal cloud concept. (Disclosure: I’m an advisor to Kynetx.) But you can use anybody’s. SquareTag is not a silo, and Kynetx is not out to trap anybody. Quite the opposite, in fact. Kynetx is out to give you tools to connect to your world of people and things.

Phil Windley is the co-founder of Kynetx and father of the personal cloud concept. In Personal clouds as general purpose computers, Phil says personal clouds are “the successor to the personal computer,” adding, “In the personal-cloud-as-personal-computer model, owners of a cloud control it in the same way they control their computer. They decide what apps to install, what services to engage, and how and where the data is stored.”

Most of the clouds we hear about today are the big centralized kind managed by companies such as Apple, Google and Amazon. Some of these industrial clouds are pure utilities, doing storage and compute work. That’s the case with, say,  Amazon and Rackspace. Nothing wrong with these, just as there is nothing wrong with electrical systems or storage facilities. Other clouds, however, are out to control you and your life — for both your good and theirs. Apple’s iCloud is one example. You can get it only from Apple, and it is not substitutable (as would be, say, a storage facility). In spite of the fact that Apple makes PCs and other personal devices, the company and its iCloud come from an old-school mainframe assumption: that one central server (or service) should contain and control what is done by many different clients. The technical term for this architecture is client-server. The vernacular term is calf-cow. You’re the calf. Apple is the cow. In the calf-cow system, you are always dependent, never fully independent.

With personal clouds you are independent. Your personal cloud is yours alone, to keep track of any thing, person or event in your life — and to manage your interactions with them. Such as, IF my keys are scanned, THEN display this message.

In an interview five years ago with Phil WindleyCraig Burton called every person an “enterprise of one.” In the past several years Phil and other developers (especially his colleagues at Kynetx) have been working on ways not only to make every person into that “enterprise of one” with connections to keep track of and control every thing of theirs as well. They are doing this through a general purpose platform called a personal cloud. You should have one, and so should the things you care about.

The design of the Internet in the first place is one of a boundless variety of end-points, with no central control of what those ends can do. Each is simply an address. Any end can connect with any other end. We have a similar system in the world called conversation. Anybody can talk with anybody else, or shake hands. They can also engage in business, and form relationships that last for moments or years. With personal clouds, things as well as people are brought into the Internet’s conversational and relational end-to-end system.

Take for example your car. Let’s say you put a SquareTag on the dashboard, next to the vehicle ID number. You can set up your car’s personal cloud so that all somebody scanning it sees is that it’s your car (or whatever you choose for it to say). But you can also scan the tag every time you have the car serviced, be taken to the car’s personal cloud, and enter whatever you like about the service event, or click on a private link that takes you (alone) back through your notes on the car’s service history. You can also set it up so the service station or dealer can connect their service records to yours, so when you look in your car’s personal cloud, you can also see those other service records. All you need for doing that are logical connections between the car’s tag cloud and the clouds of the other places where data is kept. With a squaretag, it isn’t necessary for any of your things to be “smart.” Instead the smarts are located in those things’ personal clouds.

There is no limit to what we can do with personal clouds because all of them are by nature independent, just as atoms are independent. And, just as certain kinds of atoms bond well with other kinds of atoms to form molecules, certain kinds of personal clouds (such as those of things we possess) will bond well with other kinds of personal clouds (such as human beings with possessions).

Likewise each of our personal clouds can, by mutual agreement, be social in the true and literal sense of the word — just as we are in the physical world. We won’t need to be social only inside corporate systems like Twitter’s and Facebook’s. There will still be administrative identities in the world (such as the ones on our drivers licenses and in employers’ HR systems), but among our sovereign selves we can choose to identify ourselves any way we wish. (Which others can, of course, accept or not.)

While personal clouds today are programmed with an open source language (KRL, for Kinetic Rules Language), and executed on an open source rules engine, what makes them interoperable are a new open standard: the evented API. Open standards are what allow closed (or open) things to connect and do things with each other. For example, it doesn’t matter whether you are reading this on a Linux, Mac, Windows, iOS or Android device. Open standards make it possible for all those things to communicate with each other.

We are at the earliest stage of where personal clouds will eventually go. What we can say with confidence, however, is that they will some day be the way each of us controls our lives, our personal data, our possessions, and our relationships with each other and our things.

We are born as sovereign beings, yet live in a networked world. The Internet as it was designed in the first place respected that. For most of the last two decades, however, we forgot that and built industrial-age systems that subordinated individual sovereignty and autonomy to the conveniences of large companies and governments. We built systems for capturing and controlling people and their things. There was lots of good stuff that could be done with these systems, but they were done at the expense of liberty and freedom for individuals and their possessions. Personal clouds not only promise that liberty and freedom, but provide the means for accomplishing it.

What we do with personal clouds is up to each of us — and to the countless new businesses that will show up to help out. When they do, you can bet a whole new boom of possibilities will show up too. The difference with this boom, however, is that each of us will be in charge of ourselves and what’s ours. That’s new. And it will never get old.