The conversation is about control. Ownership to gain control of what is inalienably mine already is a less advantageous position. The activity of managing my own personal information is => ownership.
I think there is a confusion tying ownership to control in that ownership should instead be looked at like an action, ownership being actualised in the activity of managing. What is needed here is a taxonomy not a right. I propose No requirement of ownership. If we need to be something, why not a master data controller? Adding only the one word 'master' to the current written interpretation of data protection law illustrates a taxonomy in the responsibilities on data controllers. Something we all are, already. Identifying oneself as a master data controller of that information gives the individual the power to slave data. Identity Ownership breeds the potential of an identity slavery which can be socially engineered over people. I suggest that we instead impose a slavery over the data we control and create. Let the learning curve of the individual be the activity of the user-centric.
Sidestepping the ownership conversation with a position of being a master controller is the catalyst. The discussion of ownership vs lack of ownership in effect defeats the purpose of fighting for ownership as the fight focuses on a illusion that we cant manage our own identity without external rights. When in fact we can sidestep this whole issue by managing our own identity and there are many new technologies on the way to help us do that. Marx didnt conceptualize information technology and the power to exploit and protect ourselves.
I think that is a tremendously misleading reaction to the problems of mass media capitalism, which prevents what you rightly describe as "a balanced position between parties" in marketplaces.
I think that talking about ownership over identity is just what is misleading. Ownership is misleading, and an unnecessary step. The cou de gras is that we all have control without an external requirement of ownership. The VRM conversation is a commercial soft spot to help re-interpret the existing infrastructure in very viable ways. A middle ground for a balanced use of these management tools.
As for,
Abolishing property, as proven by Leninist Marxism in action, only establishes a higher authority that benefits at everyone's expense.
I will always defer to the 1948 Universal Declarations of Human Rights, We all are the higher authority, (the dog is god allegory). VRM understands that for people to take some burden and for companies to take a different burden that facilitates better type of business relationship. Businesses need to advertise different things than they are now, and people need better tools to advertise differently. The work and control in the relationship being re-distributed. This is something that is organically evolving via a learning curve, which I am sure we all have numbers on. (dog food appreciated:I would like to compare numbers, msg:me)
Overall, I disagree with the mechanics of your post but agree with your conclusion. The majority of everything that has value in relationships comes out of activities where people are not customers. My 3 year old son is yet to know he is a customer. I agree, and I think most others will also agree that: We need to be careful that in tearing down these commercial walls we don't utterly destroy our personal control of individually identifying information, information about our relationships, interests and content of our thought
- m
"Sell not virtue to purchase wealth, nor Liberty to purchase power." - Ben Franklin
On 13 Oct 2007, at 02:29, Mitch Ratcliffe wrote: Joerg,
Thanks for this. I don't agree with the idea that information cannot be owned. I think that is a tremendously misleading reaction to the problems of mass media capitalism, which prevents what you rightly describe as "a balanced position between parties" in marketplaces.
Specifically, I think that we have to assert our individual rights to property in personal information so that we, as the locus of information, are able to exercise the appropriate control of that information. It is analogous to the relationship between "natural resources" and who benefits from them. If information about us cannot be owned by us, we are not going to benefit from its exploitation, nor do we have the control to prevent its exploitation. The result is that our resources become someone else's property by dint of their investment in organizing it. So, the guy with the biggest shovel wins, a tragic repeat of the last 400 years of history, if not all history.
I also prefer capitalism as an impetus for participation in the economy. Witold Gombrowicz, in his Guide to Philosophy in Six Hours and Fifteen Minutes, points a critical element of the choice of language to center our understanding of value when he criticizes the basis of Marxism:
"For me, the Marxist question was absolutely badly put because they asked from the moral point of view of 'justice." Bur the real problem is not moral, it is economic. To increase wealth is the priority, the distribution of wealth is a secondary thing.... So, the word 'worker' does not mean a physician who works hard from morning to night, but rather it means a street sweeper who works for five minutes and then looks at the wall, etc.... According to Marxism , we are faced with a distorted humanity. It is exploitation which is the source of power. It is our consciousness which is distorted, because it adapted to a system of exploitation it does not want to admit to. Marxism is an attempt at demystification. In a philosophical sense, Marxism does not posit an exact idea of the world, but only a liberation of consciousness so that it may react in an authentic and not deformed way to the world and man."
While I agree generally with the aims of the VRM idea, I believe the language we use is important and the label VRM is incorrect. If we define this design problem based on the idea that "people are foremost customers," which follows from a definition of transactions as primarily commercial with "vendors," we end up perpetuating the commercial nature of what we are reacting to, which is the overwhelming dominance of advertising as the financial mechanism that drives networked interaction.
And if we say information can't be owned, it delivers value only to those with the resources to put it to use. It puts all of us in the position of property whose value can only be organized and exploited by a third party. Abolishing property, as proven by Leninist Marxism in action, only establishes a higher authority that benefits at everyone's expense. While his analysis was spot on, Marx's revolution was built on definitions that obliterated the individual's power.
We must center this on the user as a person, not a customer before they are a person. Ownership of our identity and all that defines it, including our relationships—which is one of the key areas I am focusing on—is critical to providing a basis for negotiating with the world. We are the home for the rights, because rights are not accorded to government or any entity without some prior negotiation (read Hume, Locke and Montesqueiu --or Habermas) in which the individual cedes their power.
If we don't use the concept of ownership to assert our control of information, we are left unrepresented, like a hillside full of coal under the blade of the biggest shovel trying to get the stored energy out and into "productive" use.
Its our lack of ability to manage our information, not own our information which has to do with control .
Let's look at your example of the doctor's diagnosis. Yes, the diagnosis would not have been recorded without the doctor, but it only represents the identification of one case of a general condition that would not exist without me having that condition. Now, did the doctor create the condition? No, she diagnosed it, and I paid for that diagnosis. If I don't authorize the sharing of that data, the doctor has no right to use me as an individual named example of a person with that condition. If I need to verify my condition to another party, I may have to pay the doctor again to transmit the information about my condition to, say, an insurer, but that doesn't constitute a transfer of ownership of the information about me.
Now, think about this? What if the doctor diagnoses herself with a condition? Do they own the diagnosis anymore than another patient? No, because they still have to have it verified by a third-party if they want someone to pay for treatment. If she treats herself at her own expense, which is illegal for regulatory-legal reasons, she has merely retained information about herself while no other conditions of the transaction have changed compared to any other patient's asking for and receiving treatment.
Just as it is a mistake to lionize the "worker" versus the bourgeoisie "executive" or "doctor," it is a mistake to lionize ourselves as customers, because we transact much more often without trading value. If we don't give individuals control over their information as individuals, before the occurrence of a transaction, we discard much value that still needs to be protected. Then, we individuals can choose to use our power or not, by acting on their own behalf or through an intermediary or intermediaries. Better than being an unrepresented natural resource, if you ask me.
Finally, the fact is that we do not have walled gardens with regards personal information today, though that is the primary mode through which we experience the power of our personal information. Personal information about us is everywhere, floating free and unrestrained. Indeed, there is more information about us than we can conceive, as anyone who has had the FBI in the United States show up at their door because of what they choose to read.
We need to be careful that in tearing down these commercial walls we don't utterly destroy our personal control of individually identifying information, information about our relationships, interests and content of our thoughts. And 90 percent (to choose an arbitrary number the represents the overwhelmingly social nature of our interactions) of that identifying information exists outside the vendor-customer nexus.
As I've read this list for the past however many months it has been, this has eaten at me and it has presented itself in a series of tangential debates about the notion of identity and property that prevent a breakthrough. It's why I haven't posted much. I'm not coming out against the ideas being discussed, just asking for careful consideration of language. Gaining clarity on the issues I am raising, I think, will provide greater clarity in the design issues we face as a group.
Best, Mitch
P.S. -- Doc, I will respond to your excellent reply shortly.
On Oct 12, 2007, at 1:14 AM, Joerg Resch wrote: After some time of reading – my first posting now. I´m not very used to mailinglists, please excuse if I force any written or unwritten rules. Mitch, I would like to point to the fact that information cannot be owned, because it is not kind of an object which may be attributed to a subject by law (which itself is information as well). There is a very good publication about the ownership of information from Jean Nicolas Druey: http://cyber.law.harvard.edu/home/uploads/339/Druey.pdf . So, talking about the persistence and flow of identity information between parties and through market places, we should not try to think, that we can own that information. If I understand the VRM discussion and the concept of user centric identity right, it is about creating a more balanced position between parties taking part in whatever market place, where some kind of “rules layer” on top of the information layer gives me the power to influence it´s flow. I´m not the owner of my doctor´s diagnosis, even if it concerns me. But I may have some rights influencing the distribution of this diagnosis, because it affects me. We need a home for these rights, instead of trying to own information. VRM, how I understand it, is about creating kind of a rules metasystem above or beyond the walled gardens we currently have. Joerg Resch Kuppinger Cole From: Mitch Ratcliffe [
">mailto:
]
Sent: Freitag, 12. Oktober 2007 04:32
To: Mark Lizar; ProjectVRM list
Subject: Re: [projectvrm] Microsoft's Personal Health Care Records Bank = owner? Banks don't own the money they hold. Remember that every ledger sheet has to balance--banks make a profit on their management of money, including their own balancing of assets and liabilities as well as from fees paid for transaction (management of money) services. Banks don't own money, which is technically the property of the central banks that issue currencies. We may own our data, but it seems the problem is working not with one intermediary, as in the resource-constrained geographically disparate cash or electronic money economy, but many intermediaries in a variety of domains. Even banks have clearinghouse services. Perhaps the better taxonomy is: Central Banks create and own bank notes = people create and own data about themselves (and have the same level of connectivity, albeit not throughput). Banks = "value-added" domain-specific intermediaries Currency = no user-centric analog, which is why banking analogies fall down and why VRM pushes social exchanges to the fringe. We don't need a currency to complete this picture. We need to forget it. Data flows from place to place, but must be recallable by the owner as the volume of bank notes in circulation may be expanded or contracted by a central bank. That leaves the bank dependent on the central bank, just as an intermediary should be dependent on rather than in control of its customers, the owners of data. Transactions in social environments are not solely about the exchange of monetary or commercial value, as it may also be gifted value, prospective sharing of data to discover potential value (which may be the basis of a future negotiation that, if it fails, results in revocation of access to data), or may have no value ("sharing" or "altruism"). Trust cannot stand in for a currency, because it serves a different function and is variable from moment to moment and relationship to relationship across various topics. I spent several years working with the Chaordic Commons, which was attempting to extend the shared ownership-distributed governance system that produced VISA. The type of "bank of the future" mentioned below is tremendously complex and not amenable to comparisons to cooperative banks, because there are many informal settings for the exchange of information prior to, during and after, even in lieu of, a commercial transaction that was simply ignored by banks. Indeed, many of the functions of those banks formalized processes that are trivial today. Being an objective third-party recorder of transactions and notary services were the primary value-add provided by these cooperative banks, and at a far higher cost to users than data networks require today. So to draw out the metaphor based on this taxonomy, if the money is like data, the basis of exchange can be negotiated anywhere, but the access to the actual specie needs to reside on each of our "central banks" on or controlled by our PC, phone, etc. so that the owner of that data/specie can regulate the value of that asset, and in both strictly monetary and social senses. The problem that I've finally identified in my reading of this discussion over the past months is that all the scenarios proposed describe commercial transactions of one sort or another as the default design challenge, to the detriment of the much wider range of social interactions in which we use and share information. We don't change currencies from dollars/euros/yen/RMB to split a bill and pay for drinks among friends while using some other currency to pay for business services or capital goods, unless geopolitical borders are crossed. Money is money, give or take the current exchange rate between currencies. We don't call the minister to talk about giving alms in the form of livestock while insisting he pay us for what we sell him in cash. Even in medical records we see the need for different forms of access to, and management of, personal medical information that do not relate to commercial transactions or value exchange. We don't create medical information, we are medical information, most of it necessarily recorded by experts who interpret many factors to provide a diagnosis, treatment or as a part of wider study. We pay a doctor to see and diagnose our condition; she writes that information down not only because of the fee we paid for the visit, but for her own future use, because of regulatory requirements, the requirements of insurers and transaction processors, legal liability management and, if they participate in clinical research, for use in research. We may want to share that some or all of our medical information to find others with similar conditions or to contribute to research for a cure without ever contemplating an exchange of value. The problem, then, is how to interact with the different intermediaries who might interact with our information in response to economic, social or survival needs. I'd wager that the majority of those interactions during your typical day, while they may be a source of value to someone, are not primarily commercial from your perspective. So, before we get to the bank, we have to start with the social interactions that precede or moot the need for fixed exchanges of value. Before we are a customer we are someone or many persona who isn't a customer, yet in discussing this question we begin with the role of customer. That isn't user-centric. On Oct 11, 2007, at 5:48 PM, Mark Lizar wrote:
The idea of a community driven and trusted intermediary is a very attractive model for a bank of the future. Theories that trust can be used as a currency replacing money provide a good concept of how an identity bank may prove valuable. Although I think for VRM and the user centric perspective as a whole, there is the core concept that the individual should be the identity bank. What is underlying such an effort is 'clarity' over control of identity. On 10 Oct 2007, at 14:13, Bart Stevens wrote:
All, Why don't you start with setting up some sort of bank? (The Swiss are good at this in the old world with the numbered accounts). And you structure it into some sort of corporative framework. (In some European countries farmers started banks in the old days, like Rabobank in Holland and KBC in Belgium) This way you "give" the ownership/shareholder-ship to the community members, and by doing so you can create some sort of trust. Instead of leaving this to the Microsoft's or Google's of this world. Hope it's clear, if not let me know. On Oct 10, 2007, at 2:47 PM, Michael Becker wrote:
From a marketers prospective, one of the leading Relationship Marketing theorists, Gummensson (see ref. below), tells us that there are 30 different relationships that the marketer must contend with, including government. So, you're absolutely right. There are a tremendous number of governmental rules and regulations, industry best practices and self-governance code of conduct and similar guidelines, specific corporate compliance rules (e.g. rule one must follow to deliver traffic on a mobile carrier network) not to mention common sense that the marketer/brand/company must adhere to in order to compete and thrive in our ever increasingly complex world. One thing that comes to mind while reading these threads is that there may be a situation where the VRM system actually knows more about the consumer than the consumer themselves. In fact, the consumer may not like what they see, in which case we're going to be grappling with consumer psychological avoidance and acceptance models when considering the diffusion and adoption of VRM business models. For instance, using the health care example, some people may simply not want to to know that they have Cancer. Also, for some other diseases that carry with them a social stigma the consumer may know the results of the test but simple does not want this data memorialized in their PKB. Moreover, with the later situation, who will own the liability if this data "accidentally" gets out to the real world? The PKB developer, the hosting agent, the bank, hospital, brand, the consumer (what if the breach was no fault of the consumer)? Who will be responsible when the consumer has their health insurance raised, or loses coverage, has their reputation within their social circle damaged when the data some how goes public and hits the press, etc. These are some very real and quite challenging situations to grapple with. Ref: Gummesson, E. (2002). /Total Relationship Marketing/ (Second). London: Butterworth Heinemann. First, I must confess that the intellect of this group never ceases to amaze me. I often feel like a kindergartener eavesdropping on the "big kids" I hate to ask this question because the subject grates on me, but isn't there another stakeholder that needs to be considered when discussing health records and VRM? What about the role of government? Uncle Sam has issued some pretty strong regulations about privacy and personal records under HIPAA. **I am not trying to drag us into the public health vs. medical privacy debate.** However, I am pointing out that businesses have to be very careful not to cross regulatory lines as they design and implement VRM systems in certain industries. I know that HIPAA paranoia is rampant in the medical and related fields. BTW. some of Matt's questions can be found in the consumer overview of HIPAA the right to have your medical records information corrected if you and the provider mutually conclude the information is wrong. If there is a dispute between the patient and provider as to the information, the disagreement But Matt's questions do raise another issue for me. If VRM is going to decentralize data that could have an impact on others, won't VRM also have to deal with reliability and verifiability of the data? VRM is going to have to come up with processes to 1) certify and/or 2) lock down data from third parties to prevent modification and misrepresentation.. As a person controls her/his personal data that is supplied by others as well as the level of disclosure, it is important for us to recognize that this power can and will be used for nefarious purposes. I certainly would not be in favor of a patient with a contagious disease altering their records in a manner that would certify perfect health either thru failure to disclose relevant information or falsifying a record. On a final note, there have been a few references to corporate ROI, and not all of those have been positive. I guess I've been one of the "bad guys" all my life :-) My opinion... unless the Getty, Gates, or Buffet foundations are going to build out VRM for philanthropic reasons, VRM will need to demonstrate greater corporate ROI to be adopted by existing corporations. Just demonstrating the same ROI provides no motive for switching costs. This means that the likely candidates to disrupt the current system are not existing companies willing to cannibalize existing strategies. Rather, new companies without ties to the old ways will need to emerge. Therefore, it is not necessarily greedy business managers that are going to need convincing, it's creating compelling ROI arguments for the sources of investment capital. I'm immersed in the VC funding process out here (which is about as much fun as biting on a canker sore.) The VRM community may argue against silos, but the investment community wants to see defensible market and technology strategies before they invest. The first rule is not to expose their investor's capital to undue risk. VC's also want to get excited about how an investment in a company is going to earn them 10-15X on their money in 5 years or they won't play . This VC message is loud and clear about ROI. If we want VRM to be built out, it's up to the VRM proponents to demonstrate how the investment community will make MORE money. A look at all the new investments in clean and green tech show that investment dollars will flow if we make a good business case. I hear the bell signaling the end of recess, so it's back to finger painting One thought that comes to my mind is, even though this is your data, should some of it be locked away from you? For instance, if you interact with your doctor through a similar application, and he uploads some recent tests or whatever. Should you be able to modify that? Will your health records lose some of the authority that might come with information directly from a doctor? Would it be a better situation to let such "authority" figures input data that's non-modifiable to preserve their authority such as with doctor's prescriptions? Would that change the concept of VRM if you could own your data, but not modify all of it because it came from another source?
Pragmatic Project Management
|