Archive for November, 2011

PII 2011: Owning Online Identity: Consumer-Managed Data

November 15th, 2011

Fatemeh Khatibloo, Forrester Research moderates panel with Jason Cavnar, Singly, Todd Cullen, Acxiom, Shane Green, Personal, and Mary Hodder, Personal Data Ecosystem Consortium.

Fatemeh: why do consumers care? Jason: consumers have a sense of things being out of control. Todd: clients desperately looking for meaningful way to interact with consumers. On supply side, it’s new territory. Huge demand on marketer’s side. Shane: at core, we realize that who has access to our data shapes our experience, access, opportunities. Value: there’s a blindspot about what data is worth in additional value exchange. The more you start to see the opportunities as tangible, the more value is obtainable. Mary: This event is at a good time. As users get stalked online, they become aware that something’s happening, don’t know what to do, start calling senators. Opportunity for alternative to Do Not Track legislation, market solutions.

Fatemeh: privacy audits, do they provide a false sense of security when the government starts to audit the big companies? Shane: follow the money: big money in top right corner of Facebook (strong tie to advertising). People are waking up in unexpected ways to see connections between dollars and sense. Survey in their marketing: difference between “stuff in the attic that might be sold” vs “spy or thief in my attic.”  Jason: general awareness, at consumer level it’s my data, Sand Hill Road and companies that make money monetizing personal data. He’d like to see Silicon Valley invest in this respect as better model. Mary: zooming out a bit, how this works revolves around incentives (shipping parties, 3rd parties) and how they’re structured, and how does that structure support the business model? Going back down to audits: they’re meant to inspire fear as provocation to do the right thing. But how to incentivize the parties to do the right thing from consumer’s perspective?

Fatemeh to Todd: privacy and audits, marketing disconnect, who do we talk with in these organizations to make a difference? Todd: I wish it were one person such as a data steward, but that’s really rare. Our data is traveling around the web, should be easy to capture it for free. As long as this disconnect persists among marketers, no incentive to contribute to solving “a problem.”

Jason: Infrastructure needs to be put in place. Shane: lots of teaching, CEOs don’t understand how they got in the Wall Street Journal for spying on people. Mary: we talk to folks in advertising and trade agencies, Salesforce and CRM companies, media buying entities… right now they’re heavy users of personal data online. Folks are getting on board, need to know what business model is and how to fix this. Jason: there’s an enterprise need for interoperability too. Business model will be around easy access to customer control of data.

Fatemeh: industries that will help propel this forward, who has the most to lose and the most to gain? Jason: it’s the #2 in every market. Mary: banking and finance, there’s a lot to gain, high value in helping with most basic functions (e.g., reconciling statements with Mint), documenting meta-data around trades of data. Shane: agree that #2, 3, 4 players have a lot to gain. This is really tough for big incumbents because of embedded complex systems. Too much friction getting access to certain kinds of data that could reinvent/innovate travel processes, for example. Smaller innovators can tool up faster. Todd: high tech firms are not traditionally big buyers of data. Drive to grow globally: lack of reputable suppliers.



future, records, tools , , , , , , , , ,

PII 2011: Personal Identity Management

November 15th, 2011
Comments Off

Forrester analyst Fatemeh Khatibloo asked if people had made available their report Making Leaders Successful Every Day. Report is available from Personal. She talks about car buying process as an example: start with personal RFP-type offer, receive offers that are customized to our concerns. Our interactions with dealers lead to purchase of a car. (Related: see ISWG’s Car Buying Engagement Model.)

Five key concepts that brands and companies need to do to engage:

  1. Respect my data, respect me
  2. Security of infrastructure, governance
  3. Transparency
  4. Data portability
  5. Economy, including penalties for bad behavior

Why is this coming? Consumers are fed up (breaches), but want relevance, convenience and value. Gigya study on single sign-on says many people use social sites for logins.

What should marketers & brands be thinking about: Rewrite your privacy policies to be understood. Create an organization-wide data governance policy. Install a data steward to liase between org and consumers (distinct from IT Privacy officer). Start working towards true data portability.

In future, Forrester is looking at redefining personal data, trust frameworks, how VCs look at this industry, etc.

records, tools , , , , , ,

PII 2011: Startup Spotlight: OneId

November 15th, 2011
Comments Off

PII 2011: Startup Spotlight: Disconnect

November 15th, 2011
Comments Off

Brian Kennish and Casey Oppenheim of Disconnect on this session. They’re a privacy start-up making simple tools to help manage data. Brian worked at DoubleClick, Google. Casey worked as (criminal?) investigator in Manhattan, lawyer about privacy. History of company: article on Facebook leaking vast private data store. Created a browser plug-in expecting small group, ended up with many users in 2 weeks. Study about how much data social networking companies collect (lots! wow.). Same thing with ad companies: “anonymous” may not be so. (Note: look for Brian’s talk at DefCon)

Browser extension: disables 3rd party tracking, depersonalizes your searches, shows blocked services & cookies, easily unblock services. Privacy icons project: four icons that represent various privacy policies.

Revenue model: pending, in the works, users may monetize their own data.

How do we know, how do we understand what’s in these TOS agreements? Hoping to crowd source various policy statements. At some point, icons will be displayed in browsers. When users understand what’s happening with their data, they’re more interested in privacy.


records, tools , , , , , ,

PII 2011: Making Privacy Portable

November 15th, 2011
Comments Off

Larry Downes moderating panel with Chris Babel, TRUSTe, Jim Brock, PrivacyChoice, and Chris Kelly, Kelly Investments. Jim: PrivacyChoice’s mission is to make privacy easier: managing online, templates, partners & their APIs. We’re bootstrapped right now. Chris B: TRUSTe: privacy services have evolved into advertising, mobile and cloud spaces. Was non-profit but 2.5 years ago we went for-profit. Chris K: companies with data components of user behavior, concerns with venture model.

Larry: privacy was a cost (or risk) of doing business, now we’re looking at empowering users in a way that generates profits. Anecdotal experience in making privacy profitable, and what we learned? Jim: customers have been coming to us (on business side) with a compliance model, wanting to see uplift in their site with TRUSTe seal. Customers have concerns, their seal helps address that. Chris B: space between customer needs and marketing efforts. “Profile Choice” allows real-time bidding on aggregate-able info, didn’t find the right mix at that time. Chris K: misunderstandings between what companies are trying to do and what customers believe they’re doing. Using data for ad targeting within a company privacy policy. Beacon became Facebook Connect.

Larry: Beacon, and Google Buzz, had unsuccessful launch: unclear purpose (benefits), generating FTC complaints. Is there something about the launch of a product or service that makes it more dangerous or risky than other times? Jim: use of large datasets are prone to claims of changing the rules. If you’re working in areas that weren’t contemplated, that can be confusing, need to think about how to advance sharing practices. Navigating these waters is extraordinarily difficult. Jim: any future change may be viewed as a breach of privacy, unexpected changes (lack of or poor communications, offer choices, does company honor user choices, no accountability). Chris K: FTC, government isn’t in a good position to deal on this level but you don’t want to attract their attention.

Larry: sources of funding? Chris: question is no longer is privacy big enough, now it’s what are the top level matters? Investment community–advertising (every $ spent wants to be more targetted). Jim: process in ad targeting space, global, and how little is online: ad people are demanding more information about who’s receiving their ads.

Larry: about your not taking public investments? Jim: happy accident.

Chris K: Forensics for providing choice or for analytics/response: there are techniques, can take better control over this as web providers to help users. Data flow as arms business: companies that need to control what’s happening on their site or people who want to offer services to consumers. Chris B: targeted ads now more transparent. Balance against malware, cookies and their sources that feels more like security.

Larry: FTC’s interest in these issues, pending legislation in Congress–how does possibility of regulations affect climate for investment? Chris K: uncertainty is a cloud, straightforward means of regulation can move industry forward. But interim finger-pointing, lobbying gaming, are problems. Likes EU model, but we’re moving away from that. Chris B: gov is crowdsourcing communities, online advertising and ad space initiatives are trying to be more self-regulating. Still uncertain, industry groups and co-regulation being brought up and talked about. Chris K: Congress is a giant consumer of these targeting services. Behavioral targeting seems to be settling. Larry: what if a new regulation passes that takes a business model out or forces… Chris K: legislation takes time to effect.

Questions. Did people that saw the TRUSTe seal click on the seal or just go with it? Chris: clicks were low, most people recognize seal as an envelope.  What are people choosing? (site can collect, store, use for ad targeting, give to 3rd parties) Chris K: policy should say. We can’t make sure people read the policy. Do I have a right not to have data collected? Ends up as different perspectives from people vs industry, investment (collect data).

future, records, tools , , , , , , , , , , , , ,