Privacy & The Internet of Me

I recently attended an industry event where analysts from Gartner and Forrester discussed some of the key industry trends.  They identified two major technology categories:

  1. Wearable Devices – anything from Google Glass to FitBit to RFID tagged clothing
  2. Data Analytics – in particular, those applications and services that present data in a fashion that can be easily consumed by the average business person or consumer –  without the aid of a data scientist or analyst.

The next obvious question asked of the analysts was, “What about privacy?”  In unison, both chimed in that it is the pivotal issue surrounding the success or failure of certain products, services and initiatives in this space.  We agree.

MedConnect

Connected devices provide enormous information about each of us that can be used to help us get more exercise, loose weight, manage our household security, the location of our children and elder parents and even manage chronic diseases more effectively.  This information, if not managed properly can lead to unwanted marketing messages, at best, and pricing or service access discrimination by unscrupulous organizations.  Technologists talk about the opportunity of the Internet of Things (IoT).  From a societal and business policy perspective, the discussion is really about the “Internet of Me” (IoM).

It becomes imperative that users have a choice about the control, use and flow of their personal data.  It also becomes vital that companies who collect and/or use connected device data have clear and unambiguous policies and disclosures about data use.  Remember – pie isn’t free at the truck stop.  There is always a cost – obvious, or hidden.  So before you choose a “free” service over a paid subscription, or finalize your connected device data business plans, take to the time to understand if and how all that “IoM” data will be used.

Re-Imagining the future of the Web

wpid-images-2013-01-24-16-38.jpeg

Hmmm…

What we do differently if we had the chance to do it all over again? There’s no question that the Internet has ushered in some of the greatest changes of the century. And yet as humans we should ponder the question – What if?

What if in the future, the Web could deliver a richer experience and respect my privacy?

Think about that for a moment. It’s actually a pivotal argument which appears to be an almost impossible problem to solve. The Web has always been synonymous with free. As in free content in return for using your private data to deliver advertising.

After 20 years of using the Web i’ve yet to see an advert that appeals to me on a Web page. It’s like they (the advertisers) know absolutely nothing about me. I’ve often wondered why there isn’t a simple menu option in the browser which allows me to ‘share my personal ad preferences’ with the content provider?

And yet to this day there’s nothing.

The question that no one can imagine asking is how can I share my private data in return for a better experience. There’s currently no ‘Internet of You’ (or Me) and yet with Advertising becoming a limited resource (there’s only so many Web pages for ads) why isn’t someone ‘re-imagining the Web’ to provide a richer more personalized experience?

I define Privacy as the ‘ability to control the collection flow and use of my Private data’. What I want in a re-imagined Web is the ability to control that collection, flow and use in a simple and easy to use manner. And in the act of sharing more value with the content provider in return receive more value in return.

If you go back in time (Innovation, The Internet, Standards And the Arrow of Time – Part I & Part II) you’ll see that the key to unlocking the future is to re-imagine the current. In the examples shown you can see how obvious it is as the arrow of time moves forward.

At 3PMobile we started out re-imagining the future of the Web. It’s one which aligns perfectly with the current Web, and then extends it into the future for those who want something better.

Openness – The Key to Monetizing Mobile

(Or Why I think 3P-Based Infrastructure and Value-Add Channels are Sexy)

Over the past decade, rapid advancements in mobile technology and mobility in general, have changed how we live and how we do business.  It has changed us from an “on-demand” world to an “always connected” world.  No doubt, mobile is here to stay and it is big business; but it’s just getting started.  We are just approaching the point where open standards and open channels can deliver the real benefit of a business ecosystem.

Modern mobility started as a walled garden.  The carriers and handset companies controlled everything due to very real bandwidth constraints, network limitations and industry knowledge.  Voice improved, but data experiences were still lacking.  Good money was made on mostly disconnected enterprise app development for Palm, Blackberry and Windows Mobile devices. Over time, control shifted to the OS companies, where vertically integrated handsets and operating systems were designed to support better consistency in the user experience. Unfortunately, controlling the user experience has lead to more restrictive monetization models, locking out most developers from making meaningful money.  Effectively, we shifted the gatekeepers from the carriers to companies like Apple – but at the expense of the channels that provide value-add functionality and content.  One step forward.  One step backward.

Users appreciated the improved experience, so brought their devices to work.  BYOD was born, and with it, arose app development, security and curation platforms.  Emerging leaders in this space include Adobe, Antenna, Good and Appcelerator, to name a few.  In an effort to simplify and improve profitability, market consolidation is underway. While this may simplify things in the future, it is currently wreaking havoc on IT.  Platforms have added complexity without improving the user experience.

The answer to many of these problems is staring us in the face.  Apple had the original right idea – “the real Web on your mobile phone.”  The infrastructure just wasn’t quite ready back then and the user experience was limited to the user interface – which is a naïve view of modern mobility.  An “app for that” was born and now we are living with the fallout.

Improved bandwidth, ubiquitous connectivity, attention to user experience and now, an emphasis on simplifying security, management and app access are all here – everything needed to lay the groundwork for an incredibly rich mobile ecosystem.  It’s an ecosystem, which can be monetized by the greatest number of development, product and service delivery channels.  We’ve made great strides forward, but in order to realize the monetary benefit throughout the entire ecosystem, a new openness must ensue; the kind of openness that is exemplified by the Web economy.

Just as Microsoft created an open and engaging development community that fueled the PC economy, one, or more of these infrastructure leaders must apply the same model to mobility.  How?

  1. Deliver an exceptional user experience.  Include optimal performance, privacy and security management, and the ability to personalize the experience by device, location and personal preferences.
  2. Include meaningful channel monetization opportunities.  Offer standards-based tools, support and best practice advice for developers, integrators and service providers that can be put to use with existing skills and expertise.
  3. Provide a platform that supports choice.  Choice for both app and Web-based solutions.  Choice that supports both free and paid content.  Choice that supports both consumer and enterprise needs.

Once these three criteria are met, as in industry we no longer have to build walls in the name of bandwidth, user experience, or preserving the “free Web” business model.  With the openness of Web standards, we can increase user choice and satisfaction, while unlocking mobile monetization for the entire ecosystem.  (Although the thoughtful few that move first will reap the biggest benefits).

While most people don’t view infrastructure as sexy, I believe that adding the 3Ps to mobility not only makes infrastructure cool, but also enables new channels and all classes of business to fully monetize mobility.   Now, who in business doesn’t think making money is sexy?!

The Future of Social Media Marketing?


The following article was written by Emily R. Coleman, President of Competitive Advantage Marketing, Inc. When I first read it I absolutely knew that Emily had hit the proverbial nail on the head, and with her permission we’re now adding it to our blog.

A friend recently sent me Evan Bailyn’s Outsmarting Social Media with the instructions to “Read it!”  It’s an interesting book, well worth the time to look at.  Bailyn has some thoughtful and practical suggestions and insights on marketing through Facebook and Twitter (although I think Facebook’s new Timeline has thrown him a curve).

The subtitle of the book is “Profiting in the Age of Friendship Marketing,” and one of Bailyn’s key themes is how social media are changing the way marketers and advertising agencies will be using “influencers.”  With social media, the concept of “influencer” (or “trend setter”) is being brought down from the realm of celebrities to individuals in our lives whose opinions we respect.

What makes this granularity and personalization of influence so potent is that we decide who influences us, taking the guess work out of picking spokespersons.  As we add more and more personal information to our personal social media accounts, and as Facebook and Google (whom Bailyn sees as the main competitors in this emerging arena) perfect algorithms for real-time and truly personalized search, marketers and advertisers will be able to deliver their pitches at the level of the individual.  (In fact, Google has just rolled out its newKnowledge Graph or “semantic web” to make searches more personalized and intuitive.) 

Bailyn foresees the time when ads for sneakers, for example, will be sent to you with a picture of one of your individually chosen influencer friends wearing or endorsing the brand.

As a marketer, that sounds pretty exciting.  People will tell us what they want, what they need, and what they worry about.  Even better, they’ll tell us who they know who would influence their buying decision.  Wow!  My job just got a whole lot easier.

I have no doubt that sometime in the not-too-distant future, women will be getting personalized lingerie ads and Cialis™ promotions will be targeted more precisely.

As an individual, however, the whole thing makes me a little queasy.

It’s probably a generational thing, but I have a profound objection to the notion of my friends becoming shills for products.  Certainly, I’m interested in their opinions and experiences with products and services and just plain stuff.  But when I want those opinions, I’ll ask for them.  (And I really don’t care what underwear my friends prefer.)  More important, as soon as these opinions are co-opted by advertisers, they will be significantly diminished in my eyes.  (Actually, I’d probably get in touch with my friends and ask them if they knew they were being used, and what were they thinking!).

Certainly, the idea of friendship (or relationship) marketing is not new.  It is, after all, the basis for all the multi-level marketing (MLM) programs.

What is new is taking the personal out of the personal relationships, interjecting third-party interests between the individual and the individual’s influencers.

What is new is the coming unprecedented ability to gather and manipulate vast amounts of personal information at the most granular and individual level.

Okay, so I admit it.  I’m old-fashioned.  I’m not looking forward to a brave new world where we put more and more of what used to be private information online.  And I’m not looking forward to a brave new world where that information is increasingly accessed by people I don’t know and is used to try and sell me stuff.  I get enough unsolicited suggestions for how I should spend my money as it is.

I have no issue with companies making billions off “friendship marketing.”  I am a capitalist to my toes. (Though I am probably not going to be a very good target for their campaigns.)

But this data collection (voluntary as it may be) makes me queasy because: 

  • It will probably be a matter of minutes before politicians and political causes catch on to the advantages of granular marketing.  They will obviously use this accessible database for fund-raising, volunteer gathering, and get-out-the-vote drives – at a minimum.
  • How long do you think it will be before politicians and government agencies use this data in less benign ways?
  • What do you think the chances are that all this private and personal information you are consolidating on social media sites will not be hacked?

Okay, I’m old fashioned.  But I fear that in the not-too-distant future, we will be reminiscing about what personal privacy used to mean. 

About Emily R. Coleman

Dr. Emily R. Coleman is President of Competitive Advantage Marketing, Inc., a consultancy that specializes in helping companies extend their marketing reach and impact.  Her hands-on experience extends from the development and integration of enterprise-wide marketing communications, through the creation and implementation of strategy to achieve business objectives, into the innovation of techniques to ensure that tactics support business strategy.  Dr. Coleman can be reached at ecoleman@colemanmgt.com.  She can be found on LinkedInTwitter, and Facebook.

The Privacy Oxymoron – How do I increase My Privacy AND still get a great online experience

 

Oxymoron

 

Everyday now there is more and more discussion on Privacy. On the one hand you have the Privacy advocates who want nothing more than complete control over every aspect of their Privacy, and then on the other hand you have the Govt. and online content providers who want even more detailed information on you. 

It’s becoming like a Seinfeld episode – “something’s got to give Jerry!”.

But what? Privacy is really an oxymoron unto itself. If you de-identify data enough it has no value in which case the experience isn’t going to be that great because Web sites are built around figuring out who you are.

Two articles appeared on the Web today:

  1. How ‘Do Not Track’ Could Kill The Internet Startup Economy
  2. Developer Builds Privacy-enhancing Web Browser for Apple Devices

Also I’m starting to see Do Not Track show up in public company filings – saying that it could effect earnings. Let’s face it the Web has been built on the premise that in exchange for “free” I get to use your information. So it could be a huge drain on resources if this standard gets implemented. And now we’re also seeing new browsers pop-up (no pun intended) that basically anonymize your tracks on the Internet, but slows down your experience.

What continues to perplex me is that no one is turning this problem “on it’s head” and looking at it from a different perspective. It’s an opportunity vs a problem.

Lets face it nobody is going to suddenly overturn the last 10 years on the Internet. We’re all addicted to free and we basically turn a blind eye to Web sites using my private data. However with Mobile showing up to the party things are beginning to change. Mobile is deemed “really personal” and so we want to be sure that nobody is tracking us while we walk around. 

So can we really ever have our “cake and eat it to?” 

Well yes – I think we can. I wrote about how in a previous blog (A Contextual Approach to Online Privacy – It’s all about Me) but it bears repeating. What’s going to be needed is a way to placate both “stakeholders” – Me the consumer and You the content provider.

What I want is:

  • Convenience
  • Privacy
  • Control

What the Content Provider wants is:

  • Control
  • Commerce ($$$)

What we have to do is “align” those two sides and give them away to resolve the differences – when we align those sides you’ll see the real power of the Internet realized for the first time. 

So instead of trying to create more complexity, instead look for more simplicity. Alignment vs disorder. And as usual the answer will be staring us in the face.

 

Do NoT Track – Cui Bono?

 

Cui bono

Cui Bono – or in other words, Who Benefits?

Well I’m not really sure. I’ve been doing lots and lots of research into this, and I still can’t figure out how this is going to really benefit anyone other than the programmers who stay employed to try and implement everything. 

Lets start with the definition of Privacy. There are a lot of them but for this blog let’s use the one I came up with:

“Privacy is:  My ability to control the collection, flow, and use of My personal information”.

That’s pretty simple. I want a convenient easy way to control what I share online. If someone abuses the data then I want an easy way to “un-share” that information. So lets see how DNT enables that.

After launching my browser I go to the Preferences and then the Privacy tab. There I select the check box which says “Tell Websites that I don’t wish to be tracked”. So far so good. Now what is meant to happen is that automagically every Web site I go to will start looking for this incoming message and automatically disable any tracking capability that they may be using.

Ok, lets stop right here. Can you imagine the amount of code they’ll have to wade through to check A) to see what they’re doing as it relates to tracking and then B) disable that or re-program it in the case that I haven’t actually checked the Do Not Track box in the browser. This is an incredible amount of work and as the saying goes “what’s in it for me?”

Well not a lot actually. You’ll have to spend time, money, effort to rebuild your site so that it supports this new capability. You’ll have to publish new terms of service, new privacy policies and finally make sure all of it works perfectly. And after doing all of this you may lose ad revenue because you’re no longer sharing customer information.

So lets sum all this up – spend money, and see a drop in revenue. Hmmm not what I really wanted.

However that’s only one side of the equation – what about “Me”… what’s in it for me?

Well not a lot really. You have no way to actually know whether or not you’re being tracked. There’s no change in the amount of data you’re sending – the Web site can still see everything as before. There’s no granular control over what you’re sending and no way to change any of it – or – even add to it. In short it’s a check box with little or no meaning. 

Returning to the question: Do Not Track – Cui Bono?

As far as I can tell – no one. It’s more work for the Web content provider, if they implement it could result in a loss of revenue, and it’s only a recommendation so there’s no enforcement. For the consumer there’s zero benefit. There’s no improvement to the Web experience and no way to verify if the content provider is actually honoring the browser setting.

What about an alternative approach?

For that to work you have to look at the stakeholders, and in this case there are 2. The user and the content provider. What’s needed is a simple way to share more context with the content provider so they can provide an “enhanced service”. Enhanced services drive new revenue which is something they want. The “cost” of this is “Trust”. The more I trust the more I share. The more I share the greater the potential for revenue.

So for DNT to really succeed it has to provide new revenue opportunities for the content providers who are currently trading the cost of supporting the free service by selling your data. The current approach to DNT does not do this.

 

A Contextual Approach to Online Privacy – It’s all about ME

 

ME

In my last blog (Privacy By Design – The Secret Inside the Internet) I wrote about how the very design of the Web allows us to extend it to support a contextual approach to privacy online. In this post we’ll talk about how you can enable it.

But first a little context (pun intended).

The Internet has introduced disruptions at an unprecedented scale and variety. In doing so it has created a “target rich information environment” that is on par with the Wild, Wild West of yesteryear.

Unfortunately what hasn’t kept up is our approach to Privacy. In fact if anything, it’s completely the opposite of private. Now it appears that everything is for sale. So the challenge becomes one of suitable constraints on the flow of my personal information. Unfortunately this is out of alignment with those companies whose profit comes from the unrestricted flow of my data.

So how do we align these seemingly opposing forces?

As humans when we interact we use situational controls to share our context – however up until now there’s been no easy way to add this level of control to the user on the Internet. In fact they’ve been missing entirely on the client side (the browser) – as we seem to be increasingly driven by algorithms on the server side.

Well lets look at the two constituents – Me (the client/browser) and the Enterprise (the Web server) that I interact with. What I want is:

  • Convenience
  • Privacy
  • Control

What the Enterprise wants is:

  • Control
  • Commerce ($$$)

So the commonality between the two is “Control”. To resolve this problem we have to introduce a control mechanism for the consumer that allows him/her to conveniently share their privacy settings with the Enterprise in a way that fosters “Trust”. Remember Trust drives commerce.

The control mechanism is a database that contains my “Me” data. The information (context) that I wish to “exchange” in return for increased levels of trust and a better experience. The database is then integrated into the browser via a plugin. Now all we have to do is use the secret discussed in the last post (headers) to add the data going to the Web server.

Now we have a convenient method to store my data on the device, and a way to easily control what gets shared with the Web server. 

What’s left? The transparency problem. (Or as Prof. Helen Nissenbaum puts it on her essay in “Protecting the Internet as a Public Commons” – the transparency paradox.)

  • Achieving transparency means conveying information handling practices in ways that are relevant and meaningful to the choices individuals must make. Transparency of textual meaning and transparency of practice conflict in all but rare instances

So how do you solve the Transparency Paradox?

You don’t.

It can’t be solved – so don’t go there. Even the Wild, Wild West eventually moved on and so will we. No matter what we say to the consumer their ability to determine the risk level from those documents is going to be different. So keep it simple and start establishing levels of Trust that we as humans do understand.

Then the control mechanism comes into play. As we establish more trust we can share more, and if that trust is abused we can remove trust. That’s what’s really been missing on the Web. The ability to turn off what I share vs. what we have now – without effecting the “User Experience”. If I turn off cookies now my experience come to a halt. Whereas if I’m sharing contextual data via headers the experience can be better or the same – but what it won’t be is worse than it is now.

So there you have it – use a database to store your Me data that you want to share. Have built in controls that allow you to enable or disable data that gets shared as the trust levels increase between you and the Enterprise Web site.

And it’s only been right in front of us for the last 30 years or so.

 

Me, My Privacy, Security and Identity on the Web – Part IV

 

Choice

 

In this blog post we’re going to make the transitional jump from the current Internet, to one that offers more of a choice when it comes to privacy. However before we make the leap it’s important to note – there’s no solution to privacy without trust. The second you share something with somebody else then trust has to be involved. The goal of any solution should be to offer increased levels of privacy based on increased levels of trust. And if the trust is abused, then provide a way for the user to restrict what they share.

Before we make the jump let’s revisit the issues with the current DNT standard. The goal is admirable – provide increased levels of privacy. As we will have to do with any “client – server” solution, we’ll have to rely on the trust worthiness of the content provider, be it a consumer Web site or an Enterprise portal. So by checking the box marked DNT in the browser we’re sending a message to the content provider that we do not wish to be tracked and that we trust that you’ll respect our wishes.

That’s all we’re doing – we have no control over any other aspect of the data that leaves the browser. Think of it like a train pulling out of the station – everything is the same except there’s a little flag hanging off the last coach that says to the next stop please don’t track me. We have to “hope” that the content provider will do the right thing. But what if they don’t? What’s our recourse – can we change anything about the data that was sent to them – to decrease the value of it? Nope. We can’t do a thing. We have no control and we lack a choice in how we want our browser data (fingerprints and cookies) to be respected.

If DNT was to stand a real chance of winning in the marketplace as a standard then the second we turned it on it would disable ALL third party cookies that come down to the device. That would be a huge step in the right direction because it starts to give us a choice in what goes on. So you have to ask yourself why isn’t this being done?

And in those immortal words “Follow the Money” you find the answer. The Internet is a business and in return for providing services for “free” there must be a way to re-coup the expenses. If DNT was to instantly block those 3rd party cookies there would be mayhem – companies have been built on access to customers data and disabling those cookies will collapse their businesses. So the DNT standard has been “engineered” so that this can be handled by the content provider and not the user. And as the Bard said – therein lies the trust, choice and privacy issue.

Without the ability for transparency then I have no way of verifying that there’s compliance. Try opening up your browser and figuring out which is a 3rd party cookie? You have no idea. And there’s absolutely no incentive to let you figure that out. On the contrary there’s a great incentive to “game the system” and not respect your privacy.

Think about it for a moment – if you had to spend thousands or millions of dollars to re-write how you Web server supported this new standard, and by doing so you stood to loose a lot of money, how fast do you think it would get done. (Especially if all it was, was a recommended spec).

At the root of the DNT standard is good old fashioned “Money”. I understand and respect that. After all you’re giving me something for free and in return I should give you something – right? Well yes, but wouldn’t be better if we could actually make the whole experience better? Sort of like adding an overdrive gear to the Internet. I’ll increase the value of what I share with you, if you increase the value of what you share with me and in doing so give me a better experience.

That seems like a far better use of my Privacy than the current approach.

Well I’ve run out of time on this post so in the next blog we’ll make the jump to offering something new for the Internet, something that allows you a choice and allows both you, and the content provider, to share in the value created by increased levels of trust.

The Power of Contextual Menus on a Mobile Device

 

This was an interesting exercise. I went to Google Docs in my desktop browser and looked at the contextual menus in the page.. They were File, Edit, View, Insert, Format, Tools, Table, Help. I wanted to see how long it would take to recreate those exact same menus in a Web page that work on both Android and iPhone (Google Docs requires a Mobile app to do this).

Here’s the result: 9 lines of HTML code, and about 2 minutes to create. Now the really cool thing is that I can change these menus in real time based on someone switching to another service or even another Web site. You could even pre-load from a cache on the device.

 

2012-03-16_08-35-46

 

And the same code runs exactly the same on iPhone

iPHone

The Innovators Dilemma – Improving the Internet so I have a choice in how it recognizes Me

 

In my last blog – Privacy: My Expectations vs.. My Reality I started with a famous quote from Wernher von Braun – you can recover from a production flaw but never from a design flaw.

The design flaw that I hinted at was the Internet’s (HTTP) reliance on Cookies to add “state” to a users browser. This is almost in direct conflict with Privacy. And I know the purists are shouting at me now, but think about it, if I don’t want to be tracked then I should simply be able to turn off anything and everything that could possible use my data, and that includes no more cookies. (Of course the Internet would collapse without Cookies).

So how do we change the current design of the Internet to solve this dilemma?

Before we try and answer that problem, let’s revisit another blog post (Privacy: Do Not Track & the real Elephant in the room) where I quoted two Norwegians and their definition of Privacy.

Selmer and Blekeli in 1977: Privacy is the legitimate interest of a person to control the collection and use of information that relates to him/herself. (Source: “Data og personvern” p. 21, Universitetsforlaget, Oslo)

So now we have the underpinnings of the problem we need to solve:

How do you improve the Internet so that I can control the collection and use of information that relates to “Me” – and do so while co-existing with the current Internet.

Now let’s double check with the current White Houses Administrations proposal to ensure that we’re still all in agreement. Here’s the paper you need to read “National Strategy For Trusted Identities in CyberSpace” Page 2 is the critical page. And here it is:

Individuals and organizations utilize secure, efficient, easy-to-use, and interoperable identity solutions to access online services in a manner that promotes confidence, privacy, choice, and innovation.

The realization of this vision is the user-centric “Identity Ecosystem” described in this Strategy It is an online environment where individuals and organizations will be able to trust each other because they follow agreed upon standards to obtain and authenticate their digital identities—and the digital identities of devices The Identity Ecosystem is designed to securely support transactions that range from anonymous to fully-authenticated and from low- to high-value The Identity Ecosystem, as envisioned here, will increase the following:

  • Privacy protections for individuals, who will be able trust that their personal data is handled fairly and transparently;
  • Convenience for individuals, who may choose to manage fewer passwords or accounts than they do today;
  • Efficiency for organizations, which will benefit from a reduction in paper-based and account management processes;
  • Ease-of-use, by automating identity solutions whenever possible and basing them on technol- ogy that is simple to operate;
  • Security, by making it more difficult for criminals to compromise online transactions;
  • Confidence that digital identities are adequately protected, thereby promoting the use ofonline services;
  • Innovation, by lowering the risk associated with sensitive services and by enabling service providers to develop or expand their online presence;
  • Choice, as service providers offer individuals different—yet interoperable—identity credentials and media

So lets summarize the problem…

The innovators dilemma is to figure out how to extend the current HTTP protocol so that it can offer Me: Privacy, Convenience, Efficiency, Confidence, Control and a Choice in how my information is collected and used.

 

Teamwork

Well here’s the good news – fortunately we only have a production flaw NOT a design flaw to deal with. Let’s head over to read the document that tells us how the Internet works and see if there’s anything there that can help solve the problem using a little teamwork e.g. the browser manufacturers, the W3, Web servers and Content providers all working together to give me a Choice.

The document is RFC 2616 and here’s the important part that points to the answer:

The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. It is a generic, stateless, protocol which can be used for many tasks beyond its use for hypertext, such as name servers and distributed object management systems, through extension of its request methods, error codes and headers. A feature of HTTP is the typing and negotiation of data representation, allowing systems to be built independently of the data being transferred.

 

I’ve highlighted the answer to the Innovators Dilemma.

HTTP is an “extensible” protocol which means that we can extend it to support new ways of doing things. And the way to do that is with something called an X header. In technical parlance this “is a standards based method to extend the protocol with non-standard based data”. The non standard data in this case is secure, encrypted information about me that I chose to allow the browser to share with a trusted Web site or 3rd party provider.

Now how do we integrate all of this? Well we start with the two Norwegians definition of Privacy and use that to determine the control method. If I have to be in control then there’s only one place to add the controls – the Browser. We add a secure database that holds my information – we then allow the user to control every aspect of that database. In essence you can chose to share whatever you want, with who ever you want.

Now lets go to the second part of the problem – the content providers/web servers. Well there’s good news here to. If I trust them, then I can elect to share my data, if they abuse that privilege then I can turn off sharing – I always have control over the process.

So how do they get my data?

They read the incoming X headers (the approved way to transmit non standard data over a standard protocol). Now again I can hear the purists shouting – “that’s going to put a big load on the servers”. And to that I say nonsense – servers are incredibly fast these days and the burden of reading an extra 100 bytes of data on every request even if it is encrypted is insignificant. And if it is – then buy a bigger server. Those bytes are the least of your problems.

So there you have it – the answer to the Innovators dilemma on how to improve the Internet – add your identity to the browser, do it in a way that allows you to control that identity, and then share it using current standards with any Web server. It meets all the White House guidelines, it works with every Web server, firewall, filter and router. It requires zero changes to the current infrastructure other than to ship a new browser with essentially a wallet built in.

In essence this will transform the Internet in to something it should have been in the first place – a “contextually aware data communications platform”. Only this time I will finally have a Choice in the collection and use of that information that relates to “Me”.