Re: [projectvrm] Fourth-party business models (was: RE: Bynamite in the NY Times)

[Joe Andrieu < >]

Drummond,

I like the two parts to the test, although I think we're not quite there yet. (And thanks for the link =)

==
I believe there is still a simple bright line test that defines a 4PSP: they must enter a contract with the user such that: 1) any data provided by the user is portable in or out of the 4PSP (just like money in a bank), and 2) any monetization by the 4PSP of the data provided by the user will only be done with the permission of the user.
==

Arguably, Twitter does meet that test. There are APIs that I can use to get my tweets out and my follower list (who I follow). And I certainly gave Twitter permission to monetize however they see fit.

What Twitter doesn't do is let me extract who follows me in a way that I can continue to reach those individuals outside of their system--or a way to continue to get tweets from those I follow using a service other than Twitter. But you can get those list, there just isn't a way to reach them except by Tweeting or Direct Messaging. I think this is actually one of the bigger flaws in the data portability argument. Data portability isn't the issue. This is about service portability, the ability to replace the service seamlessly without significant hassle or loss.  I can do that with "> because I control the domain name. I can't do that with "> because I don't. And I certainly can't do it with @JoeAndrieu at Twitter.

I agree with Kaliya about the importance of being able to shift providers, like you can a bank... your money is good anywhere. But that is far more than just dataportability. It requires a system of services where each service is real-time replaceable. Banks work because savings and checking accounts and debit cards are standard and interoperable. As a metaphor, it's a starting point, but it doesn't address issues of use very concretely except to suggest we need an FDIC to insure & regulate!

Also, I think the monetization half of the test allows too much room for blanket approvals through Terms of Service that nobody reads. Every user of Facebook and Twitter have given those companies permission to monetize. Google would argue that as well, but their TOS is buried so I think it would have a hard time defending a well-funded legal challenge.

Users have very poor representation in crafting the terms of use. This is mostly about efficiency rather than malice: companies just can't afford the cost of negotiating "fair" deals with every individual user. Even if the options were automated, the variability in legal complexity would be excessive. And in service providers' defense, their first job in creating those TOS agreements is to protect their own behind, not yours.

I feel strongly that the emerging information sharing architecture needs to recognize the two distinct roles of Facilitator and Recipient. Facilitators don't need to view the data to do their job--they could perform their role even if the data is completely encrypted. This includes data hosts and network providers. Recipients on the other hand actually look at the data to provide their service and they should have a stronger liability and accountability for the safe use of that data.

But what that liability and accountability should be is /highly/ dependent on the nature of the data. Obviously, lots of people are willing to give Google their search queries without even thinking about the consequences. That's much less true for our medical and financial history.  In short, it is the killer applications that will craft viable user driven terms of use.  In international gold sales, there is something called Swiss rules, which, perhaps not surprisingly, come from the Swiss government, covering just about every detail of the deal; because it is so thorough and fair to both sides, it is regularly used for transactions outside of Switzerland. I think we are going to find similar patterns around information sharing for Search, personal RFPs, advertising optimization, content filtering, personal analytics, government submissions (IRS, State Dept., etc.), etc. In fact, I would argue that Creative Commons is one of the first models for this type of structured, referenceable permissioning.

First, we agree to the rules we are going to play under, then we play. I'll give you, Mr. Vendor, this data under the rules for a Standard Personal RFP, with you acting as the broker, with confidential Q&A and a protected inbox. And the details of that particular rule set will be determined by the first service provider to credibly ground them and eventually by some quasi-public institution thereafter, until government regulation catches up.

I think it is not only straightforward for a Facilitator to be a "strong" fourth party service provider, I think it is already happening today with hosting services. BlueHost and Rackspace only get money from those who put the data on their servers, no matter who the controlling authority allows to access it. (Three cheers for Rackspace open sourcing their platform, btw...)  They don't /need/ to look at the data on those systems to do their job, although they will offer support services that do.  And if I choose to host my blog at BlueHost--and I do, for the record--they are acting as a Fourth Party Service, giving access to RSS readers and web browsers everywhere using very specific protocols. And I pay for that privilege.

It is much harder to figure out the business model for a 4th Party as a data Recipient generally, because what one company wants to do with the data is not necessarily ok if another company wants to do that. Permissioning Mint to analyze my financials for visualization and advice is different than permissioning QuickBooks to file my taxes. Even though--or perhaps ESPECIALLY becuase--they are now owned by the same company. And, yes, the QuickBooks model is paid by the individual, and could qualify as a "strong" 4th party service if they met the portability requirements. But Mint... not so much. They are a free service, making their money off of lead generation and sales commissions. They make a good case that they aren't beholden to the "advertiser" because they don't care which deals you might accept, but there's a pretty obvious conflict of interest that they are simply glossing over. And yet, I would have no problem considering them a "weak" 4th Party service if they supported service portability.  And most importantly, I think this niche of the "weak" 4th Party will be vital to the entire ecosystem.

What I love most about Mint is that they just went out and built their company without waiting for standards and technologies and interoperability. They just built a killer app. The result: over a million users and a $180 million acquisition by the largest individual-focused financial software company out there, Intuit.

Killer apps. It's all about the killer apps.

-j

Joe Andrieu

 
 ">
 
+1 (805) 705-8651
http://www.switchbook.com

On 7/18/2010 9:41 PM, Drummond Reed wrote:

" type="cite">Joe,

Thanks for another of your usual highly cogent posts.

Just to clear one thing up: when I use the banking metaphor, it's not because of ownership. I still refer people to your blog post whenever that subject comes up.

I understand the deep difference between financial transactions and data sharing. The former is simple credit/debit; the latter is a much more complex form of value exchange that can be win/win or lose/lose depending on the data sharing relationship -- and only users themselves are in a position to make that call.

However, even though the value propositions involved with data sharing can be complex and subtle, I believe there is still a simple bright line test that defines a 4PSP: they must enter a contract with the user such that: 1) any data provided by the user is portable in or out of the 4PSP (just like money in a bank), and 2) any monetization by the 4PSP of the data provided by the user will only be done with the permission of the user.

By this test:

* Google, Twitter, and Facebook today are not 4PSPs. But they could become one by instituting: a) a full portability policy, and b) a permissioning model. (Would lead to some really fascinating possiblities.)

* Bynamite is not yet a 4PSP (but could become one).

* Advertising -- or enhanced advertising -- is not "by definition" off the table for a 4PSP. The 4PSP just needs to have the user's permission to use the user's data to produce the advertising revenue. But when you apply this new approach to advertising, suddenly some very interesting new dynamics kick it. To wit:

-- Since, as I love to quote Doc, "there is no demand for messages",i.e., the value to users of any form of advertising (permissioned or not, targetted or not) is minimal. So if an advertiser is willing to pay enough to the 4PSP to cover the 4PSP's costs of providing the service and still make a profit, then users are very likely to give the 4PSP permission to monetize their data through advertising to pay for the service.

-- When this value proposition -- the tradeoff of data exposure to the advertiser in order to pay for the service -- is put directly in front of the user, now the user actually has two choices with regard to the advertising: a) avoid it completely by paying for the service, or b) accept it but have it be more rather than less relevant. In the latter case the user has some (not much, but some) incentive to provide data that helps with relevance. Of course, the more that same data is needed by the 4PSP to provide the insanely great service that Joe advocates (and I advocate!), the easier it is for the user to provide that data. So, although it sounds funny, it ends out being a virtuous cycle: the better the service, the better the data, the better the advertising, the better the service -- and round it goes.

-- Since the user is now directly in the permissioning loop, the 4PSP can also consider incentives on the user's side. For example, offering more features for more/better data.

Definitely a sustainable model IMHO.

=Drummond

On Sun, Jul 18, 2010 at 8:05 PM, Joe Andrieu < "> > wrote:

Drummond & Doc,

I gotta say, the banking metaphor as discussed is profoundly flawed. It isn't about ownership.

Banks in fact use the money you put in for their own investments. It is core to their business model. And, before the Great Depression triggered the creation of the FDIC, if the bank went bankrupt, you lost everything. Even today, if you have your money in an FDIC-insured bank, only the first $250,000 is insured.

Today, most banks have minimum balances if you want to avoid fees. Why? Because with enough money in your account, they can generate enough revenue to more than compensate for the fees. [As Jay notes in the post he wrote at the same time as I am writing this.]

The key differentiator isn't about who owns the money. It's about the permissions given for using that money. The whole point of putting money in a bank is to exchange the hassle of protecting it for the benefit of investing it.

The missing link in today's datasphere is that data is given without any permissions attached, and the recipients pretty much do whatever they want with it.  We need to move from the age of information to the age of permission. Once vendors have explicit permissions attached to shared information, they have a safe zone in which they can try to generate value, both for the individual and for their own bottom line, just like bankers have clear boundaries about what they are allowed to do with your money. Note that the underregulation of banking is precisely what led to the recent financial crisis and the 50+ years of financial stability before that were the result of strict federal regulation written after most of the world got screwed over by greedy industrialists from the latter half of the 1800s through the 1920s. In other words, plan on needing regulation for this market to stabilize into anything reasonably safe for individuals.

In addition to the two value propositions you mention, Drummond, I suggest you're missing the killer proposition. The one that will actually get us across the void from dreams to reality. It's the same one that is already getting hundreds of millions of people to give their information to online service providers.

c) The 4th Party Service Provider provides a killer application that itself creates more real value for the individual than they retain by withholding the information.

This is the business model behind Google, Facebook, Twitter, and YouTube. People tell Google what they are looking for. They tell Twitter and Facebook what their doing right now, and they upload original video content to YouTube (mostly original). All of these companies then take that information, create value for the individual, and find a way to make value for their shareholders. Although none of these services meet our strict test as a "strong" 4th party, where the only remuneration is from the individual, I assure you, they see themselves as a 4th Party Service working on behalf of the individual. As do most of the right thinking web companies out there. Only a few bad apples actually see an exploitable gap where they can abuse trust and naivete to make a quick buck. Those companies don't survive in the long term. One I know of directly saw their conversion rates drop to 10% of what they were once they dropped the acquisition practices that were generating Congressional hearings. Ultimately, companies must build for sustainable value for their end-users. Sure, many of those creating real value will use coercive techniques to extend any privileged advantage they might gain... can we say Apple?... but at the core, it's about making a product that creates value for individuals, and despite my complaints about their closed system, Apple does a great job creating amazing value for their customers.

So, I posit that what we need is a killer app that seemlessly connects user-permissioned information sharing with third and fourth party information recipients. I don't think it is about scale or infrastructure. Building scale or interoperability before you've validated customer demand is a recipe for elegant solutions to irrelevant problems. We've seen that time and time again its the never-ending death spiral of the theoretically brilliant Silicon Valley startups that just couldn't get enough users to pay the bills.

Solve a real problem for real users. Do it while maximizing user control & authority. And then get more users using it. Then you'll be on the way to realizing a serious 4th Party Service.

As for whether or not advertising can support a 4PSP, as I've said before, Doc and I have different opinions on that. If you demand a "strong" 4th party, their /only/ remuneration would come from the end-user. That's an easy definition. But I think that is most likely to happen only in high margin transactions or when the individual is self-hosting and acting as their own 4th party.

That leaves a vast portion of the market where individuals won't want to pay up front and will be willing instead to accept advertising. Just like Google. I think the market for a for-fee based Google with no ads is minimal.  Doc's history in the PR business has burned out his tolerance for the industrial mode of attention-jamming advertising--and I share his distaste of the excess of that mode--but the fact remains that advertisers don't want to waste their money on you if you aren't going to appreciate their product. In a perfect world, any and all advertisements would be context-appropriate, respectful of the audience, and appreciated and valued by the viewer. In that world, ads /can/ be a good thing. The Super Bowl ad phenomenon is one riff on that, where many people want to see the ads as much as the game. So is the current Old Spice campaign.  Companies will always invest in trying to reach individuals. And that will be called advertising when it uses a paid communications channel. Doc's view is that VRM isn't about advertising and I agree. But there will be lots of VRM inspired companies whose business model will be based on facilitating transactions, making money on impressions, clicks, leads, and purchases, in other words companies paid by advertisers.  If those solutions are also user driven in the sense I've written about before, then IMO there's no reason not to consider them VRM companies or even 4th Party Service Providers. Where Doc & I agree is that companies that are setting out to reinvent advertising are starting from the opposite side of the relationship. However, I argue there is still plenty of room for better advertising to result from--and to finance--properly constructed VRM solutions.

-j

Joe Andrieu

 
 "
 target="_blank">
 
+1 (805) 705-8651
http://www.switchbook.com
    

On 7/18/2010 6:17 PM, Drummond Reed wrote:

True fourth-party business models for VRM are not easy. As Doc says, their starting point has to be that the fourth party has zero capability to do anything with the user's data without the user's permission.

It's like banking. The money (data) belongs to the accountholder (user), not the bank (fourth-party service provider).

So, from a conceptual level, fourth-party business models have to roughly parallel to those involved with banking, i.e., involve either:

a) Users paying the 4PSP for services rendered (the same way buyers pay a buyer's agent in real estate, or some accountholders pay their bank for services like online banking)

b) The 4PSP making money acting as an agent for the user's data -- with the user's permission -- and being paid a commission on the transaction. In this case the vendor is essentially paying the user, and the user is sharing some of that revenue with the 4PSP.

Both of these require: a) tech infrastructure, and b) scale, before they can start to produce real profits. Which is why this new market is taking so long to form.

But once it starts forming, it should grow quickly for the same reasons credit card usage grew quickly -- the convenience and cost savings are enormous.

=Drummond

On Sun, Jul 18, 2010 at 5:27 PM, Jay Gairson < " target="_blank"> > wrote:

I would like to echo Jon on thanking you for the analysis, it was helpful and interesting.  I approached them with a cynical lens also, but decided to take them at face value and watch to see where they go.  I also contacted their support since the add-on did not work for me.  As part of that conversation, I ended up referring them to Project VRM (which might be why I was a bit defensive in my response to you).

I think we would disagree on buyers' agents in real estate.  Then again, I think both agents are unnecessary and often make the real estate process more painful;

I wonder, isn't there a place in the middle?  A hybrid that serves both the consumer and the commercial party?  By enabling a user to have control over their data, it would allow them to completely opt-out if they chose, or to opt-in as they desired.  I know there are times when I want advertising (like when I am searching for a product), but most of the time I find it needlessly distracting.

It will be interesting to see how they turn out.

Jay

On Jul 18, 2010, at 5:17 PM, Doc Searls wrote:

I don't mean to be harsh, and I'm glad to help them out, if they're looking to make money some way other than by selling advertisers better leads.

I do like that they care about users having control of their own data. But to frame that need in the context of getting better advertising is not VRM.

Maybe it's still formative enough that we could talk with them about possibilities.

LendingTree is a fourth party. So are buyers' agents in real estate. So are stock brokers.

But we do need to develop the concept further. Some of us are working on that. :-)

Doc

(at 2:16am in Paris. bleary here...)

At 4:44 PM -0700 7/18/10, Jay Gairson wrote:

Doc,

I might be misinterpreting, but reading your message comes across that we should throw out an idea that is obviously still formative because it is not perfect at its inception.  Surely that cannot be your intent.  If they came asking you to Project VRM seeking insight shouldn't it be encouraged?

Does anyone actually have a Fourth Party model that is financially viable?  I cannot think of any that are not dependent upon grants or financiers.  While change can happen from the outside, if you cannot finance that change you are stuck.

My problem with it is that the NYTimes article makes it sound like they are paying back to the user somehow, not just by improving the quality of the advertisements they view.  Unfortunately, at this stage of their product it appears that there is no user incentive ... unless the user wants better advertisements.

Of course, I have no idea who Ginsu Yoon is beyond someone who worked at Second Life, so there may be history there that makes this response entirely reasonable ... but I am unaware of it.

- Jay

On Jul 18, 2010, at 3:59 PM, Doc Searls wrote:

Looks at first like Bynamite is a fourth party. Meaning they work for you and me, not for sellers. (Also known in this context as advertisers.)

Their site:

http://www.bynamite.com/

I'll now go exploring...

Okay, requires a Firefox plugin.

Trying it out.

Hmm... Okay. They want to plug into my purchase history with Amazon. Like Blippy.

Before I say yes to that, I'll visit their pitch and their pages.

First the pitch.

Sez the home page...

They're Watching

The Internet is filled with advertisers that constantly collect information about you. What they know about you can get creepy, especially when they use that knowledge to bug you about things you don't like.

Fine so far. Then...

Take Control

You should always be in control over what advertisers know about you - you should be able to see it, change it, and delete it. If they won't give you control, they shouldn't use your information.

Again, okay, but I'm not crazy about advertisers "giving" me control. I want that to be mine in the first place.

Then the real pitch:

Get Yours

When you have control over how advertisers view you, you hear about things you're actually interested in - rather than bad guesses based off of that thing you bought for your mom.

Aw fuck.

Look, I don't just want better advertising. And I don't believe controlling what data advertisers get is going help me much at all.

Improving a pain in the ass doesn't make it a kiss.

Back to the site.

Question Number ONe: HOw do they make money? Dunno yet...

Their privacy policy: <http://bynamite.com/privacy.shtml>

The World's Most Honest Privacy Policy

A lot of people think that "Privacy Policy" describes how websites keep your information private. Wrong! Many of them actually say just the opposite: They describe how the website will take and use your information and share it with others, giving you very little control over what happens to your information.

Our policy is The World's Most Honest Privacy Policy because we're admitting right here that this policy isn't really about privacy. It's about control: Who controls what happens to your information after we collect it?

Our answer: You do. You control all of the information that you send to us. You can always see it, change it, and hide it. We're here to give you control. It's your information, and the main goal of our service is to try to make everyone else respect your control as much as we do."

Okay, so what about the three tracking services that followed me onto the site:

Google Analytics, CrazyEgg and ChartBeat? Far as I know, none of those collect personal info. But they still creep me a bit.

More from their Privacy Policy <http://bynamite.com/privacy.shtml>:

"This service is about putting your information in a place that gives you control over it, and demanding that advertisers give you the same control that we do. If you don't store any information with us, then you'll be making a demand that advertisers have no reason to obey."

Not sure what to make of that.

Their terms are here:

<http://bynamite.com/terms.shtml>

As always, the big question is what happens to your data if the company gets sold. Not answered here.

The FAQ is here:

http://bynamite.com/faq.shtml

No answer to the money question here, where it should be.

But there is a Question Forum. Here's where the answer happens...

How does Bynamite make money? I don't see a revenue stream here.

by anonymous | 1 comment

Status: under review

Glad you asked! Our thoughts are in the comments.

Default-avatar Ginsu Yoon Admin

A pause to point out that it's Ginsu Yoon's company.

   1. Comments

   1.

      Default-avatar

      Admin

      Ginsu Yoon

      Excellent question, thank you.

Note: When somebody says "Good question," it's usually because they don't have an answer. When they say "Excellent question," it's usually because they have a prepared answer for an uncomfortable question. Just a little body language tip for reading promotional text.

 Our first order of business is to give consumers a view of what advertisers know about them - a view that is interesting, informative and engaging. And that view also has to be one that advertisers are incented to respect.

Incented?

      Once we're able to establish that, there are a number of potential ways to make money, but we are restricted by the fact that the entire purpose of our product is to empower users above advertisers.

Tell that to your investors, if you can get any. (The New York Times piece kind of suggests they don't have any yet.)

 So we can't surreptitiously sell user data to advertisers, for example. Everything we do has to be transparent to the user, and for the benefit of consumers.

      This still leaves us with several interesting avenues. For example, we could charge advertisers (or really, ad networks) for the interchange of information that the users permit to be known by all compliant advertisers (in this view, a "compliant" advertiser is one that gives the user both transparency and control). There are possible compliance services and systems related to this as well.

      However, as you can probably see, it's still early enough in the product's development that we're open to any revenue model that serves our basic mission, which is to give consumers more control over advertisers. I would welcome any suggestions in these comments. Thanks!

In other words, their only revenue model is to charge advertisers for better leads, because that's the only one he can talk about.

That makes them a third party to advertisers, not a fourth party working for customers.

Then there is this from the Times piece

http://www.nytimes.com/2010/07/18/business/18unboxed.html

In a few years, Mr. Yoon says, a person's profile of interests could be the basis for micropayments or discounts. A media company, for example, might charge a monthly subscription fee of $10 for news or entertainment programming, but offer it for $8 to those who exchanged their preference wallets.

Can't wait for that.

So count me out.

Still, the tough question for VRMers in respect to fourth parties is, Would you pay a company to help you manage your own data, and your own relationships? Especially if that kind of company were substitutable -- like a bank?

Because one challenge for VRM is to suggest business models that are not just about improving advertising. Which Bynamite clearly is.

Doc

At 8:35 AM -0700 7/18/10, Christopher Carfi wrote:

I second Jon's pointer to that piece in the NYT. 

On Jul 18, 2010, at 8:14 AM, Jon Lebkowsky < " target="_blank"> > wrote:

"Our view is that it's not about privacy protection but about giving users control over this valuable resource - their information."  - Ginsu Yoon, Bynamite.  http://www.nytimes.com/2010/07/18/business/18unboxed.html?_r=1

Esther Dyson posted a pointer to this piece entitled "User-Managed Privacy Tools." http://www.huffingtonpost.com/esther-dyson/release-90-user-managed-p_b_650383.html

Esther says "It may be simply that its time has finally come... Facebook et al. have accustomed users to managing their own data - and Bynamite wants to help them to do that Web-wide rather than merely on Facebook (and all the places it reaches with Open Graph). Behavioral targeting is also gaining traction recently; it's the same idea, except with the marketers in control watching the consumer surreptitiously rather than communicating with her."

~ Jon

--
Jon Lebkowsky
+1 512.762-6547
http://weblogsky.com

twitter: http://twitter.com/jonl
facebook: http://facebook.com/jonlebkowsky
linkedin: http://linkedin.com/jonlebkowsky