Count the number of companies you pay regularly for anything. Add up what you pay for all of them. Then think about the time you spend trying and failing to “manage” any of it—especially when most or all of the management tools are separately held by every outfit’s subscription system, all for their convenience rather than yours. And then think about how in most cases you also need to swim upstream against a tide of promotional BS and manipulation. (Examples here and here.)
There is an industry on the corporate side of this, and it’s not vested in the status quo to fix itself.
But the customer can’t come first, can’t be in charge, and can’t lead, without tools of her own: tools that give her ways to interact in common ways across all the companies she deals with. Ways that give her leverage:
She already has some of those tools. The Internet. The Web. EMail. The phone system. Credit cards. Cars. All of those give a person scale, in roughly the same way that using a common language or a common currency gives a person scale.
For an example of absent scale at work, look at what a customer needs to do when she changes, say, her email address, preferred credit card or last name. She has to go from one website to another, over and over again, logging into all of them separately, like a bee buzzing from one flower to another across a whole garden—only taking a lot more time and wasting a lot more energy.
The reason we have that situation is that companies are still leveraging industrial age norms, in which every company works to “own” the customer, and her experience, separately and exclusively. This is why, even though we’ve been living in a networked world for a quarter century, and we all carry highly advanced digital devices in our pocket and purses, we remain stuck in a world where every company we deal with has its own unique and different ways of dealing with us, and of providing us with ways for relating to them.
The plethorization of separate and unique “customer experiences” (“CX” to the industry) is only compounded with each new company we deal with—and worse, with each new law imposing obligations on companies that will implement compliance differently. We see this today with all the separate ways we “consent” to being tracked by companies doing their separate best to comply with the GDPR and the CCPA as well. Those laws embody the assumption that we still live in an industrial world where all agency over personal privacy resides on the corporate side, rather than on the personal one.
This is why better CRM, CX and GDPR/CCPA compliance approaches actually make the problem worse. Since all are different and exclusive, each one adds unique forms of cognitive and operational overhead on both the corporate and the personal side of every “relationship” that really isn’t.
It’s as if every company required a different language, a different handshake, and a different keyboard layout.
To really come first, to really be in charge, to really lead, the customer needs powers of her own that extend across all the companies she deals with. That’s scale.
Just as companies need to scale their relationships across many customers, customers need to scale their relationships across many companies.
The customer can only get scale through tools for both independence and engagement. She already has those with her car, her purse, her phone, her personal computer, her email, her browsers, her computer, her credit, her cash. (See The Cash Model of Customer Experience.) Every company she deals with respects the independence she gets from those tools, and every company has the same base-level ways of interacting with them. Those tools are also substitutable. The customer can swap them for others like it and maintain her autonomy, independence and ability to engage.
Here is what we have been looking for, from any and all of them together—
Ways to manage gradual, selective and trust-based disclosure of personal identifiers, starting from a state that is anonymous (literally, nameless).
Ways to manage our many administrative identities (the ones by which companies and other organizations know each of us), as well as our sovereign source identities (how each of us know ourselves).
Ways to express terms and policies with which companies can agree (preferably automatically).
Ways to change personal data records (e.g. name, address, phone number) for every company we deal with, in one move.
Ways to share personal data (e.g. purchase or service intentions) selectively and in a mutually trusting way, with every company we deal with.
Ways to exercise full control over our sovereign data spaces (e.g. PIMS) for every thing each ofus owns, and within which reside our relationships with companies that support those things.
Ways to engage with existing CRM, call center and other relationship systems on the vendors’ side.
We have most or all of the technologies, standards, protocols, specifications and APIs we need already. What we need now is thinking and development that goes meta: one level up, to where the customer actually lives, working to manage all these different relationships with all these different cards, apps, websites, logins, passwords and the rest of it.
Apps for doing those things should be as substitutable as a car, a wallet, a purse, a phone, an email client. In other words, we should have a choice of apps, and not be stuck again inside the exclusive offerings of any single company.
One of our jobs at Customer Commons is to stand with the customer as she watches those tools and services being built, and weighs in with input and intelligence of her own. If you want to help us do that, follow @CustomerCommons and DM us there after we follow you back. Thanks.
Customer Commons was created because there are many business and market problems that can only be solved from the customers’ side, under the customer’s control, and at scale, with #customertech.
In the absence of solutions that customers control, both customers and businesses are forced to use business-side-only solutions that limit customer power to what can be done within each business’s silo, or to await regulatory help, usually crafted by captive regulators who can’t even imagine full customer agency.
Here are some examples of vast dysfunctions that customers face today (and which hurt business and markets as well), in the absence of personal agency and scale:
Needing to “consent” to terms that can run more than 10,000 words long, and are different for every website and service provider
Dealing with privacy policies that can also run more than 10,000 words long, which are different for every website and service provider, and that the site or service can change whenever they want, and in practice don’t even need to obey
Dealing with personal identity systems that are different for every website or service provider
Dealing with subscription systems that are different for every website and service provider requiring them
Dealing with customer service and tech support systems that are different for every website or service provider
Dealing with login and password requirements that are as different, and numerous, as there are websites and service providers
Dealing with crippled services and/or higher prices for customers who aren’t “members” of a “loyalty” program, which involves high cognitive and operational overhead for customer and seller alike—and (again) work differently for every website and service provider
Dealing with an “Internet of Things” that’s really just an Amazon of things, an Apple of Things, and a Google of things.
And here are some examples of solutions customers can bring to business and markets:
Standardized terms that customers can proffer as first parties, and all the world’s sites and services can agree to, in ways where both parties have records of agreements
Privacy policies of customers’ own, which are easy for every website and service provider to see and respect
Self-sovereign methods for customers to present only the identity credentials required to do business, relieving many websites and service providers of the need to maintain their own separate databases of personal identity data
Standard ways to initiate, change and terminate customers’ subscriptions—and to keep records of those subscriptions—greatly simplifying the way subscriptions are done, across all websites and service providers
Standard ways for customers to call for and engage customer service and tech support systems that work the same way across all of them
Standard ways for customers to relate, without logins and passwords, and to do that with every website and service provider
Standard ways to express loyalty that will work across every website, retailer and service provider
Standard ways for customers to “intentcast” an interest in buying, securely and safely, at scale,across whole categories of products and services
Standard ways for customers’ belongings to operate, safely and securely, in a true Internet of Things
Standardized dashboards on which customers can see their own commercially valuable data, control how it is used, and see who has shared it, how, and under what permissions, across all the entities the customer deals with
There are already many solutions in the works for most of the above. Our work at Customer Commons is to help all of those—and many more—come into the world.
I learned that separately from two teachers, weeks apart in 2000. Both were responding to Cluetrain‘s markets are conversations line, which became a runaway marketing meme shortly after the book came out. One of those teachers was Eric S. Raymond, a devout atheist and libertarian who almost single-handedly made open source a thing, starting two years earlier. The other was Sayo Ajiboye, a Nigerian pastor I met on a plane.
Both suggested markets are relationships as a corollary to markets are conversations and markets are transactions; but it was Sayo who gave me the assignment I’m still working on here with Customer Commons: to make markets are relationships far more real than what customer relationship management (CRM) and related corporate functions imagined it was, because they were all too busy thinking markets are transactions. Seeing markets as conversations would be a step forward, Sayo said, but not a big enough step. Relationship was key to fully realizing free, open and productive markets in the industrial world, and it could only be fully achieved by working on solutions from the customers’ side.
I’ve written about my encounter with Sayo in a number of places. But the most relevant to our work here is Mashing Up a Commons, published in the June 2006 issue of Linux Journal, three months before I became a fellow with the Berkman Center and started ProjectVRM. Without that encounter, there is a good chance neither would have happened.
Mashing up a commons is still our assignment. I believe it will be the most leveraged thing to happen to markets since the Internet showed up. I first explained why in Free Customers Make Free Markets, posted in November 2007. It closes with the headline above.
The time wasn’t right then, but it is now. Let’s do it.
Almost all arguments in economics are advanced by two almost opposed positions, each walled into the castles of their ideologies, both insisting that their side has the solutions and the other side causes the problems—while meanwhile between the two flows a river of customers who, if they could be heard, and could participate with more than their cash, would have solutions of their own.
Customer Commons’s job is giving those customers full agency for dealing with both the businesses and governments of the world, and in the process proving that free customers are more valuable—to themselves and the businesses of the world—than captive (or tracked) ones.
It’s a long fight, dating back to the personal agency we lost when industry won the industrial revolution. And it’s one we continue to lose, in many ways, through these early decades of the digital revolution.
The problem with most of what’s been written so far is that it assumes customers will remain victims unless companies or governments (and mostly the latter) rescue them. There is little sense that customers can also bring solutions to the market—ones that are good for every party involved.
One notable exception is Brett and Evan’s book, mentioned above, which closes with a hopeful nod toward some of our work here at Customer Commons:
Doc Searls and his colleagues at Customer Commons have been working for years on standardized terms for customers to use in managing their relationships with websites and other vendors… [his] dream of customers systematically using contract and related tools to manage their relationships with vendors now seems feasible. It could be an important first step toward flipping the scientific-management-of-consumers script we’ve become so accustomed to.”
These are terms that each of us can proffer, and which the businesses of the world can agree to—as an alternative to the reverse, which has become a bane of online existence, alas made worse by normalization of insincere and misleading cookie notices on the Web, caused by (what we regard as a misreading of) the GDPR: a sad example of policy failing to fix a market problem. (So far. In another post we’ll visit ways the GDPR and California’s CCPA might actually help.)
The term third force has multiple uses already, the most common of which seem especially relevant our work here:
“A group of people or nations that mediates between two opposed groups…” — Free Dictionary
(A humanistic psychology that) focuses on inner needs, happiness, fulfillment, the search for identity, and other distinctly human concerns. Psychology: An Introduction, by Russell A. Dewey, PhD
Since customers and citizens are opposed to neither business nor government, but constantly look for positive outcomes in their dealings and relationships with both, third force works.
The GDPR won’t give us privacy. Nor will ePrivacy or any other regulation. We also won’t get it from the businesses those regulations are aimed at.
Because privacy is personal. If it wasn’t we wouldn’t have invented clothing and shelter, or social norms for signaling to each what’s okay and what’s not okay.
On the Internet we have none of those. We’re still as naked as we were in Eden.
But let’s get some perspective here: we invented clothing and shelter long before we invented history, and most of us didn’t get online until long after Internet service providers and graphical browsers showed up in 1994.
In these early years, it has been easier and more lucrative for business to exploit our exposed selves than it has been for technology makers to sew (and sell) us the virtual equivalents of animal skins and woven fabrics.
In case you think this happened just because most ads are “intrusive” or poorly targeted, consider the simple fact that ad blocking has been around since 2004, yet didn’t hockey-stick until the advertising business turned into direct response marketing, hellbent on collecting personal data and targeting ads at eyeballs.††
This happened in the late ’00s, with the rise of social media platforms and programmatic “adtech.” Euphemized by its perpetrators as “interactive,” “interest-based,” “behavioral” and “personalized,” adtech was, simply-put, tracking-based advertising. Or, as I explain at the last link direct response marketing in the guise of advertising.
Do Not Track was first implemented in 2009 by Sid Stamm, then a privacy engineer at Mozilla, as an option in the company’s Firefox browser. After that, the other major browser makers implemented Do Not Track in different ways at different times, culminating in Mozilla’s decision to block third party cookies in Firefox, starting in February 2013.
Before we get to what happened next, bear in mind that Do Not Track was never anything more than a polite request to have one’s privacy respected. It imposed no requirements on site owners. In other words, it was a social signal asking site owners and their third party partners to respect the simple fact that browsers are personal spaces, and that publishers and advertisers’ rights end at a browser’s front door.
The “interactive” ad industry and its dependents in publishing responded to that brave move by stomping on Mozilla like Gozilla on Bambi:
Next, ad searches for “how to block ads” rose right in step with searches for retargeting, which is the most obvious evidence that advertising is following you around:
You can see that correlation in this Google Trends graph in Don Marti’s Ad Blocking: Why Now, published by DCN (the online publishers’ trade association) on 9 July 2015:
Measures of how nearly all of us continue to hate tracking were posted by Dr. Johnny Ryan (@johnnyryan) in PageFair last September. In that post, he reports on a PageFair “survey of 300+ publishers, adtech, brands, and various others, on whether users will consent to tracking under the GDPR and the ePrivacy Regulation.” Bear in mind that the people surveyed were industry insiders: people you would expect to exaggerate on behalf of continued tracking.
Here’s one result:
Johnny adds, “Only a very small proportion (3%) believe that the average user will consent to ‘web-wide’ tracking for the purposes of advertising (tracking by any party, anywhere on the web).” And yet the same survey reports “almost a third believe that users will consent if forced to do so by tracking walls,” that deny access to a website unless a visitor agrees to be tracked.”
He goes on to add, “However, almost a third believe that users will consent if forced to do so by ‘tracking walls”, that deny access to a website unless a visitor agrees to be tracked. Tracking walls, however, are prohibited under Article 7 of the GDPR, the rules of which are already formalised and will apply in law from late May 2018. “
Which means that the general plan by the “interactive” advertising business is to put up those walls anyway, on the assumption that people will think they won’t get to a site’s content without consenting to tracking. We can read that in the subtext of IAB Europe‘s Transparency and Consent Framework, a work-in-progress you can follow here on Github., and read unpacked in more detail at AdvertisingConsent.eu.
So, to sum all this up, so far online what we have for privacy are: 1) popular but woefully inadequate ad blocking and tracking protection add-ons in our browsers; 2) a massively interesting regulation called the GDPR…
… and 3) plans by privacy violators to obey the letter of that regulation while continuing to violate its spirit.
So how do we fix this on the personal side? Meaning, what might we have for clothing and shelter, now that regulators and failed regulatory captors are duking it out in media that continue to think all the solutions to our problems will come from technologies and social signals other than our own?
Glad you asked. The answers will come in our next three posts here. We expect those answers to arrive in the world and have real effects—for everyone except those hellbent on tracking us—before the 25 May GDPR deadline for compliance.
†† It was plain old non-tracking-based advertising that not only only sponsored publishing and other ad-suported media, but burned into people’s heads nearly every brand you can name. After a $trillion or more has been spent chasing eyeballs, not one brand known to the world has been made by it. For lots more on all this, read everything you can by Bob Hoffman (@AdContrarian) and Don Marti (@dmarti).
Also, in case you’re reading this footnote, the family at the top is my father‘s. He’s the one on the left. The location was Niagara Falls and the year was 1916. Here’s the original. I flipped it horizontally so the caption would look best in the photo.
The GDPR‘s “sunrise day” — when the EU can start laying fines on companies for violations of it — is May 25th. We want to be ready for that: with a cookie of our own baking that will get us past the “gauntlet walls” of consent requirements that are already appearing on the world’s commercial websites—especially the ad-supported ones.
Most of the results in that search are about what companies can do (or actually what companies can do for companies, since most results are for companies doing SEO to sell their GDPR prep services).
We propose a simpler approach: do what the user wants. That’s why the EU created the GDPR in the first place. Only in our case, we can start solving in code what regulation alone can’t do:
Un-complicate things (for example, relieving sites of the need to put up a wall of permissions, some of which are sure to obtain grudging “consent” to the same awful data harvesting practices that caused the GDPR in the firs place).
Give people a good way to start signaling their intentions to websites—especially business-friendly ones
Give advertisers a safe way to keep doing what they are doing, without unwelcome tracking
Open countless new markets by giving individuals better ways of signaling what they want from business, starting with good manners (which went out the window when all the tracking and profiling started)
What we propose is a friendly way to turn off third party tracking at all the websites a browser encounters requests for permission to track, starting with a cookie that will tell the site, in effect, first party tracking for site purposes is okay, but third party tracking is not.
If all works according to plan, that cookie will persist from site to site, getting the browser past many gauntlet walls. It will also give all those sites and their techies a clear signal of intention from the user’s side. (All this is subject to revision and improvement as we hack this thing out.)
This photo of the whiteboard at our GDPR session at IIW on April 5th shows how wide ranging and open our thinking was at the time:
Photos from the session start here. Click on your keyboard’s right (>) arrow to move through them. Session notes are on the IIW wiki here.
Here is the whiteboard in outline form:
Possible Delivery Paths
Browser add-on to rewrite the cookie. Discussed were:
Ads.txt replaced by a more secure system + faster page serving
Ad blocking decreases
Sponsorship becomes more attractive
Branding—the real kind, where pubs are sponsored directly—can come back
Clearly stated permissions from “data subjects” for “data processors” and “data controllers” (those are GDPR labels)
Will permit direct ads (programmatic placement is okay; just not based on surveillance)
Puts direct intentcasting from data subject (users) on the table, replacing adtech’s spying and guesswork with actual customer-driven leads and perhaps eventually a shopping cart customers take from site to site
Liability reduction or elimination
SSI (self-sovereign identity) / VC (verified credential) approach —> makes demonstration of compliance automateable (for publishers and ad creative)
Complying with a visitor’s cookie is a lot easier than hiring expensive lawyers and consultants to write gauntlet walls that violate the spirit of the GDPR while obtaining grudging compliance from users with the letter of it
The GDPR, with ePrivacy right behind it, and big fines that are sure to come down
A privacy manager or privacy dashboard on the user’s side, with real scale across multiple sites, is inevitable. This will help bring one into the world, and sites should be ready for it.
Since ample research (University of Pennsylvania, Annenberg, PageFair) has made clear that most users do not want to be tracked, browser makers will be siding eventually, inevitably, with those users by amplifying tracking protections. The work we’re doing here will help guide that work—for all browser makers and add-on developers
Participating organizations (some onboard, some partially through individuals)
Here’s the problem: the Post says I’m blocking ads when I’m just protecting myself from tracking.
In fact I welcome ads. By that I mean real ads. Not messages that look like real ads, but are direct marketing messages aimed by tracking. Let’s call them fake ads.
Here’s one way to spot them:
When you see one of those in the corner of an ad, it means the ad is “interest based,” which is a euphemism for based on tracking you.
If you click on that icon, you get an explanation of what the ad is doing there (though no specifics about the tracking itself, or where trackers sniffed your digital exhaust across the Web), plus a way to “choose” what kind of ads you see or don’t. Here’s how the AdChoices site puts it:
Here are just some of the many ways this is fulla shit:
It’s not your AdChoices Icon. It’s the Digital Advertising Alliance‘s. They are not you. They are a cabal of “leading national advertising and marketing trade groups.” And they don’t work for you. Nor does their icon.
The most “control” you take when you click on that icon is over a subset of advertising systems that might be different with every AdChoices icon you click. It might be Google‘s, Experian‘s, DataXu/Evidon‘s, Amazon‘s or any one of thousands of other ad placement systems, each with their own opt-out rosters, none of which you can track, audit, or make accountable to you in the least.
What’s behind the AdChoices icon is what you find behind every fig leaf. And it has the hots for your data.
Next to the wheat of real advertising (which we’ve had since forever, has never tracked you, and carries straightforward brand messages for populations rather than individuals), “relevant” advertising is pure chaff. I explain the difference in Separating Advertising’s Wheat and Chaff.
The benefits of relevant advertising are mostly monetary ones going to intermediaries rather than to advertisers, publishers or human beings. As Bob Hoffman puts it to publishers, “adtech middlemen are scraping 60-70% of your media dollars (WFA and The Guardian).”
Aagain, I have no trouble with real advertising, meaning the wheat kind, which isn’t based on tracking me. In fact I like it because it tends to ad value the publications I read, and I know it sponsors those publications, rather than using those publications just for chasing readers’ eyeballs to wherever they might be found, meaning the publisher-sponsoring value of a “relevant” ad based on tracking is less than zero. I also know real ads aren’t vectors for fraud and malware.
That’s why I run tracking protection, in this case with Privacy Badger, which tells me the Washington Post has 49 potential trackers trained to sniff my digital ass. I don’t want them there. I am also sure the Post’s subscribers and editorial staff don’t want them there either.
So how do we fix that?
You can track movement toward the answer in these reports:
It puts both publishers and advertisers in compliance with the General Data Protection Regulation (GDPR), a European privacy law that forbids personal tracking without express personal permission, has global reach (it applies to European Citizens using U.S. services) and large fangs that will come out in May of next year. I explain more about that one here.
Ads not based on tracking—real ads—are far more valuable to publishers than the fake “relevant” kind. First, they actually sponsor the publication. Second, they carry no cognitive overhead for either the publisher or the reader. Both know exactly what an ad is for and what it’s doing there. Third, they can be sold and published the old fashioned ways that publishers abandoned when they jobbed out income production to revenue-sucking intermediaries. It ain’t that hard to go back.
That’s what will happen when sites and services click “accept” to your terms, rather than the reverse.
The role you play here is what lawyers call the first party. Sites and services that agree to your terms are second parties.
As a first party, you get scale across all the sites and services that agree to your terms:
This the exact reverse of what we’ve had in mass markets ever since industry won the industrial revolution. But we can get that scale now, because we have the Internet, which was designed to support it. (Details here and here.)
And now is the time, for two reasons:
We can make our leadership pay off for sites and services; and
Agreeing with us can make sites and services compliant with tough new privacy laws.
This does a bunch of good things for advertising supported sites:
It relieves them of the need to track us like animals everywhere we go, and harvest personal data we’d rather not give anybody without our permission.
Because of #1, it gives them compliance with the EU’s General Data Protection Regulation (aka GDPR), which allows fines of “up to 10,000,000 EUR or up to 2% of the annual worldwide turnover of the preceding financial year in case of an enterprise, whichever is greater (Article 83, Paragraph 4),” or “a fine up to 20,000,000 EUR or up to 4% of the annual worldwide turnover of the preceding financial year in case of an enterprise, whichever is greater (Article 83, Paragraph 5 & 6).”
It provides simple and straightforward “brand safety” directly from human beings, rather than relying on an industry granfalloon to do the same.
Try to guess how many times, in the course of your life in the digital world, have “agreed” to terms like these:
Hundreds? Thousands? (Feels like) millions?
Look at the number of login/password combinations remembered by your browser. That’ll be a fraction of the true total.
Now think about what might happen if we could turn these things around. How about if sites and services could agree to our terms and conditions, and our privacy policies?
We’d have real agreements, and real relationships, freely established, between parties of equal power who both have an interest in each other’s success.
We’d have genuine (or at least better) trust, and better signaling of intentions between both parties. We’d have better exchanges of information and better control over what gets done with that information. And the information would be better too, because we wouldn’t have to lie or hide to protect our identities or our data.
Think about it. None of those work unless individuals are in charge of themselves and their relationships in the digital world. And they can’t as long as only one side is in charge. What we have instead are opposites: limited control and coerced consent, maximum disclosure for unconstrained use, unjustified parties, misdirected identity, silo’d operators and technologies, inhuman integration, and inconsistent experiences across contexts of all kinds. (I’ll add links for all of those later when I have time.)
Can we fix this problem, eleven years after Kim came down from the mountain (well, Canada) with those laws?
No, we can’t. Not without leverage.
The sad fact is that we’ve been at a disadvantage since geeks based the Web on an architecture called “client-server.” I’ve been told that term was chosen because “slave-master” didn’t sound so good. Personally, I prefer calf-cow:
As long as we’re the calves coming to the cows for the milk of “content” (plus unwanted cookies), we’re not equals.
But once we become independent, and can assert enough power to piss off the cows that most want to take advantage of us, the story changes.
Good news: we are independent now, and controlling our own lives online is pissing off the right cows.
We’re gaining that independence through ad and tracking blockers. There are also a lot of us now. And a lot more jumping on the bandwagon.
According to PageFair and Adobe, the number of people running ad blockers alone passed 200 million last May, with annual growth rates of 41% in the world, 48% the U.S. and 82% in the U.K. alone.
Of course the “interactive” ad industry (the one that likes to track you) considers this a problem only they can solve. And, naturally, the disconnect between their urge to track and spam us, and our decision to stop all of it, is being called a “war.”
But it doesn’t have to be.
Out in the offline world, we were never at war with advertising. Sure, there’s too much of it, and a lot of it we don’t like. But we also know we wouldn’t have sports broadcasts (or sports talk radio) without it. We know how much advertising contributes to the value of the magazines and newspapers we read. (Which is worth more: a thick or a thin Vogue, Sports Illustrated, Bride’s or New York Times?) And to some degree we actually value what old fashioned Mad Men type advertising brings to the market’s table.
On the other hand, we have always been at war with the interactive form of advertising we call junk mail. Look up unwanted+mail, click on “images,” and and you’ll get something like this:
What’s happened online is that the advertising business has turned into the “interactive” junk message business. Only now you can’t tell the difference between an ad that’s there for everybody and one that’s aimed by crosshairs at your eyeballs.
Today’s ad and tracking blockers are are primitive prophylactics: ways to protect our eyeballs from advertising and tracking. But how about if we turn these into instruments of agreement? We could agree to allow the kind of ads that pay the publisher and aren’t aimed at us by tracking.
Here at Customer Commons we’ve been working on those kinds of terms for the last several years. Helping us have been law school students and teachers, geeks and ordinary folks. Last we publishe a straw man version of those terms, they looked like this:
What those say (in the green circles) is “You (the second party) alone can use data you get from me, for as long as you want, just for your site or app, and will obey the Do Not Track request from my browser.”
This can be read easily by lawyers, ordinary folks and machines on both sides, just the way the graphic at the top of this post, borrowed from Creative Commons (or model for this), describes.
Many people from those groups (including Kim Cameron himself) will be at IIW, the Internet Identity Workshop, at the Computer History Museum in Silicon Valley, on the last week of next month, April 26-28. It’s an unconference. No panels, no keynotes, no plenaries. It’s all breakouts, on topics chosen by participants.
The day before, at the same location, will be VRM Day. The main topic there will be terms, and how we plan to get working versions of them in the next three days at IIW.
This is a huge opportunity. I am sure we have enough code, and enough done work on standards and the rest of it, to put up exactly the terms we can offer and publishers online can accept, and will start to end the war (that really isn’t) between publishers and their readers.
Once we have those terms in place, others can follow, opening up to much better signaling between supply and demand, because both sides are equals.
So this is an open invitation to everybody already working in this space, especially browser makers (and not just Mozilla) and the ad and tracking blockers. IIW is a perfect place to show to show what we’ve got, to work together, and to move things forward.