Innovation, The Internet, Standards And the Arrow of Time – Part II


In Part I I introduced the notion of the ‘causal arrow of time‘ and how innovation moves forward in time with what has come before, always enhancing existing technology and the infrastructure that has come to depend on it, in the least disruptive way. In each case there is always the same outcome, a lowering of costs, new customers and services, and an increase in revenues. I used two analogies to illustrate how building standards based infrastructure helps drive innovation and move commerce forward. In this final blog i’ll talk about ‘Enhancing HTTP’ and how a new innovation in three critical areas (Performance, Privacy and Personalization) will drive the next wave of revenue on the Web.

As I mentioned in Part 1 there was no option in the standard version of HTTP to transmit Privacy information over the Internet. In an ironic twist of fate the original designers of the HTTP protocol actually added a method for adding ‘standard data’ to the transmission. This link points to RFC 2616 which is the actual protocol which runs the Web. Here’s the critical section that points to how the protocol can be ‘Enhanced’ (see the bold highlights below) …

  • The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. It is a generic, stateless, protocol which can be used for many tasks beyond its use for hypertext, such as name servers and distributed object management systems, through extension of its request methods, error codes and headers

It’s those exact highlights which illustrates how you can enhance the Web using ‘standards’. Unfortunately as you continue to read the spec (Section 12.1) it tells you why trying to do this is not a good idea. But ‘what if you ignored that’ and went ahead and did it anyway? Well you’d have to solve a lot of complex problems, but if you did, then you would have successfully enhanced the standard by which all devices connect to the Web.

So what would all this look like?


Standard HTTP:
A browser talks to a Web server
over current infrastructure using Web standards

Enhanced HTTP:
A new data channel allows the browser to send
real-time private data over current infrastructure using Web standards

Enhancing HTTP – Adding a Channel for Privacy, Performance and Personalization Data
The need to transmit private data over existing HTTP infrastructure is increasing. 3PMobile believes the best approach is to use an encrypted channel inside the HTTP protocol itself. Like on a telephone network, this data is hidden during transmission, but recognizable by a Web server. The ‘Private Data’ being added to the HTTP request can be either STATIC (privacy preferences, personal information, performance enhancing data) or DYNAMIC (GPS, sensor data, etc.). It is added using existing HTTP standards, such as headers and cookies, so devices and developers need not learn anything new.

The addition of a private data “channel”, just like the added channels to the phone networks, enables countless new revenue opportunities without disrupting the existing HTTP protocol or infrastructure. It inserts seamlessly into the existing protocol, to ensure no disruption and no new learning by developers and IT professionals. Location-based services are the first to be monetized and a privacy preference “switch”, like the Do Not Track (DNT) header is currently being considered by governments and the W3C. A sampling of what standards-based, private data channel innovation enables includes:

  • Enhanced Privacy
    • Enterprise policy management & compliance monitoring
    • Secure transmission of biometric user authentication
    • Identity Wallets and consumer sharing choices
  • Personalized Web Services
    • Personalized content and advertising
    • Managing policy, promotion and simplifying navigation via browser menus
    • Mobile apps that can rival apps in UI and functionality
  • Performance Optimization
    • Real-time, real world device and wireless network performance testing
    • Real-time performance monitoring by device, network and location
    • Mobile SLA analysis & remote device testing and management via the Web

Innovating the Standard… 3PMobile®
Since the very beginnings of ‘transmission technology’, every time a standard has emerged and has been adopted for wide use there have been ‘alternate channels’ invented and applied to those standards for the purpose of transmitting ‘more information’ than the original technology was designed to transport…

… all without disrupting or replacing the original technology.

3PMobile, with it’s Choice® technology, applies this time-tested and proven approach. The company’s intellectual property adheres to the premise that the most valuable technological advances enable the successful introduction valuable products and services without disrupting the existing technology or economic base. Choice® is additive. It provides a path for new technological and economic growth – without requiring immediate change to current business practices or Web infrastructure. Effectively, the company’s contextual data communications platform simply extends the HTTP protocol with a new ‘data channel’ designed to support Web privacy, personalization, and performance-enhancing products and services.

3PMobile’s approach allows organizations and individuals to change – without forcing the pace of that change. It does so by respecting standards and utilizing existing programming skills for the HTTP protocol. And while many will argue that all standards-based solutions should be open source, one need only look at the number of FRAND and cross-licensing arrangements in play in modern Web and mobile ecosystems to know that while it may be the desire of some, it is not the reality. Market advantage and positive economic disruption is created by early adoption of innovative technologies that plug into the existing infrastructure. Strategically minded organizations have the opportunity to be the first to deliver and monetize products and services that utilize the 3Ps – and avoid the negative market impact regulation can impose on them.

Early adopters will gain the largest economic advantage, but everyone can participate for decades to come. As a standards-based technology, the 3PMobile approach is easily integrated into the enabling infrastructure, just as new services have been added to the fuel delivery, container-based shipping industries. It layers opportunity, just as tone-based dialing and data transmission have been added to the telephone network, or as digital data transmission has beyond simple information about the type of browser.

More data, faster transmissions, more choice in data sharing and management, means, quite simply, more opportunity for the development of profitable products and services. Successful innovation, like Choice®, is additive. It respects the technology, which has come before it. It enables yet-to-be defined monetization models. It ensures replacement revenue for established products and services as they reach their end-of-life. It supports both privacy and personalized content and services – with or without tracking. It is the next major evolutionary step in Internet communications.

Google joins the Do Not Track Party


Just downloaded the latest version of Chrome and it’s official – Do Not Track is now a Privacy setting. Although you might want to read the disclaimer that shows up when you check the box.

Consumer Protection – the Do Not Track standard – & the W3C


Privacy Please


The Do Not Track standard is now live in every major OEM browser. Consumers who are interested can check a box marked ‘Tell Web sites not to track me’ and the browser will add a ‘header’ (a message) to every request the user makes in the browser, indicating to the Web server that the person does not wish to be tracked.

It really is incredibly simple – and it’s biased towards Consumer Protection, as it should be. However that’s not the end of the story. The W3C is being pressured to water down the spec via the advertising industry. Instead of the Tracking Protection Working Group it’s fast becoming the ‘Please God Don’t Let Us Lose Any Money’ Working Group. If you want to see how bad things are spend a few minutes/hours reading through the mailing lists – link (you’ll be shocked)

There have been lots of blog posts in the last few days on this subject – it’s culminated with Neelie Kroes Vice-President of the European Commission responsible for the Digital Agenda Online privacy and online business giving us an update on Do Not Track The Centre for European Policy Studies (CEPS)/Brussels, 11 October 2012 – link

If the W3C is going to retain ANY credibility from this process they have to ship a standard that is in favor on the consumer. Failure to do so is really not an option as the stakes are so enormous. The alternative is to bring in the regulators which is what Neelie’s next statement will be focusing on if Do Not Track fails to do the job it promised to do.

Every browser now supports sending the Do Not Track signal – what’s taking so long is figuring out all the myriad ways that the Web servers can ‘game the system’ to avoid it. They’d be better off served accepting it and moving forward, because if they don’t like Do Not Track they’re sure not going to like what the regulators have in store for them.

Why the proposed Do Not Track standard is going to fail – it’s all about Trust



As the saying goes “A civilized society cannot function without trust”, ergo it’s also appropriate to extend that premise to the Internet – “A civilized Internet based society cannot function without trust”.

So how do we define trust? There’s a great definition to be found on the Web – link – in short:

“Trust is a person’s willingness to accept and/or increase their vulnerability by relying on implicit or explicit information.”

So how does this all related to the proposed Do Not Track standard? Well the idea is a simple one – the user goes to his/her browser, clicks on the Menu, selects the Privacy option and then checks the box marked ‘Ask Web sites Not to Track Me”. You are now sending a message to a content provider that you are unwilling to “Trust” their behavior when it comes to sharing your data. You are reducing your vulnerability by transmit explicit information.

Now imagine you find out that even though you are sending this explicit information that the Web content provider is not only still tracking you but also sharing your data with other parties. Instantly your trust in them is diminished and the lack of value they offer you is also greatly diminished. Trust is therefore ‘Contextual’. You have relied on a Web content provider to NOT do something and they have now failed.

This is exactly where Do Not Track is heading. The very second you transmit that explicit value to a content provider and they do not honor it the whole standard instantly collapses. Ironically they cannot afford to stay in business and offer free services WITHOUT the ability to share your data.

So what does Do Not Track need in order to overcome this problem. What would help content providers ‘WANT’ to honor that setting? Well for one it needs to be marketed as a true standard where one can have ‘confidence’ in the fact that if you chose the DNT setting that you will not be tracked. Secondly it needs to be extended to support additional ‘Contextual Fields’ that the user can share with the content provider. Binary solutions (like the current standard) lack the context needed to deliver value (without breaking the rules). For DNT to truly work it needs a mechanism whereby I can share more data and increase my trust levels in return for a better experience.

This becomes the win – win we so often talk about. Right now it’s a win – lose. If I enable that Privacy setting and the content provider honors it then all 3rd parties are prevented from seeing my data. This means that only the very largest content providers survive and overnight a huge part of the ad industry is wiped out. Ergo the incentive to cheat is so ridiculously high that DNT will fail instantly. If it’s a choice between sharing data and staying in business and not sharing data and going out of business what would you do?

Do Not Track is NOT a privacy solution, it’s NOT a Trusted solution – in short it offers no value to an industry that is built on sharing your data. What we need is a solution that increases the value of my data that I’m willing to share – we call that solution Choice® 

iOS 6 and DNT

Interesting – Apple quietly snuck in Do Not Track inside iOS 6. Here’s how you turn it on. Go to Settings > Safari and then enable Private Browsing. There’s NO indication that DNT is turned on until you check the headers coming from the browser. To do this we set up an echo page that reflects back everything that came from the browser. (link)

Here’s the results:

iOS 6 and DNT

The Future of Social Media Marketing?

The following article was written by Emily R. Coleman, President of Competitive Advantage Marketing, Inc. When I first read it I absolutely knew that Emily had hit the proverbial nail on the head, and with her permission we’re now adding it to our blog.

A friend recently sent me Evan Bailyn’s Outsmarting Social Media with the instructions to “Read it!”  It’s an interesting book, well worth the time to look at.  Bailyn has some thoughtful and practical suggestions and insights on marketing through Facebook and Twitter (although I think Facebook’s new Timeline has thrown him a curve).

The subtitle of the book is “Profiting in the Age of Friendship Marketing,” and one of Bailyn’s key themes is how social media are changing the way marketers and advertising agencies will be using “influencers.”  With social media, the concept of “influencer” (or “trend setter”) is being brought down from the realm of celebrities to individuals in our lives whose opinions we respect.

What makes this granularity and personalization of influence so potent is that we decide who influences us, taking the guess work out of picking spokespersons.  As we add more and more personal information to our personal social media accounts, and as Facebook and Google (whom Bailyn sees as the main competitors in this emerging arena) perfect algorithms for real-time and truly personalized search, marketers and advertisers will be able to deliver their pitches at the level of the individual.  (In fact, Google has just rolled out its newKnowledge Graph or “semantic web” to make searches more personalized and intuitive.) 

Bailyn foresees the time when ads for sneakers, for example, will be sent to you with a picture of one of your individually chosen influencer friends wearing or endorsing the brand.

As a marketer, that sounds pretty exciting.  People will tell us what they want, what they need, and what they worry about.  Even better, they’ll tell us who they know who would influence their buying decision.  Wow!  My job just got a whole lot easier.

I have no doubt that sometime in the not-too-distant future, women will be getting personalized lingerie ads and Cialis™ promotions will be targeted more precisely.

As an individual, however, the whole thing makes me a little queasy.

It’s probably a generational thing, but I have a profound objection to the notion of my friends becoming shills for products.  Certainly, I’m interested in their opinions and experiences with products and services and just plain stuff.  But when I want those opinions, I’ll ask for them.  (And I really don’t care what underwear my friends prefer.)  More important, as soon as these opinions are co-opted by advertisers, they will be significantly diminished in my eyes.  (Actually, I’d probably get in touch with my friends and ask them if they knew they were being used, and what were they thinking!).

Certainly, the idea of friendship (or relationship) marketing is not new.  It is, after all, the basis for all the multi-level marketing (MLM) programs.

What is new is taking the personal out of the personal relationships, interjecting third-party interests between the individual and the individual’s influencers.

What is new is the coming unprecedented ability to gather and manipulate vast amounts of personal information at the most granular and individual level.

Okay, so I admit it.  I’m old-fashioned.  I’m not looking forward to a brave new world where we put more and more of what used to be private information online.  And I’m not looking forward to a brave new world where that information is increasingly accessed by people I don’t know and is used to try and sell me stuff.  I get enough unsolicited suggestions for how I should spend my money as it is.

I have no issue with companies making billions off “friendship marketing.”  I am a capitalist to my toes. (Though I am probably not going to be a very good target for their campaigns.)

But this data collection (voluntary as it may be) makes me queasy because: 

  • It will probably be a matter of minutes before politicians and political causes catch on to the advantages of granular marketing.  They will obviously use this accessible database for fund-raising, volunteer gathering, and get-out-the-vote drives – at a minimum.
  • How long do you think it will be before politicians and government agencies use this data in less benign ways?
  • What do you think the chances are that all this private and personal information you are consolidating on social media sites will not be hacked?

Okay, I’m old fashioned.  But I fear that in the not-too-distant future, we will be reminiscing about what personal privacy used to mean. 

About Emily R. Coleman

Dr. Emily R. Coleman is President of Competitive Advantage Marketing, Inc., a consultancy that specializes in helping companies extend their marketing reach and impact.  Her hands-on experience extends from the development and integration of enterprise-wide marketing communications, through the creation and implementation of strategy to achieve business objectives, into the innovation of techniques to ensure that tactics support business strategy.  Dr. Coleman can be reached at  She can be found on LinkedInTwitter, and Facebook.

Why Privacy cannot be a Web Service


There’s a tendency when you have a hammer to think that everything looks like a nail. There’s plenty of “nails” out there to hammer with your web service, however Privacy isn’t one of them.

Why not?

In a nutshell – Because I want to be in control of the collection, flow and use of my data, AND I don’t want that data stored on a server anywhere where it’s open to others. What a web service does really well is to store and process lots and lots of data. Remember when Willie Sutton was asked why he robbed banks? The answer was simple – because it’s where the money is.

And that’s exactly the case when it comes to my private data. It’s far more profitable to the hackers to attack a data center rich with personal information than to try and access the data from my one device. They can access millions of records vs. a single record. Pretty much a no brainer when it comes to collect people’s valuable data.

Web services are springing up that store your private data for you, and then share that on an as needed basis with Web content providers that you authorize. Sounds pretty good so far (apart from the storage issue). They can charge a fee to manage your privacy. (Hmmm why can’t I manage my own privacy for nothing?)

But that’s not the problem – the problem is the content provider who you share the data with. You have no idea what they’re really doing with you data. What I want is a simple, easy to use solution that allows me to directly build a trusted relationship with a content provider and gives me a choice in how and what I share on a real time basis.

You don’t need an intermediary web service for that. And certainly not one that charges you for the privilege of storing your private data.


Choice – The Lynchpin to Online Privacy



Choice – such a simple word, and yet so misunderstood when it comes to privacy. All I really want is a say in how people use my private data. I want to participate in the process vs. getting frozen out.

In the last few days Microsoft shipped the pre-release version of Windows 8. In doing so they stunned the online privacy community. There crime? They dared to make a choice for the user. In the browser they turned on the default setting for Do Not Track which offers the highest level of privacy.

Quelle Horreur (isn’t that awful). They made a choice for the consumer. The advertising community immediately launched a PR campaign decrying the approach. Let users make the choice on their own they screamed – and to some extent I have to agree. But (there’s always a but) you have to remember that Microsoft is a global OS company and ships their software to countries that have far more stringent privacy laws than ours. Nobody wants to ship an OS that by default opens them up to litigation.

And so they made a choice. In the US the W3C group tasked with coming up with a solution for online privacy is in a quandary. What should they do? Some want the default setting to be the same as Windows 8, and yet others (from the advertising community) argue for doing nothing (no settings are made).

I think we should add a single word here that can help us resolve this issue. “Informed” as in informed choice. If the W3C wants the default set to no settings, then they must offer a choice to the consumer when they go to install the browser.

Simply doing nothing is not a choice when it comes to privacy, and only perpetuates the already high levels of mistrust within the online community.

Privacy is about to get really expensive




Tomorrow is the big day. The day the EU-Cookie directive goes into effect. Already people are talking about how expensive it will be to maintain compliance. Well folks they haven’t seen anything yet. 

It’s not only expensive to be in compliance, you also have to think about the lost revenue that comes from being in compliance. I’ve been surfing around some EU sites and can already see the “banner-like” ads asking if you would like to Opt-In to having cookies on your device. I simply ignore them because there’s NO downside. Funnily enough my experience is IDENTICAL with and without the cookies.

Hmmm – think about that for a moment. An identical experience and I get to keep my privacy. I like it. But this is a #fail. What should be happening is that my experience gets better if I Opt-In.

So corporations are going to have spend money to be in compliance and loss money because they’re in compliance. Time to look for a solution that enables net new revenue from protecting my #privacy.

The Consensual Web

As you know, we’ve been closely watching the discussions regarding the Do Not Track (DNT) initiative.  A key discussion point is about first and third parties and how a third party can become a first party once you click on a “like” button or click through to another site or use an embedded service within the primary site.  But the question arises as to whether or not the average user KNOWS that these actions change the status of first and third parties?

If we cannot determine whose site we are on, then how can we engage in a consensual relationship with the various Web content and service providers?  Here is a case in point:


My journey begins “off the Web”.  I have opted into receive emails so have given my consent to the USA ProCycling Challenge organization to contact me.  Today I opened this email and clicked on the Read More link.


As I finished reading, I see a familiar looking black bar across the top.  I look at the particular URL and realized I’m on a BlogSpot page, not a website. Who owns BlogSpot?  Google.  So now, based upon DNT definitions, Google has become the first party and has a right to capture and use my information (my context) for it’s own marketing purposes, without, in my opinion, my consent.  But according to current DNT definitions I gave my consent the moment I clicked on the link.

I had no reasonable way of knowing that by clicking that email link I’d be sharing my cycling interest with Google.  USA ProCycling’s privacy policy is very clear, “USA Pro Cycling Challenge does not sell, rent, individually post or otherwise disclose any personal information about visitors to unrelated third parties for marketing purposes.”   I did not see anything about Google when I opted in for the emails or read the privacy policy.  There is nothing in the email or on the Web page to make me aware of this change in service providers. In fact, the only reason I know is because I have a personal blog account with BlogSpot (now Blogger) and am paying attention to privacy issues such as DNT and Google’s merged privacy policy, which coincided with their “black bar” page formatting.

I know that this is not some deliberate means to hijack my information, but it highlights the problem with DNT and their definitions of first and third parties.  I never got a chance to provide my consent – or not.  Once again, I have no choice about with whom my data is being shared.

So what is the definition of “Consensual Web”?  It was good for Google, but not for me.  A good Web experience is more than just serving me relevant ads and custom-sorting my searches.  It’s about transparency and respect -and this morning, I’m not feeling very respected.