Google has an ad program on YouTube that let’s users skip ads and they are now extending it to other ad formats.

Even though it is the same old advertising game–something that could use some fixing–what’s impressive is that with the ad-skipping feature Google saw “a 40 percent reduction in the number of people who click away from a video when shown a pre-roll” ad.

It’s real-world proof that a free customer is more valuable than a captive one. Give people the freedom to leave and more will stay than if you had forced the issue.

I’ve done this myself. Initially, I was ready to leave the page because the content didn’t seem worth the extra delay of the ad. But then I see that if I wait just a few seconds, I can click past it. Not only does the ability to click past keep me from just abandoning the video altogether, but in a few instances the opening bit was funny or intriguing or just interesting enough for me to want to see the rest of the ad.

It’s a brilliant example of how giving people the freedom to leave can actually keep them around more.

The details of what happens with the information we share is often hidden behind long, complicated legal agreements that almost no one reads. If we’re lucky, they are explained in Terms of Service and Privacy Policy documents, sometimes buried out of view, other times forced on us like ransom notes forcing us to state our compliance or leave the site.

It doesn’t have to be that way.

Today, at the Internet Identity Workshop, we officially launch the Standard Information Sharing Label, which makes it easy for websites to say in simple, consistent language what they do with our information, making it easier for individuals to make better decisions about the information we share online.

The Information Sharing Work Group has published a draft specification defining the Standard Label as well as a Kickstarter project to finance its graphic design.

The Kickstarter has a brief video explaining the effort. The official press release is here.

The work is free to use and open to collaborators.

In all my years contributing to the VRM conversation, few projects have made me as proud as I am of the work behind the Standard Label.

Check it out. If you like it, please spread the word and consider chipping into help take this work to the next level.

For example, firewalls imply that once you’re in the network, you’re trusted. It’s baked into the framing of the problem. Similarly, Trust Frameworks assume that once you are in the Framework, you’re trusted (although you could build a framework that is dynamic). Even a user directed approach like Facebook Connect assumes that once you click “allow”, you trust that website to use your information appropriately, essentially forever… even if you revoke that permission later.

Trust isn’t broad-based and it isn’t static. It is directed and dynamic.

Think about it. We don’t trust our accountant to babysit and we don’t trust our babysitter with our finances. Trust is given for specific purposes and in specific contexts and it changes as quickly as we can fire that babysitter.

We trust the receptionist at the doctor’s office with our written medical histories because he is behind the counter, apparently employed by the doctor who needs that information to do her job.  We trust the bartender with our credit card because she’s behind the bar serving drinks and we accept that it will be kept safe and not used until we close out the bill.  But we wouldn’t give that receptionist our medical history if we met him in a bar later that evening, and we wouldn’t give that bartender our credit card if we met her as a fellow patient in the doctor’s office the next day.

We trust people to do specific things—or not to do certain other things—and that trust is based on the context in which we give it and the state of our relationship with the trusted party.

That means that just like our relationships, trust changes over time. Trust systems need ways to discover that trust should change and allow for that change to be managed. Reagan put it perfectly, “Trust but verify.”

When verification fails, trust changes.

Whether it’s a romantic partner, a subcontractor, a company, or top-secret agent, trust is granted incrementally. When it is lost, it is often destroyed.

Incremental trust happens all the time. We don’t like logging in just to view a web page, but we don’t mind it to see confidential information like order history. We aren’t comfortable giving our credit card just to enter a store–the relationship isn’t ready for that yet–but we don’t mind once we start the check out process.

When we lose trust, we sometimes throw the jerks out on the street. Betrayal is an unfortunate fact of life; it also has great significance to how we handle online trust. How do we “break up” with service providers? Revoking consent and demanding our data purged is an obvious need, but one that is often obscured or impossible.  As our relationships change, our trust changes. Yet our digital trust models mostly don’t.

Online trust models assume that trust is binary, broad, and stable—that you either have it or you don’t—for one simple reason: because it’s easy to implement.

When we log into a website with Facebook Connect, Facebook verifies that we want to share information with the website. However, there is no way for us to modify the permissions. We can’t say what use is allowed and what isn’t. We can’t pick and choose which data they get. We can’t ask for additional consideration. And we can’t put a time limit on access. Facebook’s interface presumes all-or-nothing and forever, for anything. But what we’d really like is something like this:

“You can write to my wall, but only for messages I explicitly approve. You can have my email address but only for account maintenance, not for “special offers” from you or your associates. You can’t have access to my home address. You can use the photos tagged “public” for one month after I post them, but I want a revenue share from any money you make from them. Ask me another time about reading my inbox.”

In order for our trust model to support transactions like this, it needs to be specific and flexible. It should not only let us direct our trust to specific purposes, it should make it easy to moderate that trust as our relationships evolve.

Lawrence Lessig famously said “Code is Law“. Trust models like Facebook’s, and the code behind it, make it nearly impossible for sites to allow the kind of user-driven permissions we need. While our relationships evolve, the current platforms are actually too brittle for developers to implement flexible, user-respecting approaches to privacy and permission unless they are willing to jump through hoops and hack around arbitrary technical limitations.  We need a new code base that actually makes it easy for developers to do the right thing, rather than code that enshrines restrictive and disempowering practices as strongly as if the law made it mandatory.

Because the one thing I know is that tomorrow will be different, and the harder it is for developers to support changing relationships, the harder it is for the entire ecosystem to respond to changing needs.

In short:

Stop the monolithic permissioning ceremonies!

Trust evolves.

Deal with it.

Until we do, online trust will remain brittle and untenable for our most important, powerful, and profitable relationships.

Normally, I wouldn’t nitpick about this, but there are two key domains where this is vital and I’m knee deep in both: contracts and platforms.

Doc said:

Like, is the customer always the first party and the vendor the second party?

Well, no. So, some clarification.

First and second parties are like the first and second person voices in speech. The person speaking is the first person, and uses the first person voice (I, me, mine, myself). The person being addressed is the second person, and is addressed in the second person voice (you, your, yourself).

And

To sum it up, third parties mostly assist vendors. That is, they show up as helpers to vendors.

The first point is great, and if you continue this further (and make the leap from parties to data providers), you get something like this:

The ownership of “your” and “my” data is usually clear. However, ownership of the different types of “our” data is a challenge at best.  To complicate matters further, every instance of “my data” is somebody else’s “your data”. In every case, there is this mutually reciprocal relationship between us and them. In the VRM case, we usually think of the individual as owning “my data” and the vendor as owning “your data”, but for the vendor, the reverse is true: to them their data is “my data” and the individual’s data is “your data”. Similar dynamics occur when the other party is an individual. I bring my data, you bring your data, and together we’ll engage with “our” data. We need an approach that respects and applies to everyone’s data, you, me, them, everybody..

Which is from my post on data ownership. The trick is that 1st party and 2nd party perspectives are symmetrical.  We are their 2nd party and they are their 1st party. Whatever solution we come up with in the VRM world needs to work for everyone as their own 1st party. Everyone. Including “them”. Including Vendors.

In fact, that’s the only way we can get out of the client-server, subservient mentality of the web. It’s also the only way to make sure that our solutions work even when the “vendor” is our neighbor, our friend, or our family.

This is particularly clear in the work we are doing at the Kantara Initiative’s Information Sharing Work Group. We are creating a legal framework for protecting information individuals share with service providers. As such, it’s vital that the potential ambiguities of language are anchored in rigorous definitions. And what has emerged is that every transaction is covered by a contract between two parties. Not three. Not four. Not one. Two. And to the extent that third (or fourth) parties are mentioned, they are outsiders and not party to the contract. Since we are building a Trust Framework, there is a suite of contracts covering the different relationships in the system, but the legal obligations assumed in each contract have clear and unambiguous commitments between the first and second parties only.

Platforms

But where I think where Doc’s framing most needs a bit of correction is that, in fact, historically, third parties are never presumed to be working for second party. Not in the vernacular and not in any legal context. This presumption only emerges once you add a Fourth Party claiming that it works on behalf of the user. That is, 3rd-party-as-ally-of-the-2nd-Party is a corollary to Fourth Party concept, not a foundation for explaining it.

Take Skype, which I have on my Verizon cell phone. In the contract with Verizon, Skype is a third party application and Skype, Inc. is the third party.  But Skype isn’t working on Verizon’s behalf.

This is not only true in the sense of 3rd party applications whose value proposition is clearly at odds with the 2nd party, it is even more true when it comes to platforms. And especially when you consider the relevance of VRM as a platform for innovation.

In every platform, there are third parties who create apps that run on the platform. Microsoft built Windows, but Adobe built Photoshop. Apple built the iPhone, but Skype built Skype.  For platforms to be successful, they necessarily bring in 3rd party developers to build on top of the platform. These developers aren’t necessarily working on behalf of the platform provider, and it would be a miscarriage of alignment to claim that they are. They are out for themselves, usually by providing unique value to the end user. Some new widget that makes live better.

This becomes even more true when you are dealing with open platforms, or what I called Level 4 Platforms (building on Marc Andreeson’s The 3 Platforms You Meet on the Internet). In open platforms, you actually have 3rd parties helping contribute to the code base of the platform itself.  Netscape adds tables to HTML. Microsoft adds the <marquee> tag.  But here, it is even crazier to imagine that these 3rd parties are acting on behalf of the platform party… because there really isn’t a platform party. Nobody owns the Internet.

I think the right way to think about 4th Parties is that they have a fiduciary responsibility to the 1st party and 3rd parties may or may not.

Fourth Parties answer to the 1st party.

3rd Parties may not answer to anyone.

While I remain concerned about how the institutions of globalization might co-opt personal data to further their own ends, it almost certainly isn’t as bad as recently discussed on the Project VRM mailing list.

My realization: of course WEF would see data as an asset class. If it weren’t, it wouldn’t even make it onto their radar. Complaining about the WEF seeing personal data as an asset is a bit like complaining that Mozart sees everything as music.  Sure, it might be a limited framework and might be abused if applied too broadly, but it’s perhaps the most real way for the WEF to think about how personal data will lead to changes in the global economy.

It is worth understanding that the paper is an early step in acculturating Fortune 1000 CEOs to a new reality about user-driven services, volunteered personal information, and the entire VRM gestalt. It’s a baby step.

But it is a step.

Indeed, the folks at the workshop were well aware of the kind of reaction they are bound to get from communities like VRM. Bottom up groups tends to distrust top-down institutions.  Fair enough. But think about it from the perspective of the folks inside the WEF that are fighting the good fight, not just because it’s moral or politic, but because it is perhaps the only viable route beyond the information overload facing our entire information infrastructure.  Those folks need to light the minds of global business leaders without igniting fear that the house is on fire.

Sociologists have long recognized that there is no single “public”, no monolithic context where social norms congeal and deviant behavior is shunned. Instead, we’ve recognized that each of us engages in multiple, distinct publics, with their own boundaries and rules of etiquette. We act one way at PTA meetings, another in Las Vegas, yet again a third way at work. These are different flavors of public behavior and yet we expect most people to respect boundaries between these areas.  We manage these publics as easily and naturally as we greet a newcomer to the workplace. We do it without conscious effort, but with a sensitivity to the place and moment.

We also constantly manage any number of private contexts, where certain topics and behaviors are understood to be held in confidence, from family matters and Santa Claus to corporate secrets. Just as there is no monolithic “public”, there is no single “private” domain, where insiders know everything and outsiders know nothing. We share confidences with our kids, our spouses, our lawyers, our doctors, our psychiatrists, our bartenders, our business partners, all with certain, often unstated, rules about appropriate use and redistribution. Sure, these confidences are occasionally broken, but when they are, it violates our privacy and breaks trust. Frackin’ jerks!

Privacy leaks occur when information entrusted to one context finds its way into another: when our doctor’s receptionist tells our co-worker a bit too much about our visit, a boss overhears an embarrassing story about where we really were last Monday, or an ex tells her gossiping friends about our intimate moments. These context violations hurt whether they occur between “private” contexts or “public” ones. The issue isn’t whether something was said or done in “public” or “private”. The issue is the boundary breaking, the violation of expectations, and the betrayal of trust.

Our worlds are not defined by a single boundary between public and private, but by a constellation of privacy, comprised of multiple, distinct contexts, each with their own set of participants and expectations. There are literally billions and billions of contexts worldwide, each of us participating in dozens, perhaps hundreds.

We’ve been figuring this out for a long time. Over thousands of years, we’ve developed social norms that help us navigate different contexts. Space and time are our most common tools, marking the boundaries between strip clubs, schools, churches, homes, bedrooms, and restrooms. Don’t interrupt the magician, don’t talk during mass, don’t make personal calls on company time. Sometimes it’s topical, like spelling out “S.A.N.T.A” to keep the magic of Christmas alive.  These social rules keep naked people out of the cafeteria and accountants out of our bathroom and thank goodness for that!

Today, we are faced with a rapidly growing digital domain with new boundaries and connections, where uncertain rules confound expectations. In a relatively short period, huge portions of our daily lives have moved online, into contexts that lack clear social norms. These online services are often interpreted and promoted as being far more discreet then they actually are. We post a photo to Facebook to share with our friends, forgetting for a moment that co-workers or students might also see that indulgent image. We post a political rant on our blog, only to later have it come up in a job interview. Our Foursquare sign-ins get linked to Twitter without realizing it… and now our location is in the public stream for anyone to find. To make matters worse, many of these services regularly release new features or change their privacy policies… the rules are not just uncertain, they keep changing.

Focusing on public verses private misses the point. The analog world was never that black and white, why would we expect it to be that way online? Rather than an opt-in or opt-out, track or do-not-track, we need a solution that allows us to participate with the same shades of gray we use in the rest of our lives. This isn’t about the end of privacy nor is it about the inevitability of living in public. It’s about figuring out a new set of viable contexts with clear, understandable boundaries, rules, and participants. It’s about giving people as clear and simple control over their online social contexts as we have in the analog world.

We should be able to explicitly manage our online contexts: what we share, with whom, for what purpose, and with what constraints. Once we do that, the overly simplistic model of public verses private will yield to a beautiful constellation of privacy that is more understandable, more flexible, more realistic, and more empowering.

So, put down your pen and step away from the regulatorium. The last thing we need is half-baked black and white thinking turned into law.

JP defines four types of informational asymmetry, which he argues is key for information to have power:

Asymmetry-by-access — You can get it, they can’t.

Asymmetry-in-creation — You create it, you can control access or have unique benefit from it.

Asymmetry-in-education — The information may be symmetrically available, but only “experts” can make effective use of it.This could also be called asymmetry-by-capability: the capability to utilize information more effectively than others.

Asymmetry-by-design — Take abundant information and design a system to create scarcity. For example, the iPhone (or Android) app store as the only – (or dominant) way to get new apps on your phone.

JP goes on to argue that

This approach, asymmetry-by-creation, and its alter ego, asymmetry-by-design, are about creating artificial scarcity. This is fundamentally doomed. I’ve said it many times. Every artificial scarcity will be met by an equal and opposite artificial abundance.

With all due respect, I must politely disagree.  At first, I thought it was a flaw in the argument about asymmetry, but then I realized it was perhaps because I was considering a fifth asymmetry that simply didn’t fit JP’s mold.

Asymmetry-by-choice – The information is shared with mutual agreement by all parties to respect certain limits, typically requested by the discloser, although often required by regulators. This asymmetry is typically  bootstrapped from asymmetry-by-creation and maintained as asymmetry-by-access.

One example: I tell my therapist things because I know they won’t get revealed. The therapist agrees to keep that information in confidence because she knows that if she doesn’t, I won’t reveal it. After the fact, she keeps her promise because she knows that the ethical, legal, and financial consequences aren’t worth breaking it. This is a good thing.

A second example: non-disclosure agreements (NDAs). A receiving party agrees to respect the rights in confidential information in order to better understand the disclosing party’s business. Normally, the discloser wouldn’t be comfortable disclosing certain information, but that would prevent the parties from pursuing mutually beneficial business interests. Only with assurances by the receiving party is the disclosing party comfortable revealing information that ultimately, may be vital to forging a more sustainable, more meaningful, and more profitable relationship. The NDA allows the two parties to continue the conversation with a certain level of expectation about subsequent use of the disclosed information. This is a good thing.

These types of voluntary acceptance of asymmetry in information are the fabric of relationships. We trust people with sensitive information when we believe they will respect our privacy.

I don’t see abundance undoing that. Either the untrustworthy recipient develops a reputation for indescretion and is cut off, or the entire system would have to preclude any privacy at all. In that latter scenario, it would become impossible to share our thoughts and ideas, our dreams and passions, without divulging it to the world. We would stop sharing and shut down those thoughts altogether rather than allow ourselves to become vulnerable to passing strangers and the powers that be. Such a world of totalitarian omniscience would be unbearable and unsustainable. Human beings need to be able to trust one another.  Friends need to be able to talk to friends without broadcasting to the world. Otherwise, we are just cogs in a vast social order over which we have almost no control.

Asymmetry-by-choice, whether formalized in an NDA, regulated by law, or just understood between close friends, is part of the weft and weave of modern society.

The power of asymmetry-by-choice is the power of relationships. When we can trust someone else with our secrets, we gain. When we can’t, we are limited to just whatever we can do with that information in isolation.

This is a core part of what we are doing with VRM and the ISWG. Vendor Relationship Management (VRM) is about helping users get the most out of their relationships with vendors. And those relationships depend on Vendors respecting the directives of their customers, especially around asymmetric information. The Information Sharing Work Group (ISWG) is developing scenarios and legal agreements that enable individuals to share information with service providers on their own terms. The notion of a personal data store is predicated on providing privileged information to service providers, dynamically, with full assurance and the backing of the law. The receiving service providers can then provide enhanced, customized services based on the content of that data store… and individuals can rest assured that law abiding service providers will respect the terms they’ve requested.

I think the value of this asymmetry-by-choice is about artificial scarcity, in that it is constructed through voluntary agreement rather than the mechanics/electronics of the situation, but it is also about voluntary relationships, and that is why it is so powerful and essential.

The term “ownership” simply brings too much baggage from the physical world, suggesting a win-lose, us-verses-them mentality that retards the development of rich, powerful services based on shared information.

Anyone up for sacred cow cheeseburgers?

I’m a member–and a big fan–of Steve Holcombe‘s “Data Ownership in the Cloud” LinkedIn group and I love the efforts of the Dataportability guys and am a big supporter of the Privacy and Public Policy work group at Kantara. There is a lot of good work being done by folks trying to figure out how to give people greater control over the use of data about them (privacy) and gain access to data they use or created (dataportability).

Unfortunately, sometimes the arguments behind these efforts are based on who owns–or who should own–the data. This is not just an intellectual debate or political rallying call, it often undermines our common efforts to build a better system.

Consider this:

1. Privacy as secrecy is dead
2. Data sharing is data copying
3. Transaction data has dual ownership
4. Yours, mine, & ours: Reality is complicated
5. Taking back ownership is confrontational

Privacy as secrecy is dead

First, the data is pretty much already out there. The issue isn’t “How do we keep data from bad people,” it’s “How do we keep people from doing bad things with data?” DRM and crypto and related technology as the sole means to prevent data leakage and data abuse are failures. Sooner or later, the bad guys break the system and get the data.  Sure, there are smart things we can do to protect ourselves. Just like we wear seatbelts and lock our front doors, we should also use SSL and multi-factor authentication, but we can’t count on technology to keep our secrets. We need solutions that work even when the secret is out.

In fact, privacy isn’t about information we keep secret. It is about information we have revealed to someone else with expectation of discretion, e.g., when we tell our doctor about our sexual activities. It’s no longer a secret from the Doctor, but because it is private, we have rules that keep the information from being used inappropriately. Most of the time, with most doctors, it works. Those few who break those rules are dealt with through legal means, both civil and criminal, as well as social approbation. So, because we inherently need to release data to different parties at different times, we can’t control it through secrecy alone. Instead, we need to build a framework for preventing abuse when others do have access to sensitive information. Like in the case with our doctor, we want our service providers to have the data they need to provide the highest quality services.

Data sharing is data copying

Second, in the world of atoms, there can only be one of a thing, which is the reverse of the world of bits. With atoms, even if there are copies, each copy is itself a singular thing. Selling, transferring, or stealing a thing precludes the original owner from continuing to use it.

This isn’t true for information, which can easily be sold, transfered, and stolen without disturbing the original version. In fact, the entire Internet is basically a copy machine, copying IP packets from router to router, as we “send” images, web pages, and emails from user to user and machine to machine–each time a new copy is created whether or not the originating copy is deleted. To think of bits as if they were ownable property leads to attempted solutions like DRM that try to technologically prevent access to the information within the data, which is only good until the first hacker cracks the code and distributes it themselves. Instead, if we build social and legal controls on use, we can give information more freely, but under terms set by each individual when they share that information. Enforced by social and legal rather than purely technological means, this makes the most of the low marginal cost of distributing  online, while retaining control for contributors.

Transaction data has dual ownership

Image via Wikipedia

Third, much interesting data is actually mutually owned… which means the other guy can already do whatever the heck they want with it.  Consider web attention data, the stream of digital crumbs representing the websites we’ve visited and any interactions at each: all our purchases, all our blog posts, all our searches. Everything. Some folks argue that we own that data and therefore have the right to control the use of it. But so too do the owners of the websites we’ve been visiting. We don’t own our http log entries at Amazon. Amazon does. In fact, in every instance where two parties interact, where we engage in some transaction with someone else, both parties are co-creating that information. As such, both parties own it. So, if we tie the issue of control to ownership, then we’ve already lost the battle, because every service provider has solid claims to ownership over the information stored in their log files, just as we, as individuals, own the browsing history stored on our hard drive by Firefox, Internet Explorer and Chrome.

In the movie Fast Times at Ridgemont High, in a confrontation with Mr. Hand, Spicoli argues “If I’m here and you’re here, doesn’t that make it our time?”  Just like the time shared between Spicoli and Mr. Hand, the information created by visiting a website is co-created and co-owned by both the visitor and the website.  Every single interaction between two endpoints on the web generates at least two owners of the underlying data.

This is not a minor issue. The courts have already ruled that if an email is stored for any period of time on a server, the owner of that server has a right to read the email.  So, when “my” email is out there at Gmail or AOL or on our company’s servers, know that it is also, legally, factually, and functionally, already their data.

Yours, mine, & ours: Reality is complicated

Fourth, when two parties come together for any reason, each brings their own data to the exchange. We need a framework that can handle that. Iain Henderson breaks down this complexity in a blog post about your data, my data, and our data, talking about an individual doing business with a vendor, for example, someone buying a car.

“My data” means data that I, as an individual have that is related to the transaction. It could include the kind of car I’m looking for, my budget, and estimates of my spouse’s requirements to approve of a new purchase.

“Your data” means data that the car dealer knows, including the actual cost of the vehicle, the number of units in inventory, the pace of sales, current buzz from other dealers.

“Our Data” means information that both parties have in common. That could be Shared Information, explicitly given by one party to the other in the course of the deal, such as a social security number so the dealer could run a credit check. It could be Mutual Information, generated by the very act of the transaction, such as the final sale price of the vehicle. Or, it could be Overlapping Information, which each party happens to know independently, such as the Manufacturer Suggested Retail Price (MSRP) of a vehicle (which we found online before heading to the dealership).

The ownership of “your” and “my” data is usually clear. However, ownership of the different types of “our” data is a challenge at best.  To complicate matters further, every instance of “my data” is somebody else’s “your data”. In every case, there is this mutually reciprocal relationship between us and them. In the VRM case, we usually think of the individual as owning “my data” and the vendor as owning “your data”, but for the vendor, the reverse is true: to them their data is “my data” and the individual’s data is “your data”. Similar dynamics occur when the other party is an individual. I bring my data, you bring your data, and together we’ll engage with “our” data. We need an approach that respects and applies to everyone’s data, you, me, them, everybody.

In these complex Venn diagrams of ownership, it is more important who controls the data than who owns it.  We’ve already lost the crudest form of control–secrecy–and we are going to continue to lose more as we opt-in to seductive new services based on divulging more and more information: our purchase history, browsing activity, and real-world location data. But we still need to control how all this data is used, to protect our own interests while still enjoying the benefits of the great big copy machine that is the Internet.

Taking back ownership is confrontational

© Regien Paassen | Dreamstime.com

Fifth, we don’t need to pick a fight to change the game. There is a lot of data out there that many of us believe we should have control over. I agree. A lot of people argue that we should have the right to exclude other people’s use because we own the data, because it’s ours in some legal, moral, or ethical framework. The problem is, those other people already have it, and they also believe that they are legitimate owners. In fact, many of them paid for that data, buying it from data aggregators who compile all sorts of things about people, from both public and private sources. This entire ecosystem of customer data is a multi-billion dollar business and every single player “owns” the data they are working with. So if we focus our energy in claiming ownership over that same data in order to take control, we are framing the conversation as a fight, a fight against a powerful, well-healed, well-funded, entrenched bunch of opponents.

Most of these “opponents” are the very people we are trying to win over to our way of thinking. These are the vendors we want to embrace a new way to do business. These are the technologists we want to transform their proven, value-generating CRM systems to work with our data on our terms, instead of their data on their terms. Arguing over ownership puts these potential allies on the defensive, when what we really want is their collaboration.

From Ownership to Authority, Rights, and Responsibilities

Rather than building a regime based on data ownership, I believe we would be better served by building one based on authority, rights, and responsibilities. That is, based on Information Sharing.

• Who has the authority to control access and use of particular information?
• What rights does a party have in using and distributing a piece of information?
• What responsibilities does an information user have to others with respect to that information?

Let’s stop arguing about who owns what and start figuring out how we can share information in ways that allow everyone to win.

When we collect all of our information into a single conceptual repository, and then share access to it with service providers on our own terms, we create a high quality, highly relevant, curated personal data store. This allows us to bootstrap a control regime over all of our data in a way that creates new value for us and for our service providers. Now, instead of iTunes Genius or a Last.FM scrobbler only having access to our media use with their service, they can provide recommendations based on all the information stored in our personal audio data store. We get better recommendations and they get better data to drive their services. This personal data store is entirely under the authority of the user, sharing information with service providers according to specific rights and responsibilities.

The Information Sharing approach neatly sidesteps the complexities involved in privacy and dataportability issues of the information already known by service providers. These remain serious issues, worth addressing. Resolving them will require long term investment in the legal, regulatory, moral, and political systems that govern our society. Fortunately, sharing the information in our personal data store can begin almost immediately once we have working specifications.

This controlled sharing of information will dramatically increase our comfort level when revealing our intentions and interests. We would have control over the use–and would be able to prevent abuse–of that information, while making it easy for service providers to improve our lives in countless ways.

At the Information Sharing Work Group at the Kantara Initiative, Iain Henderson and I are leading a conversation to create a framework for sharing information with service providers, online and off. We are coordinating with folks involved in privacy and dataportability and distinguish our effort by focusing on new information, information created for the purposes of sharing with others to enable a better service experience. Our goal is to create the technical and legal framework for Information Sharing that both protects the individual and enables new services built on previously unshared and unsharable information. In short, we are setting aside the questions of data ownership and focusing on the means for individuals to control that magical, digital pixie dust we sprinkle across every website we visit.

Image by hegarty_david via Flickr

Because the fact is, we want to share information. We want Google to know what we are searching for. We want Orbitz to know where we want to fly. We want Cars.com to know the kind of car we are looking for.

We just don’t want that information to be abused. We don’t want to be spammed, telemarketed, and adverblasted to death. We don’t want companies stockpiling vast data warehouses of personal information outside of our control. We don’t want to be exploited by corporations leveraging asymmetric power to force us to divulge and relinquish control over our addresses, dates of birth, and the names of our friends and family.

What we want is to share our information, on our terms. We want to protect our interests and enable service providers to do truly amazing things for us and on our behalf. This is the promise of the digital age: fabulous new services, under the guidance and control of each of us, individually.

And that is precisely what Information Sharing work group at Kantara is enabling.

The work is a continuation of several years of collaboration with Doc Searls and others at ProjectVRM. We’re building on the principles and conversations of Vendor Relationship Management and User Driven Services to create an industry standard for a legal and technical solution to individually-driven Information Sharing.

Our work group, like all Kantara work groups, is open to all contributors–and non-contributing participants–at no cost.  I invite everyone interested in helping create a user-driven world to join us.

It should be an exciting future.

This material is based upon work supported by the National Science Foundation under Award Number IIP-08488990. Any opinions, findings, and conclusions or recommendations expressed in this publication are those of the author and do not necessarily reflect the views of the National Science Foundation.

From cable TV to YouTube, from newspapers to blogs, from Wal-Mart to eBay, from Ma Bell to the Internet, the shift from centralized, structured systems of authority to emergent, collaborations between individuals has been reshaping our political, social, and economic world for generations. This is a trend that has driven—and been driven by—the massive success of the Internet, email, the World Wide Web, eBay, Google, RSS, FaceBook, YouTube, and Twitter. Each of these examples took an existing model and made it more user driven: networking, messaging, electronic publishing, buying & selling, content discovery & advertising, news aggregation/syndication, online video, status updates.

The conclusion: companies which find ways to be more user driven are more valuable, more profitable, and more successful.

What does it mean to be “user driven”? At its most basic, it means putting the user in charge, in some way. Fully realized, it means putting the user at the center of the system, as a point of integration, origination, and control. We call these fully realized systems “User Driven Services”.

User Driven Services put users in charge. Users start each interaction, manage the flow of the experience, and control what and how data is captured, used and propagated.  Users are the cause and the controller, working with service providers to co-create collaborations that create value for all parties.

From self-serve gas stations and soda fountains to ATMs and self-checkout grocery stores, companies have been putting users in charge of different aspects of their services for years. With GetSatisfaction—which allows users to self-organize for cooperative customer support—and Facebook—which provides social context for user-generated content—users are not just self-servicing, they provide the core content behind the user experience. Now, through user-centric Identity and API access to most popular online services (Flickr, Twitter, Facebook, etc.), users can direct which parts of their experience are serviced by which providers, allowing unprecedented realtime flexibility in service creation.

User Driven Services are redefining how we interact, how we manage our businesses, and how we engage in both public and personal conversations. Businesses and organizations that want to thrive in this new reality would do well to help co-create a new mutually beneficial marketplace for products, services, and ideas. Individuals, participating in this rising tide of personal power, have an opportunity to coordinate with each other and with service providers to craft a future that meets all of our needs, as individuals, entrepreneurs and business people.

Terminology

A few key terms:

System: a group of independent but interrelated elements engineered to operate as a unified whole.

(The systems to which we refer are not natural or conceptual systems, but rather, operating mechanisms designed and implemented to perform intended functions.)

User: any individual interacting with a system.

Service: a value generating experience available to users through interactions with a system; also the system providing such experiences.

User Driven Services: services that maximize value creation by maximizing user control and authority.

Characteristics

User Driven Services have the following characteristics:

1. Impulse from the User
2. Control
3. Transparency
4. Data Portability
5. Service Endpoint Portability
6. Self Hosting
7. User Generativity
8. Improvability
9. Self-managed Identity
10. Duty of Care

We will explore each of these characteristics in a series of articles over the next few weeks.

No longer is it sufficient for companies to package a value proposition on their website and then drive traffic to it through ads, search engine optimization, and reciprocal links. Today companies must find ways to provide a value proposition wherever the user might be: on Facebook and Twitter, on their iPhones, and even through 3rd party applications accessing deep into the company’s datasphere through APIs and webhooks.

The Internet is reconfiguring around the user, wherever people happen to be.

I’ve been talking with folks in the VRM community about this topic over the last few years. VRM is, at its core, about starting with the user, re-engineering systems to maximize user freedom and control, and placing the user at the point of integration.  Or, as Doc Searls puts it, creating tools for “both independence and engagement”.

For example, I’ve led several discussions at various VRM workshops on what I call “user driven search“: what would happen if the user were truly in control of all the data related to their search and could engage any Search provider they like with the full scope of that information and under the user’s terms?

In the last several months, I have been advocating a new term has that captures the core direction of both VRM and User Driven Search: “User Driven Services”.

When you configure your services around the user as the primary point of origination, integration, and control, you are building User Driven Services.

Over the next few weeks, I’ll dive into what we mean by User Driven Services; consider it a warm up for both the VRM West Coast Workshop 2009 and the Internet Identity Workshop.

More …