Blog

Surf safely with Web Pal

It’s time to draw the line on surveillance.

Today nearly every commercial website infects our browsers with tracking files that report our activities back to parties we may not know or trust.

So we’re providing a way to draw that line:  Web Pal — a browser extension that blocks tracking and advertising*, eliminating the browser slowdowns caused by both.

Download the Web Pal here, from the Chrome Web Store
And click on the donate button to support our work.

Web Pal was developed for Customer Commons by Emmett Global, which provides privacy solutions to nonprofits. It combines Adblock Plus and Tampermonkey — two open source code bases — in one simple install that requires no additional work or maintenance. It also gives you a Customer Commons start page, which carries updates of news about surveillance and other topics of interest to Customer Commons members.

Here’s a video explaining the Web Pal:

We offer the Web Pal on Chrome. This gives you one safe browser with maximized protection, and the opportunity both to try out other protection systems on other browsers and to compare performance.  Here is a list of those systems, from ProjectVRM at Harvard’s Berkman Center for Internet and Society:

Abine † Do Not Track MeDeleteMeMaskMe PrivacyWatch: privacy-protecting browser extensions and services
AdBlock Plus Ad and tracking blocking.
Emmett † “An easy to install browser plugin that protects your privacy online”
Collusion Firefox add-on for viewing third parties tracking your movements
Disconnect.me † browser extentions to stop unwanted tracking, control data sharing
Ghostery † browser extension for tracking and controlling the trackers
Privacyfix † “One dashboard for your Facebook®, LinkedIn®, and Google® privacy. Blocks over 1200 trackers.”
PrivacyScore † browser extensions and services to users and site builders for keeping track of trackers
Privowny † – “Your personal data coach. Protect your identity/privacy. Track what the Internet knows about you.”

Note that these are maintained on a wiki and subject to change. In fact, we invite Customer Commons members to participate in ProjectVRM, and help drive development of these and other tools.

And, of course, we welcome feedback and suggestions for improving the Web Pal. And we encourage everybody to support development of all tools and services that make customers liberated, powerful and respected in the open marketplace.


* What Adblock Plus calls acceptable ads are passed through by default, but you can change it to block all ads. Just go to Chrome’s Windows menu and click down through Extensions / Emmett Web Pal / Options / Adblock Plus / Filter List. Then uncheck “Allow some non-intrusive advertising”.

0
Read More

Opt in to a good movie

tacma

Customer Commons‘ invites you to a screening of Terms and Conditions May Apply@CullenHoback‘s  award-winning documentary on the state of personal privacy online.

NOTE: The venue is now at Stanford University, in conjunction with the United Nations Association Film Festival, and will be followed by a panel discussion on the “Future of Online Privacy.” Cullen will be there as well.

Here is the UNAFF page on the screening.

Details:

  • DATE: Monday, Oct 21
  • LOCATION: Room 101, Ceras BuildingStanford University School of Education, 485 Lasuen Mall
  • TIME: 6:00 PM Reception with the filmmakers; 7:00 PM TERMS AND CONDITIONS MAY APPLY (USA, 79 min); and 8:20 PM Panel “Future of Online Privacy”
  • PRICE: Single tickets $10 cash only at the venue. First come, first serve. You can also buy advance tickets here. (Additional costs may apply.)
  • PARKING: Parking Structure 6 (beneath Wilbur Field) is closest. It’s free after 4pm in the lots and at the meters along the campus streets More info on visitor parking at Stanford http://transportation.stanford.edu/parking_info/VisitorParking.shtml.

COME EARLY. Since we are combining two showings into one, it’s possible this will sell out, and space is limited.

0
Read More

Beyond the Advertising Bubble

Let’s start with some required reading, from @TimHwang and @AdiKamdar:

peakadvertising

About the peak:

Worryingly, advertising is not well. Though companies supported by advertising still dominate the landscape and capture the popular imagination, cracks are beginning to appear in the very financial foundations of the web. Despite the best efforts of an industry, advertising is becoming less and less effective online. The once reliable fuel that powered a generation of innovations on the web is slowly, but perceptibly beginning to falter.

And the theory:

The theory of Peak Advertising relies on a simple proposition: online advertising will continuously decline in effectiveness going into the future, to the extent that it makes existing models unsustainable.This will, in turn, eventually force a broad transition in the financial models supporting the web. There are a few reasons to believe that this will be the case.

First, the changing demographics of web users do not favor advertising…

Second, ad blocking is increasingly ubiquitous…

Third, click fraud remains a severe and growing problem…

Finally, ever escalating advertising density may itself erode effectiveness.

The Theory of Peak Advertising is a working paper, so I’ll volunteer some additional sources.

First is Don Marti‘s corpus of writing about business, and advertising in particular. (For the latest, watch Part I and Part II of Don’s interview with Slashdot on “Why Targeted Ads Don’t Work.” There’s a transcript in Part II.)

Second is The Intention Economy: When Customers Take Charge (Harvard Business Review Press, 2012), which contains a chapter titled “The Advertising Bubble,” to which Don contributed some valuable research, digging deep into Harvard’s world-record-size collection of scholarly works. Here’s an excerpt:

Advertimania
The etymologist Douglas Harper calls mania “mental derangement characterized by excitement and delusion,” adding that it has been used in the “sense of ‘fad, craze’” since the 1680s and since the 1500s “as the second element in compounds expressing particular types of madness (cf. nymphomania, 1775; kleptomania, 1830; megalomania, 1890).”

We have that in advertising, so in a blog post I volunteered advertimania to Harper’s lexicon. Let’s unpack it here:

  • An overly generous infusion of liquidity, in the form of venture capital. This capital is invested both in companies that expect to make money through advertising, and in advertising for those companies and others. This was rampant in the dot-com boom, and is again today.
  • Faith in endless growth for advertising, and in its boundless capacity to fund free services to users.
  • Herd mentality—around advertising itself, and in faith that “social” media, supported by advertising as a business model, will persist and grow indefinitely. (And the herd is large too.)
  • Huge increase in trading. This is happening with user data bought and sold in back-end markets, employing the same kind of “quants” who worked on Wall Street during the housing bubble.
  • Low quality of personal information, despite the claims of companies specializing in personalization.

And that’s just on advertising’s side of the Chinese wall. Over here on our side, we can add to that list (especially the last item) six delusions, inclusive of the ones listed above by Professor Clemmons:

  1. We are always ready to buy something. We’re not. In fact, most of the time we’re not about to buy anything. Even if we don’t mind being exposed to advertising when we’re not buying, nearly all of us do mind being watched constantly—especially by parties whose only interest is in selling us stuff.
  2. People will welcome totally personalized advertising. Even if people allowed themselves to be tracked constantly through the world, and to be understood in great detail (a privilege that advertisers have done nothing to earn) the result would still be guesswork, which is the very nature of advertising.  For customers, rough impersonal guesswork is tolerable, because they’re used to it. Totally personalized guesswork is not. At least not by advertising. To become totally personal, advertising needs to cross an existential bridge, to become a different corporate function. It must become sales, without the human sound or the human touch.
  3. The market for tracking-based advertising is large enough to justify the huge investments being made in it. Christopher Meyer, founder of MonitorTalent and author of many books on market optimism (including Blur: The Speed of Change in the Connected Economy and Future Wealth, co-authored with Stanley M. Davis) says, “It’s a classic bubble. Investments in tracking-based advertising far exceed even the most optimistic projected returns. The whole business just won’t be that big. In fact the whole advertising category is starting to plateau.”
  4. Advertising is something people actually like, or can be made to like. It’s not. With a few all-too-rare exceptions (such as Superbowl ads, which are typical mostly of themselves), advertising is something people tolerate at best and loathe at worst. Improving a pain in the ass does not make it a kiss. Nor does putting a thumbs-up “like” button next to an ad that gets ignored 99.9 percent of the time—as happens with display ads on Facebook, for example. (It’s also worth noting that Facebook originally put thumbs-down symbols next to ads, but quickly got rid of them. It’s easy to guess why.)
  5. The client-server structure of e-commerce will persist unchanged. It won’t. We’ll explain why in the next chapter, meanwhile, here’s Phil Windley: “There are a billion commercial sites on the Web, each with its own selling systems, its own cookies, its own way of dealing with customers, and its own pile of data about each customer. This whole architecture will collapse as soon as customers have their own systems for dealing with sellers, their own piles of data, and their own contexts for interaction.”
  6. Companies have to advertise. In fact advertising is not an essential function of any company. The difference between an advertiser and an ordinary company is zero. Even if we call advertising an investment, it’s on the expense side of the balance sheet, and an easy item to cut.

Each of those delusions is a brick in the Chinese wall between the industry’s mentality and the larger marketplace outside of it. You could call that wall a blind side, but it’s more than that. It’s a screen on which an industry that smokes its own exhaust has long been projecting its fantasies. It sees those projections rather than the real human beings on the other side. It also fails to see what those human beings might bring to the market’s table, beyond cash, credit cards and coerced “loyalty.”

Tim and Adi are concerned about The Future of the Web (the second half of their title) because so much of what we frequent there is funded by advertising, which is getting to be post-peak:

The central importance of advertising to business online means that Peak Advertising will impact more than just media buyers and vendors. As the value of advertising inventory collapses, it will fundamentally change our experience of the web: everything from the diversity of services that we might choose from to our notions of privacy online will be affected.

They conclude,

One can imagine some breakthrough innovation that eliminates this problem wholesale and maintains the status quo. Someone might develop a behavioral targeting system that perfectly delivers compelling ads to the right customer flawlessly. The current failure to do so even with massive data about user behavior seems to discount this scenario.

In the alternative, someone might innovate an entirely different business that provides margins and revenue flow comparable or better than advertising. It is likely that such a transition would require significant changes in how we experience the web. Go with the models that we know: an Internet where the most massive companies ran on subscriptions, for example, would grow significantly slower, be more subject to user demands, and would likely feature smaller user bases than the ones that we see today. This avoids the obvious issue, too, that not all existing businesses would be able to transition successfully in time, particularly those that have built the most successful businesses on advertising.

We may very well reach and pass the point of Peak Advertising without any significant innovation emerging to maintain and grow the flow of revenue supporting the Internet. What will be left with is a stagnant and ever eroding flow of revenue from the primary sources of advertising, and the inadequate substitution of new forms of advertising in its place. Of the few players that remain, they will produce a web experience that engineers the erosion of user privacy and the blurring of the line between real content and advertising.

The future we end up with is partially a matter of technological innovation, but also a matter of human choice. To those designing platforms and using those platforms, the issue is: what kind of Internet do we want to have?

Ultimately, what Peak Advertising suggests is that the fundamental economics of the web increasingly force this consequential decision on all participants, user and platform alike.

The Intention Economy sees a consequential future in which we still have advertising, but in which more Net-aligned market interactions prevail — and out-perform what we have today with Web services and sites primarily funded by advertising:

The fix
Advertising may fund lots of stuff that we take for granted (such as Google’s search), but it flourishes in the absence of more efficient and direct demand-supply interactions. The Internet was built to facilitate exactly those kinds of interactions. This it has done since the mid-‘90s—but only within a billion different silos, each with its own system for interacting with users, and each with its own asymmetrical power relationship between seller and buyer. This system is old, broken and long overdue for a fix.

The Internet, meanwhile, has always been a symmetrical system. Its architecture, defined by its founding protocols (which we’ll visit in the Net Pains chapter) embodies “end-to-end” principles. Every end on the Net has equal status, whether that end is Amazon.com, the White House, your laptop or your phone. This architectural fact is a background against which advertising’s asymmetries, and its delusional assumptions, have always stood in sharp relief.
So, then
When the backlash is over, and the advertising bubble deflates, advertising will remain an enormous and useful business. We will still need advertising to do what only it can do. What will emerge, however, is a market for what advertising can’t do. This new market will be defined by what customers actually want, rather than guesses about it.

The Intention Economy also reports on work toward that future, fostered by ProjectVRM and allied work toward liberating customers and increasing their ability to engage, resulting in far more widespread and effective direct market interactions than advertising’s highly indirect Attention Economy can produce.

Since the book came out, the number and variety of VRM development projects, companies and infrastructural code bases has multiplied. It’s still early in their evolution, but their direction gets clearer every day.

Remember: the commercial Web is only eighteen years old. It is easy to assume, in these early years, that the first widespread business model is the only one. It’s not. Ecommerce itself is doing fine. Subscriptions are messy and silo’d, but showing signs of widespread normalization. And we’re starting to see signs that companies value service as much as sales, which opens a vast greenfield of new economic opportunities.

Most importantly, we — the customers — are just starting to liberate ourselves. When we finally do throw off the shackles, an abundance of new solutions will also show up: ones that will do far more than just patch cracks in the walls of online advertising’s castle.

Healthy markets depend on powerful customers, not just powerful companies. Both help each other. That didn’t happen much in the Attention Economy, which valued captive customers more than free ones. It will in the Intention Economy, which values free customers more than captive ones.

0
Read More

AT&T’s paint job on confusing pricing

attstoreIn AT&T Ridding Some Retail Stores of Cash Register, Counters and Other Clutter, John McDermott of AdAge explains how the company is making its stores “warmer” to improve the “shopping experience” there. Which is all fine, as far as it goes.

Where it doesn’t go is toward fixing AT&T’s pricing. I explain that in a comment under the piece, which I’ll format in a “warmer” way here:

Nice as these showrooms may be, they are still just a paint job on the complicated shell game called “plans.” Right now AT&T is pushing “mobile share” plans, which are confusing in the extreme, and pointless if you’re single. Then you’re here with individual plans, or here if you’re new and solo.

Look closely at the small print. You can pay $30/mo for 3Gb of data or $50 for 5Gb. The overage charge for both is $10 per Gb. So you’re a sucker if you go with the 5Gb plan, and you use only 3 or 4 Gb. I mean, buy the 3Gb and you’ll also pay 50 if you use 5Gb. Confused? Sure. That’s the idea. AT&T, like Verizon and most other mobile carriers, is a confusopolist. See Dilbert for the definition.

AT&T runs these shell games to confuse the customer. Here’s how your mileage may vary::: If you have an iPhone, go to Settings/General/Usage/Cellular usage. See how much Cellular Network Data you’ve used since the Last Reset. Even if you’re a heavy data user, I’m betting it’s way less than 3Gb/mo, which would mean you’re overpaying. But if you want to save by paying for a lower level, there’s only one: $14.99 for 250Mb, or 1/4 of a Gb. The overage charge at that level is $14.99 per 250 MB. That means you pay 4¢ less than $60 per Gb.

Now, how many of us actually look at what we use? And what is the first cost of a bit in any case? (Operations have costs; bits cost ~$0.)

Back when I consulted BT in the UK, an executive there told me the core competence of phone companies was not telephony or communications, but billing. Or, you might say, bilking. Fortunately for the marketplace, Sprint has ceased being a confusopolist and offers unlimited data. If AT&T is truly serious about being good to customers, it should do the same.

Reasonable customers don’t just want a “better shopping experience.” They want a best possible service experience, especially from companies that bill them every month. They also don’t begrudge any business from making money. In fact there are plenty of studies — as well as ample experience in the world — suggesting that people will gladly pay more for better service and human-to-human engagement. For example: Apple stores.

Here’s hoping that AT&T’s new changes are deeper than the paint job they appear to be so far.

Bonus linkage from The Wall Street Journal.

0
Read More

For personal data, use value beats sale value

There’s an argument that goes like this:

  1. Companies are making money with personal data, and
  2. They are getting this data for free. Therefore,
  3. People should be able to make money with that data too.

This is not helpful framing, if we want to get full value out of our personal data. Or even to understand what the hell personal data is.

Stop and think about this for a second:

That data has far more use value than sale value. This use value is almost entirely untapped. Thinking about its sale value requires that you think the same way big companies do. This is as big a mistake in 2013 as it was —

  • in 1980 to think about personal computing in terms of what big enterprises did with mainframes; and
  • in 1993 to think about personal networking in terms of services provided by phone and cable companies.

In 1982 the IBM PC came along, and MS-DOS. And then the Macintosh in 1984. By 1985  there were tens of thousands of personal apps running on personal computers, doing far more than any company could do with its own computers, no matter how big those computers were. This turned out to be good for everybody, including the big companies with the big computers.

Likewise, in 1995 the Internet came along in a big way (ISPs, email, browsing, dial-up, e-commerce), and within months it was clear than anybody could network together with anybody else in the world at a cost that rounded to zero, and with a degree of freedom that was unimaginable within the systems controlled by phone and cable companies.  (Eighteen years later, the phone and cable companies, with help from the copyright maximalists in Hollywood, are still trying to corral the Net’s horse back into the old barn.)

What companies are doing with your personal data today is all happening inside a B2B — Business-to-Business — context. That context is as limited as mainframe thinking in 1980 and telco/cableco thinking in 1993.

The other day in London we were talking with Nic Brisbourne about the massive quantity of opportunity and ready-to-spend money on the demand side of the marketplace — and the ironic absence (outside the still-small VRM world) of interest by developers in equipping demand to engage and drive supply. The market seem stuck inside the same old supply-driving-demand mentality. That’s what you hear coming from the mainframe-think world of Big Data mongering and analytics today.

Mind these words: Big Data talk today is as clueless about what people can do for themselves as mainframe talk was in 1980 and networking talk was in 1993. It’s big business-as-usual, in its big B2B bubble, talking itself into ever-ripening stages of vulnerability to massive disruption by the C’s of the world.

Speaking of which, we also met in Europe with Qiy, MesInfos, MidataIntently, Mydex, Privowny and other VRM efforts (who will be insulted that I haven’t yet listed them here, but we can correct that). All of them are laying the groundwork required for unlocking the full use value of personal data — and not just its sale value, which is tiny at best anyway. Bravo for them, and for us as the beneficiaries of their good work.

2
Read More

Customer Commons Research: 92% of People Engage in Some Strategy to Hide Personal Data

We launched our first research paper today:  Lying and Hiding in the Name of Privacy (PDF here) by Mary Hodder and Elizabeth Churchill.

Our data supporting the paper is here:  Addendum Q&A and shortly we’ll upload a .xls of the data for those who want to do a deep dive into the results.

We all know that many people hide or submit incorrect data, click away from sites or refuse to install an app on a phone. We’ve all mostly done it.  But how many?  How much is this happening?

We’re at IIW today and of course, the age old dilemma is happening in sessions where one guy in the room says: “People will click through anything; they don’t care about privacy.”  And the next guy will say, “People are angry and frustrated and they don’t like what’s happening.”  But what’s real?  What’s right?

We conducted this survey to get a baseline about what people do now as they engage in strategies to create privacy for themselves, to try to control their personal data.

The amazing thing is.. 92 % hide, lie, refuse to install or click, some of the time. We surveyed 1704 people, and had an astonishing 95% completion rate for this survey. We also had 35% of these people writing comments in the “comment more” boxes at the bottom of the multiple choice answers. Also astonishingly high.

People expressed anger, cynicism, frustration. And they said overwhelmingly that the sites and services that ask for data DON’T NEED it.  Unless they have to get something shipped from a seller. But people don’t believe the sites. There is distrust.  The services have failed to enroll the people they want using their services that something necessary is happening, and the people who use the services are mad.

We know the numbers are high, and that it’s likely due to many not having a way to give feedback on this topic. So when we offered the survey, people did vent.

But we think it also indicates the need for qualitative and quantitative research on what is true now for people online. We want more nuanced information about what people believe, and how we might fix this problem.  Many sites only look at user logs to figure out what is happening on a site or with an app, and therefore, they miss this problem and the user feelings behind them. We want to see this studied much more seriously so that people no longer make the conflicting statements at conferences, so that developers say the user’s don’t care, so that business models are developed that think different than we do now, where sites and services just take personal data.  We want to get beyond the dispute over whether people care, to real solutions that involve customers and individuals in ways that respect them and their desires when they interact with companies.

 

 

 

5
Read More

Lying and Hiding in the Name of Privacy

Authors: Mary Hodder and Elizabeth Churchill

Creative Commons licenced: by-nc-nd CCLICENSE

©Customer Commons, 2013

Contact: Mary Hodder, [email protected]

Abstract

A large percentage of individuals employ artful dodges to avoid giving out requested personal information online when they believe at least some of that information is not required. These dodges include hiding personal details, intentionally submitting incorrect data, clicking away from sites or refusing to install phone applications. This suggests most people do not want to reveal more than they have to when all they want is to download apps, watch videos, shop or participate in social networking.

Keywords:  privacy, personal data, control, invasion, convergence

Download a PDF of the paper here.

 

Survey

Customer Commons’ purpose in conducting this research is to understand more fully the ways in which people manage their online identities and personal information. This survey, the first of a planned series of research efforts, explores self-reported behavior around disclosure of personal information to sites and services requesting that information online. We believe the results of this survey offer a useful starting point for a deeper conversation about the behaviors and concerns of individuals seeking to protect their privacy. Subsequent research will explore how people feel and behave toward online tracking.

This research is also intended to inform the development of software tools that give individuals ways to monitor and control the flow and use of personal data.

For this research project, Customer Commons in late 2012 surveyed a randomized group of 1,704 individuals within the United States (1,689 finished the survey, or 95%). Respondents were geographically distributed, aged 18 and up (see the appendix for specifics), and obtained through SurveyMonkey.com. The margin of error was 2.5%.

Respondents gave checkbox answers to questions and in some cases added remarks in a text box. (Survey questions and answers are in an addendum to this paper.)

Key Findings

Protecting personal data

This survey focused on the methods people use to restrict disclosure of requested personal information. Those methods include withholding, obscuring or falsifying the requested information.

Only 8.45% of respondents reported that they always accurately disclose personal information that is requested of them. The remaining 91.55% reported that they are less than fully disclosing. If they decide the site doesn’t need personal information such as names, birthdates, phone numbers, or zip codes, they leave blank answers, submit intentionally incorrect information, click away from the site, or — in the case of mobile applications, decline to install.­

Most people withhold at least some personal data. Specifically,

  • 75.7% of respondents avoid giving their mobile numbers
  • 74.8% avoid “social” login shortcuts such as those provided by Facebook or Twitter
  • 73.4% avoided giving sites or services access to a friend or contact list.
  • 58.3% don’t provide a primary email address
  • 49.3% don’t provide a real identity

The concept of trust was raised in 22% of the written responses explaining why people hide their information. Some examples include:

  • “I cannot trust a random website”
  • “I do not want spam and do not want to expose others to spam. I also don’t know how that information could be used or if the people running the site are trustworthy.”
  • “If I know why info is needed then I might provide, otherwise no way”
  • “I felt the need to cover my I.D. a little bit — like age and gender.  And I still withhold my social security #.”
  • “If I feel they don’t need it to provide a service to me they don’t get it even if I have to enter in fake info”
  • “Worries on identity theft and general privacy.”
  • “i would never give out my friends or and familys (sic) info ever”

Many respondents said sites and services request more data than required. Others suggested that providing requested information would result in an increased risk to their security. More results:

  • When the 71% of respondents who reported withholding information were asked why, they said they didn’t believe the sites needed the information. Specifically,
    • 68% reported they either didn’t know the site well when they withheld their data or didn’t trust the site.
    • 45% of those who felt they knew the site or service well still withheld information.

Respondents lied about various line items as a strategy to protect their privacy. For example, 34.2% intentionally provided an incorrect phone number, and 13.8% provided incorrect employment information. Here are some reasons they gave:

  • “I didn’t want them to have all my information, or feel it was necessary.”
  • “I have obscured various information so that I would not have further contact with a vendor who won’t leave me alone”
  • “Faking it is the best to avoid unwanted contact”
  • “Sometimes you just want to use a service without them knowing every thing about you.”
  • “I don’t like websites to have very much information on me. I regularly give out spam email addresses, bad birthday dates, and bad location information.”
  • “Registering for many mundane website often requires some pretty detailed personal info. I generally fudge this. None of their business”
  • “Because information is so easily found and transferred on the internet I do provide false info quite often to protect my identity.”

Even those who had never submitted incorrect information made statements such as:

  • “Have never made up info – just ignored requests :-)”
  • “i just don’t use that website”
  • “I have an email address that is purly (sic) for junk mail. I use this email address for websites that request my email address and then I go into that email and delete all email monthly.”
  • “I have never given incorrect information, but I have thought about it.”
  • “I don’t lie, but I omit as I feel appropriate.”

 

Going with the flow

Correcting already obscured or falsified information appears to be too much of a chore. Specifically,

  • Over 50% have rarely or never corrected data they submitted incorrectly
  • 30% correct their data “sometimes.” Of that 30%,
    • 55% said a purchase required correct information
    • 56% had a growing feeling of comfort with the site or service
    • 46% cited the ability to realize new benefits from the site with corrected information
    • 30% said they noticed others’ incorrect data at Facebook or other social sites, or in phone applications, and —
      • 80% of this group assumed that the data was falsified as a way to protect privacy
      • 40% believed the incorrect data was there to mislead marketers
      • 12% believed secretive associates were trying to mislead them
    • 13% believed services always needed correct personal information
    • 75% believed the services needed it only sometimes
    • 12% said it was never needed.

Respondents also believed that other users of these services always needed or expected correct personal data about each other 27% of the time, whereas 23% said it was sometimes needed, and 48% said it was never needed.

 

Privacy online

The results of this survey support the hypothesis that people limit, refuse to give or obfuscate personal information in an attempt to create a measure of privacy online.

On July 30, 2010, in the first article in its “What They Know” series, The Wall Street Journal reported, “One of the fastest-growing businesses on the Internet … is the business of spying on Internet users. The Journal conducted a comprehensive study that assesses and analyzes the broad array of cookies and other surveillance technology that companies are deploying on Internet users. It reveals that the tracking of consumers has grown both far more pervasive and far more intrusive than is realized by all but a handful of people in the vanguard of the industry.”[i]

Adds Doc Searls, in The Intention Economy, “Tracking and ‘personalizing’—the current frontier of online advertising—probe the limits of tolerance. While harvesting mountains of data about individuals and signaling nothing obvious about their methods, tracking and personalizing together ditch one of the few noble virtues to which advertising at its best aspires: respect for the prospect’s privacy and integrity, which has long included a default assumption of anonymity.”[ii]

This survey showed one result of this system. Respondents expressed a general lack of trust in their relationships with online businesses. Many feelings ran strong. Here are some of the comments:

  • “Scary world out there, and I am a bit angry about the fact that all these website ‘track me’ as if that is OK, and then they sell MY data, obviously making money in the process.  How is that OK or even legal?  Don’t I control MY information?  Apparently not…”
  • “So if I think it might be ‘harmful’ to give out info, I don’t do it.”
  • “I want cookies outlawed 🙁
  • “My ex-husband was abusive and has stalked me. I don’t need to let the greedy sellers of my personal information draw him a map to my front door.”
  • “While I doubt I have any real protection of privacy, I have a desire to try to send a message that I want my right to protection of privacy. I regret how much we as a society have lost to the powers of marketing.”
  • “I don’t trust the security procedures of most companies. Security costs money, which cuts into profits, thus most companies have limited incentive to protect PII from cyber criminals.”
  • “The web is far less secure than commonly known.”
  • “Just as I have disconnected my land line because of a flood of unwanted calls, I refuse to give online/ access information for the same reason.”

These survey responses show people resort to withholding data or submitting false data to avoid feeling exposed online. When deciding whether to share personal information, the majority of respondents doubt that sites or services need to collect more than a minimum of obviously necessary personal data.

Conclusion

When people withhold personal data, it is to create a sense of privacy and control of their personal lives.

People are afraid or distrustful of sites, services and phone apps that request their personal data. They withhold or falsify information because they do not believe the sites need their data, and because they do not want to disclose information that might lead to spamming or other intrusions. Moreover, the techniques that people employ to preserve their sense of privacy online are largely improvised, informed by fear, and based on their subjective evaluation of entities that solicit personal information.

For the sake of privacy, people contribute to and tolerate the presence of incorrect personal data online, and attempt to correct it only when they see the clear upsides of accuracy. And, despite the failure of businesses and other organizations to convince users of the need to provide personal details beyond an email address, most users remain comfortable disclosing additional personal data only with those they know and trust.

Research Funding Grant

This research project was funded with a grant from CommerceNet, a not-for-profit research institute working to fulfill the potential of the Internet since 1993.

Customer Commons

Customer Commons is a not-for-profit working to restore the balance of power, respect and trust between individuals and the organizations that serve them, especially in the online world. We stand with the individual and therefore do not take contributions from commercial entities.

ADDENDUM:  Questions and Answers

Click here to see the complete questions, answers and written answers offered by people to provide additional information.


[i] Julia Anguin, “The Web’s New Gold Mine: Your Secrets” The Wall Street Journal, July 30, 2010. http://online.wsj.com/article/SB10001424052748703940904575395073512989404.html

[ii] Doc Searls, The Intention Economy: When Customers Take Charge. (Cambridge, Massachusetts: Harvard Business Review Press, 2012). P. 28.

0
Read More

Meet Omie: a truly personal mobile device

This is Omie: OMIE-blank-slate-pcloud-in-corner

She is, literally, a clean slate. And she is your clean slate. Not Apple’s. Not Google’s. Not some phone company’s.

She can be what you want her to be, do what you want her to do, run whatever apps you want her to run, and use data you alone collect and control.

Being a clean slate makes Omie very different.

On your iPhone and iPad you can run only what Apple lets you run, and you can get only from Apple’s own store. On an Android phone you have to run Google’s pre-loaded apps, which means somebody is already not only telling you what you must do, but is following you as well.

Omie uses Android, but bows to Google only in respect of its intention to create an open Linux-based OS for mobile devices.

So Omie is yours, alone. Fully private, by design, from the start.

At Omie’s heart is your data, in your own personal cloud — not Google’s cloud or Apple’s cloud or Amazon’s cloud or the cloud of any other silo’d service.

Think of your personal cloud as a place for your stuff. Right now most of the data you use in the online marketplace — what should be your stuff —  really isn’t. It’s out in clouds that aren’t yours: one for every Web site and service you deal with.

Consider your wallet — the one in your pocket or purse. That’s your wallet. Not Google’s or Paypal’s. Yet right now Google, Paypal and a dozen other companies think the wallet you carry online should be theirs. Wouldn’t it be better to carry all their wallets inside one that’s yours alone? Omie  is desgned to make that possible, simply because she is yours alone.

Consider your shopping cart. Today that’s not even imaginable, because eevery shopping cart you’ve ever seen belongs to a company. Amazon, Ebay, Etsy, Walmart and the rest of them all have their own shopping carts for you. Why shouldn’t you have your own shopping cart, where you can see all the stuff you’ve almost-bought from all those online stores? With Omie you can at least imagine that, because Omie is yours. And imagining is the first step toward making.

So: what apps would you like Omie to run? Once we get the first few nailed down, we’ll crowdsource funding for developing both Omie and her first apps, or at least the specs for them.

To make that easy, here are just two requirements:

  1. Each app must be a kind that can only run on a device that is the owner’s alone. It can’t be one that only a corporate platform-owner (such as Google or Apple) can provide.
  2. Each app must rely first and foremost on data in the owner’s personal cloud.

The box we need to think outside of is the one that starts with a company. Here we’re starting with you.

Omie should be an instrument of control — by you. That’s why we’re stepping forward with it. Our job at Customer Commons is to stand on the side of the customer. That means we want apps that work for the customer first, and not just the seller. We need something solid to hold at our end of the demand chain — rather than, once again, to hold a device that serves as the far end of the supply chain’s whip.

We’ll bring up Omie at IIW. If you’re one of the 250 people here, come to the Omie session and let’s talk about where to go with the project. If you’re not here, put your thoughts and requests below.

Enhanced by Zemanta
2
Read More

The Internet of me and my things

Let’s say this key ring is yours and you’ve lost it.

If somebody scans the QR code with their smartphone, they will see a message from you. The message can say whatever you want (such as, “Help! I’ve misplaced these, please call or text me at this number”), and you can update it any time, because the information is in your personal cloud.

You can host your personal cloud yourself, or you can have it hosted elsewhere, such as at SquareTag, the brand name on the tag you see here. SquareTag is a service of Kynetx, the company behind the personal cloud concept. (Disclosure: I’m an advisor to Kynetx.) But you can use anybody’s. SquareTag is not a silo, and Kynetx is not out to trap anybody. Quite the opposite, in fact. Kynetx is out to give you tools to connect to your world of people and things.

Phil Windley is the co-founder of Kynetx and father of the personal cloud concept. In Personal clouds as general purpose computers, Phil says personal clouds are “the successor to the personal computer,” adding, “In the personal-cloud-as-personal-computer model, owners of a cloud control it in the same way they control their computer. They decide what apps to install, what services to engage, and how and where the data is stored.”

Most of the clouds we hear about today are the big centralized kind managed by companies such as Apple, Google and Amazon. Some of these industrial clouds are pure utilities, doing storage and compute work. That’s the case with, say,  Amazon and Rackspace. Nothing wrong with these, just as there is nothing wrong with electrical systems or storage facilities. Other clouds, however, are out to control you and your life — for both your good and theirs. Apple’s iCloud is one example. You can get it only from Apple, and it is not substitutable (as would be, say, a storage facility). In spite of the fact that Apple makes PCs and other personal devices, the company and its iCloud come from an old-school mainframe assumption: that one central server (or service) should contain and control what is done by many different clients. The technical term for this architecture is client-server. The vernacular term is calf-cow. You’re the calf. Apple is the cow. In the calf-cow system, you are always dependent, never fully independent.

With personal clouds you are independent. Your personal cloud is yours alone, to keep track of any thing, person or event in your life — and to manage your interactions with them. Such as, IF my keys are scanned, THEN display this message.

In an interview five years ago with Phil WindleyCraig Burton called every person an “enterprise of one.” In the past several years Phil and other developers (especially his colleagues at Kynetx) have been working on ways not only to make every person into that “enterprise of one” with connections to keep track of and control every thing of theirs as well. They are doing this through a general purpose platform called a personal cloud. You should have one, and so should the things you care about.

The design of the Internet in the first place is one of a boundless variety of end-points, with no central control of what those ends can do. Each is simply an address. Any end can connect with any other end. We have a similar system in the world called conversation. Anybody can talk with anybody else, or shake hands. They can also engage in business, and form relationships that last for moments or years. With personal clouds, things as well as people are brought into the Internet’s conversational and relational end-to-end system.

Take for example your car. Let’s say you put a SquareTag on the dashboard, next to the vehicle ID number. You can set up your car’s personal cloud so that all somebody scanning it sees is that it’s your car (or whatever you choose for it to say). But you can also scan the tag every time you have the car serviced, be taken to the car’s personal cloud, and enter whatever you like about the service event, or click on a private link that takes you (alone) back through your notes on the car’s service history. You can also set it up so the service station or dealer can connect their service records to yours, so when you look in your car’s personal cloud, you can also see those other service records. All you need for doing that are logical connections between the car’s tag cloud and the clouds of the other places where data is kept. With a squaretag, it isn’t necessary for any of your things to be “smart.” Instead the smarts are located in those things’ personal clouds.

There is no limit to what we can do with personal clouds because all of them are by nature independent, just as atoms are independent. And, just as certain kinds of atoms bond well with other kinds of atoms to form molecules, certain kinds of personal clouds (such as those of things we possess) will bond well with other kinds of personal clouds (such as human beings with possessions).

Likewise each of our personal clouds can, by mutual agreement, be social in the true and literal sense of the word — just as we are in the physical world. We won’t need to be social only inside corporate systems like Twitter’s and Facebook’s. There will still be administrative identities in the world (such as the ones on our drivers licenses and in employers’ HR systems), but among our sovereign selves we can choose to identify ourselves any way we wish. (Which others can, of course, accept or not.)

While personal clouds today are programmed with an open source language (KRL, for Kinetic Rules Language), and executed on an open source rules engine, what makes them interoperable are a new open standard: the evented API. Open standards are what allow closed (or open) things to connect and do things with each other. For example, it doesn’t matter whether you are reading this on a Linux, Mac, Windows, iOS or Android device. Open standards make it possible for all those things to communicate with each other.

We are at the earliest stage of where personal clouds will eventually go. What we can say with confidence, however, is that they will some day be the way each of us controls our lives, our personal data, our possessions, and our relationships with each other and our things.

We are born as sovereign beings, yet live in a networked world. The Internet as it was designed in the first place respected that. For most of the last two decades, however, we forgot that and built industrial-age systems that subordinated individual sovereignty and autonomy to the conveniences of large companies and governments. We built systems for capturing and controlling people and their things. There was lots of good stuff that could be done with these systems, but they were done at the expense of liberty and freedom for individuals and their possessions. Personal clouds not only promise that liberty and freedom, but provide the means for accomplishing it.

What we do with personal clouds is up to each of us — and to the countless new businesses that will show up to help out. When they do, you can bet a whole new boom of possibilities will show up too. The difference with this boom, however, is that each of us will be in charge of ourselves and what’s ours. That’s new. And it will never get old.

 

2
Read More