Getting beyond Brad's Paradox
The always provocative Brad Templeton, who hung out with a large cadre of geeks at the Internet Identity Workshop (IIW, or IIW2007) last week, has some cautions about new identity systems, even if they are all "user-centric". These cautions lie in a paradox: "The easier it is to give somebody ID information, the more often it will be done. And the easier it is to give ID information, the more palatable it is to ask for, or demand it." The italics are his.
Here he hits on the problem of market power asymmetries (vendors strong, customers weak) that have been with us for the whole Industrial Age, and are with us still. I think we have a way to overcome those, and that Brad's Paradox may provide exactly the conceptual hurdle we need to see before we can make progress.
So let's start with Brad's explanation:
Today, a site that wants to ask for extra information it doesn't really need has a disincentive it has to push you to a form where you have to type it in manually. This makes it far more likely they will ask for this only if they really need it. It makes it really unlikely that they will demand it unless they truly need it. It still happens (I routinely see sites asking for phone numbers they don't need) but it happens less often than if providing this information required merely a click.
Thats because once you make it trivial to hand over your information, you quickly get to the state where only the privacy zealots put up a fight. And thanks to the fundamental theorem of privacy advocacy most people don't care about their privacy until after its invaded this means most people will hand over far more information than needed, and in many cases the few who complain are few enough that companies can safely decide to refuse to deal with them if they wont hand over the information Thats so easy to hand over.
Then he adds this twister: "its against our intuition to think of ease of use as a bug, rather than a feature, but sometimes this can be the case." The emphasis, again, is his.
I believe that Brad's Paradox lies at the juncture of user-centric identity development and VRM, for Vendor Relationship Management. And I believe that overcoming it is a challenge for the latter on behalf of the former.
There is a big (if not good) reason why so many different forms need to be filled on the web, and why it is so far from easy to fill forms, over and over, on so many different websites: each is a silo. Just about every company does business on its own, by itself. Its relationships with customers, even if they are transitory, are private. And, while we're used to thinking of silos as Bad Things in respect to free software and open source code, silos are the very nature of privacy. While we might have trouble with the word "proprietary" in association with software, we don't when it comes to our own private information, dealings and relationships. Same goes for companies doing business. Hence companies need silos around whatever they keep private. So far so good.
The problems come with what companies might do with our private identity data once they get it.
Managing that data is usually some kind of CRM, or Customer Relationship Management system. For all the good these systems can do for customers, managing goes in just one direction. They're managing you, not vice versa. "Relationships" are at the grace of the vendor. We don't set the terms. They do. If they pointlessly require a phone number, we have to give it to them if we want to do business with them. So, if CRM isn't about a real two-way relationship, what is it really about? DestinationCRM answers this way:
CRM, or Customer Relationship Management, is a company-wide business strategy designed to reduce costs and increase profitability by solidifying customer loyalty. True CRM brings together information from all data sources within an organization (and where appropriate, from outside the organization) to give one, holistic view of each customer in real time. This allows customer facing employees in such areas as sales, customer support, and marketing to make quick yet informed decisions on everything from cross-selling and upselling opportunities to target marketing strategies to competitive positioning tactics.
Once thought of as a type of software, CRM has evolved into a customer-centric philosophy that must permeate an entire organization. There are three key elements to a successful CRM initiative: people, process, and technology. The people throughout a company-from the CEO to each and every customer service rep-need to buy in to and support CRM. A company's business processes must be reengineered to bolster its CRM initiative, often from the view of, How can this process better serve the customer? Firms must select the right technology to drive these improved processes, provide the best data to the employees, and be easy enough to operate that users won't balk. If one of these three foundations is not sound, the entire CRM structure will crumble.
So it's all about sales and marketing. Not relating, except on the vendor's terms. This is where Brad's concerns come in. If all identity management does for users is ease the path to giving vendors more information for their sales and marketing mills it makes us more subordinate, more dependent, more silo-bound, more exposed to abuse and compromise. And less private all the way.
This is why we need VRM: Vendor Relationship Management. The idea behind VRM is managing relationships with vendors on our terms and not just theirs. VRM works on the customer's side to manage both transitory and enduring relationships, across multiple vendors and their silo'd CRM systems. As we put it at ProjectVRM, VRM needs to support independence from vendors and engagement with vendors — and to do both with tools and methods that operate on the customer's side. If it
In the latter capacity VRM tools need to face and engage CRM systems that are not yet built to handle independent customers. And vendors won't welcome independent customers unless there's a good economic reason to do so.
And we have one: The customer who has money to spend. This is what I was talking about a year ago in The Intention Economy:
The Intention Economy grows around buyers, not sellers. It leverages the simple fact that buyers are the first source of money, and that they come ready-made. You don't need advertising to make them.
The Intention Economy is about markets, not marketing. You don't need marketing to make Intention Markets.
The Intention Economy is built around truly open markets, not a collection of silos. In The Intention Economy, customers don't have to fly from silo to silo, like a bees from flower to flower, collecting deal info (and unavoidable hype) like so much pollen. In The Intention Economy, the buyer notifies the market of the intent to buy, and sellers compete for the buyer's purchase. Simple as that.
The Intention Economy is built around more than transactions. Conversations matter. So do relationships. So do reputation, authority and respect. Those virtues, however, are earned by sellers (as well as buyers) and not just "branded" by sellers on the minds of buyers like the symbols of ranchers burned on the hides of cattle.
The Intention Economy is about buyers finding sellers, not sellers finding (or "capturing") buyers.
VRM serves intention. It's what the customer uses to express and control that intention, and how vendors relate to it. (Among many other things, potentially, but we're talking about intention right now.)
In a VRM system, IDM (identity management) provides (perhaps even defaults) to the choice not to provide data the customer would rather keep private, including names, addresses and every other piece of information not required to do business at hand. And let's face it, in many (if not most) retail transactions there is no reason to give the vendor anything more than our money.
In fact, if we look at markets from the customer perspective, there is little need to burden vendors with knowing all kinds of crap about ourselves unless we buy into the belief system that a free market is your-choice-of-silo, and that all goodness comes only from vendor CRM systems.
In that Intention Economy essay, I gave an example we often use in both IDM and VRM discussions: expressing the intention to rent a car:
In The Intention Economy, a car rental customer should be able to say to the car rental market, "I'll be skiing in Park City from March 20-25. I want to rent a 4-wheel drive SUV. I belong to Avis Wizard, Budget FastBreak and Hertz 1 Club. I don't want to pay up front for gas or get any insurance. What can any of you companies do for me?" and have the sellers compete for the buyer's business.
There are two important new kinds of variables at work here. One is fresh information coming from potential customers that might be useful to car rental agencies information that can serve to inform and expand the scope of their CRM systems and even their product offerings. If lots of customers want SUVs or vans that seat six, that's useful data. Right now CRM systems only allow input on variables that they've pre-selected. That doesn't need to change, but it could stand to be better informed. The other is data limited to all that's required to do business. Even if I say I belong to an agency's club, I may not need to give my membership data until it's time to actually do business. To tie the two together, my membership preferences (e.g. to decline insurance and to return with a full tank of gas) also don't need to live only inside the company CRM. They can be mine to share with any agency.
We've lived many generations in an industrial age that put consumers at the mercy of producers. We're not used to thinking about the customer being fully independent of vendors, much less about putting tools for independence in the hands of customers for the good of the supply as well as the demand side. But it's interesting to start thinking about what it means to actually relate to a marketplace and not merely to respond to pleas for attention and sales.
The other day I was talking with a high-ranking executive at one of the major retail chains. He asked what the payoff of VRM could be for his store. I replied, "Eliminating guesswork about what customers actually want". He said "That's a good one". Think of the billions spent on the guesswork that comprises most of marketing, advertising and PR. And how much less that becomes when customers are no longer just "targets" for hit or miss "messages", when intentions are actually known and served without the vendor needing to maintain databases filled with useless information about phantoms.
In any case, whatever VRM cannot succeed unless it overcomes Brad's Paradox. If it makes that jump, it will bring IDM systems along for the ride.
Doc Searls is Senior Editor of Linux Journal
|NTPsec: a Secure, Hardened NTP Implementation||Mar 30, 2017|
|SUSE Linux Enterprise High Availability Extension||Mar 29, 2017|
|Hybrid Cloud Storage Delivers Performance and Value||Mar 29, 2017|
|smbclient Security for Windows Printing and File Transfer||Mar 28, 2017|
|How to Calculate Flash Storage TCO||Mar 27, 2017|
|Non-Linux FOSS: Don't Drink the Apple Kool-Aid; Brew Your Own!||Mar 27, 2017|
- NTPsec: a Secure, Hardened NTP Implementation
- smbclient Security for Windows Printing and File Transfer
- Hybrid Cloud Storage Delivers Performance and Value
- SUSE Linux Enterprise High Availability Extension
- Returning Values from Bash Functions
- Non-Linux FOSS: Don't Drink the Apple Kool-Aid; Brew Your Own!
- William Rothwell and Nick Garner's Certified Ethical Hacker Complete Video Course (Pearson IT Certification)
- HOSTING Monitoring Insights
- Three EU Industries That Need HPC Now
- Hodge Podge