The Path to users making money from Privacy

The big deal is that privacy and security is not a big deal in Silicon Valley. While technorati tripped over themselves to congratulate Mr. Morin on finessing the bad publicity, a number of concerned engineers e-mailed me noting that the data collection was not an accident. It would have taken programmers weeks to write the code necessary to copy and organize someone’s address book. Many said Apple was at fault, too, for approving Path for its App Store when it appears to violate its rules.

David Jacobs, a fellow with the Electronic Privacy Information Center, noted that, once again, an Internet company showed a lack of understanding about the consequences of taking data. Lawyers I spoke with said that my address book — which contains my reporting sources at companies and in government — is protected under the First Amendment. On Path’s servers, it is frightfully open for anyone to see and use, because the company did not encrypt the data. Mary Landesman, a senior security researcher at Cisco, says start-ups often do not build apps with security in mind: “Attackers are like electricity; they like to follow the track of least resistance."
Now of course all the Lilies of the Valley (except they spin, and they sew....) rushed to their keyboards to call the NYT names, but this says more about them and who pays their wages (I loved the Arrington showing the belly one). To anyone outside of the (soon to be) vested interests, that Social Media companies make money from your data is blindingly obvious, and thus it should surprise no-one that they are less than careful about user data - after all, users are the not the customer, they are the free lunch. As the NYT concludes, there is a well established path in doing things this way:

At Mr. Morin’s last job at Facebook, his boss Mark Zuckerberg apologized publicly more than 10 times for privacy breaches. It seems the management philosophy of “ask for forgiveness, not permission” is becoming the “industry best practice.” And based on the response to Mr. Morin, tech executives are even lauded for it.

But timing is everything, and this is not what is wanted a few weeks from everyon'e payday, when Facebook IPOs and the blue toucghpaper of the Social Media bubble is lit.

But there was another article in the NYT though which was very interesting, about users being paid for their data.

People have been willing to give away their data while the companies make money. But there is some momentum for the idea that personal data could function as a kind of online currency, to be cashed in directly or exchanged for other items of value. A number of start-ups allow people to take control — and perhaps profit from — the digital trails that they leave on the Internet. “That marketplace does not exist right now, because consumers are not in on the game,” said Shane Green, who founded a company called Personal in 2009.

The idea behind Mr. Green’s company involves two steps. First, his team created a series of personal data vaults, which contain thousands of data points about its users (the company calls them owners). This data can be as prosaic as birth dates, or as specific as someone’s preference for spicy foods. People control what information they share and remove data they don’t want to share at any time.

The problem is that companies don’t need to pay for the information when they get it free.

“The killer app isn’t here yet,” said William Hoffman, who is working on a multiyear study of the economics of personal data for the World Economic Forum. But with increased consumer awareness of the value of that information — Facebook could be worth as much as $100 billion — that may soon change. “I’m willing to bet that within the next 12 months something big will catch on,” he said.

This is something that has interested me for years - about 15 years ago we participated in a Futurist conference and one of the big things that came out of it was that there would be a premium on the Net Present Value of the User's future income, and a race for their personal data would begin - what was also clear is that initially the service providers would try and pay as liitle as possible (the model at the time was supermarket loyalty cards) but the belief was that online, people would use tools to bargain their data at higher value - so far, not so good though, as social networking and gamification of applications makes users throw it away.

I have always hoped that VRM style tools may emerge for this, but not yet. Still, lets see what happens in the next 12 months - the technology is available, and they say all things carry the seeds of their own destruction.