Questions of VRM, privacy and consent, advertising and technology

Posted on by Philip Sheldrake

Alice
PostShift kindly hosted the hi:project’s second London meetup yesterday evening. This post is not intended to be a record of the conversation, more a Q&A based on some questions raised at the meetup and in other fora in the past week or so.

By the way, Alice is our name for the citizen, the individual we seek to serve across all her roles in life.

Why does Jon Husband call the hi:project the epitome of VRM?

Many ProjectVRM ventures have focused on storing personal data, seeking then to monetise that service. This is fatally flawed. Personal data needs to ‘breathe’, to be situated within other data, in order to become more useful. And Alice doesn’t want to pay for her personal data bank, much like she doesn’t want to pay for personal banking (and that’s something she actually understands!)

Alice doesn’t get data. She gets when she’s overdrawn. She gets when her diabetes is erratic. She gets when she’s in too many meetings. In other words, she gets information, not data.

The Black Box Society, Frank PasqualeJon is a hi:project champion and one of the first to appreciate that Alice’s experience then is of the interface, that which translates data into information. And that’s incredibly valuable because the interface is the locus of the data / information and the nexus of her contextual privacy parameters.

In moving the interface from the machine, where it resides for mere atavistic pre-digital reason, to the human, organizations (the machines that proxy for them) adapt to Alice rather than insist she adapts to them. It is usable and accessible and distributed and finally we can help to realise Sir Tim’s vision of an open Web available, usable, and valuable for everyone. It’s human-centric, and we lay the personal data and privacy foundations for a citizen-centric IoT to almost everyone’s relief (centralizers excepted).

Now Alice can consider facets of her life (eg, financial health) rather than merely consume services (eg, current account app). Now she can interact with the pervasive computing environment directly rather than through an intermediary necessarily. Everything gets an interface because Alice brings her own. And speaking with Prof Frank Pasquale (The Black Box Society) last week and with Adriana Lukas last night, I know we’ll have empowered Alice to understand, select and tweak the algorithms that she has helping her in life, and possibly those that have influence over her life.

How do we get HI to Alice?

From working with the Mozilla Firefox team for several years from version 0.7 I know it’s hard to pursue mass adoption of open tech one person at a time. We have therefore designed the hi:project model so that the HI (human interface) is seeded with Alice through those organizations that already feature in her life, to her advantage and theirs. For example, one day her bank extends the normal UI, the following day it’s HI, and all that Alice appreciates is that the HI has some interesting capabilities that develop, explicitly and implicitly, over time.

In other words, we don’t go from zero to hero, and we don’t need to boil the ocean, as our American cousins like to say. While we might strive in the very long-term to deliver the interface that aspires to be ‘perfectly yours’, we just need to offer a HI at first that’s at least as good as the UI designed for the fictitious Mr. Average that preceded it, and one that helps Alice help organizations comply with the General Data Protection Regulation (GDPR) and similar regulation around the world.

More on UI versus HI here.

How do organizations ask for consent?

Meaningful compliance with the GDPR and similar regulation demands crystal clear comprehension when it comes to asking for access to and use of personal data, and there are many attempts at communicating privacy policy.

We’re aware that this isn’t necessarily straightforward given that privacy is partly a function of context and everyone’s context is in constant flux; a point Doc Searls (Berkman Center for Internet & Society, Harvard University, and Instigator at ProjectVRM) makes on our Champions webpage. Some privacy experts talk about algorithmic consent (see above re. Prof Pasquale) given that it’s almost impossible to envisage requiring explicit consent for every interaction as Alice walks through a pervasive computing environment.

Moreover, the HI platform needs to be parsimonious in its protocols in order that any instance can be localised in terms of regulations and subsequent and inevitable legal (re)interpretation of those regulations.

Of course all this applies to each and every technological response to compliance with the GDPR and similar regulation. Being an open framework codified with open technology by an open community, we believe the hi:project is best placed to host that dialogue and divine appropriate instantiations.

Besides privacy, what else does the hi:project do for the consumer?

First, if you’ll allow me to be a pedant, we celebrate the human not the user, the individual not the worker, the person not the consumer. We don’t think this is just semantics – consumer is the enterprise’s label for Alice, but the hi:project isn’t enterprise IT. It’s Alice’s IT. It’s human IT.

Our project works for Alice for all the roles in life. The roles of customer and citizen are our first priority because (1) that’s of primary interest to business and government, (2) it’s a hot topic right now (eg, the GDPR), and (3) it’s the best route we have to seed this capability with billions of people.

Today, clarity and comprehension are thwarted by multiple, inconsistent and too often poor user interfaces, none of which are tailored to our specific digital, numerical, information and visual literacy. The hi:project delivers benefits across a number of facets as this short handout prepared for the Web Science Trust (PDF) communicates, not least digital inclusion and accessibility, including a citizen-centric Internet of Things. And while it might sound contradictory at first, our focus on privacy facilitates openness.

Won’t consumer goods companies still want to target ads at Alice?

The Intention Economy, Doc SearlsDoc’s book offers the best response to this question – Intention Economy: When Customers Take Charge. I’ll attempt a shorter response! …

Consumer goods companies don’t exist to advertise. They develop, make and sell consumer products to the mutual value of its consumers, channel, employees, shareholders, and one hopes the planet too.

With hi:project type capability, we can move away from thinking about the company marketing the availability of its widgets, towards Alice marketing her desire for them. Some people call this intent-casting, hence the title of Doc’s book.

In effect, we’re not hobbling any company’s facility to develop a relationship with Alice based on personal data; rather we’re encouraging trust in that relationship by migrating from a hyper-surveillance dynamic to a permission dynamic.

Alice can set parameters that welcome adverts and offers for certain products or from certain companies, but importantly she has to have domain over her profile (per compliance with the GDPR). What remains important to a consumer goods company is that it has the opportunity to match its products to a relevant need / desire / intention.

Now publishers can charge Alice for advert-free content, or invite her to ‘pay’ with her data (ie, for the display of relevant ads), or a combination of the two perhaps.

Now, if Alice subscribes to a company’s values (perhaps the very definition of the brand in the 21st Century) and/or has a preference for its products, she can for example chose to share her washing machine’s data with the company in order to help them with product development and possibly the provision of a personalised product. This is insight that the company could never have obtained legitimately under the hyper-surveillant dynamic. Alice is no longer a mere consumer but a co-creator. Alice and her washing machine and her data are part of the company’s brand.

I’d also point out that the HI does not replace websites or other forms of digital media. Our focus is the interface by which we manage our digital interactions with the organizations in our lives. In other words, there’s still plenty of opportunity for good old-fashioned advertising if that’s what works for you.

How do you describe the tech?

The hi:project doesn’t require a eureka technology breakthrough, just the prodigious application of today’s Web standards and open tech. It is not ‘blue sky thinking’ – we have identified the technical, social and commercial levers required to seed this capability with everyone with an Internet connection through the organizations that already feature in their lives.

The hi:project re-imagines the user interface as a lightweight artefact that can be shared within a community-based ecosystem. They can be hosted on Alice’s own devices as an application, a pluggable component of a custom browser, or integrated within web applications provided by third parties. The participants are able to freely copy, modify and share improved or customised components.

Because Of …

Riffing of Doc Searls, JP Rangaswami talks about Because Of / With.

In our context, the hi:project is non-differentiating, providing the platform for everyone to succeed Because Of. A commercial vendor, of a GDPR-related service for example, attempts to profit With their technology at others’ expense, but such a vendor cannot compete against the open initiative once sufficient organizations recognise the collective Because Of value.

We’re currently at the “once sufficient organizations recognise” stage.

Update 28th May.

The previous reference to “ProjectVRM initiatives” now reads “Many ProjectVRM ventures” to distinguish between the scope of the project and its commercial interpretations. This is followed by a reference to the need for personal data to ‘breathe’ per our submission to the UN Data Revolution Group.