The Consensual Web
As you know, we’ve been closely watching the discussions regarding the Do Not Track (DNT) initiative. A key discussion point is about first and third parties and how a third party can become a first party once you click on a “like” button or click through to another site or use an embedded service within the primary site. But the question arises as to whether or not the average user KNOWS that these actions change the status of first and third parties?
If we cannot determine whose site we are on, then how can we engage in a consensual relationship with the various Web content and service providers? Here is a case in point:
My journey begins “off the Web”. I have opted into receive emails so have given my consent to the USA ProCycling Challenge organization to contact me. Today I opened this email and clicked on the Read More link.
As I finished reading, I see a familiar looking black bar across the top. I look at the particular URL and realized I’m on a BlogSpot page, not a website. Who owns BlogSpot? Google. So now, based upon DNT definitions, Google has become the first party and has a right to capture and use my information (my context) for it’s own marketing purposes, without, in my opinion, my consent. But according to current DNT definitions I gave my consent the moment I clicked on the link.
I know that this is not some deliberate means to hijack my information, but it highlights the problem with DNT and their definitions of first and third parties. I never got a chance to provide my consent – or not. Once again, I have no choice about with whom my data is being shared.
So what is the definition of “Consensual Web”? It was good for Google, but not for me. A good Web experience is more than just serving me relevant ads and custom-sorting my searches. It’s about transparency and respect -and this morning, I’m not feeling very respected.
Oh what a tangled “web” we weave… When first we practice to “deceive!”
With apologies to Sir Walter Scott I’m going to highlight two words in his quote – web & deceive
The Internet has created this incredible ecosystem for users to express themselves – however with this increased expression has come increased access to personal information that can be saved on corporate servers, searched and then resold. With the advent of the Mobile Internet, tensions regarding privacy are reaching a boiling point, as my personal information is hijacked on a daily basis by current (and sometimes deceptive) Web practices.
With this in mind we can now peer into this “tangled Web” and perceive yet another wicked problem…
How does marketing communicate with customers in a one-to-one manner consistent with their current context, and do so while both preserving customer identity across multiple digital channels and respecting privacy?
For the last decade or so we’ve only had to worry about the desktop (i.e. a single context). Now with the advent of Mobile we have a shifting context that is incredibly personal, and yet lacks the attributes of the desktop medium (no more big screen, keyboard or mouse). Now marketers are faced with an incredibly complex problem – how to communicate with a consistent but personal voice, and respect the customers right to privacy.
In my last post “Is building an Identity Ecosystem a “Wicked Problem”? I introduced the notion of real time context: the ability to transparently share my Identity and context with a Web server in real time. However I left off one crucial item – consent which ties directly into the above problem.
The current practice (which is frequently deceptive) is to bury privacy and data use policy in legalese or Terms of Service. Basically, you sign away all your rights – consent to everything by using the site, and then they can do anything they want to with your data. That sounds just so archaic, so 1999, back when Mobile meant a laptop computer.
So how do we bring privacy and consent into the 21st century? Or should we even bother? I say, yes – it’s absolutely worth the bother. Let’s think of it in terms of this simple analogy. Remember when bankers hours were 9-5, Monday to Friday. But then they found out that everyone was working and if they wanted to keep their business they needed to adapt to the customer. Well now we have 24 hour ATMs and can bank on our way home from work or on a Saturday.
Well that’s what’s going to happen with Privacy – and the catalyst is going to be Mobile. It’s too late to put Pandora back in the box – Web-based advertising and behavioral targeting are here to stay. However what we can do is figure out a “programmatic” solution to play nicely with Pandora. And let me tell you the stakes are HIGH. There are billions of dollars in revenues at stake here, let alone the other wicked problem mentioned above.
So what is the solution? – simple – give me a clear and simple choice. Let me manage what context I am willing to share with a user-driven, “Personal Context Manager.” In other words give me an electronic “ME” database that I have complete control over, and lives on my devices, not someone else’s servers. Inside that electronic database is my data. It includes personal information, device information and also geo-location information. All combined it’s a very precise database (or not) on who I am, what device I’m using and where I am.
Now what I need to be able to do is easily share that data with trusted Web sites. The only criterion is my definition of “trust”. If you abuse my trust I can turn it off – and we go back to 1999 – page/content only context. However if we all play nicely in the sandbox, then I’m willing to share my data with you in return for more relevance and value from you.
Think about it for a moment. In the history of browsers there’s never been a way for me to control the data I share. Even the Do Not Track standard doesn’t allow me to do it. And that’s got to change. Only when I determine the trust level can I be confident that online businesses will respect my privacy.
So the answer to these two wicked problems can be summed up as “consensual context”. There’s now a programmatic way to add my consent and my context to the protocol that binds us all – the Internet. And even though my worst case position is 1999 (i.e. what we have now) for those Corporate brands that really want to go the next “Marketing Mile,” they can start with user-controlled consent and establish a new level of trust that crosses over to any “screen” with which I choose to connect to them.
Choice Means Respect
I was reading this When Did Service Become the Customer’s Obligation? blog at Competitive Advantage Marketing it really struck a cord with me. While Dr. Coleman is talking about a different kind of “choice” than our enterprise browser provides, it does address a common theme. This quote from her blog really sums things up,
“Our messages are meaningless if the customer contacts don’t leave the customer feeling respected and valued. Where there is choice, the customer won’t tolerate feeling as if it is his job to service the company. We need to remember that customers see the products and services we provide in their own context, not ours.”
As business people, we should be asking what we can do to make our customers lives or businesses better in exchange for buying our products and services. We should adapt to them – not make them adapt to us. When you give your customers choice; when you look at your customers’ needs in the context of their life, their business models, their resources – then doing the right thing becomes much simpler.
Some Animals Are More Equal When it Comes to Digital Privacy
In a recent conversation with a colleague, it suddenly struck me that while I see lots of products and services (and budget dollars) supporting IT security, there are almost no products or services supporting privacy. Why is that?
Security is about protecting corporate data. But let’s look at the other side of security – privacy. Privacy is about protecting the use of personal data. Is my personal data any less important than a company’s confidential data? It shouldn’t be. According the U.S. Supreme Court we’re both “persons”. I’m feeling an Orwellian paranoia swelling up. Not the 1984 kind, but the Animal Farm kind.
“ALL ANIMALS ARE EQUAL, BUT SOME ARE MORE EQUAL THAN OTHERS”
In a private company, anything marked confidential is confidential. On the Web, things are much less clear. Is my phone number confidential or public information? What if I have an unlisted number? Is my location confidential? What about my name or email address? Sales people get sued over taking customer lists when they leave a company, so why would anyone or any company in their right mind think taking my address book is okay. And to add insult to injury, they profit from it. Really?!
While commendable in it’s intent, DNT is proving near impossible in its implementation. The cost to countless businesses to change their infrastructure and business models may prove too much for a multi-stakeholder initiative – many of whom are the people who either profit from cross-site tracking or have the greatest expense to adapt to the new standard. Organizations such as the ACLU and the Stanford Center for Internet and Society, are working hard to keep the task force on point, but once you throw in the legal and cultural differences from country to country and the task seems daunting.
Until each Web user has a clear choice over what data is shared, with whom, corporate persons will be more equal than you and me.
Privacy: My Expectations vs.. My Reality
I’m going to start this post with a famous quote from Wernher von Braun – you can recover from a production flaw but never from a design flaw.
Right now there’s lots of activity in the Privacy space (note that I say activity vs. outcome). There’s an initiative by regulators to reign in what they feel is invasive behavior by both content providers and carriers as it relates to your privacy, and there’s also an initiative by the W3 to introduce a “Do Not Track” preference in the browser.
All of these activities hinge around really defining what Privacy means to “Me”. As you can imagine everyone has an opinion on what it should be. For the purpose of this blog post lets keep it really simple – let’s go with the W3 initiative of a “binary solution”. If my browser sends a 1 then I don’t want to be tracked and if it sends a 0 then I consent to being tracked.
Ok, that’s really simple. And consequently my expectation is also very simple – if I send a 1 then I “expect” not to be tracked in any way shape or form. In fact I actually expect my browser to block any method a Web site may try to use to track me. For example – the second I set my Privacy preference to “Do Not Track” I expect all 3rd party cookies to be blocked. In fact you could also make the case that I don’t want any cookies on my device.
And herein lies the problem and the reason for Wernher’s quote. The Web was designed to track. Because I cannot ever know my real time device capabilities there had to be a mechanism by which a Web site could “remember” you. Welcome to cookies.
Here’s Wikipedias definition of cookies:
A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is used for an origin website to send state information to a user’s browser and for the browser to return the state information to the origin site. The state information can be used for authentication, identification of a user session, user’s preferences, shopping cart contents, or anything else that can be accomplished through storing text data on the user’s computer.Cookies cannot be programmed, cannot carry viruses, and cannot install malware on the host computer. However, they can be used by spyware to track user’s browsing activities—a major privacy concern that prompted European and US law makers to take action. Cookie data can also be illicitly disclosed by hackers to gain access to a victim’s web account.
Remember HTTP is a stateless protocol – and the only way you can “CURRENTLY” add state is via a cookie. Cookies are required for just about everything these days. Imagine trying to buy something on the Web without the ability to use a cookie. It would be impossible.
So setting a binary preference for my privacy is very well intentioned, however the reality is going to be something that I wasn’t expecting. The very method that currently makes the Internet experience work is the one that is causing the problem. An incredible amount of money has been invested in keeping the status quo. In fact you can almost imagine that any Privacy initiative will fail simply because of the amount that must be invested by content providers to change the way they’ve been doing business.
Which leads me to the title of my next blog post – The Innovators Dilemma – Improving the Internet so I have a choice in how it recognizes me.
Privacy Must be a Choice. Managing Choice Must Be Simple.
The digital Privacy debate continues and the W3C are defining Do Not Track (DNT) standards right now. The goal is good, but I fear they are making things more complicated than they need to be. In an ideal world, users would have a choice over everything that gets shared and with whom it is shared. But alas, the world is not ideal and while choice can be 3P enhancing, I understand that everyone will progress through the 3Ps at their own pace.
The reality is that most people simply use default settings in every application – including their browsers (see this great little study by UIE). The other reality is people want their privacy to be respected. Most are willing to share relevant information to delivering a great experience – if you ask their permission. So if you are not going to give them full choice, give them a simple choice: Track or Do Not Track.
This is the worldwide Web. The standard affects everyone around the world. Not everyone has the same norms or laws. So while, I’m all for respecting the privacy laws of each country, don’t build the standards so that in order to comply with them, every website is obligated to collect location data with each request. A simple default to Do Not Track when it is unclear as to the user’s consent level is sufficient. I have not met a U.S. citizen, yet, who subscribes to the belief that the Web standard default should be Track Me. Simply because U.S. laws don’t address this specific issue like EU country laws, doesn’t mean it’s a U.S. cultural norm.
Now, lets forget “Joe Average Citizen” for the moment. Can you imagine the performance hit to the Web if every time a page is visited it must query the user’s location? What if GPS is not available and cell-tower or Wi-Fi location cannot be resolved? What about the cost of compliance? Most companies and websites are simply not that sophisticated. Will there be exemptions for B2B sites? My company doesn’t share any data – do I still have to comply? Does regional privacy compliance create an even greater privacy threat than the issues surrounding behavioral targeting – the primary reason the DNT standard is being put into effect?
Keep it simple. More DNT exceptions equates to more complexity and more unintended consequences. The more complexity, the greater the implementation burden and cost to businesses.
Privacy is not binary… but if full choice is not supported, then a simple binary choice is far better than a good idea gone astray. Too many programmatic exceptions to the DNT standard will undermine the original intent of the initiative and we’ll have to keep writing these blogs. Personalization and fast performance are much more fun!
Privacy: What “Do Not Track” really needs to make it enforceable (and verifiable) – HTTPS
In an earlier post – Privacy: X marks the spot where… I wrote about one of the problems with enforcing the Do Not Track header (the issue with caching servers and how do you enforce and verify the Do Not Track header was really sent?).
So I thought I should offer a suggestion to improve the whole DNT idea. How about SSL (Secure Sockets Layer). Why not move the whole Web to SSL? Think about it, it’s the ONLY solution that offers a real “verifiable handshake” so you can make a “Peer to Peer” connection. No more issues with Caching servers or verification – it’s direct from “one can to another”.
It works for eCommerce so why not use it for Do Not Track? In fact if you think about it how can anyone be suggesting Do Not Track without adding security to the mix.
Of course SSL does come with a few “issues’. It’s a performance hog and requires you to do the work to set everything up correctly. But heck it’s the user’s privacy at stake here – you should be doing it. In my next post we’ll take a look at how you could tweak SSL to really improve performance, and still allow the user to protect their privacy. (Hint: It’s called field level encryption).
Digital Privacy Twister
Yes, Twister. The fun, bright colored game where you get twisted up with all your friends and would-be teenage loves. Actually, the rules of Twister are more clear than the twisted Privacy policies that dot the Web these days – which in my opinion, are less about privacy and more about making money. The only choice I typically get is no privacy or don’t use my Web service.
It is impossible to ignore the increase in coverage regarding digital data privacy. Today’s Wall Street Journal headline about Google bypassing iPhone Privacy Settings may just be the fateful move that brings everyone playing Digital Privacy Twister crashing down to the mat.
But before jumping to any “Google is the new Evil Empire” conclusions, have a look at this hurried, yet thoughtful post by Technology Media blogger, John Battelle, A Sad State of Internet Affairs: The Journal of Google, Apple and “Privacy”. Battelle, rightfully questions whether or not the default “privacy settings” in iOS are designed to protect yours and my privacy rights or protect Apple’s advertising revenues.
Sadly, the rules about Internet Privacy are simply not clear and even those being debated and proposed by the best minds in the space have to consider the impact changes will have on established business models and legitimate uses for data sharing between organizations. Privacy is about balancing the rights of you and me, as citizens (not just consumers) and a business’s right to make money. If you mandate technology changes to stop privacy abuses, then how that impacts legitimate data use and sharing MUST be considered or you start ripping apart the very fabric of the Web – the mat holding all the brightly colored website dots together.
Maybe we are too smart for or own good. I bet if you asked your children, they would say something wonderfully simple like, “Just ask me my permission.” or, “I’ll tell you if I trust you.” Or perhaps, “Your a stranger. Until I know you better I won’t tell you my name or where I live.” Instead of trying to re-weave the Web and break what works, why not just ask the user. Give them the Choice to share or not to share with any given site. Give them a Choice about what to share – location, but not name. Device information, but not cell phone number. Privacy is not binary. Privacy cannot be “solved.” Privacy is a right. Ask permission (in a simple, straightforward manner) and then respect it. Period.
Digital Privacy should be about delivering the appropriate Web Experience base on what is shared, not taken. An anonymous experience or a rich experience, or something in between. It should be MY choice and should not be all or nothing. People like choice. When you deny that choice based upon less than transparent practices and policies, people get really angry. Angry people stop doing business with you and tell all their friends.
Privacy is a Balance
As I watch the news unfolding about Path (link) and the controversy over accessing my address book, I can’t but shake my head in amazement that people are still missing the point. It’s not that they accessed my data without my permission that’s the problem – it’s that I have no choice in what I choose to share that’s at the heart of the matter.
Think about it for a moment, Michael Arrington is an investor in Path. Now Michael probably has an address book only second to Ron Conway’s. Can you just imagine the number of aspiring entrepreneurs who would love to access that database. And it’s probably all sitting up on someone’s servers somewhere.
Now to their credit Path immediately issued an apology and deleted everyone’s data from their servers. So far so good. Now comes the problem – they then updated their app so that it asked “permission” to access your address book. As someone would tweet – #fail.
They are still missing the core problem – I want to allow Path access to “some of the people in my address book” – but only those who Path turn into something of value for me. And therein (as the Bard says) lies the problem. Privacy is NOT binary, it’s contextual. Not only do I want a choice in what I share, I want to ensure that sharing the data results in a better outcome for both parties.
What the current approach to Privacy has #failed to do is deliver not only a choice, but it has failed to make it contextually aware of not only Who I am, but Where I am. My Privacy has value – it must have because at the moment this topic is becoming radioactive – and yet my only “Choice” is binary. Either share it or not. Well how about offering me something in return? Why do you get to keep the value and I don’t. Seems like an unfair choice to me.
Ultimately Privacy is a balance between ensuring Privacy and allowing information to be shared for a better outcome.
And that’s why we invented the new Choice™ browser. It gives you a choice in what and to whom, you want to share your personal data with.
Mobile Device Privacy Act – Read the Discussion Draft
I hope you’ll read this Mobile Device Privacy Act Discussion Draft and pass along to others. The discussion draft focuses on transparency and choice surrounding data collection, not about what data is collected and how the data is used. It also holds the device and OS manufacturers to the same standards as the wireless carriers, along with any after-market “monitoring software” installations. I did not see any specific definition of “monitoring software”. Will have to ask my congressman about that one…
Whether you are for or against the specific points of the act, I hope you’ll educate yourself and share your feedback with your state representative.