I think this outlines some of the challenges for using fourth party as
a defining term for VRM.
---
3. only fourth parties get only temporary access to shares of your
data
4. third and second parties never get access to your data, the
second trusts the third and the third trusts the fourth.
5. fourth parties of your choosing share your data for you
6. only fourth parties can be polled on your behalf
7. fourth parties can not be third parties too
---
Actually, I think these are all wrong.
3: Anyone can get access to your data, if you let them. 2nd/3rd/4th.
It's doesn't matter. 4th party implies a fiduciary relationship, an
agent-client relationship, but that doesn't mean they are the only ones
you give data to. We all give data to Google and Facebook and Twitter
today. They aren't fourth parties.
4: As per my answer to 3, but also 2nd parties may not trust the 3rd
and the 3rd may have no relationship at all with a 4th. Remember, 3rd
party is just someone who operates on the platform of the 2nd party,
e.g., 3rd party software like an app on your Android. That doesn't mean
Verizon or Google trusts the app developer.
5: fourth parties might share data for me, or not. Facebook shares data
for me, but they aren't a fourth party. They are a personal data store
with their own distinct interest, which only occasionally overlaps with
their users'.
6: Anyone can be polled on my behalf. Think of Equifax getting a credit
report query or a DMV response from an insurance company. Neither DMV
nor Equifax are fourth parties, but they are being polled to get data
about me, and in a VRM world, under my permission.
7: Fourth parties are third parties, because third party just means
they aren't the 1st or 2nd party in the primary transaction. Even in
Real Estate, agents often take both pieces of the transaction, as both
buyer's and seller's agents. I think this is bad, but I think the
distinction is much clearer if you discuss customer agents and vendor
agents.
A number of us have been moving away from "4th party" as a term because
it inspires exactly this sort of categorization of the roles, and yet
we know lots of cases where the categorizations makes numerical sense
without mapping to the important VRM considerations. Instead, at IIW
and PII there seemed to be consensus that "agent" is a term well rooted
in both the vernacular and law. As David Scott pointed out, there are
still lots of variables in an agency relationship, and those variables
can still cause problems, but "agent" is a framing of the desired
relationship that builds on previous expectations rather than requiring
a new framework to be fleshed out, as "4th party" does.
Also, as I've argued before, ultimately every enlightened company will
see itself as a "4th party", as the champion of the user. We've seen
this happen with folks from Google who honestly and reasonably argued
that Google's primary focus was helping individuals find things. No
company wants to be seen as antagonistic to their customers, so every
single one will find ways to paint themselves as serving the customer's
needs first. "Agent" offers a bright line against that encroachment
while 4th party unfortunately allows a certain blurring of the line
because it is a new word.
-j
.
Joe Andrieu
">
+1 (805) 705-8651
On 6/16/2011 2:19 PM, Gon Zifroni wrote:
"
type="cite">
Devon hi,
Yes and no, it seems to me like a potential leak.
Since it is a construction built on trust, if you decide to
trust a second (vendor) or third (platform, right?) party with the same
privileges as the fourth party then yes, but you clearly entrust it
with your data. Even if it is granular typically you'll have repeat
interactions (subsequent or at a later time).
i.e. By trusting the second or third party for that role of
managing your identity (who you are) and data (what I do, who I know,
where I am, where I go, what I like, what I buy, what I want, etc) you
open up to tracking and profiling based on repeat exchanges (not just
transactions I believe).
How did you see it though? I was also thinking of the PGP architecture.
Gon
On 16 Jun 2011, at 11:07, Devon Loffreto wrote:
Ill submit an edit:
First part #7 = 4th parties can be first, second and third
parties, but can only authenticate one role per transaction.
Devon Loffreto
On Thu, Jun 16, 2011 at 9:18 AM, Gon
Zifroni <
" target="_blank">
>
wrote:
Hi list, I've been following silently for the last year and
took part in IIW 11 last year.
I'm not sure if I got everything right with the terminology,
but from what I can synthesize it seems to me we're talking about a
system like so:
In a VRM system...
1. your data is private
2. your data is yours
3. only fourth parties get only temporary access to shares
of your data
4. third and second parties never get access to your data,
the second trusts the third and the third trusts the fourth.
5. fourth parties of your choosing share your data for you
6. only fourth parties can be polled on your behalf
7. fourth parties can not be third parties too
Let me flesh this out a little bit further:
1. TOS, your data is your legal private property
2. You are the only one who has complete access to all of
your data. Even if it is in the cloud, you are the only one authorized
full access at any given time.
3. Only fourth parties are allowed to get and index only
portions of your data, and you can set for how long that data is
retained.
4. They can index it along with other people's data so they
can be queried by third and second parties. The query is not a query
for data but a query for matching people. The fourth party only returns
to third parties the number of matching people not their identity nor
data about them. Second parties can connect with first parties via the
current fourth party.
5. In terms of data storage and indexing it is a federated
system like email whereby you can choose your fourth party and have
several for different kind of data if you choose for it, jsut like
people have several email accounts.
6. see 4.
7. Fourth parties cannot make use of your data.
I'm not sure if this is exactly the logic but I thought,
given the Google Wallet discussion (I think it'd be a mistake to let it
aggregate, index and know about all of your transactions, see 7), that
it is a good moment to zoom in and draft an architecture that by its
nature keeps data private while maintining certain level of flexibility
and performance. Disclosure: my background is in industrial design and
architecture (housing). I moved to SF to start a LBS with a group of
engineers.
I'm sure this can be further compressed into 3 or 4 basic
rules that qualify any VRM system.
Gon
On 16 Jun 2011, at 03:29, Katherine Warman Kern wrote:
Thanks!
I had meant #4 to cover that, in the sense that
"managing" one's data would include understanding it; but maybe that's
not the case. Gotta think about it....
Doc
On Jun 15, 2011, at 3:44 PM, Jamie Smith wrote:
Thanks Doc, this is a great start.
Would you say that number 4 ('help customers manage') would include
tools to analyse your own data?
Such tools might help you identify your own behavioural or commercial
trends (for example by finding patterns in your travel expenses or your
weekly shopping), and in doing so would help you better a) express
intent (#3) and b) engage (#4).
I suspect that such VRM tools would not necessarily have to have this
characteristic, but if they did, then I'd want it to be a separate and
distinct characteristic from 'help customers manage' - perhaps along
the lines of:
6. VRM
tools help customers better understand their own data. This
is helping the customer discover and expose new value in their
own data sets, on their terms and for their own benefit.
Keen to hear your views.
Jamie
On 15 June 2011 19:07, Doc Searls <
" target="_blank">
>
wrote:
@jamiedsmith tweeted
a pointer to Alex Bogusky's New Conscious Consumer Bill of Rights...
... adding "needs more symmetry of power for
consumers though".
Rather than critique or seek to improve Alex's Bill,
I thought I'd post something we've needed for awhile: a list of
characteristics shared by VRM tools. I did that here:
Here they are:
- VRM
tools are personal. As with hammers, wallets and mobile phones,
people use them as individuals,. They are social only in secondary ways.
- VRM
tools help customers express intent. These include preferences,
policies, terms and means of engagement, permissions, requests and
anything else that’s possible in a free market (i.e. the open
marketplace surrounding any one vendor’s silo or walled garden for
“managing” captive customers).
- VRM
tools help customers engage. This can be with each other, or with
any organization, including (and especially) its CRM system.
- VRM
tools help customers manage. This includes both their own data and
systems and their relationships with other entities, and their systems.
- VRM
tools are substitutable. This means no vendor of VRM tools can lock
users in.
Suggestions and improvements welcome.
Doc
|