Independence

The dawn of i-commerce

E-commerce is fine, as far as it goes. That is: as far as the seller-based industrial model can take it. Where it doesn’t go is to customer independence and agency.

We will never get either of those as long as everything we can do in online markets is on commercial platforms where others provide all the means of engagement, all the terms and conditions, all the rules, all the privacy, all the prices, all the identities, all the definitions of loyalty, all the choices for everything.

Nothing wrong with any of those, by the way. In fact, they all may be necessary, but still insufficient; because we still need our own means for signaling demand across the whole world of supply, outside of platforms, and not just inside of them.

Back in the physical world, we have a good model for full customer independence and agency: all the open places—main streets, crossroads, byways—where natural markets thrive and all of us have our own wallets, cash, credit and choices of ways to browse, inform, identify ourselves (or not), express loyalty, negotiate prices, form agreements, keep records, and not be tracked like marked animals.

The Internet, as a peer-to-peer, end-to-end environment, should support marketplaces where we are fully independent and operate as free agents without fear of surveillance or unwanted control by others, just like we’ve long enjoyed in the physical world.

When we have those marketplaces online, they will comprise a new category of commerce. Our name for that category is i-commerce

It’s also what we expect the Intention Byway to bring into the world, starting with geographical and topical communities, each a commons of customers—and of companies ready to engage with independent customers. As we scaffold that up, we expect an intention economy to emerge.

That doesn’t mean e-commerce will go away. It does mean making i-commerce is a worthy and challenging prospect, and it’s our job to help make that happen.

0
Read More

A New Way

We need new ways for demand to signal supply in the marketplace—ways that keep each of us private and work at scale. Like this:

So we’d like to introduce one. It’s called the Intention Byway. It’s the brain-baby of our CTO, Hadrian Zbarcea, and is informed by his ample experience with the Apache Software Foundation, SWIFT, the FAA and other enterprises large and small.

In this model, the byway is the path along which messages signaling intent travel between individuals and companies (or anyone), each of which has a simple computer called an intentron, which sends and receives those messages, and also executes code for the owner’s purposes as a participant in the open marketplace the Internet was designed to support.

As computers (which can be physical or virtual), intentrons run apps that can come from any source in the free and open marketplace, and not just from app stores of controlling giants such as Apple and Google. These apps can run algorithms that belong to you, and can make useful sense of your own data. (For example, data about finances, health, fitness, property, purchase history, subscriptions, contacts, calendar entries—all those things that are currently silo’d or ignored by silo builders that want to trap you inside their proprietary systems.) The same apps also don’t need to be large. Early prototypes have less than 100 lines of code.

Messages called intentcasts can be sent from intentrons to markets on the pub-sub model, through the byway, which is asynchronous, similar to email in the online world and package or mail forwarding in the offline world. Subscribers on the sell side will be listening for signals from markets for anything. Name a topic, and there’s something to subscribe to. Intentcasts on the customers’ side are addressed to markets by topical name. Responsibilities along the way are handled by messaging and addressing authorities. Addresses themselves are URNs, or Uniform Resource Names.

These are some businesses that can thrive along the Intention Byway:

  • Intentron makers
  • Intentron sellers
  • App makers
  • App sellers (or stores)
  • Addressing authorities
  • Messaging service
  • CDNs to temporarily hold larger data chunks

—in addition to sellers looking for better signals from the demand side of the market than surveillance-based guesswork can begin to equal.

We are not looking to boil an ocean here (though we do see our strategy as a blue one). The markets first energized by the promise of this model are local and vertical. Real estate in Boston and farm-to-table in Michigan are the two we featured on VRM/CuCo Day and in all three days of the Internet Identity Workshop, which all took place last week. We also plan to prototype and research the effects of both the Intentron and the Byway in Bloomington, Indiana, in cooperation with the Ostrom Workshop of Indiana University there (where Joyce and I are visiting scholars).

We also see the Intention Byway as complementary to, rather than competitive with, developments with similar ambitions, such as SSI, DIDcomm, picos, and JLINC. Once we take off our browser blinders, a gigantic space for new e-commerce development appears. All of those, and many more, will have work to do in it.

So stay tuned for more about life after cookies—and outside the same old bakery.


*Specifically, a “data controller” is “a legal or natural person, an agency, a public authority, or any other body who, alone or when joined with others, determines the purposes of any personal data and the means of processing it.”

While this seems to say that any one of us can be a data controller, that was not what the authors of the GDPR had in mind. They only wanted to maximize the width of the category to include solo operators, rather than to include the individual from whom personal data is collected. (Read what follows from that last link to see what I mean.) Still, this is a loophole through which personal agency can move, because (says the GDPR) the “data subject” whose rights the GDPR protects, is a “natural person.”

2
Read More

What’s a Good Customer?

For awhile the subhead for our site was,

How good customers work with good companies

It’s still a timely thing to say, since searches on Google for “good customer” are at an all-time high:

 

The year 2004 was when Google began keeping track of search trends. It was also the year “good customer” hit at an all-time high in percentage of appearances in books Google scanned*:

So, What exactly is a “good customer?”

The answer depends on the size of the business, and how well people or systems in the business know a customer. For a small business, a good customer is a person known by face and name to people who work there, and who has earned a welcome. For a big business, it’s a customer known to spend more than other customers.

In all the cases we’re talking about here, the perspective is the company’s, not the customer’s. If you do a Bing or a Google search for “good customer,” most of the results will be for good customer + service. If you put quotes around “good customer” on either search engine and also The Markup’s Simple Search (which brings to the top “traditional” results not influenced by those engines’ promotional imperatives), your top result will be Paul Jun’s How to be a good customer post on Help Scout. That one offers “tips on how to be a customer that companies love.” Likewise with Are You a Good Customer? Or Not.: Are you Tippin’ or Trippin’? by Janet Vaughan, one of the top results in a search for “good customer” at Amazon. That one is as much a complaint about bad customers as it is advice for customers who aspire to be good. Again, the perspective is a corporate one: either “be nice” or “here’s how to be nice.”

But what if customers can be good in ways that don’t involve paying a lot, showing up frequently and being nice?

For example, what if customers were good sources of intelligence about how companies and their products work—outside current systems meant to minimize exposure to customer input and to restrict that input to the smallest number of variables? (The worst of which is the typical survey that wants to know only how the customer was treated by the agent, rather than by the system behind the agent.)

Consider the fact that a customer’s experience with a product or service is far more rich, persistent and informative than the company’s experience selling those things, or learning about their use only through customer service calls (or even through pre-installed surveillance systems such as those which for years now have been coming in new cars).

The curb weight of customer intelligence (knowledge, knowhow, experience) with a company’s products and services far outweighs whatever the company can know or guess at. What if that intelligence were to be made available by the customer, independently, and in standard ways that worked at scale across many or all of the companies the customer deals with?

At ProjectVRM (of Harvard’s Berkman Klein Center, and out of which Customer Commons was spun), this has been a consideration from the start. Turning the customer journey into a virtuous cycle explores how much more the customer knows on the “own” side of what marketers call the “customer life journey”†:

Given who much more time a customer spends owning something than buying it, the right side of that graphic is actually huge.

I wrote that piece in July 2013, alongside another that asked, Which CRM companies are ready to dance with VRM? In the comments below, Ray Wang, the Founder, Chairman and Principal Analyst at Constellation Research, provided a simple answer: “They aren’t ready. They live in a world of transactions.”

Yet signals between computing systems are also transactional. The surveillance system in your new car is already transacting intelligence about your driving with the company that made the car, plus its third parties (e.g. insurance companies). Now, what if you could, when you wish, share notes or questions about your experience as a driver? For example—

  • How there is a risk that something pointed and set in the trunk can easily puncture the rear bass speaker screwed into the trunk’s roof and is otherwise unprotected
  • How some of the dashboard readouts could be improved
  • How coins or pens dropped next to the console between the front seats risk disappearing to who-knows-where
  • How you really like the way your headlights angle to look toward bends in the road

We also visited what could be done in How a real customer relationship ought to work in 2014 and in Market intelligence that flows both ways in 2016. In that one we use the example of my experience with a pair of Lamo moccasins that gradually lost their soles, but not their souls (I still have and love them):

By giving these things a pico (a digital twin of itself, or what we might call internet-of-thing-ness without onboard smarts), it is not hard to conceive a conduit through which reports of experience might flow from customer to company, while words of advice, reassurance or whatever might flow back in the other direction:

That’s transactional, but it also makes for a far better relationship that what today’s CRM systems alone can imagine.

It also enlarges what “good customer” means. It’s just one way how, as it says at the top, good customers can work with good companies.

Something we’ve noticed in Pandemic Time is that both customers and companies are looking for better ways to get along, and throwing out old norms right and left. (Such as, on the corporate side, needing to work in an office when the work can also be done at home.)

We’ll be vetting some of those ways at VRM/CuCo Day, Monday 19 April. That’s the day before the Internet Identity Workshop, where many of us will be talking and working on bringing ideas like these to market. The first is free, and the second is cheap considering it’s three days long and the most leveraged conference of any kind I have ever known. See you there.


*Google continued scanning books after that time, but the methods differed, and some results are often odd. (For example, if your search goes to 2019, the last year they cover, the  results start dropping in 2009, hit zero in 2012 and stay at zero after that—which is clearly wrong as well as odd.)

†This graphic, and the whole concept, are inventions of Estaban Kolsky, one of the world’s great marketing minds. By the way, Estaban introduced the concept here in 2010, calling it “the experience continuum.” The graphic above comes from a since-vanished page at Oracle.

0
Read More

Beyond E-commerce

Phil Windley explains e-commerce 1.0  in a single slide that says this:

One reason this happened is that client-server, aka calf-cow  (illustrated in Thinking outside the browser) has been the default format for all relationships on the Web, and cookies were required to maintain those relationships. Which really aren’t. Here’s why:

  1. The calves in these relationship have no easy way even to find  (much less to understand or create) the cookies in their browsers’ jars.
  2. The calves have no real identity of their own, but instead have as many different identities as there are websites that know (via cookies) their visiting browsers. This gives them no independence, much less a place to stand like Archimedes, with a lever on the world. The browser may be a great tool, but it’s neither that place to stand, nor a sufficient lever.
  3. All the “agreements” the calves have with the websites’ cows, whose terms the calves have “accepted” with one click, or adjusted with some number of additional clicks, leave no readable record on the calves’ side. This severely limits their capacity to argue or dispute, which are requirements for a true relationship.
  4. There exists no independent way individuals can signal their intentions—such as interests in purchase, conditions for engagement, or the need to be left alone (which is how Brandeis and Warren define privacy). As a calf, the browser can’t do that.

In other words, the best we can do in e-commerce 1.0 is what the calf-cow system allows. And that’s to depend utterly on the operators of websites—and especially of giant retailers (led by Amazon) and intermediaries (primarily Google and Facebook).

Nearly all of signaling between demand and supply remains trapped inside these silos and walled gardens. We search inside their systems, we are notified of product and service availability inside their systems, we make agreements inside their systems (to terms and conditions they provide and require), or privacy is dependent on their systems, and product and service delivery is handled either inside their systems or through allied and dependent systems.

Credit where due: an enormous amount of good has come out of these systems. But a far larger amount of good is MLOTT—money left on the table—because there is a boundless sum and variety of demand and supply that still cannot easily signal their interest, intentions of presence to each other in the digital world.

Putting that money on the table is the job of e-commerce 2.0—or whatever else we call it.

[Later… We have a suggestion.)


Cross-posted at the ProjectVRM blog, here.

0
Read More

Thinking Outside the Browser

Even if you’re on a phone, chances are you’re reading this in a browser.

Chances are also that most of what you do online is through a browser.

Hell, many—maybe even most—of the apps you use on your phone use the Webkit browser engine. Meaning they’re browsers too.

And, of course, I’m writing this in a browser.

Two problems with this:

  1. Browsers are clients, which are by design subordinate to servers.
  2. There is a lot that can’t be done with a browser.

So let’s start with subordination.

While the Internet at its base is a word-wide collection of peers, the Web that runs on it is a collection of servers to which we are mere clients. That’s because the Web was was built on an old mainframe model of computing called client-server. This is actually more of a calf-cow arrangement than a peer-to-peer one:

So, while we “go to” or “visit” a website, we actually don’t go anywhere. Instead we request a file. Even when you’re watching or listening to a stream, what’s actually happening is a file unfurling itself into your browser.

What you expect when you go to a website is typically the file called a page. You also expect that page will bring a payload of other files providing graphics, video clips or whatever. You might also expect the site to remember that you’ve been there before, or that you’re a subscriber to the site’s services.

You may also understand that the site remembers you because your browser carries a “cookie” the site put there, to helps the site remember what’s called “state,” so the browser and the site can renew their acquaintance. This is what Lou Montulli  meant the cookie to do when he invented it in 1994. Lou thought it up because the client-server design puts most agency on the server side, and in the dial-up world of the time, that made the most sense.

Alas, even though we now live in a world where there can be boundless intelligence on the individual’s side, and there is far more capacious communication bandwidth between network nodes, damn near everyone continues to presume a near-absolute power asymmetry between clients and servers, calves and cows, people and sites. It’s also why today when you go to a site and it asks you to accept its use of cookies, something unknown to you (presumably—you can’t tell) remembers that “agreement” and its settings, and you don’t—even though there is no reason why you shouldn’t or couldn’t. It doesn’t even occur to the inventors and maintainers of cookie acceptance systems that a mere “user” should have any way to record, revisit or audit the “agreement.” All they want is what the law now requires of them: your “consent.”

This near-absolute power asymmetry between the Web’s calves and cows is also why you typically get a vast payload of spyware when your browser simply asks to see whatever it is you actually want from the website.  To see how big that payload can be, I highly recommend a tool called PageXray, from Fou Analytics, run by Dr. Augustine Fou (aka @acfou). For a test run, try PageXray on the Daily Mail’s U.S. home page, and you’ll see that you’re also getting this huge payload of stuff you didn’t ask for:

Adserver Requests: 756
Tracking Requests: 492
Other Requests: 184

The visualization looks like this:

This is how, as Richard Whitt perfectly puts it, “the browser is actually browsing us.”

All those requests, most of which are for personal data of some kind, come in the form of cookies and similar files. The visual above shows how information about you fans out to a near countless number of third parties and dependents on those. And, while these cookies are stored by your browser, they are meant to be readable only by the server or one or more of its third parties.

This is the icky heart of the e-commerce “ecosystem” today.

By the way, and to be fair, two of the browsers in the graphic above—Epic and Tor—by default disclose as little as possible about you and your equipment to the sites you visit. Others have privacy features and settings. But getting past the whole calf-cow system is the real problem we need to solve.

Now let’s look at what can’t be done with a browser. If you think the answer is nothing, you’re stuck inside the browser box. If you think the answer is something, tell us what it is.

We have some ideas. But first we’d like to hear from you.


Cross-posted at the ProjectVRM blog, here.

0
Read More

Just in case you feel safe with Twitter

twitter bird with crosshairs

Just got a press release by email from David Rosen (@firstpersonpol) of the Public Citizen press office. The headline says “Historic Grindr Fine Shows Need for FTC Enforcement Action.” The same release is also a post in the news section of the Public Citizen website. This is it:

WASHINGTON, D.C. – The Norwegian Data Protection Agency today fined Grindr $11.7 million following a Jan. 2020 report that the dating app systematically violates users’ privacy. Public Citizen asked the Federal Trade Commission (FTC) and state attorneys general to investigate Grindr and other popular dating apps, but the agency has yet to take action. Burcu Kilic, digital rights program director for Public Citizen, released the following statement:

“Fining Grindr for systematic privacy violations is a historic decision under Europe’s GDPR (General Data Protection Regulation), and a strong signal to the AdTech ecosystem that business-as-usual is over. The question now is when the FTC will take similar action and bring U.S. regulatory enforcement in line with those in the rest of the world.

“Every day, millions of Americans share their most intimate personal details on apps like Grindr, upload personal photos, and reveal their sexual and religious identities. But these apps and online services spy on people, collect vast amounts of personal data and share it with third parties without people’s knowledge. We need to regulate them now, before it’s too late.”

The first link goes to Grindr is fined $11.7 million under European privacy law, by Natasha Singer (@NatashaNYT) and Aaron Krolik. (This @AaronKrolik? If so, hi. If not, sorry. This is a blog. I can edit it.) The second link goes to a Public Citizen post titled Popular Dating, Health Apps Violate Privacy

In the emailed press release, the text is the same, but the links are not. The first is this:

https://default.salsalabs.org/T72ca980d-0c9b-45da-88fb-d8c1cf8716ac/25218e76-a235-4500-bc2b-d0f337c722d4

The second is this:

https://default.salsalabs.org/Tc66c3800-58c1-4083-bdd1-8e730c1c4221/25218e76-a235-4500-bc2b-d0f337c722d4

Why are they not simple and direct URLs? And who is salsalabs.org?

You won’t find anything at that link, or by running a whois on it. But I do see there is a salsalabs.com, which has  “SmartEngagement Technology” that “combines CRM and nonprofit engagement software with embedded best practices, machine learning, and world-class education and support.” since Public Citizen is a nonprofit, I suppose it’s getting some “smart engagement” of some kind with these links. PrivacyBadger tells me Salsalabs.com has 14 potential trackers, including static.ads.twitter.com.

My point here is that we, as clickers on those links, have at best a suspicion about what’s going on: perhaps that the link is being used to tell Public Citizen that we’ve clicked on the link… and likely also to help target us with messages of some sort. But we really don’t know.

And, speaking of not knowing, Natasha and Aaron’s New York Times story begins with this:

The Norwegian Data Protection Authority said on Monday that it would fine Grindr, the world’s most popular gay dating app, 100 million Norwegian kroner, or about $11.7 million, for illegally disclosing private details about its users to advertising companies.

The agency said the app had transmitted users’ precise locations, user-tracking codes and the app’s name to at least five advertising companies, essentially tagging individuals as L.G.B.T.Q. without obtaining their explicit consent, in violation of European data protection law. Grindr shared users’ private details with, among other companies, MoPub, Twitter’s mobile advertising platform, which may in turn share data with more than 100 partners, according to the agency’s ruling.

Before this, I had never heard of MoPub. In fact, I had always assumed that Twitter’s privacy policy either limited or forbid the company from leaking out personal information to advertisers or other entities. Here’s how its Private Information Policy Overview begins:

You may not publish or post other people’s private information without their express authorization and permission. We also prohibit threatening to expose private information or incentivizing others to do so.

Sharing someone’s private information online without their permission, sometimes called doxxing, is a breach of their privacy and of the Twitter Rules. Sharing private information can pose serious safety and security risks for those affected and can lead to physical, emotional, and financial hardship.

On the MoPub site, however, it says this:

MoPub, a Twitter company, provides monetization solutions for mobile app publishers and developers around the globe.

Our flexible network mediation solution, leading mobile programmatic exchange, and years of expertise in mobile app advertising mean publishers trust us to help them maximize their ad revenue and control their user experience.

The Norwegian DPA apparently finds a conflict between the former and the latter—or at least in the way the latter was used by Grinder (since they didn’t fine Twitter).

To be fair, Grindr and Twitter may not agree with the Norwegian DPA. Regardless of their opinion, however, by this point in history we should have no faith that any company will protect our privacy online. Violating personal privacy is just too easy to do, to rationalize, and to make money at.

To start truly facing this problem, we need start with a simple fact: If your privacy is in the hands of others alone, you don’t have any. Getting promises from others not to stare at your naked self isn’t the same as clothing. Getting promises not to walk into your house or look in your windows is not the same as having locks and curtains.

In the absence of personal clothing and shelter online, or working ways to signal intentions about one’s privacy, the hands of others alone is all we’ve got. And it doesn’t work. Nor do privacy laws, especially when enforcement is still so rare and scattered.

Really, to potential violators like Grindr and Twitter/MoPub, enforcement actions like this one by the Norwegian DPA are at most a little discouraging. The effect on our experience of exposure is still nil. We are exposed everywhere, all the time, and we know it. At best we just hope nothing bad happens.

The only way to fix this problem is with the digital equivalent of clothing, locks, curtains, ways to signal what’s okay and what’s not—and to get firm agreements from others about how our privacy will be respected.

At Customer Commons, we’re starting with signaling, specifically with first party terms that you and I can proffer and sites and services can accept.

The first is called P2B1, aka #NoStalking. It says “Just give me ads not based on tracking me.” It’s a term any browser (or other tool) can proffer and any site or service can accept—and any privacy-respecting website or service should welcome.

Making this kind of agreement work is also being addressed by IEEE7012, a working group on machine-readable personal privacy terms.

Now we’re looking for sites and services willing to accept those terms. How about it, Twitter, New York Times, Grindr and Public Citizen? Or anybody.

DM us at @CustomerCommons and we’ll get going on it.

 

0
Read More

We need a Theia

Theia

Some prophesies come true.

For example, Shoshana Zuboff’s third law: In the absence of countervailing restrictions and sanctions, every digital application that can be used for surveillance and control will be used for surveillance and control, irrespective of its originating intention.

She forecast that in 1989, with In the Age of the Smart Machine. Then she reported on its effects in 2018, with The Age of Surveillance Capitalism.

The business model of surveillance capitalism is tracking-based advertising, which the trade calls adtech. It works by spying on individuals using social media, and by placing tracking beacons in people’s browsers and apps. In social media, the idea is to drive up “engagement.” In browsers and apps, the idea is to use surveilled personal information to aim ads.

As a direct result of adtech, bulwarks of civilization, such as democracy and journalism, are being weakened or destroyed by algorithmically-driven tribalization and and other engaging but icky human tendencies. Also, by funding the spread of false (but engaging!) information during a pandemic, adtech has contributed to the deaths of countless people.

All just so we can be advertised at. Personally.

Facebook and Google are easy to blame, but in fact the whole adtech fecosystem is a four-dimensional shell game with thousands of players. It’s also so thick with complex data markets and data movements that there is also no limit to the number and variety of vectors for fraud, malware and spying by spooks, criminals, political operatives and other bad actors. It’s a dark world where anyone can create or steal mindshare, hack beliefs and opinions, sow doubt, spread hate, turn friends and families against each other, drive otherwise calm people into mobs and violence—all while journalism and democracy fail to restrict or sanction the cause. Take away adtech and most of that shit doesn’t happen.

So, what to do?

Allowing people to opt out of tracking on a site-by-site, service-by-service and app-by-app basis—the “system” we have now—only makes things worse.

Opt-in might seem like a better approach, except it can’t work: not when it looks and works differently for every person for every site, service and app—and when we each still have to agree, in every case, to unfriendly 10,000-word terms and privacy policies obviously designed to screw us and protect them.

And yes, it might be nice to try out a system by which a person might request tracking. But that will only work if sites, services and apps agree to that person’s own terms and privacy policies, and both sides have their own system for keeping records of agreements and means for auditing compliance. But why start there when in the meanwhile civilization is being trashed by adtech?

Defenders of adtech say it funds the “free Web,” free search and other graces of life on the Internet. But that’s like saying billboards give us gravity and shopping malls give us sunlight. Also, most of the money Google makes is from search advertising, nearly all of which is driven by context (the search terms themselves) rather than by surveillance-based assumptions about the person doing the search. If you search for mattress sellers in your town, your search terms are far more useful than whatever else it is that Google’s robots might know about you by having followed your ass all over the place.

Fact is, every business on the Internet can live just fine without adtech, except perhaps for adtech. Including every publisher out there.

It’s still early, folks. If digital technology is going to be with us for unforeseeable decades, centuries or millennia, that means our Digital Age is roughly about as far along as Earth was when it got clobbered by another planet called Theia, 4.5 billion years ago.

Humans weren’t here to watch, but it now seems likely (at least to science) that we owe to Theia our water, our days and nights, our seasons, and our Moon. Could be we have none of those yet here on Digital Earth.

Perspective: 4.5 billion years may seem like a long time, especially when you consider that it’s more than a third the age of the Universe, which came into existence about 13.8 billion years ago; but neither span seems very long when you also consider that the Universe will last another trillion years or more. Meaning the Universe is just a startup.

So: what’s our Theia?

To answer that, it will help to look at what has failed so far.

Let’s start with Do Not Track. Conceived in 2007 by Sid Stamm, Chris Saghoian and Dan Kaminsky, Do Not Track was just a polite request not to be tracked away from a visited website. Here in the physical world, we send a similar request when we wear clothing to conceal the private parts of our bodies, when we draw curtains across the windows in our homes, or when we walk out of a building in faith that nobody will follow us.

But, in the absence of manners and norms for respecting privacy in the dawning years of the Internet, it was easy for the Interactive Advertising Bureau (IAB), adtech’s trade association, to rally the whole online advertising business, including its dependents in online publishing, into ignoring Do Not Track. Even the major browser makers were cowed into compliance, in effect working for sites and services rather than for you and me. (At the W3C, the Web’s standards body. Do Not Track was even re-branded Tracking Preference Expression.)

After that happened in 2013, people took matters into their own hands, turning ad blocking into the biggest boycott in human history by 2015.

But even that wasn’t enough, because the adtech industry fought ad blockers too—and still do. (They also never got the signal that people who block ads might be worth more as customers than those who don’t.)

Then came the GDPR in Europe and the CCPA in California, which arrived in 2018 and 2020, respectively. Alas, both have thus far proven better at adding friction to the browsing experience (with those annoying opt-out roadblocks on the front pages of most websites, and which all of us know damn well are almost all about screwing us) than at stopping tracking itself.

To see how bad tracking still is, in massive spite of the GDPR and the CCPA, check out Blacklight (by The Markup) and PageXray (by Fou Analytics).  Surveillance Capitalism remains the norm.

Finally, there are the privacy browsers: Brave, Epic and Tor. While these each provide privacy protection (as do, in different ways, Safari, Firefox and tweaks on Chrome), none are a Theia. Not yet, anyway. Because adtech is still here

What will make our digital world economy inhabitable by real human customers, and mere “users,” “data subjects,” “consumers” other labels given them by marketing, the tech industry and regulators who can’t imagine a customer operating at full agency., much less an Intention Economy that grows around that agency, much as life grew around a planet with days, nights, seasons and water.

Whatever form our Theia takes, it needs to support solutions to market problems that only customers can provide.  Is it one or more of the solutions listed at that link? Or is it something completely new?

One thing is clear, however—at least to me. It has to blow up adtech.


Image Credit: NASA/JPL-Caltech

 

0
Read More

Going #Faceless

Facial recognition by entities other than people and their pets has gotten out of control.

Thanks to ubiquitous surveillance systems, including the ones in our own phones, we can no longer assume we are anonymous in public places or private in private ones. This became especially clear a few weeks ago when Kashmir Hill (@kashhill) reported in the New York Times that a company called Clearview.ai “invented a tool that could end your ability to walk down the street anonymously, and provided it to hundreds of law enforcement agencies, ranging from local cops in Florida to the F.B.I. and the Department of Homeland Security.”

If your face has ever appeared anywhere online, it’s a sure bet to assume that you are not faceless to any of those systems. Clearview, Kashmir says, has “a database of more than three billion images” from “Facebook, YouTube, Venmo and millions of other websites ” and “goes far beyond anything ever constructed by the United States government or Silicon Valley giants.”

Among law enforcement communities, only New Jersey’s has started to back off on using Clearview.

And Clearview is just one company. Laws will also take years to catch up with developments in facial recognition, or to get ahead of them, if they ever can. And let’s face it: government interests are highly conflicted here. Intelligence and law enforcement agencies’ need to know all they can is at extreme odds with our need, as human beings, to assume we enjoy at least some freedom from being known by God-knows-what, everywhere we go.

Personal privacy is the heart of civilized life, and beats strongest in democratic societies. It’s not up for “debate” between companies and governments, or political factions. Loss of privacy is a problem that affects each of us, and requires action by each of us as well.

A generation ago, when the Internet was still new to us, four guys (I was one of them) nailed a document called The Cluetrain Manifesto to a door on the Web. It said,

We are not seats or eyeballs or end users or consumers. We are human beings and our reach exceeds your grasp. Deal with it.

Since then their grasp has exceeded our reach. And now they’ve gone too far, grabbing even our faces, everywhere we go.

Enough.

Now it’s time for our reach to exceed their grasp.

Now it’s time, finally, to make them  deal with it.

We need to do that as individuals, and as a society.

Here’s a three-part plan for that.

First, use image above, or one like it, as a your personal avatar, including your Facebook, Twitter or Whatever profile picture. Here’s one that’s favicon size:

 

Second, sign the Get Out Of My Face (#GOOMF) petition, here.  (With enough of us on it, this will work.)

Here at Customer Commons, we have some good ideas, but there are certainly others among the billions of us whose privacy is at stake.

We should discuss this, using the hashtag #faceless. Do that wherever you like.

Here’s a rule to guide both discussion and development:

No complaining. No blaming.

That stuff goes nowhere and wastes energy. Instead we need useful and constructive ideas toward what we can do—each of us, alone and together—to secure, protect and signal our privacy needs and intentions in the world, in ways others can recognize and respect.

We have those in the natural world. We don’t yet in the digital one. So let’s invent them.

 

 

0
Read More

Customers as a Third Force

Almost all arguments in economics are advanced by two almost opposed positions, each walled into the castles of their ideologies, both insisting that their side has the solutions and the other side causes the problems—while meanwhile between the two flows a river of customers who, if they could be heard, and could participate with more than their cash, would have solutions of their own.

Customer Commons’s job is giving those customers full agency for dealing with both the businesses and governments of the world, and in the process proving that free customers are more valuable—to themselves and the businesses of the world—than captive (or tracked) ones.

It’s a long fight, dating back to the personal agency we lost when industry won the industrial revolution. And it’s one we continue to lose, in many ways, through these early decades of the digital revolution.

If it weren’t losing, we wouldn’t have books such as Shoshana Zuboff‘s In the Age of Surveillance Capitalism, Brett Frischmann and Evan Sellinger‘s Re-Engineering Humanity, Jaron Lanier,’s You are Not a Gadget (and pretty much everything else he’s written), plus what Nicholas Carr, David Weinberger, and many others have been saying for years.

The problem with most of what’s been written so far is that it assumes customers will remain victims unless companies or governments (and mostly the latter) rescue them. There is little sense that customers can also bring solutions to the market—ones that are good for every party involved.

One notable exception is Brett and Evan’s book, mentioned above, which closes with a hopeful nod toward some of our work here at Customer Commons:

Doc Searls and his colleagues at Customer Commons have been working for years on standardized terms for customers to use in managing their relationships with websites and other vendors… [his] dream of customers systematically using contract and related tools to manage their relationships with vendors now seems feasible. It could be an important first step toward flipping the scientific-management-of-consumers script we’ve become so accustomed to.”

My own work here started with Linux Journal in 1994, and gained some notoriety with The Cluetrain Manifesto (co-written with David Weinberger, Christopher Locke and Rick Levine) in 1999. Then, after notoriety didn’t seem to be working, I launched ProjectVRM at Harvard’s Berkman Klein Center in 2006, and in 2012spun out Customer Commons, which since then has quietly been developing on the personal data usage terms Brett and Evan mentioned above.

These are terms that each of us can proffer, and which the businesses of the world can agree to—as an alternative to the reverse, which has become a bane of online existence, alas made worse by normalization of insincere and misleading cookie notices on the Web, caused by (what we regard as a misreading of) the GDPR: a sad example of policy failing to fix a market problem. (So far. In another post we’ll visit ways the GDPR and California’s CCPA might actually help.)

The term third force has multiple uses already, the most common of which seem especially relevant our work here:

  •  “A group of people or nations that mediates between two opposed groups…” —  Free Dictionary
  • (A humanistic psychology that) focuses on inner needs, happiness, fulfillment, the search for identity, and other distinctly human concerns. Psychology: An Introduction, by Russell A. Dewey, PhD

Since customers and citizens are opposed to neither business nor government, but constantly look for positive outcomes in their dealings and relationships with both, third force works.

— Doc Searls

 

0
Read More

Let’s make May 25th Privmas Day

25 May is when the GDPR—the General Data Protection Regulation—went into effect. Finally, our need for privacy online has legal backing strong enough to shake the foundations of surveillance capitalism, and maybe even drop it to the ground—with our help.

This calls for a celebration. In fact, many of them. Every year.

So let’s call 25 May Privmas Day. Hashtag: #Privmas.

And, to celebrate our inaugural Privmas let’s make a movement out of blocking third party cookies, since most of the spying on us starts there. Let’s call it #NoMore3rds.

Turning off third party cookies is easy. Here’s our guide, for six different browsers.

There is much more we can do. But let’s start with #NoMore3rds, and give us all something to celebrate.

 

0
Read More